Skip to content

Add initial support for CI Web Terminal

What does this MR do?

Moved from !857 (closed)

Executor Support

  • kubernetes
  • shell (bash)

Behavior

  • User clicks on terminal, user will be redirected to terminal page
  • Open terminal connection
  • If job finishes and terminal window is open, it will be blocked untill terminal_max_retention_time passes or user closes terminal window

Technical details

Create session server to be able to connect to the runner job currently with only 1 endpoint /exec which is the endpoint used to to create a new terminal session. The terminal session is working through WebSockets following https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/doc/terminal.md

User starts pipeline =>
    runner sends session information to job =>
        rails show "Terminal" button if session info is sent
        rails store session info in `ci_builds_runner_session` table =>
            User clicks on "Terminal button =>
                rails sends request to _workhorse_ to handle websocket connection =>
                    runner checks if authorization is correct and starts a new connection to the terminal depending on the executor     
```

## Whats needed from this MR?

Below you can find a list of things that must/should be done ordered by priority from top down. `Must have` are absolutely needed before this MR is acceptable for merging. 

### Must have

- [x] Documentation _(2-3 days)_
    - [x] Configuration
    - [x] Compatability chart gitlab-org/gitlab-ce!20719
    - [x] Development 
    - [x] Available features gitlab-org/gitlab-ce!20719
    - [x] Limitations (only when job is running) gitlab-org/gitlab-ce!20719
- [x] Move `gitlab-terminal` under its `gitlab-org` organization _(1 day, help needed to create project)_
- [x] Extract `Terminal` interface as discussed in https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/934#note_88833948 _(3-4 days)_
- [x] Improve logging of the terminal 
- [x] Make pipeline green _(1 day)_
- [x] Resolve open discussions _(2 days)_
- [x] Authorization for session/exec endpoint _(2 days)_ <br/> Generating any kind of ID that will be sent to rails and back to us to confirm the request came from the rails application. 
- [x] Tests _(3-4 day)_
    - [x] Kubernetes executor
    - [x] Shell executor
    - [x] Session server
    - [x] handleSessionRequest handler 
- [x] Fix windows build _(1 day)_

### Should have

- [x] Create `session` package to handle authorization/routes/setting up session server _(2 days)_

### Could have _(can be moved to separate issues)_

- [x] Enable/Disable session server from config gitlab-org/gitlab-runner#3471
- [ ] Currently, when certificates are not created runner crashes, we can have it fail silently
- [x] Add docker+machine support gitlab-org/gitlab-runner#3467
- [x] Add docker support gitlab-org/gitlab-runner#3467
- [x] Keep job available for 5min for the user to be able to debug gitlab-org/gitlab-runner#3468
- [x] Auto renew certificates gitlab-org/gitlab-runner#3470

## Why was this MR needed?

Previous work was being made on gitlab-org/gitlab-runner!857 which was moved here.

## Are there points in the code the reviewer needs to double check?

## Does this MR meet the acceptance criteria?

- [x] Documentation created/updated
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)

## What are the relevant issue numbers?

gitlab-org/gitlab-ce#25990

Old MR gitlab-org/gitlab-runner!857
Edited by Tomasz Maczukin

Merge request reports