Skip to content

Add is_shared and runner_type to hooks and API responses

What does this MR do?

Prior to !54466 (merged) the payload of the job event webhook included a runner is_shared attribute.

The ci_runner.is_shared column was retired in gitlab-foss!20172 (merged) and removed in !54466 (merged). However, the runner API GET /runners/:id API still includes an is_shared attribute, which is now derived from the ci_runner.runner_type column.

This MR adds back the missing is_shared attribute to webhook payloads. Additionally, it adds scope to both the API and webhook payload.

Screenshots (strongly suggested)

Webhook configuration:

image

Webhook payload:

image

REST API:

image

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Testing webhooks

  1. Create a new webhook sing at https://requestbin.com/
  2. Assuming a local project http://gdk.localhost:3000/root/playground, navigate to http://gdk.localhost:3000/root/playground/-/hooks
  3. Create a new webhook by:
    1. pasting the URL from https://requestbin.com/ into the URL box
    2. in the triggers section, check Job events and Pipeline events
    3. clicking Add webhook
  4. In the new webhook's Test button, click the Job events and Pipeline events items.
  5. The https://requestbin.com/ page should now have 2 webhook calls. Those calls should include is_shared and type attributes
Job payload example
{
    "object_kind": "build",
    "ref": "var-in-var-test",
    "tag": false,
    "before_sha": "0000000000000000000000000000000000000000",
    "sha": "23eec7c9177a6b2c8e54a3f62ac25aef40865a78",
    "build_id": 1067,
    "build_name": "test",
    "build_stage": "test",
    "build_status": "failed",
    "build_created_at": "2021-05-26T08:49:34.371Z",
    "build_started_at": "2021-05-26T08:49:43.784Z",
    "build_finished_at": "2021-05-26T08:49:49.658Z",
    "build_duration": 5.874013,
    "build_queued_duration": 9.306865,
    "build_allow_failure": false,
    "build_failure_reason": "script_failure",
    "pipeline_id": 127,
    "runner": {
        "id": 2,
        "description": "docker-runner - updated",
        "type": "project_type",
        "active": true,
        "is_shared": false,
        "tags": [
            "mac",
            "gdk",
            "docker"
        ]
    },
    "project_id": 20,
    "project_name": "Administrator / playground",
    "user": {
        "id": 1,
        "name": "Administrator",
        "username": "root",
        "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
        "email": "admin@example.com"
    },
    "commit": {
        "id": 127,
        "sha": "23eec7c9177a6b2c8e54a3f62ac25aef40865a78",
        "message": "Update .gitlab-ci.yml",
        "author_name": "Administrator",
        "author_email": "admin@example.com",
        "author_url": "http://gdk.localhost:3000/root",
        "status": "created",
        "duration": null,
        "started_at": null,
        "finished_at": null
    },
    "repository": {
        "name": "playground",
        "url": "ssh://git@gdk.localhost:2222/root/playground.git",
        "description": "",
        "homepage": "http://gdk.localhost:3000/root/playground",
        "git_http_url": "http://gdk.localhost:3000/root/playground.git",
        "git_ssh_url": "ssh://git@gdk.localhost:2222/root/playground.git",
        "visibility_level": 20
    },
    "environment": null
}
Pipeline payload example
{
    "object_kind": "pipeline",
    "object_attributes": {
        "id": 127,
        "ref": "var-in-var-test",
        "tag": false,
        "sha": "23eec7c9177a6b2c8e54a3f62ac25aef40865a78",
        "before_sha": "0000000000000000000000000000000000000000",
        "source": "web",
        "status": "created",
        "detailed_status": "created",
        "stages": [
            "test"
        ],
        "created_at": "2021-05-26T08:37:31.070Z",
        "finished_at": null,
        "duration": null,
        "queued_duration": null,
        "variables": [
            {
                "key": "PASSWORD",
                "value": "my_$$_variable"
            }
        ]
    },
    "merge_request": null,
    "user": {
        "id": 1,
        "name": "Administrator",
        "username": "root",
        "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
        "email": "admin@example.com"
    },
    "project": {
        "id": 20,
        "name": "playground",
        "description": "",
        "web_url": "http://gdk.localhost:3000/root/playground",
        "avatar_url": null,
        "git_ssh_url": "ssh://git@gdk.localhost:2222/root/playground.git",
        "git_http_url": "http://gdk.localhost:3000/root/playground.git",
        "namespace": "Administrator",
        "visibility_level": 20,
        "path_with_namespace": "root/playground",
        "default_branch": "master",
        "ci_config_path": null
    },
    "commit": {
        "id": "23eec7c9177a6b2c8e54a3f62ac25aef40865a78",
        "message": "Update .gitlab-ci.yml",
        "title": "Update .gitlab-ci.yml",
        "timestamp": "2021-05-26T08:36:16+00:00",
        "url": "http://gdk.localhost:3000/root/playground/-/commit/23eec7c9177a6b2c8e54a3f62ac25aef40865a78",
        "author": {
            "name": "Administrator",
            "email": "admin@example.com"
        }
    },
    "builds": [
        {
            "id": 1067,
            "stage": "test",
            "name": "test",
            "status": "failed",
            "created_at": "2021-05-26T08:49:34.371Z",
            "started_at": "2021-05-26T08:49:43.784Z",
            "finished_at": "2021-05-26T08:49:49.658Z",
            "duration": 5.874013,
            "queued_duration": 9.306865,
            "when": "on_success",
            "manual": false,
            "allow_failure": false,
            "user": {
                "id": 1,
                "name": "Administrator",
                "username": "root",
                "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
                "email": "admin@example.com"
            },
            "runner": {
                "id": 2,
                "description": "docker-runner - updated",
                "type": "project_type",
                "active": true,
                "is_shared": false,
                "tags": [
                    "mac",
                    "gdk",
                    "docker"
                ]
            },
            "artifacts_file": {
                "filename": null,
                "size": null
            },
            "environment": null
        }
    ]
}

Testing REST API

  1. Create an access token, e.g. in http://gdk.localhost:3000/root/playground/-/settings/access_tokens

  2. Open a terminal window and export that token:

    export GITLAB_TOKEN='<your-token>'
  3. Request all the runners accessible by that token:

    $ curl -s --header "PRIVATE-TOKEN: $GITLAB_TOKEN" "http://gdk.localhost:3000/api/v4/runners" | jq
    [
      {
        "id": 2,
        "description": "docker-runner - updated",
        "ip_address": "127.0.0.1",
        "active": true,
        "is_shared": false,
        "type": "project_type",
        "name": "gitlab-runner",
        "online": false,
        "status": "offline"
      }
    ]

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Closes #332193 (closed)

Merge request reports

Loading