Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Broker fixes for token refreshes and AccessDeniedException #3161

Merged
merged 7 commits into from
Feb 21, 2024

Conversation

luketomlinson
Copy link
Contributor

This PR:

  1. Fixes an issue where we would always refresh the token when redirecting to Broker via BrokerMigrationMessage
  2. Throws the proper AccessDeniedException when we get a 403 from /messages

@luketomlinson luketomlinson requested a review from a team as a code owner February 21, 2024 15:07
@luketomlinson luketomlinson merged commit 3449d5f into main Feb 21, 2024
10 checks passed
@luketomlinson luketomlinson deleted the luketomlinson/runner-fixes branch February 21, 2024 21:43
lumiere-bot bot referenced this pull request in coolguy1771/home-ops Feb 27, 2024
…314.0 ) (#4273)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/onedr0p/actions-runner](https://ghcr.io/onedr0p/actions-runner)
([source](https://github.com/actions/runner)) | minor | `2.313.0` ->
`2.314.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/runner (ghcr.io/onedr0p/actions-runner)</summary>

###
[`v2.314.0`](https://github.com/actions/runner/releases/tag/v2.314.0)

[Compare
Source](https://github.com/actions/runner/compare/v2.313.0...v2.314.0)

##### What's Changed

- Prepare v2.313.0 Release by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3137](https://github.com/actions/runner/pull/3137)
- Pass RunnerOS during job acquire. by
[@&#8203;TingluoHuang](https://github.com/TingluoHuang) in
[https://github.com/actions/runner/pull/3140](https://github.com/actions/runner/pull/3140)
- Process `snapshot` tokens by
[@&#8203;davidomid](https://github.com/davidomid) in
[https://github.com/actions/runner/pull/3135](https://github.com/actions/runner/pull/3135)
- Update dotnet sdk to latest version
[@&#8203;6](https://github.com/6).0.419 by
[@&#8203;github-actions](https://github.com/github-actions) in
[https://github.com/actions/runner/pull/3158](https://github.com/actions/runner/pull/3158)
- handle broker run service exception handling by
[@&#8203;yaananth](https://github.com/yaananth) in
[https://github.com/actions/runner/pull/3163](https://github.com/actions/runner/pull/3163)
- Add a retry logic to docker login operation by
[@&#8203;enescakir](https://github.com/enescakir) in
[https://github.com/actions/runner/pull/3089](https://github.com/actions/runner/pull/3089)
- Broker fixes for token refreshes and AccessDeniedException by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3161](https://github.com/actions/runner/pull/3161)
- Remove USE_BROKER_FLOW by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3162](https://github.com/actions/runner/pull/3162)
- Refresh Token for BrokerServer by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3167](https://github.com/actions/runner/pull/3167)
- Better step timeout message. by
[@&#8203;TingluoHuang](https://github.com/TingluoHuang) in
[https://github.com/actions/runner/pull/3166](https://github.com/actions/runner/pull/3166)

##### New Contributors

- [@&#8203;davidomid](https://github.com/davidomid) made their first
contribution in
[https://github.com/actions/runner/pull/3135](https://github.com/actions/runner/pull/3135)
- [@&#8203;enescakir](https://github.com/enescakir) made their first
contribution in
[https://github.com/actions/runner/pull/3089](https://github.com/actions/runner/pull/3089)

**Full Changelog**:
actions/runner@v2.313.0...v2.314.0

*Note: Actions Runner follows a progressive release policy, so the
latest release might not be available to your enterprise, organization,
or repository yet.
To confirm which version of the Actions Runner you should expect, please
view the download instructions for your enterprise, organization, or
repository.
See
https://docs.github.com/en/enterprise-cloud@latest/actions/hosting-your-own-runners/adding-self-hosted-runners*

##### Windows x64

We recommend configuring the runner in a root folder of the Windows
drive (e.g. "C:\actions-runner"). This will help avoid issues related to
service identity folder permissions and long file path restrictions on
Windows.

The following snipped needs to be run on `powershell`:

```powershell

##### Create a folder under the drive root
mkdir \actions-runner ; cd \actions-runner

##### Download the latest runner package
Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-win-x64-2.314.0.zip -OutFile actions-runner-win-x64-2.314.0.zip

##### Extract the installer
Add-Type -AssemblyName System.IO.Compression.FileSystem ;
[System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-x64-2.314.0.zip", "$PWD")
```

##### \[Pre-release] Windows arm64

**Warning:** Windows arm64 runners are currently in preview status and
use [unofficial versions of
nodejs](https://unofficial-builds.nodejs.org/). They are not intended
for production workflows.

We recommend configuring the runner in a root folder of the Windows
drive (e.g. "C:\actions-runner"). This will help avoid issues related to
service identity folder permissions and long file path restrictions on
Windows.

The following snipped needs to be run on `powershell`:

```powershell

##### Create a folder under the drive root
mkdir \actions-runner ; cd \actions-runner

##### Download the latest runner package
Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-win-arm64-2.314.0.zip -OutFile actions-runner-win-arm64-2.314.0.zip

##### Extract the installer
Add-Type -AssemblyName System.IO.Compression.FileSystem ;
[System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-arm64-2.314.0.zip", "$PWD")
```

##### OSX x64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-osx-x64-2.314.0.tar.gz

##### Extract the installer
tar xzf ./actions-runner-osx-x64-2.314.0.tar.gz
```

##### OSX arm64 (Apple silicon)

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-osx-arm64-2.314.0.tar.gz

##### Extract the installer
tar xzf ./actions-runner-osx-arm64-2.314.0.tar.gz
```

##### Linux x64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-linux-x64-2.314.0.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-x64-2.314.0.tar.gz
```

##### Linux arm64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-linux-arm64-2.314.0.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-arm64-2.314.0.tar.gz
```

##### Linux arm

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.0/actions-runner-linux-arm-2.314.0.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-arm-2.314.0.tar.gz
```

##### Using your self hosted runner

For additional details about configuring, running, or shutting down the
runner please check out our [product
docs.](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/adding-self-hosted-runners)

##### SHA-256 Checksums

The SHA-256 checksums for the packages included in this build are shown
below:

- actions-runner-win-x64-2.314.0.zip <!-- BEGIN SHA win-x64
-->70737a3df30ff9bc0b395a0331309aba59da760eb50da4ea2ff5cb768fa7f6e4<!--
END SHA win-x64 -->
- actions-runner-win-arm64-2.314.0.zip <!-- BEGIN SHA win-arm64
-->e4677bbd8fa0a4fcab0491e6865cbd5cb0597eba0690ab8f5b097a15ef8d4554<!--
END SHA win-arm64 -->
- actions-runner-osx-x64-2.314.0.tar.gz <!-- BEGIN SHA osx-x64
-->5d928a482572e84f6c823a5f340e7fddec612cfad108908f4e4ea30cf58e370c<!--
END SHA osx-x64 -->
- actions-runner-osx-arm64-2.314.0.tar.gz <!-- BEGIN SHA osx-arm64
-->4a24368657a5a994e8c4d2c0e4b304005e6b093ebd3081dd03e5e9436ba52b9e<!--
END SHA osx-arm64 -->
- actions-runner-linux-x64-2.314.0.tar.gz <!-- BEGIN SHA linux-x64
-->82ac833f291f0f6b9b546f501043cab1ddb01935281403f435e78ee81a447756<!--
END SHA linux-x64 -->
- actions-runner-linux-arm64-2.314.0.tar.gz <!-- BEGIN SHA linux-arm64
-->cc9d28a9e7b6e9e37dea74ce55f5c314724e7f81225b8e3b0d3eaf1f27a90171<!--
END SHA linux-arm64 -->
- actions-runner-linux-arm-2.314.0.tar.gz <!-- BEGIN SHA linux-arm
-->a90fbc2d0bcce91be2d3d112cffde0c363b33ef9a807c05f238bcd5b75fa26a7<!--
END SHA linux-arm -->

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTQuMSIsInVwZGF0ZWRJblZlciI6IjM3LjIxNC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
lumiere-bot bot referenced this pull request in coolguy1771/home-ops Mar 3, 2024
…14.1 ) (#4287)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/onedr0p/actions-runner](https://ghcr.io/onedr0p/actions-runner)
([source](https://github.com/actions/runner)) | patch | `2.314.0` ->
`2.314.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/runner (ghcr.io/onedr0p/actions-runner)</summary>

###
[`v2.314.1`](https://github.com/actions/runner/releases/tag/v2.314.1)

[Compare
Source](https://github.com/actions/runner/compare/v2.314.0...v2.314.1)

##### What's Changed

- Prepare v2.313.0 Release by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3137](https://github.com/actions/runner/pull/3137)
- Pass RunnerOS during job acquire. by
[@&#8203;TingluoHuang](https://github.com/TingluoHuang) in
[https://github.com/actions/runner/pull/3140](https://github.com/actions/runner/pull/3140)
- Process `snapshot` tokens by
[@&#8203;davidomid](https://github.com/davidomid) in
[https://github.com/actions/runner/pull/3135](https://github.com/actions/runner/pull/3135)
- Update dotnet sdk to latest version
[@&#8203;6](https://github.com/6).0.419 by
[@&#8203;github-actions](https://github.com/github-actions) in
[https://github.com/actions/runner/pull/3158](https://github.com/actions/runner/pull/3158)
- handle broker run service exception handling by
[@&#8203;yaananth](https://github.com/yaananth) in
[https://github.com/actions/runner/pull/3163](https://github.com/actions/runner/pull/3163)
- Add a retry logic to docker login operation by
[@&#8203;enescakir](https://github.com/enescakir) in
[https://github.com/actions/runner/pull/3089](https://github.com/actions/runner/pull/3089)
- Broker fixes for token refreshes and AccessDeniedException by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3161](https://github.com/actions/runner/pull/3161)
- Remove USE_BROKER_FLOW by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3162](https://github.com/actions/runner/pull/3162)
- Refresh Token for BrokerServer by
[@&#8203;luketomlinson](https://github.com/luketomlinson) in
[https://github.com/actions/runner/pull/3167](https://github.com/actions/runner/pull/3167)
- Better step timeout message. by
[@&#8203;TingluoHuang](https://github.com/TingluoHuang) in
[https://github.com/actions/runner/pull/3166](https://github.com/actions/runner/pull/3166)
- Fix summaries for actions results by
[@&#8203;SrRyan](https://github.com/SrRyan) in
[https://github.com/actions/runner/pull/3174](https://github.com/actions/runner/pull/3174)

##### New Contributors

- [@&#8203;davidomid](https://github.com/davidomid) made their first
contribution in
[https://github.com/actions/runner/pull/3135](https://github.com/actions/runner/pull/3135)
- [@&#8203;enescakir](https://github.com/enescakir) made their first
contribution in
[https://github.com/actions/runner/pull/3089](https://github.com/actions/runner/pull/3089)
- [@&#8203;SrRyan](https://github.com/SrRyan) made their first
contribution in
[https://github.com/actions/runner/pull/3174](https://github.com/actions/runner/pull/3174)

**Full Changelog**:
actions/runner@v2.313.0...v2.314.0

*Note: Actions Runner follows a progressive release policy, so the
latest release might not be available to your enterprise, organization,
or repository yet.
To confirm which version of the Actions Runner you should expect, please
view the download instructions for your enterprise, organization, or
repository.
See
https://docs.github.com/en/enterprise-cloud@latest/actions/hosting-your-own-runners/adding-self-hosted-runners*

##### Windows x64

We recommend configuring the runner in a root folder of the Windows
drive (e.g. "C:\actions-runner"). This will help avoid issues related to
service identity folder permissions and long file path restrictions on
Windows.

The following snipped needs to be run on `powershell`:

```powershell

##### Create a folder under the drive root
mkdir \actions-runner ; cd \actions-runner

##### Download the latest runner package
Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-win-x64-2.314.1.zip -OutFile actions-runner-win-x64-2.314.1.zip

##### Extract the installer
Add-Type -AssemblyName System.IO.Compression.FileSystem ;
[System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-x64-2.314.1.zip", "$PWD")
```

##### \[Pre-release] Windows arm64

**Warning:** Windows arm64 runners are currently in preview status and
use [unofficial versions of
nodejs](https://unofficial-builds.nodejs.org/). They are not intended
for production workflows.

We recommend configuring the runner in a root folder of the Windows
drive (e.g. "C:\actions-runner"). This will help avoid issues related to
service identity folder permissions and long file path restrictions on
Windows.

The following snipped needs to be run on `powershell`:

```powershell

##### Create a folder under the drive root
mkdir \actions-runner ; cd \actions-runner

##### Download the latest runner package
Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-win-arm64-2.314.1.zip -OutFile actions-runner-win-arm64-2.314.1.zip

##### Extract the installer
Add-Type -AssemblyName System.IO.Compression.FileSystem ;
[System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-arm64-2.314.1.zip", "$PWD")
```

##### OSX x64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-osx-x64-2.314.1.tar.gz

##### Extract the installer
tar xzf ./actions-runner-osx-x64-2.314.1.tar.gz
```

##### OSX arm64 (Apple silicon)

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-osx-arm64-2.314.1.tar.gz

##### Extract the installer
tar xzf ./actions-runner-osx-arm64-2.314.1.tar.gz
```

##### Linux x64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-linux-x64-2.314.1.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-x64-2.314.1.tar.gz
```

##### Linux arm64

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-linux-arm64-2.314.1.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-arm64-2.314.1.tar.gz
```

##### Linux arm

```bash

##### Create a folder
mkdir actions-runner && cd actions-runner

##### Download the latest runner package
curl -O -L https://github.com/actions/runner/releases/download/v2.314.1/actions-runner-linux-arm-2.314.1.tar.gz

##### Extract the installer
tar xzf ./actions-runner-linux-arm-2.314.1.tar.gz
```

##### Using your self hosted runner

For additional details about configuring, running, or shutting down the
runner please check out our [product
docs.](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/adding-self-hosted-runners)

##### SHA-256 Checksums

The SHA-256 checksums for the packages included in this build are shown
below:

- actions-runner-win-x64-2.314.1.zip <!-- BEGIN SHA win-x64
-->2e1d73c3fe00ad37c359e4f48bd09aa88ef09a46fca16d6f1e94776ccf67fc27<!--
END SHA win-x64 -->
- actions-runner-win-arm64-2.314.1.zip <!-- BEGIN SHA win-arm64
-->acc807696d1dcad6fb45f6038f884185c54c48127445c365e86d03adb164a9e2<!--
END SHA win-arm64 -->
- actions-runner-osx-x64-2.314.1.tar.gz <!-- BEGIN SHA osx-x64
-->3faff4667d6d12c41da962580168415d628e3ffba9924b9ac995752087efc921<!--
END SHA osx-x64 -->
- actions-runner-osx-arm64-2.314.1.tar.gz <!-- BEGIN SHA osx-arm64
-->e34dab0b4707ad9a9db75f5edf47a804e293af853967a5e0e3b29c8c65f3a004<!--
END SHA osx-arm64 -->
- actions-runner-linux-x64-2.314.1.tar.gz <!-- BEGIN SHA linux-x64
-->6c726a118bbe02cd32e222f890e1e476567bf299353a96886ba75b423c1137b5<!--
END SHA linux-x64 -->
- actions-runner-linux-arm64-2.314.1.tar.gz <!-- BEGIN SHA linux-arm64
-->3d27b1340086115a118e28628a11ae727ecc6b857430c4b1b6cbe64f1f3b6789<!--
END SHA linux-arm64 -->
- actions-runner-linux-arm-2.314.1.tar.gz <!-- BEGIN SHA linux-arm
-->a653dd46dafd47c9a3a6637a18161a1445ac6b9c3f6d6b0305be9e1ee65769af<!--
END SHA linux-arm -->

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTguMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
AdamOlech pushed a commit to antmicro/runner that referenced this pull request Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants