-
Notifications
You must be signed in to change notification settings - Fork 578
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(lambda): Prevent scale-up lambda from starting runner for user repo if org level runners is enabled #3909
base: main
Are you sure you want to change the base?
Changes from 3 commits
7a37d5b
0abb2ff
e0c518f
10576a3
55f332b
94bf0a1
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
import { Octokit } from '@octokit/rest'; | ||
Check notice on line 1 in lambdas/functions/control-plane/src/scale-runners/scale-up.ts
|
||
import { addPersistentContextToChildLogger, createChildLogger } from '@terraform-aws-github-runner/aws-powertools-util'; | ||
import { getParameter, putParameter } from '@terraform-aws-github-runner/aws-ssm-util'; | ||
import yn from 'yn'; | ||
|
@@ -27,6 +27,7 @@ | |
repositoryName: string; | ||
repositoryOwner: string; | ||
installationId: number; | ||
repoOwnerType: string; | ||
} | ||
|
||
interface CreateGitHubRunnerConfig { | ||
|
@@ -250,6 +251,9 @@ | |
`Please ensure you have enabled workflow_job events.`, | ||
); | ||
} | ||
|
||
validateRepoOwnerTypeIfOrgLevelEnabled(payload, enableOrgLevel); | ||
|
||
Check notice on line 256 in lambdas/functions/control-plane/src/scale-runners/scale-up.ts
|
||
const ephemeral = ephemeralEnabled && payload.eventType === 'workflow_job'; | ||
const runnerType = enableOrgLevel ? 'Org' : 'Repo'; | ||
const runnerOwner = enableOrgLevel ? payload.repositoryOwner : `${payload.repositoryOwner}/${payload.repositoryName}`; | ||
|
@@ -341,6 +345,17 @@ | |
} | ||
} | ||
|
||
function validateRepoOwnerTypeIfOrgLevelEnabled(payload: ActionRequestMessage, enableOrgLevel: boolean) { | ||
if (enableOrgLevel && payload.repoOwnerType !== 'Organization') { | ||
logger.warn(`Repository ${payload.repositoryOwner}/${payload.repositoryName} does not belong to a GitHub` + | ||
`organization and organization runners are enabled. This is not supported. Not scaling up for this event.`); | ||
throw Error( | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please do not throw an error, this will send the message back to SQS. And trigger a retry. |
||
`Repository ${payload.repositoryOwner}/${payload.repositoryName} does not belong to a GitHub` + | ||
`organization and organization runners are enabled. This is not supported. Not scaling up for this event.`, | ||
); | ||
} | ||
} | ||
|
||
function addDelay(instances: string[]) { | ||
const delay = async (ms: number) => new Promise((resolve) => setTimeout(resolve, ms)); | ||
const ssmParameterStoreMaxThroughput = 40; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would prefer not to add a global event (module scope) for only a single test. Please can you update the event in the test to set the repoUserType