2021-09-28 11:52:51 +00:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
|
|
|
|
|
import argparse
|
|
|
|
|
import sys
|
|
|
|
|
|
2022-11-28 16:31:22 +00:00
|
|
|
import boto3 # type: ignore
|
2024-02-28 21:58:33 +00:00
|
|
|
import requests
|
2024-02-29 01:21:39 +00:00
|
|
|
from lambda_shared.token import get_access_token_by_key_app, get_cached_access_token
|
2022-03-22 16:39:58 +00:00
|
|
|
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
def get_runner_registration_token(access_token):
|
|
|
|
|
headers = {
|
|
|
|
|
"Authorization": f"token {access_token}",
|
|
|
|
|
"Accept": "application/vnd.github.v3+json",
|
|
|
|
|
}
|
2022-03-22 16:39:58 +00:00
|
|
|
response = requests.post(
|
|
|
|
|
"https://api.github.com/orgs/ClickHouse/actions/runners/registration-token",
|
|
|
|
|
headers=headers,
|
2024-02-29 01:21:39 +00:00
|
|
|
timeout=30,
|
2022-03-22 16:39:58 +00:00
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
response.raise_for_status()
|
|
|
|
|
data = response.json()
|
2022-03-22 16:39:58 +00:00
|
|
|
return data["token"]
|
|
|
|
|
|
2021-09-28 11:52:51 +00:00
|
|
|
|
2023-05-23 16:47:19 +00:00
|
|
|
def main(access_token, push_to_ssm, ssm_parameter_name):
|
2021-09-28 11:52:51 +00:00
|
|
|
runner_registration_token = get_runner_registration_token(access_token)
|
|
|
|
|
|
|
|
|
|
if push_to_ssm:
|
|
|
|
|
print("Trying to put params into ssm manager")
|
2022-03-22 16:39:58 +00:00
|
|
|
client = boto3.client("ssm")
|
2021-09-28 11:52:51 +00:00
|
|
|
client.put_parameter(
|
|
|
|
|
Name=ssm_parameter_name,
|
|
|
|
|
Value=runner_registration_token,
|
2022-03-22 16:39:58 +00:00
|
|
|
Type="SecureString",
|
|
|
|
|
Overwrite=True,
|
|
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
else:
|
2022-03-22 16:39:58 +00:00
|
|
|
print(
|
|
|
|
|
"Not push token to AWS Parameter Store, just print:",
|
|
|
|
|
runner_registration_token,
|
|
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def handler(event, context):
|
2024-02-29 01:21:39 +00:00
|
|
|
_, _ = event, context
|
2023-05-23 16:47:19 +00:00
|
|
|
main(get_cached_access_token(), True, "github_runner_registration_token")
|
2022-03-22 16:39:58 +00:00
|
|
|
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
2022-03-22 16:39:58 +00:00
|
|
|
parser = argparse.ArgumentParser(
|
|
|
|
|
description="Get new token from github to add runners"
|
|
|
|
|
)
|
|
|
|
|
parser.add_argument(
|
|
|
|
|
"-p", "--private-key-path", help="Path to file with private key"
|
|
|
|
|
)
|
|
|
|
|
parser.add_argument("-k", "--private-key", help="Private key")
|
|
|
|
|
parser.add_argument(
|
|
|
|
|
"-a", "--app-id", type=int, help="GitHub application ID", required=True
|
|
|
|
|
)
|
|
|
|
|
parser.add_argument(
|
|
|
|
|
"--push-to-ssm",
|
|
|
|
|
action="store_true",
|
|
|
|
|
help="Store received token in parameter store",
|
|
|
|
|
)
|
|
|
|
|
parser.add_argument(
|
|
|
|
|
"--ssm-parameter-name",
|
|
|
|
|
default="github_runner_registration_token",
|
|
|
|
|
help="AWS paramater store parameter name",
|
|
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
|
|
|
if not args.private_key_path and not args.private_key:
|
2022-03-22 16:39:58 +00:00
|
|
|
print(
|
|
|
|
|
"Either --private-key-path or --private-key must be specified",
|
|
|
|
|
file=sys.stderr,
|
|
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
if args.private_key_path and args.private_key:
|
2022-03-22 16:39:58 +00:00
|
|
|
print(
|
|
|
|
|
"Either --private-key-path or --private-key must be specified",
|
|
|
|
|
file=sys.stderr,
|
|
|
|
|
)
|
2021-09-28 11:52:51 +00:00
|
|
|
|
|
|
|
|
if args.private_key:
|
|
|
|
|
private_key = args.private_key
|
|
|
|
|
else:
|
2024-02-29 01:21:39 +00:00
|
|
|
with open(args.private_key_path, "r", encoding="utf-8") as key_file:
|
2021-09-28 11:52:51 +00:00
|
|
|
private_key = key_file.read()
|
|
|
|
|
|
2023-05-23 16:47:19 +00:00
|
|
|
token = get_access_token_by_key_app(private_key, args.app_id)
|
|
|
|
|
main(token, args.push_to_ssm, args.ssm_parameter_name)
|
