public override VssCredentials GetVssCredentials(IHostContext context)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(PersonalAccessToken));
trace.Info(nameof(GetVssCredentials));
ArgUtil.NotNull(CredentialData, nameof(CredentialData));
string token;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.Token, out token))
{
token = null;
}
string username;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.UserName, out username))
{
username = null;
}
ArgUtil.NotNullOrEmpty(token, nameof(token));
ArgUtil.NotNullOrEmpty(username, nameof(username));
trace.Info("token retrieved: {0} chars", token.Length);
// ServiceIdentity uses a service identity credential
VssServiceIdentityToken identityToken = new VssServiceIdentityToken(token);
VssServiceIdentityCredential serviceIdentityCred = new VssServiceIdentityCredential(username, "", identityToken);
VssCredentials creds = new VssCredentials(serviceIdentityCred);
trace.Verbose("cred created");
return creds;
}
public override void EnsureCredential(
IHostContext context,
CommandSettings command,
String serverUrl)
{
// Nothing to verify here
}
void IAgentService.Initialize(IHostContext context)
{
base.Initialize(context);
_context = context;
_keyFile = IOUtil.GetRSACredFilePath();
}
public static void ExpandEnvironmentVariables(IHostContext context, IDictionary<string, string> target)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(VarUtil));
trace.Entering();
// Determine which string comparer to use for the environment variable dictionary.
StringComparer comparer;
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.Linux:
case Constants.OSPlatform.OSX:
comparer = StringComparer.CurrentCulture;
break;
case Constants.OSPlatform.Windows:
comparer = StringComparer.CurrentCultureIgnoreCase;
break;
default:
throw new NotSupportedException();
}
// Copy the environment variables into a dictionary that uses the correct comparer.
var source = new Dictionary<string, string>(comparer);
IDictionary environment = Environment.GetEnvironmentVariables();
foreach (DictionaryEntry entry in environment)
{
string key = entry.Key as string ?? string.Empty;
string val = entry.Value as string ?? string.Empty;
source[key] = val;
}
// Expand the target values.
ExpandValues(context, source, target);
}
// This is only used by build artifact. This isn't a officially supported artifact type in RM
public async Task DownloadArtifactAsync(IExecutionContext executionContext, IHostContext hostContext, ArtifactDefinition artifactDefinition, string dropLocation, string localFolderPath)
{
ArgUtil.NotNull(artifactDefinition, nameof(artifactDefinition));
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNullOrEmpty(localFolderPath, nameof(localFolderPath));
ArgUtil.NotNullOrEmpty(dropLocation, nameof(dropLocation));
var trimChars = new[] { '\\', '/' };
var relativePath = artifactDefinition.Details.RelativePath;
// If user has specified a relative folder in the drop, change the drop location itself.
dropLocation = Path.Combine(dropLocation.TrimEnd(trimChars), relativePath.Trim(trimChars));
var fileSystemManager = hostContext.CreateService<IReleaseFileSystemManager>();
List<string> filePaths =
new DirectoryInfo(dropLocation).EnumerateFiles("*", SearchOption.AllDirectories)
.Select(path => path.FullName)
.ToList();
if (filePaths.Any())
{
foreach (var filePath in filePaths)
{
var filePathRelativeToDrop = filePath.Replace(dropLocation, string.Empty).Trim(trimChars);
using (var fileReader = fileSystemManager.GetFileReader(filePath))
{
await fileSystemManager.WriteStreamToFile(fileReader.BaseStream, Path.Combine(localFolderPath, filePathRelativeToDrop));
}
}
}
else
{
executionContext.Warning(StringUtil.Loc("RMNoArtifactsFound", relativePath));
}
}
internal ApplicationEnvironment(IHostContext hostContext, CellLifeIdentity cellIdentity, SolutionHead solution, AssembliesHead assemblies, Action<IHostCommand> sendCommand)
{
_hostContext = hostContext;
_cellIdentity = cellIdentity;
_solution = solution;
_assemblies = assemblies;
_sendCommand = sendCommand;
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
Trace.Verbose("Creating _store");
_store = hostContext.GetService<IConfigurationStore>();
Trace.Verbose("store created");
_term = hostContext.GetService<ITerminal>();
}
public override void EnsureCredential(IHostContext context, CommandSettings command, string serverUrl)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(PersonalAccessToken));
trace.Info(nameof(EnsureCredential));
ArgUtil.NotNull(command, nameof(command));
CredentialData.Data[Constants.Agent.CommandLine.Args.Token] = command.GetToken();
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_pageId = Guid.NewGuid().ToString();
_pagesFolder = Path.Combine(IOUtil.GetDiagPath(), PagingFolder);
_jobServerQueue = HostContext.GetService<IJobServerQueue>();
Directory.CreateDirectory(_pagesFolder);
}
public override void Initialize(IHostContext hostContext)
{
//Do not call base.Initialize.
//The HostContext.Trace needs SecretMasker to be constructed already.
//We should not call HostContext.GetTrace or trace anywhere from SecretMasker
//implementation, because of the circular dependency (this.Trace is null).
//Also HostContext is null, but we don't need it anyway here.
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
// get pool id from config
var configurationStore = hostContext.GetService<IConfigurationStore>();
AgentSettings agentSetting = configurationStore.GetSettings();
_poolId = agentSetting.PoolId;
}
/// <param name="autoLoadHeadDeploymentIntervalMs">AutoLoad is disabled if set to Timeout.Infinite</param>
public Host(IHostContext context, int autoLoadHeadDeploymentIntervalMs = 30000)
{
_hostContext = context;
_cells = new Dictionary<string, Cell>();
_commandQueue = new BlockingCollection<IHostCommand>();
_autoLoadHeadDeploymentIntervalMs = autoLoadHeadDeploymentIntervalMs;
_autoLoadHeadDeploymentTimer = new Timer(o => _commandQueue.Add(new LoadCurrentHeadDeploymentCommand()), null, Timeout.Infinite, _autoLoadHeadDeploymentIntervalMs);
}
private Cell(IHostContext hostContext, Action<IHostCommand> sendCommand, CellDefinition cellDefinition, SolutionHead deployment, string solutionName, CancellationToken cancellationToken)
{
_hostContext = hostContext;
_sendCommand = sendCommand;
_solutionName = solutionName;
_cellName = cellDefinition.CellName;
_cellDefinition = cellDefinition;
_deployment = deployment;
_cancellationTokenSource = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
}
public CommandLineParser(IHostContext hostContext, string[] secretArgNames)
{
_secretMasker = hostContext.GetService<ISecretMasker>();
_trace = hostContext.GetTrace(nameof(CommandLineParser));
Commands = new List<string>();
Flags = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
Args = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
SecretArgNames = new HashSet<string>(secretArgNames ?? new string[0], StringComparer.OrdinalIgnoreCase);
}
public static void ExpandValues(IHostContext context, IDictionary<string, string> source, IDictionary<string, string> target)
{
ArgUtil.NotNull(context, nameof(context));
ArgUtil.NotNull(source, nameof(source));
Tracing trace = context.GetTrace(nameof(VarUtil));
trace.Entering();
target = target ?? new Dictionary<string, string>();
// This algorithm does not perform recursive replacement.
// Process each key in the target dictionary.
foreach (string targetKey in target.Keys.ToArray())
{
trace.Verbose($"Processing expansion for: '{targetKey}'");
int startIndex = 0;
int prefixIndex;
int suffixIndex;
string targetValue = target[targetKey] ?? string.Empty;
// Find the next macro within the target value.
while (startIndex < targetValue.Length &&
(prefixIndex = targetValue.IndexOf(Constants.Variables.MacroPrefix, startIndex, StringComparison.Ordinal)) >= 0 &&
(suffixIndex = targetValue.IndexOf(Constants.Variables.MacroSuffix, prefixIndex + Constants.Variables.MacroPrefix.Length, StringComparison.Ordinal)) >= 0)
{
// A candidate was found.
string variableKey = targetValue.Substring(
startIndex: prefixIndex + Constants.Variables.MacroPrefix.Length,
length: suffixIndex - prefixIndex - Constants.Variables.MacroPrefix.Length);
trace.Verbose($"Found macro candidate: '{variableKey}'");
string variableValue;
if (!string.IsNullOrEmpty(variableKey) &&
TryGetValue(trace, source, variableKey, out variableValue))
{
// A matching variable was found.
// Update the target value.
trace.Verbose("Macro found.");
targetValue = string.Concat(
targetValue.Substring(0, prefixIndex),
variableValue ?? string.Empty,
targetValue.Substring(suffixIndex + Constants.Variables.MacroSuffix.Length));
// Bump the start index to prevent recursive replacement.
startIndex = prefixIndex + (variableValue ?? string.Empty).Length;
}
else
{
// A matching variable was not found.
trace.Verbose("Macro not found.");
startIndex = prefixIndex + 1;
}
}
target[targetKey] = targetValue ?? string.Empty;
}
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(NegotiateCredential));
trace.Info(nameof(GetVssCredentials));
ArgUtil.NotNull(CredentialData, nameof(CredentialData));
// Get the user name from the credential data.
string userName;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.UserName, out userName))
{
userName = null;
}
ArgUtil.NotNullOrEmpty(userName, nameof(userName));
trace.Info("User name retrieved.");
// Get the password from the credential data.
string password;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.Password, out password))
{
password = null;
}
ArgUtil.NotNullOrEmpty(password, nameof(password));
trace.Info("Password retrieved.");
// Get the URL from the credential data.
string url;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.Url, out url))
{
url = null;
}
ArgUtil.NotNullOrEmpty(url, nameof(url));
trace.Info($"URL retrieved: {url}");
// Create the Negotiate and NTLM credential object.
var credential = new NetworkCredential(userName, password);
var credentialCache = new CredentialCache();
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.Linux:
case Constants.OSPlatform.OSX:
credentialCache.Add(new Uri(url), "NTLM", credential);
break;
case Constants.OSPlatform.Windows:
credentialCache.Add(new Uri(url), "Negotiate", credential);
break;
}
VssCredentials creds = new VssClientCredentials(new WindowsCredential(credentialCache));
trace.Verbose("cred created");
return creds;
}
private bool IsEqualCommand(IHostContext hc, Command e1, Command e2)
{
try
{
if (!string.Equals(e1.Area, e2.Area, StringComparison.OrdinalIgnoreCase))
{
hc.GetTrace("CommandEqual").Info("Area 1={0}, Area 2={1}", e1.Area, e2.Area);
return false;
}
if (!string.Equals(e1.Event, e2.Event, StringComparison.OrdinalIgnoreCase))
{
hc.GetTrace("CommandEqual").Info("Event 1={0}, Event 2={1}", e1.Event, e2.Event);
return false;
}
if (!string.Equals(e1.Data, e2.Data, StringComparison.OrdinalIgnoreCase) && (!string.IsNullOrEmpty(e1.Data) && !string.IsNullOrEmpty(e2.Data)))
{
hc.GetTrace("CommandEqual").Info("Data 1={0}, Data 2={1}", e1.Data, e2.Data);
return false;
}
if (e1.Properties.Count != e2.Properties.Count)
{
hc.GetTrace("CommandEqual").Info("Logging events contain different numbers of Properties,{0} to {1}", e1.Properties.Count, e2.Properties.Count);
return false;
}
if (!e1.Properties.SequenceEqual(e2.Properties))
{
hc.GetTrace("CommandEqual").Info("Logging events contain different Properties");
hc.GetTrace("CommandEqual").Info("Properties for event 1:");
foreach (var data in e1.Properties)
{
hc.GetTrace("CommandEqual").Info("Key={0}, Value={1}", data.Key, data.Value);
}
hc.GetTrace("CommandEqual").Info("Properties for event 2:");
foreach (var data in e2.Properties)
{
hc.GetTrace("CommandEqual").Info("Key={0}, Value={1}", data.Key, data.Value);
}
return false;
}
}
catch (Exception ex)
{
hc.GetTrace("CommandEqual").Info("Catch Exception during compare:{0}", ex.ToString());
return false;
}
return true;
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
Tracing trace = context.GetTrace("PersonalAccessToken");
trace.Info("GetVssCredentials()");
VssBasicCredential loginCred = new VssBasicCredential("test", "password");
VssCredentials creds = new VssClientCredentials(loginCred);
trace.Verbose("cred created");
return creds;
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
// Register all command extensions
var extensionManager = hostContext.GetService<IExtensionManager>();
foreach (var commandExt in extensionManager.GetExtensions<IWorkerCommandExtension>() ?? new List<IWorkerCommandExtension>())
{
Trace.Info($"Register command extension for area {commandExt.CommandArea}");
_commandExtensions[commandExt.CommandArea] = commandExt;
}
}
public override void EnsureCredential(IHostContext context, CommandSettings command, string serverUrl)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(PersonalAccessToken));
trace.Info(nameof(EnsureCredential));
ArgUtil.NotNull(command, nameof(command));
ArgUtil.NotNullOrEmpty(serverUrl, nameof(serverUrl));
//TODO: use Validators.NTAccountValidator when it works on Linux
CredentialData.Data[Constants.Agent.CommandLine.Args.UserName] = command.GetUserName();
CredentialData.Data[Constants.Agent.CommandLine.Args.Password] = command.GetPassword();
CredentialData.Data[Constants.Agent.CommandLine.Args.Url] = serverUrl;
}
public static Cell Run(
IHostContext hostContext,
Action<IHostCommand> sendCommand,
CellDefinition cellDefinition,
SolutionHead deployment,
string solutionName,
CancellationToken cancellationToken)
{
var process = new Cell(hostContext, sendCommand, cellDefinition, deployment, solutionName, cancellationToken);
process.Run();
return process;
}
// Constructor.
public CommandSettings(IHostContext context, string[] args)
{
ArgUtil.NotNull(context, nameof(context));
_context = context;
_promptManager = context.GetService<IPromptManager>();
_trace = context.GetTrace(nameof(CommandSettings));
// Parse the command line args.
_parser = new CommandLineParser(
hostContext: context,
secretArgNames: Constants.Agent.CommandLine.Args.Secrets);
_parser.Parse(args);
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(IntegratedCredential));
trace.Info(nameof(GetVssCredentials));
// Create instance of VssConnection using default Windows credentials (NTLM)
VssCredentials creds = new VssCredentials(true);
trace.Verbose("cred created");
return creds;
}
public Task<string> ProcessRequest(IHostContext context, string jsonObj)
{
VerifyArgument.IsNotNull("context", context);
VerifyArgument.IsNotNullOrWhitespace("jsonObj", jsonObj);
return new Task<string>(() =>
{
var memo = (IMemo)Memo.Parse(_serializer, jsonObj);
// TODO: process message
return memo.ToString(_serializer);
});
}
IIndicator CreateIndicator(IHostContext context, IDictionary<string, object> parameters)
{
IIndicator indicator;
try
{
indicator = (IIndicator)Activator.CreateInstance(this.indicatorType, context, parameters);
}
catch (MissingMethodException)
{
indicator = (IIndicator)Activator.CreateInstance(this.indicatorType);
}
return indicator;
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
var clientId = this.CredentialData.Data.GetValueOrDefault("clientId", null);
var authorizationUrl = this.CredentialData.Data.GetValueOrDefault("authorizationUrl", null);
// We expect the key to be in the machine store at this point. Configuration should have set all of
// this up correctly so we can use the key to generate access tokens.
var keyManager = context.GetService<IRSAKeyManager>();
var signingCredentials = VssSigningCredentials.Create(() => keyManager.GetKey());
var clientCredential = new VssOAuthJwtBearerClientCredential(clientId, authorizationUrl, signingCredentials);
var agentCredential = new VssOAuthCredential(new Uri(authorizationUrl, UriKind.Absolute), VssOAuthGrant.ClientCredentials, clientCredential);
// Construct a credentials cache with a single OAuth credential for communication. The windows credential
// is explicitly set to null to ensure we never do that negotiation.
return new VssCredentials(null, agentCredential, CredentialPromptType.DoNotPrompt);
}
// Constructor.
public CommandSettings(IHostContext context, string[] args)
{
ArgUtil.NotNull(context, nameof(context));
_promptManager = context.GetService <IPromptManager>();
_trace = context.GetTrace(nameof(CommandSettings));
// Parse the command line args.
_parser = new CommandLineParser(
hostContext: context,
secretArgNames: Constants.Agent.CommandLine.Args.Secrets);
_parser.Parse(args);
// Store and remove any args passed via environment variables.
IDictionary environment = Environment.GetEnvironmentVariables();
string envPrefix = "VSTS_AGENT_INPUT_";
foreach (DictionaryEntry entry in environment)
{
// Test if starts with VSTS_AGENT_INPUT_.
string fullKey = entry.Key as string ?? string.Empty;
if (fullKey.StartsWith(envPrefix, StringComparison.OrdinalIgnoreCase))
{
string val = (entry.Value as string ?? string.Empty).Trim();
if (!string.IsNullOrEmpty(val))
{
// Extract the name.
string name = fullKey.Substring(envPrefix.Length);
// Mask secrets.
bool secret = Constants.Agent.CommandLine.Args.Secrets.Any(x => string.Equals(x, name, StringComparison.OrdinalIgnoreCase));
if (secret)
{
context.SecretMasker.AddValue(val);
}
// Store the value.
_envArgs[name] = val;
}
// Remove from the environment block.
_trace.Info($"Removing env var: '{fullKey}'");
Environment.SetEnvironmentVariable(fullKey, null);
}
}
}
public Variables(IHostContext hostContext, IDictionary <string, string> copy, IList <MaskHint> maskHints, out List <string> warnings)
{
// Store/Validate args.
_hostContext = hostContext;
_secretMasker = _hostContext.GetService <ISecretMasker>();
_trace = _hostContext.GetTrace(nameof(Variables));
ArgUtil.NotNull(hostContext, nameof(hostContext));
// Validate the dictionary.
ArgUtil.NotNull(copy, nameof(copy));
foreach (string variableName in copy.Keys)
{
ArgUtil.NotNullOrEmpty(variableName, nameof(variableName));
}
// Filter/validate the mask hints.
ArgUtil.NotNull(maskHints, nameof(maskHints));
MaskHint[] variableMaskHints = maskHints.Where(x => x.Type == MaskType.Variable).ToArray();
foreach (MaskHint maskHint in variableMaskHints)
{
string maskHintValue = maskHint.Value;
ArgUtil.NotNullOrEmpty(maskHintValue, nameof(maskHintValue));
}
// Initialize the variable dictionary.
IEnumerable <Variable> variables =
from string name in copy.Keys
join MaskHint maskHint in variableMaskHints // Join the variable names with the variable mask hints.
on name.ToUpperInvariant() equals maskHint.Value.ToUpperInvariant()
into maskHintGrouping
select new Variable(
name: name,
value: copy[name] ?? string.Empty,
secret: maskHintGrouping.Any());
foreach (Variable variable in variables)
{
// Store the variable. The initial secret values have already been
// registered by the Worker class.
_nonexpanded[variable.Name] = variable;
}
// Recursively expand the variables.
RecalculateExpanded(out warnings);
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_credStoreFile = IOUtil.GetAgentCredStoreFilePath();
if (File.Exists(_credStoreFile))
{
_credStore = IOUtil.LoadObject <Dictionary <string, Credential> >(_credStoreFile);
}
else
{
_credStore = new Dictionary <string, Credential>(StringComparer.OrdinalIgnoreCase);
}
string machineId;
if (File.Exists("/etc/machine-id"))
{
// try use machine-id as encryption key
machineId = File.ReadAllLines("/etc/machine-id").FirstOrDefault();
Trace.Info($"machine-id length {machineId?.Length ?? 0}.");
// machine-id doesn't exist or machine-id is not 256 bits
if (string.IsNullOrEmpty(machineId) || machineId.Length != 32)
{
Trace.Warning("Can not get valid machine id from '/etc/machine-id'.");
machineId = "5f767374735f6167656e745f63726564"; //_vsts_agent_cred
}
}
else
{
// /etc/machine-id not exist
Trace.Warning("/etc/machine-id doesn't exist.");
machineId = "5f767374735f6167656e745f63726564"; //_vsts_agent_cred
}
List <byte> keyBuilder = new List <byte>();
foreach (var c in machineId)
{
keyBuilder.Add(Convert.ToByte(c));
}
_symmetricKey = keyBuilder.ToArray();
}
// This is only used by build artifact. This isn't a officially supported artifact type in RM
public async Task DownloadArtifactAsync(IExecutionContext executionContext, IHostContext hostContext, ArtifactDefinition artifactDefinition, string dropLocation, string localFolderPath)
{
ArgUtil.NotNull(artifactDefinition, nameof(artifactDefinition));
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNullOrEmpty(localFolderPath, nameof(localFolderPath));
ArgUtil.NotNullOrEmpty(dropLocation, nameof(dropLocation));
bool disableRobocopy = executionContext.Variables.GetBoolean(Constants.Variables.Release.DisableRobocopy) ?? false;
if (disableRobocopy == false)
{
await DownloadArtifactUsingRobocopyAsync(executionContext, hostContext, artifactDefinition, dropLocation, localFolderPath);
}
else
{
await DownloadArtifactUsingFileSystemManagerAsync(executionContext, hostContext, artifactDefinition, dropLocation, localFolderPath);
}
}
public ContainerInfo(IHostContext hostContext, Pipelines.JobContainer container, bool isJobContainer = true, string networkAlias = null)
{
this.ContainerName = container.Alias;
string containerImage = container.Image;
ArgUtil.NotNullOrEmpty(containerImage, nameof(containerImage));
this.ContainerImage = containerImage;
this.ContainerDisplayName = $"{container.Alias}_{Pipelines.Validation.NameValidation.Sanitize(containerImage)}_{Guid.NewGuid().ToString("N").Substring(0, 6)}";
this.ContainerCreateOptions = container.Options;
_environmentVariables = container.Environment;
this.IsJobContainer = isJobContainer;
this.ContainerNetworkAlias = networkAlias;
#if OS_WINDOWS
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Work), "C:\\__w"));
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Tools), "C:\\__t")); // Tool cache folder may come from ENV, so we need a unique folder to avoid collision
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Externals), "C:\\__e"));
// add -v '\\.\pipe\docker_engine:\\.\pipe\docker_engine' when they are available (17.09)
#else
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Work), "/__w"));
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Tools), "/__t")); // Tool cache folder may come from ENV, so we need a unique folder to avoid collision
_pathMappings.Add(new PathMapping(hostContext.GetDirectory(WellKnownDirectory.Externals), "/__e"));
if (this.IsJobContainer)
{
this.MountVolumes.Add(new MountVolume("/var/run/docker.sock", "/var/run/docker.sock"));
}
#endif
if (container.Ports?.Count > 0)
{
foreach (var port in container.Ports)
{
UserPortMappings[port] = port;
}
}
if (container.Volumes?.Count > 0)
{
foreach (var volume in container.Volumes)
{
UserMountVolumes[volume] = volume;
}
}
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_registeredCommands.Add(_stopCommand);
// Register all command extensions
var extensionManager = hostContext.GetService <IExtensionManager>();
foreach (var commandExt in extensionManager.GetExtensions <IActionCommandExtension>() ?? new List <IActionCommandExtension>())
{
Trace.Info($"Register action command extension for command {commandExt.Command}");
_commandExtensions[commandExt.Command] = commandExt;
if (commandExt.Command != "internal-set-repo-path")
{
_registeredCommands.Add(commandExt.Command);
}
}
}
public override void Initialize(IHostContext hostContext)
{
ArgUtil.NotNull(hostContext, nameof(hostContext));
base.Initialize(hostContext);
_terminal = hostContext.GetService <ITerminal>();
_agentServer = HostContext.GetService <IAgentServer>();
var configStore = HostContext.GetService <IConfigurationStore>();
var settings = configStore.GetSettings();
_poolId = settings.PoolId;
_agentId = settings.AgentId;
_serverUrl = settings.ServerUrl;
var credManager = HostContext.GetService <ICredentialManager>();
_creds = credManager.LoadCredentials();
_locationServer = HostContext.GetService <ILocationServer>();
_hashValidationDisabled = AgentKnobs.DisableHashValidation.GetValue(_knobContext).AsBoolean();
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
var assembly = Assembly.GetExecutingAssembly();
var json = default(string);
using (var stream = assembly.GetManifestResourceStream("GitHub.Runner.Worker.action_yaml.json"))
using (var streamReader = new StreamReader(stream))
{
json = streamReader.ReadToEnd();
}
var objectReader = new JsonObjectReader(null, json);
_actionManifestSchema = TemplateSchema.Load(objectReader);
ArgUtil.NotNull(_actionManifestSchema, nameof(_actionManifestSchema));
Trace.Info($"Load schema file with definitions: {StringUtil.ConvertToJson(_actionManifestSchema.Definitions.Keys)}");
}
public static string GetEnvironmentVariable(this Process process, IHostContext hostContext, string variable)
{
ArgUtil.NotNull(process, nameof(process));
ArgUtil.NotNull(hostContext, nameof(hostContext));
ArgUtil.NotNull(variable, nameof(variable));
switch (PlatformUtil.HostOS)
{
case PlatformUtil.OS.Linux:
return(GetEnvironmentVariableLinux(process, hostContext, variable));
case PlatformUtil.OS.OSX:
return(GetEnvironmentVariableUsingPs(process, hostContext, variable));
case PlatformUtil.OS.Windows:
return(WindowsEnvVarHelper.GetEnvironmentVariable(process, hostContext, variable));
}
throw new NotImplementedException($"Cannot look up environment variables on {PlatformUtil.HostOS}");
}
public ScriptAction(IHostContext hostCtx, IScripter scripter, IScripterParser parser, IScripterConfigStorage configStorage)
{
if (hostCtx == null)
{
throw new ArgumentNullException("hostCtx");
}
if (scripter == null)
{
throw new ArgumentNullException("scripter");
}
if (parser == null)
{
throw new ArgumentNullException("parser");
}
_hostCtx = hostCtx;
_scripter = scripter;
_parser = parser;
_configStorage = configStorage;
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
var currentAssemblyLocation = System.Reflection.Assembly.GetEntryAssembly().Location;
Trace.Info("currentAssemblyLocation: {0}", currentAssemblyLocation);
_binPath = IOUtil.GetBinPath();
Trace.Info("binPath: {0}", _binPath);
RootFolder = IOUtil.GetRootPath();
Trace.Info("RootFolder: {0}", RootFolder);
_configFilePath = IOUtil.GetConfigFilePath();
Trace.Info("ConfigFilePath: {0}", _configFilePath);
_credFilePath = IOUtil.GetCredFilePath();
Trace.Info("CredFilePath: {0}", _credFilePath);
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
// get pool id from config
var configurationStore = hostContext.GetService <IConfigurationStore>();
AgentSettings agentSetting = configurationStore.GetSettings();
_poolId = agentSetting.PoolId;
int channelTimeoutSeconds;
if (!int.TryParse(Environment.GetEnvironmentVariable("VSTS_AGENT_CHANNEL_TIMEOUT") ?? string.Empty, out channelTimeoutSeconds))
{
channelTimeoutSeconds = 30;
}
// _channelTimeout should in range [30, 300] seconds
_channelTimeout = TimeSpan.FromSeconds(Math.Min(Math.Max(channelTimeoutSeconds, 30), 300));
}
public override void ReadCredential(IHostContext context, Dictionary <string, string> args, bool enforceSupplied)
{
Tracing trace = context.GetTrace("PersonalAccessToken");
trace.Info("ReadCredentials()");
var wizard = context.GetService <IConsoleWizard>();
trace.Verbose("reading token");
string tokenVal = wizard.ReadValue("token",
"PersonalAccessToken",
true,
String.Empty,
// can do better
Validators.NonEmptyValidator,
args,
enforceSupplied);
CredentialData.Data["token"] = tokenVal;
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
// Register all command extensions
var extensionManager = hostContext.GetService <IExtensionManager>();
foreach (var commandExt in extensionManager.GetExtensions <IWorkerCommandExtension>() ?? new List <IWorkerCommandExtension>())
{
Trace.Info($"Register command extension for area {commandExt.CommandArea}");
if (!string.Equals(commandExt.CommandArea, "plugininternal", StringComparison.OrdinalIgnoreCase))
{
_commandExtensions[commandExt.CommandArea] = commandExt;
}
else
{
_pluginInternalCommandExtensions = commandExt;
}
}
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
var clientId = this.CredentialData.Data.GetValueOrDefault("clientId", null);
var authorizationUrl = this.CredentialData.Data.GetValueOrDefault("authorizationUrl", null);
ArgUtil.NotNullOrEmpty(clientId, nameof(clientId));
ArgUtil.NotNullOrEmpty(authorizationUrl, nameof(authorizationUrl));
// For TFS, we need make sure the Schema/Host/Port component of the authorization url also match configuration url.
// We can't do this for VSTS, since its SPS/TFS urls are different.
var configStore = context.GetService <IConfigurationStore>();
if (configStore.IsConfigured())
{
UriBuilder configServerUrl = new UriBuilder(configStore.GetSettings().ServerUrl);
UriBuilder authorizationUrlBuilder = new UriBuilder(authorizationUrl);
if (!UrlUtil.IsHosted(configServerUrl.Uri.AbsoluteUri) &&
Uri.Compare(configServerUrl.Uri, authorizationUrlBuilder.Uri, UriComponents.SchemeAndServer, UriFormat.Unescaped, StringComparison.OrdinalIgnoreCase) != 0)
{
authorizationUrlBuilder.Scheme = configServerUrl.Scheme;
authorizationUrlBuilder.Host = configServerUrl.Host;
authorizationUrlBuilder.Port = configServerUrl.Port;
var trace = context.GetTrace(nameof(OAuthCredential));
trace.Info($"Replace authorization url's scheme://host:port component with agent configure url's scheme://host:port: '{authorizationUrlBuilder.Uri.AbsoluteUri}'.");
authorizationUrl = authorizationUrlBuilder.Uri.AbsoluteUri;
}
}
// We expect the key to be in the machine store at this point. Configuration should have set all of
// this up correctly so we can use the key to generate access tokens.
var keyManager = context.GetService <IRSAKeyManager>();
var signingCredentials = VssSigningCredentials.Create(() => keyManager.GetKey());
var clientCredential = new VssOAuthJwtBearerClientCredential(clientId, authorizationUrl, signingCredentials);
var agentCredential = new VssOAuthCredential(new Uri(authorizationUrl, UriKind.Absolute), VssOAuthGrant.ClientCredentials, clientCredential);
// Construct a credentials cache with a single OAuth credential for communication. The windows credential
// is explicitly set to null to ensure we never do that negotiation.
return(new VssCredentials(null, agentCredential, CredentialPromptType.DoNotPrompt));
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
// get pool id from config
var configurationStore = hostContext.GetService <IConfigurationStore>();
_runnerSetting = configurationStore.GetSettings();
_poolId = _runnerSetting.PoolId;
int channelTimeoutSeconds;
if (!int.TryParse(Environment.GetEnvironmentVariable("GITHUB_ACTIONS_RUNNER_CHANNEL_TIMEOUT") ?? string.Empty, out channelTimeoutSeconds))
{
channelTimeoutSeconds = 30;
}
// _channelTimeout should in range [30, 300] seconds
_channelTimeout = TimeSpan.FromSeconds(Math.Min(Math.Max(channelTimeoutSeconds, 30), 300));
Trace.Info($"Set runner/worker IPC timeout to {_channelTimeout.TotalSeconds} seconds.");
}
public static JToken ExpandEnvironmentVariables(IHostContext context, JToken target)
{
var mapFuncs = new Dictionary <JTokenType, Func <JToken, JToken> >
{
{
JTokenType.String,
(t) => {
var token = new Dictionary <string, string>()
{
{
"token", t.ToString()
}
};
ExpandEnvironmentVariables(context, token);
return(token["token"]);
}
}
};
return(target.Map(mapFuncs));
}
public static void ExpandEnvironmentVariables(IHostContext context, IDictionary <string, string> target)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(VarUtil));
trace.Entering();
// Copy the environment variables into a dictionary that uses the correct comparer.
var source = new Dictionary <string, string>(EnvironmentVariableKeyComparer);
IDictionary environment = Environment.GetEnvironmentVariables();
foreach (DictionaryEntry entry in environment)
{
string key = entry.Key as string ?? string.Empty;
string val = entry.Value as string ?? string.Empty;
source[key] = val;
}
// Expand the target values.
ExpandValues(context, source, target);
}
public static async Task SetEncoding(IHostContext hostContext, Tracing trace, CancellationToken cancellationToken)
{
#if OS_WINDOWS
try
{
if (Console.InputEncoding.CodePage != 65001)
{
using (var p = hostContext.CreateService <IProcessInvoker>())
{
// Use UTF8 code page
int exitCode = await p.ExecuteAsync(workingDirectory : hostContext.GetDirectory(WellKnownDirectory.Work),
fileName : WhichUtil.Which("chcp", true, trace),
arguments : "65001",
environment : null,
requireExitCodeZero : false,
outputEncoding : null,
killProcessOnCancel : false,
redirectStandardIn : null,
inheritConsoleHandler : true,
cancellationToken : cancellationToken);
if (exitCode == 0)
{
trace.Info("Successfully returned to code page 65001 (UTF8)");
}
else
{
trace.Warning($"'chcp 65001' failed with exit code {exitCode}");
}
}
}
}
catch (Exception ex)
{
trace.Warning($"'chcp 65001' failed with exception {ex.Message}");
}
#endif
// Dummy variable to prevent compiler error CS1998: "This async method lacks 'await' operators and will run synchronously..."
await Task.CompletedTask;
}
private Uri GetTenantAuthorityUrl(IHostContext context, string serverUrl)
{
Tracing trace = context.GetTrace(nameof(AadDeviceCodeAccessToken));
using (var handler = context.CreateHttpClientHandler())
using (var client = new HttpClient(handler))
{
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Add("X-TFS-FedAuthRedirect", "Suppress");
client.DefaultRequestHeaders.UserAgent.Clear();
client.DefaultRequestHeaders.UserAgent.AddRange(VssClientHttpRequestSettings.Default.UserAgent);
using (var requestMessage = new HttpRequestMessage(HttpMethod.Head, $"{serverUrl.Trim('/')}/_apis/connectiondata"))
{
HttpResponseMessage response;
try
{
response = client.SendAsync(requestMessage).GetAwaiter().GetResult();
}
catch (SocketException e)
{
ExceptionsUtil.HandleSocketException(e, serverUrl, trace.Error);
throw;
}
// Get the tenant from the Login URL, MSA backed accounts will not return `Bearer` www-authenticate header.
var bearerResult = response.Headers.WwwAuthenticate.Where(p => p.Scheme.Equals("Bearer", StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (bearerResult != null && bearerResult.Parameter.StartsWith("authorization_uri=", StringComparison.OrdinalIgnoreCase))
{
var authorizationUri = bearerResult.Parameter.Substring("authorization_uri=".Length);
if (Uri.TryCreate(authorizationUri, UriKind.Absolute, out Uri aadTenantUrl))
{
return(aadTenantUrl);
}
}
return(null);
}
}
}
private static string GetEnvironmentVariableLinux(Process process, IHostContext hostContext, string variable)
{
var trace = hostContext.GetTrace(nameof(ProcessExtensions));
if (!Directory.Exists("/proc"))
{
return(GetEnvironmentVariableUsingPs(process, hostContext, variable));
}
Dictionary <string, string> env = new Dictionary <string, string>();
string envFile = $"/proc/{process.Id}/environ";
trace.Info($"Read env from {envFile}");
string envContent = File.ReadAllText(envFile);
if (!string.IsNullOrEmpty(envContent))
{
// on linux, environment variables are seprated by '\0'
var envList = envContent.Split('\0', StringSplitOptions.RemoveEmptyEntries);
foreach (var envStr in envList)
{
// split on the first '='
var keyValuePair = envStr.Split('=', 2);
if (keyValuePair.Length == 2)
{
env[keyValuePair[0]] = keyValuePair[1];
trace.Verbose($"PID:{process.Id} ({keyValuePair[0]}={keyValuePair[1]})");
}
}
}
if (env.TryGetValue(variable, out string envVariable))
{
return(envVariable);
}
else
{
return(null);
}
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
var clientId = this.CredentialData.Data.GetValueOrDefault("clientId", null);
var authorizationUrl = this.CredentialData.Data.GetValueOrDefault("authorizationUrl", null);
// For back compat with .credential file that doesn't has 'oauthEndpointUrl' section
var oauthEndpointUrl = this.CredentialData.Data.GetValueOrDefault("oauthEndpointUrl", authorizationUrl);
ArgUtil.NotNullOrEmpty(clientId, nameof(clientId));
ArgUtil.NotNullOrEmpty(authorizationUrl, nameof(authorizationUrl));
// We expect the key to be in the machine store at this point. Configuration should have set all of
// this up correctly so we can use the key to generate access tokens.
var keyManager = context.GetService <IRSAKeyManager>();
var signingCredentials = VssSigningCredentials.Create(() => keyManager.GetKey(), StringUtil.ConvertToBoolean(CredentialData.Data.GetValueOrDefault("requireFipsCryptography"), false));
var clientCredential = new VssOAuthJwtBearerClientCredential(clientId, authorizationUrl, signingCredentials);
var agentCredential = new VssOAuthCredential(new Uri(oauthEndpointUrl, UriKind.Absolute), VssOAuthGrant.ClientCredentials, clientCredential);
// Construct a credentials cache with a single OAuth credential for communication. The windows credential
// is explicitly set to null to ensure we never do that negotiation.
return(new VssCredentials(agentCredential, CredentialPromptType.DoNotPrompt));
}
public static void ExpandEnvironmentVariables(IHostContext context, IDictionary <string, string> target)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(VarUtil));
trace.Entering();
// Determine which string comparer to use for the environment variable dictionary.
StringComparer comparer;
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.Linux:
case Constants.OSPlatform.OSX:
comparer = StringComparer.CurrentCulture;
break;
case Constants.OSPlatform.Windows:
comparer = StringComparer.CurrentCultureIgnoreCase;
break;
default:
throw new NotSupportedException();
}
// Copy the environment variables into a dictionary that uses the correct comparer.
var source = new Dictionary <string, string>(comparer);
IDictionary environment = Environment.GetEnvironmentVariables();
foreach (DictionaryEntry entry in environment)
{
string key = entry.Key as string ?? string.Empty;
string val = entry.Value as string ?? string.Empty;
source[key] = val;
}
// Expand the target values.
ExpandValues(context, source, target);
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
var currentAssemblyLocation = System.Reflection.Assembly.GetEntryAssembly().Location;
Trace.Info("currentAssemblyLocation: {0}", currentAssemblyLocation);
_binPath = IOUtil.GetBinPath();
Trace.Info("binPath: {0}", _binPath);
RootFolder = IOUtil.GetRootPath();
Trace.Info("RootFolder: {0}", RootFolder);
_configFilePath = IOUtil.GetConfigFilePath();
Trace.Info("ConfigFilePath: {0}", _configFilePath);
_credFilePath = IOUtil.GetCredFilePath();
Trace.Info("CredFilePath: {0}", _credFilePath);
_serviceConfigFilePath = IOUtil.GetServiceConfigFilePath();
Trace.Info("ServiceConfigFilePath: {0}", _serviceConfigFilePath);
}
private async Task VerifyInteractiveSessionCapability(IHostContext hc, CancellationToken token, bool expectedValue)
{
// Arrange
var provider = new AgentCapabilitiesProvider();
provider.Initialize(hc);
var settings = new AgentSettings()
{
AgentName = "IAmAgent007"
};
// Act
List <Capability> capabilities = await provider.GetCapabilitiesAsync(settings, token);
// Assert
Assert.NotNull(capabilities);
Capability iSessionCapability = capabilities.SingleOrDefault(x => string.Equals(x.Name, "InteractiveSession", StringComparison.Ordinal));
Assert.NotNull(iSessionCapability);
bool.TryParse(iSessionCapability.Value, out bool isInteractive);
Assert.Equal(expectedValue, isInteractive);
}
private static async Task CreateDirectoryReparsePoint(IHostContext context, string link, string target)
{
#if OS_WINDOWS
string fileName = Environment.GetEnvironmentVariable("ComSpec");
string arguments = $@"/c ""mklink /J ""{link}"" {target}""""";
#else
string fileName = "/bin/ln";
string arguments = $@"-s ""{target}"" ""{link}""";
#endif
ArgUtil.File(fileName, nameof(fileName));
using (var processInvoker = new ProcessInvoker())
{
processInvoker.Initialize(context);
await processInvoker.ExecuteAsync(
workingDirectory : IOUtil.GetBinPath(),
fileName : fileName,
arguments : arguments,
environment : null,
requireExitCodeZero : true,
cancellationToken : CancellationToken.None);
}
}
public override void ReadCredential(IHostContext context, Dictionary <string, string> args, bool enforceSupplied)
{
var wizard = context.GetService <IConsoleWizard>();
CredentialData.Data["Username"] = wizard.ReadValue("username",
"Username",
false,
String.Empty,
// can do better
Validators.NonEmptyValidator,
args,
enforceSupplied);
CredentialData.Data["Password"] = wizard.ReadValue("password",
"Password",
true,
String.Empty,
// can do better
Validators.NonEmptyValidator,
args,
enforceSupplied);
}
private static async Task CreateDirectoryReparsePoint(IHostContext context, string link, string target)
{
string fileName = (TestUtil.IsWindows())
? Environment.GetEnvironmentVariable("ComSpec")
: "/bin/ln";
string arguments = (TestUtil.IsWindows())
? $@"/c ""mklink /J ""{link}"" {target}"""""
: $@"-s ""{target}"" ""{link}""";
ArgUtil.File(fileName, nameof(fileName));
using (var processInvoker = new ProcessInvokerWrapper())
{
processInvoker.Initialize(context);
await processInvoker.ExecuteAsync(
workingDirectory : context.GetDirectory(WellKnownDirectory.Bin),
fileName : fileName,
arguments : arguments,
environment : null,
requireExitCodeZero : true,
cancellationToken : CancellationToken.None);
}
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
var currentAssemblyLocation = System.Reflection.Assembly.GetEntryAssembly().Location;
Trace.Info("currentAssemblyLocation: {0}", currentAssemblyLocation);
_binPath = HostContext.GetDirectory(WellKnownDirectory.Bin);
Trace.Info("binPath: {0}", _binPath);
RootFolder = HostContext.GetDirectory(WellKnownDirectory.Root);
Trace.Info("RootFolder: {0}", RootFolder);
_configFilePath = hostContext.GetConfigFile(WellKnownConfigFile.Runner);
Trace.Info("ConfigFilePath: {0}", _configFilePath);
_credFilePath = hostContext.GetConfigFile(WellKnownConfigFile.Credentials);
Trace.Info("CredFilePath: {0}", _credFilePath);
_serviceConfigFilePath = hostContext.GetConfigFile(WellKnownConfigFile.Service);
Trace.Info("ServiceConfigFilePath: {0}", _serviceConfigFilePath);
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
Tracing trace = context.GetTrace("PersonalAccessToken");
trace.Info("GetVssCredentials()");
if (CredentialData == null || !CredentialData.Data.ContainsKey("token"))
{
throw new InvalidOperationException("Must call ReadCredential first.");
}
string token = CredentialData.Data["token"];
trace.Info("token retrieved: {0} chars", token.Length);
// PAT uses a basic credential
VssBasicCredential loginCred = new VssBasicCredential("VstsAgent", token);
VssCredentials creds = new VssClientCredentials(loginCred);
trace.Verbose("cred created");
return(creds);
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(PersonalAccessToken));
trace.Info(nameof(GetVssCredentials));
ArgUtil.NotNull(CredentialData, nameof(CredentialData));
string token;
if (!CredentialData.Data.TryGetValue(Constants.Agent.CommandLine.Args.Token, out token))
{
token = null;
}
ArgUtil.NotNullOrEmpty(token, nameof(token));
trace.Info("token retrieved: {0} chars", token.Length);
// PAT uses a basic credential
VssBasicCredential basicCred = new VssBasicCredential("VstsAgent", token);
VssCredentials creds = new VssClientCredentials(basicCred);
trace.Verbose("cred created");
return creds;
}
public override VssCredentials GetVssCredentials(IHostContext context)
{
ArgUtil.NotNull(context, nameof(context));
Tracing trace = context.GetTrace(nameof(OAuthAccessTokenCredential));
trace.Info(nameof(GetVssCredentials));
ArgUtil.NotNull(CredentialData, nameof(CredentialData));
string token;
if (!CredentialData.Data.TryGetValue(Constants.Runner.CommandLine.Args.Token, out token))
{
token = null;
}
ArgUtil.NotNullOrEmpty(token, nameof(token));
trace.Info("token retrieved: {0} chars", token.Length);
VssCredentials creds = new VssCredentials(new VssOAuthAccessTokenCredential(token), CredentialPromptType.DoNotPrompt);
trace.Info("cred created");
return(creds);
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_secretMasker = hostContext.GetService<ISecretMasker>();
Console.CancelKeyPress += Console_CancelKeyPress;
}
public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_windowsServiceHelper = HostContext.GetService<INativeWindowsServiceHelper>();
}
