UNPKG

screwdriver-api

Version:

API server for the Screwdriver.cd service

screwdriver.cd

screwdriver-cd/screwdriver

162 lines (108 loc) 4.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# SD ZIP ARTIFACTS ## Context Currently SD_ZIP_ARTIFACTS function depends on AWS Lambda which has some resource limitation. To be free from the limitation, Screwdriver will have all role to realize the SD_ZIP_ARTIFACTS function. ## Proposal After uploading a zip file in `sd-teardown-screwdriver-artifact-bookend` step, send a message to the queue. The message will be received by the consumer(unzip worker) that unzips the zip file and re-uploads it. ## Overview ![image](diagrams/sd-zip-artifacts-overview.png) Outline: 1. upload zip file to Object Storage(S3) (sd build -> store -> S3) 1. notify to queue-service after upload zip file (sd build -> api -> queue-service) 1. send a message to unzip file (queue-service -> Resque) 1. a consumer(unzip worker) receives the message, then the consumer downloads the zip file and unzips it, re-uploads unzipped files, deletes the zip file ## Flow(Details) ### sd-teardown-screwdriver-artifact-bookend (sd build) 1. When SD_ZIP_ARTIFACTS=true, zip artifacts to SD_ARTIFACT.zip and upload to S3 1. After uploading SD_ARTIFACT.zip, send request to API(/v4/builds/{id}/artifacts/unzip) ### SD API (api) 1. Send request to queue-service #### API |Method|URL|Description| |:--|:--|:--| |POST|/builds/{id}/artifacts/unzip|send a request to the queue-worker to add a message to unzip the file| ##### Authentication & Authorization Use sd-token to allow only requests when the build ID in the token and the id in the path are the same. ##### Parameters |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| |id|integer|path|build ID|12| ##### Response Data Status(Success): 202 Accepted (Successfully sent a message to queue-service) |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| No data to response Status(Error): 401 Unauthorized (Token is not valid) 403 Forbidden (Build ID has no authority) 404 Not Found (The specified build id does not exist) |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| |statusCode|integer|body|status code|401| |error|string|body|outline of error|Unauthorized| |message|string|body|detail message of error|Missing authentication| ### queue-service (queue-service) 1. Create token that has an unzip worker scope. 1. Enqueue the message to queue(Resque) (Queue Name: unzip) #### JWT Information |Name|Value|Description|Example| |:--|:--|:--|:--| |username|build ID|add build ID as username|12| |scope|new component name|scope that shows it's a unzip worker|unzip_worker| |exp|time until unzip|expiration time for JWT. It needs to be valid from sending queue message to re-uploading. Default time should be current time + 2 hours|1634198203| #### Enqueue information |Name|Type|Description|Example| |:--|:--|:--|:--| |buildId|integer|build ID|12| |token|string|unzip worker scope JWT|jwt.unzip.token| #### API |Method|URL|Description| |:--|:--|:--| |POST|/queue/message|enqueue message to unzip file| ##### Authentication & Authorization Use sd-token to only allow requests from SD API ##### Parameters |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| |type|string|query|what kind of operation|unzip| |buildId|integer|body|build ID|12| ##### Response Data Status(Success): 200 OK (Successfully sent a message to queue) |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| No data to response. Status(Error): 401 Unauthorized (Token is not valid) 403 Forbidden (Build ID has no authority) |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| |statusCode|integer|body|status code|401| |error|string|body|outline of error|Unauthorized| |message|string|body|detail message of error|Missing authentication| ### Unzip Worker (unzip worker) This is a new component. 1. Receive message from queue(Resque) the name is unzip. 1. Get SD_ARTIFACT.zip from SD Store by using build ID and Token 1. Unzip the SD_ARTIFACT.zip file and re-upload the unzip files to Store 1. If above process fails, retry. 1. If retry fails 1. Add a statusMessage to the build to notify the user that the unzip has failed 1. Log the failure. 1. Delete SD_ARTIFACT.zip ### SD Store (store) Enable the following operations from unzip worker 1. Download SD_ARTIFACT.zip 1. Upload unzipped artifact files 1. Delete SD_ARTIFACT.zip #### API |Method|URL|Description| |:--|:--|:--| |DELETE|/builds/{id}/{artifact*}|delete zipped artifact files| ##### Authentication & Authorization - Able to Upload, Download, and Delete artifact files by unzip worker scope token - Return an error if the build id of the build artifacts to be operated is different from the build id contained in the token ##### Parameters |Name|Type|In|Description|Example| |:--|:--|:--|:--|:--| |id|integer|path|build ID|12| |artifact*|string|path|path to artifact|ARTIFACTS/SD_ARTIFACT.zip|