Remove retry logic (#389)
The retries make debugging strictly more complex, and it's not clear that retrying provides actual value. If we need retries in the future, we should push them down into the per-API level.
This commit is contained in:
Seth Vargo
GitHub
parent
5a50e58116
commit
39c96a3f1d
10
action.yml
10
action.yml
@ -132,24 +132,28 @@ inputs:
|
|||||||
default: ''
|
default: ''
|
||||||
required: false
|
required: false
|
||||||
|
|
||||||
# retries
|
# retries - TODO - remove in v3.0
|
||||||
retries:
|
retries:
|
||||||
description: |-
|
description: |-
|
||||||
Number of times to retry a failed authentication attempt. This is useful
|
Number of times to retry a failed authentication attempt. This is useful
|
||||||
for automated pipelines that may execute before IAM permissions are fully
|
for automated pipelines that may execute before IAM permissions are fully
|
||||||
propogated.
|
propogated.
|
||||||
default: '3'
|
deprecationMessage: |-
|
||||||
|
This field is no longer used and will be removed in a future release.
|
||||||
required: false
|
required: false
|
||||||
backoff:
|
backoff:
|
||||||
description: |-
|
description: |-
|
||||||
Delay time before trying another authentication attempt. This is
|
Delay time before trying another authentication attempt. This is
|
||||||
implemented using a fibonacci backoff method (e.g. 1-1-2-3-5). The default
|
implemented using a fibonacci backoff method (e.g. 1-1-2-3-5). The default
|
||||||
value is 250 milliseconds.
|
value is 250 milliseconds.
|
||||||
default: '250'
|
deprecationMessage: |-
|
||||||
|
This field is no longer used and will be removed in a future release.
|
||||||
required: false
|
required: false
|
||||||
backoff_limit:
|
backoff_limit:
|
||||||
description: |-
|
description: |-
|
||||||
Limits the retry backoff to the specified value.
|
Limits the retry backoff to the specified value.
|
||||||
|
deprecationMessage: |-
|
||||||
|
This field is no longer used and will be removed in a future release.
|
||||||
required: false
|
required: false
|
||||||
|
|
||||||
# id token params
|
# id token params
|
||||||
|
|||||||
6
dist/main/index.js
vendored
6
dist/main/index.js
vendored
File diff suppressed because one or more lines are too long
6
dist/post/index.js
vendored
6
dist/post/index.js
vendored
File diff suppressed because one or more lines are too long
42
src/main.ts
42
src/main.ts
@ -31,7 +31,6 @@ import {
|
|||||||
parseMultilineCSV,
|
parseMultilineCSV,
|
||||||
parseDuration,
|
parseDuration,
|
||||||
pinnedToHeadWarning,
|
pinnedToHeadWarning,
|
||||||
withRetries,
|
|
||||||
} from '@google-github-actions/actions-utils';
|
} from '@google-github-actions/actions-utils';
|
||||||
|
|
||||||
import {
|
import {
|
||||||
@ -59,41 +58,13 @@ const oidcWarning =
|
|||||||
`GitHub Actions workflow permissions are incorrect, or this job is being ` +
|
`GitHub Actions workflow permissions are incorrect, or this job is being ` +
|
||||||
`run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token`;
|
`run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token`;
|
||||||
|
|
||||||
/**
|
export async function run(logger: Logger) {
|
||||||
* Executes the main action.
|
|
||||||
*/
|
|
||||||
async function run(): Promise<void> {
|
|
||||||
const logger = new Logger();
|
|
||||||
|
|
||||||
// Warn if pinned to HEAD
|
// Warn if pinned to HEAD
|
||||||
if (isPinnedToHead()) {
|
if (isPinnedToHead()) {
|
||||||
logger.warning(pinnedToHeadWarning('v2'));
|
logger.warning(pinnedToHeadWarning('v2'));
|
||||||
}
|
}
|
||||||
|
|
||||||
const retries = Number(getInput('retries'));
|
|
||||||
|
|
||||||
// set to undefined when not provided [avoids Number('') -> 0]
|
|
||||||
const backoff = Number(getInput('backoff')) || undefined;
|
|
||||||
const backoffLimit = Number(getInput('backoff_limit')) || undefined;
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const mainWithRetries = withRetries(async () => main(logger), {
|
|
||||||
retries: retries,
|
|
||||||
backoff: backoff,
|
|
||||||
backoffLimit: backoffLimit,
|
|
||||||
});
|
|
||||||
|
|
||||||
await mainWithRetries();
|
|
||||||
} catch (err) {
|
|
||||||
const msg = errorMessage(err);
|
|
||||||
setFailed(`google-github-actions/auth failed with: ${msg}`);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Main wraps the main action logic into a function to be used as a parameter to the withRetries function.
|
|
||||||
*/
|
|
||||||
async function main(logger: Logger) {
|
|
||||||
// Load configuration.
|
// Load configuration.
|
||||||
const projectID = computeProjectID(
|
const projectID = computeProjectID(
|
||||||
getInput(`project_id`),
|
getInput(`project_id`),
|
||||||
@ -303,7 +274,8 @@ async function main(logger: Logger) {
|
|||||||
);
|
);
|
||||||
const signedJWT = await client.signJWT(unsignedJWT);
|
const signedJWT = await client.signJWT(unsignedJWT);
|
||||||
|
|
||||||
accessToken = await iamCredentialsClient.generateDomainWideDelegationAccessToken(signedJWT);
|
accessToken =
|
||||||
|
await iamCredentialsClient.generateDomainWideDelegationAccessToken(signedJWT);
|
||||||
} else {
|
} else {
|
||||||
accessToken = await iamCredentialsClient.generateAccessToken({
|
accessToken = await iamCredentialsClient.generateAccessToken({
|
||||||
serviceAccount,
|
serviceAccount,
|
||||||
@ -346,6 +318,12 @@ async function main(logger: Logger) {
|
|||||||
throw new Error(`Unknown token format "${tokenFormat}"`);
|
throw new Error(`Unknown token format "${tokenFormat}"`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
} catch (err) {
|
||||||
|
const msg = errorMessage(err);
|
||||||
|
setFailed(`google-github-actions/auth failed with: ${msg}`);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
run();
|
if (require.main === module) {
|
||||||
|
run(new Logger());
|
||||||
|
}
|
||||||
|
|||||||
23
src/post.ts
23
src/post.ts
@ -18,21 +18,8 @@ import { errorMessage, forceRemove } from '@google-github-actions/actions-utils'
|
|||||||
|
|
||||||
import { Logger } from './logger';
|
import { Logger } from './logger';
|
||||||
|
|
||||||
/**
|
export async function run(logger: Logger) {
|
||||||
* Executes the post action, documented inline.
|
|
||||||
*/
|
|
||||||
export async function run() {
|
|
||||||
const logger = new Logger();
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
main(logger);
|
|
||||||
} catch (err) {
|
|
||||||
const msg = errorMessage(err);
|
|
||||||
setFailed(`google-github-actions/auth post failed with: ${msg}`);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async function main(logger: Logger) {
|
|
||||||
const createCredentials = getBooleanInput('create_credentials_file');
|
const createCredentials = getBooleanInput('create_credentials_file');
|
||||||
if (!createCredentials) {
|
if (!createCredentials) {
|
||||||
logger.info(`Skipping credential cleanup - "create_credentials_file" is false.`);
|
logger.info(`Skipping credential cleanup - "create_credentials_file" is false.`);
|
||||||
@ -58,6 +45,12 @@ async function main(logger: Logger) {
|
|||||||
// Remove the file.
|
// Remove the file.
|
||||||
await forceRemove(credentialsPath);
|
await forceRemove(credentialsPath);
|
||||||
logger.info(`Removed exported credentials at "${credentialsPath}".`);
|
logger.info(`Removed exported credentials at "${credentialsPath}".`);
|
||||||
|
} catch (err) {
|
||||||
|
const msg = errorMessage(err);
|
||||||
|
setFailed(`google-github-actions/auth post failed with: ${msg}`);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
run();
|
if (require.main === module) {
|
||||||
|
run(new Logger());
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user