Merge pull request #231 from gabriel-samfira/bypass-gh-unauthorized

Allow bypassing Unauthorized error when deleting runner

apiserver/controllers/instances.go

@@ -128,8 +128,15 @@ func (a *APIController) GetInstanceHandler(w http.ResponseWriter, r *http.Reques
 //	    in: query
 //	    required: false
 //
-//	Responses:
-//	  default: APIErrorResponse
+//	  + name: bypassGHUnauthorized
+//	    description: If true GARM will ignore unauthorized errors returned by GitHub when removing a runner. This is useful if you want to clean up runners and your credentials have expired.
+//	    type: boolean
+//	    in: query
+//	    required: false
+//
+// Responses:
+//
+//	default: APIErrorResponse
 func (a *APIController) DeleteInstanceHandler(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	vars := mux.Vars(r)
@@ -146,7 +153,8 @@ func (a *APIController) DeleteInstanceHandler(w http.ResponseWriter, r *http.Req
 	}
 
 	forceRemove, _ := strconv.ParseBool(r.URL.Query().Get("forceRemove"))
-	if err := a.r.DeleteRunner(ctx, instanceName, forceRemove); err != nil {
+	bypassGHUnauthorized, _ := strconv.ParseBool(r.URL.Query().Get("bypassGHUnauthorized"))
+	if err := a.r.DeleteRunner(ctx, instanceName, forceRemove, bypassGHUnauthorized); err != nil {
 		slog.With(slog.Any("error", err)).ErrorContext(ctx, "removing runner")
 		handleError(ctx, w, err)
 		return

apiserver/swagger.yaml

@@ -601,6 +601,10 @@ paths:
                   in: query
                   name: forceRemove
                   type: boolean
+                - description: If true GARM will ignore unauthorized errors returned by GitHub when removing a runner. This is useful if you want to clean up runners and your credentials have expired.
+                  in: query
+                  name: bypassGHUnauthorized
+                  type: boolean
             responses:
                 default:
                     description: APIErrorResponse

cmd/garm-cli/cmd/runner.go

@@ -29,11 +29,12 @@ import (
 )
 
 var (
-	runnerRepository   string
-	runnerOrganization string
-	runnerEnterprise   string
-	runnerAll          bool
-	forceRemove        bool
+	runnerRepository     string
+	runnerOrganization   string
+	runnerEnterprise     string
+	runnerAll            bool
+	forceRemove          bool
+	bypassGHUnauthorized bool
 )
 
 // runnerCmd represents the runner command
@@ -190,6 +191,7 @@ to either cancel the workflow or wait for it to finish.
 		deleteInstanceReq := apiClientInstances.NewDeleteInstanceParams()
 		deleteInstanceReq.InstanceName = args[0]
 		deleteInstanceReq.ForceRemove = &forceRemove
+		deleteInstanceReq.BypassGHUnauthorized = &bypassGHUnauthorized
 		if err := apiCli.Instances.DeleteInstance(deleteInstanceReq, authToken); err != nil {
 			return err
 		}
@@ -205,6 +207,7 @@ func init() {
 	runnerListCmd.MarkFlagsMutuallyExclusive("repo", "org", "enterprise", "all")
 
 	runnerDeleteCmd.Flags().BoolVarP(&forceRemove, "force-remove-runner", "f", false, "Forcefully remove a runner. If set to true, GARM will ignore provider errors when removing the runner.")
+	runnerDeleteCmd.Flags().BoolVarP(&bypassGHUnauthorized, "bypass-github-unauthorized", "b", false, "Ignore Unauthorized errors from GitHub and proceed with removing runner from provider and DB. This is useful when credentials are no longer valid and you want to remove your runners. Warning, this has the potential to leave orphaned runners in GitHub. You will need to update your credentials to properly consolidate.")
 	runnerDeleteCmd.MarkFlagsMutuallyExclusive("force-remove-runner")
 
 	runnerCmd.AddCommand(