From 28cd815c42220ee680918c032f7878d62c98e376 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Sat, 13 Jul 2024 04:11:07 -0700 Subject: [PATCH] Move setupEvilGlobals from server.go into setup.go (#3899) --- cmd/server/server.go | 105 ------------------------------------------ cmd/server/setup.go | 106 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 106 insertions(+), 105 deletions(-) diff --git a/cmd/server/server.go b/cmd/server/server.go index a83d98a2c..525b01034 100644 --- a/cmd/server/server.go +++ b/cmd/server/server.go @@ -38,18 +38,10 @@ import ( "go.woodpecker-ci.org/woodpecker/v2/pipeline/rpc/proto" "go.woodpecker-ci.org/woodpecker/v2/server" "go.woodpecker-ci.org/woodpecker/v2/server/cron" - "go.woodpecker-ci.org/woodpecker/v2/server/forge/setup" woodpeckerGrpcServer "go.woodpecker-ci.org/woodpecker/v2/server/grpc" - "go.woodpecker-ci.org/woodpecker/v2/server/logging" - "go.woodpecker-ci.org/woodpecker/v2/server/model" - "go.woodpecker-ci.org/woodpecker/v2/server/pubsub" "go.woodpecker-ci.org/woodpecker/v2/server/router" "go.woodpecker-ci.org/woodpecker/v2/server/router/middleware" - "go.woodpecker-ci.org/woodpecker/v2/server/services" - "go.woodpecker-ci.org/woodpecker/v2/server/services/permissions" - "go.woodpecker-ci.org/woodpecker/v2/server/store" "go.woodpecker-ci.org/woodpecker/v2/server/web" - "go.woodpecker-ci.org/woodpecker/v2/shared/constant" "go.woodpecker-ci.org/woodpecker/v2/shared/logger" "go.woodpecker-ci.org/woodpecker/v2/version" ) @@ -263,100 +255,3 @@ func run(c *cli.Context) error { return g.Wait() } - -func setupEvilGlobals(c *cli.Context, s store.Store) error { - // services - server.Config.Services.Queue = setupQueue(c, s) - server.Config.Services.Logs = logging.New() - server.Config.Services.Pubsub = pubsub.New() - server.Config.Services.Membership = setupMembershipService(c, s) - serviceManager, err := services.NewManager(c, s, setup.Forge) - if err != nil { - return fmt.Errorf("could not setup service manager: %w", err) - } - server.Config.Services.Manager = serviceManager - - server.Config.Services.LogStore, err = setupLogStore(c, s) - if err != nil { - return fmt.Errorf("could not setup log store: %w", err) - } - - // authentication - server.Config.Pipeline.AuthenticatePublicRepos = c.Bool("authenticate-public-repos") - - // Cloning - server.Config.Pipeline.DefaultCloneImage = c.String("default-clone-image") - constant.TrustedCloneImages = append(constant.TrustedCloneImages, server.Config.Pipeline.DefaultCloneImage) - - // Execution - _events := c.StringSlice("default-cancel-previous-pipeline-events") - events := make([]model.WebhookEvent, 0, len(_events)) - for _, v := range _events { - events = append(events, model.WebhookEvent(v)) - } - server.Config.Pipeline.DefaultCancelPreviousPipelineEvents = events - server.Config.Pipeline.DefaultTimeout = c.Int64("default-pipeline-timeout") - server.Config.Pipeline.MaxTimeout = c.Int64("max-pipeline-timeout") - - // limits - server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap") - server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem") - server.Config.Pipeline.Limits.ShmSize = c.Int64("limit-shm-size") - server.Config.Pipeline.Limits.CPUQuota = c.Int64("limit-cpu-quota") - server.Config.Pipeline.Limits.CPUShares = c.Int64("limit-cpu-shares") - server.Config.Pipeline.Limits.CPUSet = c.String("limit-cpu-set") - - // backend options for pipeline compiler - server.Config.Pipeline.Proxy.No = c.String("backend-no-proxy") - server.Config.Pipeline.Proxy.HTTP = c.String("backend-http-proxy") - server.Config.Pipeline.Proxy.HTTPS = c.String("backend-https-proxy") - - // server configuration - server.Config.Server.JWTSecret, err = setupJWTSecret(s) - if err != nil { - return fmt.Errorf("could not setup jwt secret: %w", err) - } - server.Config.Server.Cert = c.String("server-cert") - server.Config.Server.Key = c.String("server-key") - server.Config.Server.AgentToken = c.String("agent-secret") - serverHost := strings.TrimSuffix(c.String("server-host"), "/") - server.Config.Server.Host = serverHost - if c.IsSet("server-webhook-host") { - server.Config.Server.WebhookHost = c.String("server-webhook-host") - } else { - server.Config.Server.WebhookHost = serverHost - } - if c.IsSet("server-dev-oauth-host-deprecated") { - server.Config.Server.OAuthHost = c.String("server-dev-oauth-host-deprecated") - } else { - server.Config.Server.OAuthHost = serverHost - } - server.Config.Server.Port = c.String("server-addr") - server.Config.Server.PortTLS = c.String("server-addr-tls") - server.Config.Server.StatusContext = c.String("status-context") - server.Config.Server.StatusContextFormat = c.String("status-context-format") - server.Config.Server.SessionExpires = c.Duration("session-expires") - u, _ := url.Parse(server.Config.Server.Host) - rootPath := strings.TrimSuffix(u.Path, "/") - if rootPath != "" && !strings.HasPrefix(rootPath, "/") { - rootPath = "/" + rootPath - } - server.Config.Server.RootPath = rootPath - server.Config.Server.CustomCSSFile = strings.TrimSpace(c.String("custom-css-file")) - server.Config.Server.CustomJsFile = strings.TrimSpace(c.String("custom-js-file")) - server.Config.Pipeline.Networks = c.StringSlice("network") - server.Config.Pipeline.Volumes = c.StringSlice("volume") - server.Config.Pipeline.Privileged = c.StringSlice("escalate") - server.Config.WebUI.EnableSwagger = c.Bool("enable-swagger") - server.Config.WebUI.SkipVersionCheck = c.Bool("skip-version-check") - - // prometheus - server.Config.Prometheus.AuthToken = c.String("prometheus-auth-token") - - // permissions - server.Config.Permissions.Open = c.Bool("open") - server.Config.Permissions.Admins = permissions.NewAdmins(c.StringSlice("admin")) - server.Config.Permissions.Orgs = permissions.NewOrgs(c.StringSlice("orgs")) - server.Config.Permissions.OwnersAllowlist = permissions.NewOwnersAllowlist(c.StringSlice("repo-owners")) - return nil -} diff --git a/cmd/server/setup.go b/cmd/server/setup.go index 343b337d9..3c885dbaf 100644 --- a/cmd/server/setup.go +++ b/cmd/server/setup.go @@ -20,7 +20,9 @@ import ( "encoding/base32" "errors" "fmt" + "net/url" "os" + "strings" "time" "github.com/gorilla/securecookie" @@ -32,12 +34,19 @@ import ( "go.woodpecker-ci.org/woodpecker/v2/server" "go.woodpecker-ci.org/woodpecker/v2/server/cache" + "go.woodpecker-ci.org/woodpecker/v2/server/forge/setup" + "go.woodpecker-ci.org/woodpecker/v2/server/logging" + "go.woodpecker-ci.org/woodpecker/v2/server/model" + "go.woodpecker-ci.org/woodpecker/v2/server/pubsub" "go.woodpecker-ci.org/woodpecker/v2/server/queue" + "go.woodpecker-ci.org/woodpecker/v2/server/services" logService "go.woodpecker-ci.org/woodpecker/v2/server/services/log" "go.woodpecker-ci.org/woodpecker/v2/server/services/log/file" + "go.woodpecker-ci.org/woodpecker/v2/server/services/permissions" "go.woodpecker-ci.org/woodpecker/v2/server/store" "go.woodpecker-ci.org/woodpecker/v2/server/store/datastore" "go.woodpecker-ci.org/woodpecker/v2/server/store/types" + "go.woodpecker-ci.org/woodpecker/v2/shared/constant" ) func setupStore(c *cli.Context) (store.Store, error) { @@ -192,3 +201,100 @@ func setupJWTSecret(_store store.Store) (string, error) { return jwtSecret, nil } + +func setupEvilGlobals(c *cli.Context, s store.Store) error { + // services + server.Config.Services.Queue = setupQueue(c, s) + server.Config.Services.Logs = logging.New() + server.Config.Services.Pubsub = pubsub.New() + server.Config.Services.Membership = setupMembershipService(c, s) + serviceManager, err := services.NewManager(c, s, setup.Forge) + if err != nil { + return fmt.Errorf("could not setup service manager: %w", err) + } + server.Config.Services.Manager = serviceManager + + server.Config.Services.LogStore, err = setupLogStore(c, s) + if err != nil { + return fmt.Errorf("could not setup log store: %w", err) + } + + // authentication + server.Config.Pipeline.AuthenticatePublicRepos = c.Bool("authenticate-public-repos") + + // Cloning + server.Config.Pipeline.DefaultCloneImage = c.String("default-clone-image") + constant.TrustedCloneImages = append(constant.TrustedCloneImages, server.Config.Pipeline.DefaultCloneImage) + + // Execution + _events := c.StringSlice("default-cancel-previous-pipeline-events") + events := make([]model.WebhookEvent, 0, len(_events)) + for _, v := range _events { + events = append(events, model.WebhookEvent(v)) + } + server.Config.Pipeline.DefaultCancelPreviousPipelineEvents = events + server.Config.Pipeline.DefaultTimeout = c.Int64("default-pipeline-timeout") + server.Config.Pipeline.MaxTimeout = c.Int64("max-pipeline-timeout") + + // limits + server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap") + server.Config.Pipeline.Limits.MemLimit = c.Int64("limit-mem") + server.Config.Pipeline.Limits.ShmSize = c.Int64("limit-shm-size") + server.Config.Pipeline.Limits.CPUQuota = c.Int64("limit-cpu-quota") + server.Config.Pipeline.Limits.CPUShares = c.Int64("limit-cpu-shares") + server.Config.Pipeline.Limits.CPUSet = c.String("limit-cpu-set") + + // backend options for pipeline compiler + server.Config.Pipeline.Proxy.No = c.String("backend-no-proxy") + server.Config.Pipeline.Proxy.HTTP = c.String("backend-http-proxy") + server.Config.Pipeline.Proxy.HTTPS = c.String("backend-https-proxy") + + // server configuration + server.Config.Server.JWTSecret, err = setupJWTSecret(s) + if err != nil { + return fmt.Errorf("could not setup jwt secret: %w", err) + } + server.Config.Server.Cert = c.String("server-cert") + server.Config.Server.Key = c.String("server-key") + server.Config.Server.AgentToken = c.String("agent-secret") + serverHost := strings.TrimSuffix(c.String("server-host"), "/") + server.Config.Server.Host = serverHost + if c.IsSet("server-webhook-host") { + server.Config.Server.WebhookHost = c.String("server-webhook-host") + } else { + server.Config.Server.WebhookHost = serverHost + } + if c.IsSet("server-dev-oauth-host-deprecated") { + server.Config.Server.OAuthHost = c.String("server-dev-oauth-host-deprecated") + } else { + server.Config.Server.OAuthHost = serverHost + } + server.Config.Server.Port = c.String("server-addr") + server.Config.Server.PortTLS = c.String("server-addr-tls") + server.Config.Server.StatusContext = c.String("status-context") + server.Config.Server.StatusContextFormat = c.String("status-context-format") + server.Config.Server.SessionExpires = c.Duration("session-expires") + u, _ := url.Parse(server.Config.Server.Host) + rootPath := strings.TrimSuffix(u.Path, "/") + if rootPath != "" && !strings.HasPrefix(rootPath, "/") { + rootPath = "/" + rootPath + } + server.Config.Server.RootPath = rootPath + server.Config.Server.CustomCSSFile = strings.TrimSpace(c.String("custom-css-file")) + server.Config.Server.CustomJsFile = strings.TrimSpace(c.String("custom-js-file")) + server.Config.Pipeline.Networks = c.StringSlice("network") + server.Config.Pipeline.Volumes = c.StringSlice("volume") + server.Config.Pipeline.Privileged = c.StringSlice("escalate") + server.Config.WebUI.EnableSwagger = c.Bool("enable-swagger") + server.Config.WebUI.SkipVersionCheck = c.Bool("skip-version-check") + + // prometheus + server.Config.Prometheus.AuthToken = c.String("prometheus-auth-token") + + // permissions + server.Config.Permissions.Open = c.Bool("open") + server.Config.Permissions.Admins = permissions.NewAdmins(c.StringSlice("admin")) + server.Config.Permissions.Orgs = permissions.NewOrgs(c.StringSlice("orgs")) + server.Config.Permissions.OwnersAllowlist = permissions.NewOwnersAllowlist(c.StringSlice("repo-owners")) + return nil +}