make escalated plugins, volumes, networks configurable

drone/server.go

@@ -64,6 +64,23 @@ var serverCmd = cli.Command{
 			Usage:  "cache duration",
 			Value:  time.Minute * 15,
 		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_ESCALATE",
+			Name:   "escalate",
+			Value: &cli.StringSlice{
+				"plugins/docker",
+				"plugins/gcr",
+				"plugins/ecr",
+			},
+		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_VOLUME",
+			Name:   "volume",
+		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_NETWORK",
+			Name:   "network",
+		},
 		cli.StringFlag{
 			EnvVar: "DRONE_AGENT_SECRET,DRONE_SECRET",
 			Name:   "agent-secret",

plugins/sender/plugin.go

@@ -17,7 +17,7 @@ func NewRemote(endpoint string) model.SenderService {
 }
 
 func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build) (bool, error) {
-	path := fmt.Sprintf("%s/sender/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, build.Sender)
+	path := fmt.Sprintf("%s/senders/%s/%s/%s/verify", p.endpoint, repo.Owner, repo.Name, build.Sender)
 	err := internal.Send("POST", path, build, nil)
 	if err != nil {
 		return false, err
@@ -26,22 +26,22 @@ func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.
 }
 
 func (p *plugin) SenderCreate(repo *model.Repo, sender *model.Sender) error {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	return internal.Send("POST", path, sender, nil)
 }
 
 func (p *plugin) SenderUpdate(repo *model.Repo, sender *model.Sender) error {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	return internal.Send("PUT", path, sender, nil)
 }
 
 func (p *plugin) SenderDelete(repo *model.Repo, login string) error {
-	path := fmt.Sprintf("%s/sender/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, login)
+	path := fmt.Sprintf("%s/senders/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, login)
 	return internal.Send("DELETE", path, nil, nil)
 }
 
 func (p *plugin) SenderList(repo *model.Repo) ([]*model.Sender, error) {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	out := []*model.Sender{}
 	err := internal.Send("GET", path, nil, out)
 	return out, err

router/middleware/store.go

@@ -51,6 +51,9 @@ func Store(cli *cli.Context) gin.HandlerFunc {
 	server.Config.Server.Pass = cli.String("agent-secret")
 	server.Config.Server.Host = cli.String("server-host")
 	server.Config.Server.Port = cli.String("server-addr")
+	server.Config.Pipeline.Networks = cli.StringSlice("network")
+	server.Config.Pipeline.Volumes = cli.StringSlice("volumes")
+	server.Config.Pipeline.Privileged = cli.StringSlice("escalate")
 	// server.Config.Server.Open = cli.Bool("open")
 	// server.Config.Server.Orgs = sliceToMap(cli.StringSlice("orgs"))
 	// server.Config.Server.Admins = sliceToMap(cli.StringSlice("admin"))

server/hook.go

@@ -456,8 +456,9 @@ func (b *builder) Build() ([]*buildItem, error) {
 
 		ir := compiler.New(
 			compiler.WithEnviron(environ),
-			// TODO ability to customize the escalated plugins
-			compiler.WithEscalated("plugins/docker", "plugins/gcr", "plugins/ecr"),
+			compiler.WithEscalated(Config.Pipeline.Privileged...),
+			compiler.WithVolumes(Config.Pipeline.Volumes...),
+			compiler.WithNetworks(Config.Pipeline.Networks...),
 			compiler.WithLocal(false),
 			compiler.WithOption(
 				compiler.WithNetrc(
@@ -478,8 +479,6 @@ func (b *builder) Build() ([]*buildItem, error) {
 			),
 			compiler.WithEnviron(proc.Environ),
 			compiler.WithProxy(),
-			// TODO ability to set global volumes for things like certs
-			compiler.WithVolumes(),
 			compiler.WithWorkspaceFromURL("/drone", b.Curr.Link),
 			compiler.WithMetadata(metadata),
 		).Compile(parsed)