mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-26 20:01:02 +00:00
prevent custom commands in plugin
This commit is contained in:
parent
d05aad8b48
commit
90af8ac414
2 changed files with 15 additions and 0 deletions
|
@ -1,6 +1,7 @@
|
|||
package transform
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
|
@ -61,6 +62,9 @@ func ImageEscalate(conf *yaml.Config, patterns []string) error {
|
|||
for _, c := range conf.Pipeline {
|
||||
for _, pattern := range patterns {
|
||||
if ok, _ := filepath.Match(pattern, c.Image); ok {
|
||||
if len(c.Commands) != 0 {
|
||||
return fmt.Errorf("Custom commands disabled for the %s plugin", c.Image)
|
||||
}
|
||||
c.Privileged = true
|
||||
}
|
||||
}
|
||||
|
|
|
@ -89,6 +89,17 @@ func Test_escalate(t *testing.T) {
|
|||
ImageEscalate(c, []string{"plugins/docker"})
|
||||
g.Assert(c.Pipeline[0].Privileged).IsFalse()
|
||||
})
|
||||
|
||||
g.It("should not escalate plugin with commands", func() {
|
||||
c := newConfig(&yaml.Container{
|
||||
Image: "docker",
|
||||
Commands: []string{"echo foo"},
|
||||
})
|
||||
|
||||
err := ImageEscalate(c, []string{"docker"})
|
||||
g.Assert(c.Pipeline[0].Privileged).IsFalse()
|
||||
g.Assert(err.Error()).Equal("Custom commands disabled for the docker plugin")
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue