prevent custom commands in plugin

This commit is contained in:
Brad Rydzewski 2016-07-22 08:53:36 -07:00
parent d05aad8b48
commit 90af8ac414
2 changed files with 15 additions and 0 deletions

View file

@ -1,6 +1,7 @@
package transform
import (
"fmt"
"path/filepath"
"strings"
@ -61,6 +62,9 @@ func ImageEscalate(conf *yaml.Config, patterns []string) error {
for _, c := range conf.Pipeline {
for _, pattern := range patterns {
if ok, _ := filepath.Match(pattern, c.Image); ok {
if len(c.Commands) != 0 {
return fmt.Errorf("Custom commands disabled for the %s plugin", c.Image)
}
c.Privileged = true
}
}

View file

@ -89,6 +89,17 @@ func Test_escalate(t *testing.T) {
ImageEscalate(c, []string{"plugins/docker"})
g.Assert(c.Pipeline[0].Privileged).IsFalse()
})
g.It("should not escalate plugin with commands", func() {
c := newConfig(&yaml.Container{
Image: "docker",
Commands: []string{"echo foo"},
})
err := ImageEscalate(c, []string{"docker"})
g.Assert(c.Pipeline[0].Privileged).IsFalse()
g.Assert(err.Error()).Equal("Custom commands disabled for the docker plugin")
})
})
}