diff --git a/cmd/drone-build/run.go b/cmd/drone-build/run.go index 6c8b1d70e..d8463d1ea 100644 --- a/cmd/drone-build/run.go +++ b/cmd/drone-build/run.go @@ -10,16 +10,16 @@ import ( ) type Context struct { - // Links *common.Link - Clone *common.Clone `json:"clone"` - Repo *common.Repo `json:"repo"` - Build *common.Build `json:"build"` - Job *common.Job `json:"job"` - Keys *common.Keypair `json:"keys"` - Netrc *common.Netrc `json:"netrc"` - Yaml []byte `json:"yaml"` - Env []string `json:"environment"` - Plugins []string `json:"plugins"` + System *common.System `json:"system"` + Repo *common.Repo `json:"repo"` + Build *common.Build `json:"build"` + Job *common.Job `json:"job"` + Yaml []byte `json:"yaml"` + + // todo re-factor these + Clone *common.Clone `json:"clone"` + Keys *common.Keypair `json:"keys"` + Netrc *common.Netrc `json:"netrc"` Conf *common.Config `json:"-"` infos []*dockerclient.ContainerInfo @@ -33,7 +33,7 @@ func setup(c *Context) error { Privileged: false, Volumes: false, Caching: false, - Whitelist: c.Plugins, + Whitelist: c.System.Plugins, } // if repository is trusted the build may specify @@ -154,7 +154,7 @@ func runSteps(c *Context, steps map[string]*common.Step) (int, error) { conf.Cmd = toCommand(c, step) // append global environment variables - conf.Env = append(conf.Env, c.Env...) + conf.Env = append(conf.Env, c.System.Globals...) info, err := run(c.client, conf, step.Pull) if err != nil { diff --git a/cmd/drone-server/static/scripts/controllers/repos.js b/cmd/drone-server/static/scripts/controllers/repos.js index 6697f6e3e..0e51f1e13 100644 --- a/cmd/drone-server/static/scripts/controllers/repos.js +++ b/cmd/drone-server/static/scripts/controllers/repos.js @@ -117,6 +117,16 @@ }); }; + + $scope.encrypt = function (plaintext) { + var data = {"DATA": plaintext}; + repos.encrypt(fullName, data).then(function (payload) { + $scope.secure = payload.data["DATA"]; + }).catch(function (err) { + $scope.error = err; + }); + }; + $scope.deleteParam = function (key) { delete $scope.repo.params[key]; @@ -129,6 +139,10 @@ } } + function toSnakeCase(str) { + return str.replace(/ /g, '_').replace(/([a-z0-9])([A-Z0-9])/g, '$1_$2').toLowerCase(); + } + angular .module('drone') .controller('ReposCtrl', ReposCtrl) diff --git a/cmd/drone-server/static/scripts/drone.js b/cmd/drone-server/static/scripts/drone.js index 1e9a796b5..4cc0649f2 100644 --- a/cmd/drone-server/static/scripts/drone.js +++ b/cmd/drone-server/static/scripts/drone.js @@ -144,23 +144,53 @@ }, title: 'Edit Repository' }) - .state('app.repo.env', { - url: '/:owner/:name/edit/env', - views: { - 'toolbar': {templateUrl: '/static/scripts/views/repos/toolbar.html'}, - 'content': {templateUrl: '/static/scripts/views/repos/env.html'} - }, - controller: 'RepoEditCtrl', - resolve: resolveUser - }) - .state('app.repo.del', { + .state('app.repo_del', { url: '/:owner/:name/delete', views: { - 'toolbar': {templateUrl: '/static/scripts/views/repos/toolbar.html'}, - 'content': {templateUrl: '/static/scripts/views/repos/del.html'} + 'toolbar': { + templateUrl: '/static/scripts/views/repos/toolbar.html', + controller: 'UserHeaderCtrl', + resolve: resolveUser + }, + 'content': { + templateUrl: '/static/scripts/views/repos/del.html', + controller: 'RepoEditCtrl', + resolve: resolveUser + } }, - controller: 'RepoEditCtrl', - resolve: resolveUser + title: 'Delete Repository' + }) + .state('app.repo_env', { + url: '/:owner/:name/edit/env', + views: { + 'toolbar': { + templateUrl: '/static/scripts/views/repos/toolbar.html', + controller: 'UserHeaderCtrl', + resolve: resolveUser + }, + 'content': { + templateUrl: '/static/scripts/views/repos/env.html', + controller: 'RepoEditCtrl', + resolve: resolveUser + } + }, + title: 'Private Vars' + }) + .state('app.repo_secure', { + url: '/:owner/:name/secure', + views: { + 'toolbar': { + templateUrl: '/static/scripts/views/repos/toolbar.html', + controller: 'UserHeaderCtrl', + resolve: resolveUser + }, + 'content': { + templateUrl: '/static/scripts/views/repos/secure.html', + controller: 'RepoEditCtrl', + resolve: resolveUser + } + }, + title: 'Secure Variables' }) .state('app.build', { url: '/:owner/:name/:number', diff --git a/cmd/drone-server/static/scripts/services/repos.js b/cmd/drone-server/static/scripts/services/repos.js index ce73c934d..e66048f14 100644 --- a/cmd/drone-server/static/scripts/services/repos.js +++ b/cmd/drone-server/static/scripts/services/repos.js @@ -73,6 +73,15 @@ return $http.delete('/api/repos/' + repoName + '/unwatch'); }; + /** + * Encrypt the set of parameters. + * + * @param {string} Name of the repository. + * @param {object} Key/Value map of parameters. + */ + this.encrypt = function (repoName, params) { + return $http.post('/api/repos/' + repoName + '/encrypt', params); + }; var callback, events, diff --git a/cmd/drone-server/static/scripts/views/repos/del.html b/cmd/drone-server/static/scripts/views/repos/del.html index 56c36d09a..a82c25c61 100644 --- a/cmd/drone-server/static/scripts/views/repos/del.html +++ b/cmd/drone-server/static/scripts/views/repos/del.html @@ -1,7 +1,8 @@ +
-
+
Warning: this action cannot be undone.
-
\ No newline at end of file + +
\ No newline at end of file diff --git a/cmd/drone-server/static/scripts/views/repos/secure.html b/cmd/drone-server/static/scripts/views/repos/secure.html new file mode 100644 index 000000000..682300112 --- /dev/null +++ b/cmd/drone-server/static/scripts/views/repos/secure.html @@ -0,0 +1,28 @@ +
+
+ +

Encrypt and store secret variables in your .drone.yml file

+ + + + + 

{{secure}}
+ +
+
\ No newline at end of file diff --git a/pkg/queue/worker.go b/pkg/queue/worker.go index 901b31572..36c6fe247 100644 --- a/pkg/queue/worker.go +++ b/pkg/queue/worker.go @@ -9,14 +9,13 @@ import ( // Work represents an item for work to be // processed by a worker. type Work struct { - User *common.User `json:"user"` - Repo *common.Repo `json:"repo"` - Build *common.Build `json:"build"` - Keys *common.Keypair `json:"keypair"` - Netrc *common.Netrc `json:"netrc"` - Yaml []byte `json:"yaml"` - Env []string `json:"environment"` - Plugins []string `json:"plugins"` + System *common.System `json:"system"` + User *common.User `json:"user"` + Repo *common.Repo `json:"repo"` + Build *common.Build `json:"build"` + Keys *common.Keypair `json:"keypair"` + Netrc *common.Netrc `json:"netrc"` + Yaml []byte `json:"yaml"` } // represents a worker that has connected diff --git a/pkg/runner/builtin/runner.go b/pkg/runner/builtin/runner.go index f233ae1ff..1b101f171 100644 --- a/pkg/runner/builtin/runner.go +++ b/pkg/runner/builtin/runner.go @@ -139,14 +139,12 @@ func (r *Runner) Run(w *queue.Work) error { } work := &work{ - Repo: w.Repo, - Build: w.Build, - Keys: w.Keys, - Netrc: w.Netrc, - Yaml: w.Yaml, - Job: job, - Env: w.Env, - Plugins: w.Plugins, + System: w.System, + Workspace: &types.Workspace{Netrc: w.Netrc, Keys: w.Keys}, + Repo: w.Repo, + Build: w.Build, + Job: job, + Yaml: w.Yaml, } in, err := json.Marshal(work) if err != nil { @@ -221,14 +219,12 @@ func (r *Runner) Run(w *queue.Work) error { // the destroy all containers afterward. for i, job := range w.Build.Jobs { work := &work{ - Repo: w.Repo, - Build: w.Build, - Keys: w.Keys, - Netrc: w.Netrc, - Yaml: w.Yaml, - Job: job, - Env: w.Env, - Plugins: w.Plugins, + System: w.System, + Workspace: &types.Workspace{Netrc: w.Netrc, Keys: w.Keys}, + Repo: w.Repo, + Build: w.Build, + Job: job, + Yaml: w.Yaml, } in, err := json.Marshal(work) if err != nil { diff --git a/pkg/runner/builtin/worker.go b/pkg/runner/builtin/worker.go index fc396ca23..bff4fd814 100644 --- a/pkg/runner/builtin/worker.go +++ b/pkg/runner/builtin/worker.go @@ -29,30 +29,33 @@ var ( var ( // name of the build agent container. - DefaultAgent = "drone/drone-build:latest" + DefaultAgent = "drone/drone-exec:latest" // default name of the build agent executable DefaultEntrypoint = []string{"/bin/drone-build"} // default argument to invoke build steps - DefaultBuildArgs = []string{"--build", "--clone", "--publish", "--deploy"} + DefaultBuildArgs = []string{"--cache", "--clone", "--build", "--deploy"} // default argument to invoke build steps - DefaultPullRequestArgs = []string{"--build", "--clone"} + DefaultPullRequestArgs = []string{"--cache", "--clone", "--build"} // default arguments to invoke notify steps DefaultNotifyArgs = []string{"--notify"} ) type work struct { - Repo *types.Repo `json:"repo"` - Build *types.Build `json:"build"` - Job *types.Job `json:"job"` - Keys *types.Keypair `json:"keys"` - Netrc *types.Netrc `json:"netrc"` - Yaml []byte `json:"yaml"` - Env []string `json:"environment"` - Plugins []string `json:"plugins"` + Repo *types.Repo `json:"repo"` + Build *types.Build `json:"build"` + Job *types.Job `json:"job"` + System *types.System `json:"system"` + Workspace *types.Workspace `json:"workspace"` + Yaml []byte `json:"yaml"` + + // Keys *types.Keypair `json:"keys"` // remove + // Netrc *types.Netrc `json:"netrc"` // remove + // Env []string `json:"environment"` // remove + // Plugins []string `json:"plugins"` // remove } type worker struct { diff --git a/pkg/server/commits.go b/pkg/server/commits.go index bf9b647e1..21af6ea9a 100644 --- a/pkg/server/commits.go +++ b/pkg/server/commits.go @@ -9,6 +9,7 @@ import ( "github.com/drone/drone/Godeps/_workspace/src/github.com/gin-gonic/gin" "github.com/drone/drone/pkg/queue" common "github.com/drone/drone/pkg/types" + "github.com/drone/drone/pkg/utils/httputil" "github.com/drone/drone/pkg/yaml/inject" "github.com/drone/drone/pkg/yaml/secure" // "github.com/gin-gonic/gin/binding" @@ -191,14 +192,17 @@ func RunBuild(c *gin.Context) { c.JSON(202, build) queue_.Publish(&queue.Work{ - User: user, - Repo: repo, - Build: build, - Keys: repo.Keys, - Netrc: netrc, - Yaml: raw, - Plugins: conf.Plugins, - Env: conf.Environment, + User: user, + Repo: repo, + Build: build, + Keys: repo.Keys, + Netrc: netrc, + Yaml: raw, + System: &common.System{ + Link: httputil.GetURL(c.Request), + Plugins: conf.Plugins, + Globals: conf.Environment, + }, }) } diff --git a/pkg/server/hooks.go b/pkg/server/hooks.go index 5a5561add..7f103ab39 100644 --- a/pkg/server/hooks.go +++ b/pkg/server/hooks.go @@ -7,6 +7,7 @@ import ( "github.com/drone/drone/Godeps/_workspace/src/github.com/gin-gonic/gin" "github.com/drone/drone/pkg/queue" common "github.com/drone/drone/pkg/types" + "github.com/drone/drone/pkg/utils/httputil" "github.com/drone/drone/pkg/yaml" "github.com/drone/drone/pkg/yaml/inject" "github.com/drone/drone/pkg/yaml/matrix" @@ -158,13 +159,16 @@ func PostHook(c *gin.Context) { } queue_.Publish(&queue.Work{ - User: user, - Repo: repo, - Build: build, - Keys: repo.Keys, - Netrc: netrc, - Yaml: raw, - Plugins: conf.Plugins, - Env: conf.Environment, + User: user, + Repo: repo, + Build: build, + Keys: repo.Keys, + Netrc: netrc, + Yaml: raw, + System: &common.System{ + Link: httputil.GetURL(c.Request), + Plugins: conf.Plugins, + Globals: conf.Environment, + }, }) } diff --git a/pkg/types/clone.go b/pkg/types/clone.go deleted file mode 100644 index e5dd0ac70..000000000 --- a/pkg/types/clone.go +++ /dev/null @@ -1,18 +0,0 @@ -package types - -type Clone struct { - Origin string `json:"origin"` - Remote string `json:"remote"` - Branch string `json:"branch"` - Sha string `json:"sha"` - Ref string `json:"ref"` - Dir string `json:"dir"` - Netrc *Netrc `json:"netrc"` - Keypair *Keypair `json:"keypair"` -} - -type Netrc struct { - Machine string `json:"machine"` - Login string `json:"login"` - Password string `json:"user"` -} diff --git a/pkg/types/config.go b/pkg/types/config.go index 7d219e58e..0c8fbd557 100644 --- a/pkg/types/config.go +++ b/pkg/types/config.go @@ -7,6 +7,7 @@ import ( // Config represents a repository build configuration. type Config struct { + Cache *Step Setup *Step Clone *Step Build *Step @@ -63,8 +64,11 @@ type Step struct { // Condition represents a set of conditions that must // be met in order to proceed with a build or build step. type Condition struct { - Owner string // Indicates the step should run only for this repo (useful for forks) - Branch string // Indicates the step should run only for this branch + Owner string // Indicates the step should run only for this repo (useful for forks) + Branch string // Indicates the step should run only for this branch + Event string + Success string + Failure string // Indicates the step should only run when the following // matrix values are present for the sub-build. diff --git a/pkg/types/system.go b/pkg/types/system.go index db2ded2fa..25a941ae8 100644 --- a/pkg/types/system.go +++ b/pkg/types/system.go @@ -1,8 +1,27 @@ package types +// System provides important information about the Drone +// server to the plugin. type System struct { - URL string // System URL - Env map[string]string // Global environment variables - Builder string // Name of build container (default drone/drone-build) - Plugins string // Name of approved plugin containers (default plugins/*) + Version string `json:"version"` + Link string `json:"link_url"` + Plugins []string `json:"plugins"` + Globals []string `json:"globals"` +} + +// Workspace defines the build's workspace inside the +// container. This helps the plugin locate the source +// code directory. +type Workspace struct { + Root string `json:"root"` + Path string `json:"path"` + + Netrc *Netrc `json:"netrc"` + Keys *Keypair `json:"keys"` +} + +type Netrc struct { + Machine string `json:"machine"` + Login string `json:"login"` + Password string `json:"user"` }