mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-11-27 04:11:03 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1731 from bradrydzewski/master

Browse source 
prevent custom commands in plugin
This commit is contained in:
Brad Rydzewski 2016-07-22 09:06:32 -07:00 committed by GitHub
commit ae418bf063
2 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
yaml/transform/image.go
View file

@ -1,6 +1,7 @@
package transform package transform
import ( import (
"fmt"
"path/filepath" "path/filepath"
"strings" "strings"
@ -61,6 +62,9 @@ func ImageEscalate(conf *yaml.Config, patterns []string) error {
for _, c := range conf.Pipeline { for _, c := range conf.Pipeline {
for _, pattern := range patterns { for _, pattern := range patterns {
if ok, _ := filepath.Match(pattern, c.Image); ok { if ok, _ := filepath.Match(pattern, c.Image); ok {
if len(c.Commands) != 0 {
return fmt.Errorf("Custom commands disabled for the %s plugin", c.Image)
}
c.Privileged = true c.Privileged = true
} }
} }

11
yaml/transform/image_test.go
View file

@ -89,6 +89,17 @@ func Test_escalate(t *testing.T) {
ImageEscalate(c, []string{"plugins/docker"}) ImageEscalate(c, []string{"plugins/docker"})
g.Assert(c.Pipeline[0].Privileged).IsFalse() g.Assert(c.Pipeline[0].Privileged).IsFalse()
}) })
g.It("should not escalate plugin with commands", func() {
c := newConfig(&yaml.Container{
Image: "docker",
Commands: []string{"echo foo"},
})
err := ImageEscalate(c, []string{"docker"})
g.Assert(c.Pipeline[0].Privileged).IsFalse()
g.Assert(err.Error()).Equal("Custom commands disabled for the docker plugin")
})
}) })
} }