From 1f0261a72a6c73428918f76f35d2e4f3bfaf057b Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Fri, 20 Jan 2017 11:12:30 +0700 Subject: [PATCH] promote secret interpolation --- agent/agent.go | 13 ++++++------- drone/secret.go | 6 ------ model/secret_test.go | 5 +++++ 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/agent/agent.go b/agent/agent.go index d743a5a4e..d911c5658 100644 --- a/agent/agent.go +++ b/agent/agent.go @@ -4,7 +4,6 @@ import ( "fmt" "net" "net/url" - "os" "path/filepath" "regexp" "strings" @@ -95,11 +94,11 @@ func (a *Agent) prep(w *model.Work) (*yaml.Config, error) { envs := toEnv(w) envSecrets := map[string]string{} - if os.Getenv("DRONE_INTERPOLATE_SECRETS") != "" { - for _, secret := range w.Secrets { - if (w.Verified || secret.SkipVerify) && secret.MatchEvent(w.Build.Event) { - envSecrets[secret.Name] = secret.Value - } + + // list of secrets to interpolate in the yaml + for _, secret := range w.Secrets { + if (w.Verified || secret.SkipVerify) && secret.MatchEvent(w.Build.Event) { + envSecrets[secret.Name] = secret.Value } } @@ -107,7 +106,7 @@ func (a *Agent) prep(w *model.Work) (*yaml.Config, error) { w.Yaml, err = envsubst.Eval(w.Yaml, func(s string) string { env, ok := envSecrets[s] if !ok { - env, ok = envs[s] + env, _ = envs[s] } if strings.Contains(env, "\n") { env = fmt.Sprintf("%q", env) diff --git a/drone/secret.go b/drone/secret.go index f66900591..9639665bf 100644 --- a/drone/secret.go +++ b/drone/secret.go @@ -1,7 +1,6 @@ package main import ( - "fmt" "io/ioutil" "os" "strings" @@ -79,10 +78,6 @@ func secretParseCmd(name string, value string, c *cli.Context) (*model.Secret, e secret.SkipVerify = c.Bool("skip-verify") secret.Conceal = c.Bool("conceal") - if len(secret.Images) == 0 { - return nil, fmt.Errorf("Please specify the --image parameter") - } - // TODO(bradrydzewski) below we use an @ sybmol to denote that the secret // value should be loaded from a file (inspired by curl). I'd prefer to use // a --input flag to explicitly specify a filepath instead. @@ -124,7 +119,6 @@ func secretDisplayList(secrets []*model.Secret, c *cli.Context) error { // template for secret list items var tmplSecretList = "\x1b[33m{{ .Name }} \x1b[0m" + ` -Images: {{ list .Images }} Events: {{ list .Events }} SkipVerify: {{ .SkipVerify }} Conceal: {{ .Conceal }} diff --git a/model/secret_test.go b/model/secret_test.go index 1a31a2bd2..30d63434b 100644 --- a/model/secret_test.go +++ b/model/secret_test.go @@ -48,6 +48,11 @@ func TestSecret(t *testing.T) { // image is only authorized for golang, not golang:1.4.2 g.Assert(secret.MatchImage("golang:1.4.2")).IsFalse() }) + g.It("should not match empty image", func() { + secret := Secret{} + secret.Images = []string{} + g.Assert(secret.MatchImage("node")).IsFalse() + }) g.It("should not match event", func() { secret := Secret{} secret.Events = []string{"pull_request"}