From f2c33a0d89bbfb211b49277a9b4a7bc9ce90291e Mon Sep 17 00:00:00 2001 From: Anbraten Date: Sun, 9 Jul 2023 23:41:13 +0200 Subject: [PATCH] Fix netrc passing to clone image (#1964) closes #1837 --- pipeline/frontend/yaml/compiler/compiler.go | 3 ++- pipeline/frontend/yaml/compiler/convert.go | 5 +++-- pipeline/frontend/yaml/types/container.go | 4 ++-- pipeline/frontend/yaml/{compiler => utils}/image.go | 10 +++++----- .../frontend/yaml/{compiler => utils}/image_test.go | 6 +++--- 5 files changed, 15 insertions(+), 13 deletions(-) rename pipeline/frontend/yaml/{compiler => utils}/image.go (84%) rename pipeline/frontend/yaml/{compiler => utils}/image_test.go (96%) diff --git a/pipeline/frontend/yaml/compiler/compiler.go b/pipeline/frontend/yaml/compiler/compiler.go index e73c2e843..ae94ca071 100644 --- a/pipeline/frontend/yaml/compiler/compiler.go +++ b/pipeline/frontend/yaml/compiler/compiler.go @@ -7,6 +7,7 @@ import ( backend_types "github.com/woodpecker-ci/woodpecker/pipeline/backend/types" "github.com/woodpecker-ci/woodpecker/pipeline/frontend/metadata" yaml_types "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/types" + "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/utils" "github.com/woodpecker-ci/woodpecker/shared/constant" ) @@ -34,7 +35,7 @@ type Secret struct { } func (s *Secret) Available(container *yaml_types.Container) bool { - return (len(s.Match) == 0 || matchImage(container.Image, s.Match...)) && (!s.PluginOnly || container.IsPlugin()) + return (len(s.Match) == 0 || utils.MatchImage(container.Image, s.Match...)) && (!s.PluginOnly || container.IsPlugin()) } type secretMap map[string]Secret diff --git a/pipeline/frontend/yaml/compiler/convert.go b/pipeline/frontend/yaml/compiler/convert.go index e51d15fda..27c5c4e20 100644 --- a/pipeline/frontend/yaml/compiler/convert.go +++ b/pipeline/frontend/yaml/compiler/convert.go @@ -14,6 +14,7 @@ import ( "github.com/woodpecker-ci/woodpecker/pipeline/frontend/metadata" "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/compiler/settings" yaml_types "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/types" + "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/utils" ) func (c *Compiler) createProcess(name string, container *yaml_types.Container, section string) *backend_types.Step { @@ -80,13 +81,13 @@ func (c *Compiler) createProcess(name string, container *yaml_types.Container, s } } - if matchImage(container.Image, c.escalated...) && container.IsPlugin() { + if utils.MatchImage(container.Image, c.escalated...) && container.IsPlugin() { privileged = true } authConfig := backend_types.Auth{} for _, registry := range c.registries { - if matchHostname(container.Image, registry.Hostname) { + if utils.MatchHostname(container.Image, registry.Hostname) { authConfig.Username = registry.Username authConfig.Password = registry.Password authConfig.Email = registry.Email diff --git a/pipeline/frontend/yaml/types/container.go b/pipeline/frontend/yaml/types/container.go index 4eac437da..f5ade2964 100644 --- a/pipeline/frontend/yaml/types/container.go +++ b/pipeline/frontend/yaml/types/container.go @@ -3,11 +3,11 @@ package types import ( "fmt" - "golang.org/x/exp/slices" "gopkg.in/yaml.v3" "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/constraint" "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/types/base" + "github.com/woodpecker-ci/woodpecker/pipeline/frontend/yaml/utils" "github.com/woodpecker-ci/woodpecker/shared/constant" ) @@ -109,5 +109,5 @@ func (c *Container) IsPlugin() bool { } func (c *Container) IsTrustedCloneImage() bool { - return c.IsPlugin() && slices.Contains(constant.TrustedCloneImages, c.Image) + return c.IsPlugin() && utils.MatchImage(c.Image, constant.TrustedCloneImages...) } diff --git a/pipeline/frontend/yaml/compiler/image.go b/pipeline/frontend/yaml/utils/image.go similarity index 84% rename from pipeline/frontend/yaml/compiler/image.go rename to pipeline/frontend/yaml/utils/image.go index 238ea4b0f..47ffb393c 100644 --- a/pipeline/frontend/yaml/compiler/image.go +++ b/pipeline/frontend/yaml/utils/image.go @@ -1,4 +1,4 @@ -package compiler +package utils import "github.com/docker/distribution/reference" @@ -30,10 +30,10 @@ func expandImage(name string) string { return named.String() } -// matchImage returns true if the image name matches +// MatchImage returns true if the image name matches // an image in the list. Note the image tag is not used // in the matching logic. -func matchImage(from string, to ...string) bool { +func MatchImage(from string, to ...string) bool { from = trimImage(from) for _, match := range to { if from == trimImage(match) { @@ -43,9 +43,9 @@ func matchImage(from string, to ...string) bool { return false } -// matchHostname returns true if the image hostname +// MatchHostname returns true if the image hostname // matches the specified hostname. -func matchHostname(image, hostname string) bool { +func MatchHostname(image, hostname string) bool { ref, err := reference.ParseAnyReference(image) if err != nil { return false diff --git a/pipeline/frontend/yaml/compiler/image_test.go b/pipeline/frontend/yaml/utils/image_test.go similarity index 96% rename from pipeline/frontend/yaml/compiler/image_test.go rename to pipeline/frontend/yaml/utils/image_test.go index 711d1847c..9249c9eb1 100644 --- a/pipeline/frontend/yaml/compiler/image_test.go +++ b/pipeline/frontend/yaml/utils/image_test.go @@ -1,4 +1,4 @@ -package compiler +package utils import ( "testing" @@ -191,7 +191,7 @@ func Test_matchImage(t *testing.T) { }, } for _, test := range testdata { - got, want := matchImage(test.from, test.to), test.want + got, want := MatchImage(test.from, test.to), test.want if got != want { t.Errorf("Want image %q matching %q is %v", test.from, test.to, want) } @@ -250,7 +250,7 @@ func Test_matchHostname(t *testing.T) { }, } for _, test := range testdata { - got, want := matchHostname(test.image, test.hostname), test.want + got, want := MatchHostname(test.image, test.hostname), test.want if got != want { t.Errorf("Want image %q matching hostname %q is %v", test.image, test.hostname, want) }