mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-11-22 09:51:01 +00:00
Code Issues Projects Releases Wiki Activity

Linter: respect tags for linting of global privileged plugins (#4083)

Browse source 
https://ci.woodpecker-ci.org/repos/8981/pipeline/162/4 should have shown an lit error but it did not.

this fix it

a followup of https://github.com/woodpecker-ci/woodpecker/pull/4053
This commit is contained in:
6543 2024-09-05 00:25:22 +02:00 committed by GitHub
parent 32d1ec7cec
commit f7d12bf256
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pipeline/frontend/yaml/linter/linter.go
View file

@ -169,9 +169,9 @@ func (l *Linter) lintImage(config *WorkflowConfig, c *types.Container, area stri
func (l *Linter) lintPrivilegedPlugins(config *WorkflowConfig, c *types.Container, area string) error { func (l *Linter) lintPrivilegedPlugins(config *WorkflowConfig, c *types.Container, area string) error {
// lint for conflicts of https://github.com/woodpecker-ci/woodpecker/pull/3918 // lint for conflicts of https://github.com/woodpecker-ci/woodpecker/pull/3918
if utils.MatchImage(c.Image, "plugins/docker", "plugins/gcr", "plugins/ecr", "woodpeckerci/plugin-docker-buildx") { if utils.MatchImage(c.Image, "plugins/docker", "plugins/gcr", "plugins/ecr", "woodpeckerci/plugin-docker-buildx") {
msg := "Cannot use once by default privileged plugins, if needed add it too WOODPECKER_PLUGINS_PRIVILEGED" msg := fmt.Sprintf("Cannot use once by default privileged plugin '%s', if needed add it too WOODPECKER_PLUGINS_PRIVILEGED", c.Image)
// check first if user did not add them back // check first if user did not add them back
if l.privilegedPlugins != nil && !utils.MatchImage(c.Image, *l.privilegedPlugins...) { if l.privilegedPlugins != nil && !utils.MatchImageDynamic(c.Image, *l.privilegedPlugins...) {
return newLinterError(msg, config.File, fmt.Sprintf("%s.%s", area, c.Name), false) return newLinterError(msg, config.File, fmt.Sprintf("%s.%s", area, c.Name), false)
} else if l.privilegedPlugins == nil { } else if l.privilegedPlugins == nil {
// if linter has no info of current privileged plugins, it's just a warning // if linter has no info of current privileged plugins, it's just a warning

2
pipeline/frontend/yaml/linter/linter_test.go
View file

@ -171,7 +171,7 @@ func TestLintErrors(t *testing.T) {
}, },
{ {
from: "{steps: { build: { image: plugins/docker, settings: { test: 'true' } } }, when: { branch: main, event: push } } }", from: "{steps: { build: { image: plugins/docker, settings: { test: 'true' } } }, when: { branch: main, event: push } } }",
want: "Cannot use once by default privileged plugins, if needed add it too WOODPECKER_PLUGINS_PRIVILEGED", want: "Cannot use once by default privileged plugin 'plugins/docker', if needed add it too WOODPECKER_PLUGINS_PRIVILEGED",
}, },
{ {
from: "{steps: { build: { image: golang, settings: { test: 'true' } } }, when: { branch: main, event: push }, clone: { git: { image: some-other/plugin-git:v1.1.0 } } }", from: "{steps: { build: { image: golang, settings: { test: 'true' } } }, when: { branch: main, event: push }, clone: { git: { image: some-other/plugin-git:v1.1.0 } } }",