Commit graph

131 commits

Author SHA1 Message Date
qwerty287
5bb7cef08b
Allow to set custom trusted clone plugins (#4352)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Thomas Anderson <127358482+zc-devs@users.noreply.github.com>
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
2024-11-26 14:27:05 +01:00
6543
d3e73d1e4a
Remove secrets in favor of from_secret (#4363)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
Co-authored-by: Lauris BH <lauris@nix.lv>
2024-11-21 15:42:02 +01:00
qwerty287
e13085b69f
Pass settings to services (#4338) 2024-11-09 21:04:27 +01:00
Patrick Schratz
560eab96f0
Kubernetes | Docker: Add support for rootless images (#4151) 2024-11-02 18:07:27 +01:00
qwerty287
29474fc7d9
Split repo trusted setting (#4025) 2024-11-01 21:37:31 +01:00
qwerty287
bd933669ef
Fix snake_case env vars (#4267) 2024-10-28 17:23:49 +01:00
6543
6ad20ced5b
Move docker resource limit settings from server to agent (#3174)
so you can set it per agent and not per server
2024-09-26 16:56:59 +01:00
Patrick Schratz
b75a2cac10
Update image filter error message (#4143) 2024-09-26 13:04:07 +01:00
6543
5b208d2c01
Allow admins to specify priviledged plugins by name **and tag** (#4075)
previous the tags where ignored, now we respect them if set
2024-09-01 21:27:12 +02:00
6543
3c8204a0e0
Allow alter trusted clone plugins and filter them via tag (#4074) 2024-09-01 20:41:10 +02:00
6543
fb6068d836
Add option to filter secrets by plugins with specific tags (#4069)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2024-08-31 13:46:50 +02:00
qwerty287
aafd217cce
Remove old pipeline options (#4016) 2024-08-15 18:58:51 +02:00
6543
31a45e5633
Add blocklist of environment variables who could alter execution of plugins (#3934) 2024-07-18 22:54:29 +02:00
6543
764329ed1d
Make sure plugins only mount the workspace base in a predefinde location (#3933) 2024-07-18 22:52:22 +02:00
6543
7b7c83d040
remove undocumented networks option from steps (#3915)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2024-07-18 18:18:39 +02:00
6543
e39345688d
Allow to change the working directory also plugins and services (#3914) 2024-07-18 01:02:38 +02:00
Anbraten
f6904d6662
Fix privileged steps in kubernetes (#3711) 2024-05-30 18:53:03 +02:00
6543
42f2734308
cspell lint go code (#3706) 2024-05-24 22:35:04 +02:00
Robert Kaussow
89e100cfd1
Add godot linter to harmonitze toplevel comments (#3650) 2024-05-13 22:58:21 +02:00
qwerty287
2029813fc2
Remove unused cache properties (#3567) 2024-03-29 09:48:28 +01:00
qwerty287
75803dba41
Fix uppercased env (#3516)
closes #3515 

I think after this is fixed, we should publish a new release as this can
be quite important.

Co-authored-by: Robert Kaussow <mail@thegeeklab.de>
2024-03-20 16:53:33 +02:00
qwerty287
9b0c4e4e3c
Fix env var naming (#3438)
closes #3436
2024-02-25 10:12:40 +01:00
6543
6eafb37aba
nit: compiler.Compile explizite init Environment map 2024-02-23 17:40:52 +01:00
qwerty287
d59bc64823
Fix server panic (#3426)
Closes #3424
2024-02-23 16:32:06 +01:00
qwerty287
de5c65939a
Deprecate alternative names on secrets (#3406)
Closes https://github.com/woodpecker-ci/woodpecker/discussions/2274

# deprecation of alternative names

Instead of
```yaml
secrets:
  - source: some_secret
    target: some_env
```
you now write:
```yaml
environment:
  some_env:
    from_secret: some_secret
```

Also, it's possible to use complex yaml objects in `environment`,
they're turned into json (just like `settings`).
2024-02-22 18:25:57 +01:00
qwerty287
0c9bbf91a3
Do not alter secret key upper-/lowercase (#3375) 2024-02-20 14:20:25 +01:00
Anbraten
0b91317cde
Fix linter (#3354) 2024-02-08 22:49:07 +01:00
qwerty287
6892a9ca57
Parse backend options in backend (#3227)
Currently, backend options are parsed in the yaml parser.
This has some issues:
- backend specific code should be in the backend folders
- it is not possible to add backend options for backends added via
addons
2024-02-08 18:39:32 +01:00
Anbraten
0b5eef7d1e
Improve secret availability checks (#3271) 2024-01-27 20:59:44 +01:00
qwerty287
5e2f7d81b3
Clean up models (#3228) 2024-01-22 07:56:18 +01:00
qwerty287
d1d2e9723d
Support custom steps entrypoint (#2985)
Closes https://github.com/woodpecker-ci/woodpecker/issues/278

---------

Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 05:34:02 +01:00
qwerty287
001b5639a6
Use assert for test (#3201)
instead of `if`s
2024-01-14 19:33:58 +01:00
qwerty287
b9f6f3f9fb
Replace goimports with gci (#3202)
`gci` seems to be much more strict.
2024-01-14 18:22:06 +01:00
Thomas Anderson
0611fa9b32
Added protocol in port configuration (#2993)
Closes  #2727
2024-01-12 23:57:24 +01:00
Thomas Anderson
9bbc446009
Kubernetes AppArmor and seccomp (#3123)
Closes #2545

seccomp
https://kubernetes.io/docs/tutorials/security/seccomp/

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/135-seccomp/README.md

AppArmor
https://kubernetes.io/docs/tutorials/security/apparmor/

fddcbb9cbf/keps/sig-node/24-apparmor/README.md
Went ahead and implemented API from KEP-24 above.
2024-01-12 23:32:24 +01:00
6543
f8fb28e651
More docker backend test remove more undocumented (#3156)
remove Sysctls and IpcMode
2024-01-11 19:30:13 +01:00
qwerty287
12c40eb957
Enable gocritic and don't ignore globally (#3159)
Use `nolint` directives instead.

From #2960
2024-01-10 15:34:44 +01:00
qwerty287
1b380ff4b4
Enable nolintlint (#3158) 2024-01-10 12:11:18 +01:00
6543
cd59a85230
Use name in backend types instead of alias (#3142) 2024-01-09 15:22:59 +01:00
6543
1eacf74376
Remove duplicate assignment of CI_STEP_NAME (#3139)
Co-authored-by: Anbraten <anton@ju60.de>
2024-01-09 08:56:28 +01:00
Anbraten
6fbf98f1b9
Fix slice unmarshaling (#3097)
closes #3055
2024-01-01 11:03:31 +01:00
6543
2cb7669413
add just more dag tests (#3083) 2023-12-30 16:45:11 +01:00
Kamila Borowska
4bc2fed550
Fix DAG cycle detection (#3049)
Previously a graph like this.

    a <- b
    ^    ^
    |    |
    c <- d

Was incorrectly recognized as having a cycle.

Fixes #3048.
2023-12-28 00:14:28 +01:00
6543
840fca198e
make backend step dag generation deterministic (#3037)
the the generation for backend steps if a dag is used deterministic.

this also fix where the test randomly fail like in:
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11057/30
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11076/25
2023-12-27 12:38:33 +02:00
Anbraten
2b1e5f35de
Add depends_on support for steps (#2771)
Co-authored-by: 6543 <6543@obermui.de>
2023-12-24 12:14:30 +01:00
Thomas Anderson
253d702bc7
Fix IPv6 host aliases for kubernetes (#2992)
Closes #2991


[Tests](https://github.com/woodpecker-ci/woodpecker/pull/2993#issuecomment-1868048169)

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-12-23 00:42:30 +01:00
qwerty287
ce4f952b50
Switch to ULID (#2986)
Closes https://github.com/woodpecker-ci/woodpecker/discussions/2156
2023-12-21 20:23:51 +01:00
runephilosof-karnovgroup
adb2c82790
Update go module path for major version 2 (#2905)
https://go.dev/doc/modules/release-workflow#breaking

Fixes https://github.com/woodpecker-ci/woodpecker/issues/2913 fixes
#2654
```
runephilosof@fedora:~/code/platform-woodpecker/woodpecker-repo-configurator (master)$ go get go.woodpecker-ci.org/woodpecker@v2.0.0
go: go.woodpecker-ci.org/woodpecker@v2.0.0: invalid version: module contains a go.mod file, so module path must match major version ("go.woodpecker-ci.org/woodpecker/v2")
```

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-12-08 08:15:08 +01:00
Thomas Anderson
3adb98b287
Simple security context options (Kubernetes) (#2550) 2023-11-26 08:46:06 +01:00
qwerty287
342b25826c
Rename link to url (#2812)
As of https://woodpecker-ci.org/docs/next/usage/terminiology#conventions
2023-11-14 17:12:12 +01:00