Commit graph

398 commits

Author SHA1 Message Date
Anbraten
c464f857ae
Remove unused file system api (#1791)
Co-authored-by: 6543 <6543@obermui.de>
2023-05-31 18:03:03 +02:00
Patrick Schratz
d13a8744ce
Add nodeSelector using platform for kubernetes (#1737)
Co-authored-by: Anbraten <anton@ju60.de>
2023-05-18 11:21:20 +02:00
Anbraten
435f5ae207
Improve local backend (#1762)
Co-authored-by: 6543 <6543@obermui.de>
2023-05-17 14:53:23 +02:00
Anbraten
188123ea74
Update dependencies (#1744) 2023-05-11 00:28:02 +02:00
6543
204d05f447
Implement YAML Map Merge, Overrides, and Sequence Merge Support (#1720)
close  #1192
2023-04-29 14:49:41 +02:00
6543
80d5d233b3
Local Backend should create SubDirs (#1706)
close #1705
2023-04-20 00:56:03 +02:00
Anbraten
36b5ae3459
Add env for workflow and step name (#1693)
closes #1681
2023-04-08 13:15:28 +02:00
Bruno BELANYI
ea95d5aa76
Set 'HOME' during local pipeline step (#1686)
close #1685

---------

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-04-02 16:47:22 +02:00
qwerty287
0970f35df5
Do not store inactive repos (#1658)
Do not sync repos with forge if the repo is not necessary in DB.

In the DB, only repos that were active once or repos that are currently
active are stored. When trying to enable new repos, the repos list is
fetched from the forge instead and displayed directly. In addition to
this, the forge func `Perm` was removed and is now merged with `Repo`.

Solves a TODO on RepoBatch.

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-21 23:01:59 +01:00
Neil Hanlon
a95a5b43bf
fix(backend/kubernetes): Ensure valid naming of name field (#1661)
- Kubernetes v1.26 on VKE causes error when creating persistent volume
claim because of uppercase characters in name field

This patch is trivial just in order to get it working - happy to
implement differently.

The error in question:

```
The PersistentVolumeClaim "wp-01G1131R63FWBSPMA4ZAZTKLE-0-clone-0" is invalid: metadata.name: Invalid value: "wp-01G1131R63FWBSPMA4ZAZTKLE-0-clone-0": a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')
```
2023-03-21 20:00:45 +01:00
Lauris BH
46452fbd84
Update Go dependencies and minimal Go version to 1.20 (#1650)
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
2023-03-21 00:48:15 +01:00
6543
e28b43ab19
Only inject netrc to trusted clone plugins (#1352)
Co-authored-by: qwerty287 <ndev@web.de>
Co-authored-by: 6543 <6543@obermui.de>
2023-03-20 21:17:49 +01:00
6543
92614dfb1e
Agent check gRPC version against server (#1653)
close #1114

As long as the `VersionResponse` type is not changed the check will
fail/pass gracefully

example output:
```
{"level":"error","error":"GRPC version mismatch","time":"2023-03-19T19:49:09+01:00","message":"Server version next-6923e7ab does report grpc version 2 but we only understand 1"}
GRPC version mismatch
```
2023-03-19 22:42:21 +01:00
qwerty287
f582ad3159
Various enhancements in configuration (#1645)
- backends: move to cli flags instead of os.Getenv
- ssh: support 2fa with key and password
- allow to set grpc jwt secret (solves todo)
- allow to set default and max timeout (solves todo)

Closes https://github.com/woodpecker-ci/woodpecker/issues/896
Closes https://github.com/woodpecker-ci/woodpecker/issues/1131
2023-03-19 20:24:43 +01:00
6543
56e6639396
Refactor nits (#1652)
-
https://github.com/woodpecker-ci/woodpecker/pull/1641/files#r1141405630
-
ade8e6d010 (r105091268)
-
https://github.com/woodpecker-ci/woodpecker/pull/1647/files#r1141410010

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-19 18:32:19 +01:00
qwerty287
42a115e19e
Add PR pipeline list (#1641)
Instead of viewing PR pipelines in the branches lists, add a separate
list for them. The API endpoint for PRs supports pagination (thus I
added a lot of pagination-related stuff), the UI doesn't yet though.


![wp](https://user-images.githubusercontent.com/80460567/226099133-bb4935d6-c357-4d73-8465-9157e25c0d82.png)

Closes #1619 

Extends this part of #1640

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-19 10:43:57 +01:00
qwerty287
7ddc18348f
Only grant privileged to plugins (#1646)
Closes https://github.com/woodpecker-ci/woodpecker/issues/1525

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-19 03:07:10 +01:00
Anbraten
fa5b0fb96e
Fix linter (#1647) 2023-03-18 20:35:27 +01:00
6543
9945e27c01
pipeline compiler: handle nil entrys in settings list (#1626)
close #1609
2023-03-17 08:54:53 +01:00
Lukas
1b43b0bf20
Add pull request labels as environment variable (#1321)
Closes #1308 

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-17 03:43:04 +01:00
Alexander Matyushentsev
ee969979c6
fix: backend auto-detection should be consistent (#1618)
Closes https://github.com/woodpecker-ci/woodpecker/issues/1617

The `woodpecker exec` auto-detects the backend by iterating over a map
of backends. However, since Go 1 the runtime randomizes map iteration
order, so a random backend might be chosen during each execution.

PR changes to auto-detection to iterate over the backends list with
predefined priority: `docker`, `local`, `ssh`, `kubernetes`.

---------

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
2023-03-13 09:07:41 +02:00
Alexander Matyushentsev
5e1171d7a7
fix: docker backend should not close 'engine.Tail' result (#1616)
Closes https://github.com/woodpecker-ci/woodpecker/issues/1615

The error described in
https://github.com/woodpecker-ci/woodpecker/issues/1615 is happening
because `Tail` method of the docker backend closes the instance of
`io.ReadCloser` it returns in `defer` function. As a result anything
that try to read data returned by `Tail` method eventually will attempt
to read from closes reader and get an error:


2171212c5a/pipeline/backend/docker/docker.go (L229)

The fix is just don't close returned reader and let the consumer of
`Tail` method do it. Good thing is that `Tail` is used only in one place
and reader is correctly closed:


2171212c5a/pipeline/pipeline.go (L231-L237)

Example of `woodpecker exec` output using pipeline from
https://github.com/woodpecker-ci/woodpecker/issues/1615 with the fix:

```
woodpecker exec .woodpecker.yaml
[step1:L0:0s] + echo step1
[step1:L1:0s] step1
[step2:L0:0s] + echo step2
[step2:L1:0s] step2
```

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-03-12 16:01:09 +01:00
Stephen Muth
be4ce2e02d
Ensure the SharedInformerFactory closes eventually (#1585)
Otherwise it will continue to collect events in the background, consuming memory that can't be GC'd.
2023-02-16 00:54:33 +01:00
6543
18d3139e9e
Use modern error handling and enforce it via lint (#1327)
Co-authored-by: Anbraten <anton@ju60.de>
2023-02-02 00:08:02 +01:00
Lauris BH
f26a87acce
Deduplicate step docker container volumes (#1571)
Try to fix #1495

It's very hard to reproduce it and only way to fix when it gets in this
state is woodpecker agent restart.

This anyway fixes problem if step mounts and
`WOODPECKER_BACKEND_DOCKER_VOLUMES` conflict
2023-01-31 21:33:40 +01:00
Anbraten
d96032349a
Store an agents list and add agent heartbeats (#1189)
Co-authored-by: 6543 <6543@obermui.de>
2023-01-28 14:13:04 +01:00
6543
5c617accd8
kubernetes ignore labels and annotations if not set (#1528)
close #1527
regression of #1510
2023-01-04 19:51:21 +02:00
Stephen Muth
bc87208a33
Rework status constraint logic for successes (#1515)
Since "success" and "failure" are the only two possible values, and
"success" is considered to be included by default, the existing code can
also be simplified a little.

This has the side effect of ignoring the "exclude" part of the
constraint completely. I put it in the tests just to make sure the
workaround in
https://github.com/woodpecker-ci/woodpecker/issues/1181#issuecomment-1347253585
continues to work as expected, but couldn't think of any legitimate use
cases for it.

Fixes #1181
2023-01-02 06:36:57 +01:00
Stephen Muth
1816f6c715
Allow adding additional labels/annotations to kubernetes worker pods (#1510)
Example agent environment configuration using the new value:
```yaml
  - env:
    - name: WOODPECKER_BACKEND
      value: kubernetes
    - name: WOODPECKER_BACKEND_K8S_NAMESPACE
      value: default
    - name: WOODPECKER_BACKEND_K8S_POD_LABELS
      value: '{"sidecar.istio.io/inject":"false"}'
```
2022-12-31 01:37:09 +01:00
6543
b6399c0a08
Refactor agent: split code in subfunctions (#1441)
logs of a killed pipeline are stored, with this pull
2022-11-23 15:35:24 +01:00
smainz
b8900cdf88
Fix wrong drone env vars (#1419)
Provide up to date drone compatibility environment variables to each step execution.

closes #1416

Before a step is executed, some environemnt variables are updated.
This ensures, that the updated environment variables are copied to their corresponding `DRONE_` environemt variables.

Side effect is that the `DRONE_` environemnt variables are no longer available in the metadata which should not harm as they are not used inside woodpecker.
2022-11-22 23:57:12 +01:00
Michaël Dierick
7859bde63d
add support for DRONE_COMMIT_SHA alias (#1421)
[The docker plugin
uses](d0e7d7f01b/cmd/drone-docker/main.go (L43))
the `DRONE_COMMIT_SHA` variant. According to [drone
reference](https://docs.drone.io/pipeline/environment/reference/) doc,
`DRONE_COMMIT_SHA` and `DRONE_COMMIT` are the same thing (although the
default value in the docker plugin suggests the 8-char short form).
2022-11-16 18:14:06 +01:00
Sergio Fenoll
f0e518a5a2
Add option to ignore failures on steps (#1219)
closes #1181
closes #834 

Adds `ignore_failure` to pipeline steps. When it's set to true,
if the step fails the following steps continue to execute as if no failure had occurred.

---

failure enums idea:
* fail (default) = if other steps run in parallel, wait for them and
then let workflow fail
* cancel = if other steps run in parallel, kill them
* ignore = we mark the step as failed but it wont have any impact
2022-11-15 19:47:27 +01:00
Josh Soref
023d03dd61
Spelling (#1405)
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-11-09 08:12:17 +01:00
6543
e8490a757f
GenerateScript should not return encoded script (#1397)
followup to #1395
2022-11-06 13:36:34 +01:00
6543
18311d4360
Split and refactor (#1394)
Closes #974
2022-11-06 12:44:04 +01:00
qwerty287
e901f605b1
Fix local and ssh backends (#1395)
Base64-encoded string was not decoded.
2022-11-05 14:44:33 +02:00
qwerty287
3372d1a87c
Rename remote to forge (#1357)
As of #745

Co-authored-by: Anbraten <anton@ju60.de>
2022-11-05 00:35:06 +01:00
6543
b15ca52a63
Move constrain to only have a single command in backend to run to dedicated backends (#1032)
at the moment we compile a script that we can pipe in as single command
this is because of the constrains the docker backend gives us.

so we move it into the docker backend and eventually get rid of it altogether
2022-10-31 00:26:49 +01:00
Harikesh00
36e42914fa
Renamed procs/jobs to steps in code (#1331)
Renamed `procs` to `steps` in code for the issue #1288

Co-authored-by: Harikesh Prajapati <harikesh.prajapati@druva.com>
Co-authored-by: qwerty287 <ndev@web.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-10-28 17:38:53 +02:00
qwerty287
e568c42e84
Support plugin-only secrets (#1344)
Closes #1071
2022-10-27 04:21:07 +02:00
qwerty287
f6cac78119
Allow to change directory for steps (#1329)
Add `directory` YAML key that changes the workdir. Can replace a `cd`
before your commands start or make it possible to run plugins in a
subdirectory.
2022-10-24 16:31:06 +02:00
qwerty287
849e05bb8b
Rename build to pipeline in code (#1224)
Ref:  #745

Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: 6543 <6543@obermui.de>
2022-10-18 03:24:12 +02:00
6543
f9dd6518c0
CI: add branches filter (#1130)
Co-authored-by: Anbraten <anton@ju60.de>
2022-10-10 12:49:30 +02:00
Anbraten
287800ac62
Add when evaluate filter (#1213)
closes #312 
closes #224
closes #963

Have a look for

https://github.com/antonmedv/expr/blob/master/docs/Language-Definition.md
2022-10-06 01:49:23 +02:00
Anbraten
f1339412eb
Fix invalid service names for Kubernetes (#1234)
closes #1232
2022-10-05 13:39:48 +02:00
6543
da997fa34a
Add support sub-settings and secrets in sub-settings (#1221) 2022-10-03 19:25:43 +02:00
shrumble
6d6e54afab
Add manual to event enum (#1226) 2022-09-29 22:30:00 +02:00
Anbraten
70114ed1fd
Fix handling of empty strings for default docker volumes (#1209) 2022-09-27 11:43:35 +02:00
[X]
b4d89a1cce
Add ability to trigger manual builds (#1156)
closes #83 
closes #240 

Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-09-27 11:05:00 +02:00
Lauris BH
2e08dd2333
Add option to set default volumes for docker backend (#1203) 2022-09-26 16:59:26 +02:00
6543
9c99406a06
Use archive.org to preserve code comment 2022-09-26 14:52:28 +02:00
Zav Shotan
ec9b0a62a7
Add support for pipeline root.when conditions (#770)
Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: 6543 <6543@obermui.de>
2022-09-26 09:27:20 +02:00
Alexis Lefebvre
3266e5f3cc
use example.com instead of foo.com (#1188)
http://example.com/ is a reserved domain name, which is perfect for
examples, while foo.com is a random domain name
2022-09-14 15:20:27 +02:00
6543
795bbd8988
Add dedicated DroneCI env compatibility layer (#1185)
for more info see `https://github.com/drone-plugins/drone-plugin-lib/pull/37/files` and c79d49c862
2022-09-14 09:30:37 +02:00
Anbraten
3b0263442a
Adding initial version of Kubernetes backend (#552)
Co-authored-by: laszlocph <laszlo@laszlo.cloud>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Rynoxx <rynoxx@grid-servers.net>
2022-09-05 06:01:14 +02:00
6543
c79d49c862
Delete old fallbacks and compatible stuff (#791)
Drop ...
* ... DRONE_ and deprecated pipeline environment vars
* ... deprecated sqlite3 file path
2022-09-01 14:31:12 +02:00
6543
383f273392
Add cron feature (#934)
https://woodpecker-ci.org/docs/usage/cron

Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2022-09-01 00:36:32 +02:00
6543
08a99152d6
Dedup code and migrate away from deprecated funcs (#1141)
Co-authored-by: Anbraten <anton@ju60.de>
2022-08-30 01:14:07 +02:00
6543
ca84f703e3
Add default event filter (#1140)
breakout from #934

when new events are added you don't have to worry that pipeline will behave different as it does now with this

Co-authored-by: Anbraten <anton@ju60.de>
2022-08-30 00:36:37 +02:00
6543
9a57602174
Pipeline compiler should not alter specified image (#1005)
* pipeline compiler should not alter specifyed image

adress #1003
2022-08-26 20:00:11 +02:00
6543
f21d854114
Move away from deprecated go funcs (#1123) 2022-08-25 08:39:19 +02:00
6543
d3eea72663
Bump deps (#1125)
* upgrade to codeberg.org/6543/go-yaml2json v0.2.1

* upgraded github.com/bmatcuk/doublestar/v4 v4.0.2 => v4.2.0

* upgraded github.com/docker/cli v20.10.14+incompatible => v20.10.17+incompatible

* upgraded github.com/docker/docker v20.10.14+incompatible => v20.10.17+incompatible

* upgraded github.com/gin-gonic/gin v1.7.7 => v1.8.1

* upgraded github.com/golang-jwt/jwt/v4 v4.4.1 => v4.4.2

* upgraded github.com/moby/moby v20.10.14+incompatible => v20.10.17+incompatible

* upgraded github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 => v0.0.0-20220808134915-39b0c02b01ae

* upgraded github.com/lafriks/ttlcache/v3 v3.1.0 => v3.2.0

* upgraded github.com/mattn/go-sqlite3 v1.14.12 => v1.14.15

* upgraded github.com/lib/pq v1.10.5 => v1.10.6

* github.com/prometheus/client_golang v1.12.1 => v1.13.0

* upgraded github.com/urfave/cli/v2 v2.5.1 => v2.11.2

* upgraded github.com/rs/zerolog v1.26.1 => v1.27.0

* upgraded golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 => v0.0.0-20220822191816-0ebed06d0094

* upgraded github.com/xanzy/go-gitlab v0.64.0 => v0.73.1

* upgraded google.golang.org/grpc v1.47.0 => v1.49.0
2022-08-25 08:09:05 +02:00
6543
a46723334b
refactor: use switch-case not try-err (#1112) 2022-08-15 14:39:08 +02:00
Lauris BH
5a945c10e9
Fix to show build pipeline parse error (#1066) 2022-08-15 14:37:46 +02:00
Anbraten
fc862bf627
Default clone do checkout tags on tag pipeline (#1110) 2022-08-15 11:52:30 +02:00
Anbraten
e269890643
Allow multiple when conditions (#1087)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: LamaAni <zshotan@bloomberg.net>
2022-08-14 19:32:49 +02:00
Florian Märkl
7031904dbe
Wait to finish reading logs before calling Wait() on pipeline (#1010)
This fixes errors like the following and chopped off logs ...
2022-07-31 17:12:15 +02:00
6543
1e8d4cc455
Update jsonschema and pipeline linting 2022-07-19 15:09:39 +02:00
6543
d2556a0613
Update jsonschema and define "services" (#1036)
Co-authored-by: Anbraten <anton@ju60.de>
2022-07-19 15:01:36 +02:00
6543
69ec44075c
Let single line command be a single command (#1009)
* rm go-shlex usage

* update
2022-07-19 07:20:27 +02:00
6543
8da0ee47f7
Use variables in pipeline (#1026)
use yaml aliases (https://yaml.org/spec/1.2.2/#3222-anchors-and-aliases) to have pipeline `variables`

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: Anbraten <anton@ju60.de>
2022-07-17 18:25:56 +02:00
6543
31bad81979
Use external lib to convert yaml to json (#1028)
this move shared/yml/* into an independent lib
2022-07-17 17:23:31 +02:00
Florian Märkl
4879e922c1
Avoid calling /bin/env in local backend (#1011)
/bin/env was used to resolve a command name against PATH and pass
additional environment variables.
All of this can also be achieved using functionality already provided by
go's exec lib, which will then internally pass the appropriate arguments
to e.g. execve.
2022-07-04 20:27:17 +02:00
Florian Märkl
061596d802
Gracefully handle non-zero exit code in local backend (#1002)
A non-zero exit code signifies a pipeline failure, but is not a fatal error in the agent.
Since exec reports this as exec.ExitError, this has to be handled explicitly.
This also fixes logs not being shown on build errors.
2022-07-02 15:56:08 +02:00
6543
9449b67da9
fix regression from 81dcdea2be (missmatch) 2022-06-16 23:11:27 +02:00
6543
068063655b
Make pipeline runtime log with description (#970)
* introduce runtime descriptors to pipeline runtime

* nit return orig error at traceStep()

* more logging

* refactor

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
2022-06-15 18:11:20 +02:00
Zav Shotan
81dcdea2be
Add support for steps to be a list (instead of dict) (#826)
- Support for pipeline/containers as list
- Support for container name in logs (step.Name)

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-06-13 23:13:09 +02:00
Arno Hautala
cdbba4c306
fix run_on references with runs_on in docs (#965) 2022-06-10 05:44:26 +02:00
Anbraten
e79ad00826
Add agent tagging / filtering for pipelines (#902)
Officially support labels for pipelines and agents to improve pipeline picking. 

* add pipeline labels
* update, improve docs  and add migration
* update proto file

---
closes #304 & #860
2022-05-31 01:12:18 +02:00
6543
e2e094cfda
Revert "Do not run clone step if no pipeline step will run (#877)"
This reverts commit f05f918b8d.
2022-05-20 05:20:17 +02:00
qwerty287
f05f918b8d
Do not run clone step if no pipeline step will run (#877)
Skip the clone step and ignore hook/pipeline if no pipeline step except clone would run. The status reported back to the forge is `success`.

Closes https://github.com/woodpecker-ci/woodpecker/issues/778
2022-05-18 23:25:14 +02:00
6543
7cf5a1545e
Drop deprecated environment vars (#920) 2022-05-17 17:26:35 +02:00
6543
4136df7551
Drop VarArgs in steps in favour of settings (#919)
* drop VarArgs in steps in favour of settings
* update unit tests
2022-05-17 16:43:05 +02:00
qwerty287
687d57217d
Fix branch condition on tags (#917)
* Fix branch condition on tags

* Add docs

* Update docs/docs/20-usage/20-pipeline-syntax.md

Co-authored-by: Anbraten <anton@ju60.de>
2022-05-16 20:04:00 +02:00
Zav Shotan
acbcc53872
Added support for step errors when executing backend (#817)
When executing a backend step, in case of failure of the specific step, the run is marked as errored but the step error is missing.

Added:
1. Log for the backend error (without trace)
2. Mark the step as errored with exit code 126 (Could not execute).

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
Co-authored-by: Anton Bracke <anton@ju60.de>
2022-05-11 13:40:44 +02:00
Anbraten
62a1fd8dcb
Add support to define a custom docker network and enable docker ipv6 (#893)
- Add support to define a custom docker network and enable docker ipv6
- Adjust docs
2022-04-29 15:15:32 +02:00
qwerty287
9c6c4559a7
Add SSH backend (#861)
Add SSH backend that runs commands via SSH.

Close #848
2022-04-29 12:30:50 +02:00
John Olheiser
67d76248a3
Take in an io.Reader instead of file path (#885)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2022-04-19 10:40:48 +02:00
mscherer
16cf59163e
Do not ignore failure to clean up the context (#876) 2022-04-07 01:08:04 +02:00
6543
58303dd2a7
Move value of default clone image into shared constant package (#873) 2022-04-06 15:30:49 +02:00
mscherer
c3788d943f
Fix insecure /tmp usage in local backend (#872)
Since /tmp is writable by everybody, a user could precreate
/tmp/woodpecker with 777 permissions, allowing them to modify the
pipeline while it is being run, or preventing the pipeline from running.

And since os.MkdirAll error code wasn't checked, the same attacker
could have precreated the directory where the pipeline is executed to
mess with the run, allowing code execution under the UID of the
agent (who has access to the toke, to communicate with the server, which
mean a attacker could inject a fake agent, steal credentials, etc)
2022-04-06 03:33:00 +02:00
Anbraten
6ae7e2cc4f
Fix uppercase from_secrets (#842)
Secret names where matched based on their lowercase value already just the conversion to lowercase for `from_secrets` was missing.
2022-03-19 12:34:32 +01:00
Anthony Wang
80c72b590c
Add support to run pipelines using a local backend (#709)
This adds support for #559. I tested using [this .woodpecker.yml](https://git.exozy.me/Ta180m/Hello-world/src/branch/main/.woodpecker.yml) on my self-hosted [Woodpecker instance](https://ci.exozy.me/Ta180m/Hello-world). I was also able to get this to build [Hugo websites](https://ci.exozy.me/Ta180m/howtuwu/build/1). It's currently very simplistic but works!

close #559
2022-03-10 22:07:02 +01:00
eleith
e0d8d13a91
fix pipeline schema to support branch as an array in 'when' (#836) 2022-03-09 15:49:06 +01:00
Anbraten
e178b7b4b2
Improve agent backend loading and suppress expectable errors (#818)
* improve agent loop loading backend once

* supress container not found or stopped warnings
2022-03-08 16:21:43 +01:00
6543
a3ac393264
Use shared func for registering Sigterm on a context (#799) 2022-02-28 09:27:31 +01:00
Lukas Bachschwell
a2315fe931
Do not filter on linux/amd64 per default (#805)
* Do not filter on linux/amd64 per default & add tests

Tasks with no platform would otherwise not perform on runners with different OS/ARCH combos

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>
Co-authored-by: 6543 <6543@obermui.de>
2022-02-26 22:54:28 +01:00
6543
8ae124d5e6
Remove unused code (#797)
* delete empty code files

* delete outdated readme

* delete unused code

* dedup license
2022-02-25 21:42:45 +01:00
6543
505cf8c09a
make gRPC error "to many keepalive pings" only show up in trace logs (#787)
hotfix #717

This comes from the agent being inactive / not sending and requesting any data if there a no pipelines waiting for him to execute. GRPC seems to only allow 2 pings without calling an actual endpoint before closing the connection. I think this will be indirectly solved in the moment we implement something like #536

https://github.com/grpc/grpc/blob/master/doc/keepalive.md

Co-authored-by: Anbraten <anton@ju60.de>
2022-02-24 15:53:44 +01:00
Zav Shotan
905350fa15
Add support for default clone image environment variable (#769)
This allows for custom clone images for deployment in air-gap systems.

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
2022-02-10 17:05:19 +01:00
mscherer
3b52afab93
Use DOCKER_HOST env to search for docker before searching for a hardcode docker socket (#763)
Fix #757
2022-02-09 00:08:20 +01:00
6543
95ce87fa1b
Fix path schema (#723)
- allow array for path
- remove "include:" as it is default case
- run tests on schema changes too
2022-01-29 14:26:00 +01:00
Anthony Wang
be11e57976
Fix avivable -> available typo in backend.go (#710) 2022-01-20 18:21:57 +01:00
6543
04eb7935db
Improve compile pipeline (#699)
Refactor
- use constants for strings
- more tests
- move constraint code into own package

Enhance
- all constrains use doublestart (glob pattern matching) now

Co-authored-by: Anbraten <anton@ju60.de>
2022-01-17 14:43:30 +01:00
Philipp
366701fde7
Fix multiline secrets replacer (#700)
* Fix multiline secrets replacer

* Add tests
2022-01-16 22:57:37 +01:00
6543
03638b2934
pipeline backend: remove unused var (#683) 2022-01-09 23:28:41 +01:00
6543
7986eba002
Hide multi line secrets from log (#671)
close #388
2022-01-08 20:39:52 +01:00
6543
2f91bdd4a0
gofumpt -w -l -extra . (#661) 2022-01-05 21:50:23 +01:00
6543
dec0eeeed7
Use global branch filter only on events containing branch info (#659)
- close #581
- delete unused code
- simplify code
- add check to procBuilder to fail on invalid config
2022-01-05 17:54:44 +01:00
Philipp
4f015edc05
Add repo to when block (#642)
Co-authored-by: 6543 <6543@obermui.de>
2021-12-30 02:30:08 +01:00
6543
ce5247c675
pipeline env migrate CI_TAG & CI_PULL_REQUEST to new CI_COMMIT_TAG & CI_COMMIT_PULL_REQUEST (#624)
* CI_TAG => CI_COMMIT_TAG

* CI_PULL_REQUEST => CI_COMMIT_PULL_REQUEST

* add TODO for drop with v0.16.0 development
2021-12-19 17:01:03 +01:00
6543
3bd87cda66
use woodpeckerci/plugin-git:latest for clone (#617) 2021-12-18 23:05:25 +01:00
John Olheiser
9e8d1a9294
Get secrets in settings (#604)
* Get secrets in settings

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add error test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add docs

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2021-12-13 13:33:07 -06:00
6543
0061edcbe2
Remove gopkg.in/yaml.v2 (#583)
* rm "gopkg.in/yaml.v2"

* fix UnmarshalYAML for Networks & Ulimits
2021-12-08 23:35:51 +01:00
6543
e7cfa902a6
Another fix for settings field in pipeline config (#579)
close #578

- adjust to new settings field own pipeline config
- more test coverage
- Fix environment parse of settings
- Fix pipeline schema
2021-12-08 18:17:52 +01:00
6543
1172dc3311
Write own yaml2json func (#570)
* fix regression of #384 
 * add more tests
2021-12-07 01:13:02 +01:00
Anbraten
ffed327564
Remove ghodss/yaml (#384) 2021-12-06 18:17:31 +00:00
John Olheiser
71b9179078
Move plugin config to root.pipeline.[step].settings (#464)
* Move Vargs to Settings

* Allow both until deprecation

* Add more tests

* Adjust schema

* Add missing detach option, fix schema tests


Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anbraten <anton@ju60.de>
2021-12-04 16:44:18 +01:00
6543
fc6a2a9975
Remove github.com/kr/pretty in favor of assert.EqualValues() (#564)
* remove github.com/kr/pretty in favor of assert.EqualValues()

* code format
2021-12-04 13:23:33 +01:00
Lukas
680d003a29
Add linter revive (#554)
* Add linter revive

* Add underscore to variable name to prevent shadowing

* Remove unnecessary leading underscore

* Revert changes to vendor file

* export ConfigFetcher as interface

* no 'yoda conditions'

* rename envsubst

Co-authored-by: 6543 <6543@obermui.de>
2021-12-01 14:22:06 +01:00
6543
e072e4cce7
Fix pipeline backend autodetect (#545)
* refactor:
 - rename IsAvivable -> IsAvailable
 - drop depricated Kill
 - make sure backends implement interface
 - rename backend struct for ide (better info)

* docker backend fix autodetect
2021-11-27 02:29:14 +01:00
Anbraten
c1a8884d62
Add backend selection for agent (#463)
- add backend selection option
- by default it will auto-detect a backend
2021-11-26 03:34:48 +01:00
Anbraten
f2b6a5c9c5
Fix passing of netrc credentials to clone step (#492)
closes #479
2021-11-25 21:30:03 +01:00
Anbraten
063d0bb32a
Replace DRONE_ with CI_ variables in pipeline steps (#427)
Dropped support for `DRONE_*` environment variables in pipeline steps. Pipeline meta-data can be accessed with `CI_*` variables.
  - `CI_*` prefix replaces `DRONE_*`
  - `CI` value is now `woodpecker`
  - `DRONE=true` has been removed
2021-11-25 20:43:31 +01:00
Lukas
fac0e16996
Add linter staticcheck (#535)
* Add linter staticcheck

Co-authored-by: 6543 <6543@obermui.de>
2021-11-25 17:15:36 +01:00
Lukas
116c310820
Add linter misspell (#530)
* Add linter misspell

* Fix spelling

Co-authored-by: Anbraten <anton@ju60.de>
2021-11-24 02:01:12 +01:00
Lukas
25bf91bd37
Add linter whitespace (#531) 2021-11-24 01:31:11 +01:00
6543
fe31fb1e06
Drop error only on purpose or else report back or log (#514)
- Remove Deadcode
- Simplify Code
- Drop error only on purpose
2021-11-23 15:36:52 +01:00
6543
ca8e215cfa
Migrate to Xorm (#474)
close #234

* Migrate store
* Migrate tests
* Rewrite migrations
* Init fresh DB in on step
* Rm old stuff (meddler, sql files, dead code, ...)
2021-11-13 20:18:06 +01:00
6543
aca5fddcf3
Use Goblin Assert as intended (#501)
this allow for better debugging if an error occur
2021-11-04 14:42:25 +01:00
6543
0bb62be303
Embedding libcompose types for yaml parsing (#495)
since github.com/docker/libcompose is deprecated, unmaintained and archived.

and license is the same as woodpecker's, we can just copy stuff into woodpecker directly.
(we only use types of that project anyway)
2021-10-30 17:52:02 +02:00
6543
6828057f66
Switch default git plugin (#449)
* update pipeline samples

* update docs

* use woodpeckerci/plugin-git:latest as default

* code format nit
2021-10-15 19:54:28 -05:00
Anbraten
4cc8594b63
Update links to woodpecker-ci.org (#445) 2021-10-14 18:13:57 +02:00
John Olheiser
4276a04f0c
Move entirely to zerolog (#426)
Completely switch to zerolog

(Remove usage of logrus and std logger)

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-12 09:25:13 +02:00
Masaya Watanabe
7913d6db95
Fix channel buffer used with signal.Notify (#421)
Co-authored-by: Anbraten <anton@ju60.de>
2021-10-09 03:14:25 +02:00
Masaya Watanabe
01ebbd8c2d
Fix json tag for Pos at struct Line (#422) 2021-10-09 02:43:44 +02:00
luzpaz
9b687a923e
Fix various typos (#416)
Fix various typos found via `codespell -q 3 -S vendor -L pullrequest,pullrequests`
2021-10-08 18:35:56 +02:00
6543
3254a7ca00
Fix config schema (typo in pipeline.step.when.platform) (#417)
* fix schema

* fix test fixtures
2021-10-08 18:10:17 +02:00
6543
5d8e60808d
Move cli exec flags to own file (#380)
Co-authored-by: Anbraten <anton@ju60.de>
2021-10-03 15:07:39 +02:00
Anbraten
bb37836600
Replace drone strings with woodpecker (#391)
Co-authored-by: 6543 <6543@obermui.de>
2021-10-02 10:59:34 +02:00
Anbraten
ba0286d055
Remove unused files (#392) 2021-10-02 10:25:26 +02:00
6543
7f3a6eb17f
Update Generated Proto Code (#351)
update generated code (definitions, client implementation & server interface)
and add documentation how to generate
2021-09-29 02:10:09 +02:00
Anbraten
0fa271f465
Add json schema and cli lint command (#342)
- Add json schema file
- Add tests to validate sample pipeline files
- Add new command `lint` to cli to test a directory or single file to use correct schema

Example:  `woodpecker-cli lint ./pipeline/schema/.woodpecker/`

---
close #275 
preparation for #276 


Co-authored-by: 6543 <6543@obermui.de>
2021-09-27 02:38:15 +02:00
6543
da6fa0ec70
Use moby definitions for docker pipeline backend (#364)
* Migrate from docker to moby

* moby as interface docker as implementation

* Migrate deprecated func
2021-09-26 21:51:59 +02:00
Anbraten
07d793f727
Migrate go-docker to docker/docker (#363)
closes #325
2021-09-26 14:43:14 +02:00
6543
0bd10fa507
Cleanup Code (#348)
* Fix "Empty slice declaration using a literal"
* Fix "collides with imported package name"
* Remove unused code in pipeline
* Remove unused oauth2.providerAuthHeaderWorks()
* Add TODOs
* Format Code
* Cleanup doublestar import
* Migrate deprecated functions

Co-authored-by: Anbraten <anton@ju60.de>
2021-09-24 16:29:26 +02:00
Jacob Floyd
e34daae0cf
Move cncd/pipeline/pipeline/ to pipeline/ (#347)
* Refactor: move cncd/pipeline/ to pipeline/

* Refactor: move pipeline/pipeline/ to pipeline/
2021-09-24 13:18:34 +02:00