closes#101
Added secrets encryption in database
- Google TINK or simple AES as encryption mechanisms
- Keys rotation support on TINK
- Existing SecretService is wrapped by encryption layer
- Encryption can be enabled and disabled at any time
Co-authored-by: Kuzmin Ilya <ilia.kuzmin@indrive.com>
Co-authored-by: 6543 <6543@obermui.de>
Since "success" and "failure" are the only two possible values, and
"success" is considered to be included by default, the existing code can
also be simplified a little.
This has the side effect of ignoring the "exclude" part of the
constraint completely. I put it in the tests just to make sure the
workaround in
https://github.com/woodpecker-ci/woodpecker/issues/1181#issuecomment-1347253585
continues to work as expected, but couldn't think of any legitimate use
cases for it.
Fixes#1181
Currently translated at 81.8% (194 of 237 strings)
Translated using Weblate (Russian)
Currently translated at 81.8% (194 of 237 strings)
Translated using Weblate (Indonesian)
Currently translated at 100.0% (237 of 237 strings)
Co-authored-by: Ernest Shefer <shef-er@ya.ru>
Co-authored-by: Leonid Maslakov <root@lcomrade.su>
Co-authored-by: Linerly <linerly@protonmail.com>
Translate-URL: http://translate.woodpecker-ci.org/projects/woodpecker-ci/ui/id/
Translate-URL: http://translate.woodpecker-ci.org/projects/woodpecker-ci/ui/ru/
Translation: Woodpecker CI/UI
Currently translated at 71.7% (170 of 237 strings)
Translated using Weblate (Russian)
Currently translated at 71.7% (170 of 237 strings)
Co-authored-by: Ernest Shefer <shef-er@ya.ru>
Co-authored-by: Leonid Maslakov <root@lcomrade.su>
Co-authored-by: Weblate <noreply@weblate.org>
Translate-URL: http://translate.woodpecker-ci.org/projects/woodpecker-ci/ui/ru/
Translation: Woodpecker CI/UI
Currently translated at 100.0% (228 of 228 strings)
Translated using Weblate (Spanish)
Currently translated at 23.2% (53 of 228 strings)
Translated using Weblate (Spanish)
Currently translated at 23.2% (53 of 228 strings)
Co-authored-by: Julio Loayza <julio+woodpecker@loayzameneses.com>
Co-authored-by: Michael <misc+weblatewoodp@zarb.org>
Co-authored-by: Roger Steve Ruiz <roger@0p9.co>
Translate-URL: http://translate.woodpecker-ci.org/projects/woodpecker-ci/ui/es/
Translate-URL: http://translate.woodpecker-ci.org/projects/woodpecker-ci/ui/fr/
Translation: Woodpecker CI/UI
Provide up to date drone compatibility environment variables to each step execution.
closes#1416
Before a step is executed, some environemnt variables are updated.
This ensures, that the updated environment variables are copied to their corresponding `DRONE_` environemt variables.
Side effect is that the `DRONE_` environemnt variables are no longer available in the metadata which should not harm as they are not used inside woodpecker.
As discussed in the comments in PR #1197. Also add documenation
accordingly.
One thing I'm not sure about is the simple check in health.go if the
address is usable in the GET request or not. From reading
https://pkg.go.dev/net#Dial it seems that the only non-standard address
format that would work in the `net` package but not in a GET url would
likely only be `:port`, as the others listed here are actually also
valid urls:
`For TCP, UDP and IP networks, if the host is empty or a literal
unspecified IP address, as in ":80", "0.0.0.0:80" or "[::]:80" for TCP
and UDP, "", "0.0.0.0" or "::" for IP, the local system is assumed.`
One additional thing I noticed is that while `WOODPECKER_SERVER_ADDR`
and `WOODPECKER_SERVER_ADDR` use the default value format of `:PORT`,
`WOODPECKER_SERVER` actually uses `localhost:9000`. I guess it makes a
bit of sense, considering the server might not be local to the agent,
but it looks a bit inconsistent this way. I don't think it would hurt to
make the `WOODPECKER_HEALTHCHECK_ADDR` in this format too, but then it's
different from the server flags again... :-)
closes#1181closes#834
Adds `ignore_failure` to pipeline steps. When it's set to true,
if the step fails the following steps continue to execute as if no failure had occurred.
---
failure enums idea:
* fail (default) = if other steps run in parallel, wait for them and
then let workflow fail
* cancel = if other steps run in parallel, kill them
* ignore = we mark the step as failed but it wont have any impact
