Commit graph

92 commits

Author SHA1 Message Date
Thomas Anderson
0c3021473f
Added Woodpecker Host Config used for Webhooks (#1869)
When SCM and Woodpecker are deployed in the same cluster, I want that
SCM requests Woodpecker directly by internal URL.


![Webhook-host-diagram](https://github.com/woodpecker-ci/woodpecker/assets/127358482/c4689d55-839a-4731-95b3-5734ba561e5f)
 
This PR adds optional URL used for Webhook calls.
2023-06-18 14:47:40 +02:00
6543
5139624cf8
Migrate old logs to new database schema (#1828)
address new models based on #1802
2023-06-12 22:43:14 +02:00
qwerty287
2ccf7c6f1a
Drop Gogs support (#1752)
Gogs support is broken (and we won't fix it because we don't care about
it...) because it does not support OAuth, at least after we introduced
the new Vue UI.

See:

77d830d5b5/server/forge/gogs/gogs.go (L84)

This route is not present in the new UI.
2023-05-14 10:34:05 +02:00
meak
41a50ae915
Allow to configure port for SSL (#1735)
Co-authored-by: Mehdi Katranji <hello@mek.yt>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-05-11 06:11:10 +02:00
qwerty287
54d4ec04c0
Drop Gogs private mode (#1726)
You should use `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS` instead if repos
sent from forge as public should be authenticated
2023-04-30 14:01:11 +02:00
qwerty287
b90e7904a5
Support path prefix (#1714)
closes #1636 
closes #1429
supersedes #1586

Uses a different approach: just take the index.html compiled by vite and
replace the paths to js and other files using regex. This is not
compatible with the dev proxy which is also the reason why we can't use
go templates for this.
2023-04-29 17:51:50 +02:00
qwerty287
0970f35df5
Do not store inactive repos (#1658)
Do not sync repos with forge if the repo is not necessary in DB.

In the DB, only repos that were active once or repos that are currently
active are stored. When trying to enable new repos, the repos list is
fetched from the forge instead and displayed directly. In addition to
this, the forge func `Perm` was removed and is now merged with `Repo`.

Solves a TODO on RepoBatch.

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-21 23:01:59 +01:00
qwerty287
f582ad3159
Various enhancements in configuration (#1645)
- backends: move to cli flags instead of os.Getenv
- ssh: support 2fa with key and password
- allow to set grpc jwt secret (solves todo)
- allow to set default and max timeout (solves todo)

Closes https://github.com/woodpecker-ci/woodpecker/issues/896
Closes https://github.com/woodpecker-ci/woodpecker/issues/1131
2023-03-19 20:24:43 +01:00
qwerty287
37dc8a46e0
Drop coding support (#1644)
Coding support is likely broken and nobody will ever fix it. Also it
looks like nobody wants to use it, otherwise we would have get some bug
reports.

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-03-19 09:36:04 +01:00
Alexander Matyushentsev
9288670c61
feat: expose unprotected metrics endpoint (#1614)
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Anbraten <anton@ju60.de>
2023-03-12 09:41:10 +01:00
Earl Warren
7835a632e4
Define WOODPECKER_FORGE_TIMEOUT server config (#1558)
When a server such as Codeberg has unusually high response time, three
seconds may not be enough to fetch the configuration.

Signed-off-by: Earl Warren <contact@earl-warren.org>
Co-authored-by: 6543 <6543@obermui.de>
2023-02-01 18:53:19 +01:00
antomy-gc
6516a28cdd
Secrets encryption in database (#1475)
closes #101

Added secrets encryption in database

- Google TINK or simple AES as encryption mechanisms
- Keys rotation support on TINK
- Existing SecretService is wrapped by encryption layer
- Encryption can be enabled and disabled at any time

Co-authored-by: Kuzmin Ilya <ilia.kuzmin@indrive.com>
Co-authored-by: 6543 <6543@obermui.de>
2023-01-12 20:59:07 +01:00
Josh Soref
023d03dd61
Spelling (#1405)
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-11-09 08:12:17 +01:00
qwerty287
3372d1a87c
Rename remote to forge (#1357)
As of #745

Co-authored-by: Anbraten <anton@ju60.de>
2022-11-05 00:35:06 +01:00
Anbraten
dbbd369c9a
Migrate to certmagic (#360)
closes #219
closes #850

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2022-09-04 03:24:42 +02:00
Anbraten
cc30db44ac
Use asym key to sign webhooks (#916)
* use async key pair for webhooks

* fix tests

* fix linter

* improve code

* add key pair to database

* undo some changes

* more undo

* improve docs

* add api-endpoint

* add signaturne api endpoint

* fix error

* fix linting and test

* fix lint

* add test

* migration 006

* no need for migration

* replace httsign lib

* fix lint

Co-authored-by: 6543 <6543@obermui.de>
2022-06-01 20:06:27 +02:00
Anbraten
0b2b776ed8
Remove senders model (#923)
* remove senders
* drop table
2022-05-17 21:27:44 +02:00
qwerty287
6568751320
Allow to change forge status messages (#900)
Allow to change the status message via template option

Closes https://github.com/woodpecker-ci/woodpecker/issues/855
2022-05-12 19:07:33 +02:00
Zav Shotan
7313de2b1d
Add support for superseding runs (#831)
closes #11

Added support:
1. Environment variable `WOODPECKER_DELETE_MULTIPLE_RUNS_ON_EVENTS` (Default pull_request, push)
2. Builds will be marked as killed when they "override" another build
2022-05-09 11:26:09 +02:00
6543
58303dd2a7
Move value of default clone image into shared constant package (#873) 2022-04-06 15:30:49 +02:00
qwerty287
eb6d69e1fd
Use Gogs' try instance as default value (#852) 2022-03-27 04:05:56 +02:00
Lukas Bachschwell
c16d42f81e
Add missing flag and docs (#825)
* Add missing flag and docs

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>
Co-authored-by: Anbraten <anton@ju60.de>
2022-03-02 16:49:00 +01:00
Lukas Bachschwell
09e6460f95
Allow loading sensitive flags from files (#815)
With systems like docker swarm or docker compose it is usually a little awkward to manage secrets. 
There is no way to directly inject them into the environment config. So you often have to write your secrets directly into the compose file

There are hacky workarounds such as overriding the entry-point of the container and loading a script which then fetches secrets from /run/secrets and replaces the environment variables, but this becomes very difficult once we are using docker images built from "scratch" (which is a really great practice otherwise) as there is no shell or standard tooling available

This adds a *_FILE variant of their Environment config values to work around this issue.

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>
2022-03-01 16:09:33 +01:00
Lukas Bachschwell
59ba8538a1
Add support for pipeline configuration service (#804)
* Add configuration extension flags to server
Add httpsignatures dependency

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Add http fetching to config fetcher

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Refetch config on rebuild

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* - Ensure multipipeline compatiblity
- Send original config in http request

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Basic tests of config api

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Simple docs page

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Better flag naming

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Rename usages of the term yaml
Rename ConfigAPI struct

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Doc adjustments

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* More docs touchups

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Fix env vars in docs

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* fix json tags for api calls

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Add example config service

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Consistent naming for configService

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Docs: Change example repository location

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Fix tests after response field rename

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Revert accidential unrelated change in api hook

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Update server flag descriptions

Co-authored-by: Anbraten <anton@ju60.de>

Co-authored-by: Anbraten <anton@ju60.de>
2022-02-28 10:56:23 +01:00
Zav Shotan
905350fa15
Add support for default clone image environment variable (#769)
This allows for custom clone images for deployment in air-gap systems.

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
2022-02-10 17:05:19 +01:00
Zav Shotan
f16525fae5
Add flag to always authenticate when cloning public repositories (#760)
As a developer using an custom git server (e.g. Github Enterprise) I would like to be able to authenticate 
the user on repositories which are marked as public.

See issue: https://github.com/woodpecker-ci/woodpecker/issues/473

Ref: https://github.com/woodpecker-ci/woodpecker/pull/693#issuecomment-1025771162
2022-02-08 17:55:08 +01:00
KN4CK3R
5f79739bc0
Add documentation of all server configuration options (#666)
* Added documentation of all configuration options.

* sort some flags

* adjust config docs to current flags

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anton Bracke <anton@ju60.de>
2022-02-06 21:21:57 +01:00
Anbraten
6af94d79e3
Remove unused flags / options (#693)
Some flags where unused and / or unnecessary as they are covered by alternatives implemented in PRs of milestone 0.15.0 and just complicated the setup.

closes #681
2022-01-31 15:38:00 +01:00
6543
edbf6a3ba9
Allow to change status context again (#674)
* use flag value

* fix test

* sed -i 's/STATUS_CONTEXT/WOODPECKER_STATUS_CONTEXT/g'

* docs

* Update docs/docs/91-migrations.md

Co-authored-by: Anbraten <anton@ju60.de>
2022-01-29 20:37:36 +01:00
6543
e8807c5e53
Add "woodpeckerci/plugin-docker-buildx" to privileged plugins (#623)
* refactor global const in own package

* add "woodpeckerci/plugin-docker-buildx" to privileged plugins

* add woodpeckerci/plugin-docker
2021-12-19 12:46:36 +01:00
6543
ef597eca0c
Add flag for not fetching permissions (FlatPermissions) (#491) (#625)
Co-authored-by: Alex Eftimie <alex.eftimie@getyourguide.com>
2021-12-19 12:04:29 +01:00
Anbraten
3bee9044f1
Add flag to set oauth redirect host in dev mode (#586) 2021-12-13 20:22:09 +01:00
Anbraten
06800cb61e
Change paths to use woodpecker instead of drone (#494)
* change paths to use woodpecker instead of drone

* improve sql file migration

* add migration notice
2021-10-28 14:02:43 -05:00
6543
798c2bc8b2
Upgrade urfave/cli to v2 (#483)
* migrate urfave/ci v1 -> v2
* refactor cli (format flag)
* log error if agent can not listen on port 3000

close #452
2021-10-27 21:03:14 +02:00
John Olheiser
03bb0e69d8
Replace debug with log-level flag (#440)
* Add logging level to CLI and API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

# Conflicts:
#	server/router/router.go

* Apply suggestions from code review

Co-authored-by: Anbraten <anton@ju60.de>

* Refactor log level

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix API imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* do not relay on external default

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anbraten <anton@ju60.de>
2021-10-16 17:41:36 -05:00
Anbraten
4cc8594b63
Update links to woodpecker-ci.org (#445) 2021-10-14 18:13:57 +02:00
John Olheiser
4276a04f0c
Move entirely to zerolog (#426)
Completely switch to zerolog

(Remove usage of logrus and std logger)

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-12 09:25:13 +02:00
6543
169e7e5aa3
Refactor Gitlab Remote (#358)
- Replace custom client
- Update Docs
- Test if it works
- Update Tests

close #285
2021-10-03 14:42:47 +02:00
Anbraten
bb37836600
Replace drone strings with woodpecker (#391)
Co-authored-by: 6543 <6543@obermui.de>
2021-10-02 10:59:34 +02:00
Marian Steinbach
17b8867b96
Clean up config environment variables for server and agent (#218)
The goal here is to make consistent use of configuration environment variables prefixed `WOODPECKER_`. Where several variants existed, this PR aims to remove all but one option, leaving the most explicit.

This PR only changes server and agent code, but not documentation, in order to keep the PR digestible. Once we have consensus that this is correct, I'll change docs accordingly.

User (rather: admin) facing changes in this PR:

- In general, support for all server and agent config environment variables (env vars) starting with `DRONE_` is removed. The according `WOODPECKER_*` variables must be used instead.
- The env var `WOODPECKER_HOST` replaces `DRONE_HOST`, and `DRONE_SERVER_HOST`.
- The env var `WOODPECKER_AGENT_SECRET` is used to configure the shared secret which agents use to authenticate against the server. It replaces `WOODPECKER_SECRET`, `DRONE_SECRET`, `WOODPECKER_PASSWORD`, `DRONE_PASSWORD`, and `DRONE_AGENT_SECRET`.
- The env var `WOODPECKER_DATABASE_DRIVER` replaces `DRONE_DATABASE_DRIVER` and `DATABASE_DRIVER`.
- The env var `WOODPECKER_DATABASE_DATASOURCE` replaces `DRONE_DATABASE_DATASOURCE` and `DATABASE_CONFIG`.
2021-09-28 15:43:44 +02:00
Anbraten
bd19f90756
Replace www-path with www-proxy option for development (#248)
By adding a new ENV variable called `WOODPECKER_WWW_PROXY` it is possible to serve a webinterface via a proxy configured by the `WOODPECKER_WWW_PROXY` value for development instead of serving the interface from the bundled code or from some folder location as the old `WOODPECKER_WWW` option allowed. Using a proxy allows developing the UI with hot-reloading.
2021-09-27 00:22:23 +02:00
Anbraten
b3d40024a9
Rename cmd agent and server folders and binaries (#330)
Renamed `cmd/drone-agent` to `cmd/agent` and `cmd/drone-server` to `cmd/server` and binaries to get rid of the drone name.
2021-09-21 17:06:13 +02:00
Renamed from cmd/drone-server/flags.go (Browse further)