Commit graph

6141 commits

Author SHA1 Message Date
qwerty287
43e80c17b7
Fix client example (#2085)
closes #2071
2023-08-01 17:16:45 +02:00
Robert Kaussow
e1a273d25d
Update docs deps to address cves (#2080)
Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078

Remaining CVEs:

```
❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/
2023-08-01T10:02:36.911+0200	INFO	Vulnerability scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	Secret scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-01T10:02:36.911+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection
2023-08-01T10:02:36.963+0200	INFO	Number of language-specific files: 1
2023-08-01T10:02:36.963+0200	INFO	Detecting pnpm vulnerabilities...

pnpm-lock.yaml (pnpm)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Installed Version │ Fixed Version  │                            Title                             │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ got     │ CVE-2022-33987 │ MEDIUM   │ 9.6.0             │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to   │
│         │                │          │                   │                │ UNIX sockets                                                 │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2022-33987                   │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ trim    │ CVE-2020-7753  │ HIGH     │ 0.0.1             │ 0.0.3          │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │
│         │                │          │                   │                │ trim function                                                │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2020-7753                    │
└─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
```

- `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored
due to
https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259
- `got` can be ignored as well, see `trim`
2023-08-01 13:30:44 +02:00
praneeth-ovckd
9f987155f3
Fix WOODPECKER_GRPC_VERIFY being ignored (#2077)
This fixes #2076
2023-08-01 09:06:27 +02:00
Anbraten
e0ed1b3e49
Change master to main (#2044) 2023-07-31 05:47:23 +02:00
6543
7efb15bf9c
Publish releases and branch tags to quay.io too (#2069)
address  #1995
2023-07-31 04:26:27 +02:00
lonix1
390295c844
fix: global registry docs (#2070)
The
[docs](https://woodpecker-ci.org/docs/administration/server-config#global-registry-setting)
for global registry are missing the part that shows that the docker
config must be mounted.

I mounted to `root`'s home directory, as that is the user running the
container.
2023-07-31 04:17:07 +02:00
Anbraten
5a812e3254
Remove default branch fallbacks (#2065) 2023-07-30 18:28:52 +02:00
Anbraten
4731eeb5db
Improve bitbucket docs (#2066) 2023-07-30 17:52:47 +02:00
6543
264f12fb54
Blog post for v1.0.0 release (#2055)
introduce the v1.0.0

---------
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2023-07-29 16:05:44 +02:00
6543
e01c478066
Update Changelog for v1.0.0 Release (#2058) 2023-07-29 14:53:27 +02:00
6543
960a52bc0b
Add breaking note for command: removal (#2056)
close  #2054

as we missed at #1032 that it was mentioned at one point in the docs and
so it was a breaking change
2023-07-29 14:52:43 +02:00
Philipp
c96fc3f27a
Bump default clone image version to 2.1.0 (#2053)
We need v2.1.0 as it uses the CI_REPO_CLONE_URL and not the deprecated CI_REPO_REMOTE.
2023-07-28 20:36:08 +02:00
6543
da9bfa64ce
Fix docs nit and add rm todo for v1.2.0 (#2049) 2023-07-28 15:33:23 +02:00
6543
a83b0fcfd3
Drop deprecated built-in environment variables (#2048)
Drop:
 - `CI_BUILD_*`
 - `CI_PREV_BUILD_*`
 - `CI_JOB_*`
 - `*_LINK`
 - `CI_SYSTEM_ARCH`
 - `CI_REPO_REMOTE`
2023-07-28 14:58:20 +02:00
6543
27c0ff502e
Remove fallback check for old sqlite file location (#2046)
non breaking as we did fix or hard fail in last version, now we just
don't check anymore

---------

Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2023-07-28 13:31:25 +02:00
6543
6d373daea0
Handle case where there is no latest pipeline for GetBadge (#2042)
address  error 2 of #2036
2023-07-28 00:34:22 +02:00
6543
bc2e2c7a1b
let generic datastore error include func name (#2041)
error logs like:
```
{"level":"warn","error":"sql: no rows in result set","time":"2023-07-25T21:29:56Z"}
```

have to less context to be helpfull.
this will cange it as the message now looks like:

```
{"level":"warn","error":"GetPipelineLast: sql: no rows in result set", "time":"2023-07-27T02:54:25+02:00"}
```
2023-07-27 21:22:24 +02:00
6543
1d2f594fc6
update docs about versioning (#2043)
#2040 did point out, it needs to be better clarified
2023-07-27 15:46:20 +02:00
Robert Kaussow
b824693b0a
Fix wrong repo url used by badges (#2037)
---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-27 02:08:06 +02:00
6543
1da0ad38a8
Set v1.0 documents as default and mark v0.15 as unmaintained (#2034) 2023-07-26 20:06:43 +02:00
6543
c695175d21
Fix release branch and tagging (#2033)
frontport pipeline fixes
2023-07-25 16:29:01 +02:00
Robert Kaussow
84b597478f
Add ping command to server to allow container healthchecks (#2030)
Fixes: https://github.com/woodpecker-ci/woodpecker/issues/1943

Note: Kubernetes ignores the container `HEALTHCHECK` by default.

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-25 15:55:29 +02:00
6543
6b59143c44
ci: run workflows on tagging too 2023-07-25 14:18:04 +02:00
6543
1c116daf08
Create docs for v1.0.x (#1855)
and also fix / enhance some
2023-07-25 12:41:58 +02:00
Robert Kaussow
2e954801b8
Always use a static back route (#2028)
Fixes: https://github.com/woodpecker-ci/woodpecker/issues/1998

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-24 20:06:26 +02:00
Robert Kaussow
c0216deb43
Return to users list after creating a new user (#2029)
Fixes:
https://github.com/woodpecker-ci/woodpecker/issues/1314#issuecomment-1503635132
2023-07-24 19:05:18 +02:00
6543
b3c2bb2e15
disable building windows container images 2023-07-22 01:04:48 +02:00
6543
914eaa0cf8
Add Changelog for v1.0.0 RC1 (#1854)
add changelog for the v1.0.0 release candidate
2023-07-21 22:07:31 +02:00
lonix1
a143ef4779
docs: advanced pipeline management (#2018)
Various ways to factor out common data in a pipeline file - having them
in one place rather than spread out over many pages, will help newbies
like me.
2023-07-21 21:58:17 +02:00
6543
4d2f824fb8
fix docs nits (#2025) 2023-07-21 21:56:24 +02:00
Anbraten
e5d5ec8b47
Use id to access orgs (#1873)
closes #1743 

fixes: setting secrets for own user namespace

- create org in database
- use orgID for org related APIs

Co-authored-by: 6543 <6543@obermui.de>
2023-07-21 19:45:32 +02:00
6543
aec2051071
Fix "check_swagger" step (#2024) 2023-07-20 22:12:32 +02:00
6543
3cd78c9409
Refactor agent (#2021)
- code cleanup
- init backend engine only once
- pass a taskUUID to the backend

---
*Sponsored by Kithara Software GmbH*
2023-07-20 20:39:20 +02:00
6543
f464156917
Enhance development on windows (#2022)
- make sure git store files with LF on windows too
- append .exe on windows as target for build targets too
2023-07-20 20:06:09 +03:00
6543
3a85559763
Remove code to read agent-id.conf (#2009)
I want to have c805c87e90 published at
least for 2 days ...
... so the migration did happen
2023-07-19 22:09:06 +02:00
6543
2e851ba4a0
Release windows build for server too (#2012)
and other build enhancements
2023-07-18 18:46:27 +02:00
6543
572449b845
make pending pipelines cancable (#2013)
in some edgecases we get pipelines that we can not cancle via WebUI.

fix https://codeberg.org/Codeberg-CI/feedback/issues/126
2023-07-18 06:12:17 +02:00
6543
a890a0d4d4
Move securitychecks into own workflow (#1753) 2023-07-17 21:32:05 +02:00
Michalis Zampetakis
dcba48f916
Add bitbucket forge BranchHead implementation (#2011)
In order to test this functionality, we had to expose the `BranchHead()`
through an API endpoint
```
GET /repos/{repo_id}/branches/{branch}/head
```

The response is a string that contains the latest commit hash of the
requested branch.
2023-07-17 21:30:06 +02:00
6543
c805c87e90
fix write agent config 2023-07-17 14:53:02 +02:00
Lauris BH
724a3bf56e
Fix agent config reading error handling (#2008)
Currently for non-existing config file it would report error instead of info message
2023-07-17 14:22:32 +02:00
6543
1b646a28b4
Index stepID for logEntries so loading time decrease significantly (#2006)
speedup from 2min loading to 0.01sec :D

got missed by  #1802
2023-07-17 02:35:20 +03:00
Robert Kaussow
0c46ba4d80
Add option to configure the vite dev server host (#2005)
If you want to run the vite dev server in a container, it needs to be
exposed to `0.0.0.0`.
2023-07-16 21:31:36 +02:00
Robert Kaussow
37fcc26330
Use unified rounded corners for all elements in the nav bar (#2000)
Nav bar:
![Bildschirmfoto vom 2023-07-15
13-43-18](https://github.com/woodpecker-ci/woodpecker/assets/3391958/addb0064-b230-412c-9aae-fbfa8c39b839)

![image](https://github.com/woodpecker-ci/woodpecker/assets/3391958/21e08079-864d-425a-a4e3-17009094b2c6)

![image](https://github.com/woodpecker-ci/woodpecker/assets/3391958/433bf33b-2124-434b-9f16-e5f586f4d4ec)

Other icon buttons:
![Bildschirmfoto vom 2023-07-15
13-50-18](https://github.com/woodpecker-ci/woodpecker/assets/3391958/c070b09d-2700-4eac-97ed-b4bef42ea3e6)
2023-07-15 15:47:15 +02:00
Robert Kaussow
443c23c58a
Use global logger for xorm logs and add options (#1997)
Please let me know if this goes in the right direction. Needs some tests and docs.
2023-07-15 01:15:13 +02:00
Robert Kaussow
669abdf690
Add makefile to make container and .pnpn-store to gitignore (#1996)
Running `make in_docker ...` on a fresh system failed:

```
 => CACHED [stage-1 3/6] COPY --from=golang_image /usr/local/go /usr/local/go                                                                                                                                                                            0.0s
 => ERROR [stage-1 4/6] RUN make install-tools &&   mv /root/go/bin/* /usr/local/go/bin/ &&   chmod 755 /usr/local/go/bin/*                                                                                                                              0.1s
------                                                                                                                                                                                                                                                        
 > [stage-1 4/6] RUN make install-tools &&   mv /root/go/bin/* /usr/local/go/bin/ &&   chmod 755 /usr/local/go/bin/*:
0.132 make: *** No rule to make target 'install-tools'.  Stop.
------
Dockerfile.make:14
--------------------
  13 |     # Cache tools
  14 | >>> RUN make install-tools && \
  15 | >>>   mv /root/go/bin/* /usr/local/go/bin/ && \
  16 | >>>   chmod 755 /usr/local/go/bin/*
  17 |     
--------------------
```

Fixed after adding the Makefile to the make container.
2023-07-14 16:14:00 +02:00
6543
d9991e67e5
let HookParse func explicit ignore events (#1942)
for now it's not clear defined, what to do on an unsupported event.
e.g. gitea webhook panel shows 500 error and no message.

now we have a successful webhook and a message to show an info
2023-07-14 02:03:54 +02:00
Patrick Schratz
004d72a853
Link swagger in navbar (#1984)
fix point 1 from #1944 

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-07-13 20:34:02 +02:00
qwerty287
a778b5fb90
Do not use window.WOODPECKER_* variables directly (#1992)
use the config helper instead
2023-07-13 15:57:50 +02:00
qwerty287
570f5044e8
Drop support for Bitbucket Server (#1994)
Closes #1962
2023-07-13 15:47:25 +02:00