Commit graph

57 commits

Author SHA1 Message Date
6543
5a7b689e30
Switch to go vanity urls (#2706)
Co-authored-by: Anbraten <anton@ju60.de>
2023-11-07 08:04:33 +01:00
qwerty287
d284aeb545
Fix default status (#2715)
Regression #2695

probably closes #2716
2023-11-03 13:00:34 +01:00
qwerty287
abb2f280eb
Unique status for matrix (#2695)
implement this fix but with an additional field on workflows to not
change the workflow name

closes #1840 
closes #713

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-11-01 17:28:02 +01:00
qwerty287
aeb7bcb26a
Remove WOODPECKER_DOCS config (#2647) 2023-10-25 15:05:19 +02:00
Tom Kneiphof
baaf8b97e1
Fix usage of WOODPECKER_ROOT_PATH (#2485)
I had experienced some issues running Woodpecker behind a reverse-proxy,
resulting from not defining the `WOODPECKER_ROOT_PATH` environment
variable in #2477.

As suggested by @qwerty287, specifying `WOODPECKER_ROOT_PATH=/foo`
*mostly* solved the issue of running the woodpecker server at an url
like `https://example.org/foo`.
However, the webhook urls and badge urls were generated excluding the
configured `WOODPECKER_ROOT_PATH`.

This PR (mostly) fixes issues related to non-empty
`WOODPECKER_ROOT_PATH`.

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-09-22 16:43:31 +02:00
Robert Kaussow
008a8c6acb
Fix usage description for backend-http-proxy flag (#2250) 2023-08-19 16:27:21 +02:00
6543
d253f8cc30
Make sure we dont have hidden options for backend and pipeline compiler (#2123)
move options based on **os.Getenv** into flags

---------
*Sponsored by Kithara Software GmbH*
2023-08-07 21:13:26 +02:00
6543
3d4758578a
Add opt save global log output to file (#2115)
close  #1933

---------
*Sponsored by Kithara Software GmbH*
2023-08-07 20:47:30 +02:00
qwerty287
67b7de5cc2
Fix UI and backend paths with subpath (#1799)
I'm not sure if this is an ideal fix for this, but it seems to work for
me. If you have another idea just let me know.

Closes #1798 
Closes #1773
2023-08-07 16:05:18 +02:00
qwerty287
1a7f7a9427
Allow to disable swagger (#2093)
https://github.com/woodpecker-ci/woodpecker/issues/1944
2023-08-03 02:42:30 +02:00
Robert Kaussow
443c23c58a
Use global logger for xorm logs and add options (#1997)
Please let me know if this goes in the right direction. Needs some tests and docs.
2023-07-15 01:15:13 +02:00
qwerty287
570f5044e8
Drop support for Bitbucket Server (#1994)
Closes #1962
2023-07-13 15:47:25 +02:00
Robert Kaussow
fe7eb64bf9
Add option to read grpc-secret from file (#1972) 2023-07-10 23:53:02 +02:00
Martin W. Kirst
2c1fc4b500
support custom .JS and .CSS files for custom banner messages (white-labeling) (#1781)
This PR introduces two new server configuration options, for providing a
custom .JS and .CSS file.
These can be used to show custom banner messages, add
environment-dependent signals, or simply a corporate logo.

### Motivation (what problem I try to solve)

I'm operating Woodpecker in multiple k8s clusters for different
environments.
When having multiple browser tabs open, I prefer strong indicators for
each environment.
E.g. a red "PROD" banner, or just a blue "QA" banner.
Also, we sometimes need to have the chance for maintenance, and instead
of broadcasting emails,
I prefer a banner message, stating something like: "Heads-up: there's a
planned downtime, next Friday, blabla...".

Also, I like to have the firm's logo visible, which makes Woodpecker
look more like an integral part of our platform.

### Implementation notes

* Two new config options are introduced ```WOODPECKER_CUSTOM_CSS_FILE```
and ```WOODPECKER_CUSTOM_JS_FILE```
* I've piggy-bagged the existing handler for assets, as it seemed to me
a minimally invasive approach
* the option along with an example is documented
* a simple unit test for the Gin-handler ensures some regression safety
* no extra dependencies are introduced

### Visual example

The documented example will look like this.

![Screenshot 2023-05-27 at 17 00
44](https://github.com/woodpecker-ci/woodpecker/assets/1189394/8940392e-463c-4651-a1eb-f017cd3cd64d)

### Areas of uncertainty 

This is my first contribution to Woodpecker and I tried my best to align
with your conventions.
That said, I found myself uncertain about these things and would be glad
about getting feedback.

* The handler tests are somewhat different than the other ones because I
wanted to keep them simple - I hope that still matches your coding
guidelines
* caching the page sometimes will let the browser not recognize changes
and a user must reload. I'm not fully into the details of how caching is
implemented and neither can judge if it's a real problem. Another pair
of eyes would be good.
2023-07-10 12:46:35 +02:00
qwerty287
cd982fcbd1
Fix pipeline status calculation/reporting (#1898)
Closes #1895 
Regression of #1784
2023-06-29 14:56:01 +02:00
Thomas Anderson
0c3021473f
Added Woodpecker Host Config used for Webhooks (#1869)
When SCM and Woodpecker are deployed in the same cluster, I want that
SCM requests Woodpecker directly by internal URL.


![Webhook-host-diagram](https://github.com/woodpecker-ci/woodpecker/assets/127358482/c4689d55-839a-4731-95b3-5734ba561e5f)
 
This PR adds optional URL used for Webhook calls.
2023-06-18 14:47:40 +02:00
6543
5139624cf8
Migrate old logs to new database schema (#1828)
address new models based on #1802
2023-06-12 22:43:14 +02:00
qwerty287
2ccf7c6f1a
Drop Gogs support (#1752)
Gogs support is broken (and we won't fix it because we don't care about
it...) because it does not support OAuth, at least after we introduced
the new Vue UI.

See:

77d830d5b5/server/forge/gogs/gogs.go (L84)

This route is not present in the new UI.
2023-05-14 10:34:05 +02:00
meak
41a50ae915
Allow to configure port for SSL (#1735)
Co-authored-by: Mehdi Katranji <hello@mek.yt>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-05-11 06:11:10 +02:00
qwerty287
54d4ec04c0
Drop Gogs private mode (#1726)
You should use `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS` instead if repos
sent from forge as public should be authenticated
2023-04-30 14:01:11 +02:00
qwerty287
b90e7904a5
Support path prefix (#1714)
closes #1636 
closes #1429
supersedes #1586

Uses a different approach: just take the index.html compiled by vite and
replace the paths to js and other files using regex. This is not
compatible with the dev proxy which is also the reason why we can't use
go templates for this.
2023-04-29 17:51:50 +02:00
qwerty287
0970f35df5
Do not store inactive repos (#1658)
Do not sync repos with forge if the repo is not necessary in DB.

In the DB, only repos that were active once or repos that are currently
active are stored. When trying to enable new repos, the repos list is
fetched from the forge instead and displayed directly. In addition to
this, the forge func `Perm` was removed and is now merged with `Repo`.

Solves a TODO on RepoBatch.

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-03-21 23:01:59 +01:00
qwerty287
f582ad3159
Various enhancements in configuration (#1645)
- backends: move to cli flags instead of os.Getenv
- ssh: support 2fa with key and password
- allow to set grpc jwt secret (solves todo)
- allow to set default and max timeout (solves todo)

Closes https://github.com/woodpecker-ci/woodpecker/issues/896
Closes https://github.com/woodpecker-ci/woodpecker/issues/1131
2023-03-19 20:24:43 +01:00
qwerty287
37dc8a46e0
Drop coding support (#1644)
Coding support is likely broken and nobody will ever fix it. Also it
looks like nobody wants to use it, otherwise we would have get some bug
reports.

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-03-19 09:36:04 +01:00
Alexander Matyushentsev
9288670c61
feat: expose unprotected metrics endpoint (#1614)
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Anbraten <anton@ju60.de>
2023-03-12 09:41:10 +01:00
Earl Warren
7835a632e4
Define WOODPECKER_FORGE_TIMEOUT server config (#1558)
When a server such as Codeberg has unusually high response time, three
seconds may not be enough to fetch the configuration.

Signed-off-by: Earl Warren <contact@earl-warren.org>
Co-authored-by: 6543 <6543@obermui.de>
2023-02-01 18:53:19 +01:00
antomy-gc
6516a28cdd
Secrets encryption in database (#1475)
closes #101

Added secrets encryption in database

- Google TINK or simple AES as encryption mechanisms
- Keys rotation support on TINK
- Existing SecretService is wrapped by encryption layer
- Encryption can be enabled and disabled at any time

Co-authored-by: Kuzmin Ilya <ilia.kuzmin@indrive.com>
Co-authored-by: 6543 <6543@obermui.de>
2023-01-12 20:59:07 +01:00
Josh Soref
023d03dd61
Spelling (#1405)
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-11-09 08:12:17 +01:00
qwerty287
3372d1a87c
Rename remote to forge (#1357)
As of #745

Co-authored-by: Anbraten <anton@ju60.de>
2022-11-05 00:35:06 +01:00
Anbraten
dbbd369c9a
Migrate to certmagic (#360)
closes #219
closes #850

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2022-09-04 03:24:42 +02:00
Anbraten
cc30db44ac
Use asym key to sign webhooks (#916)
* use async key pair for webhooks

* fix tests

* fix linter

* improve code

* add key pair to database

* undo some changes

* more undo

* improve docs

* add api-endpoint

* add signaturne api endpoint

* fix error

* fix linting and test

* fix lint

* add test

* migration 006

* no need for migration

* replace httsign lib

* fix lint

Co-authored-by: 6543 <6543@obermui.de>
2022-06-01 20:06:27 +02:00
Anbraten
0b2b776ed8
Remove senders model (#923)
* remove senders
* drop table
2022-05-17 21:27:44 +02:00
qwerty287
6568751320
Allow to change forge status messages (#900)
Allow to change the status message via template option

Closes https://github.com/woodpecker-ci/woodpecker/issues/855
2022-05-12 19:07:33 +02:00
Zav Shotan
7313de2b1d
Add support for superseding runs (#831)
closes #11

Added support:
1. Environment variable `WOODPECKER_DELETE_MULTIPLE_RUNS_ON_EVENTS` (Default pull_request, push)
2. Builds will be marked as killed when they "override" another build
2022-05-09 11:26:09 +02:00
6543
58303dd2a7
Move value of default clone image into shared constant package (#873) 2022-04-06 15:30:49 +02:00
qwerty287
eb6d69e1fd
Use Gogs' try instance as default value (#852) 2022-03-27 04:05:56 +02:00
Lukas Bachschwell
c16d42f81e
Add missing flag and docs (#825)
* Add missing flag and docs

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>
Co-authored-by: Anbraten <anton@ju60.de>
2022-03-02 16:49:00 +01:00
Lukas Bachschwell
09e6460f95
Allow loading sensitive flags from files (#815)
With systems like docker swarm or docker compose it is usually a little awkward to manage secrets. 
There is no way to directly inject them into the environment config. So you often have to write your secrets directly into the compose file

There are hacky workarounds such as overriding the entry-point of the container and loading a script which then fetches secrets from /run/secrets and replaces the environment variables, but this becomes very difficult once we are using docker images built from "scratch" (which is a really great practice otherwise) as there is no shell or standard tooling available

This adds a *_FILE variant of their Environment config values to work around this issue.

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>
2022-03-01 16:09:33 +01:00
Lukas Bachschwell
59ba8538a1
Add support for pipeline configuration service (#804)
* Add configuration extension flags to server
Add httpsignatures dependency

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Add http fetching to config fetcher

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Refetch config on rebuild

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* - Ensure multipipeline compatiblity
- Send original config in http request

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Basic tests of config api

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Simple docs page

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Better flag naming

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Rename usages of the term yaml
Rename ConfigAPI struct

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Doc adjustments

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* More docs touchups

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Fix env vars in docs

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* fix json tags for api calls

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Add example config service

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Consistent naming for configService

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Docs: Change example repository location

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Fix tests after response field rename

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Revert accidential unrelated change in api hook

Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at>

* Update server flag descriptions

Co-authored-by: Anbraten <anton@ju60.de>

Co-authored-by: Anbraten <anton@ju60.de>
2022-02-28 10:56:23 +01:00
Zav Shotan
905350fa15
Add support for default clone image environment variable (#769)
This allows for custom clone images for deployment in air-gap systems.

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
2022-02-10 17:05:19 +01:00
Zav Shotan
f16525fae5
Add flag to always authenticate when cloning public repositories (#760)
As a developer using an custom git server (e.g. Github Enterprise) I would like to be able to authenticate 
the user on repositories which are marked as public.

See issue: https://github.com/woodpecker-ci/woodpecker/issues/473

Ref: https://github.com/woodpecker-ci/woodpecker/pull/693#issuecomment-1025771162
2022-02-08 17:55:08 +01:00
KN4CK3R
5f79739bc0
Add documentation of all server configuration options (#666)
* Added documentation of all configuration options.

* sort some flags

* adjust config docs to current flags

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anton Bracke <anton@ju60.de>
2022-02-06 21:21:57 +01:00
Anbraten
6af94d79e3
Remove unused flags / options (#693)
Some flags where unused and / or unnecessary as they are covered by alternatives implemented in PRs of milestone 0.15.0 and just complicated the setup.

closes #681
2022-01-31 15:38:00 +01:00
6543
edbf6a3ba9
Allow to change status context again (#674)
* use flag value

* fix test

* sed -i 's/STATUS_CONTEXT/WOODPECKER_STATUS_CONTEXT/g'

* docs

* Update docs/docs/91-migrations.md

Co-authored-by: Anbraten <anton@ju60.de>
2022-01-29 20:37:36 +01:00
6543
e8807c5e53
Add "woodpeckerci/plugin-docker-buildx" to privileged plugins (#623)
* refactor global const in own package

* add "woodpeckerci/plugin-docker-buildx" to privileged plugins

* add woodpeckerci/plugin-docker
2021-12-19 12:46:36 +01:00
6543
ef597eca0c
Add flag for not fetching permissions (FlatPermissions) (#491) (#625)
Co-authored-by: Alex Eftimie <alex.eftimie@getyourguide.com>
2021-12-19 12:04:29 +01:00
Anbraten
3bee9044f1
Add flag to set oauth redirect host in dev mode (#586) 2021-12-13 20:22:09 +01:00
Anbraten
06800cb61e
Change paths to use woodpecker instead of drone (#494)
* change paths to use woodpecker instead of drone

* improve sql file migration

* add migration notice
2021-10-28 14:02:43 -05:00
6543
798c2bc8b2
Upgrade urfave/cli to v2 (#483)
* migrate urfave/ci v1 -> v2
* refactor cli (format flag)
* log error if agent can not listen on port 3000

close #452
2021-10-27 21:03:14 +02:00
John Olheiser
03bb0e69d8
Replace debug with log-level flag (#440)
* Add logging level to CLI and API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

# Conflicts:
#	server/router/router.go

* Apply suggestions from code review

Co-authored-by: Anbraten <anton@ju60.de>

* Refactor log level

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix API imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* do not relay on external default

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anbraten <anton@ju60.de>
2021-10-16 17:41:36 -05:00