Thomas Anderson
9bbc446009
Kubernetes AppArmor and seccomp ( #3123 )
...
Closes #2545
seccomp
https://kubernetes.io/docs/tutorials/security/seccomp/
https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/135-seccomp/README.md
AppArmor
https://kubernetes.io/docs/tutorials/security/apparmor/
fddcbb9cbf/keps/sig-node/24-apparmor/README.md
Went ahead and implemented API from KEP-24 above.
2024-01-12 23:32:24 +01:00
Robert Kaussow
9bbba4441d
Enable golangci linter forcetypeassert ( #3168 )
...
Split out from https://github.com/woodpecker-ci/woodpecker/pull/2960
2024-01-12 02:01:02 +01:00
6543
f8fb28e651
More docker backend test remove more undocumented ( #3156 )
...
remove Sysctls and IpcMode
2024-01-11 19:30:13 +01:00
qwerty287
f56f9cb1c0
Cleanups + prefer .yaml ( #3069 )
...
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2024-01-11 18:43:54 +01:00
Robert Kaussow
7756c60a33
Enable golangci linter stylecheck ( #3167 )
...
This PR only fixes error string formatting, log message strings are
still mixed upper/lowercase (see
https://github.com/woodpecker-ci/woodpecker/pull/3161#issuecomment-1885140649 )
and I'm not aware of a linter to enforce it.
2024-01-10 22:56:42 +01:00
qwerty287
12c40eb957
Enable gocritic
and don't ignore globally ( #3159 )
...
Use `nolint` directives instead.
From #2960
2024-01-10 15:34:44 +01:00
qwerty287
1b380ff4b4
Enable nolintlint
( #3158 )
2024-01-10 12:11:18 +01:00
6543
cd59a85230
Use name in backend types instead of alias ( #3142 )
2024-01-09 15:22:59 +01:00
6543
1eacf74376
Remove duplicate assignment of CI_STEP_NAME
( #3139 )
...
Co-authored-by: Anbraten <anton@ju60.de>
2024-01-09 08:56:28 +01:00
qwerty287
5517d87dd6
Fix step depends_on
as string in schema ( #3099 )
2024-01-01 12:16:36 +01:00
Anbraten
6fbf98f1b9
Fix slice unmarshaling ( #3097 )
...
closes #3055
2024-01-01 11:03:31 +01:00
6543
8b47b3a978
make event in pipeline schema also a constraint_list ( #3082 )
2023-12-31 08:49:46 +01:00
6543
2cb7669413
add just more dag tests ( #3083 )
2023-12-30 16:45:11 +01:00
qwerty287
a37af3eeac
Add imports checks to linter ( #3056 )
...
supersedes https://github.com/woodpecker-ci/woodpecker/pull/874
---------
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
2023-12-29 21:19:42 +01:00
qwerty287
7e2ea306c4
Remove workflow version again ( #3052 )
2023-12-28 14:34:13 +01:00
Kamila Borowska
4bc2fed550
Fix DAG cycle detection ( #3049 )
...
Previously a graph like this.
a <- b
^ ^
| |
c <- d
Was incorrectly recognized as having a cycle.
Fixes #3048 .
2023-12-28 00:14:28 +01:00
6543
840fca198e
make backend step dag generation deterministic ( #3037 )
...
the the generation for backend steps if a dag is used deterministic.
this also fix where the test randomly fail like in:
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11057/30
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11076/25
2023-12-27 12:38:33 +02:00
Anbraten
f01ac3f0a3
Add pull request closed event ( #2684 )
...
- [x] updates docs
- [x] adjust UI
- [x] show correct icon
- [x] show correct link (to pr)
- [x] add as option in secret edit
- [x] parse webhook
- [x] update tests
- [x] github merged
- [x] github closed
- [x] gitea merged
- [x] gitea closed
- [x] bitbucket merged
- [x] bitbucket closed
- [x] gitlab merged
- [x] gitlab closed
closes #286
2023-12-26 19:22:52 +01:00
Anbraten
2b1e5f35de
Add depends_on support for steps ( #2771 )
...
Co-authored-by: 6543 <6543@obermui.de>
2023-12-24 12:14:30 +01:00
Thomas Anderson
253d702bc7
Fix IPv6 host aliases for kubernetes ( #2992 )
...
Closes #2991
[Tests](https://github.com/woodpecker-ci/woodpecker/pull/2993#issuecomment-1868048169 )
---------
Co-authored-by: 6543 <6543@obermui.de>
2023-12-23 00:42:30 +01:00
qwerty287
ce4f952b50
Switch to ULID ( #2986 )
...
Closes https://github.com/woodpecker-ci/woodpecker/discussions/2156
2023-12-21 20:23:51 +01:00
Nikolai Rodionov
b3541e314e
fix: Add backend_options
to service linter entry ( #2930 )
...
I've tried setting resources for a service and have seen the linter
warning that is not supported, though the the pipeline was successful
and resources were actually set on the pod. So I assume it shouldn't be
a linter issue.
I"m also not sure if my change is correct, I only hope it is
## Some Context
A pipeline example (I've removed steps that are not related directly:
```yaml
---
steps:
test:
name: Test charts
image: quay.io/helmpack/chart-testing
environment:
- DOCKER_HOST=tcp://docker:2375
commands:
- export PATH=$PWD/.bin:$PATH
- apk update && apk add docker
- kind create cluster --config kind.yaml
- sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' ~/.kube/config
- git fetch origin
- |
if [ -e .changed ]; then
ct install --target-branch main --chart-dirs .
ct install --target-branch main --chart-dirs . --upgrade
fi
services:
docker:
image: docker:dind
commands: dockerd -H tcp://0.0.0.0:2375 --tls=false
privileged: true
ports:
- 2375
backend_options:
kubernetes:
resources:
requests:
memory: 400Mi
cpu: 100m
limits:
memory: 400Mi
cpu: 100m
```
Pod description:
```
Containers:
wp-01hhczdknafj81jv80gzjbgt93-0-services-0:
Limits:
cpu: 100m
memory: 400Mi
Requests:
cpu: 100m
memory: 400Mi
```
Warning in the Woodpecker UI:
```
[linter]woodpecker: services.dockerAdditional property backend_options is not allowed
```
2023-12-11 19:22:55 +01:00
runephilosof-karnovgroup
adb2c82790
Update go module path for major version 2 ( #2905 )
...
https://go.dev/doc/modules/release-workflow#breaking
Fixes https://github.com/woodpecker-ci/woodpecker/issues/2913 fixes
#2654
```
runephilosof@fedora:~/code/platform-woodpecker/woodpecker-repo-configurator (master)$ go get go.woodpecker-ci.org/woodpecker@v2.0.0
go: go.woodpecker-ci.org/woodpecker@v2.0.0: invalid version: module contains a go.mod file, so module path must match major version ("go.woodpecker-ci.org/woodpecker/v2")
```
---------
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-12-08 08:15:08 +01:00
Lauris BH
511cfec66a
Fix schema validation with array syntax for clone and services ( #2920 )
...
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
Co-authored-by: Anbraten <anton@ju60.de>
2023-12-07 16:56:13 +01:00
renovate[bot]
428fe659fe
Update golang (packages) ( #2904 )
...
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg )](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| code.gitea.io/sdk/gitea | require | minor | `v0.16.0` -> `v0.17.0` |
| [github.com/antonmedv/expr](https://togithub.com/antonmedv/expr ) |
require | patch | `v1.15.5` -> `v1.15.6` |
| [github.com/golang-jwt/jwt/v5](https://togithub.com/golang-jwt/jwt ) |
require | minor | `v5.1.0` -> `v5.2.0` |
| [github.com/urfave/cli/v2](https://togithub.com/urfave/cli ) | require
| minor | `v2.25.7` -> `v2.26.0` |
---
### Release Notes
<details>
<summary>antonmedv/expr (github.com/antonmedv/expr)</summary>
###
[`v1.15.6`](https://togithub.com/expr-lang/expr/releases/tag/v1.15.6 )
[Compare
Source](https://togithub.com/antonmedv/expr/compare/v1.15.5...v1.15.6 )
- This is a new release for `expr-lang/epxr`.
</details>
<details>
<summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary>
### [`v5.2.0`](https://togithub.com/golang-jwt/jwt/releases/tag/v5.2.0 )
[Compare
Source](https://togithub.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0 )
#### What's Changed
- Exported `NewValidator` by
[@​oxisto](https://togithub.com/oxisto ) in
[https://github.com/golang-jwt/jwt/pull/349 ](https://togithub.com/golang-jwt/jwt/pull/349 )
- Improve ErrInvalidKeyType error messages by
[@​Laurin-Notemann](https://togithub.com/Laurin-Notemann ) in
[https://github.com/golang-jwt/jwt/pull/361 ](https://togithub.com/golang-jwt/jwt/pull/361 )
- Update MIGRATION_GUIDE.md by
[@​jbarham](https://togithub.com/jbarham ) in
[https://github.com/golang-jwt/jwt/pull/363 ](https://togithub.com/golang-jwt/jwt/pull/363 )
#### New Contributors
- [@​Laurin-Notemann](https://togithub.com/Laurin-Notemann ) made
their first contribution in
[https://github.com/golang-jwt/jwt/pull/361 ](https://togithub.com/golang-jwt/jwt/pull/361 )
- [@​jbarham](https://togithub.com/jbarham ) made their first
contribution in
[https://github.com/golang-jwt/jwt/pull/363 ](https://togithub.com/golang-jwt/jwt/pull/363 )
**Full Changelog**:
https://github.com/golang-jwt/jwt/compare/v5.1.0...v5.2.0
</details>
<details>
<summary>urfave/cli (github.com/urfave/cli/v2)</summary>
### [`v2.26.0`](https://togithub.com/urfave/cli/releases/tag/v2.26.0 )
[Compare
Source](https://togithub.com/urfave/cli/compare/v2.25.7...v2.26.0 )
#### What's Changed
- Bash completion nits by
[@​meatballhat](https://togithub.com/meatballhat ) in
[https://github.com/urfave/cli/pull/1762 ](https://togithub.com/urfave/cli/pull/1762 )
- Chore: Rename mkdocs requirements file name by
[@​dearchap](https://togithub.com/dearchap ) in
[https://github.com/urfave/cli/pull/1776 ](https://togithub.com/urfave/cli/pull/1776 )
- Fix:(issue\_1787) Add fix for commands not listed when hide help
comma… by [@​dearchap](https://togithub.com/dearchap ) in
[https://github.com/urfave/cli/pull/1788 ](https://togithub.com/urfave/cli/pull/1788 )
- Fix nil HelpFlag panic (v2) by
[@​wxiaoguang](https://togithub.com/wxiaoguang ) in
[https://github.com/urfave/cli/pull/1795 ](https://togithub.com/urfave/cli/pull/1795 )
- Always get 0 for a nested int64 value in v2.25.7 by
[@​stephenfire](https://togithub.com/stephenfire ) in
[https://github.com/urfave/cli/pull/1799 ](https://togithub.com/urfave/cli/pull/1799 )
- Helper messages for documenting build process by
[@​abitrolly](https://togithub.com/abitrolly ) in
[https://github.com/urfave/cli/pull/1800 ](https://togithub.com/urfave/cli/pull/1800 )
- fix: check duplicated sub command name and alias by
[@​linrl3](https://togithub.com/linrl3 ) in
[https://github.com/urfave/cli/pull/1805 ](https://togithub.com/urfave/cli/pull/1805 )
- Fix:(issue\_1689) Have consistent behavior for default text in man
and… by [@​dearchap](https://togithub.com/dearchap ) in
[https://github.com/urfave/cli/pull/1825 ](https://togithub.com/urfave/cli/pull/1825 )
- Fix linting issues by
[@​skelouse](https://togithub.com/skelouse ) in
[https://github.com/urfave/cli/pull/1696 ](https://togithub.com/urfave/cli/pull/1696 )
#### New Contributors
- [@​stephenfire](https://togithub.com/stephenfire ) made their
first contribution in
[https://github.com/urfave/cli/pull/1799 ](https://togithub.com/urfave/cli/pull/1799 )
- [@​linrl3](https://togithub.com/linrl3 ) made their first
contribution in
[https://github.com/urfave/cli/pull/1805 ](https://togithub.com/urfave/cli/pull/1805 )
**Full Changelog**:
https://github.com/urfave/cli/compare/v2.25.7...v2.26.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge -
"before 4am" (UTC).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions ) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: qwerty287 <ndev@web.de>
2023-12-04 20:53:46 +01:00
Thomas Anderson
3adb98b287
Simple security context options (Kubernetes) ( #2550 )
2023-11-26 08:46:06 +01:00
qwerty287
342b25826c
Rename link
to url
( #2812 )
...
As of https://woodpecker-ci.org/docs/next/usage/terminiology#conventions
2023-11-14 17:12:12 +01:00
qwerty287
70711ed9db
Replace interface{}
with any
( #2807 )
...
like golang:
2580d0e08d
2023-11-12 18:23:48 +01:00
Patrick Schratz
f3df6f8873
Add privileged
schema definition ( #2777 )
...
Co-authored-by: 6543 <m.huber@kithara.com>
2023-11-09 19:31:08 +01:00
6543
5a7b689e30
Switch to go vanity urls ( #2706 )
...
Co-authored-by: Anbraten <anton@ju60.de>
2023-11-07 08:04:33 +01:00
qwerty287
1bc4415075
Add workflow version ( #2476 )
...
Closes #1834
---------
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-11-06 01:37:02 +01:00
Anbraten
9e10100ad6
Fail on missing secrets ( #2749 )
...
Co-authored-by: pat-s <patrick.schratz@gmail.com>
2023-11-05 12:47:42 +01:00
Anbraten
a0f2ee9506
Add deprecation warnings ( #2725 )
2023-11-04 15:30:47 +01:00
Anbraten
5ff006614f
Enhance linter and errors ( #1572 )
...
Co-authored-by: 6543 <m.huber@kithara.com>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-11-03 11:44:03 +01:00
qwerty287
c1faa95d8f
Revert breaking pipeline changes ( #2677 )
...
Revert #2180 and #2480 so we can release v2.0 without breaking changes
in pipeline config.
After merging #2476 we should apply these changes to a new v2.
After merging this, we should be ready for the 2.0 release.
---------
Co-authored-by: Anbraten <anton@ju60.de>
2023-11-02 15:31:49 +01:00
Thomas Anderson
de53b906e8
Add ports into pipeline backend step model ( #2656 )
...
Closes #2655 .
[Pipeline](https://woodpecker-ci.org/docs/next/usage/services#complete-pipeline-example ):
```yaml
services:
database:
image: mysql
environment:
- MYSQL_DATABASE=test
- MYSQL_ROOT_PASSWORD=example
ports:
- 3306
steps:
get-version:
image: ubuntu
commands:
- ( apt update && apt dist-upgrade -y && apt install -y mysql-client 2>&1 )> /dev/null
- sleep 60s # need to wait for mysql-server init
- echo 'SHOW VARIABLES LIKE "version"' | mysql -uroot -hdatabase test -pexample
```
Service:
```yaml
apiVersion: v1
kind: Service
metadata:
name: wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
namespace: woodpecker-runtime
...
selfLink: >-
/api/v1/namespaces/woodpecker-runtime/services/wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
status:
loadBalancer: {}
spec:
ports:
- protocol: TCP
port: 3306
targetPort: 3306
selector:
step: database
clusterIP: 10.43.180.120
clusterIPs:
- 10.43.180.120
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster
```
2023-11-02 04:12:41 +01:00
6543
e83357833d
Use path.Join for server side path generation ( #2689 )
...
make sure to have valid config even when server is running under windows
---
*Sponsored by Kithara Software GmbH*
2023-11-01 11:29:44 +01:00
qwerty287
e74115027b
Add some tests ( #2652 )
...
and some cleanups
2023-10-28 13:37:54 +02:00
Anbraten
f44aa8a6fd
Remove plugin-only option from secrets ( #2213 )
2023-10-24 20:38:47 +02:00
Anbraten
62d6a6bc34
Move skip-ci back in front of config fetching ( #2555 )
2023-10-09 18:15:53 +02:00
qwerty287
46273e54d8
Require Go 1.21 ( #2553 )
...
Main change are the new `maps` and `slices` stdlib packages so we can
replace `golang.org/x/exp`.
2023-10-09 09:11:08 +02:00
renovate[bot]
e8ef1fb3c1
fix(deps): update module github.com/docker/distribution to v2.8.3+incompatible ( #2517 )
2023-10-03 09:35:40 +02:00
qwerty287
842e8a8e50
Remove deprecated options parsing ( #2480 )
...
Main change is that backwards compatibility to `platform` was removed.
Part of
https://github.com/woodpecker-ci/woodpecker/discussions/2170#discussioncomment-7047394
2023-09-20 13:48:34 +02:00
Kleber Rocha
61b5672051
Add option to configure tolerations in kubernetes backend ( #2249 )
...
This code add a feature to support tolerations in Kubernetes Backend
---------
Signed-off-by: Kleber Rocha <klinux@gmail.com>
2023-08-22 22:34:59 +02:00
6543
55e98a186a
Skip settings proxy config with WithProxy if its empty ( #2242 )
...
close #2208
2023-08-18 13:09:28 +02:00
6543
a5ef372190
Move "skip ci" logic into global pipeline conditions ( #2216 )
...
... and make custom errors follow std err conventions
this fix a 500 response if the whole pipeline is filtered out
2023-08-17 15:52:43 +02:00
6543
0563d7a30f
Bump default git clone plugin ( #2215 )
...
- and add alternate quay registry to trusted clone image
- add alternate registry for buildx plugin
2023-08-16 15:17:43 +02:00
qwerty287
8cdac56d8f
Check for correct license header ( #2137 )
2023-08-10 11:06:00 +02:00
6543
eb8fb407f9
Add TestCompilerCompile ( #2183 )
...
just add tests about compile frontend config into backend config
2023-08-10 09:52:52 +02:00
6543
23ad363c97
fix error message
2023-08-10 00:01:16 +02:00