Commit graph

5845 commits

Author SHA1 Message Date
qwerty287
d76144ef42
Fix avatar column type (#4340) (#4602) 2024-12-21 11:59:24 +01:00
Robert Kaussow
957581571b
Add changelog for v2.8.2 (#4594) 2024-12-20 07:59:01 +01:00
Robert Kaussow
88d3a3cec4
Fix version.json updates (#4593) 2024-12-19 22:05:03 +01:00
Robert Kaussow
557ea478f5
Backport gitea and forgejo sdk updates (#4592) 2024-12-19 21:26:31 +01:00
Robert Kaussow
5c589a7aac
Do not log forge tokens (#4551) (#4590) 2024-12-19 21:18:14 +01:00
Robert Kaussow
80ea0d1f2f
Don't log DB passwords (#4583) (#4589) 2024-12-19 21:17:56 +01:00
Robert Kaussow
fc40696e93
Backport golang security updates (#4587)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-12-19 20:32:43 +01:00
woodpecker-bot
8b398e18ab
🎉 Release 2.8.1 (#4513) 2024-12-13 23:14:28 +01:00
Joan Flotats
36e5b9514b
Add Bitbucket fixes to Release/2.8 (#4547)
Co-authored-by: Joan Flotats <joanflotats@bit2me.com>
2024-12-10 15:21:37 +02:00
John Olheiser
21d9c6cece
fix: addon JSON pointers (#4508) (#4512)
Signed-off-by: jolheiser <git@jolheiser.com>
2024-12-05 17:24:18 +01:00
woodpecker-bot
985a5ae73b
🎉 Release 2.8.0 (#4304) 2024-11-28 19:50:54 +01:00
6543
50a3749b60
Enforce exact matching for GitLab groups (#4473) (#4474)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-11-28 19:49:00 +01:00
6543
f85192ba4a
Docker Backend: fully support windows container (#4381) (#4464) 2024-11-27 05:42:46 +01:00
Anbraten
cc3f0412f2
Extend approval options (#3348) (#4429)
Co-authored-by: 6543 <6543@obermui.de>
2024-11-25 21:31:13 +01:00
6543
e1ec60a826
Normalize aarch64 -> arm64 for docker backend (#4451) (#4457)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-11-25 19:48:23 +01:00
6543
2cbd9268f6
Deprecate secrets in favor of from_secret (#4360) 2024-11-18 21:26:46 +01:00
6543
aa7e1cdd9e
ci: remove last "secrets" usage and migrate to from_secret (#4372) (#4407) 2024-11-18 19:12:58 +02:00
6543
092ea7b907
Deprecate and warn of list syntax of environment (#4358)
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2024-11-17 09:17:09 +02:00
6543
cbe74ec72f
Process workflow logs in batches (#4045) (#4356)
Co-authored-by: hg <k@isakov.net>
2024-11-13 15:42:45 +01:00
6543
b68b038adf
address review lint issues (#4354) (#4357) 2024-11-11 19:38:17 +01:00
6543
2ec46c5429
Bump release plugin (#4328) 2024-11-06 15:40:17 +01:00
6543
b89d4f059c
Add migration to autofix corrupted users.org_id entrys in db (#4307) (#4327) 2024-11-06 15:30:18 +01:00
6543
cef9cc3753
Bump release plugin (#4318)
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
Co-authored-by: oauth <woodpecker-bot@obermui.de>
2024-11-06 01:23:10 +01:00
6543
084d6f883a
Upgrade vue-i18n (#4317)
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
2024-11-06 01:19:04 +01:00
6543
bbdabae564
Start a trivy server service (#4288) (#4312) 2024-11-06 01:06:39 +01:00
6543
5c4dbaa8fb
dont release docs from release branch (#4316) 2024-11-06 00:27:18 +01:00
Anbraten
9dcc1a4ac2
Use release-helper for release/* branches (#4302) 2024-11-04 14:59:17 +01:00
6543
ba382a090c
Changelog for v2.7.2 (#4214)
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
2024-11-03 12:54:02 +01:00
6543
0527e54da0
pin xgo image (#4287) 2024-11-03 00:40:39 +01:00
6543
3a1c3e72e4
Don't parse forge config files multiple times if no error occured (#4272) (#4273)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-10-29 07:34:32 +02:00
6543
c427886d3c
fix: repo/owner parsing for gitlab (#4255) (#4261)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-10-27 10:50:09 +01:00
6543
eadb75ad17 Revert "Only allow docker-buildx plugin >= 5.0.0 to be priviledged by default (#4213)"
This reverts commit 71d478b79a.
2024-10-09 17:00:04 +02:00
6543
71d478b79a
Only allow docker-buildx plugin >= 5.0.0 to be priviledged by default (#4213) 2024-10-09 16:48:22 +02:00
6543
67d8d6e317 chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v5.0.0 2024-10-09 15:16:30 +02:00
6543
b1e5103ee5
Backport JS dependency updates (#4189) 2024-10-05 18:01:46 +02:00
6543
1b1bf27951
Bump trivy plugin (#4160) (#4188)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-10-05 16:24:20 +03:00
6543
cc203e25f1
chore(deps): update dependency vite to v5.4.6 [security] (#4163) (#4187)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-05 14:18:21 +01:00
6543
972e45daaf
Print agent labels in debug mode (#4155) (#4156) 2024-10-03 15:02:40 +02:00
6543
10d8a13272
Run queue.process() in background (#4115) 2024-09-20 14:13:46 +02:00
6543
4576aef483
Fix agent last work update throttling (#4124) (#4126)
Co-authored-by: Lukas <lukas@slucky.de>
2024-09-18 23:28:22 +02:00
6543
6f5e0697d0
Only update agent.LastWork if not done recently (#4031) (#4100)
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
2024-09-10 15:53:16 +03:00
6543
324ab4ac89
🎉 Release 2.7.1 (#4090)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2024-09-07 10:36:01 +02:00
qwerty287
abb88fa134
Fix org settings page (#4002) (#4093)
Co-authored-by: Divya Jain <dvjn.dev+git@gmail.com>
2024-09-07 10:27:20 +02:00
6543
9b18a90a59
[Backport] Lint privileged plugin match and allow to be set empty (#4084) 2024-09-05 20:30:03 +03:00
6543
688d984d7e Update docker-buildx plugin to v4.2.0 2024-09-05 01:33:40 +02:00
6543
432f49cae3
Bump github.com/docker/docker from v24.0.9 to v24.0.9+30 (#4077) 2024-09-02 14:23:17 +02:00
6543
4535ef330a
Allow admins to specify priviledged plugins by name **and tag** (#4075) (#4076) 2024-09-01 23:06:06 +02:00
qwerty287
a360563fad
Warn if using secrets/env with plugin (#4027) (#4039) 2024-08-16 17:08:06 +02:00
qwerty287
4ab8374c9a Set refspec for gitlab MR (#4021) 2024-08-16 10:23:38 +02:00
Joan Flotats
1ec7525bf4 Change Bitbucket PR hook to point the source branch, commit & ref (#3965)
## Description

This is the first fix for: https://github.com/woodpecker-ci/woodpecker/issues/3932

Change the Pull Request hook parser to return the source commit, branch, and ref instead of the destination. Right now, the workflow pulls the destination configuration and code. It should pull the source configuration and code to verify that the configuration and code work as expected before merging the changes.

In case of the close event, the hook parser returns the destination branch, ref and merge commit. Usually, the contributor automatically deletes the source branch after merging the changes to the destination branch. Using the source values will cause the workflow to fail.

After the changes, Woodpecker will correctly download the workflow from the source branch (Pull Request commit), but it will fail to clone the repository. This issue is related to the commit format returned by the Bitbucket webhook. This inconsistency has already been reported: https://jira.atlassian.com/browse/BCLOUD-21201. The webhook returns a short SHA. The problem is that the `git fetch` command requires the full SHA. 

A workaround for this issue is to use the ref to fetch the code:

```yaml
clone:
  git:
    image: woodpeckerci/plugin-git
    settings:
      ref: ${CI_COMMIT_REF}
```

This is not ideal, because the Pull Request head won't always match the workflow commit, but it solves 80% of the event use cases (e.g. trigger a pull request workflow on change). This workaround won't work when re-running a previous workflow pointing to another commit, it will pull the last commit, not the previous one.

## Solutions

The solution proposed by the community is to retrieve the full SHA from the Bitbucket API using the short one. This solution has drawbacks:
- The Bitbucket API rate limit is 1000 req/h. This solution will reduce the maximum number of workflow runs per hour.
- It requires a braking change in the forges interface because the ´Hook(...)´ method does not have an instance of the HTTP Client. 

We propose to allow the git plugin to fetch the source code from a URL. The Bitbucket returns a link pointing to the commit. 

This proposal only requires a small change to the git plugin:
- Add a new optional parameter (e.g. CommitLink)
- Add a clause to the following conditional: 7ac9615f40/plugin.go (L79C1-L88C3)
```go
if p.Pipeline.CommitLink != "" {...}
```
Git commands:
```shell
$ git fetch --no-tags --depth=1 --filter=tree:0 https://bitbucket.org/workspace/repo/commits/692972aabfec
$ git reset --hard -q 692972aabfec # It works with the short SHA
```
Woodpecker will set CommitLink to a blank string for the other forges, but Bitbuckket will use the one returned by the webhook.
2024-07-23 16:59:17 +02:00