Commit graph

359 commits

Author SHA1 Message Date
Robert Kaussow
e1a273d25d
Update docs deps to address cves (#2080)
Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078

Remaining CVEs:

```
❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/
2023-08-01T10:02:36.911+0200	INFO	Vulnerability scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	Secret scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-01T10:02:36.911+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection
2023-08-01T10:02:36.963+0200	INFO	Number of language-specific files: 1
2023-08-01T10:02:36.963+0200	INFO	Detecting pnpm vulnerabilities...

pnpm-lock.yaml (pnpm)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Installed Version │ Fixed Version  │                            Title                             │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ got     │ CVE-2022-33987 │ MEDIUM   │ 9.6.0             │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to   │
│         │                │          │                   │                │ UNIX sockets                                                 │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2022-33987                   │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ trim    │ CVE-2020-7753  │ HIGH     │ 0.0.1             │ 0.0.3          │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │
│         │                │          │                   │                │ trim function                                                │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2020-7753                    │
└─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
```

- `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored
due to
https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259
- `got` can be ignored as well, see `trim`
2023-08-01 13:30:44 +02:00
Anbraten
e0ed1b3e49
Change master to main (#2044) 2023-07-31 05:47:23 +02:00
lonix1
390295c844
fix: global registry docs (#2070)
The
[docs](https://woodpecker-ci.org/docs/administration/server-config#global-registry-setting)
for global registry are missing the part that shows that the docker
config must be mounted.

I mounted to `root`'s home directory, as that is the user running the
container.
2023-07-31 04:17:07 +02:00
Anbraten
4731eeb5db
Improve bitbucket docs (#2066) 2023-07-30 17:52:47 +02:00
6543
264f12fb54
Blog post for v1.0.0 release (#2055)
introduce the v1.0.0

---------
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2023-07-29 16:05:44 +02:00
6543
960a52bc0b
Add breaking note for command: removal (#2056)
close  #2054

as we missed at #1032 that it was mentioned at one point in the docs and
so it was a breaking change
2023-07-29 14:52:43 +02:00
6543
da9bfa64ce
Fix docs nit and add rm todo for v1.2.0 (#2049) 2023-07-28 15:33:23 +02:00
6543
a83b0fcfd3
Drop deprecated built-in environment variables (#2048)
Drop:
 - `CI_BUILD_*`
 - `CI_PREV_BUILD_*`
 - `CI_JOB_*`
 - `*_LINK`
 - `CI_SYSTEM_ARCH`
 - `CI_REPO_REMOTE`
2023-07-28 14:58:20 +02:00
6543
27c0ff502e
Remove fallback check for old sqlite file location (#2046)
non breaking as we did fix or hard fail in last version, now we just
don't check anymore

---------

Co-authored-by: Robert Kaussow <xoxys@rknet.org>
2023-07-28 13:31:25 +02:00
6543
1d2f594fc6
update docs about versioning (#2043)
#2040 did point out, it needs to be better clarified
2023-07-27 15:46:20 +02:00
6543
1da0ad38a8
Set v1.0 documents as default and mark v0.15 as unmaintained (#2034) 2023-07-26 20:06:43 +02:00
6543
1c116daf08
Create docs for v1.0.x (#1855)
and also fix / enhance some
2023-07-25 12:41:58 +02:00
lonix1
a143ef4779
docs: advanced pipeline management (#2018)
Various ways to factor out common data in a pipeline file - having them
in one place rather than spread out over many pages, will help newbies
like me.
2023-07-21 21:58:17 +02:00
6543
4d2f824fb8
fix docs nits (#2025) 2023-07-21 21:56:24 +02:00
Robert Kaussow
443c23c58a
Use global logger for xorm logs and add options (#1997)
Please let me know if this goes in the right direction. Needs some tests and docs.
2023-07-15 01:15:13 +02:00
qwerty287
570f5044e8
Drop support for Bitbucket Server (#1994)
Closes #1962
2023-07-13 15:47:25 +02:00
6543
fa951a8e95
Add agent config file (#1971) 2023-07-12 18:51:40 +02:00
Anbraten
2432abd379
Add a blog (#1978)
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2023-07-11 23:31:45 +02:00
Patrick Schratz
41f53024c1
Bump alpine image for preview (#1981) 2023-07-11 23:02:05 +02:00
6543
e85eeb10fc
Fix repo gate protection (#1969)
- clarify docs
- don't block cron pipelines
- run manual triggered pipelines right away

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-07-11 17:34:50 +02:00
Robert Kaussow
fe7eb64bf9
Add option to read grpc-secret from file (#1972) 2023-07-10 23:53:02 +02:00
Martin W. Kirst
2c1fc4b500
support custom .JS and .CSS files for custom banner messages (white-labeling) (#1781)
This PR introduces two new server configuration options, for providing a
custom .JS and .CSS file.
These can be used to show custom banner messages, add
environment-dependent signals, or simply a corporate logo.

### Motivation (what problem I try to solve)

I'm operating Woodpecker in multiple k8s clusters for different
environments.
When having multiple browser tabs open, I prefer strong indicators for
each environment.
E.g. a red "PROD" banner, or just a blue "QA" banner.
Also, we sometimes need to have the chance for maintenance, and instead
of broadcasting emails,
I prefer a banner message, stating something like: "Heads-up: there's a
planned downtime, next Friday, blabla...".

Also, I like to have the firm's logo visible, which makes Woodpecker
look more like an integral part of our platform.

### Implementation notes

* Two new config options are introduced ```WOODPECKER_CUSTOM_CSS_FILE```
and ```WOODPECKER_CUSTOM_JS_FILE```
* I've piggy-bagged the existing handler for assets, as it seemed to me
a minimally invasive approach
* the option along with an example is documented
* a simple unit test for the Gin-handler ensures some regression safety
* no extra dependencies are introduced

### Visual example

The documented example will look like this.

![Screenshot 2023-05-27 at 17 00
44](https://github.com/woodpecker-ci/woodpecker/assets/1189394/8940392e-463c-4651-a1eb-f017cd3cd64d)

### Areas of uncertainty 

This is my first contribution to Woodpecker and I tried my best to align
with your conventions.
That said, I found myself uncertain about these things and would be glad
about getting feedback.

* The handler tests are somewhat different than the other ones because I
wanted to keep them simple - I hope that still matches your coding
guidelines
* caching the page sometimes will let the browser not recognize changes
and a user must reload. I'm not fully into the details of how caching is
implemented and neither can judge if it's a real problem. Another pair
of eyes would be good.
2023-07-10 12:46:35 +02:00
lonix1
45319b24cd
docs: user registration (#1925)
Further to discussion on [discord](https://discord.com/channels/838698813463724034/838698813463724037/1125412378125803612).

The docs should be clearer about:
- user registration in general, and 
- preventing registration of random users but allowing specific ones.

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-07 05:31:19 +02:00
Guillaume REMBERT
0cf602a1f6
Add Kubernetes and Dockle Plugins (#1930)
Add Kubernetes Deployments and StatefulSet update and Dockle Scan Plugins.

For Kubernetes plugin, I based on the Drone unmaintened Kubernetes
plugin and took the statefulset management evolutions. I added sync/wait
and force redeploy capabilities + updates dependencies

For Dockle plugin, I took example on Trivy plugin.
2023-07-04 20:28:43 +02:00
Ell
10313e79a0
Added Nextcloud Upload plugin (#1927)
Add plugin [Nextcloud Upload](https://github.com/Ellpeck/WoodpeckerPlugins/tree/main/nextcloud-upload) to the official plugin list.

there's already an official plugin that allows uploading
files using WebDAV, but my plugin has two Nextcloud-specific additions
that aren't part of the regular WebDAV spec:
- The ability to chunk uploads, which is necessary for larger files if
Nextcloud is hosted behind Cloudflare (which restricts uploads to a
maximum of 100MB)
- The ability to apply Nextcloud tags, which allows automatically
categorizing items and using Nextcloud's Retention plugin to easily
auto-remove older artifacts.
2023-07-03 19:47:10 +02:00
Thomas Anderson
3386696d71
Added agent registration docs (#1921)
---------

Co-authored-by: 6543 <6543@obermui.de>
2023-07-03 15:44:16 +02:00
Thomas Anderson
b616a822a0
Fixed when:evaluate on non-standard (non-CI*) env vars (#1907)
Makes it possible to evaluate `when` constraint on custom environment
variables.
2023-07-02 23:45:22 +02:00
Timo Tomasini
eb5c48a85f
Store agent ID in config file (#1888) 2023-07-02 17:22:05 +02:00
qwerty287
9dc839b946
Fix default value (#1916)
From #1784 and #1898
2023-07-02 10:50:59 +02:00
Epsilon_02
3714e9c218
Add TODO-Checker plugin (#1906)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-07-01 08:26:53 +02:00
Patrick Schratz
44b54db475
Document k8s volume usage (#1896) 2023-06-29 19:22:33 +02:00
qwerty287
3033abc3b4
Add own workflow model (#1784)
Closes #1287

---------

Co-authored-by: 6543 <6543@obermui.de>
2023-06-27 18:01:18 +02:00
runephilosof-karnovgroup
1fa0212731
Add minimum usage for CLI v0.15.x to docs (#1878)
Co-authored-by: 6543 <6543@obermui.de>
2023-06-25 23:38:25 +02:00
qwerty287
eaae6b44c7
Remove default event filter (#1880)
Closes https://github.com/woodpecker-ci/woodpecker/issues/1863
2023-06-21 18:12:20 +02:00
qwerty287
5c587a3243
Add security section to docs (#1877) 2023-06-21 16:59:57 +02:00
Thomas Anderson
0c3021473f
Added Woodpecker Host Config used for Webhooks (#1869)
When SCM and Woodpecker are deployed in the same cluster, I want that
SCM requests Woodpecker directly by internal URL.


![Webhook-host-diagram](https://github.com/woodpecker-ci/woodpecker/assets/127358482/c4689d55-839a-4731-95b3-5734ba561e5f)
 
This PR adds optional URL used for Webhook calls.
2023-06-18 14:47:40 +02:00
6543
6ab9f802d1
Fix links in docs (#1859) 2023-06-13 18:58:26 +02:00
Anbraten
ff01a9ff1d
Access repos by their ids (#1691)
closes #1295 
closes #648

# TODO
- [x] add new routes with `:repoID`
- [x] load repo in middleware using `:repoID` if present
- [x] update UI routes `:owner/:name` to `:repoID`
- [x] load repos using id in UI
- [x] add lookup endpoint `:owner/:name` to `:repoID`
- [x] redirect `:owner/:name` to `:repoID` in UI
- [x] use badge with `:repoID` route in UI
- [x] update `woodpecker-go`
- [x] check cli
- [x] add migrations / deprecation notes
- [x] check if #648 got solved directly
- [x] Test
  - [x] create repo
  - [x] repo pages
  - [x] ui redirects
  - [x] forge status links
2023-06-13 01:07:52 +02:00
runephilosof-karnovgroup
e3593cd9a4
01-getting-started.md: fix WOODPECKER_HOST example (#1849) 2023-06-12 23:22:00 +02:00
6543
5139624cf8
Migrate old logs to new database schema (#1828)
address new models based on #1802
2023-06-12 22:43:14 +02:00
Ovidiu Calbajos
609ba481b5
Support for k8s serviceAccount and nodeSelector (#1842)
Add the possiblity to specify the Kubernetes serviceAccount and/or
nodeSelector to be used on individual steps for Kubernetes executor
2023-06-12 16:00:59 +02:00
6543
7bae68758f
[Docs] Fix schema to replace "tag" by "ref"-filter (#1841)
#1820 followup
2023-06-09 12:43:12 +02:00
6543
7e708874ae
Rename yaml pipeline to steps (#1833)
Adjust pipeline-config to match
[Terminology](https://woodpecker-ci.org/docs/next/usage/terminology)
2023-06-07 12:04:37 +02:00
6543
971cb52032
Rename pipeline frontend types (#1829)
this adjust the packages that parse the yaml-config-file to match
[Terminology](https://woodpecker-ci.org/docs/next/usage/terminology)
2023-06-06 09:14:21 +02:00
6543
ea895baf83
Resolve built-in variables for global when filter (#1790)
addresses
bd461477bd

close  #1244, close #1580

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-06-05 00:15:07 +02:00
6543
c919f32e0b
[Docs] Remove never implemented "tag"-filter and document "ref"-filter to do the same (#1820)
close #1211
2023-06-04 12:13:32 +02:00
6543
d1213afdc8
[Docs] use redocusaurus to display swagger file (#1818)
https://redocusaurus.vercel.app/

followup of  #1782

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-06-04 05:07:39 +02:00
Stephen Muth
2941e508b3
Allow setting resources for kubernetes on a per-step basis (#1767)
This add a simple implementation of requests/limits for individual
steps. There is no validation of what the resource actually is beyond
checking that it can successfully be converted to a Quantity, so it can
be used for things other than just memory/CPU.

close #1809
2023-06-04 00:50:08 +02:00
Martin W. Kirst
14177635b6
Update swagger API specification (#1782)
# Summary

This PR drops the outdated former swagger.yaml/json and introduced
automatic API document generation from Go code.
The generated code is also used to generate documentation/markdown for
the community page,
as well as enable the Woodpecker server to serve a Swagger Web UI for
manual tinkering.

I did opt-in for gin-swagger, a middleware for the Gin framework, to
ease implementation and have a sophisticated output.
This middleware only produces Swagger v2 specs. AFAIK the newer OpenApi
3x tooling is not yet that mature,
so I guess that's fine for now.

## Implemenation notes

- former swagger.json files removed
- former // swagger godocs removed
- introduced new dependency gin-swagger, which uses godoc annotations on
top of Gin Handler functions.
- reworked Makefile to automatically generate Go code for the server
- introduce new dependency go-swagger, to generate Markdown for
documentation purposes
- add a Swagger Web UI, incl. capabilities for manual API exploration
- consider relative root paths in the implementation
- write documentation for all exposed API endpoints
- incl. API docs in the community website (auto-generated)
- provide developer documentation, for the Woodpecker authors
- no other existing logic/code was intentionally changed

---------

close #292

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2023-06-03 21:38:36 +02:00
6543
317bd24abb
Define Glossary (#1800)
based on
https://github.com/woodpecker-ci/woodpecker/issues/745#issuecomment-1313401427

close  #1724

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: Anbraten <anton@ju60.de>
2023-06-03 16:39:56 +02:00