6543
5b208d2c01
Allow admins to specify priviledged plugins by name **and tag** ( #4075 )
...
previous the tags where ignored, now we respect them if set
2024-09-01 21:27:12 +02:00
6543
3c8204a0e0
Allow alter trusted clone plugins and filter them via tag ( #4074 )
2024-09-01 20:41:10 +02:00
6543
fb6068d836
Add option to filter secrets by plugins with specific tags ( #4069 )
...
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2024-08-31 13:46:50 +02:00
qwerty287
aafd217cce
Remove old pipeline options ( #4016 )
2024-08-15 18:58:51 +02:00
6543
31a45e5633
Add blocklist of environment variables who could alter execution of plugins ( #3934 )
2024-07-18 22:54:29 +02:00
6543
764329ed1d
Make sure plugins only mount the workspace base in a predefinde location ( #3933 )
2024-07-18 22:52:22 +02:00
6543
7b7c83d040
remove undocumented networks option from steps ( #3915 )
...
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2024-07-18 18:18:39 +02:00
6543
e39345688d
Allow to change the working directory also plugins and services ( #3914 )
2024-07-18 01:02:38 +02:00
Anbraten
f6904d6662
Fix privileged steps in kubernetes ( #3711 )
2024-05-30 18:53:03 +02:00
6543
42f2734308
cspell lint go code ( #3706 )
2024-05-24 22:35:04 +02:00
Robert Kaussow
89e100cfd1
Add godot linter to harmonitze toplevel comments ( #3650 )
2024-05-13 22:58:21 +02:00
qwerty287
2029813fc2
Remove unused cache properties ( #3567 )
2024-03-29 09:48:28 +01:00
qwerty287
75803dba41
Fix uppercased env ( #3516 )
...
closes #3515
I think after this is fixed, we should publish a new release as this can
be quite important.
Co-authored-by: Robert Kaussow <mail@thegeeklab.de>
2024-03-20 16:53:33 +02:00
qwerty287
9b0c4e4e3c
Fix env var naming ( #3438 )
...
closes #3436
2024-02-25 10:12:40 +01:00
6543
6eafb37aba
nit: compiler.Compile explizite init Environment map
2024-02-23 17:40:52 +01:00
qwerty287
d59bc64823
Fix server panic ( #3426 )
...
Closes #3424
2024-02-23 16:32:06 +01:00
qwerty287
de5c65939a
Deprecate alternative names on secrets ( #3406 )
...
Closes https://github.com/woodpecker-ci/woodpecker/discussions/2274
# deprecation of alternative names
Instead of
```yaml
secrets:
- source: some_secret
target: some_env
```
you now write:
```yaml
environment:
some_env:
from_secret: some_secret
```
Also, it's possible to use complex yaml objects in `environment`,
they're turned into json (just like `settings`).
2024-02-22 18:25:57 +01:00
qwerty287
0c9bbf91a3
Do not alter secret key upper-/lowercase ( #3375 )
2024-02-20 14:20:25 +01:00
Anbraten
0b91317cde
Fix linter ( #3354 )
2024-02-08 22:49:07 +01:00
qwerty287
6892a9ca57
Parse backend options in backend ( #3227 )
...
Currently, backend options are parsed in the yaml parser.
This has some issues:
- backend specific code should be in the backend folders
- it is not possible to add backend options for backends added via
addons
2024-02-08 18:39:32 +01:00
Anbraten
0b5eef7d1e
Improve secret availability checks ( #3271 )
2024-01-27 20:59:44 +01:00
qwerty287
5e2f7d81b3
Clean up models ( #3228 )
2024-01-22 07:56:18 +01:00
qwerty287
d1d2e9723d
Support custom steps entrypoint ( #2985 )
...
Closes https://github.com/woodpecker-ci/woodpecker/issues/278
---------
Co-authored-by: Anbraten <anton@ju60.de>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 05:34:02 +01:00
qwerty287
001b5639a6
Use assert
for test ( #3201 )
...
instead of `if`s
2024-01-14 19:33:58 +01:00
qwerty287
b9f6f3f9fb
Replace goimports
with gci
( #3202 )
...
`gci` seems to be much more strict.
2024-01-14 18:22:06 +01:00
Thomas Anderson
0611fa9b32
Added protocol in port configuration ( #2993 )
...
Closes #2727
2024-01-12 23:57:24 +01:00
Thomas Anderson
9bbc446009
Kubernetes AppArmor and seccomp ( #3123 )
...
Closes #2545
seccomp
https://kubernetes.io/docs/tutorials/security/seccomp/
https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/135-seccomp/README.md
AppArmor
https://kubernetes.io/docs/tutorials/security/apparmor/
fddcbb9cbf/keps/sig-node/24-apparmor/README.md
Went ahead and implemented API from KEP-24 above.
2024-01-12 23:32:24 +01:00
6543
f8fb28e651
More docker backend test remove more undocumented ( #3156 )
...
remove Sysctls and IpcMode
2024-01-11 19:30:13 +01:00
qwerty287
12c40eb957
Enable gocritic
and don't ignore globally ( #3159 )
...
Use `nolint` directives instead.
From #2960
2024-01-10 15:34:44 +01:00
qwerty287
1b380ff4b4
Enable nolintlint
( #3158 )
2024-01-10 12:11:18 +01:00
6543
cd59a85230
Use name in backend types instead of alias ( #3142 )
2024-01-09 15:22:59 +01:00
6543
1eacf74376
Remove duplicate assignment of CI_STEP_NAME
( #3139 )
...
Co-authored-by: Anbraten <anton@ju60.de>
2024-01-09 08:56:28 +01:00
Anbraten
6fbf98f1b9
Fix slice unmarshaling ( #3097 )
...
closes #3055
2024-01-01 11:03:31 +01:00
6543
2cb7669413
add just more dag tests ( #3083 )
2023-12-30 16:45:11 +01:00
Kamila Borowska
4bc2fed550
Fix DAG cycle detection ( #3049 )
...
Previously a graph like this.
a <- b
^ ^
| |
c <- d
Was incorrectly recognized as having a cycle.
Fixes #3048 .
2023-12-28 00:14:28 +01:00
6543
840fca198e
make backend step dag generation deterministic ( #3037 )
...
the the generation for backend steps if a dag is used deterministic.
this also fix where the test randomly fail like in:
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11057/30
- https://ci.woodpecker-ci.org/repos/3780/pipeline/11076/25
2023-12-27 12:38:33 +02:00
Anbraten
2b1e5f35de
Add depends_on support for steps ( #2771 )
...
Co-authored-by: 6543 <6543@obermui.de>
2023-12-24 12:14:30 +01:00
Thomas Anderson
253d702bc7
Fix IPv6 host aliases for kubernetes ( #2992 )
...
Closes #2991
[Tests](https://github.com/woodpecker-ci/woodpecker/pull/2993#issuecomment-1868048169 )
---------
Co-authored-by: 6543 <6543@obermui.de>
2023-12-23 00:42:30 +01:00
qwerty287
ce4f952b50
Switch to ULID ( #2986 )
...
Closes https://github.com/woodpecker-ci/woodpecker/discussions/2156
2023-12-21 20:23:51 +01:00
runephilosof-karnovgroup
adb2c82790
Update go module path for major version 2 ( #2905 )
...
https://go.dev/doc/modules/release-workflow#breaking
Fixes https://github.com/woodpecker-ci/woodpecker/issues/2913 fixes
#2654
```
runephilosof@fedora:~/code/platform-woodpecker/woodpecker-repo-configurator (master)$ go get go.woodpecker-ci.org/woodpecker@v2.0.0
go: go.woodpecker-ci.org/woodpecker@v2.0.0: invalid version: module contains a go.mod file, so module path must match major version ("go.woodpecker-ci.org/woodpecker/v2")
```
---------
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-12-08 08:15:08 +01:00
Thomas Anderson
3adb98b287
Simple security context options (Kubernetes) ( #2550 )
2023-11-26 08:46:06 +01:00
qwerty287
342b25826c
Rename link
to url
( #2812 )
...
As of https://woodpecker-ci.org/docs/next/usage/terminiology#conventions
2023-11-14 17:12:12 +01:00
qwerty287
70711ed9db
Replace interface{}
with any
( #2807 )
...
like golang:
2580d0e08d
2023-11-12 18:23:48 +01:00
6543
5a7b689e30
Switch to go vanity urls ( #2706 )
...
Co-authored-by: Anbraten <anton@ju60.de>
2023-11-07 08:04:33 +01:00
Anbraten
9e10100ad6
Fail on missing secrets ( #2749 )
...
Co-authored-by: pat-s <patrick.schratz@gmail.com>
2023-11-05 12:47:42 +01:00
Thomas Anderson
de53b906e8
Add ports into pipeline backend step model ( #2656 )
...
Closes #2655 .
[Pipeline](https://woodpecker-ci.org/docs/next/usage/services#complete-pipeline-example ):
```yaml
services:
database:
image: mysql
environment:
- MYSQL_DATABASE=test
- MYSQL_ROOT_PASSWORD=example
ports:
- 3306
steps:
get-version:
image: ubuntu
commands:
- ( apt update && apt dist-upgrade -y && apt install -y mysql-client 2>&1 )> /dev/null
- sleep 60s # need to wait for mysql-server init
- echo 'SHOW VARIABLES LIKE "version"' | mysql -uroot -hdatabase test -pexample
```
Service:
```yaml
apiVersion: v1
kind: Service
metadata:
name: wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
namespace: woodpecker-runtime
...
selfLink: >-
/api/v1/namespaces/woodpecker-runtime/services/wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
status:
loadBalancer: {}
spec:
ports:
- protocol: TCP
port: 3306
targetPort: 3306
selector:
step: database
clusterIP: 10.43.180.120
clusterIPs:
- 10.43.180.120
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster
```
2023-11-02 04:12:41 +01:00
6543
e83357833d
Use path.Join for server side path generation ( #2689 )
...
make sure to have valid config even when server is running under windows
---
*Sponsored by Kithara Software GmbH*
2023-11-01 11:29:44 +01:00
Anbraten
f44aa8a6fd
Remove plugin-only option from secrets ( #2213 )
2023-10-24 20:38:47 +02:00
qwerty287
46273e54d8
Require Go 1.21 ( #2553 )
...
Main change are the new `maps` and `slices` stdlib packages so we can
replace `golang.org/x/exp`.
2023-10-09 09:11:08 +02:00
Kleber Rocha
61b5672051
Add option to configure tolerations in kubernetes backend ( #2249 )
...
This code add a feature to support tolerations in Kubernetes Backend
---------
Signed-off-by: Kleber Rocha <klinux@gmail.com>
2023-08-22 22:34:59 +02:00