1
0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2024-11-24 08:02:18 +02:00

improve secret match logic

This commit is contained in:
Brad Rydzewski 2017-04-10 18:27:34 +02:00
parent 489cdf2572
commit 6e244be920
7 changed files with 50 additions and 36 deletions

View File

@ -25,11 +25,6 @@ func secretAddFlags() []cli.Flag {
cli.StringSliceFlag{
Name: "event",
Usage: "inject the secret for these event types",
Value: &cli.StringSlice{
model.EventPush,
model.EventTag,
model.EventDeploy,
},
},
cli.StringSliceFlag{
Name: "image",
@ -77,6 +72,13 @@ func secretParseCmd(name string, value string, c *cli.Context) (*model.Secret, e
secret.Events = c.StringSlice("event")
secret.SkipVerify = c.Bool("skip-verify")
secret.Conceal = c.Bool("conceal")
if len(secret.Events) == 0 {
secret.Events = []string{
model.EventPush,
model.EventTag,
model.EventDeploy,
}
}
// TODO(bradrydzewski) below we use an @ sybmol to denote that the secret
// value should be loaded from a file (inspired by curl). I'd prefer to use

View File

@ -463,13 +463,11 @@ func (b *builder) Build() ([]*buildItem, error) {
if !sec.MatchEvent(b.Curr.Event) {
continue
}
if b.Curr.Verified || sec.SkipVerify {
secrets = append(secrets, compiler.Secret{
Name: sec.Name,
Value: sec.Value,
Match: sec.Images,
})
}
secrets = append(secrets, compiler.Secret{
Name: sec.Name,
Value: sec.Value,
Match: sec.Images,
})
}
y := b.Yaml

View File

@ -32,6 +32,7 @@ type Compiler struct {
escalated []string
prefix string
volumes []string
networks []string
env map[string]string
base string
path string

View File

@ -28,6 +28,11 @@ func (c *Compiler) createProcess(name string, container *yaml.Container) *backen
Aliases: c.aliases,
},
}
for _, network := range c.networks {
networks = append(networks, backend.Conn{
Name: network,
})
}
var volumes []string
if !c.local {

View File

@ -28,7 +28,7 @@ func expandImage(name string) string {
func matchImage(from string, to ...string) bool {
from = trimImage(from)
for _, match := range to {
if from == match {
if from == trimImage(match) {
return true
}
}

View File

@ -161,6 +161,14 @@ func WithProxy() Option {
)
}
// WithNetworks configures the compiler with additionnal networks
// to be connected to build containers
func WithNetworks(networks ...string) Option {
return func(compiler *Compiler) {
compiler.networks = networks
}
}
// TODO(bradrydzewski) consider an alternate approach to
// WithProxy where the proxy strings are passed directly
// to the function as named parameters.

46
vendor/vendor.json vendored
View File

@ -28,68 +28,68 @@
{
"checksumSHA1": "W3AuK8ocqHwlUajGmQLFvnRhTZE=",
"path": "github.com/cncd/pipeline/pipeline",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "Qu2FreqaMr8Yx2bW9O0cxAGgjr0=",
"path": "github.com/cncd/pipeline/pipeline/backend",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "0CGXRaYwZhJxGIrGhn8WGpkFqPo=",
"path": "github.com/cncd/pipeline/pipeline/backend/docker",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "/8wE+cVb7T4PQZgpLNu0DHzKGuE=",
"path": "github.com/cncd/pipeline/pipeline/frontend",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "QWs+L3emrt5DDTWvqD6rbMtLKMw=",
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "Bsp5Fq7oc6ZDDX5COo//pajb0kk=",
"checksumSHA1": "ggOpR/vh0Hs6SnaiuiEO/9dUkcA=",
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/compiler",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "Q0GkNUFamVYIA1Fd8r0A5M6Gx54=",
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/linter",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "kx2sPUIMozPC/g6E4w48h3FfH3k=",
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/matrix",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "2/3f3oNmxXy5kcrRLCFa24Oc9O4=",
"path": "github.com/cncd/pipeline/pipeline/interrupt",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "uOjTfke7Qxosrivgz/nVTHeIP5g=",
"path": "github.com/cncd/pipeline/pipeline/multipart",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "TP5lK1T8cOKv5QjZ2nqdlYczSTo=",
"path": "github.com/cncd/pipeline/pipeline/rpc",
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
"revisionTime": "2017-04-09T09:45:58Z"
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
"revisionTime": "2017-04-10T16:25:49Z"
},
{
"checksumSHA1": "7Qj1DK0ceAXkYztW0l3+L6sn+V8=",