225ddb586d
Rework entrypoints ( #3269 )
...
Co-authored-by: Thomas Anderson <127358482+zc-devs@users.noreply.github.com >
Co-authored-by: 6543 <m.huber@kithara.com >
2024-05-02 14:52:01 +02:00
f211a780f3
Handle ImagePullBackOff pod status ( #3580 )
...
close: https://github.com/woodpecker-ci/woodpecker/issues/3555
Put the same logic from `waitStep` and call the function
`isImagePullBackOffState` in the `tailStep` function.
---------
Co-authored-by: elias.souza <elias.souza@quintoandar.com.br >
Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com >
2024-04-15 09:08:13 +02:00
e1b574a4bc
Add runtimeClassName in Kubernetes backend options ( #3474 )
...
Resolves #3473
---------
Co-authored-by: Thomas Anderson <127358482+zc-devs@users.noreply.github.com >
2024-03-29 10:29:07 +01:00
2029813fc2
Remove unused cache properties ( #3567 )
2024-03-29 09:48:28 +01:00
a779eed3df
Enable golangci linter gomnd ( #3171 )
2024-03-15 18:00:25 +01:00
ad507d8ee4
Move generic agent flags to cmd/agent/core ( #3484 )
2024-03-15 11:31:35 +01:00
9db9c7116f
Improve security context handling ( #3482 )
2024-03-13 22:41:13 +01:00
bffc9c8ff8
fix: can't run multiple services on k8s ( #3395 )
...
Fix Issue: https://github.com/woodpecker-ci/woodpecker/issues/3288
The way the pod service starts up makes it impossible to run two or more
pipelines at the same time when we have a service section.
The idea is to set the name of the service in the same way we did for
the pod name.
Pipeline:
```yaml
services:
mydb:
image: mysql
environment:
- MYSQL_DATABASE=test
- MYSQL_ROOT_PASSWORD=example
ports:
- 3306/tcp
steps:
get-version:
image: ubuntu
commands:
- ( apt update && apt dist-upgrade -y && apt install -y mysql-client 2>&1 )> /dev/null
- sleep 30s # need to wait for mysql-server init
- echo 'SHOW VARIABLES LIKE "version"' | mysql -uroot -hmydb test -pexample
```
Running more than one pipeline result:
---------
Co-authored-by: elias.souza <elias.souza@quintoandar.com.br >
2024-02-17 12:30:06 +01:00
0b91317cde
Fix linter ( #3354 )
2024-02-08 22:49:07 +01:00
6892a9ca57
Parse backend options in backend ( #3227 )
...
Currently, backend options are parsed in the yaml parser.
This has some issues:
- backend specific code should be in the backend folders
- it is not possible to add backend options for backends added via
addons
2024-02-08 18:39:32 +01:00
f92f8b17a3
Make agent usable for external backends ( #3270 )
2024-02-08 16:33:22 +01:00
c7467b9828
fix: agent panic when node is terminated during step execution ( #3331 )
...
Fixes https://github.com/woodpecker-ci/woodpecker/issues/3330
This adds error handling on the agent's WaitStep function, on two
sections where it could encounter a `panic: runtime error: invalid
memory address or nil pointer dereference` in case it could no longer
access complete information about a specific pod.
This error was found to happen if the node in which the pod was running
was terminated during the step's execution.
spite active pipelines being executed on the node.
Now instead of a panic on the agent's logs and undefined behavior on the
UI it will display a more helpful error message on the UI.
### Additional context
We observed the bug first on v2.1.1, but tested the fix internally on
top of 2.3.0.
2024-02-05 22:46:14 +01:00
e5c83190c7
Sanitize pod's step label ( #3275 )
...
Closes #3272
2024-01-26 13:42:21 +01:00
1c3159ebb7
fix: bug pod service without label service ( #3256 )
2024-01-23 07:42:47 +01:00
6925afd83b
Pin prettier version ( #3260 )
2024-01-22 21:38:47 +02:00
32a1199519
fix: bug annotations ( #3255 )
...
Fix Issue: https://github.com/woodpecker-ci/woodpecker/issues/3254
Co-authored-by: elias.souza <elias.souza@quintoandar.com.br >
2024-01-22 13:39:49 +01:00
072fa29f4a
Fixed Pods creation of WP services ( #3236 )
...
Closes #3178
2024-01-21 03:56:37 +01:00
d1d2e9723d
Support custom steps entrypoint ( #2985 )
...
Closes https://github.com/woodpecker-ci/woodpecker/issues/278
---------
Co-authored-by: Anbraten <anton@ju60.de >
Co-authored-by: 6543 <6543@obermui.de >
2024-01-19 05:34:02 +01:00
10f2e209d6
Secured kubernetes backend configuration ( #3204 )
...
Follow up of #3165
2024-01-15 03:59:08 +01:00
b9f6f3f9fb
Replace goimports with gci ( #3202 )
...
`gci` seems to be much more strict.
2024-01-14 18:22:06 +01:00
0611fa9b32
Added protocol in port configuration ( #2993 )
...
Closes #2727
2024-01-12 23:57:24 +01:00
9bbc446009
Kubernetes AppArmor and seccomp ( #3123 )
...
Closes #2545
seccomp
https://kubernetes.io/docs/tutorials/security/seccomp/
https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/135-seccomp/README.md
AppArmor
https://kubernetes.io/docs/tutorials/security/apparmor/
fddcbb9cbf/keps/sig-node/24-apparmor/README.md
2024-01-12 23:32:24 +01:00
9bbba4441d
Enable golangci linter forcetypeassert ( #3168 )
...
Split out from https://github.com/woodpecker-ci/woodpecker/pull/2960
2024-01-12 02:01:02 +01:00
f813badcf9
Enable golangci linter contextcheck ( #3170 )
...
Split out from https://github.com/woodpecker-ci/woodpecker/pull/2960
2024-01-11 22:15:15 +01:00
b0a2b1cf2d
Lowercase all log strings ( #3173 )
...
from #3161
---------
Co-authored-by: 6543 <6543@obermui.de >
2024-01-11 19:17:07 +01:00
d1fe86b7be
Use UUID as podName and cleanup arguments for Kubernetes backend ( #3135 )
...
to much args are just horrible to maintain. And we already have it nice
structured stored as step.
2024-01-11 16:32:37 +01:00
7756c60a33
Enable golangci linter stylecheck ( #3167 )
...
This PR only fixes error string formatting, log message strings are
still mixed upper/lowercase (see
https://github.com/woodpecker-ci/woodpecker/pull/3161#issuecomment-1885140649 )
and I'm not aware of a linter to enforce it.
2024-01-10 22:56:42 +01:00
00df53e941
Clean up logging ( #3161 )
...
- use `Err` method instead of format strings
- use `Msg` if no format string is used
2024-01-10 20:57:12 +01:00
12c40eb957
Enable gocritic and don't ignore globally ( #3159 )
...
Use `nolint` directives instead.
From #2960
2024-01-10 15:34:44 +01:00
768fd71841
Enable some linters ( #3129 )
...
Mostly those that did not require much work.
From #2960
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
2024-01-09 21:35:37 +01:00
31614d0e38
Use step type to detect services in Kubernetes backend ( #3141 )
...
and use the correct name for tail log
---------
Co-authored-by: Anbraten <anton@ju60.de >
2024-01-09 05:42:36 +01:00
c0fc4828ff
Flexible image pull secret reference ( #3016 )
...
Co-authored-by: pat-s <patrick.schratz@gmail.com >
2024-01-05 08:33:56 +01:00
253d702bc7
Fix IPv6 host aliases for kubernetes ( #2992 )
...
Closes #2991
[Tests](https://github.com/woodpecker-ci/woodpecker/pull/2993#issuecomment-1868048169 )
---------
Co-authored-by: 6543 <6543@obermui.de >
2023-12-23 00:42:30 +01:00
01a955ed0e
Kubernetes refactor ( #2794 )
...
Kubernetes backend refactoring and tests
---------
Co-authored-by: 6543 <6543@obermui.de >
2023-12-19 04:53:52 +01:00
f7f78b2a3f
feat(k8s): Add a port name to service definition ( #2933 )
...
It should cover this issue: https://github.com/woodpecker-ci/woodpecker/issues/2931
To sum up, when several ports need to be specified, they must be named
2023-12-19 02:38:18 +01:00
b66f6cb118
fix(deps): update golang (packages) ( #2958 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[github.com/caddyserver/certmagic](https://togithub.com/caddyserver/certmagic )
| require | minor | `v0.19.2` -> `v0.20.0` |
| [github.com/expr-lang/expr](https://togithub.com/expr-lang/expr ) |
require | patch | `v1.15.6` -> `v1.15.7` |
| [github.com/google/uuid](https://togithub.com/google/uuid ) | require |
minor | `v1.4.0` -> `v1.5.0` |
|
[github.com/jellydator/ttlcache/v3](https://togithub.com/jellydator/ttlcache )
| require | patch | `v3.1.0` -> `v3.1.1` |
| [github.com/mattn/go-sqlite3](https://togithub.com/mattn/go-sqlite3 ) |
require | patch | `v1.14.18` -> `v1.14.19` |
| [github.com/xanzy/go-gitlab](https://togithub.com/xanzy/go-gitlab ) |
require | minor | `v0.94.0` -> `v0.95.2` |
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go ) | require
| minor | `v1.59.0` -> `v1.60.0` |
| [k8s.io/api](https://togithub.com/kubernetes/api ) | require | minor |
`v0.28.4` -> `v0.29.0` |
| [k8s.io/apimachinery](https://togithub.com/kubernetes/apimachinery ) |
require | minor | `v0.28.4` -> `v0.29.0` |
| [k8s.io/client-go](https://togithub.com/kubernetes/client-go ) |
require | minor | `v0.28.4` -> `v0.29.0` |
---
### Release Notes
<details>
<summary>caddyserver/certmagic
(github.com/caddyserver/certmagic)</summary>
###
[`v0.20.0`](https://togithub.com/caddyserver/certmagic/releases/tag/v0.20.0 )
[Compare
Source](https://togithub.com/caddyserver/certmagic/compare/v0.19.2...v0.20.0 )
This release vastly improves storage cleaning as well improving a few
smaller things. There is a minor breaking change as we get ever closer
to v1.0.
- ⚠️ The `DecisionFunc` for On-Demand TLS now takes a
`context.Context` value as its first argument. The context carries the
`ClientHelloInfo` value (keyed by `ClientHelloInfoCtxKey`) for logging
purposes.
- Storage cleaning is now synchronized across the cluster, including
process restarts. The state of cleaning expired certificates and OCSP
staples is written to storage, and distributed locking is used to ensure
that only 1 instance does it at a time. This greatly reduces costs for
expensive storage backends! Cleaning is also done less often when the
process is frequently restarted because the state is written to storage,
so it is not forgotten after shutting down.
- `.home.arpa` is now considered an internal suffix.
- Backoff timings have been tuned based on real-world experience.
#### What's Changed
- README: Add hint about NextProtos for certmagic.TLS by
[@​oliverpool](https://togithub.com/oliverpool ) in
[https://github.com/caddyserver/certmagic/pull/251 ](https://togithub.com/caddyserver/certmagic/pull/251 )
- Bump golang.org/x/net from 0.11.0 to 0.17.0 by
[@​dependabot](https://togithub.com/dependabot ) in
[https://github.com/caddyserver/certmagic/pull/253 ](https://togithub.com/caddyserver/certmagic/pull/253 )
- Optionally pass the context argument down to the OnDemand decision
func by [@​ankon](https://togithub.com/ankon ) in
[https://github.com/caddyserver/certmagic/pull/255 ](https://togithub.com/caddyserver/certmagic/pull/255 )
- Retain the error stack if `checkIfCertShouldBeObtained` returns an
error by [@​ankon](https://togithub.com/ankon ) in
[https://github.com/caddyserver/certmagic/pull/256 ](https://togithub.com/caddyserver/certmagic/pull/256 )
- Add OCSP stapling unit tests by
[@​kenjenkins](https://togithub.com/kenjenkins ) in
[https://github.com/caddyserver/certmagic/pull/259 ](https://togithub.com/caddyserver/certmagic/pull/259 )
#### New Contributors
- [@​oliverpool](https://togithub.com/oliverpool ) made their first
contribution in
[https://github.com/caddyserver/certmagic/pull/251 ](https://togithub.com/caddyserver/certmagic/pull/251 )
**Full Changelog**:
https://github.com/caddyserver/certmagic/compare/v0.19.2...v0.20.0
</details>
<details>
<summary>expr-lang/expr (github.com/expr-lang/expr)</summary>
###
[`v1.15.7`](https://togithub.com/expr-lang/expr/releases/tag/v1.15.7 )
[Compare
Source](https://togithub.com/expr-lang/expr/compare/v1.15.6...v1.15.7 )
**Expr** is a Go-centric expression language designed to deliver dynamic
configurations with unparalleled accuracy, safety, and speed.
##### In this release:
- Fixed commutative property for comparison between a value and a
pointer. ([#​490](https://togithub.com/expr-lang/expr/issues/490 ))
- Checker: forbid accessing built-ins and custom functions from `$env`.
([#​495](https://togithub.com/expr-lang/expr/issues/495 ))
- Enhanced the number parser to include support for parsing hexadecimal,
binary, and octal literals.
([#​483](https://togithub.com/expr-lang/expr/issues/483 ))
- Added `GetSource()` method to `vm.Program`.
([#​491](https://togithub.com/expr-lang/expr/issues/491 ))
</details>
<details>
<summary>google/uuid (github.com/google/uuid)</summary>
### [`v1.5.0`](https://togithub.com/google/uuid/releases/tag/v1.5.0 )
[Compare
Source](https://togithub.com/google/uuid/compare/v1.4.0...v1.5.0 )
##### Features
- Validate UUID without creating new UUID
([#​141](https://togithub.com/google/uuid/issues/141 ))
([9ee7366](9ee7366e66https://togithub.com/jellydator/ttlcache/releases/tag/v3.1.1 )
[Compare
Source](https://togithub.com/jellydator/ttlcache/compare/v3.1.0...v3.1.1 )
Fix a bug in the `Range` method that causes a panic when the cache is
empty
</details>
<details>
<summary>mattn/go-sqlite3 (github.com/mattn/go-sqlite3)</summary>
###
[`v1.14.19`](https://togithub.com/mattn/go-sqlite3/compare/v1.14.18...v1.14.19 )
[Compare
Source](https://togithub.com/mattn/go-sqlite3/compare/v1.14.18...v1.14.19 )
</details>
<details>
<summary>xanzy/go-gitlab (github.com/xanzy/go-gitlab)</summary>
###
[`v0.95.2`](https://togithub.com/xanzy/go-gitlab/compare/v0.95.1...v0.95.2 )
[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.95.1...v0.95.2 )
###
[`v0.95.1`](https://togithub.com/xanzy/go-gitlab/compare/v0.95.0...v0.95.1 )
[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.95.0...v0.95.1 )
###
[`v0.95.0`](https://togithub.com/xanzy/go-gitlab/compare/v0.94.0...v0.95.0 )
[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.94.0...v0.95.0 )
</details>
<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>
### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0 ):
Release 1.60.0
[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0 )
### Security
- credentials/tls: if not set, set TLS MinVersion to 1.2 and
CipherSuites according to supported suites not forbidden by RFC7540.
- This is a behavior change to bring us into better alignment with RFC
7540.
### API Changes
- resolver: remove deprecated and experimental
`ClientConn.NewServiceConfig`
([#​6784](https://togithub.com/grpc/grpc-go/issues/6784 ))
- client: remove deprecated `grpc.WithServiceConfig` `DialOption`
([#​6800](https://togithub.com/grpc/grpc-go/issues/6800 ))
### Bug Fixes
- client: fix race that could cause a deadlock while entering idle mode
and receiving a name resolver update
([#​6804](https://togithub.com/grpc/grpc-go/issues/6804 ))
- client: always enable TCP keepalives with OS defaults
([#​6834](https://togithub.com/grpc/grpc-go/issues/6834 ))
- credentials/alts: fix a bug preventing ALTS from connecting to the
metadata server if the default scheme is overridden
([#​6686](https://togithub.com/grpc/grpc-go/issues/6686 ))
- Special Thanks: [@​mjamaloney](https://togithub.com/mjamaloney )
### Behavior Changes
- server: Do not return from Stop() or GracefulStop() until all
resources are released
([#​6489](https://togithub.com/grpc/grpc-go/issues/6489 ))
- Special Thanks: [@​fho](https://togithub.com/fho )
### Documentation
- codes: clarify that only codes defined by this package are valid and
that users should not cast other values to `codes.Code`
([#​6701](https://togithub.com/grpc/grpc-go/issues/6701 ))
</details>
<details>
<summary>kubernetes/api (k8s.io/api)</summary>
###
[`v0.29.0`](https://togithub.com/kubernetes/api/compare/v0.28.4...v0.29.0 )
[Compare
Source](https://togithub.com/kubernetes/api/compare/v0.28.4...v0.29.0 )
</details>
<details>
<summary>kubernetes/apimachinery (k8s.io/apimachinery)</summary>
###
[`v0.29.0`](https://togithub.com/kubernetes/apimachinery/compare/v0.28.4...v0.29.0 )
[Compare
Source](https://togithub.com/kubernetes/apimachinery/compare/v0.28.4...v0.29.0 )
</details>
<details>
<summary>kubernetes/client-go (k8s.io/client-go)</summary>
###
[`v0.29.0`](https://togithub.com/kubernetes/client-go/compare/v0.28.4...v0.29.0 )
[Compare
Source](https://togithub.com/kubernetes/client-go/compare/v0.28.4...v0.29.0 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge -
"before 4am" (UTC).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions ) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Robert Kaussow <mail@thegeeklab.de >
2023-12-17 14:37:26 +01:00
ff1f51d6a9
Rename engine to backend ( #2950 )
...
rename based on https://woodpecker-ci.org/docs/usage/terminiology
---------
Co-authored-by: 6543 <6543@obermui.de >
2023-12-14 19:20:47 +01:00
adb2c82790
Update go module path for major version 2 ( #2905 )
...
https://go.dev/doc/modules/release-workflow#breaking
Fixes https://github.com/woodpecker-ci/woodpecker/issues/2913 fixes
#2654
```
runephilosof@fedora:~/code/platform-woodpecker/woodpecker-repo-configurator (master)$ go get go.woodpecker-ci.org/woodpecker@v2.0.0
go: go.woodpecker-ci.org/woodpecker@v2.0.0: invalid version: module contains a go.mod file, so module path must match major version ("go.woodpecker-ci.org/woodpecker/v2")
```
---------
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com >
2023-12-08 08:15:08 +01:00
3adb98b287
Simple security context options (Kubernetes) ( #2550 )
2023-11-26 08:46:06 +01:00
70711ed9db
Replace interface{} with any ( #2807 )
...
like golang:
2580d0e08d
2023-11-12 18:23:48 +01:00
5a7b689e30
Switch to go vanity urls ( #2706 )
...
Co-authored-by: Anbraten <anton@ju60.de >
2023-11-07 08:04:33 +01:00
9af71dcc98
Use unique label selector for pod label for kubernetes services ( #2723 )
...
Co-authored-by: Julian Haseleu <julian.haseleu@dreamit.de >
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com >
2023-11-04 10:35:37 +01:00
de53b906e8
Add ports into pipeline backend step model ( #2656 )
...
Closes #2655 .
[Pipeline](https://woodpecker-ci.org/docs/next/usage/services#complete-pipeline-example ):
```yaml
services:
database:
image: mysql
environment:
- MYSQL_DATABASE=test
- MYSQL_ROOT_PASSWORD=example
ports:
- 3306
steps:
get-version:
image: ubuntu
commands:
- ( apt update && apt dist-upgrade -y && apt install -y mysql-client 2>&1 )> /dev/null
- sleep 60s # need to wait for mysql-server init
- echo 'SHOW VARIABLES LIKE "version"' | mysql -uroot -hdatabase test -pexample
```
Service:
```yaml
apiVersion: v1
kind: Service
metadata:
name: wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
namespace: woodpecker-runtime
...
selfLink: >-
/api/v1/namespaces/woodpecker-runtime/services/wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
status:
loadBalancer: {}
spec:
ports:
- protocol: TCP
port: 3306
targetPort: 3306
selector:
step: database
clusterIP: 10.43.180.120
clusterIPs:
- 10.43.180.120
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster
```
2023-11-02 04:12:41 +01:00
3620c84da4
Unregister stateless agents from server on termination ( #2606 )
...
Closes #2027
---------
Co-authored-by: 6543 <6543@obermui.de >
2023-11-02 01:53:47 +02:00
ebe0307c6b
Let the backend engine report the current platform ( #2688 )
...
if you run woodpecker-agent on windows and connect it to an docker
daemon, there could be two different platforms possible, as you can
switch from linux to windows mode and visa versa
---
*Sponsored by Kithara Software GmbH*
2023-11-01 15:38:37 +01:00
4198c447fb
Destroy steps after they are done ( #2681 )
...
Co-authored-by: 6543 <m.huber@kithara.com >
2023-11-01 09:35:11 +01:00
e74115027b
Add some tests ( #2652 )
...
and some cleanups
2023-10-28 13:37:54 +02:00
46273e54d8
Require Go 1.21 ( #2553 )
...
Main change are the new `maps` and `slices` stdlib packages so we can
replace `golang.org/x/exp`.
2023-10-09 09:11:08 +02:00
61b5672051
Add option to configure tolerations in kubernetes backend ( #2249 )
...
This code add a feature to support tolerations in Kubernetes Backend
---------
Signed-off-by: Kleber Rocha <klinux@gmail.com >
2023-08-22 22:34:59 +02:00
8cdac56d8f
Check for correct license header ( #2137 )
2023-08-10 11:06:00 +02:00
