2019-03-01 00:23:06 +00:00
|
|
|
// Copyright 2019 Drone IO, Inc.
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
2019-02-19 23:56:41 +00:00
|
|
|
|
|
|
|
package registry
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/drone/drone/core"
|
2019-02-22 17:01:11 +00:00
|
|
|
"github.com/drone/drone/logger"
|
2019-02-19 23:56:41 +00:00
|
|
|
"github.com/drone/drone/plugin/registry/auths"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Static returns a new static credentials controller.
|
|
|
|
func Static(secrets []*core.Secret) core.RegistryService {
|
|
|
|
return &staticController{secrets: secrets}
|
|
|
|
}
|
|
|
|
|
|
|
|
type staticController struct {
|
|
|
|
secrets []*core.Secret
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *staticController) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Registry, error) {
|
2019-02-22 17:01:11 +00:00
|
|
|
static := map[string]*core.Secret{}
|
2019-02-19 23:56:41 +00:00
|
|
|
for _, secret := range c.secrets {
|
2019-02-22 17:01:11 +00:00
|
|
|
static[secret.Name] = secret
|
|
|
|
}
|
|
|
|
|
|
|
|
var results []*core.Registry
|
|
|
|
for _, name := range in.Pipeline.PullSecrets {
|
|
|
|
logger := logger.FromContext(ctx).WithField("name", name)
|
2019-02-22 19:58:23 +00:00
|
|
|
logger.Trace("registry: database: find secret")
|
2019-02-22 17:01:11 +00:00
|
|
|
|
|
|
|
secret, ok := static[name]
|
|
|
|
if !ok {
|
2019-02-22 19:58:23 +00:00
|
|
|
logger.Trace("registry: database: cannot find secret")
|
2019-02-19 23:56:41 +00:00
|
|
|
continue
|
|
|
|
}
|
2019-02-22 17:01:11 +00:00
|
|
|
|
2019-02-19 23:56:41 +00:00
|
|
|
// The secret can be restricted to non-pull request
|
|
|
|
// events. If the secret is restricted, return
|
|
|
|
// empty results.
|
|
|
|
if secret.PullRequest == false &&
|
|
|
|
in.Build.Event == core.EventPullRequest {
|
2019-02-22 19:58:23 +00:00
|
|
|
logger.Trace("registry: database: pull_request access denied")
|
2019-02-19 23:56:41 +00:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2019-02-22 19:58:23 +00:00
|
|
|
logger.Trace("registry: database: secret found")
|
2019-02-22 17:01:11 +00:00
|
|
|
parsed, err := auths.ParseString(secret.Data)
|
|
|
|
if err != nil {
|
2019-02-22 19:58:23 +00:00
|
|
|
logger.WithError(err).Error("registry: database: parsing error")
|
2019-02-22 17:01:11 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
results = append(results, parsed...)
|
|
|
|
}
|
|
|
|
return results, nil
|
2019-02-19 23:56:41 +00:00
|
|
|
}
|