From 30b561636f5c31b7e2d1f4838d75f49bc1a32774 Mon Sep 17 00:00:00 2001
From: Brad Rydzewski <brad.rydzewski@gmail.com>
Date: Fri, 14 Apr 2017 10:41:24 +0200
Subject: [PATCH] make escalated plugins, volumes, networks configurable

---
 drone/server.go            | 17 +++++++++++++++++
 plugins/sender/plugin.go   | 10 +++++-----
 router/middleware/store.go |  3 +++
 server/hook.go             |  7 +++----
 4 files changed, 28 insertions(+), 9 deletions(-)

diff --git a/drone/server.go b/drone/server.go
index 0d100c06..315ad732 100644
--- a/drone/server.go
+++ b/drone/server.go
@@ -64,6 +64,23 @@ var serverCmd = cli.Command{
 			Usage:  "cache duration",
 			Value:  time.Minute * 15,
 		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_ESCALATE",
+			Name:   "escalate",
+			Value: &cli.StringSlice{
+				"plugins/docker",
+				"plugins/gcr",
+				"plugins/ecr",
+			},
+		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_VOLUME",
+			Name:   "volume",
+		},
+		cli.StringSliceFlag{
+			EnvVar: "DRONE_NETWORK",
+			Name:   "network",
+		},
 		cli.StringFlag{
 			EnvVar: "DRONE_AGENT_SECRET,DRONE_SECRET",
 			Name:   "agent-secret",
diff --git a/plugins/sender/plugin.go b/plugins/sender/plugin.go
index 38d1e3ba..2be5638e 100644
--- a/plugins/sender/plugin.go
+++ b/plugins/sender/plugin.go
@@ -17,7 +17,7 @@ func NewRemote(endpoint string) model.SenderService {
 }
 
 func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build) (bool, error) {
-	path := fmt.Sprintf("%s/sender/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, build.Sender)
+	path := fmt.Sprintf("%s/senders/%s/%s/%s/verify", p.endpoint, repo.Owner, repo.Name, build.Sender)
 	err := internal.Send("POST", path, build, nil)
 	if err != nil {
 		return false, err
@@ -26,22 +26,22 @@ func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.
 }
 
 func (p *plugin) SenderCreate(repo *model.Repo, sender *model.Sender) error {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	return internal.Send("POST", path, sender, nil)
 }
 
 func (p *plugin) SenderUpdate(repo *model.Repo, sender *model.Sender) error {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	return internal.Send("PUT", path, sender, nil)
 }
 
 func (p *plugin) SenderDelete(repo *model.Repo, login string) error {
-	path := fmt.Sprintf("%s/sender/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, login)
+	path := fmt.Sprintf("%s/senders/%s/%s/%s", p.endpoint, repo.Owner, repo.Name, login)
 	return internal.Send("DELETE", path, nil, nil)
 }
 
 func (p *plugin) SenderList(repo *model.Repo) ([]*model.Sender, error) {
-	path := fmt.Sprintf("%s/sender/%s/%s", p.endpoint, repo.Owner, repo.Name)
+	path := fmt.Sprintf("%s/senders/%s/%s", p.endpoint, repo.Owner, repo.Name)
 	out := []*model.Sender{}
 	err := internal.Send("GET", path, nil, out)
 	return out, err
diff --git a/router/middleware/store.go b/router/middleware/store.go
index 90f91067..6640c347 100644
--- a/router/middleware/store.go
+++ b/router/middleware/store.go
@@ -51,6 +51,9 @@ func Store(cli *cli.Context) gin.HandlerFunc {
 	server.Config.Server.Pass = cli.String("agent-secret")
 	server.Config.Server.Host = cli.String("server-host")
 	server.Config.Server.Port = cli.String("server-addr")
+	server.Config.Pipeline.Networks = cli.StringSlice("network")
+	server.Config.Pipeline.Volumes = cli.StringSlice("volumes")
+	server.Config.Pipeline.Privileged = cli.StringSlice("escalate")
 	// server.Config.Server.Open = cli.Bool("open")
 	// server.Config.Server.Orgs = sliceToMap(cli.StringSlice("orgs"))
 	// server.Config.Server.Admins = sliceToMap(cli.StringSlice("admin"))
diff --git a/server/hook.go b/server/hook.go
index da5c7bfa..fc11eabc 100644
--- a/server/hook.go
+++ b/server/hook.go
@@ -456,8 +456,9 @@ func (b *builder) Build() ([]*buildItem, error) {
 
 		ir := compiler.New(
 			compiler.WithEnviron(environ),
-			// TODO ability to customize the escalated plugins
-			compiler.WithEscalated("plugins/docker", "plugins/gcr", "plugins/ecr"),
+			compiler.WithEscalated(Config.Pipeline.Privileged...),
+			compiler.WithVolumes(Config.Pipeline.Volumes...),
+			compiler.WithNetworks(Config.Pipeline.Networks...),
 			compiler.WithLocal(false),
 			compiler.WithOption(
 				compiler.WithNetrc(
@@ -478,8 +479,6 @@ func (b *builder) Build() ([]*buildItem, error) {
 			),
 			compiler.WithEnviron(proc.Environ),
 			compiler.WithProxy(),
-			// TODO ability to set global volumes for things like certs
-			compiler.WithVolumes(),
 			compiler.WithWorkspaceFromURL("/drone", b.Curr.Link),
 			compiler.WithMetadata(metadata),
 		).Compile(parsed)