diff --git a/CHANGELOG.md b/CHANGELOG.md index d6722424..b6ca6873 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,10 +8,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - ui support for deployment list and summary. - ui support for promoting and rolling back builds. +- feature flag to use static secret when signing webhooks, from @chiraggadasc. ### Fixed - ui branch list improperly capped. +### Changed +- upgrade drone/envsubst dependency +- upgrade drone/go-scm dependency + ## [1.8.1] - 2020-06-23 ### Fixed - support for gitea api pagination, repository sync hanging. diff --git a/go.mod b/go.mod index 6ccb912c..6d0fc52f 100644 --- a/go.mod +++ b/go.mod @@ -15,9 +15,9 @@ require ( github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/drone/drone-go v1.0.6 github.com/drone/drone-runtime v1.1.1-0.20200623162453-61e33e2cab5d - github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83 + github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4 - github.com/drone/envsubst v1.0.1 + github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629 github.com/drone/go-license v1.0.2 github.com/drone/go-login v1.0.4-0.20190311170324-2a4df4f242a2 github.com/drone/go-scm v1.7.1-0.20200621203823-3731ec1f1136 diff --git a/go.sum b/go.sum index 373b0cb1..0cc3da17 100644 --- a/go.sum +++ b/go.sum @@ -85,11 +85,15 @@ github.com/drone/drone-ui v0.0.0-20200326185831-e0249bf04e88 h1:rW4xP+m+Q92mfv81 github.com/drone/drone-ui v0.0.0-20200326185831-e0249bf04e88/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI= github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83 h1:53WSXPPQVD9Q5JhrUPWQIUVvwwdHhfaGOTwHSI3ko9E= github.com/drone/drone-ui v0.0.0-20200701154614-cdf6511bab83/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI= +github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b h1:8VfphhR5arTUOFGf8KpNkEBf2z99kuC/YdnasY75Xus= +github.com/drone/drone-ui v0.0.0-20200701170131-2b91a041998b/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI= github.com/drone/drone-ui v0.8.2 h1:YWnkXxMicTy9SbiwLFGg57CZTirUzNrDcjgLUk1fPkU= github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4 h1:XsstoCeXC2t8lA9OLTdoFwckaptqahxwjCWsenySfX8= github.com/drone/drone-yaml v1.2.4-0.20200326192514-6f4d6dfb39e4/go.mod h1:QsqliFK8nG04AHFN9tTn9XJomRBQHD4wcejWW1uz/10= github.com/drone/envsubst v1.0.1 h1:NOOStingM2sbBwsIUeQkKUz8ShwCUzmqMxWrpXItfPE= github.com/drone/envsubst v1.0.1/go.mod h1:bkZbnc/2vh1M12Ecn7EYScpI4YGYU0etwLJICOWi8Z0= +github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629 h1:rIaZZalMGGPb2cU/+ypuggZ8aMlpa17RUlJUtsMv8pw= +github.com/drone/envsubst v1.0.3-0.20200709231038-aa43e1c1a629/go.mod h1:N2jZmlMufstn1KEqvbHjw40h1KyTmnVzHcSc9bFiJ2g= github.com/drone/go-license v1.0.2 h1:7OwndfYk+Lp/cGHkxe4HUn/Ysrrw3WYH2pnd99yrkok= github.com/drone/go-license v1.0.2/go.mod h1:fGRHf+F1cEaw3YVYiJ6js3G3dVhcxyS617RnNRUMsms= github.com/drone/go-login v1.0.4-0.20190311170324-2a4df4f242a2 h1:RGpgNkowJc5LAVn/ZONx70qmnaTA0z/3hHPzTBdAEO8= diff --git a/handler/api/repos/enable.go b/handler/api/repos/enable.go index 32429620..084e6402 100644 --- a/handler/api/repos/enable.go +++ b/handler/api/repos/enable.go @@ -16,6 +16,7 @@ package repos import ( "net/http" + "os" "github.com/drone/drone/core" "github.com/drone/drone/handler/api/render" @@ -26,6 +27,12 @@ import ( "github.com/go-chi/chi" ) +// FEATURE FLAG enables a static secret value used to sign +// incoming requests routed through a proxy. This was implemented +// based on feedback from @chiraggadasc and and should not be +// removed until we have a permanent solution in place. +var staticSigner = os.Getenv("DRONE_FEATURE_SERVER_PROXY_SECRET") + // HandleEnable returns an http.HandlerFunc that processes http // requests to enable a repository in the system. func HandleEnable( @@ -65,6 +72,10 @@ func HandleEnable( repo.Timeout = 60 } + if staticSigner != "" { + repo.Signer = staticSigner + } + err = hooks.Create(r.Context(), user, repo) if err != nil { render.InternalError(w, err)