fix issue with wrong default .drone.yml file

This commit is contained in:
Brad Rydzewski 2019-02-22 09:01:11 -08:00
parent f7fd7185a3
commit 69a8e404bd
16 changed files with 263 additions and 103 deletions

View file

@ -38,8 +38,8 @@ func provideRunner(
registry core.RegistryService,
config config.Config,
) *runner.Runner {
// the local runner is only created when the nomad or
// kubernetes scheduler are disabled
// the local runner is only created when the nomad scheduler,
// kubernetes scheduler, and remote agents are disabled
if config.Nomad.Enabled || config.Kube.Enabled || config.Agent.Enabled {
return nil
}

View file

@ -57,7 +57,7 @@ func provideDockerScheduler(config config.Config) core.Scheduler {
// provideKubernetesScheduler is a Wire provider function that
// returns a nomad kubernetes from the environment configuration.
func provideKubernetesScheduler(config config.Config) core.Scheduler {
logrus.Info("main: kubernetes runtime enabled")
logrus.Info("main: kubernetes scheduler enabled")
sched, err := kube.FromConfig(kube.Config{
Namespace: config.Kube.Namespace,
ServiceAccount: config.Kube.ServiceAccountName,
@ -95,7 +95,7 @@ func provideKubernetesScheduler(config config.Config) core.Scheduler {
// provideNomadScheduler is a Wire provider function that returns
// a nomad scheduler from the environment configuration.
func provideNomadScheduler(config config.Config) core.Scheduler {
logrus.Info("main: nomad runtime enabled")
logrus.Info("main: nomad scheduler enabled")
sched, err := nomad.FromConfig(nomad.Config{
Datacenter: config.Nomad.Datacenters,
Namespace: config.Nomad.Namespace,
@ -134,6 +134,6 @@ func provideNomadScheduler(config config.Config) core.Scheduler {
// returns an in-memory scheduler for use by the built-in
// docker runner, and by remote agents.
func provideQueueScheduler(store core.StageStore, config config.Config) core.Scheduler {
logrus.Info("main: nomad runtime enabled")
logrus.Info("main: internal scheduler enabled")
return queue.New(store)
}

View file

@ -45,9 +45,10 @@ type (
// RegistryArgs provides arguments for requesting
// registry credentials from the remote service.
RegistryArgs struct {
Repo *Repository `json:"repo,omitempty"`
Build *Build `json:"build,omitempty"`
Conf *yaml.Manifest `json:"-"`
Repo *Repository `json:"repo,omitempty"`
Build *Build `json:"build,omitempty"`
Conf *yaml.Manifest `json:"-"`
Pipeline *yaml.Pipeline `json:"-"`
}
// RegistryService provides registry credentials from an

6
go.mod
View file

@ -12,13 +12,13 @@ require (
github.com/davecgh/go-spew v1.1.1
github.com/dchest/authcookie v0.0.0-20120917135355-fbdef6e99866
github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9
github.com/docker/distribution v0.0.0-20170726174610-edc3ab29cdff
github.com/docker/distribution v2.7.1+incompatible
github.com/docker/go-connections v0.3.0
github.com/docker/go-units v0.3.3
github.com/drone/drone-go v0.0.0-20190217024616-3e8b71333e59
github.com/drone/drone-runtime v0.0.0-20190123233515-16c002539b15
github.com/drone/drone-runtime v0.0.0-20190210191445-ad403a0ca24e
github.com/drone/drone-ui v0.0.0-20190212070020-c372640c766f
github.com/drone/drone-yaml v0.0.0-20190122234417-98eb77b4c58a
github.com/drone/drone-yaml v1.0.1-0.20190222030833-0e9ca9cdb963
github.com/drone/envsubst v1.0.1
github.com/drone/go-license v1.0.2
github.com/drone/go-login v1.0.3

17
go.sum
View file

@ -3,6 +3,10 @@ docker.io/go-docker v1.0.0/go.mod h1:7tiAn5a0LFmjbPDbyTPOaTTOuG1ZRNXdPA6RvKY+fpY
github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e h1:rl2Aq4ZODqTDkeSqQBy+fzpZPamacO1Srp8zq7jf2Sc=
github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e/go.mod h1:Xa6lInWHNQnuWoF0YPSsx+INFA9qk7/7pTjwb3PInkY=
github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc h1:cAKDfWh5VpdgMhJosfJnn5/FoN2SRZ4p7fJNX58YPaU=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf h1:qet1QNfXsQxTZqLG4oE62mJzwPIB8+Tee4RNCL9ulrY=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/asaskevich/govalidator v0.0.0-20180315120708-ccb8e960c48f h1:y2hSFdXeA1y5z5f0vfNO0Dg5qVY036qzlz3Pds0B92o=
github.com/asaskevich/govalidator v0.0.0-20180315120708-ccb8e960c48f/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/aws/aws-sdk-go v1.15.57 h1:inht07/mRNnvV4uAjjVgTVD7/rF+j0mXllYcNQxDgGA=
@ -21,6 +25,8 @@ github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9 h1:74lLNRzvsdIlkTgfD
github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
github.com/docker/distribution v0.0.0-20170726174610-edc3ab29cdff h1:FKH02LHYqSmeWd3GBh0KIkM8JBpw3RrShgtcWShdWJg=
github.com/docker/distribution v0.0.0-20170726174610-edc3ab29cdff/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/go-connections v0.3.0 h1:3lOnM9cSzgGwx8VfK/NGOW5fLQ0GjIlCkaktF+n1M6o=
github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk=
@ -29,10 +35,16 @@ github.com/drone/drone-go v0.0.0-20190217024616-3e8b71333e59 h1:tH7rJBME3tKWunUm
github.com/drone/drone-go v0.0.0-20190217024616-3e8b71333e59/go.mod h1:qVb1k1w9X5jgoGyLtbnfWNnd4XZfAwokxBmiutbpGqw=
github.com/drone/drone-runtime v0.0.0-20190123233515-16c002539b15 h1:uwgJGp/Rsu1I2UdP+ozDJrW33EbMjfO5ILAd4ePoSAw=
github.com/drone/drone-runtime v0.0.0-20190123233515-16c002539b15/go.mod h1:I+wJO4yvngCUAro6wKjkMbuPPDI/jRynqU0LTW+8J44=
github.com/drone/drone-runtime v0.0.0-20190210191445-ad403a0ca24e h1:Eq0QI9lKe6T5pziU/Kes1xX6QKAA6ZfnYvaZZeyY5TU=
github.com/drone/drone-runtime v0.0.0-20190210191445-ad403a0ca24e/go.mod h1:I+wJO4yvngCUAro6wKjkMbuPPDI/jRynqU0LTW+8J44=
github.com/drone/drone-ui v0.0.0-20190212070020-c372640c766f h1:iNutUxLvlEY9rVB+v/KEefXnYGxz70LcN4PFCYig2F0=
github.com/drone/drone-ui v0.0.0-20190212070020-c372640c766f/go.mod h1:NBtVWW7NNJpD9+huMD/5TAE1db2nrEh0i35/9Rf1MPI=
github.com/drone/drone-yaml v0.0.0-20190122234417-98eb77b4c58a h1:lkYg2gkLiuTtVgIUgBj5EX2EMj6sERIYfyM0RN1YzuY=
github.com/drone/drone-yaml v0.0.0-20190122234417-98eb77b4c58a/go.mod h1:JclcdvMwnrxyy25H3YQRxVrsj2u4GdI6L6NgJpEIp00=
github.com/drone/drone-yaml v1.0.1-0.20190222011027-9e589be71ad8 h1:Fig8cPBvJu/0jgrnYrG5ciHnlPzAu4Moc+LymIpTa4U=
github.com/drone/drone-yaml v1.0.1-0.20190222011027-9e589be71ad8/go.mod h1:eM365p3g9M5sroFBTR/najiGrZnd/GiIpWHC2UW8PoI=
github.com/drone/drone-yaml v1.0.1-0.20190222030833-0e9ca9cdb963 h1:c/xcHqxU4sSjehiWoN91nNDN0QmB0UyHOVINvJJ1GUg=
github.com/drone/drone-yaml v1.0.1-0.20190222030833-0e9ca9cdb963/go.mod h1:eM365p3g9M5sroFBTR/najiGrZnd/GiIpWHC2UW8PoI=
github.com/drone/envsubst v1.0.1 h1:NOOStingM2sbBwsIUeQkKUz8ShwCUzmqMxWrpXItfPE=
github.com/drone/envsubst v1.0.1/go.mod h1:bkZbnc/2vh1M12Ecn7EYScpI4YGYU0etwLJICOWi8Z0=
github.com/drone/go-license v1.0.2 h1:7OwndfYk+Lp/cGHkxe4HUn/Ysrrw3WYH2pnd99yrkok=
@ -89,6 +101,8 @@ github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uP
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
github.com/hashicorp/go-retryablehttp v0.0.0-20180718195005-e651d75abec6 h1:qCv4319q2q7XKn0MQbi8p37hsJ+9Xo8e6yojA73JVxk=
github.com/hashicorp/go-retryablehttp v0.0.0-20180718195005-e651d75abec6/go.mod h1:fXcdFsQoipQa7mwORhKad5jmDCeSy/RCGzWA08PO0lM=
github.com/hashicorp/go-rootcerts v1.0.0 h1:ueI78wUjYExhCvMLow4icJnayNNFRgy0d9EGs/a1T44=
github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
github.com/hashicorp/golang-lru v0.5.0 h1:CL2msUPvZTLb5O648aiLNJw3hnBxN2+1Jq8rCOH9wdo=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/nomad v0.0.0-20190125003214-134391155854 h1:L7WhLZt2ory/kQWxqkMwOiBpIoa4BWoadN7yx8LHEtk=
@ -146,6 +160,7 @@ github.com/robfig/cron v0.0.0-20180505203441-b41be1df6967 h1:x7xEyJDP7Hv3LVgvWhz
github.com/robfig/cron v0.0.0-20180505203441-b41be1df6967/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k=
github.com/segmentio/ksuid v1.0.2 h1:9yBfKyw4ECGTdALaF09Snw3sLJmYIX6AbPJrAy6MrDc=
github.com/segmentio/ksuid v1.0.2/go.mod h1:BXuJDr2byAiHuQaQtSKoXh1J0YmUDurywOXgB2w+OSU=
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
github.com/sirupsen/logrus v0.0.0-20181103062819-44067abb194b h1:dnSVC38LseSWVhj3WWqD3worKZY+EqoWwi+MMAKgPbs=
github.com/sirupsen/logrus v0.0.0-20181103062819-44067abb194b/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
@ -174,6 +189,8 @@ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c h1:fqgJT0MGcGpPgpWU7VRdRjuA
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20181017214349-06f26fdaaa28/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=

View file

@ -53,7 +53,7 @@ func HandleEnable(
repo.UserID = user.ID
if repo.Config == "" {
repo.Config = ".core.yml"
repo.Config = ".drone.yml"
}
if repo.Signer == "" {
repo.Signer = uniuri.NewLen(32)

View file

@ -261,9 +261,10 @@ func (r *Runner) Run(ctx context.Context, id int64) error {
transform.WithAuthsFunc(
func() []*engine.DockerAuth {
in := &core.RegistryArgs{
Build: m.Build,
Repo: m.Repo,
Conf: manifest,
Build: m.Build,
Repo: m.Repo,
Conf: manifest,
Pipeline: pipeline,
}
out, err := registryService.List(ctx, in)
if err != nil {

View file

@ -9,6 +9,7 @@ import (
"github.com/drone/drone-go/plugin/registry"
"github.com/drone/drone/core"
"github.com/drone/drone/logger"
)
// EndpointSource returns a registry credential provider
@ -31,6 +32,9 @@ func (c *service) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Regi
if c.endpoint == "" {
return nil, nil
}
logger := logger.FromContext(ctx)
logger.Trace("registry: plugin: get credentials")
req := &registry.Request{
Repo: toRepo(in.Repo),
Build: toBuild(in.Build),
@ -38,6 +42,7 @@ func (c *service) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Regi
client := registry.Client(c.endpoint, c.secret, c.skipVerify)
res, err := client.List(ctx, req)
if err != nil {
logger.WithError(err).Warn("registry: plugin: cannot get credentials")
return nil, err
}
@ -48,6 +53,8 @@ func (c *service) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Regi
Username: registry.Username,
Password: registry.Password,
})
logger.WithField("address", registry.Address).
Trace("registry: plugin: found credentials")
}
return registries, nil
}

View file

@ -6,7 +6,6 @@ package registry
import (
"context"
"strings"
"time"
"github.com/drone/drone-go/plugin/secret"
@ -29,73 +28,75 @@ type externalController struct {
}
func (c *externalController) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Registry, error) {
// lookup the named secret in the manifest. If the
// secret does not exist, return a nil variable,
// allowing the next secret controller in the chain
// to be invoked.
path, name, ok := getExternal(in.Conf)
if !ok {
return nil, nil
var results []*core.Registry
for _, name := range in.Pipeline.PullSecrets {
// lookup the named secret in the manifest. If the
// secret does not exist, return a nil variable,
// allowing the next secret controller in the chain
// to be invoked.
path, name, ok := getExternal(in.Conf, name)
if !ok {
return nil, nil
}
// include a timeout to prevent an API call from
// hanging the build process indefinitely. The
// external service must return a request within
// one minute.
ctx, cancel := context.WithTimeout(ctx, time.Minute)
defer cancel()
req := &secret.Request{
Name: name,
Path: path,
Repo: toRepo(in.Repo),
Build: toBuild(in.Build),
}
client := secret.Client(c.endpoint, c.secret, c.skipVerify)
res, err := client.Find(ctx, req)
if err != nil {
return nil, err
}
// if no error is returned and the secret is empty,
// this indicates the client returned No Content,
// and we should exit with no secret, but no error.
if res.Data == "" {
return nil, nil
}
// The secret can be restricted to non-pull request
// events. If the secret is restricted, return
// empty results.
if (res.Pull == false && res.PullRequest == false) &&
in.Build.Event == core.EventPullRequest {
return nil, nil
}
parsed, err := auths.ParseString(res.Data)
if err != nil {
return nil, err
}
results = append(results, parsed...)
}
// include a timeout to prevent an API call from
// hanging the build process indefinitely. The
// external service must return a request within
// one minute.
ctx, cancel := context.WithTimeout(ctx, time.Minute)
defer cancel()
req := &secret.Request{
Name: name,
Path: path,
Repo: toRepo(in.Repo),
Build: toBuild(in.Build),
}
client := secret.Client(c.endpoint, c.secret, c.skipVerify)
res, err := client.Find(ctx, req)
if err != nil {
return nil, err
}
// if no error is returned and the secret is empty,
// this indicates the client returned No Content,
// and we should exit with no secret, but no error.
if res.Data == "" {
return nil, nil
}
// The secret can be restricted to non-pull request
// events. If the secret is restricted, return
// empty results.
if (res.Pull == false && res.PullRequest == false) &&
in.Build.Event == core.EventPullRequest {
return nil, nil
}
return auths.ParseString(res.Data)
return results, nil
}
func getExternal(manifest *yaml.Manifest) (path, name string, ok bool) {
func getExternal(manifest *yaml.Manifest, match string) (path, name string, ok bool) {
for _, resource := range manifest.Resources {
secret, ok := resource.(*yaml.Secret)
if !ok {
continue
}
if !strings.EqualFold(secret.Type, "docker") {
if secret.Name != match {
continue
}
value, ok := secret.External["docker_auth_config"]
if ok {
return value.Path, value.Name, ok
}
value, ok = secret.External[".dockerconfig"]
if ok {
return value.Path, value.Name, ok
}
value, ok = secret.External[".dockerconfigjson"]
if ok {
return value.Path, value.Name, ok
if secret.Get.Name == "" && secret.Get.Path == "" {
continue
}
return secret.Get.Path, secret.Get.Name, true
}
return
}

View file

@ -6,9 +6,9 @@ package registry
import (
"context"
"strings"
"github.com/drone/drone/core"
"github.com/drone/drone/logger"
"github.com/drone/drone/plugin/registry/auths"
)
@ -22,25 +22,39 @@ type staticController struct {
}
func (c *staticController) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Registry, error) {
static := map[string]*core.Secret{}
for _, secret := range c.secrets {
if !isRegistrySecret(secret.Name) {
static[secret.Name] = secret
}
var results []*core.Registry
for _, name := range in.Pipeline.PullSecrets {
logger := logger.FromContext(ctx).WithField("name", name)
logger.Trace("registry: image_pull_secret: find secret")
secret, ok := static[name]
if !ok {
logger.Warn("registry: image_pull_secret: cannot find secret")
continue
}
// The secret can be restricted to non-pull request
// events. If the secret is restricted, return
// empty results.
if secret.PullRequest == false &&
in.Build.Event == core.EventPullRequest {
logger.Trace("registry: image_pull_secret: pull_request access denied")
continue
}
return auths.ParseString(secret.Data)
}
return nil, nil
}
func isRegistrySecret(name string) bool {
return strings.EqualFold(name, "docker_auth_config") ||
strings.EqualFold(name, ".dockerconfig") ||
strings.EqualFold(name, ".dockerconfigjson") ||
strings.EqualFold(name, "_docker")
logger.Trace("registry: image_pull_secret: secret found")
parsed, err := auths.ParseString(secret.Data)
if err != nil {
logger.WithError(err).Error("registry: image_pull_secret: parsing error")
return nil, err
}
results = append(results, parsed...)
}
return results, nil
}

View file

@ -0,0 +1,121 @@
// Copyright 2019 Drone.IO Inc. All rights reserved.
// Use of this source code is governed by the Drone Non-Commercial License
// that can be found in the LICENSE file.
package registry
import (
"testing"
"github.com/drone/drone-yaml/yaml"
"github.com/drone/drone/core"
"github.com/google/go-cmp/cmp"
)
var mockDockerAuthConfig = `{
"auths": {
"https://index.docker.io/v1/": {
"auth": "b2N0b2NhdDpjb3JyZWN0LWhvcnNlLWJhdHRlcnktc3RhcGxl"
}
}
}`
func TestStatic(t *testing.T) {
secrets := []*core.Secret{
{
Name: "dockerhub",
Data: mockDockerAuthConfig,
},
}
manifest, err := yaml.ParseString("kind: pipeline\nimage_pull_secrets: [ dockerhub ]")
if err != nil {
t.Error(err)
return
}
args := &core.RegistryArgs{
Build: &core.Build{Event: core.EventPush},
Conf: manifest,
Pipeline: manifest.Resources[0].(*yaml.Pipeline),
}
service := Static(secrets)
got, err := service.List(noContext, args)
if err != nil {
t.Error(err)
return
}
want := []*core.Registry{
{
Address: "https://index.docker.io/v1/",
Username: "octocat",
Password: "correct-horse-battery-staple",
},
}
if diff := cmp.Diff(got, want); diff != "" {
t.Errorf(diff)
return
}
}
func TestStatic_NoMatch(t *testing.T) {
secrets := []*core.Secret{
{
Name: "dockerhub",
Data: mockDockerAuthConfig,
},
}
manifest, err := yaml.ParseString("kind: pipeline\nimage_pull_secrets: [ unknown ]")
if err != nil {
t.Error(err)
return
}
args := &core.RegistryArgs{
Build: &core.Build{Event: core.EventPush},
Conf: manifest,
Pipeline: manifest.Resources[0].(*yaml.Pipeline),
}
service := Static(secrets)
got, err := service.List(noContext, args)
if err != nil {
t.Error(err)
return
}
if len(got) != 0 {
t.Errorf("Expect no results")
}
}
func TestStatic_DisablePullRequest(t *testing.T) {
secrets := []*core.Secret{
{
Name: "dockerhub",
Data: mockDockerAuthConfig,
PullRequest: false,
},
}
manifest, err := yaml.ParseString("kind: pipeline\nimage_pull_secrets: [ dockerhub ]")
if err != nil {
t.Error(err)
return
}
args := &core.RegistryArgs{
Build: &core.Build{Event: core.EventPullRequest},
Conf: manifest,
Pipeline: manifest.Resources[0].(*yaml.Pipeline),
}
service := Static(secrets)
got, err := service.List(noContext, args)
if err != nil {
t.Error(err)
return
}
if len(got) != 0 {
t.Errorf("Expect no results")
}
}

View file

@ -6,7 +6,6 @@ package secret
import (
"context"
"strings"
"time"
"github.com/drone/drone-yaml/yaml"
@ -86,20 +85,19 @@ func (c *externalController) Find(ctx context.Context, in *core.SecretArgs) (*co
}, nil
}
func getExternal(manifest *yaml.Manifest, named string) (path, name string, ok bool) {
func getExternal(manifest *yaml.Manifest, match string) (path, name string, ok bool) {
for _, resource := range manifest.Resources {
secret, ok := resource.(*yaml.Secret)
if !ok {
continue
}
if secret.Type != "" &&
!strings.EqualFold(secret.Type, "general") {
if secret.Name != match {
continue
}
value, ok := secret.External[named]
if ok {
return value.Path, value.Name, ok
if secret.Get.Name == "" && secret.Get.Path == "" {
continue
}
return secret.Get.Path, secret.Get.Name, true
}
return
}

View file

@ -30,7 +30,7 @@ func TestFind(t *testing.T) {
}
mockContents := mock.NewMockFileService(controller)
mockContents.EXPECT().Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml").Return(mockFile, nil)
mockContents.EXPECT().Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml").Return(mockFile, nil)
service := Contents(mockContents).(*service)
@ -39,7 +39,7 @@ func TestFind(t *testing.T) {
Hash: []byte(""),
}
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err != nil {
t.Error(err)
}
@ -59,11 +59,11 @@ func TestFindError(t *testing.T) {
mockUser := &core.User{}
mockContents := mock.NewMockFileService(controller)
mockContents.EXPECT().Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml").Return(nil, scm.ErrNotFound)
mockContents.EXPECT().Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml").Return(nil, scm.ErrNotFound)
service := Contents(mockContents).(*service)
_, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
_, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err != scm.ErrNotFound {
t.Errorf("Expect not found error")
}
@ -79,7 +79,7 @@ func TestFindCache(t *testing.T) {
Hash: []byte(""),
}
key := fmt.Sprintf(contentKey, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", ".core.yml")
key := fmt.Sprintf(contentKey, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", ".drone.yml")
service := Contents(nil).(*service)
service.cache.Add(key, mockFile)
@ -88,7 +88,7 @@ func TestFindCache(t *testing.T) {
Hash: []byte(""),
}
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err != nil {
t.Error(err)
}

View file

@ -25,12 +25,12 @@ func TestFind(t *testing.T) {
mockUser := &core.User{}
mockFile := &scm.Content{
Path: ".core.yml",
Path: ".drone.yml",
Data: []byte("hello world"),
}
mockContents := mockscm.NewMockContentService(controller)
mockContents.EXPECT().Find(gomock.Any(), "octocat/hello-world", ".core.yml", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa").Return(mockFile, nil, nil)
mockContents.EXPECT().Find(gomock.Any(), "octocat/hello-world", ".drone.yml", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa").Return(mockFile, nil, nil)
mockRenewer := mock.NewMockRenewer(controller)
mockRenewer.EXPECT().Renew(gomock.Any(), mockUser, false)
@ -44,7 +44,7 @@ func TestFind(t *testing.T) {
}
service := New(client, mockRenewer)
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
got, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err != nil {
t.Error(err)
}
@ -60,7 +60,7 @@ func TestFind_Error(t *testing.T) {
mockUser := &core.User{}
mockContents := mockscm.NewMockContentService(controller)
mockContents.EXPECT().Find(gomock.Any(), "octocat/hello-world", ".core.yml", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa").Return(nil, nil, scm.ErrNotFound)
mockContents.EXPECT().Find(gomock.Any(), "octocat/hello-world", ".drone.yml", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa").Return(nil, nil, scm.ErrNotFound)
mockRenewer := mock.NewMockRenewer(controller)
mockRenewer.EXPECT().Renew(gomock.Any(), mockUser, false)
@ -71,7 +71,7 @@ func TestFind_Error(t *testing.T) {
s := New(client, mockRenewer)
s.(*service).attempts = 1
s.(*service).wait = 0
_, err := s.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
_, err := s.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err != scm.ErrNotFound {
t.Errorf("Expect not found error, got %s", err)
}
@ -89,7 +89,7 @@ func TestFind_RenewalError(t *testing.T) {
client := new(scm.Client)
service := New(client, mockRenewer)
_, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".core.yml")
_, err := service.Find(noContext, mockUser, "octocat/hello-world", "a6586b3db244fb6b1198f2b25c213ded5b44f9fa", "master", ".drone.yml")
if err == nil {
t.Errorf("Expect error refreshing token")
}

View file

@ -121,7 +121,7 @@ func (t *triggerer) Trigger(ctx context.Context, repo *core.Repository, base *co
}
// // some tag hooks provide the tag but do not provide the sha.
// // this may be important if we want to fetch the .core.yml
// // this may be important if we want to fetch the .drone.yml
// if base.After == "" && base.Event == core.EventTag {
// tag, _, err := t.client.Git.FindTag(ctx, repo.Slug, base.Ref)
// if err != nil {

View file

@ -445,7 +445,7 @@ var (
Counter: 42,
Secret: "g9dMChy22QutQM5lrpbe0yCR3f15t1gv",
Signer: "g9dMChy22QutQM5lrpbe0yCR3f15t1gv",
Config: ".core.yml",
Config: ".drone.yml",
}
dummyStage = &core.Stage{