improve secret match logic
This commit is contained in:
Brad Rydzewski
parent
489cdf2572
commit
6e244be920
7 changed files with 50 additions and 36 deletions
|
|
@ -25,11 +25,6 @@ func secretAddFlags() []cli.Flag {
|
|||
cli.StringSliceFlag{
|
||||
Name: "event",
|
||||
Usage: "inject the secret for these event types",
|
||||
Value: &cli.StringSlice{
|
||||
model.EventPush,
|
||||
model.EventTag,
|
||||
model.EventDeploy,
|
||||
},
|
||||
},
|
||||
cli.StringSliceFlag{
|
||||
Name: "image",
|
||||
|
|
@ -77,6 +72,13 @@ func secretParseCmd(name string, value string, c *cli.Context) (*model.Secret, e
|
|||
secret.Events = c.StringSlice("event")
|
||||
secret.SkipVerify = c.Bool("skip-verify")
|
||||
secret.Conceal = c.Bool("conceal")
|
||||
if len(secret.Events) == 0 {
|
||||
secret.Events = []string{
|
||||
model.EventPush,
|
||||
model.EventTag,
|
||||
model.EventDeploy,
|
||||
}
|
||||
}
|
||||
|
||||
// TODO(bradrydzewski) below we use an @ sybmol to denote that the secret
|
||||
// value should be loaded from a file (inspired by curl). I'd prefer to use
|
||||
|
|
|
|||
|
|
@ -463,13 +463,11 @@ func (b *builder) Build() ([]*buildItem, error) {
|
|||
if !sec.MatchEvent(b.Curr.Event) {
|
||||
continue
|
||||
}
|
||||
if b.Curr.Verified || sec.SkipVerify {
|
||||
secrets = append(secrets, compiler.Secret{
|
||||
Name: sec.Name,
|
||||
Value: sec.Value,
|
||||
Match: sec.Images,
|
||||
})
|
||||
}
|
||||
secrets = append(secrets, compiler.Secret{
|
||||
Name: sec.Name,
|
||||
Value: sec.Value,
|
||||
Match: sec.Images,
|
||||
})
|
||||
}
|
||||
|
||||
y := b.Yaml
|
||||
|
|
|
|||
1
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/compiler.go
generated
vendored
1
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/compiler.go
generated
vendored
|
|
@ -32,6 +32,7 @@ type Compiler struct {
|
|||
escalated []string
|
||||
prefix string
|
||||
volumes []string
|
||||
networks []string
|
||||
env map[string]string
|
||||
base string
|
||||
path string
|
||||
|
|
|
|||
5
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/convert.go
generated
vendored
5
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/convert.go
generated
vendored
|
|
@ -28,6 +28,11 @@ func (c *Compiler) createProcess(name string, container *yaml.Container) *backen
|
|||
Aliases: c.aliases,
|
||||
},
|
||||
}
|
||||
for _, network := range c.networks {
|
||||
networks = append(networks, backend.Conn{
|
||||
Name: network,
|
||||
})
|
||||
}
|
||||
|
||||
var volumes []string
|
||||
if !c.local {
|
||||
|
|
|
|||
2
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/image.go
generated
vendored
2
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/image.go
generated
vendored
|
|
@ -28,7 +28,7 @@ func expandImage(name string) string {
|
|||
func matchImage(from string, to ...string) bool {
|
||||
from = trimImage(from)
|
||||
for _, match := range to {
|
||||
if from == match {
|
||||
if from == trimImage(match) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
|
|
|||
8
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/option.go
generated
vendored
8
vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/option.go
generated
vendored
|
|
@ -161,6 +161,14 @@ func WithProxy() Option {
|
|||
)
|
||||
}
|
||||
|
||||
// WithNetworks configures the compiler with additionnal networks
|
||||
// to be connected to build containers
|
||||
func WithNetworks(networks ...string) Option {
|
||||
return func(compiler *Compiler) {
|
||||
compiler.networks = networks
|
||||
}
|
||||
}
|
||||
|
||||
// TODO(bradrydzewski) consider an alternate approach to
|
||||
// WithProxy where the proxy strings are passed directly
|
||||
// to the function as named parameters.
|
||||
|
|
|
|||
46
vendor/vendor.json
vendored
46
vendor/vendor.json
vendored
|
|
@ -28,68 +28,68 @@
|
|||
{
|
||||
"checksumSHA1": "W3AuK8ocqHwlUajGmQLFvnRhTZE=",
|
||||
"path": "github.com/cncd/pipeline/pipeline",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "Qu2FreqaMr8Yx2bW9O0cxAGgjr0=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/backend",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "0CGXRaYwZhJxGIrGhn8WGpkFqPo=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/backend/docker",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "/8wE+cVb7T4PQZgpLNu0DHzKGuE=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/frontend",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "QWs+L3emrt5DDTWvqD6rbMtLKMw=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "Bsp5Fq7oc6ZDDX5COo//pajb0kk=",
|
||||
"checksumSHA1": "ggOpR/vh0Hs6SnaiuiEO/9dUkcA=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/compiler",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "Q0GkNUFamVYIA1Fd8r0A5M6Gx54=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/linter",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "kx2sPUIMozPC/g6E4w48h3FfH3k=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/matrix",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "2/3f3oNmxXy5kcrRLCFa24Oc9O4=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/interrupt",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "uOjTfke7Qxosrivgz/nVTHeIP5g=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/multipart",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "TP5lK1T8cOKv5QjZ2nqdlYczSTo=",
|
||||
"path": "github.com/cncd/pipeline/pipeline/rpc",
|
||||
"revision": "94d637b94d0439ed4853e8089d8a1b1820b67c65",
|
||||
"revisionTime": "2017-04-09T09:45:58Z"
|
||||
"revision": "3592c9ddd294f698e70b8dd855cdd66264f8ae18",
|
||||
"revisionTime": "2017-04-10T16:25:49Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "7Qj1DK0ceAXkYztW0l3+L6sn+V8=",
|
||||
|
|
|
|||
Loading…
Reference in a new issue