60 lines
1.6 KiB
Go
60 lines
1.6 KiB
Go
// Copyright 2019 Drone.IO Inc. All rights reserved.
|
|
// Use of this source code is governed by the Drone Non-Commercial License
|
|
// that can be found in the LICENSE file.
|
|
|
|
package registry
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/drone/drone/core"
|
|
"github.com/drone/drone/logger"
|
|
"github.com/drone/drone/plugin/registry/auths"
|
|
)
|
|
|
|
// Static returns a new static credentials controller.
|
|
func Static(secrets []*core.Secret) core.RegistryService {
|
|
return &staticController{secrets: secrets}
|
|
}
|
|
|
|
type staticController struct {
|
|
secrets []*core.Secret
|
|
}
|
|
|
|
func (c *staticController) List(ctx context.Context, in *core.RegistryArgs) ([]*core.Registry, error) {
|
|
static := map[string]*core.Secret{}
|
|
for _, secret := range c.secrets {
|
|
static[secret.Name] = secret
|
|
}
|
|
|
|
var results []*core.Registry
|
|
for _, name := range in.Pipeline.PullSecrets {
|
|
logger := logger.FromContext(ctx).WithField("name", name)
|
|
logger.Trace("registry: database: find secret")
|
|
|
|
secret, ok := static[name]
|
|
if !ok {
|
|
logger.Trace("registry: database: cannot find secret")
|
|
continue
|
|
}
|
|
|
|
// The secret can be restricted to non-pull request
|
|
// events. If the secret is restricted, return
|
|
// empty results.
|
|
if secret.PullRequest == false &&
|
|
in.Build.Event == core.EventPullRequest {
|
|
logger.Trace("registry: database: pull_request access denied")
|
|
continue
|
|
}
|
|
|
|
logger.Trace("registry: database: secret found")
|
|
parsed, err := auths.ParseString(secret.Data)
|
|
if err != nil {
|
|
logger.WithError(err).Error("registry: database: parsing error")
|
|
return nil, err
|
|
}
|
|
|
|
results = append(results, parsed...)
|
|
}
|
|
return results, nil
|
|
}
|