From dff4a605a8402cd15120b6175df917d7333e5656 Mon Sep 17 00:00:00 2001 From: Anbraten Date: Tue, 15 Aug 2023 19:26:03 +0200 Subject: [PATCH 1/6] remove repo pass netrc option --- pipeline/frontend/yaml/compiler/compiler.go | 3 +-- pipeline/frontend/yaml/compiler/option.go | 7 ------- pipeline/stepBuilder.go | 1 - server/api/repo.go | 4 ---- server/model/repo.go | 2 -- woodpecker-go/woodpecker/types.go | 1 - 6 files changed, 1 insertion(+), 17 deletions(-) diff --git a/pipeline/frontend/yaml/compiler/compiler.go b/pipeline/frontend/yaml/compiler/compiler.go index fec7b7a4cc..a6af41f7ad 100644 --- a/pipeline/frontend/yaml/compiler/compiler.go +++ b/pipeline/frontend/yaml/compiler/compiler.go @@ -88,7 +88,6 @@ type Compiler struct { reslimit ResourceLimit defaultCloneImage string trustedPipeline bool - netrcOnlyTrusted bool } // New creates a new Compiler with options. @@ -187,7 +186,7 @@ func (c *Compiler) Compile(conf *yaml_types.Workflow) (*backend_types.Config, er step := c.createProcess(name, container, backend_types.StepTypeClone) // only inject netrc if it's a trusted repo or a trusted plugin - if !c.netrcOnlyTrusted || c.trustedPipeline || (container.IsPlugin() && container.IsTrustedCloneImage()) { + if c.trustedPipeline || (container.IsPlugin() && container.IsTrustedCloneImage()) { for k, v := range c.cloneEnv { step.Environment[k] = v } diff --git a/pipeline/frontend/yaml/compiler/option.go b/pipeline/frontend/yaml/compiler/option.go index 65d9908f95..8e39a6353f 100644 --- a/pipeline/frontend/yaml/compiler/option.go +++ b/pipeline/frontend/yaml/compiler/option.go @@ -209,13 +209,6 @@ func WithTrusted(trusted bool) Option { } } -// WithNetrcOnlyTrusted configures the compiler with the netrcOnlyTrusted repo option -func WithNetrcOnlyTrusted(only bool) Option { - return func(compiler *Compiler) { - compiler.netrcOnlyTrusted = only - } -} - type ProxyOptions struct { NoProxy string HTTPProxy string diff --git a/pipeline/stepBuilder.go b/pipeline/stepBuilder.go index 827d4719f9..6525987335 100644 --- a/pipeline/stepBuilder.go +++ b/pipeline/stepBuilder.go @@ -284,7 +284,6 @@ func (b *StepBuilder) toInternalRepresentation(parsed *yaml_types.Workflow, envi compiler.WithWorkspaceFromURL("/woodpecker", b.Repo.Link), compiler.WithMetadata(metadata), compiler.WithTrusted(b.Repo.IsTrusted), - compiler.WithNetrcOnlyTrusted(b.Repo.NetrcOnlyTrusted), ).Compile(parsed) } diff --git a/server/api/repo.go b/server/api/repo.go index ea4425ab1d..f5ef87efb0 100644 --- a/server/api/repo.go +++ b/server/api/repo.go @@ -80,7 +80,6 @@ func PostRepo(c *gin.Context) { } else { repo = from repo.AllowPull = true - repo.NetrcOnlyTrusted = true repo.CancelPreviousPipelineEvents = server.Config.Pipeline.DefaultCancelPreviousPipelineEvents } repo.IsActive = true @@ -222,9 +221,6 @@ func PatchRepo(c *gin.Context) { if in.CancelPreviousPipelineEvents != nil { repo.CancelPreviousPipelineEvents = *in.CancelPreviousPipelineEvents } - if in.NetrcOnlyTrusted != nil { - repo.NetrcOnlyTrusted = *in.NetrcOnlyTrusted - } if in.Visibility != nil { switch *in.Visibility { case string(model.VisibilityInternal), string(model.VisibilityPrivate), string(model.VisibilityPublic): diff --git a/server/model/repo.go b/server/model/repo.go index 46fd0fddb8..25340c7836 100644 --- a/server/model/repo.go +++ b/server/model/repo.go @@ -47,7 +47,6 @@ type Repo struct { Hash string `json:"-" xorm:"varchar(500) 'repo_hash'"` Perm *Perm `json:"-" xorm:"-"` CancelPreviousPipelineEvents []WebhookEvent `json:"cancel_previous_pipeline_events" xorm:"json 'cancel_previous_pipeline_events'"` - NetrcOnlyTrusted bool `json:"netrc_only_trusted" xorm:"NOT NULL DEFAULT true 'netrc_only_trusted'"` } // @name Repo // TableName return database table name for xorm @@ -111,7 +110,6 @@ type RepoPatch struct { Visibility *string `json:"visibility,omitempty"` AllowPull *bool `json:"allow_pr,omitempty"` CancelPreviousPipelineEvents *[]WebhookEvent `json:"cancel_previous_pipeline_events"` - NetrcOnlyTrusted *bool `json:"netrc_only_trusted"` } // @name RepoPatch type ForgeRemoteID string diff --git a/woodpecker-go/woodpecker/types.go b/woodpecker-go/woodpecker/types.go index 629aaefb73..8427dffc4e 100644 --- a/woodpecker-go/woodpecker/types.go +++ b/woodpecker-go/woodpecker/types.go @@ -46,7 +46,6 @@ type ( AllowPullRequests bool `json:"allow_pr"` Config string `json:"config_file"` CancelPreviousPipelineEvents []string `json:"cancel_previous_pipeline_events"` - NetrcOnlyTrusted bool `json:"netrc_only_trusted"` } // RepoPatch defines a repository patch request. From 9881ca4b05672f4332f46b5c81ee773cd6df6839 Mon Sep 17 00:00:00 2001 From: Anbraten Date: Wed, 30 Aug 2023 07:46:17 +0200 Subject: [PATCH 2/6] Update the issue config --- .github/ISSUE_TEMPLATE/config.yml | 6 +-- .github/ISSUE_TEMPLATE/feature_request.yml | 49 ---------------------- 2 files changed, 3 insertions(+), 52 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 9071992650..27023c1397 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,8 +1,8 @@ blank_issues_enabled: true contact_links: - - name: Questions & Discussions - url: https://discord.gg/fcMQqSMXJy - about: Ask questions and discuss with other Woodpecker users. - name: Frequently Asked Questions url: https://woodpecker-ci.org/faq about: Check the FAQs for common questions. + - name: Start a discussion + about: Our preferred starting point if you have any questions, suggestions or feature requests. + url: https://github.com/woodpecker-ci/woodpecker/discussions/new/choose diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml deleted file mode 100644 index 212c4c1239..0000000000 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ /dev/null @@ -1,49 +0,0 @@ -# Credits to: https://github.com/vitejs/vite/blob/main/.github/ISSUE_TEMPLATE/feature_request.yml -name: "\U0001F680 New feature proposal" -description: Propose a new feature to be added to Woodpecker -labels: ['feature'] -body: - - type: markdown - attributes: - value: | - Thanks for your interest in the project and taking the time to fill out this feature report! - - type: textarea - id: feature-description - attributes: - label: Clear and concise description of the problem - description: 'As a user of Woodpecker I want [goal / wish] so that [benefit]. If you intend to submit a PR for this issue, tell us in the description.' - validations: - required: true - - type: textarea - id: suggested-solution - attributes: - label: Suggested solution - description: 'In web-ui / config we could provide following functionality...' - validations: - required: true - - type: textarea - id: alternative - attributes: - label: Alternative - description: Clear and concise description of any alternative solutions or features you've considered. - - type: textarea - id: additional-context - attributes: - label: Additional context - description: Any other context or screenshots about the feature request here. - - type: checkboxes - id: checkboxes - attributes: - label: Validations - description: Before submitting the issue, please make sure you do the following - options: - # - label: Follow our [Code of Conduct](https://github.com/woodpecker-ci/woodpecker/blob/main/CODE_OF_CONDUCT.md) - # required: true - - label: Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use] - required: true - - label: Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md). - required: true - - label: Read the [docs](https://woodpecker-ci.org/docs/intro). - required: true - - label: Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate. - required: true From b492c0e0af8a9d5e9e713c2d2d37bf25176f85fa Mon Sep 17 00:00:00 2001 From: Anbraten Date: Wed, 30 Aug 2023 07:48:55 +0200 Subject: [PATCH 3/6] undo --- pipeline/frontend/yaml/compiler/compiler.go | 3 ++- pipeline/frontend/yaml/compiler/option.go | 7 +++++++ pipeline/stepBuilder.go | 1 + server/api/repo.go | 4 ++++ server/model/repo.go | 2 ++ woodpecker-go/woodpecker/types.go | 1 + 6 files changed, 17 insertions(+), 1 deletion(-) diff --git a/pipeline/frontend/yaml/compiler/compiler.go b/pipeline/frontend/yaml/compiler/compiler.go index a6af41f7ad..fec7b7a4cc 100644 --- a/pipeline/frontend/yaml/compiler/compiler.go +++ b/pipeline/frontend/yaml/compiler/compiler.go @@ -88,6 +88,7 @@ type Compiler struct { reslimit ResourceLimit defaultCloneImage string trustedPipeline bool + netrcOnlyTrusted bool } // New creates a new Compiler with options. @@ -186,7 +187,7 @@ func (c *Compiler) Compile(conf *yaml_types.Workflow) (*backend_types.Config, er step := c.createProcess(name, container, backend_types.StepTypeClone) // only inject netrc if it's a trusted repo or a trusted plugin - if c.trustedPipeline || (container.IsPlugin() && container.IsTrustedCloneImage()) { + if !c.netrcOnlyTrusted || c.trustedPipeline || (container.IsPlugin() && container.IsTrustedCloneImage()) { for k, v := range c.cloneEnv { step.Environment[k] = v } diff --git a/pipeline/frontend/yaml/compiler/option.go b/pipeline/frontend/yaml/compiler/option.go index aad007efbc..d451ef6b44 100644 --- a/pipeline/frontend/yaml/compiler/option.go +++ b/pipeline/frontend/yaml/compiler/option.go @@ -213,6 +213,13 @@ func WithTrusted(trusted bool) Option { } } +// WithNetrcOnlyTrusted configures the compiler with the netrcOnlyTrusted repo option +func WithNetrcOnlyTrusted(only bool) Option { + return func(compiler *Compiler) { + compiler.netrcOnlyTrusted = only + } +} + type ProxyOptions struct { NoProxy string HTTPProxy string diff --git a/pipeline/stepBuilder.go b/pipeline/stepBuilder.go index 6525987335..827d4719f9 100644 --- a/pipeline/stepBuilder.go +++ b/pipeline/stepBuilder.go @@ -284,6 +284,7 @@ func (b *StepBuilder) toInternalRepresentation(parsed *yaml_types.Workflow, envi compiler.WithWorkspaceFromURL("/woodpecker", b.Repo.Link), compiler.WithMetadata(metadata), compiler.WithTrusted(b.Repo.IsTrusted), + compiler.WithNetrcOnlyTrusted(b.Repo.NetrcOnlyTrusted), ).Compile(parsed) } diff --git a/server/api/repo.go b/server/api/repo.go index 3e59901a28..6ca9b64360 100644 --- a/server/api/repo.go +++ b/server/api/repo.go @@ -80,6 +80,7 @@ func PostRepo(c *gin.Context) { } else { repo = from repo.AllowPull = true + repo.NetrcOnlyTrusted = true repo.CancelPreviousPipelineEvents = server.Config.Pipeline.DefaultCancelPreviousPipelineEvents } repo.IsActive = true @@ -221,6 +222,9 @@ func PatchRepo(c *gin.Context) { if in.CancelPreviousPipelineEvents != nil { repo.CancelPreviousPipelineEvents = *in.CancelPreviousPipelineEvents } + if in.NetrcOnlyTrusted != nil { + repo.NetrcOnlyTrusted = *in.NetrcOnlyTrusted + } if in.Visibility != nil { switch *in.Visibility { case string(model.VisibilityInternal), string(model.VisibilityPrivate), string(model.VisibilityPublic): diff --git a/server/model/repo.go b/server/model/repo.go index 25340c7836..46fd0fddb8 100644 --- a/server/model/repo.go +++ b/server/model/repo.go @@ -47,6 +47,7 @@ type Repo struct { Hash string `json:"-" xorm:"varchar(500) 'repo_hash'"` Perm *Perm `json:"-" xorm:"-"` CancelPreviousPipelineEvents []WebhookEvent `json:"cancel_previous_pipeline_events" xorm:"json 'cancel_previous_pipeline_events'"` + NetrcOnlyTrusted bool `json:"netrc_only_trusted" xorm:"NOT NULL DEFAULT true 'netrc_only_trusted'"` } // @name Repo // TableName return database table name for xorm @@ -110,6 +111,7 @@ type RepoPatch struct { Visibility *string `json:"visibility,omitempty"` AllowPull *bool `json:"allow_pr,omitempty"` CancelPreviousPipelineEvents *[]WebhookEvent `json:"cancel_previous_pipeline_events"` + NetrcOnlyTrusted *bool `json:"netrc_only_trusted"` } // @name RepoPatch type ForgeRemoteID string diff --git a/woodpecker-go/woodpecker/types.go b/woodpecker-go/woodpecker/types.go index 8427dffc4e..629aaefb73 100644 --- a/woodpecker-go/woodpecker/types.go +++ b/woodpecker-go/woodpecker/types.go @@ -46,6 +46,7 @@ type ( AllowPullRequests bool `json:"allow_pr"` Config string `json:"config_file"` CancelPreviousPipelineEvents []string `json:"cancel_previous_pipeline_events"` + NetrcOnlyTrusted bool `json:"netrc_only_trusted"` } // RepoPatch defines a repository patch request. From 5e18abb561d5487daed3a00b75957473682d3800 Mon Sep 17 00:00:00 2001 From: Anbraten Date: Wed, 30 Aug 2023 07:52:46 +0200 Subject: [PATCH 4/6] sort --- .github/ISSUE_TEMPLATE/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 27023c1397..9603a8035a 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,8 +1,8 @@ blank_issues_enabled: true contact_links: - - name: Frequently Asked Questions - url: https://woodpecker-ci.org/faq - about: Check the FAQs for common questions. - name: Start a discussion about: Our preferred starting point if you have any questions, suggestions or feature requests. url: https://github.com/woodpecker-ci/woodpecker/discussions/new/choose + - name: Frequently Asked Questions + url: https://woodpecker-ci.org/faq + about: Check the FAQs for common questions. From 276484d4fa9a79f520fb3912ac9fc76c8e3d8c07 Mon Sep 17 00:00:00 2001 From: Anbraten Date: Sun, 8 Oct 2023 16:04:54 +0200 Subject: [PATCH 5/6] re add file --- .github/ISSUE_TEMPLATE/feature_request.yml | 49 ++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000000..212c4c1239 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,49 @@ +# Credits to: https://github.com/vitejs/vite/blob/main/.github/ISSUE_TEMPLATE/feature_request.yml +name: "\U0001F680 New feature proposal" +description: Propose a new feature to be added to Woodpecker +labels: ['feature'] +body: + - type: markdown + attributes: + value: | + Thanks for your interest in the project and taking the time to fill out this feature report! + - type: textarea + id: feature-description + attributes: + label: Clear and concise description of the problem + description: 'As a user of Woodpecker I want [goal / wish] so that [benefit]. If you intend to submit a PR for this issue, tell us in the description.' + validations: + required: true + - type: textarea + id: suggested-solution + attributes: + label: Suggested solution + description: 'In web-ui / config we could provide following functionality...' + validations: + required: true + - type: textarea + id: alternative + attributes: + label: Alternative + description: Clear and concise description of any alternative solutions or features you've considered. + - type: textarea + id: additional-context + attributes: + label: Additional context + description: Any other context or screenshots about the feature request here. + - type: checkboxes + id: checkboxes + attributes: + label: Validations + description: Before submitting the issue, please make sure you do the following + options: + # - label: Follow our [Code of Conduct](https://github.com/woodpecker-ci/woodpecker/blob/main/CODE_OF_CONDUCT.md) + # required: true + - label: Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use] + required: true + - label: Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md). + required: true + - label: Read the [docs](https://woodpecker-ci.org/docs/intro). + required: true + - label: Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate. + required: true From 181658658ca189ea778135aac00f80f7a752ae80 Mon Sep 17 00:00:00 2001 From: Anbraten Date: Sun, 8 Oct 2023 16:07:06 +0200 Subject: [PATCH 6/6] update text --- .github/ISSUE_TEMPLATE/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 9603a8035a..c0eb8c63da 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,7 +1,7 @@ blank_issues_enabled: true contact_links: - name: Start a discussion - about: Our preferred starting point if you have any questions, suggestions or feature requests. + about: Our preferred starting point if you have any questions, suggestions or feature proposals. url: https://github.com/woodpecker-ci/woodpecker/discussions/new/choose - name: Frequently Asked Questions url: https://woodpecker-ci.org/faq