diff --git a/.changelog.yml b/.changelog.yml index d7f2638878e..16bee94bed0 100644 --- a/.changelog.yml +++ b/.changelog.yml @@ -8,47 +8,37 @@ service: github # Changelog groups and which labeled PRs to add to each group groups: - - - name: BREAKING + - name: BREAKING labels: - breaking - - - name: FEATURES + - name: FEATURES labels: - feature - - - name: SECURITY + - name: SECURITY labels: - security - - - name: BUGFIXES + - name: BUGFIXES labels: - bug - - - name: ENHANCEMENTS + - name: ENHANCEMENTS labels: - enhancement - refactor - ui - - - name: TESTING + - name: TESTING labels: - tests - - - name: TRANSLATION + - name: TRANSLATION labels: - kind/translation - - - name: BUILD + - name: BUILD labels: - kind/build - kind/lint - - - name: DOCUMENTATION + - name: DOCUMENTATION labels: - documentation - - - name: MISC + - name: MISC default: true # regex indicating which labels to skip for the changelog diff --git a/.golangci.yml b/.golangci.yml index e5cce74b8ac..58bb5e7d938 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -4,7 +4,7 @@ linters-settings: misspell: locale: US gofumpt: - lang-version: "1.21" + lang-version: '1.21' extra-rules: true forbidigo: forbid: @@ -48,6 +48,6 @@ issues: - revive # let cli use print and panic - - path: "cmd/*|cli/*" + - path: 'cmd/*|cli/*' linters: - forbidigo diff --git a/.prettierignore b/.prettierignore new file mode 100644 index 00000000000..5f0f1c8b85d --- /dev/null +++ b/.prettierignore @@ -0,0 +1,7 @@ +pnpm-lock.yaml +build/ +docs/versioned_docs/ +docs/.docusaurus/ +dist/ +web/components.d.ts +CHANGELOG.md diff --git a/.prettierrc b/.prettierrc new file mode 100644 index 00000000000..aed64678912 --- /dev/null +++ b/.prettierrc @@ -0,0 +1,8 @@ +{ + "semi": true, + "trailingComma": "all", + "singleQuote": true, + "printWidth": 120, + "tabWidth": 2, + "endOfLine": "lf" +} diff --git a/.vscode/launch.json b/.vscode/launch.json index 17d67b37ad8..7cccf022035 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -3,11 +3,7 @@ "compounds": [ { "name": "Woodpecker CI", - "configurations": [ - "Woodpecker UI", - "Woodpecker server", - "Woodpecker agent" - ], + "configurations": ["Woodpecker UI", "Woodpecker server", "Woodpecker agent"], "stopAll": true } ], @@ -43,17 +39,10 @@ "type": "node", "request": "launch", "runtimeExecutable": "pnpm", - "runtimeArgs": [ - "start", - ], + "runtimeArgs": ["start"], "cwd": "${workspaceFolder}/web", - "resolveSourceMapLocations": [ - "${workspaceFolder}/web/**", - "!**/node_modules/**" - ], - "skipFiles": [ - "/**" - ] + "resolveSourceMapLocations": ["${workspaceFolder}/web/**", "!**/node_modules/**"], + "skipFiles": ["/**"] } ] } diff --git a/.vscode/settings.json b/.vscode/settings.json index abf274e2b66..c9b36b48b12 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -6,18 +6,10 @@ "**/*.code-search": true, "vendor/": true }, - "go.lintTool":"golangci-lint", - "go.lintFlags": [ - "--fast" - ], - "eslint.workingDirectories": [ - "./web" - ], + "go.lintTool": "golangci-lint", + "go.lintFlags": ["--fast"], + "eslint.workingDirectories": ["./web"], "prettier.configPath": "./web/.prettierrc.js", "prettier.ignorePath": "./web/.prettierignore", - "cSpell.words": [ - "Curr", - "doublestar", - "multierr" - ] + "cSpell.words": ["Curr", "doublestar", "multierr"] } diff --git a/.woodpecker/binaries.yml b/.woodpecker/binaries.yml index b320fe43d5f..5d8e63ab462 100644 --- a/.woodpecker/binaries.yml +++ b/.woodpecker/binaries.yml @@ -68,8 +68,8 @@ steps: release-dryrun: image: *golang_image commands: - - ls -la dist/*.* - - cat dist/checksums.txt + - ls -la dist/*.* + - cat dist/checksums.txt release: image: plugins/github-release diff --git a/.woodpecker/docker.yml b/.woodpecker/docker.yml index 46771a7e955..8a1e359d37b 100644 --- a/.woodpecker/docker.yml +++ b/.woodpecker/docker.yml @@ -21,8 +21,7 @@ variables: - &build_args 'CI_COMMIT_SHA=${CI_COMMIT_SHA},CI_COMMIT_BRANCH=${CI_COMMIT_BRANCH},CI_COMMIT_TAG=${CI_COMMIT_TAG}' # vars used on push / tag events only - - publish_logins: &publish_logins - # Default DockerHub login + - publish_logins: &publish_logins # Default DockerHub login - registry: https://index.docker.io/v1/ username: woodpeckerbot password: @@ -35,19 +34,17 @@ variables: - &publish_repos_server 'woodpeckerci/woodpecker-server,quay.io/woodpeckerci/woodpecker-server' - &publish_repos_agent 'woodpeckerci/woodpecker-agent,quay.io/woodpeckerci/woodpecker-agent' - &publish_repos_cli 'woodpeckerci/woodpecker-cli,quay.io/woodpeckerci/woodpecker-cli' - - path: &when_path - # web source code - - "web/**" + - path: &when_path # web source code + - 'web/**' # api source code - - "server/api/**" + - 'server/api/**' # go source code - - "**/*.go" - - "go.*" + - '**/*.go' + - 'go.*' # schema changes - - "pipeline/schema/**" + - 'pipeline/schema/**' # Dockerfile changes - - "docker/**" - + - 'docker/**' steps: vendor: @@ -106,7 +103,7 @@ steps: publish-server-preview: image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] group: docker settings: repo: woodpeckerci/woodpecker-server @@ -119,7 +116,7 @@ steps: publish-server-alpine-preview: image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] group: docker settings: repo: woodpeckerci/woodpecker-server @@ -132,7 +129,7 @@ steps: publish-server-preview-dry: image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] group: docker settings: dry_run: true @@ -147,7 +144,7 @@ steps: publish-server-alpine-preview-dry: image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] group: docker settings: dry_run: true @@ -185,7 +182,7 @@ steps: repo: *publish_repos_server dockerfile: docker/Dockerfile.server.multiarch platforms: *platforms_server - tag: [next, "next-${CI_COMMIT_SHA:0:10}"] + tag: [next, 'next-${CI_COMMIT_SHA:0:10}'] logins: *publish_logins when: branch: ${CI_REPO_DEFAULT_BRANCH} @@ -199,7 +196,7 @@ steps: repo: *publish_repos_server dockerfile: docker/Dockerfile.server.alpine.multiarch platforms: *platforms_alpine - tag: [next-alpine, "next-${CI_COMMIT_SHA:0:10}-alpine"] + tag: [next-alpine, 'next-${CI_COMMIT_SHA:0:10}-alpine'] logins: *publish_logins when: branch: ${CI_REPO_DEFAULT_BRANCH} @@ -242,7 +239,7 @@ steps: dockerfile: docker/Dockerfile.server.multiarch platforms: *platforms_server # remove 'latest' on older version branches to avoid accidental downgrade - tag: [latest, "${CI_COMMIT_TAG}"] + tag: [latest, '${CI_COMMIT_TAG}'] logins: *publish_logins when: event: tag @@ -255,7 +252,7 @@ steps: dockerfile: docker/Dockerfile.server.alpine.multiarch platforms: *platforms_alpine # remove 'latest-alpine' on older version branches to avoid accidental downgrade - tag: [latest-alpine, "${CI_COMMIT_TAG}-alpine"] + tag: [latest-alpine, '${CI_COMMIT_TAG}-alpine'] logins: *publish_logins when: event: tag @@ -267,7 +264,7 @@ steps: publish-agent-preview: group: docker image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] settings: repo: woodpeckerci/woodpecker-agent dockerfile: docker/Dockerfile.agent.multiarch @@ -281,7 +278,7 @@ steps: publish-agent-preview-dry: group: docker image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] settings: dry_run: true repo: woodpeckerci/woodpecker-agent @@ -301,7 +298,7 @@ steps: repo: *publish_repos_agent dockerfile: docker/Dockerfile.agent.multiarch platforms: *platforms_release - tag: [next, "next-${CI_COMMIT_SHA:0:10}"] + tag: [next, 'next-${CI_COMMIT_SHA:0:10}'] logins: *publish_logins build_args: *build_args when: @@ -316,7 +313,7 @@ steps: repo: *publish_repos_agent dockerfile: docker/Dockerfile.agent.alpine.multiarch platforms: *platforms_alpine - tag: [next-alpine, "next-${CI_COMMIT_SHA:0:10}-alpine"] + tag: [next-alpine, 'next-${CI_COMMIT_SHA:0:10}-alpine'] logins: *publish_logins build_args: *build_args when: @@ -362,7 +359,7 @@ steps: dockerfile: docker/Dockerfile.agent.multiarch platforms: *platforms_release # remove 'latest' on older version branches to avoid accidental downgrade - tag: [latest, "${CI_COMMIT_TAG}"] + tag: [latest, '${CI_COMMIT_TAG}'] logins: *publish_logins build_args: *build_args when: @@ -376,7 +373,7 @@ steps: dockerfile: docker/Dockerfile.agent.alpine.multiarch platforms: *platforms_alpine # remove 'latest-alpine' on older version branches to avoid accidental downgrade - tag: [latest-alpine, "${CI_COMMIT_TAG}-alpine"] + tag: [latest-alpine, '${CI_COMMIT_TAG}-alpine'] logins: *publish_logins build_args: *build_args when: @@ -389,7 +386,7 @@ steps: publish-cli-preview: group: docker image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] settings: repo: woodpeckerci/woodpecker-cli dockerfile: docker/Dockerfile.cli.multiarch @@ -403,7 +400,7 @@ steps: publish-cli-preview-dry: group: docker image: woodpeckerci/plugin-docker-buildx:2.1.0 - secrets: [ docker_password ] + secrets: [docker_password] settings: dry_run: true repo: woodpeckerci/woodpecker-cli @@ -423,7 +420,7 @@ steps: repo: *publish_repos_cli dockerfile: docker/Dockerfile.cli.multiarch platforms: *platforms_release - tag: [next, "next-${CI_COMMIT_SHA:0:10}"] + tag: [next, 'next-${CI_COMMIT_SHA:0:10}'] logins: *publish_logins build_args: *build_args when: @@ -438,7 +435,7 @@ steps: repo: *publish_repos_cli dockerfile: docker/Dockerfile.cli.alpine.multiarch platforms: *platforms_alpine - tag: [next-alpine, "next-${CI_COMMIT_SHA:0:10}-alpine"] + tag: [next-alpine, 'next-${CI_COMMIT_SHA:0:10}-alpine'] logins: *publish_logins build_args: *build_args when: @@ -484,7 +481,7 @@ steps: dockerfile: docker/Dockerfile.cli.multiarch platforms: *platforms_release # remove 'latest' on older version branches to avoid accidental downgrade - tag: [latest, "${CI_COMMIT_TAG}"] + tag: [latest, '${CI_COMMIT_TAG}'] logins: *publish_logins build_args: *build_args when: @@ -498,7 +495,7 @@ steps: dockerfile: docker/Dockerfile.cli.alpine.multiarch platforms: *platforms_alpine # remove 'latest-alpine' on older version branches to avoid accidental downgrade - tag: [latest-alpine, "${CI_COMMIT_TAG}-alpine"] + tag: [latest-alpine, '${CI_COMMIT_TAG}-alpine'] logins: *publish_logins build_args: *build_args when: diff --git a/.woodpecker/docs.yml b/.woodpecker/docs.yml index 8eb57d48c8d..a228f284764 100644 --- a/.woodpecker/docs.yml +++ b/.woodpecker/docs.yml @@ -2,13 +2,13 @@ when: - event: pull_request - event: push path: &when_path - - "docs/**" - - ".woodpecker/docs.yml" + - 'docs/**' + - '.woodpecker/docs.yml' # since we generate docs for cli tool we have to watch this too - - "cli/**" - - "cmd/cli/**" + - 'cli/**' + - 'cmd/cli/**' # api docs - - "server/api/**" + - 'server/api/**' branch: ${CI_REPO_DEFAULT_BRANCH} - cron: update_docs event: cron @@ -40,11 +40,11 @@ steps: deploy-preview: image: woodpeckerci/plugin-surge-preview:1.2.2 settings: - path: "docs/build/" + path: 'docs/build/' surge_token: from_secret: SURGE_TOKEN forge_type: github - forge_url: "https://github.com" + forge_url: 'https://github.com' forge_repo_token: from_secret: GITHUB_TOKEN_SURGE failure: ignore diff --git a/.woodpecker/securityscan.yml b/.woodpecker/securityscan.yml index 680e1058c28..c81074f7339 100644 --- a/.woodpecker/securityscan.yml +++ b/.woodpecker/securityscan.yml @@ -1,5 +1,5 @@ when: - - event: [ pull_request, cron ] + - event: [pull_request, cron] - event: push branch: - ${CI_REPO_DEFAULT_BRANCH} @@ -21,7 +21,7 @@ steps: image: *trivy_plugin settings: skip-dirs: node_modules/,plugins/woodpecker-plugins/node_modules/ - dir: docs/ + dir: docs/ when: event: [pull_request, push, cron] branch: ${CI_REPO_DEFAULT_BRANCH} @@ -31,4 +31,4 @@ steps: image: *trivy_plugin settings: skip-dirs: node_modules/ - dir: web/ + dir: web/ diff --git a/.woodpecker/test.yml b/.woodpecker/test.yml index dfcfc2cf6c1..bcb9f0d1504 100644 --- a/.woodpecker/test.yml +++ b/.woodpecker/test.yml @@ -8,15 +8,14 @@ when: variables: - &golang_image 'golang:1.21.3' - &when - - path: &when_path - # related config files - - ".woodpecker/test.yml" - - ".golangci.yml" + - path: &when_path # related config files + - '.woodpecker/test.yml' + - '.golangci.yml' # go source code - - "**/*.go" - - "go.*" + - '**/*.go' + - 'go.*' # schema changes - - "pipeline/schema/**" + - 'pipeline/schema/**' event: [pull_request, tag] steps: @@ -35,8 +34,8 @@ steps: when: - <<: *when - path: - - ".woodpecker/**" - - "pipeline/schema/**" + - '.woodpecker/**' + - 'pipeline/schema/**' dummy-web: image: *golang_image @@ -58,9 +57,9 @@ steps: image: *golang_image group: test commands: - - "make generate-swagger" - - "DIFF=$(git diff | head)" - - "[ -n \"$DIFF\" ] && { echo \"swagger not up to date, exec 'make generate-swagger' and commit\"; exit 1; } || true" + - 'make generate-swagger' + - 'DIFF=$(git diff | head)' + - '[ -n "$DIFF" ] && { echo "swagger not up to date, exec `make generate-swagger` and commit"; exit 1; } || true' when: *when lint-editorconfig: @@ -74,7 +73,12 @@ steps: group: test commands: - go install github.com/google/addlicense@latest - - "addlicense -check -ignore \"vendor/**\" **/*.go" + - 'addlicense -check -ignore "vendor/**" **/*.go' + when: *when + + prettier: + image: woodpeckerci/plugin-prettier:next + group: test when: *when test: @@ -120,7 +124,7 @@ steps: codecov: pull: true - image: woodpeckerci/plugin-codecov:next-alpine + image: woodpeckerci/plugin-codecov:2.1.0 settings: files: - agent-coverage.out @@ -137,7 +141,7 @@ steps: services: service-postgres: image: postgres:16 - ports: ["5432"] + ports: ['5432'] environment: - POSTGRES_USER=postgres - POSTGRES_HOST_AUTH_METHOD=trust @@ -145,7 +149,7 @@ services: service-mysql: image: mysql:8.1.0 - ports: ["3306"] + ports: ['3306'] environment: - MYSQL_DATABASE=test - MYSQL_ALLOW_EMPTY_PASSWORD=yes diff --git a/.woodpecker/web.yml b/.woodpecker/web.yml index 195010be00e..52aa3fef18b 100644 --- a/.woodpecker/web.yml +++ b/.woodpecker/web.yml @@ -10,11 +10,11 @@ variables: - &when path: # related config files - - ".woodpecker/web.yml" + - '.woodpecker/web.yml' # web source code - - "web/**" + - 'web/**' # api source code - - "server/api/**" + - 'server/api/**' event: [pull_request, tag, deployment] steps: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 942091c12f2..6b1579455b9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -32,16 +32,18 @@ For security reasons, Owners must use 2FA. To honor the past owners, here's the history of the owners and the time they served: -* 2023-01-01 ~ 2023-12-31 - https://github.com/woodpecker-ci/woodpecker/issues/1467 - * [6543](https://github.com/6543) - * [Anbraten](https://github.com/anbraten) +- 2023-01-01 ~ 2023-12-31 - https://github.com/woodpecker-ci/woodpecker/issues/1467 -* 2021-09-28 ~ 2022-12-31 - https://github.com/woodpecker-ci/woodpecker/issues/633 - * [6543](https://github.com/6543) - * [Anbraten](https://github.com/anbraten) + - [6543](https://github.com/6543) + - [Anbraten](https://github.com/anbraten) -* 2019-07-25 ~ 2021-09-28 - * [Laszlo Fogas](https://github.com/laszlocph) +- 2021-09-28 ~ 2022-12-31 - https://github.com/woodpecker-ci/woodpecker/issues/633 + + - [6543](https://github.com/6543) + - [Anbraten](https://github.com/anbraten) + +- 2019-07-25 ~ 2021-09-28 + - [Laszlo Fogas](https://github.com/laszlocph) ## Code Review diff --git a/cli/common/zerologger.go b/cli/common/zerologger.go index 7a1d30e54cf..2d3e065cde1 100644 --- a/cli/common/zerologger.go +++ b/cli/common/zerologger.go @@ -21,6 +21,6 @@ import ( ) func SetupGlobalLogger(c *cli.Context) error { - common.SetupGlobalLogger(c) + common.SetupGlobalLogger(c, false) return nil } diff --git a/cmd/agent/agent.go b/cmd/agent/agent.go index 9fde7d28f51..aac2a345339 100644 --- a/cmd/agent/agent.go +++ b/cmd/agent/agent.go @@ -49,7 +49,7 @@ import ( ) func run(c *cli.Context) error { - common.SetupGlobalLogger(c) + common.SetupGlobalLogger(c, true) agentConfigPath := c.String("agent-config") hostname := c.String("hostname") diff --git a/cmd/cli/app.go b/cmd/cli/app.go index cda24052660..ae291ba135e 100644 --- a/cmd/cli/app.go +++ b/cmd/cli/app.go @@ -41,6 +41,7 @@ func newApp() *cli.App { app.Usage = "command line utility" app.EnableBashCompletion = true app.Flags = common.GlobalFlags + app.Before = common.SetupGlobalLogger app.Commands = []*cli.Command{ pipeline.Command, log.Command, @@ -56,9 +57,5 @@ func newApp() *cli.App { cron.Command, } - for _, command := range app.Commands { - command.Before = common.SetupGlobalLogger - } - return app } diff --git a/cmd/common/logger.go b/cmd/common/logger.go index 242f9343e6d..d9b4e9671fc 100644 --- a/cmd/common/logger.go +++ b/cmd/common/logger.go @@ -51,7 +51,7 @@ var GlobalLoggerFlags = []cli.Flag{ }, } -func SetupGlobalLogger(c *cli.Context) { +func SetupGlobalLogger(c *cli.Context, printLvl bool) { logLevel := c.String("log-level") pretty := c.Bool("pretty") noColor := c.Bool("nocolor") @@ -96,5 +96,7 @@ func SetupGlobalLogger(c *cli.Context) { log.Logger = log.With().Caller().Logger() } - log.Info().Msgf("LogLevel = %s", zerolog.GlobalLevel().String()) + if printLvl { + log.Info().Msgf("LogLevel = %s", zerolog.GlobalLevel().String()) + } } diff --git a/cmd/server/docs/docs.go b/cmd/server/docs/docs.go index 614a99bf79f..73a867e2c7f 100644 --- a/cmd/server/docs/docs.go +++ b/cmd/server/docs/docs.go @@ -1432,6 +1432,32 @@ const docTemplate = `{ } } }, + "/repos/repair": { + "post": { + "produces": [ + "text/plain" + ], + "tags": [ + "Repositories" + ], + "summary": "Repair all repositories on the server. Requires admin rights.", + "parameters": [ + { + "type": "string", + "default": "Bearer \u003cpersonal access token\u003e", + "description": "Insert your personal access token", + "name": "Authorization", + "in": "header", + "required": true + } + ], + "responses": { + "204": { + "description": "No Content" + } + } + } + }, "/repos/{repo_id}": { "get": { "produces": [ @@ -2758,8 +2784,8 @@ const docTemplate = `{ } ], "responses": { - "200": { - "description": "OK" + "204": { + "description": "No Content" } } } diff --git a/cmd/server/server.go b/cmd/server/server.go index 7b8d8634f67..6217319869c 100644 --- a/cmd/server/server.go +++ b/cmd/server/server.go @@ -55,7 +55,7 @@ import ( ) func run(c *cli.Context) error { - common.SetupGlobalLogger(c) + common.SetupGlobalLogger(c, true) // set gin mode based on log level if zerolog.GlobalLevel() > zerolog.DebugLevel { diff --git a/docker-compose.gitpod.yml b/docker-compose.gitpod.yml index 885a0d9408f..1da09205232 100644 --- a/docker-compose.gitpod.yml +++ b/docker-compose.gitpod.yml @@ -31,11 +31,11 @@ services: GITEA__database__NAME: gitea GITEA__database__USER: gitea GITEA__database__PASSWD: 123456 - GITEA__webhook__ALLOWED_HOST_LIST: "*" - GITEA__security__INSTALL_LOCK: "true" - GITEA__security__INTERNAL_TOKEN: "123456" + GITEA__webhook__ALLOWED_HOST_LIST: '*' + GITEA__security__INSTALL_LOCK: 'true' + GITEA__security__INTERNAL_TOKEN: '123456' extra_hosts: - - "host.docker.internal:host-gateway" + - 'host.docker.internal:host-gateway' volumes: gitea: diff --git a/docs/.prettierrc.js b/docs/.prettierrc.js index e5d6263c972..b651096fd46 100644 --- a/docs/.prettierrc.js +++ b/docs/.prettierrc.js @@ -1,8 +1,8 @@ module.exports = { semi: true, - trailingComma: "all", + trailingComma: 'all', singleQuote: true, printWidth: 120, tabWidth: 2, - endOfLine: "lf", + endOfLine: 'lf', }; diff --git a/docs/blog/2023-06-11-hello-blog/index.md b/docs/blog/2023-06-11-hello-blog/index.md index 4bd5bd32c56..44436794ef7 100644 --- a/docs/blog/2023-06-11-hello-blog/index.md +++ b/docs/blog/2023-06-11-hello-blog/index.md @@ -15,7 +15,7 @@ Welcome to this blog. This is our first post on this blog ... -In the future we will post about our releases and other things like tutorials. +In the future we will post about our releases and other things like tutorials. We are currently working on the `1.0.0` release of Woodpecker. This release will include a lot of new features and improvements which most of you probably already tested using the `next` tag. diff --git a/docs/docs/20-usage/10-intro.md b/docs/docs/20-usage/10-intro.md index fcefb8195c5..8512ed62130 100644 --- a/docs/docs/20-usage/10-intro.md +++ b/docs/docs/20-usage/10-intro.md @@ -10,7 +10,7 @@ Webhooks are used to trigger pipeline executions. When you push code to your rep > Required Permissions > ->The user who enables a repo in Woodpecker must have `Admin` rights on that repo, so that Woodpecker can add the webhook. +> The user who enables a repo in Woodpecker must have `Admin` rights on that repo, so that Woodpecker can add the webhook. > > Note that manually creating webhooks yourself is not possible. This is because webhooks are signed using a per-repository secret key which is not exposed to end users. diff --git a/docs/docs/20-usage/15-terminiology/index.md b/docs/docs/20-usage/15-terminiology/index.md index 0eb51b62d0d..4640ede350d 100644 --- a/docs/docs/20-usage/15-terminiology/index.md +++ b/docs/docs/20-usage/15-terminiology/index.md @@ -41,11 +41,12 @@ Sometimes there are multiple terms that can be used to describe something. This - Use the term **steps** instead of the previous **jobs** -[Pipeline]: ../20-workflow-syntax.md -[Workflow]: ../25-workflows.md -[Forge]: ../../30-administration/11-forges/10-overview.md -[Plugin]: ../51-plugins/10-plugins.md + +[Pipeline]: ../20-workflow-syntax.md +[Workflow]: ../25-workflows.md +[Forge]: ../../30-administration/11-forges/10-overview.md +[Plugin]: ../51-plugins/10-plugins.md [Workspace]: ../20-workflow-syntax.md#workspace -[Matrix]: ../30-matrix-workflows.md -[Docker]: ../../30-administration/22-backends/10-docker.md -[Local]: ../../30-administration/22-backends/20-local.md +[Matrix]: ../30-matrix-workflows.md +[Docker]: ../../30-administration/22-backends/10-docker.md +[Local]: ../../30-administration/22-backends/20-local.md diff --git a/docs/docs/20-usage/20-workflow-syntax.md b/docs/docs/20-usage/20-workflow-syntax.md index a1309443d22..fad2711c160 100644 --- a/docs/docs/20-usage/20-workflow-syntax.md +++ b/docs/docs/20-usage/20-workflow-syntax.md @@ -258,8 +258,8 @@ Execute a step using custom include and exclude logic: ```yaml when: - branch: - include: [ main, release/* ] - exclude: [ release/1.0.0, release/1.1.* ] + include: [main, release/*] + exclude: [release/1.0.0, release/1.1.*] ``` #### `event` @@ -344,7 +344,7 @@ Execute a step for a specific platform using wildcards: ```yaml when: - - platform: [ linux/*, windows/amd64 ] + - platform: [linux/*, windows/amd64] ``` #### `environment` @@ -388,7 +388,7 @@ Execute a step only on a pipeline with certain files being changed: ```yaml when: - - path: "src/*" + - path: 'src/*' ``` You can use [glob patterns](https://github.com/bmatcuk/doublestar#patterns) to match the changed files and specify if the step should run if a file matching that pattern has been changed `include` or if some files have **not** been changed `exclude`. @@ -396,9 +396,9 @@ You can use [glob patterns](https://github.com/bmatcuk/doublestar#patterns) to m ```yaml when: - path: - include: [ '.woodpecker/*.yml', '*.ini' ] - exclude: [ '*.md', 'docs/**' ] - ignore_message: "[ALL]" + include: ['.woodpecker/*.yml', '*.ini'] + exclude: ['*.md', 'docs/**'] + ignore_message: '[ALL]' ``` **Hint:** Passing a defined ignore-message like `[ALL]` inside the commit message will ignore all path conditions. diff --git a/docs/docs/20-usage/40-secrets.md b/docs/docs/20-usage/40-secrets.md index 255ac9bf2e6..6dc3d574415 100644 --- a/docs/docs/20-usage/40-secrets.md +++ b/docs/docs/20-usage/40-secrets.md @@ -37,7 +37,6 @@ steps: + from_secret: secret_token ``` - Please note parameter expressions are subject to pre-processing. When using secrets in parameter expressions they should be escaped. ```diff @@ -93,7 +92,7 @@ Please be careful when exposing secrets to pull requests. If your repository is To prevent abusing your secrets with malicious pull requests, you can limit a secret to a list of images. They are not available to any other container. In addition, you can make the secret available only for plugins (steps without user-defined commands). :::warning -If you enable the option "Only available for plugins", always set an image filter too. Otherwise, the secret can be accessed by a very simple self-developed plugin and is thus *not* safe. +If you enable the option "Only available for plugins", always set an image filter too. Otherwise, the secret can be accessed by a very simple self-developed plugin and is thus _not_ safe. If you only set an image filter, you could still access the secret using the same image and by specifying a command that prints it. ::: diff --git a/docs/docs/20-usage/41-registries.md b/docs/docs/20-usage/41-registries.md index b5d32faea4d..f0a69d6b668 100644 --- a/docs/docs/20-usage/41-registries.md +++ b/docs/docs/20-usage/41-registries.md @@ -67,5 +67,3 @@ steps: commands: - ./build.sh ``` - - diff --git a/docs/docs/20-usage/45-cron.md b/docs/docs/20-usage/45-cron.md index d954cb2ca7d..f90c77c1adb 100644 --- a/docs/docs/20-usage/45-cron.md +++ b/docs/docs/20-usage/45-cron.md @@ -6,29 +6,29 @@ To configure cron jobs you need at least push access to the repository. 1. To create a new cron job adjust your pipeline config(s) and add the event filter to all steps you would like to run by the cron job: - ```diff - steps: - sync_locales: - image: weblate_sync - settings: - url: example.com - token: - from_secret: weblate_token - + when: - + event: cron - + cron: "name of the cron job" # if you only want to execute this step by a specific cron job - ``` + ```diff + steps: + sync_locales: + image: weblate_sync + settings: + url: example.com + token: + from_secret: weblate_token + + when: + + event: cron + + cron: "name of the cron job" # if you only want to execute this step by a specific cron job + ``` 1. Create a new cron job in the repository settings: - ![cron settings](./cron-settings.png) + ![cron settings](./cron-settings.png) - The supported schedule syntax can be found at . If you need general understanding of the cron syntax is a good place to start and experiment. + The supported schedule syntax can be found at . If you need general understanding of the cron syntax is a good place to start and experiment. - Examples: `@every 5m`, `@daily`, `0 30 * * * *` ... + Examples: `@every 5m`, `@daily`, `0 30 * * * *` ... - :::info - Woodpeckers cron syntax starts with seconds instead of minutes as used by most linux cron schedulers. + :::info + Woodpeckers cron syntax starts with seconds instead of minutes as used by most linux cron schedulers. - Example: "At minute 30 every hour" would be `0 30 * * * *` instead of `30 * * * *` - ::: + Example: "At minute 30 every hour" would be `0 30 * * * *` instead of `30 * * * *` + ::: diff --git a/docs/docs/20-usage/50-environment.md b/docs/docs/20-usage/50-environment.md index ddd2765f4c9..3dd5d801d18 100644 --- a/docs/docs/20-usage/50-environment.md +++ b/docs/docs/20-usage/50-environment.md @@ -48,7 +48,7 @@ This is the reference list of all environment variables available to your pipeli | NAME | Description | | -------------------------------- | -------------------------------------------------------------------------------------------- | -| `CI` | CI environment name (value: `woodpecker`) | +| `CI` | CI environment name (value: `woodpecker`) | | | **Repository** | | `CI_REPO` | repository full name `/` | | `CI_REPO_OWNER` | repository owner | diff --git a/docs/docs/20-usage/51-plugins/10-plugins.md b/docs/docs/20-usage/51-plugins/10-plugins.md index 6c1cce3d141..48977c9a849 100644 --- a/docs/docs/20-usage/51-plugins/10-plugins.md +++ b/docs/docs/20-usage/51-plugins/10-plugins.md @@ -41,6 +41,7 @@ There are also other plugin lists with additional plugins. Keep in mind that [Dr - [Drone Plugins](http://plugins.drone.io) - [Geeklab Woodpecker Plugins](https://woodpecker-plugins.geekdocs.de/) + ::: ## Creating a plugin diff --git a/docs/docs/20-usage/71-project-settings.md b/docs/docs/20-usage/71-project-settings.md index d65552182e9..319a07e6101 100644 --- a/docs/docs/20-usage/71-project-settings.md +++ b/docs/docs/20-usage/71-project-settings.md @@ -21,7 +21,7 @@ Enables handling webhook's pull request event. If disabled, then pipeline won't ### Protected Every pipeline initiated by an webhook event needs to be approved by a project members with push permissions before being executed. -The protected option can be used as an additional review process before running potentially harmful pipelines. Especially if pipelines can be executed by third-parties through pull-requests. +The protected option can be used as an additional review process before running potentially harmful pipelines. Especially if pipelines can be executed by third-parties through pull-requests. ### Trusted diff --git a/docs/docs/20-usage/90-advanced-usage.md b/docs/docs/20-usage/90-advanced-usage.md index 8a1402678be..2edad5d2474 100644 --- a/docs/docs/20-usage/90-advanced-usage.md +++ b/docs/docs/20-usage/90-advanced-usage.md @@ -9,6 +9,7 @@ YAML has some advanced syntax features that can be used like variables to reduce You can use [YAML anchors & aliases](https://yaml.org/spec/1.2.2/#3222-anchors-and-aliases) as variables in your pipeline config. To convert this: + ```yml steps: test: @@ -71,26 +72,26 @@ steps: ```yaml variables: pre_cmds: &pre_cmds - - echo start - - whoami + - echo start + - whoami post_cmds: &post_cmds - - echo stop + - echo stop hello_cmd: &hello_cmd - - echo hello + - echo hello steps: step1: image: debian commands: - - <<: *pre_cmds # prepend a sequence - - echo exec step now do dedicated things - - <<: *post_cmds # append a sequence + - <<: *pre_cmds # prepend a sequence + - echo exec step now do dedicated things + - <<: *post_cmds # append a sequence step2: image: debian commands: - - <<: [*pre_cmds, *hello_cmd] # prepend two sequences - - echo echo from second step - - <<: *post_cmds + - <<: [*pre_cmds, *hello_cmd] # prepend two sequences + - echo echo from second step + - <<: *post_cmds ``` ### References @@ -107,8 +108,8 @@ steps: init: image: bash commands: - echo "FOO=hello" >> envvars - echo "BAR=world" >> envvars + - echo "FOO=hello" >> envvars + - echo "BAR=world" >> envvars debug: image: bash diff --git a/docs/docs/30-administration/00-deployment/00-overview.md b/docs/docs/30-administration/00-deployment/00-overview.md index 214c615c0db..9e48d9d6ac6 100644 --- a/docs/docs/30-administration/00-deployment/00-overview.md +++ b/docs/docs/30-administration/00-deployment/00-overview.md @@ -24,7 +24,7 @@ Below are minimal resources requirements for Woodpecker components itself: | Component | Memory | CPU | | --------- | ------ | --- | | Server | 200 MB | 1 | -| Agent | 32 MB | 1 | +| Agent | 32 MB | 1 | Note, that those values do not include the operating system or workload (pipelines execution) resources consumption. diff --git a/docs/docs/30-administration/00-deployment/10-docker-compose.md b/docs/docs/30-administration/00-deployment/10-docker-compose.md index 99b19c392aa..e649301f2a1 100644 --- a/docs/docs/30-administration/00-deployment/10-docker-compose.md +++ b/docs/docs/30-administration/00-deployment/10-docker-compose.md @@ -139,7 +139,7 @@ Image variants: - The `vX.X` images are based on the current release branch (e.g. `release/v1.0`) and can be used to get bugfixes asap - The `next` images are based on the current `main` branch and should not be used for production environments -``` bash +```bash # server docker pull woodpeckerci/woodpecker-server:latest docker pull woodpeckerci/woodpecker-server:latest-alpine diff --git a/docs/docs/30-administration/00-deployment/20-kubernetes.md b/docs/docs/30-administration/00-deployment/20-kubernetes.md index 049b460c6d9..7eb7dacf5d7 100644 --- a/docs/docs/30-administration/00-deployment/20-kubernetes.md +++ b/docs/docs/30-administration/00-deployment/20-kubernetes.md @@ -7,4 +7,3 @@ The chart contains two subcharts, `server` and `agent` which are automatically c The chart started off with two independent charts but was merged into one to simplify the deployment at start of 2023. A couple of backend-specific config env vars exists which are described in the [kubernetes backend docs](../22-backends/40-kubernetes.md). - diff --git a/docs/docs/30-administration/10-server-config.md b/docs/docs/30-administration/10-server-config.md index 763711e34af..c6ae4b58d5a 100644 --- a/docs/docs/30-administration/10-server-config.md +++ b/docs/docs/30-administration/10-server-config.md @@ -157,17 +157,18 @@ WOODPECKER_CUSTOM_CSS_FILE=/usr/local/www/woodpecker.js The examples below show how to place a banner message in the top navigation bar of Woodpecker. ##### woodpecker.css + ```css .banner-message { - position: absolute; - width: 280px; - height: 40px; - margin-left: 240px; - margin-top: 5px; - padding-top: 5px; - font-weight: bold; - background: red no-repeat; - text-align: center; + position: absolute; + width: 280px; + height: 40px; + margin-left: 240px; + margin-top: 5px; + padding-top: 5px; + font-weight: bold; + background: red no-repeat; + text-align: center; } ``` @@ -175,44 +176,52 @@ The examples below show how to place a banner message in the top navigation bar ```javascript // place/copy a minified version of jQuery or ZeptoJS here ... -!function(){"use strict";function e(){};/*...*/}(); +!(function () { + 'use strict'; + function e() {} /*...*/ +})(); -$().ready(function(){ - $(".app nav img").first().htmlAfter("") +$().ready(function () { + $('.app nav img').first().htmlAfter(""); }); ``` - ## All server configuration options The following list describes all available server configuration options. ### `WOODPECKER_LOG_LEVEL` + > Default: empty Configures the logging level. Possible values are `trace`, `debug`, `info`, `warn`, `error`, `fatal`, `panic`, `disabled` and empty. ### `WOODPECKER_LOG_XORM` + > Default: `false` Enable XORM logs. ### `WOODPECKER_LOG_XORM_SQL` + > Default: `false` Enable XORM SQL command logs. ### `WOODPECKER_DEBUG_PRETTY` + > Default: `false` Enable pretty-printed debug output. ### `WOODPECKER_DEBUG_NOCOLOR` + > Default: `true` Disable colored debug output. ### `WOODPECKER_HOST` + > Default: empty Server fully qualified URL of the user-facing hostname and path prefix. @@ -220,6 +229,7 @@ Server fully qualified URL of the user-facing hostname and path prefix. Example: `WOODPECKER_HOST=http://woodpecker.example.org` or `WOODPECKER_HOST=http://example.org/woodpecker` ### `WOODPECKER_WEBHOOK_HOST` + > Default: value from `WOODPECKER_HOST` config env Server fully qualified URL of the Webhook-facing hostname and path prefix. @@ -227,16 +237,19 @@ Server fully qualified URL of the Webhook-facing hostname and path prefix. Example: `WOODPECKER_WEBHOOK_HOST=http://woodpecker-server.cicd.svc.cluster.local:8000` ### `WOODPECKER_SERVER_ADDR` + > Default: `:8000` Configures the HTTP listener port. ### `WOODPECKER_SERVER_ADDR_TLS` + > Default: `:443` Configures the HTTPS listener port when SSL is enabled. ### `WOODPECKER_SERVER_CERT` + > Default: empty Path to an SSL certificate used by the server to accept HTTPS requests. @@ -244,6 +257,7 @@ Path to an SSL certificate used by the server to accept HTTPS requests. Example: `WOODPECKER_SERVER_CERT=/path/to/cert.pem` ### `WOODPECKER_SERVER_KEY` + > Default: empty Path to an SSL certificate key used by the server to accept HTTPS requests. @@ -251,6 +265,7 @@ Path to an SSL certificate key used by the server to accept HTTPS requests. Example: `WOODPECKER_SERVER_KEY=/path/to/key.pem` ### `WOODPECKER_CUSTOM_CSS_FILE` + > Default: empty File path for the server to serve a custom .CSS file, used for customizing the UI. @@ -260,6 +275,7 @@ The file must be UTF-8 encoded, to ensure all special characters are preserved. Example: `WOODPECKER_CUSTOM_CSS_FILE=/usr/local/www/woodpecker.css` ### `WOODPECKER_CUSTOM_JS_FILE` + > Default: empty File path for the server to serve a custom .JS file, used for customizing the UI. @@ -269,26 +285,31 @@ The file must be UTF-8 encoded, to ensure all special characters are preserved. Example: `WOODPECKER_CUSTOM_JS_FILE=/usr/local/www/woodpecker.js` ### `WOODPECKER_LETS_ENCRYPT` + > Default: `false` Automatically generates an SSL certificate using Let's Encrypt, and configures the server to accept HTTPS requests. ### `WOODPECKER_GRPC_ADDR` + > Default: `:9000` Configures the gRPC listener port. ### `WOODPECKER_GRPC_SECRET` + > Default: `secret` Configures the gRPC JWT secret. ### `WOODPECKER_GRPC_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_GRPC_SECRET` from the specified filepath. ### `WOODPECKER_METRICS_SERVER_ADDR` + > Default: empty Configures an unprotected metrics endpoint. An empty value disables the metrics endpoint completely. @@ -296,6 +317,7 @@ Configures an unprotected metrics endpoint. An empty value disables the metrics Example: `:9001` ### `WOODPECKER_ADMIN` + > Default: empty Comma-separated list of admin accounts. @@ -303,6 +325,7 @@ Comma-separated list of admin accounts. Example: `WOODPECKER_ADMIN=user1,user2` ### `WOODPECKER_ORGS` + > Default: empty Comma-separated list of approved organizations. @@ -310,6 +333,7 @@ Comma-separated list of approved organizations. Example: `org1,org2` ### `WOODPECKER_REPO_OWNERS` + > Default: empty Comma-separated list of syncable repo owners. ??? @@ -317,41 +341,49 @@ Comma-separated list of syncable repo owners. ??? Example: `user1,user2` ### `WOODPECKER_OPEN` + > Default: `false` Enable to allow user registration. ### `WOODPECKER_DOCS` + > Default: `https://woodpecker-ci.org/` Link to documentation in the UI. ### `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS` + > Default: `false` Always use authentication to clone repositories even if they are public. Needed if the forge requires to always authenticate as used by many companies. ### `WOODPECKER_DEFAULT_CANCEL_PREVIOUS_PIPELINE_EVENTS` + > Default: `pull_request, push` List of event names that will be canceled when a new pipeline for the same context (tag, branch) is created. ### `WOODPECKER_DEFAULT_CLONE_IMAGE` + > Default is defined in [shared/constant/constant.go](https://github.com/woodpecker-ci/woodpecker/blob/main/shared/constant/constant.go) The default docker image to be used when cloning the repo ### `WOODPECKER_DEFAULT_PIPELINE_TIMEOUT` + > 60 (minutes) The default time for a repo in minutes before a pipeline gets killed ### `WOODPECKER_MAX_PIPELINE_TIMEOUT` + > 120 (minutes) The maximum time in minutes you can set in the repo settings before a pipeline gets killed ### `WOODPECKER_SESSION_EXPIRES` + > Default: `72h` Configures the session expiration time. @@ -360,6 +392,7 @@ As long as the session is valid (until it expires or log-out), a user can log into Woodpecker, without re-authentication. ### `WOODPECKER_ESCALATE` + > Defaults are defined in [shared/constant/constant.go](https://github.com/woodpecker-ci/woodpecker/blob/main/shared/constant/constant.go) Docker images to run in privileged mode. Only change if you are sure what you do! @@ -374,6 +407,7 @@ Example: `WOODPECKER_VOLUME=/path/on/host:/path/in/container:rw`| --> ### `WOODPECKER_DOCKER_CONFIG` + > Default: empty Configures a specific private registry config for all pipelines. @@ -395,16 +429,19 @@ Example: `WOODPECKER_NETWORK=network1,network2` --> ### `WOODPECKER_AGENT_SECRET` + > Default: empty A shared secret used by server and agents to authenticate communication. A secret can be generated by `openssl rand -hex 32`. ### `WOODPECKER_AGENT_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_AGENT_SECRET` from the specified filepath ### `WOODPECKER_KEEPALIVE_MIN_TIME` + > Default: empty Server-side enforcement policy on the minimum amount of time a client should wait before sending a keepalive ping. @@ -412,16 +449,19 @@ Server-side enforcement policy on the minimum amount of time a client should wai Example: `WOODPECKER_KEEPALIVE_MIN_TIME=10s` ### `WOODPECKER_DATABASE_DRIVER` + > Default: `sqlite3` The database driver name. Possible values are `sqlite3`, `mysql` or `postgres`. ### `WOODPECKER_DATABASE_DATASOURCE` + > Default: `woodpecker.sqlite` The database connection string. The default value is the path of the embedded SQLite database file. Example: + ```bash # MySQL # https://github.com/go-sql-driver/mysql#dsn-data-source-name @@ -433,47 +473,56 @@ WOODPECKER_DATABASE_DATASOURCE=postgres://root:password@1.2.3.4:5432/woodpecker? ``` ### `WOODPECKER_DATABASE_DATASOURCE_FILE` + > Default: empty Read the value for `WOODPECKER_DATABASE_DATASOURCE` from the specified filepath ### `WOODPECKER_ENCRYPTION_KEY` + > Default: empty Encryption key used to encrypt secrets in DB. See [secrets encryption](./40-encryption.md) ### `WOODPECKER_ENCRYPTION_KEY_FILE` + > Default: empty Read the value for `WOODPECKER_ENCRYPTION_KEY` from the specified filepath ### `WOODPECKER_ENCRYPTION_TINK_KEYSET_FILE` + > Default: empty Filepath to encryption keyset used to encrypt secrets in DB. See [secrets encryption](./40-encryption.md) ### `WOODPECKER_ENCRYPTION_DISABLE` + > Default: empty Boolean flag to decrypt secrets in DB and disable server encryption. See [secrets encryption](./40-encryption.md) ### `WOODPECKER_PROMETHEUS_AUTH_TOKEN` + > Default: empty Token to secure the Prometheus metrics endpoint. Must be set to enable the endpoint. ### `WOODPECKER_PROMETHEUS_AUTH_TOKEN_FILE` + > Default: empty Read the value for `WOODPECKER_PROMETHEUS_AUTH_TOKEN` from the specified filepath ### `WOODPECKER_STATUS_CONTEXT` + > Default: `ci/woodpecker` Context prefix Woodpecker will use to publish status messages to SCM. You probably will only need to change it if you run multiple Woodpecker instances for a single repository. ### `WOODPECKER_STATUS_CONTEXT_FORMAT` + > Default: `{{ .context }}/{{ .event }}/{{ .workflow }}` Template for the status messages published to forges, uses [Go templates](https://pkg.go.dev/text/template) as template language. @@ -488,50 +537,57 @@ Supported variables: --- ### `WOODPECKER_LIMIT_MEM_SWAP` + > Default: `0` The maximum amount of memory a single pipeline container is allowed to swap to disk, configured in bytes. There is no limit if `0`. ### `WOODPECKER_LIMIT_MEM` + > Default: `0` The maximum amount of memory a single pipeline container can use, configured in bytes. There is no limit if `0`. ### `WOODPECKER_LIMIT_SHM_SIZE` + > Default: `0` The maximum amount of memory of `/dev/shm` allowed in bytes. There is no limit if `0`. ### `WOODPECKER_LIMIT_CPU_QUOTA` + > Default: `0` The number of microseconds per CPU period that the container is limited to before throttled. There is no limit if `0`. ### `WOODPECKER_LIMIT_CPU_SHARES` + > Default: `0` The relative weight vs. other containers. ### `WOODPECKER_LIMIT_CPU_SET` + > Default: empty Comma-separated list to limit the specific CPUs or cores a pipeline container can use. Example: `WOODPECKER_LIMIT_CPU_SET=1,2` - ### `WOODPECKER_CONFIG_SERVICE_ENDPOINT` + > Default: `` Specify a configuration service endpoint, see [Configuration Extension](./100-external-configuration-api.md) - ### `WOODPECKER_FORGE_TIMEOUT` + > Default: 3sec Specify how many seconds before timeout when fetching the Woodpecker configuration from a Forge ### `WOODPECKER_ROOT_PATH` + > Default: extracted from `WOODPECKER_HOST` Server URL path prefix (used for statics loading when having a url path prefix), should start with `/` @@ -539,6 +595,7 @@ Server URL path prefix (used for statics loading when having a url path prefix), Example: `WOODPECKER_ROOT_PATH=/woodpecker` ### `WOODPECKER_ENABLE_SWAGGER` + > Default: true Enable the Swagger UI for API documentation. diff --git a/docs/docs/30-administration/100-external-configuration-api.md b/docs/docs/30-administration/100-external-configuration-api.md index 7970ff46e50..ab170a9d5a8 100644 --- a/docs/docs/30-administration/100-external-configuration-api.md +++ b/docs/docs/30-administration/100-external-configuration-api.md @@ -56,9 +56,7 @@ WOODPECKER_CONFIG_SERVICE_ENDPOINT=https://example.com/ciconfig "author_avatar": "https://myforge.com/avatars/d6b3f7787a685fcdf2a44e2c685c7e03", "author_email": "my@email.com", "branch": "main", - "changed_files": [ - "somefilename.txt" - ], + "changed_files": ["somefilename.txt"], "commit": "2fff90f8d288a4640e90f05049fe30e61a14fd50", "created_at": 0, "deploy_to": "", diff --git a/docs/docs/30-administration/11-forges/10-overview.md b/docs/docs/30-administration/11-forges/10-overview.md index b260018d4f6..3087ec059fb 100644 --- a/docs/docs/30-administration/11-forges/10-overview.md +++ b/docs/docs/30-administration/11-forges/10-overview.md @@ -2,11 +2,11 @@ ## Supported features -| Feature | [GitHub](github/) | [Gitea / Forgejo](gitea/) | [Gitlab](gitlab/) | [Bitbucket](bitbucket/) | -| --- | :---: | :---: | :---: | :---: | -| Event: Push | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Event: Tag | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Event: Pull-Request | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Event: Deploy | :white_check_mark: | :x: | :x: | :x: | -| [Multiple workflows](../../20-usage/25-workflows.md) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| [when.path filter](../../20-usage/20-workflow-syntax.md#path) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | +| Feature | [GitHub](github/) | [Gitea / Forgejo](gitea/) | [Gitlab](gitlab/) | [Bitbucket](bitbucket/) | +| ------------------------------------------------------------- | :----------------: | :-----------------------: | :----------------: | :---------------------: | +| Event: Push | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Event: Tag | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Event: Pull-Request | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Event: Deploy | :white_check_mark: | :x: | :x: | :x: | +| [Multiple workflows](../../20-usage/25-workflows.md) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| [when.path filter](../../20-usage/20-workflow-syntax.md#path) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | diff --git a/docs/docs/30-administration/11-forges/30-gitea.md b/docs/docs/30-administration/11-forges/30-gitea.md index 24a500d3b3e..54e94a65147 100644 --- a/docs/docs/30-administration/11-forges/30-gitea.md +++ b/docs/docs/30-administration/11-forges/30-gitea.md @@ -25,51 +25,59 @@ services: Register your application with Gitea to create your client id and secret. You can find the OAuth applications settings of Gitea at `https://gitea./user/settings/`. It is very import the authorization callback URL matches your http(s) scheme and hostname exactly with `https:///authorize` as the path. If you run the Woodpecker CI server on the same host as the Gitea instance, you might also need to allow local connections in Gitea, since version `v1.16`. Otherwise webhooks will fail. Add the following lines to your Gitea configuration (usually at `/etc/gitea/conf/app.ini`). + ```ini ... [webhook] ALLOWED_HOST_LIST=external,loopback ``` + For reference see [Configuration Cheat Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/#webhook-webhook). ![gitea oauth setup](gitea_oauth.gif) - ## Configuration This is a full list of configuration options. Please note that many of these options use default configuration values that should work for the majority of installations. ### `WOODPECKER_GITEA` + > Default: `false` Enables the Gitea driver. ### `WOODPECKER_GITEA_URL` + > Default: `https://try.gitea.io` Configures the Gitea server address. ### `WOODPECKER_GITEA_CLIENT` + > Default: empty Configures the Gitea OAuth client id. This is used to authorize access. ### `WOODPECKER_GITEA_CLIENT_FILE` + > Default: empty Read the value for `WOODPECKER_GITEA_CLIENT` from the specified filepath ### `WOODPECKER_GITEA_SECRET` + > Default: empty Configures the Gitea OAuth client secret. This is used to authorize access. ### `WOODPECKER_GITEA_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_GITEA_SECRET` from the specified filepath ### `WOODPECKER_GITEA_SKIP_VERIFY` + > Default: `false` Configure if SSL verification should be skipped. diff --git a/docs/docs/30-administration/11-forges/40-gitlab.md b/docs/docs/30-administration/11-forges/40-gitlab.md index a2797b30aff..bda58699df1 100644 --- a/docs/docs/30-administration/11-forges/40-gitlab.md +++ b/docs/docs/30-administration/11-forges/40-gitlab.md @@ -32,36 +32,43 @@ If you run the Woodpecker CI server on a private IP (RFC1918) or use a non stand This is a full list of configuration options. Please note that many of these options use default configuration values that should work for the majority of installations. ### `WOODPECKER_GITLAB` + > Default: `false` Enables the GitLab driver. ### `WOODPECKER_GITLAB_URL` + > Default: `https://gitlab.com` Configures the GitLab server address. ### `WOODPECKER_GITLAB_CLIENT` + > Default: empty Configures the GitLab OAuth client id. This is used to authorize access. ### `WOODPECKER_GITLAB_CLIENT_FILE` + > Default: empty Read the value for `WOODPECKER_GITLAB_CLIENT` from the specified filepath ### `WOODPECKER_GITLAB_SECRET` + > Default: empty Configures the GitLab OAuth client secret. This is used to authorize access. ### `WOODPECKER_GITLAB_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_GITLAB_SECRET` from the specified filepath ### `WOODPECKER_GITLAB_SKIP_VERIFY` + > Default: `false` Configure if SSL verification should be skipped. diff --git a/docs/docs/30-administration/11-forges/50-bitbucket.md b/docs/docs/30-administration/11-forges/50-bitbucket.md index e611c552eb5..157d74acd06 100644 --- a/docs/docs/30-administration/11-forges/50-bitbucket.md +++ b/docs/docs/30-administration/11-forges/50-bitbucket.md @@ -49,26 +49,31 @@ Webhooks: Read and Write This is a full list of configuration options. Please note that many of these options use default configuration values that should work for the majority of installations. ### `WOODPECKER_BITBUCKET` + > Default: `false` Enables the Bitbucket driver. ### `WOODPECKER_BITBUCKET_CLIENT` + > Default: empty Configures the Bitbucket OAuth client key. This is used to authorize access. ### `WOODPECKER_BITBUCKET_CLIENT_FILE` + > Default: empty Read the value for `WOODPECKER_BITBUCKET_CLIENT` from the specified filepath ### `WOODPECKER_BITBUCKET_SECRET` + > Default: empty Configures the Bitbucket OAuth client secret. This is used to authorize access. ### `WOODPECKER_BITBUCKET_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_BITBUCKET_SECRET` from the specified filepath diff --git a/docs/docs/30-administration/15-agent-config.md b/docs/docs/30-administration/15-agent-config.md index 50c0635dc1a..d9088e3aa34 100644 --- a/docs/docs/30-administration/15-agent-config.md +++ b/docs/docs/30-administration/15-agent-config.md @@ -73,91 +73,109 @@ To get an _agent token_ you have to register the agent manually in the server us Here is the full list of configuration options and their default variables. ### `WOODPECKER_SERVER` + > Default: `localhost:9000` Configures gRPC address of the server. ### `WOODPECKER_USERNAME` + > Default: `x-oauth-basic` The gRPC username. ### `WOODPECKER_AGENT_SECRET` + > Default: empty A shared secret used by server and agents to authenticate communication. A secret can be generated by `openssl rand -hex 32`. ### `WOODPECKER_AGENT_SECRET_FILE` + > Default: empty Read the value for `WOODPECKER_AGENT_SECRET` from the specified filepath, e.g. `/etc/woodpecker/agent-secret.conf` ### `WOODPECKER_LOG_LEVEL` + > Default: empty Configures the logging level. Possible values are `trace`, `debug`, `info`, `warn`, `error`, `fatal`, `panic`, `disabled` and empty. ### `WOODPECKER_DEBUG_PRETTY` + > Default: `false` Enable pretty-printed debug output. ### `WOODPECKER_DEBUG_NOCOLOR` + > Default: `true` Disable colored debug output. ### `WOODPECKER_HOSTNAME` + > Default: empty Configures the agent hostname. ### `WOODPECKER_AGENT_CONFIG_FILE` + > Default: `/etc/woodpecker/agent.conf` Configures the path of the agent config file. ### `WOODPECKER_MAX_WORKFLOWS` + > Default: `1` Configures the number of parallel workflows. ### `WOODPECKER_FILTER_LABELS` + > Default: empty Configures labels to filter pipeline pick up. Use a list of key-value pairs like `key=value,second-key=*`. `*` can be used as a wildcard. By default, agents provide three additional labels `platform=os/arch`, `hostname=my-agent` and `repo=*` which can be overwritten if needed. To learn how labels work, check out the [pipeline syntax page](../20-usage/20-workflow-syntax.md#labels). ### `WOODPECKER_HEALTHCHECK` + > Default: `true` Enable healthcheck endpoint. ### `WOODPECKER_HEALTHCHECK_ADDR` + > Default: `:3000` Configures healthcheck endpoint address. ### `WOODPECKER_KEEPALIVE_TIME` + > Default: empty After a duration of this time of no activity, the agent pings the server to check if the transport is still alive. ### `WOODPECKER_KEEPALIVE_TIMEOUT` + > Default: `20s` After pinging for a keepalive check, the agent waits for a duration of this time before closing the connection if no activity. ### `WOODPECKER_GRPC_SECURE` + > Default: `false` Configures if the connection to `WOODPECKER_SERVER` should be made using a secure transport. ### `WOODPECKER_GRPC_VERIFY` + > Default: `true` Configures if the gRPC server certificate should be verified, only valid when `WOODPECKER_GRPC_SECURE` is `true`. ### `WOODPECKER_BACKEND` + > Default: `auto-detect` Configures the backend engine to run pipelines on. Possible values are `auto-detect`, `docker`, `local` or `kubernetes`. diff --git a/docs/docs/30-administration/22-backends/10-docker.md b/docs/docs/30-administration/22-backends/10-docker.md index 8651d2594ef..6eac9395c82 100644 --- a/docs/docs/30-administration/22-backends/10-docker.md +++ b/docs/docs/30-administration/22-backends/10-docker.md @@ -5,16 +5,19 @@ This is the original backend used with Woodpecker. The docker backend executes e ## Configuration ### `WOODPECKER_BACKEND_DOCKER_NETWORK` + > Default: empty Set to the name of an existing network which will be attached to all your pipeline containers (steps). Please be careful as this allows the containers of different pipelines to access each other! ### `WOODPECKER_BACKEND_DOCKER_ENABLE_IPV6` + > Default: `false` Enable IPv6 for the networks used by pipeline containers (steps). Make sure you configured your docker daemon to support IPv6. ### `WOODPECKER_BACKEND_DOCKER_VOLUMES` + > Default: empty List of default volumes separated by comma to be mounted to all pipeline containers (steps). For example to use custom CA diff --git a/docs/docs/30-administration/22-backends/20-local.md b/docs/docs/30-administration/22-backends/20-local.md index ecc5cb11d29..90202f1ef4f 100644 --- a/docs/docs/30-administration/22-backends/20-local.md +++ b/docs/docs/30-administration/22-backends/20-local.md @@ -77,15 +77,13 @@ manual clone step. The `image` entry is used to specify the shell, such as Bash or Fish, that is used to run the commands. - ```yaml # .woodpecker.yml steps: build: image: bash - commands: - [...] + commands: [...] ``` ### Plugins as Executable Binaries @@ -123,7 +121,5 @@ only run on this agent: labels: type: exec -steps: - [...] +steps: [...] ``` - diff --git a/docs/docs/30-administration/22-backends/40-kubernetes.md b/docs/docs/30-administration/22-backends/40-kubernetes.md index 788fb65d5a7..6314cacd903 100644 --- a/docs/docs/30-administration/22-backends/40-kubernetes.md +++ b/docs/docs/30-administration/22-backends/40-kubernetes.md @@ -134,11 +134,11 @@ steps: nodeSelector: beta.kubernetes.io/instance-type: p3.8xlarge tolerations: - - key: "key1" - operator: "Equal" - value: "value1" - effect: "NoSchedule" - tolerationSeconds: 3600 + - key: 'key1' + operator: 'Equal' + value: 'value1' + effect: 'NoSchedule' + tolerationSeconds: 3600 ``` ### Volumes @@ -166,8 +166,8 @@ CRI-O users currently need to configure the workspace for all workflows in order ```yml workspace: - base: "/woodpecker" - path: "/" + base: '/woodpecker' + path: '/' ``` See [this issue](https://github.com/woodpecker-ci/woodpecker/issues/2510) for more details. diff --git a/docs/docs/30-administration/40-encryption.md b/docs/docs/30-administration/40-encryption.md index 74ae7fff9dc..cef0be4ab7b 100644 --- a/docs/docs/30-administration/40-encryption.md +++ b/docs/docs/30-administration/40-encryption.md @@ -4,10 +4,11 @@ Secrets encryption is currently broken and therefore disabled by default. It will be fixed in an upcoming release. Check: + - https://github.com/woodpecker-ci/woodpecker/issues/1541 and - https://github.com/woodpecker-ci/woodpecker/pull/2300 -::: +::: By default, Woodpecker does not encrypt secrets in its database. You can enable encryption using simple AES key or more advanced [Google TINK](https://developers.google.com/tink) encryption. @@ -31,25 +32,31 @@ enabled encryption method, and `WOODPECKER_ENCRYPTION_DISABLE` set to true. After secrets was decrypted server will proceed working in unencrypted mode. You will not need to use "disable encryption" variable or encryption keys to start server anymore. - ## AES + Simple AES encryption. ### Configuration + You can manage encryption on server using these environment variables: + - `WOODPECKER_ENCRYPTION_KEY` - encryption key - `WOODPECKER_ENCRYPTION_KEY_FILE` - file to read encryption key from - `WOODPECKER_ENCRYPTION_DISABLE` - disable encryption flag used to decrypt all data on server ## TINK + TINK uses AEAD encryption instead of simple AES and supports key rotation. ### Configuration + You can manage encryption on server using these two environment variables: + - `WOODPECKER_ENCRYPTION_TINK_KEYSET_FILE` - keyset filepath - `WOODPECKER_ENCRYPTION_DISABLE` - disable encryption flag used to decrypt all data on server ### Encryption keys + You will need plaintext AEAD-compatible Google TINK keyset to encrypt your data. To generate it and then rotate keys if needed, install `tinkey`([installation guide](https://developers.google.com/tink/install-tinkey)) @@ -58,12 +65,15 @@ Keyset contains one or more keys, used to encrypt or decrypt your data, and prim to use while encrypting new data. Keyset generation example: + ```shell tinkey create-keyset --key-template AES256_GCM --out-format json --out keyset.json ``` ### Key rotation + Use `tinkey` to rotate encryption keys in your existing keyset: + ```shell tinkey rotate-keyset --in keyset_v1.json --out keyset_v2.json --key-template AES256_GCM ``` diff --git a/docs/docs/30-administration/70-proxy.md b/docs/docs/30-administration/70-proxy.md index b57b93442f9..89573db5c78 100644 --- a/docs/docs/30-administration/70-proxy.md +++ b/docs/docs/30-administration/70-proxy.md @@ -108,7 +108,6 @@ ngrok http 8000 Set `WOODPECKER_HOST` (for example in `docker-compose.yml`) to the ngrok URL (usually xxx.ngrok.io) and start the server. - ## Traefik To install the Woodpecker server behind a [Traefik](https://traefik.io/) load balancer, you must expose both the `http` and the `gRPC` ports. Here is a comprehensive example, considering you are running Traefik with docker swarm and want to do TLS termination and automatic redirection from http to https. @@ -168,7 +167,6 @@ services: - traefik.http.middlewares.woodpecker-grpc-redirect.redirectscheme.permanent=true - traefik.http.routers.woodpecker-grpc.middlewares=woodpecker-grpc-redirect@docker - volumes: woodpecker-server-data: driver: local diff --git a/docs/docs/30-administration/90-prometheus.md b/docs/docs/30-administration/90-prometheus.md index f7fe55fba0b..cb05bf5671c 100644 --- a/docs/docs/30-administration/90-prometheus.md +++ b/docs/docs/30-administration/90-prometheus.md @@ -11,7 +11,7 @@ scrape_configs: bearer_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... static_configs: - - targets: ['woodpecker.domain.com'] + - targets: ['woodpecker.domain.com'] ``` ## Authorization diff --git a/docs/docs/91-migrations.md b/docs/docs/91-migrations.md index b4f559aa028..ad0c964c958 100644 --- a/docs/docs/91-migrations.md +++ b/docs/docs/91-migrations.md @@ -25,7 +25,7 @@ Some versions need some changes to the server configuration or the pipeline conf - Updated Prometheus gauge `build_*` to `pipeline_*` - Updated Prometheus gauge `*_job_*` to `*_step_*` - Renamed config env `WOODPECKER_MAX_PROCS` to `WOODPECKER_MAX_WORKFLOWS` (still available as fallback) -- The pipelines are now also read from `.yaml` files, the new default order is `.woodpecker/*.yml` and `.woodpecker/*.yaml` (without any prioritization) -> `.woodpecker.yml` -> `.woodpecker.yaml` +- The pipelines are now also read from `.yaml` files, the new default order is `.woodpecker/*.yml` and `.woodpecker/*.yaml` (without any prioritization) -> `.woodpecker.yml` -> `.woodpecker.yaml` - Dropped support for [Coding](https://coding.net/), [Gogs](https://gogs.io) and Bitbucket Server (Stash). - `/api/queue/resume` & `/api/queue/pause` endpoint methods were changed from `GET` to `POST` - rename `pipeline:` key in your workflow config to `steps:` @@ -60,12 +60,14 @@ Some versions need some changes to the server configuration or the pipeline conf - Dropped support for `DRONE_*` environment variables. The according `WOODPECKER_*` variables must be used instead. Additionally some alternative namings have been removed to simplify maintenance: + - `WOODPECKER_AGENT_SECRET` replaces `WOODPECKER_SECRET`, `DRONE_SECRET`, `WOODPECKER_PASSWORD`, `DRONE_PASSWORD` and `DRONE_AGENT_SECRET`. - `WOODPECKER_HOST` replaces `DRONE_HOST` and `DRONE_SERVER_HOST`. - `WOODPECKER_DATABASE_DRIVER` replaces `DRONE_DATABASE_DRIVER` and `DATABASE_DRIVER`. - `WOODPECKER_DATABASE_DATASOURCE` replaces `DRONE_DATABASE_DATASOURCE` and `DATABASE_CONFIG`. - Dropped support for `DRONE_*` environment variables in pipeline steps. Pipeline meta-data can be accessed with `CI_*` variables. + - `CI_*` prefix replaces `DRONE_*` - `CI` value is now `woodpecker` - `DRONE=true` has been removed @@ -95,6 +97,7 @@ Some versions need some changes to the server configuration or the pipeline conf - Default workspace base path has moved from `/drone` to `/woodpecker` - Default SQLite database location has changed: + - `/var/lib/drone/drone.sqlite` -> `/var/lib/woodpecker/woodpecker.sqlite` - `drone.sqlite` -> `woodpecker.sqlite` @@ -113,7 +116,7 @@ Some versions need some changes to the server configuration or the pipeline conf - `WOODPECKER_DEBUG` option for server and agent got removed in favor of `WOODPECKER_LOG_LEVEL=debug` -- Remove unused server flags which can safely be removed from your server config: `WOODPECKER_QUIC`, `WOODPECKER_GITHUB_SCOPE`, `WOODPECKER_GITHUB_GIT_USERNAME`, `WOODPECKER_GITHUB_GIT_PASSWORD`, `WOODPECKER_GITHUB_PRIVATE_MODE`, `WOODPECKER_GITEA_GIT_USERNAME`, `WOODPECKER_GITEA_GIT_PASSWORD`, `WOODPECKER_GITEA_PRIVATE_MODE`, `WOODPECKER_GITLAB_GIT_USERNAME`, `WOODPECKER_GITLAB_GIT_PASSWORD`, `WOODPECKER_GITLAB_PRIVATE_MODE` +- Remove unused server flags which can safely be removed from your server config: `WOODPECKER_QUIC`, `WOODPECKER_GITHUB_SCOPE`, `WOODPECKER_GITHUB_GIT_USERNAME`, `WOODPECKER_GITHUB_GIT_PASSWORD`, `WOODPECKER_GITHUB_PRIVATE_MODE`, `WOODPECKER_GITEA_GIT_USERNAME`, `WOODPECKER_GITEA_GIT_PASSWORD`, `WOODPECKER_GITEA_PRIVATE_MODE`, `WOODPECKER_GITLAB_GIT_USERNAME`, `WOODPECKER_GITLAB_GIT_PASSWORD`, `WOODPECKER_GITLAB_PRIVATE_MODE` - Dropped support for manually setting the agents platform with `WOODPECKER_PLATFORM`. The platform is now automatically detected. diff --git a/docs/docs/92-awesome.md b/docs/docs/92-awesome.md index 345a374e505..9979202e21e 100644 --- a/docs/docs/92-awesome.md +++ b/docs/docs/92-awesome.md @@ -31,7 +31,7 @@ If you have some missing resources, please feel free to [open a pull-request](ht ## Configuration Services -- [Dynamic Pipelines for Nix Flakes](https://github.com/pinpox/woodpecker-flake-pipeliner) - Define pipelines as Nix Flake outputs +- [Dynamic Pipelines for Nix Flakes](https://github.com/pinpox/woodpecker-flake-pipeliner) - Define pipelines as Nix Flake outputs ## Pipelines diff --git a/docs/docs/92-development/01-getting-started.md b/docs/docs/92-development/01-getting-started.md index d5f229ae035..3c700b2bc2b 100644 --- a/docs/docs/92-development/01-getting-started.md +++ b/docs/docs/92-development/01-getting-started.md @@ -27,9 +27,10 @@ Install Golang (>=1.20) as described by [this guide](https://go.dev/doc/install) > GNU Make is a tool which controls the generation of executables and other non-source files of a program from the program's source files. (https://www.gnu.org/software/make/) Install make on: - - Ubuntu: `apt install make` - [Docs](https://wiki.ubuntuusers.de/Makefile/) - - [Windows](https://stackoverflow.com/a/32127632/8461267) - - Mac OS: `brew install make` + +- Ubuntu: `apt install make` - [Docs](https://wiki.ubuntuusers.de/Makefile/) +- [Windows](https://stackoverflow.com/a/32127632/8461267) +- Mac OS: `brew install make` ### Install Node.js & pnpm diff --git a/docs/docs/92-development/03-ui.md b/docs/docs/92-development/03-ui.md index fb00da457ca..7bc13b1ee55 100644 --- a/docs/docs/92-development/03-ui.md +++ b/docs/docs/92-development/03-ui.md @@ -3,6 +3,7 @@ To develop the UI you need to install [Node.js and pnpm](./01-getting-started.md#install-nodejs--pnpm). In addition it is recommended to use VS-Code with the recommended plugin selection to get features like auto-formatting, linting and typechecking. The UI is written with [Vue 3](https://v3.vuejs.org/) as Single-Page-Application accessing the Woodpecker REST api. ## Setup + The UI code is placed in `web/`. Change to that folder in your terminal with `cd web/` and install all dependencies by running `pnpm install`. For production builds the generated UI code is integrated into the Woodpecker server by using [go-embed](https://pkg.go.dev/embed). Testing UI changes would require us to rebuild the UI after each adjustment to the code by running `pnpm build` and restarting the Woodpecker server. To avoid this you can make use of the dev-proxy integrated into the Woodpecker server. This integrated dev-proxy will forward all none api request to a separate http-server which will only serve the UI files. @@ -32,7 +33,7 @@ The following list contains some tools and frameworks used by the Woodpecker UI. ## Messages and Translations -Woodpecker uses [Vue I18n](https://vue-i18n.intlify.dev/) as translation library. New translations have to be added to `web/src/assets/locales/en.json`. The English source file will be automatically imported into [Weblate](https://translate.woodpecker-ci.org/) (the translation system used by Woodpecker) where all other languages will be translated by the community based on the English source. +Woodpecker uses [Vue I18n](https://vue-i18n.intlify.dev/) as translation library. New translations have to be added to `web/src/assets/locales/en.json`. The English source file will be automatically imported into [Weblate](https://translate.woodpecker-ci.org/) (the translation system used by Woodpecker) where all other languages will be translated by the community based on the English source. You must not provide translations except English in PRs, otherwise weblate could put git into conflicts (when someone has translated in that language file and changes are not into main branch yet) For more information about translations see [Translations](./07-translations.md). diff --git a/docs/docs/92-development/05-architecture.md b/docs/docs/92-development/05-architecture.md index d0093e24a28..466ab2171ed 100644 --- a/docs/docs/92-development/05-architecture.md +++ b/docs/docs/92-development/05-architecture.md @@ -8,36 +8,36 @@ ### main package hierarchy -| package | meaning | imports -|------------|--------------------------------------------------------------|---------- -| `cmd/**` | parse command-line args & environment to stat server/cli/agent | all other -| `agent/**` | code only agent (remote worker) will need | `pipeline`, `shared` -| `cli/**` | code only cli tool does need | `pipeline`, `shared`, `woodpecker-go` -| `server/**`| code only server will need | `pipeline`, `shared` -| `shared/**`| code shared for all three main tools (go help utils) | only std and external libs -| `woodpecker-go/**` | go client for server rest api | std +| package | meaning | imports | +| ------------------ | -------------------------------------------------------------- | ------------------------------------- | +| `cmd/**` | parse command-line args & environment to stat server/cli/agent | all other | +| `agent/**` | code only agent (remote worker) will need | `pipeline`, `shared` | +| `cli/**` | code only cli tool does need | `pipeline`, `shared`, `woodpecker-go` | +| `server/**` | code only server will need | `pipeline`, `shared` | +| `shared/**` | code shared for all three main tools (go help utils) | only std and external libs | +| `woodpecker-go/**` | go client for server rest api | std | ### Server -| package | meaning | imports -|----------------------|-------------------------------------------------------------------------------------|---------- -| `server/api/**` | handle web requests from `server/router` | `pipeline`, `../badges`, `../ccmenue`, `../logging`, `../model`, `../pubsub`, `../queue`, `../forge`, `../shared`, `../store`, `shared`, (TODO: mv `server/router/middleware/session`) -| `server/badges/**` | generate svg badges for pipelines | `../model` -| `server/ccmenu/**` | generate xml ccmenu for pipelines | `../model` -| `server/grpc/**` | gRPC server agents can connect to | `pipeline/rpc/**`, `../logging`, `../model`, `../pubsub`, `../queue`, `../forge`, `../pipeline`, `../store` -| `server/logging/**` | logging lib for gPRC server to stream logs while running | std -| `server/model/**` | structs for store (db) and api (json) | std -| `server/plugins/**` | plugins for server | `../model`, `../forge` -| `server/pipeline/**` | orchestrate pipelines | `pipeline`, `../model`, `../pubsub`, `../queue`, `../forge`, `../store`, `../plugins` -| `server/pubsub/**` | pubsub lib for server to push changes to the WebUI | std -| `server/queue/**` | queue lib for server where agents pull new pipelines from via gRPC | `server/model` -| `server/forge/**` | forge lib for server to connect and handle forge specific stuff | `shared`, `server/model` -| `server/router/**` | handle requests to REST API (and all middleware) and serve UI and WebUI config | `shared`, `../api`, `../model`, `../forge`, `../store`, `../web` -| `server/store/**` | handle database | `server/model` +| package | meaning | imports | +| -------------------- | ----------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `server/api/**` | handle web requests from `server/router` | `pipeline`, `../badges`, `../ccmenue`, `../logging`, `../model`, `../pubsub`, `../queue`, `../forge`, `../shared`, `../store`, `shared`, (TODO: mv `server/router/middleware/session`) | +| `server/badges/**` | generate svg badges for pipelines | `../model` | +| `server/ccmenu/**` | generate xml ccmenu for pipelines | `../model` | +| `server/grpc/**` | gRPC server agents can connect to | `pipeline/rpc/**`, `../logging`, `../model`, `../pubsub`, `../queue`, `../forge`, `../pipeline`, `../store` | +| `server/logging/**` | logging lib for gPRC server to stream logs while running | std | +| `server/model/**` | structs for store (db) and api (json) | std | +| `server/plugins/**` | plugins for server | `../model`, `../forge` | +| `server/pipeline/**` | orchestrate pipelines | `pipeline`, `../model`, `../pubsub`, `../queue`, `../forge`, `../store`, `../plugins` | +| `server/pubsub/**` | pubsub lib for server to push changes to the WebUI | std | +| `server/queue/**` | queue lib for server where agents pull new pipelines from via gRPC | `server/model` | +| `server/forge/**` | forge lib for server to connect and handle forge specific stuff | `shared`, `server/model` | +| `server/router/**` | handle requests to REST API (and all middleware) and serve UI and WebUI config | `shared`, `../api`, `../model`, `../forge`, `../store`, `../web` | +| `server/store/**` | handle database | `server/model` | | `server/shared/**` | TODO: move and split [#974](https://github.com/woodpecker-ci/woodpecker/issues/974) | | `server/web/**` | server SPA | -* `../` = `server/` +- `../` = `server/` ### Agent diff --git a/docs/docs/92-development/06-guides.md b/docs/docs/92-development/06-guides.md index 88d6c2dbd24..d78e4f3224c 100644 --- a/docs/docs/92-development/06-guides.md +++ b/docs/docs/92-development/06-guides.md @@ -7,7 +7,7 @@ You can find its documentation at [gobook.io/read/gitea.com/xorm](https://gobook ## Add a new migration -Woodpecker uses migrations to change the database schema if a database model has been changed. If for example a developer removes a property `Counter` from the model `Repo` in `server/model/` they would need to add a new migration task like the following example to a file like `server/store/datastore/migration/004_repos_drop_repo_counter.go`: +Woodpecker uses migrations to change the database schema if a database model has been changed. If for example a developer removes a property `Counter` from the model `Repo` in `server/model/` they would need to add a new migration task like the following example to a file like `server/store/datastore/migration/004_repos_drop_repo_counter.go`: ```go package migration diff --git a/docs/docs/92-development/08-swagger.md b/docs/docs/92-development/08-swagger.md index fc33f723293..32fd6e05904 100644 --- a/docs/docs/92-development/08-swagger.md +++ b/docs/docs/92-development/08-swagger.md @@ -39,12 +39,13 @@ type User struct { ``` These guidelines aim to have consistent wording in the swagger doc: -* first word after `@Summary` and `@Summary` are always uppercase -* `@Summary` has no . (dot) at the end of the line -* model structs shall use custom short names, to ease life for API consumers, using `@name` -* `@Success` object or array declarations shall be short, this means the actual `model.User` struct must have a `@name` annotation, so that the model can be renderend in Swagger -* when pagination is used, `@Parame page` and `@Parame perPage` must be added manually -* `@Param Authorization` is almost always present, there are just a few un-protected endpoints + +- first word after `@Summary` and `@Summary` are always uppercase +- `@Summary` has no . (dot) at the end of the line +- model structs shall use custom short names, to ease life for API consumers, using `@name` +- `@Success` object or array declarations shall be short, this means the actual `model.User` struct must have a `@name` annotation, so that the model can be renderend in Swagger +- when pagination is used, `@Parame page` and `@Parame perPage` must be added manually +- `@Param Authorization` is almost always present, there are just a few un-protected endpoints There are many examples in the server/api package, which you can use a blueprint. More enhanced information you can find here https://github.com/swaggo/swag/blob/main/README.md#declarative-comments-format diff --git a/docs/docusaurus.config.js b/docs/docusaurus.config.js index 85e7c5459a3..fd002ba7e59 100644 --- a/docs/docusaurus.config.js +++ b/docs/docusaurus.config.js @@ -213,14 +213,14 @@ module.exports = { includeCurrentVersion: true, lastVersion: '1.0', versions: { - 'current': { + current: { label: 'Next', banner: 'unreleased', }, '1.0': { label: '1.0.x', }, - '0.15': { + 0.15: { label: '0.15.x', banner: 'unmaintained', }, diff --git a/docs/plugins/woodpecker-plugins/src/theme/WoodpeckerPlugin.tsx b/docs/plugins/woodpecker-plugins/src/theme/WoodpeckerPlugin.tsx index a79ac5a0621..d827458b7fe 100644 --- a/docs/plugins/woodpecker-plugins/src/theme/WoodpeckerPlugin.tsx +++ b/docs/plugins/woodpecker-plugins/src/theme/WoodpeckerPlugin.tsx @@ -60,9 +60,7 @@ export function WoodpeckerPlugin({ plugin }: { plugin: WoodpeckerPluginType }) {

{plugin.description}

-
- {plugin.icon ? : IconPlugin(150)} -
+
{plugin.icon ? : IconPlugin(150)}

diff --git a/docs/plugins/woodpecker-plugins/src/theme/style.css b/docs/plugins/woodpecker-plugins/src/theme/style.css index dd00e38732f..e16940ee40d 100644 --- a/docs/plugins/woodpecker-plugins/src/theme/style.css +++ b/docs/plugins/woodpecker-plugins/src/theme/style.css @@ -1,6 +1,6 @@ .wp-plugins-list { display: grid; - grid-template-columns: repeat(auto-fill,minmax(350px,1fr)); + grid-template-columns: repeat(auto-fill, minmax(350px, 1fr)); grid-gap: 2rem; margin-top: 2rem; } @@ -17,7 +17,7 @@ max-width: 32rem; color: var(--ifm-navbar-link-color); text-decoration: none; - padding: .5rem 0 1rem; + padding: 0.5rem 0 1rem; flex-grow: 1; margin: 0 auto; width: 100%; @@ -28,7 +28,6 @@ text-decoration: none; } - .wp-plugin-card:hover h3 { color: var(--ifm-link-color); text-decoration: underline; @@ -40,14 +39,14 @@ .wp-plugin-verified { position: absolute; - top: .75rem; + top: 0.75rem; right: 1rem; color: #0369a1; } .wp-plugin-tags { display: flex; - gap: .5rem; + gap: 0.5rem; flex-wrap: wrap; } @@ -58,8 +57,9 @@ padding: 1rem 1rem 1rem 2.25rem; font-size: 1.1rem; appearance: none; - background: var(--ifm-navbar-search-input-background-color) var(--ifm-navbar-search-input-icon) no-repeat 0.75rem 1rem / 1.1rem 1.1rem; - border-radius: .5rem; + background: var(--ifm-navbar-search-input-background-color) var(--ifm-navbar-search-input-icon) no-repeat 0.75rem 1rem / + 1.1rem 1.1rem; + border-radius: 0.5rem; border: 1px solid var(--ifm-card-background-color); color: var(--ifm-navbar-search-input-color); } diff --git a/docs/sidebars.js b/docs/sidebars.js index 0541023fd52..80c7f05eea7 100644 --- a/docs/sidebars.js +++ b/docs/sidebars.js @@ -1,4 +1,4 @@ module.exports = { // let Docusaurus generates a sidebar from the docs folder structure - tutorialSidebar: [{type: 'autogenerated', dirName: '.'}], + tutorialSidebar: [{ type: 'autogenerated', dirName: '.' }], }; diff --git a/docs/src/components/HomepageFeatures.js b/docs/src/components/HomepageFeatures.js index cdddedd9b8e..89e4efb35f8 100644 --- a/docs/src/components/HomepageFeatures.js +++ b/docs/src/components/HomepageFeatures.js @@ -8,8 +8,11 @@ const FeatureList = [ Svg: require('../../static/img/feat-opensource.svg').default, description: ( <> - Woodpecker is and always will be totally free. As Woodpecker's source code is - open-source you can contribute to help evolving the project. + Woodpecker is and always will be totally free. As Woodpecker's{' '} + + source code + {' '} + is open-source you can contribute to help evolving the project. ), }, @@ -19,7 +22,8 @@ const FeatureList = [ description: ( <> Woodpecker uses docker containers to execute pipeline steps. If you need more than a normal docker image, you - can create plugins to extend the pipeline features. How do plugins work? + can create plugins to extend the pipeline features.{' '} + How do plugins work? ), }, @@ -35,7 +39,7 @@ const FeatureList = [ }, ]; -function Feature({Svg, title, description}) { +function Feature({ Svg, title, description }) { return (
diff --git a/docs/src/pages/faq.md b/docs/src/pages/faq.md index 0b981e4e109..8277cf81e1e 100644 --- a/docs/src/pages/faq.md +++ b/docs/src/pages/faq.md @@ -54,9 +54,11 @@ steps: ``` Get the container id using `docker ps` and copy the id from the first column. Enter the container with: `docker exec -it 1234asdf bash` (replace `1234asdf` with the docker id). Then try to clone the git repository with the commands from the failing pipeline: + ```bash git init git remote add origin https://git.example.com/username/repo.git git fetch --no-tags origin +refs/heads/branch: ``` + (replace the url AND the branch with the correct values, use your username and password as log in values) diff --git a/docs/src/pages/index.tsx b/docs/src/pages/index.tsx index 14127022575..44b77ce9074 100644 --- a/docs/src/pages/index.tsx +++ b/docs/src/pages/index.tsx @@ -7,16 +7,14 @@ import styles from './index.module.css'; import HomepageFeatures from '../components/HomepageFeatures'; function HomepageHeader() { - const {siteConfig} = useDocusaurusContext(); + const { siteConfig } = useDocusaurusContext(); return (

{siteConfig.title}

{siteConfig.tagline}

- + Woodpecker Tutorial - 5min ⏱️
@@ -26,11 +24,9 @@ function HomepageHeader() { } export default function Home() { - const {siteConfig} = useDocusaurusContext(); + const { siteConfig } = useDocusaurusContext(); return ( - +
diff --git a/docs/versions.json b/docs/versions.json index 2e29b87801a..1243b19f659 100644 --- a/docs/versions.json +++ b/docs/versions.json @@ -1,4 +1 @@ -[ - "1.0", - "0.15" -] +["1.0", "0.15"] diff --git a/nfpm/nfpm-agent.yml b/nfpm/nfpm-agent.yml index dd6baefeba7..934dc7aabfb 100644 --- a/nfpm/nfpm-agent.yml +++ b/nfpm/nfpm-agent.yml @@ -8,5 +8,5 @@ license: Apache 2.0 maintainer: Woodpecker Authors section: daemon/system contents: -- src: ./dist/agent/linux_amd64/woodpecker-agent - dst: /usr/local/bin/woodpecker-agent + - src: ./dist/agent/linux_amd64/woodpecker-agent + dst: /usr/local/bin/woodpecker-agent diff --git a/nfpm/nfpm-cli.yml b/nfpm/nfpm-cli.yml index 328febf25b2..a51cdfd35e6 100644 --- a/nfpm/nfpm-cli.yml +++ b/nfpm/nfpm-cli.yml @@ -8,5 +8,5 @@ license: Apache 2.0 maintainer: Woodpecker Authors section: utils contents: -- src: ./dist/cli/linux_amd64/woodpecker-cli - dst: /usr/local/bin/woodpecker + - src: ./dist/cli/linux_amd64/woodpecker-cli + dst: /usr/local/bin/woodpecker diff --git a/nfpm/nfpm-server.yml b/nfpm/nfpm-server.yml index 6f0feda4267..f15848ddc2d 100644 --- a/nfpm/nfpm-server.yml +++ b/nfpm/nfpm-server.yml @@ -8,5 +8,5 @@ license: Apache 2.0 maintainer: Woodpecker Authors section: daemon/system contents: -- src: ./dist/server/linux/amd64/woodpecker-server - dst: /usr/local/bin/woodpecker-server + - src: ./dist/server/linux/amd64/woodpecker-server + dst: /usr/local/bin/woodpecker-server diff --git a/pipeline/samples/sample_10_windows/pipeline.json b/pipeline/samples/sample_10_windows/pipeline.json index b8eb0d8f3b5..432d02c70c3 100644 --- a/pipeline/samples/sample_10_windows/pipeline.json +++ b/pipeline/samples/sample_10_windows/pipeline.json @@ -92,12 +92,7 @@ "HOME": "c:\\root", "SHELL": "powershell.exe" }, - "entrypoint": [ - "powershell", - "-noprofile", - "-noninteractive", - "-command" - ], + "entrypoint": ["powershell", "-noprofile", "-noninteractive", "-command"], "command": [ "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Env:CI_SCRIPT)) | iex" ], diff --git a/pipeline/samples/sample_4/pipeline.yml b/pipeline/samples/sample_4/pipeline.yml index 998b9992caf..dd203a6f6b2 100644 --- a/pipeline/samples/sample_4/pipeline.yml +++ b/pipeline/samples/sample_4/pipeline.yml @@ -18,4 +18,4 @@ steps: commands: - echo this step should execute, despite failure when: - status: [ failure ] + status: [failure] diff --git a/pipeline/samples/sample_5/pipeline.yml b/pipeline/samples/sample_5/pipeline.yml index 90659a7ab02..259591b758c 100644 --- a/pipeline/samples/sample_5/pipeline.yml +++ b/pipeline/samples/sample_5/pipeline.yml @@ -8,7 +8,6 @@ clone: depth: 50 steps: - # these steps define a parallel execution # group and will fan out. diff --git a/pipeline/samples/sample_6/pipeline.yml b/pipeline/samples/sample_6/pipeline.yml index 0c684a86b8b..250b661ceeb 100644 --- a/pipeline/samples/sample_6/pipeline.yml +++ b/pipeline/samples/sample_6/pipeline.yml @@ -19,4 +19,4 @@ steps: image: plugins/slack channel: builds username: drone - secrets: [ slack_webhook ] + secrets: [slack_webhook] diff --git a/pipeline/samples/sample_8_network_mode/pipeline.yml b/pipeline/samples/sample_8_network_mode/pipeline.yml index 2c53ce38d3c..cd8d2a03feb 100644 --- a/pipeline/samples/sample_8_network_mode/pipeline.yml +++ b/pipeline/samples/sample_8_network_mode/pipeline.yml @@ -11,7 +11,7 @@ steps: build: image: tutum/curl # A container named "vpn" should exist on the same docker daemon - network_mode: "container:vpn" + network_mode: 'container:vpn' # Replace HOST_OR_IP with the IP or hostname of a server behind the VPN commands: - curl -s -f -L http://HOST_OR_IP/ diff --git a/pipeline/samples/sample_8_postgres/pipeline.yml b/pipeline/samples/sample_8_postgres/pipeline.yml index cd9d6a24054..a7ed115aa54 100644 --- a/pipeline/samples/sample_8_postgres/pipeline.yml +++ b/pipeline/samples/sample_8_postgres/pipeline.yml @@ -14,4 +14,3 @@ services: environment: - POSTGRES_USER=postgres - POSTGRES_DB=test - diff --git a/pipeline/samples/sample_9_cache/pipeline.json b/pipeline/samples/sample_9_cache/pipeline.json index 1d787f6fcfe..387e6158e28 100644 --- a/pipeline/samples/sample_9_cache/pipeline.json +++ b/pipeline/samples/sample_9_cache/pipeline.json @@ -96,10 +96,7 @@ "PLUGIN_PATH": "/cache", "PLUGIN_RESTORE": "true" }, - "volumes": [ - "pipeline_default:/pipeline", - "/cache/drone/drone/envsubst:/cache" - ], + "volumes": ["pipeline_default:/pipeline", "/cache/drone/drone/envsubst:/cache"], "networks": [ { "name": "pipeline_default", @@ -211,10 +208,7 @@ "PLUGIN_PATH": "/cache", "PLUGIN_REBUILD": "true" }, - "volumes": [ - "pipeline_default:/pipeline", - "/cache/drone/drone/envsubst:/cache" - ], + "volumes": ["pipeline_default:/pipeline", "/cache/drone/drone/envsubst:/cache"], "networks": [ { "name": "pipeline_default", diff --git a/pipeline/samples/sample_9_cache/pipeline.yml b/pipeline/samples/sample_9_cache/pipeline.yml index 62833cf7590..fee6c8da5ce 100644 --- a/pipeline/samples/sample_9_cache/pipeline.yml +++ b/pipeline/samples/sample_9_cache/pipeline.yml @@ -7,4 +7,3 @@ steps: commands: - npm install - npm test - diff --git a/pipeline/schema/.woodpecker/test-labels.yml b/pipeline/schema/.woodpecker/test-labels.yml index 4de55db773e..a8b7933677c 100644 --- a/pipeline/schema/.woodpecker/test-labels.yml +++ b/pipeline/schema/.woodpecker/test-labels.yml @@ -1,7 +1,7 @@ labels: location: europe weather: sun - hostname: "" + hostname: '' steps: build: diff --git a/pipeline/schema/.woodpecker/test-run-on.yml b/pipeline/schema/.woodpecker/test-run-on.yml index 268ac23c7c0..fc6d53dc2e4 100644 --- a/pipeline/schema/.woodpecker/test-run-on.yml +++ b/pipeline/schema/.woodpecker/test-run-on.yml @@ -4,4 +4,4 @@ steps: commands: - go test -runs_on: [ success, failure ] +runs_on: [success, failure] diff --git a/pipeline/schema/schema.json b/pipeline/schema/schema.json index 8ffa520326c..9c37bf1929a 100644 --- a/pipeline/schema/schema.json +++ b/pipeline/schema/schema.json @@ -488,7 +488,7 @@ "description": "Advanced options for the different agent backends", "type": "object", "properties": { - "kubernetes" :{ + "kubernetes": { "$ref": "#/definitions/step_backend_kubernetes_resources" } } @@ -497,7 +497,7 @@ "description": "Advanced options for the kubernetes agent backends", "type": "object", "properties": { - "resources" :{ + "resources": { "$ref": "#/definitions/step_backend_kubernetes_resources" } } diff --git a/server/api/repo.go b/server/api/repo.go index e4ea4322c35..34a4258505f 100644 --- a/server/api/repo.go +++ b/server/api/repo.go @@ -401,70 +401,15 @@ func DeleteRepo(c *gin.Context) { // @Summary Repair a repository // @Router /repos/{repo_id}/repair [post] // @Produce plain -// @Success 200 +// @Success 204 // @Tags Repositories // @Param Authorization header string true "Insert your personal access token" default(Bearer ) // @Param repo_id path int true "the repository id" func RepairRepo(c *gin.Context) { - forge := server.Config.Services.Forge - _store := store.FromContext(c) repo := session.Repo(c) - user := session.User(c) - - // creates the jwt token used to verify the repository - t := token.New(token.HookToken, repo.FullName) - sig, err := t.Sign(repo.Hash) - if err != nil { - c.String(http.StatusInternalServerError, err.Error()) - return - } - - // reconstruct the link - host := server.Config.Server.WebhookHost - link := fmt.Sprintf( - "%s/api/hook?access_token=%s", - host, - sig, - ) - - from, err := forge.Repo(c, user, repo.ForgeRemoteID, repo.Owner, repo.Name) - if err != nil { - log.Error().Err(err).Msgf("get repo '%s/%s' from forge", repo.Owner, repo.Name) - c.AbortWithStatus(http.StatusInternalServerError) - return - } + repairRepo(c, repo, true) - if repo.FullName != from.FullName { - // create a redirection - err = _store.CreateRedirection(&model.Redirection{RepoID: repo.ID, FullName: repo.FullName}) - if err != nil { - _ = c.AbortWithError(http.StatusInternalServerError, err) - return - } - } - - repo.Update(from) - if err := _store.UpdateRepo(repo); err != nil { - _ = c.AbortWithError(http.StatusInternalServerError, err) - return - } - repo.Perm.Pull = from.Perm.Pull - repo.Perm.Push = from.Perm.Push - repo.Perm.Admin = from.Perm.Admin - if err := _store.PermUpsert(repo.Perm); err != nil { - _ = c.AbortWithError(http.StatusInternalServerError, err) - return - } - - if err := forge.Deactivate(c, user, repo, host); err != nil { - log.Trace().Err(err).Msgf("deactivate repo '%s' to repair failed", repo.FullName) - } - if err := forge.Activate(c, user, repo, link); err != nil { - c.String(http.StatusInternalServerError, err.Error()) - return - } - - c.Status(http.StatusOK) + c.Status(http.StatusNoContent) } // MoveRepo @@ -575,3 +520,91 @@ func GetAllRepos(c *gin.Context) { c.JSON(http.StatusOK, repos) } + +// RepairAllRepos +// +// @Summary Repair all repositories on the server. Requires admin rights. +// @Router /repos/repair [post] +// @Produce plain +// @Success 204 +// @Tags Repositories +// @Param Authorization header string true "Insert your personal access token" default(Bearer ) +func RepairAllRepos(c *gin.Context) { + _store := store.FromContext(c) + + repos, err := _store.RepoListAll(true, &model.ListOptions{All: true}) + if err != nil { + c.String(http.StatusInternalServerError, "Error fetching repository list. %s", err) + return + } + + for _, r := range repos { + repairRepo(c, r, false) + if c.Writer.Written() { + return + } + } + + c.Status(http.StatusNoContent) +} + +func repairRepo(c *gin.Context, repo *model.Repo, withPerms bool) { + forge := server.Config.Services.Forge + _store := store.FromContext(c) + user := session.User(c) + + // creates the jwt token used to verify the repository + t := token.New(token.HookToken, repo.FullName) + sig, err := t.Sign(repo.Hash) + if err != nil { + c.String(http.StatusInternalServerError, err.Error()) + return + } + + // reconstruct the link + host := server.Config.Server.WebhookHost + link := fmt.Sprintf( + "%s/api/hook?access_token=%s", + host, + sig, + ) + + from, err := forge.Repo(c, user, repo.ForgeRemoteID, repo.Owner, repo.Name) + if err != nil { + log.Error().Err(err).Msgf("get repo '%s/%s' from forge", repo.Owner, repo.Name) + c.AbortWithStatus(http.StatusInternalServerError) + return + } + + if repo.FullName != from.FullName { + // create a redirection + err = _store.CreateRedirection(&model.Redirection{RepoID: repo.ID, FullName: repo.FullName}) + if err != nil { + _ = c.AbortWithError(http.StatusInternalServerError, err) + return + } + } + + repo.Update(from) + if err := _store.UpdateRepo(repo); err != nil { + _ = c.AbortWithError(http.StatusInternalServerError, err) + return + } + if withPerms { + repo.Perm.Pull = from.Perm.Pull + repo.Perm.Push = from.Perm.Push + repo.Perm.Admin = from.Perm.Admin + if err := _store.PermUpsert(repo.Perm); err != nil { + _ = c.AbortWithError(http.StatusInternalServerError, err) + return + } + } + + if err := forge.Deactivate(c, user, repo, host); err != nil { + log.Trace().Err(err).Msgf("deactivate repo '%s' to repair failed", repo.FullName) + } + if err := forge.Activate(c, user, repo, link); err != nil { + c.String(http.StatusInternalServerError, err.Error()) + return + } +} diff --git a/server/router/api.go b/server/router/api.go index 4e2f14db40c..f1a33beca35 100644 --- a/server/router/api.go +++ b/server/router/api.go @@ -73,6 +73,7 @@ func apiRoutes(e *gin.RouterGroup) { repo.GET("/lookup/*repo_full_name", session.SetRepo(), session.SetPerm(), session.MustPull, api.LookupRepo) repo.POST("", session.MustUser(), api.PostRepo) repo.GET("", session.MustAdmin(), api.GetAllRepos) + repo.POST("/repair", session.MustAdmin(), api.RepairAllRepos) repoBase := repo.Group("/:repo_id") { repoBase.Use(session.SetRepo()) diff --git a/web/src/assets/locales/en.json b/web/src/assets/locales/en.json index 03ff4bde085..0b233bbdbb5 100644 --- a/web/src/assets/locales/en.json +++ b/web/src/assets/locales/en.json @@ -440,7 +440,11 @@ "none": "There are no repositories yet.", "view": "View repository", "settings": "Repository settings", - "disabled": "Disabled" + "disabled": "Disabled", + "repair": { + "repair": "Repair all", + "success": "Repositories repaired" + } } } }, diff --git a/web/src/components/admin/settings/AdminReposTab.vue b/web/src/components/admin/settings/AdminReposTab.vue index 757e7ffd39e..c131d19629f 100644 --- a/web/src/components/admin/settings/AdminReposTab.vue +++ b/web/src/components/admin/settings/AdminReposTab.vue @@ -1,5 +1,14 @@