Various enhancements in configuration (#1645)

- backends: move to cli flags instead of os.Getenv - ssh: support 2fa with key and password - allow to set grpc jwt secret (solves todo) - allow to set default and max timeout (solves todo) Closes https://github.com/woodpecker-ci/woodpecker/issues/896 Closes https://github.com/woodpecker-ci/woodpecker/issues/1131
2025-10-22 03:21:58 +00:00 · 2023-03-19 20:24:43 +01:00
parent 56e6639396
commit f582ad3159
19 changed files with 221 additions and 104 deletions
--- a/cmd/agent/agent.go
+++ b/cmd/agent/agent.go
@@ -154,14 +154,15 @@ func loop(c *cli.Context) error {
 		sigterm.Set()
 	})

-	backend.Init(context.WithValue(ctx, types.CliContext, c))
+	backendCtx := context.WithValue(ctx, types.CliContext, c)
+	backend.Init(backendCtx)

 	var wg sync.WaitGroup
 	parallel := c.Int("max-workflows")
 	wg.Add(parallel)

 	// new engine
-	engine, err := backend.FindEngine(c.String("backend-engine"))
+	engine, err := backend.FindEngine(backendCtx, c.String("backend-engine"))
 	if err != nil {
 		log.Error().Err(err).Msgf("cannot find backend engine '%s'", c.String("backend-engine"))
 		return err
@@ -195,7 +196,7 @@ func loop(c *cli.Context) error {
 			defer wg.Done()

 			// load engine (e.g. init api client)
-			err = engine.Load()
+			err = engine.Load(backendCtx)
 			if err != nil {
 				log.Error().Err(err).Msg("cannot load backend engine")
 				return
--- a/cmd/agent/flags.go
+++ b/cmd/agent/flags.go
@@ -108,7 +108,50 @@ var flags = []cli.Flag{
 		Value:   "auto-detect",
 	},

-	// TODO: add flags of backends
+	// backend docker
+	&cli.BoolFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_DOCKER_ENABLE_IPV6"},
+		Name:    "backend-docker-ipv6",
+		Usage:   "backend docker enable IPV6",
+		Value:   false,
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_DOCKER_NETWORK"},
+		Name:    "backend-docker-network",
+		Usage:   "backend docker network",
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_DOCKER_VOLUMES"},
+		Name:    "backend-docker-volumes",
+		Usage:   "backend docker volumes (comma separated)",
+	},
+
+	// backend ssh
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_SSH_ADDRESS"},
+		Name:    "backend-ssh-address",
+		Usage:   "backend ssh address",
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_SSH_USER"},
+		Name:    "backend-ssh-user",
+		Usage:   "backend ssh user",
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_SSH_KEY"},
+		Name:    "backend-ssh-key",
+		Usage:   "backend ssh key file",
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_SSH_KEY_PASSWORD"},
+		Name:    "backend-ssh-key-password",
+		Usage:   "backend ssh key password",
+	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_BACKEND_SSH_PASSWORD"},
+		Name:    "backend-ssh-password",
+		Usage:   "backend ssh password",
+	},

 	// backend k8s
 	&cli.StringFlag{
--- a/cmd/server/flags.go
+++ b/cmd/server/flags.go
@@ -77,6 +77,12 @@ var flags = []cli.Flag{
 		Usage:   "grpc address",
 		Value:   ":9000",
 	},
+	&cli.StringFlag{
+		EnvVars: []string{"WOODPECKER_GRPC_SECRET"},
+		Name:    "grpc-secret",
+		Usage:   "grpc jwt secret",
+		Value:   "secret",
+	},
 	&cli.StringFlag{
 		EnvVars: []string{"WOODPECKER_METRICS_SERVER_ADDR"},
 		Name:    "metrics-server-addr",
@@ -120,6 +126,18 @@ var flags = []cli.Flag{
 		Usage:   "The default docker image to be used when cloning the repo",
 		Value:   constant.DefaultCloneImage,
 	},
+	&cli.Int64Flag{
+		EnvVars: []string{"WOODPECKER_DEFAULT_PIPELINE_TIMEOUT"},
+		Name:    "default-pipeline-timeout",
+		Usage:   "The default time in minutes for a repo in minutes before a pipeline gets killed",
+		Value:   60,
+	},
+	&cli.Int64Flag{
+		EnvVars: []string{"WOODPECKER_MAX_PIPELINE_TIMEOUT"},
+		Name:    "max-pipeline-timeout",
+		Usage:   "The maximum time in minutes you can set in the repo settings before a pipeline gets killed",
+		Value:   120,
+	},
 	&cli.StringFlag{
 		EnvVars: []string{"WOODPECKER_DOCS"},
 		Name:    "docs",
--- a/cmd/server/server.go
+++ b/cmd/server/server.go
@@ -135,7 +135,7 @@ func run(c *cli.Context) error {
 			return err
 		}

-		jwtSecret := "secret" // TODO: make configurable
+		jwtSecret := c.String("grpc-secret")
 		jwtManager := woodpeckerGrpcServer.NewJWTManager(jwtSecret)

 		authorizer := woodpeckerGrpcServer.NewAuthorizer(jwtManager)
@@ -321,6 +321,8 @@ func setupEvilGlobals(c *cli.Context, v store.Store, f forge.Forge) {
 		events = append(events, model.WebhookEvent(v))
 	}
 	server.Config.Pipeline.DefaultCancelPreviousPipelineEvents = events
+	server.Config.Pipeline.DefaultTimeout = c.Int64("default-pipeline-timeout")
+	server.Config.Pipeline.MaxTimeout = c.Int64("max-pipeline-timeout")

 	// limits
 	server.Config.Pipeline.Limits.MemSwapLimit = c.Int64("limit-mem-swap")