github/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-08-29 10:30:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,917 Commits 32 Branches 91 Tags 153 MiB
main
Commit Graph

46 Commits

Author SHA1 Message Date
Henrik Huitti
79e4dd5380
feat(k8s): Kubernetes namespace per organization (#5309) 2025-07-22 17:22:26 +03:00
Harri Avellan
5c00b9d74b
Prevent secrets from leaking to Kubernetes API Server logs (#5305) 2025-07-14 17:45:13 +03:00
qwerty287
fe5ea7ad3b
Simplify backend types (#5299) 2025-07-05 12:59:17 +03:00
Patrick Schratz
e92706bfd8
Revert "kubernetes: prevent secrets from leaking to api-server logs" (#5293) 
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
 2025-07-05 09:40:40 +03:00
Harri Avellan
5e052f5579
kube backend: prevent secrets from leaking to Kubernetes apiserver logs (#5196) 2025-06-14 22:44:33 +02:00
Jener Rasmussen
8d94071e2f
Tag pipeline with source information (#4796) 
Co-authored-by: oauth <woodpecker-bot@obermui.de>
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
 2025-03-22 13:45:44 +01:00
qwerty287
7c31bcf327
Revert volumes/network list (#4656) 
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
 2025-01-04 11:56:26 +01:00
Anbraten
5d3300824d
Fix workflow volume and network config (#4650) 2025-01-01 16:21:57 +01:00
qwerty287
428ba689cb
Remove workflow-level volumes and networks (#4636) 2024-12-30 10:34:59 +01:00
Patrick Schratz
560eab96f0
Kubernetes | Docker: Add support for rootless images (#4151) 2024-11-02 18:07:27 +01:00
6543
6ad20ced5b
Move docker resource limit settings from server to agent (#3174) 
so you can set it per agent and not per server
 2024-09-26 16:56:59 +01:00
6543
cd5f6f71a2
Migrate to github.com/urfave/cli/v3 (#2951) 2024-07-18 01:26:35 +02:00
Robert Kaussow
89e100cfd1
Add godot linter to harmonitze toplevel comments (#3650) 2024-05-13 22:58:21 +02:00
qwerty287
6892a9ca57
Parse backend options in backend (#3227) 
Currently, backend options are parsed in the yaml parser.
This has some issues:
- backend specific code should be in the backend folders
- it is not possible to add backend options for backends added via
addons
 2024-02-08 18:39:32 +01:00
qwerty287
f92f8b17a3
Make agent usable for external backends (#3270) 2024-02-08 16:33:22 +01:00
qwerty287
5e2f7d81b3
Clean up models (#3228) 2024-01-22 07:56:18 +01:00
Thomas Anderson
0611fa9b32
Added protocol in port configuration (#2993) 
Closes  #2727
 2024-01-12 23:57:24 +01:00
Thomas Anderson
9bbc446009
Kubernetes AppArmor and seccomp (#3123) 
Closes #2545

seccomp
https://kubernetes.io/docs/tutorials/security/seccomp/

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/135-seccomp/README.md

AppArmor
https://kubernetes.io/docs/tutorials/security/apparmor/

fddcbb9cbf/keps/sig-node/24-apparmor/README.md
Went ahead and implemented API from KEP-24 above.
 2024-01-12 23:32:24 +01:00
6543
f8fb28e651
More docker backend test remove more undocumented (#3156) 
remove Sysctls and IpcMode
 2024-01-11 19:30:13 +01:00
6543
cd59a85230
Use name in backend types instead of alias (#3142) 2024-01-09 15:22:59 +01:00
Thomas Anderson
253d702bc7
Fix IPv6 host aliases for kubernetes (#2992) 
Closes #2991


[Tests](https://github.com/woodpecker-ci/woodpecker/pull/2993#issuecomment-1868048169)

---------

Co-authored-by: 6543 <6543@obermui.de>
 2023-12-23 00:42:30 +01:00
6543
1f8b3b5e1b
Only update pipelineStatus in one place (#2952) 2023-12-15 10:03:05 +01:00
qwerty287
ff1f51d6a9
Rename engine to backend (#2950) 
rename based on https://woodpecker-ci.org/docs/usage/terminiology

---------

Co-authored-by: 6543 <6543@obermui.de>
 2023-12-14 19:20:47 +01:00
Thomas Anderson
3adb98b287
Simple security context options (Kubernetes) (#2550) 2023-11-26 08:46:06 +01:00
Thomas Anderson
de53b906e8
Add ports into pipeline backend step model (#2656) 
Closes #2655.


[Pipeline](https://woodpecker-ci.org/docs/next/usage/services#complete-pipeline-example):
```yaml
services:
  database:
    image: mysql
    environment:
      - MYSQL_DATABASE=test
      - MYSQL_ROOT_PASSWORD=example
    ports:
      - 3306

steps:
  get-version:
    image: ubuntu
    commands:
      - ( apt update && apt dist-upgrade -y && apt install -y mysql-client 2>&1 )> /dev/null
      - sleep 60s # need to wait for mysql-server init
      - echo 'SHOW VARIABLES LIKE "version"' | mysql -uroot -hdatabase test -pexample
```

Service:
```yaml
apiVersion: v1
kind: Service
metadata:
  name: wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
  namespace: woodpecker-runtime
  ...
  selfLink: >-
    /api/v1/namespaces/woodpecker-runtime/services/wp-01hdq6gbkw1mn6k1655fs3rntf-0-services-0
status:
  loadBalancer: {}
spec:
  ports:
    - protocol: TCP
      port: 3306
      targetPort: 3306
  selector:
    step: database
  clusterIP: 10.43.180.120
  clusterIPs:
    - 10.43.180.120
  type: ClusterIP
  sessionAffinity: None
  ipFamilies:
    - IPv4
  ipFamilyPolicy: SingleStack
  internalTrafficPolicy: Cluster
```
 2023-11-02 04:12:41 +01:00
6543
ebe0307c6b
Let the backend engine report the current platform (#2688) 
if you run woodpecker-agent on windows and connect it to an docker
daemon, there could be two different platforms possible, as you can
switch from linux to windows mode and visa versa


---
*Sponsored by Kithara Software GmbH*
 2023-11-01 15:38:37 +01:00
Anbraten
4198c447fb
Destroy steps after they are done (#2681) 
Co-authored-by: 6543 <m.huber@kithara.com>
 2023-11-01 09:35:11 +01:00
Kleber Rocha
61b5672051
Add option to configure tolerations in kubernetes backend (#2249) 
This code add a feature to support tolerations in Kubernetes Backend

---------

Signed-off-by: Kleber Rocha <klinux@gmail.com>
 2023-08-22 22:34:59 +02:00
qwerty287
8cdac56d8f
Check for correct license header (#2137) 2023-08-10 11:06:00 +02:00
6543
3cd78c9409
Refactor agent (#2021) 
- code cleanup
- init backend engine only once
- pass a taskUUID to the backend

---
*Sponsored by Kithara Software GmbH*
 2023-07-20 20:39:20 +02:00
6543
b54f6ebad6
Let pipeline-compiler export step types (#1958) 2023-07-11 15:53:05 +02:00
6543
5393aa5d3b
Move docker specific volume & network settings into backend code (#1956) 
... if we want to make them be changed ... it should be an
agent-backend-option
 2023-07-09 21:03:19 +02:00
Ovidiu Calbajos
609ba481b5
Support for k8s serviceAccount and nodeSelector (#1842) 
Add the possiblity to specify the Kubernetes serviceAccount and/or
nodeSelector to be used on individual steps for Kubernetes executor
 2023-06-12 16:00:59 +02:00
Anbraten
556607b525
Rework log streaming and related functions (#1802) 
closes #1801
closes #1815 
closes #1144
closes  #983
closes  #557
closes #1827
regression of #1791

# TODO
- [x] adjust log model
- [x] add migration for logs
- [x] send log line via grpc using step-id
- [x] save log-line to db
- [x] stream log-lines to UI
- [x] use less structs for log-data
- [x] make web UI work
  - [x] display logs loaded from db
  - [x] display streaming logs
- [ ] ~~make migration work~~ -> dedicated pull (#1828)

# TESTED
- [x] new logs are stored in database
- [x] log retrieval via cli (of new logs) works
- [x] log streaming works (tested via curl & webui)
- [x] log retrieval via web (of new logs) works

---------

Co-authored-by: 6543 <6543@obermui.de>
 2023-06-06 09:52:08 +02:00
6543
f81b447638
remove undocumented docker specific option (#1825) 2023-06-05 17:30:32 +02:00
Stephen Muth
2941e508b3
Allow setting resources for kubernetes on a per-step basis (#1767) 
This add a simple implementation of requests/limits for individual
steps. There is no validation of what the resource actually is beyond
checking that it can successfully be converted to a Quantity, so it can
be used for things other than just memory/CPU.

close #1809
 2023-06-04 00:50:08 +02:00
Anbraten
435f5ae207
Improve local backend (#1762) 
Co-authored-by: 6543 <6543@obermui.de>
 2023-05-17 14:53:23 +02:00
qwerty287
f582ad3159
Various enhancements in configuration (#1645) 
- backends: move to cli flags instead of os.Getenv
- ssh: support 2fa with key and password
- allow to set grpc jwt secret (solves todo)
- allow to set default and max timeout (solves todo)

Closes https://github.com/woodpecker-ci/woodpecker/issues/896
Closes https://github.com/woodpecker-ci/woodpecker/issues/1131
 2023-03-19 20:24:43 +01:00
Sergio Fenoll
f0e518a5a2
Add option to ignore failures on steps (#1219) 
closes #1181
closes #834 

Adds `ignore_failure` to pipeline steps. When it's set to true,
if the step fails the following steps continue to execute as if no failure had occurred.

---

failure enums idea:
* fail (default) = if other steps run in parallel, wait for them and
then let workflow fail
* cancel = if other steps run in parallel, kill them
* ignore = we mark the step as failed but it wont have any impact
 2022-11-15 19:47:27 +01:00
6543
b15ca52a63
Move constrain to only have a single command in backend to run to dedicated backends (#1032) 
at the moment we compile a script that we can pipe in as single command
this is because of the constrains the docker backend gives us.

so we move it into the docker backend and eventually get rid of it altogether
 2022-10-31 00:26:49 +01:00
Anbraten
3b0263442a
Adding initial version of Kubernetes backend (#552) 
Co-authored-by: laszlocph <laszlo@laszlo.cloud>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Rynoxx <rynoxx@grid-servers.net>
 2022-09-05 06:01:14 +02:00
Zav Shotan
acbcc53872
Added support for step errors when executing backend (#817) 
When executing a backend step, in case of failure of the specific step, the run is marked as errored but the step error is missing.

Added:
1. Log for the backend error (without trace)
2. Mark the step as errored with exit code 126 (Could not execute).

Co-authored-by: Zav Shotan <zshotan@bloomberg.net>
Co-authored-by: Anton Bracke <anton@ju60.de>
 2022-05-11 13:40:44 +02:00
6543
03638b2934
pipeline backend: remove unused var (#683) 2022-01-09 23:28:41 +01:00
6543
2f91bdd4a0
gofumpt -w -l -extra . (#661) 2022-01-05 21:50:23 +01:00
6543
e072e4cce7
Fix pipeline backend autodetect (#545) 
* refactor:
 - rename IsAvivable -> IsAvailable
 - drop depricated Kill
 - make sure backends implement interface
 - rename backend struct for ide (better info)

* docker backend fix autodetect
 2021-11-27 02:29:14 +01:00
Anbraten
c1a8884d62
Add backend selection for agent (#463) 
- add backend selection option
- by default it will auto-detect a backend
 2021-11-26 03:34:48 +01:00