mirror of
				https://github.com/woodpecker-ci/woodpecker.git
				synced 2025-10-26 12:54:53 +00:00 
			
		
		
		
	closes #11 Added support: 1. Environment variable `WOODPECKER_DELETE_MULTIPLE_RUNS_ON_EVENTS` (Default pull_request, push) 2. Builds will be marked as killed when they "override" another build
		
			
				
	
	
		
			357 lines
		
	
	
		
			8.6 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			357 lines
		
	
	
		
			8.6 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2018 Drone.IO Inc.
 | |
| //
 | |
| // Licensed under the Apache License, Version 2.0 (the "License");
 | |
| // you may not use this file except in compliance with the License.
 | |
| // You may obtain a copy of the License at
 | |
| //
 | |
| //      http://www.apache.org/licenses/LICENSE-2.0
 | |
| //
 | |
| // Unless required by applicable law or agreed to in writing, software
 | |
| // distributed under the License is distributed on an "AS IS" BASIS,
 | |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
| // See the License for the specific language governing permissions and
 | |
| // limitations under the License.
 | |
| 
 | |
| package api
 | |
| 
 | |
| import (
 | |
| 	"encoding/base32"
 | |
| 	"fmt"
 | |
| 	"net/http"
 | |
| 	"strconv"
 | |
| 
 | |
| 	"github.com/gin-gonic/gin"
 | |
| 	"github.com/gorilla/securecookie"
 | |
| 	"github.com/rs/zerolog/log"
 | |
| 
 | |
| 	"github.com/woodpecker-ci/woodpecker/server"
 | |
| 	"github.com/woodpecker-ci/woodpecker/server/model"
 | |
| 	"github.com/woodpecker-ci/woodpecker/server/router/middleware/session"
 | |
| 	"github.com/woodpecker-ci/woodpecker/server/store"
 | |
| 	"github.com/woodpecker-ci/woodpecker/shared/token"
 | |
| )
 | |
| 
 | |
| // TODO: make it set system wide via environment variables
 | |
| const (
 | |
| 	defaultTimeout int64 = 60 // 1 hour default build time
 | |
| 	maxTimeout     int64 = defaultTimeout * 2
 | |
| )
 | |
| 
 | |
| func PostRepo(c *gin.Context) {
 | |
| 	remote := server.Config.Services.Remote
 | |
| 	_store := store.FromContext(c)
 | |
| 	user := session.User(c)
 | |
| 	repo := session.Repo(c)
 | |
| 
 | |
| 	if repo.IsActive {
 | |
| 		c.String(http.StatusConflict, "Repository is already active.")
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	repo.IsActive = true
 | |
| 	repo.UserID = user.ID
 | |
| 	repo.AllowPull = true
 | |
| 	repo.CancelPreviousPipelineEvents = server.Config.Pipeline.DefaultCancelPreviousPipelineEvents
 | |
| 
 | |
| 	if repo.Visibility == "" {
 | |
| 		repo.Visibility = model.VisibilityPublic
 | |
| 		if repo.IsSCMPrivate {
 | |
| 			repo.Visibility = model.VisibilityPrivate
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if repo.Timeout == 0 {
 | |
| 		repo.Timeout = defaultTimeout
 | |
| 	} else if repo.Timeout > maxTimeout {
 | |
| 		repo.Timeout = maxTimeout
 | |
| 	}
 | |
| 
 | |
| 	if repo.Hash == "" {
 | |
| 		repo.Hash = base32.StdEncoding.EncodeToString(
 | |
| 			securecookie.GenerateRandomKey(32),
 | |
| 		)
 | |
| 	}
 | |
| 
 | |
| 	// creates the jwt token used to verify the repository
 | |
| 	t := token.New(token.HookToken, repo.FullName)
 | |
| 	sig, err := t.Sign(repo.Hash)
 | |
| 	if err != nil {
 | |
| 		c.String(http.StatusInternalServerError, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	link := fmt.Sprintf(
 | |
| 		"%s/hook?access_token=%s",
 | |
| 		server.Config.Server.Host,
 | |
| 		sig,
 | |
| 	)
 | |
| 
 | |
| 	err = remote.Activate(c, user, repo, link)
 | |
| 	if err != nil {
 | |
| 		c.String(http.StatusInternalServerError, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	from, err := remote.Repo(c, user, repo.Owner, repo.Name)
 | |
| 	if err == nil {
 | |
| 		repo.Update(from)
 | |
| 	}
 | |
| 
 | |
| 	err = _store.UpdateRepo(repo)
 | |
| 	if err != nil {
 | |
| 		c.String(http.StatusInternalServerError, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	c.JSON(http.StatusOK, repo)
 | |
| }
 | |
| 
 | |
| func PatchRepo(c *gin.Context) {
 | |
| 	_store := store.FromContext(c)
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 
 | |
| 	in := new(model.RepoPatch)
 | |
| 	if err := c.Bind(in); err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusBadRequest, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	if in.Timeout != nil && *in.Timeout > maxTimeout && !user.Admin {
 | |
| 		c.String(http.StatusForbidden, fmt.Sprintf("Timeout is not allowed to be higher than max timeout (%dmin)", maxTimeout))
 | |
| 	}
 | |
| 	if in.IsTrusted != nil && *in.IsTrusted != repo.IsTrusted && !user.Admin {
 | |
| 		log.Trace().Msgf("user '%s' wants to make repo trusted without being an instance admin ", user.Login)
 | |
| 		c.String(http.StatusForbidden, "Insufficient privileges")
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	if in.AllowPull != nil {
 | |
| 		repo.AllowPull = *in.AllowPull
 | |
| 	}
 | |
| 	if in.IsGated != nil {
 | |
| 		repo.IsGated = *in.IsGated
 | |
| 	}
 | |
| 	if in.IsTrusted != nil {
 | |
| 		repo.IsTrusted = *in.IsTrusted
 | |
| 	}
 | |
| 	if in.Timeout != nil {
 | |
| 		repo.Timeout = *in.Timeout
 | |
| 	}
 | |
| 	if in.Config != nil {
 | |
| 		repo.Config = *in.Config
 | |
| 	}
 | |
| 	if in.CancelPreviousPipelineEvents != nil {
 | |
| 		repo.CancelPreviousPipelineEvents = *in.CancelPreviousPipelineEvents
 | |
| 	}
 | |
| 	if in.Visibility != nil {
 | |
| 		switch *in.Visibility {
 | |
| 		case string(model.VisibilityInternal), string(model.VisibilityPrivate), string(model.VisibilityPublic):
 | |
| 			repo.Visibility = model.RepoVisibly(*in.Visibility)
 | |
| 		default:
 | |
| 			c.String(http.StatusBadRequest, "Invalid visibility type")
 | |
| 			return
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	err := _store.UpdateRepo(repo)
 | |
| 	if err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	c.JSON(http.StatusOK, repo)
 | |
| }
 | |
| 
 | |
| func ChownRepo(c *gin.Context) {
 | |
| 	_store := store.FromContext(c)
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 	repo.UserID = user.ID
 | |
| 
 | |
| 	err := _store.UpdateRepo(repo)
 | |
| 	if err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 	c.JSON(http.StatusOK, repo)
 | |
| }
 | |
| 
 | |
| func GetRepo(c *gin.Context) {
 | |
| 	c.JSON(http.StatusOK, session.Repo(c))
 | |
| }
 | |
| 
 | |
| func GetRepoPermissions(c *gin.Context) {
 | |
| 	perm := session.Perm(c)
 | |
| 	c.JSON(http.StatusOK, perm)
 | |
| }
 | |
| 
 | |
| func GetRepoBranches(c *gin.Context) {
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 	r := server.Config.Services.Remote
 | |
| 
 | |
| 	branches, err := r.Branches(c, user, repo)
 | |
| 	if err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	c.JSON(http.StatusOK, branches)
 | |
| }
 | |
| 
 | |
| func DeleteRepo(c *gin.Context) {
 | |
| 	remove, _ := strconv.ParseBool(c.Query("remove"))
 | |
| 	_store := store.FromContext(c)
 | |
| 
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 
 | |
| 	repo.IsActive = false
 | |
| 	repo.UserID = 0
 | |
| 
 | |
| 	if err := _store.UpdateRepo(repo); err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	if remove {
 | |
| 		if err := _store.DeleteRepo(repo); err != nil {
 | |
| 			_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 			return
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if err := server.Config.Services.Remote.Deactivate(c, user, repo, server.Config.Server.Host); err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 	c.JSON(200, repo)
 | |
| }
 | |
| 
 | |
| func RepairRepo(c *gin.Context) {
 | |
| 	remote := server.Config.Services.Remote
 | |
| 	_store := store.FromContext(c)
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 
 | |
| 	// creates the jwt token used to verify the repository
 | |
| 	t := token.New(token.HookToken, repo.FullName)
 | |
| 	sig, err := t.Sign(repo.Hash)
 | |
| 	if err != nil {
 | |
| 		c.String(500, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	// reconstruct the link
 | |
| 	host := server.Config.Server.Host
 | |
| 	link := fmt.Sprintf(
 | |
| 		"%s/hook?access_token=%s",
 | |
| 		host,
 | |
| 		sig,
 | |
| 	)
 | |
| 
 | |
| 	if err := remote.Deactivate(c, user, repo, host); err != nil {
 | |
| 		log.Trace().Err(err).Msgf("deactivate repo '%s' to repair failed", repo.FullName)
 | |
| 	}
 | |
| 	if err := remote.Activate(c, user, repo, link); err != nil {
 | |
| 		c.String(500, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	from, err := remote.Repo(c, user, repo.Owner, repo.Name)
 | |
| 	if err != nil {
 | |
| 		log.Error().Err(err).Msgf("get repo '%s/%s' from remote", repo.Owner, repo.Name)
 | |
| 		c.AbortWithStatus(http.StatusInternalServerError)
 | |
| 		return
 | |
| 	}
 | |
| 	repo.Name = from.Name
 | |
| 	repo.Owner = from.Owner
 | |
| 	repo.FullName = from.FullName
 | |
| 	repo.Avatar = from.Avatar
 | |
| 	repo.Link = from.Link
 | |
| 	repo.Clone = from.Clone
 | |
| 	repo.IsSCMPrivate = from.IsSCMPrivate
 | |
| 	if repo.IsSCMPrivate != from.IsSCMPrivate {
 | |
| 		repo.ResetVisibility()
 | |
| 	}
 | |
| 	if err := _store.UpdateRepo(repo); err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	c.Writer.WriteHeader(http.StatusOK)
 | |
| }
 | |
| 
 | |
| func MoveRepo(c *gin.Context) {
 | |
| 	remote := server.Config.Services.Remote
 | |
| 	_store := store.FromContext(c)
 | |
| 	repo := session.Repo(c)
 | |
| 	user := session.User(c)
 | |
| 
 | |
| 	to, exists := c.GetQuery("to")
 | |
| 	if !exists {
 | |
| 		err := fmt.Errorf("Missing required to query value")
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	owner, name, errParse := model.ParseRepo(to)
 | |
| 	if errParse != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, errParse)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	from, err := remote.Repo(c, user, owner, name)
 | |
| 	if err != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, err)
 | |
| 		return
 | |
| 	}
 | |
| 	if !from.Perm.Admin {
 | |
| 		c.AbortWithStatus(http.StatusUnauthorized)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	repo.Name = from.Name
 | |
| 	repo.Owner = from.Owner
 | |
| 	repo.FullName = from.FullName
 | |
| 	repo.Avatar = from.Avatar
 | |
| 	repo.Link = from.Link
 | |
| 	repo.Clone = from.Clone
 | |
| 	repo.IsSCMPrivate = from.IsSCMPrivate
 | |
| 	if repo.IsSCMPrivate != from.IsSCMPrivate {
 | |
| 		repo.ResetVisibility()
 | |
| 	}
 | |
| 
 | |
| 	errStore := _store.UpdateRepo(repo)
 | |
| 	if errStore != nil {
 | |
| 		_ = c.AbortWithError(http.StatusInternalServerError, errStore)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	// creates the jwt token used to verify the repository
 | |
| 	t := token.New(token.HookToken, repo.FullName)
 | |
| 	sig, err := t.Sign(repo.Hash)
 | |
| 	if err != nil {
 | |
| 		c.String(500, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	// reconstruct the link
 | |
| 	host := server.Config.Server.Host
 | |
| 	link := fmt.Sprintf(
 | |
| 		"%s/hook?access_token=%s",
 | |
| 		host,
 | |
| 		sig,
 | |
| 	)
 | |
| 
 | |
| 	if err := remote.Deactivate(c, user, repo, host); err != nil {
 | |
| 		log.Trace().Err(err).Msgf("deactivate repo '%s' for move to activate later, got an error", repo.FullName)
 | |
| 	}
 | |
| 	if err := remote.Activate(c, user, repo, link); err != nil {
 | |
| 		c.String(500, err.Error())
 | |
| 		return
 | |
| 	}
 | |
| 	c.Writer.WriteHeader(http.StatusOK)
 | |
| }
 |