diff --git a/operator/runner/registry.go b/operator/runner/registry.go deleted file mode 100644 index be32a1ca2..000000000 --- a/operator/runner/registry.go +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright 2019 Drone.IO Inc. All rights reserved. -// Use of this source code is governed by the Drone Non-Commercial License -// that can be found in the LICENSE file. - -package runner - -// import ( -// "context" -// "encoding/json" -// "strings" - -// "github.com/drone/drone-yaml/yaml" -// "github.com/drone/drone/core" -// "github.com/drone/drone/plugin/registry/auths" -// ) - -// type registryManager struct { -// build *core.Build -// config *yaml.Manifest -// repo *core.Repository -// auths core.RegistryService -// secrets core.SecretService -// } - -// func (s *registryManager) list(_ context.Context) ([]*core.Registry, error) { -// // get the registry credentials from the external -// // registry credential provider. This could, for example, -// // source credentials from ~/.docker/config.json -// registries, err := s.auths.List(noContext, &core.RegistryRequest{ -// Repo: s.repo, -// Build: s.build, -// }) -// if err != nil { -// return nil, err -// } - -// // // get the registry credentials from the external -// // // user-defined registry credential provider. -// // userdef, err := s.auths.ListEndpoint(noContext, &core.RegistryRequest{ -// // Repo: s.repo, -// // Build: s.build, -// // }, s.repo.Endpoints.Registry) -// // if err != nil { -// // return nil, err -// // } -// // // append user-defined registry credentials to the list. -// // registries = append(registries, userdef...) - -// // the user can also define registry credentials in the -// // yaml secret section. -// for _, resource := range s.config.Resources { -// res, ok := resource.(*yaml.Secret) -// if !ok { -// continue -// } -// for name, value := range res.Data { -// // skip secrets the are intended for use with authenticating -// // to the docker registry and pulling private images. -// if isDockerConfig(name) == false { -// continue -// } - -// if res.Type == "encrypted" { -// value = strings.Replace(value, " ", "", -1) -// value = strings.Replace(value, "\n", "", -1) - -// plaintext, err := decrypt(core.EncryptAESGCM, value, s.repo.Secret) -// if err != nil { -// return nil, err -// } -// secret := new(core.Secret) -// err = json.Unmarshal([]byte(plaintext), secret) -// if err != nil { -// return nil, err -// } -// parsed, err := auths.ParseString(secret.Data) -// if err != nil { -// return nil, err -// } -// registries = append(registries, parsed...) - -// } else { -// // the user has the option of aliasing the -// // secret name. If the user specifies an external -// // name it must be used for the external query. -// req := &core.SecretRequest{ -// Name: value, -// Repo: s.repo, -// Build: s.build, -// } - -// // -// // TODO: bradrydzewski this should fetch from -// // the user-defined secrets. -// // -// secret, err := s.secrets.Find(noContext, req) -// if err != nil { -// return nil, err -// } -// parsed, err := auths.ParseString(secret.Data) -// if err != nil { -// return nil, err -// } -// registries = append(registries, parsed...) -// } -// } -// } -// return registries, nil -// } diff --git a/operator/runner/registry_test.go b/operator/runner/registry_test.go deleted file mode 100644 index 9d070c9d1..000000000 --- a/operator/runner/registry_test.go +++ /dev/null @@ -1,323 +0,0 @@ -// Copyright 2019 Drone.IO Inc. All rights reserved. -// Use of this source code is governed by the Drone Non-Commercial License -// that can be found in the LICENSE file. - -package runner - -// import ( -// "context" -// "encoding/json" -// "io" -// "testing" - -// "github.com/drone/drone-yaml/yaml" -// "github.com/drone/drone/core" -// "github.com/drone/drone/mock" - -// "github.com/golang/mock/gomock" -// "github.com/google/go-cmp/cmp" -// ) - -// func Test_RegistryManager_ListExternal(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// want := []*core.Registry{ -// { -// Address: "docker.io", -// Username: "octocat", -// Password: "pa55word", -// }, -// } - -// service := mock.NewMockRegistryService(controller) -// service.EXPECT().List(gomock.Any(), gomock.Any()).Return(want, nil) -// service.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// manager := registryManager{ -// auths: service, -// config: &yaml.Manifest{}, -// repo: &core.Repository{}, -// } -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// } -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } - -// // this test verifies that the registry credential manager -// // exits and returns an error if unable to fetch registry -// // credentials from the external provider. -// func Test_RegistryManager_ListExternal_Err(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// service := mock.NewMockRegistryService(controller) -// service.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, io.EOF) - -// manager := registryManager{ -// auths: service, -// } -// _, err := manager.list(noContext) -// if err == nil { -// t.Errorf("Expect error fetching external secret") -// } -// } - -// // this test verifies that the registry credential manager -// // skips secrets that are not docker_auth_config files. -// func Test_RegistryManager_ListInternal_Skip(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// service := mock.NewMockRegistryService(controller) -// service.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, nil) -// service.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// manager := registryManager{ -// repo: &core.Repository{}, -// auths: service, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_password": "docker_password", -// }, -// }, -// }, -// }, -// } - -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// } - -// var want []*core.Registry -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } - -// // this test verifies that the registry credential manager -// // fetches registry credentials from the remote secret store, -// // and successfully parses the .docker/config.json contents. -// func Test_RegistryManager_ListExternalSecrets(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// mockRepo := &core.Repository{ -// Slug: "octocat/hello-world", -// } - -// mockBuild := &core.Build{ -// Event: core.EventPullRequest, -// Fork: "octocat/hello-world", -// } - -// mockSecret := &core.Secret{ -// Name: "docker_auth_config", -// Data: `{"auths": {"index.docker.io": {"auth": "b2N0b2NhdDpjb3JyZWN0LWhvcnNlLWJhdHRlcnktc3RhcGxl"}}}`, -// } - -// mockSecretReq := &core.SecretRequest{ -// Name: mockSecret.Name, -// Repo: mockRepo, -// Build: mockBuild, -// } - -// mockResp := func(ctx context.Context, req *core.SecretRequest) (*core.Secret, error) { -// if diff := cmp.Diff(req, mockSecretReq); diff != "" { -// t.Errorf(diff) -// } -// return mockSecret, nil -// } - -// registries := mock.NewMockRegistryService(controller) -// registries.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, nil) -// registries.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// secrets := mock.NewMockSecretService(controller) -// secrets.EXPECT().Find(gomock.Any(), gomock.Any()).DoAndReturn(mockResp) - -// manager := registryManager{ -// auths: registries, -// secrets: secrets, -// repo: mockRepo, -// build: mockBuild, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_auth_config": "docker_auth_config", -// }, -// }, -// }, -// }, -// } -// want := []*core.Registry{ -// { -// Address: "index.docker.io", -// Username: "octocat", -// Password: "correct-horse-battery-staple", -// }, -// } -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } - -// // this test verifies that the registry credential manager -// // fetches registry credentials from the remote secret store, -// // and returns an error if external rpc call fails. -// func Test_RegistryManager_ListExternalSecrets_Err(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// registries := mock.NewMockRegistryService(controller) -// registries.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, nil) -// registries.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// secrets := mock.NewMockSecretService(controller) -// secrets.EXPECT().Find(gomock.Any(), gomock.Any()).Return(nil, io.EOF) - -// manager := registryManager{ -// repo: &core.Repository{}, -// auths: registries, -// secrets: secrets, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_auth_config": "docker_auth_config", -// }, -// }, -// }, -// }, -// } - -// _, err := manager.list(noContext) -// if err == nil { -// t.Errorf("Expect error") -// } -// } - -// // this test verifies that the registry credential manager -// // fetches registry credentials from the remote secret store, -// // and returns an error if the .docker/config.json contents -// // cannot be unmarshaled. -// func Test_RegistryManager_ListExternalSecrets_ParseErr(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// mockSecret := &core.Secret{ -// Name: "docker_auth_config", -// Data: `[]`, -// } - -// registries := mock.NewMockRegistryService(controller) -// registries.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, nil) -// registries.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// secrets := mock.NewMockSecretService(controller) -// secrets.EXPECT().Find(gomock.Any(), gomock.Any()).Return(mockSecret, nil) - -// manager := registryManager{ -// auths: registries, -// secrets: secrets, -// repo: &core.Repository{ -// Slug: "octocat/hello-world", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// Fork: "octocat/hello-world", -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_auth_config": "docker_auth_config", -// }, -// }, -// }, -// }, -// } - -// _, err := manager.list(noContext) -// if _, ok := err.(*json.UnmarshalTypeError); !ok { -// t.Errorf("Expect decoding error") -// } -// } - -// // this test verifies that the registry credential manager -// // can decrypt inline registry credentials included in the yaml, -// // where the encrypted content is a .docker/config.json file. -// func Test_RegistryManager_ListInline(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// if true { -// t.Skipf("skip docker_auth_config encryption test") -// return -// } - -// registries := mock.NewMockRegistryService(controller) -// registries.EXPECT().List(gomock.Any(), gomock.Any()).Return(nil, nil) -// registries.EXPECT().ListEndpoint(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, nil) - -// manager := registryManager{ -// auths: registries, -// repo: &core.Repository{ -// Secret: "m5bahAG7YVp114R4YgMv5uW7bTEzx7yn", -// Slug: "octocat/hello-world", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// Fork: "octocat/hello-world", -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "docker_auth_config": "0jye_JUWxgu1qZRd56d9GSnl3-gJgsBAakeKAQ4BX_UDSvT0ntcwXT38KfiI5OY-BNZSKwfoQrQuPYn2VJWXcUMSmy0JLdBEDzWJ-m8s-KPBApuh6vVTafKzrslK-E0P7ZfqiR0ulXWsHqJhzVXInjITx8oxsmcZ458Fwbvk6gXLudRsKKr6RjI4Jcr4mQGT", -// }, -// }, -// }, -// }, -// } - -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } - -// want := []*core.Registry{ -// { -// Address: "index.docker.io", -// Username: "octocat", -// Password: "correct-horse-battery-staple", -// }, -// } -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } diff --git a/operator/runner/runner.go b/operator/runner/runner.go index 97ce61291..84589edaf 100644 --- a/operator/runner/runner.go +++ b/operator/runner/runner.go @@ -277,16 +277,16 @@ func (r *Runner) Run(ctx context.Context, id int64) error { transform.WithEnviron(r.Environ), transform.WithLables( map[string]string{ - "io.drone": "true", - "io.core.build.number": fmt.Sprint(m.Build.Number), - "io.core.repo.namespace": m.Repo.Namespace, - "io.core.repo.name": m.Repo.Name, - "io.core.stage.name": m.Stage.Name, - "io.core.stage.number": fmt.Sprint(m.Stage.Number), - "io.core.ttl": fmt.Sprint(time.Duration(m.Repo.Timeout) * time.Minute), - "io.core.expires": fmt.Sprint(time.Now().Add(time.Duration(m.Repo.Timeout)*time.Minute + time.Hour).Unix()), - "io.core.created": fmt.Sprint(time.Now().Unix()), - "io.core.protected": "false", + "io.drone": "true", + "io.drone.build.number": fmt.Sprint(m.Build.Number), + "io.drone.repo.namespace": m.Repo.Namespace, + "io.drone.repo.name": m.Repo.Name, + "io.drone.stage.name": m.Stage.Name, + "io.drone.stage.number": fmt.Sprint(m.Stage.Number), + "io.drone.ttl": fmt.Sprint(time.Duration(m.Repo.Timeout) * time.Minute), + "io.drone.expires": fmt.Sprint(time.Now().Add(time.Duration(m.Repo.Timeout)*time.Minute + time.Hour).Unix()), + "io.drone.created": fmt.Sprint(time.Now().Unix()), + "io.drone.protected": "false", }, ), // TODO append labels here transform.WithLimits( diff --git a/operator/runner/secrets.go b/operator/runner/secrets.go index 913b2401f..839e95beb 100644 --- a/operator/runner/secrets.go +++ b/operator/runner/secrets.go @@ -13,121 +13,3 @@ func toSecretMap(secrets []*core.Secret) map[string]string { } return set } - -// import ( -// "context" -// "encoding/json" -// "strings" - -// "github.com/drone/drone-yaml/yaml" -// "github.com/drone/drone/core" -// "github.com/drone/drone/crypto/aesgcm" -// "github.com/drone/drone/crypto/secretbox" -// ) - -// var noContext = context.Background() - -// type secretManager struct { -// repo *core.Repository -// build *core.Build -// config *yaml.Manifest -// remote core.SecretService -// } - -// func (s *secretManager) list(_ context.Context) ([]*core.Secret, error) { -// var secrets []*core.Secret -// for _, resource := range s.config.Resources { -// res, ok := resource.(*yaml.Secret) -// if !ok { -// continue -// } -// for name, value := range res.Data { -// // skip secrets the are intended for use with authenticating -// // to the docker registry and pulling private images. -// if isDockerConfig(name) { -// continue -// } - -// if res.Type == "encrypted" { -// value = strings.Replace(value, " ", "", -1) -// value = strings.Replace(value, "\n", "", -1) - -// plaintext, err := decrypt(core.EncryptAESGCM, value, s.repo.Secret) -// if err != nil { -// return nil, err -// } -// secret := new(core.Secret) -// secret.Name = name -// err = json.Unmarshal([]byte(plaintext), secret) -// if err != nil { -// return nil, err -// } -// if secret.Pull == false && s.build.Event == core.EventPullRequest { -// continue -// } -// secrets = append(secrets, secret) -// } else { -// // the user has the option of aliasing the -// // secret name. If the user specifies an external -// // name it must be used for the external query. -// req := &core.SecretRequest{ -// Name: value, -// Repo: s.repo, -// Build: s.build, -// } - -// // if s.repo.Endpoints.Secret.Endpoint != "" { -// // // fetch the secret from the user-defined endpoint. -// // secret, err := s.remote.FindEndpoint(noContext, req, s.repo.Endpoints.Secret) -// // if err != nil { -// // return nil, err -// // } -// // if secret == nil { -// // continue -// // } -// // secrets = append(secrets, &core.Secret{ -// // Name: name, // use the aliased name. -// // Data: secret.Data, -// // }) -// // } else { -// // fetch the secret from the global endpoint. -// secret, err := s.remote.Find(noContext, req) -// if err != nil { -// return nil, err -// } -// if secret == nil { -// continue -// } -// secrets = append(secrets, &core.Secret{ -// Name: name, // use the aliased name. -// Data: secret.Data, -// }) -// // } -// } -// } -// } -// return secrets, nil -// } - -// // helper function extracts the ciphertext and algorithm type -// // // from the yaml secret structure. -// // func extractCiphertext(secret yaml.Secret) (algorithm, ciphertext string, ok bool) { -// // return core.EncryptAESGCM, secret.Data, true -// // } - -// // helper funciton decrypts the ciphertext using the provided -// // decryption algorithm and decryption key. -// func decrypt(algorithm, ciphertext, key string) (string, error) { -// switch algorithm { -// case core.EncryptAESGCM: -// return aesgcm.DecryptString(ciphertext, key) -// default: -// return secretbox.Decrypt(ciphertext, key) -// } -// } - -// // helper function returns true if the build event matches the -// // docker_auth_config variable name. -// func isDockerConfig(name string) bool { -// return strings.EqualFold(name, "DOCKER_AUTH_CONFIG") -// } diff --git a/operator/runner/secrets_test.go b/operator/runner/secrets_test.go deleted file mode 100644 index 6fdf1333f..000000000 --- a/operator/runner/secrets_test.go +++ /dev/null @@ -1,360 +0,0 @@ -// Copyright 2019 Drone.IO Inc. All rights reserved. -// Use of this source code is governed by the Drone Non-Commercial License -// that can be found in the LICENSE file. - -package runner - -// import ( -// "context" -// "encoding/json" -// "io" -// "testing" - -// "github.com/drone/drone-yaml/yaml" -// "github.com/drone/drone/core" -// "github.com/drone/drone/mock" -// "github.com/golang/mock/gomock" -// "github.com/google/go-cmp/cmp" -// ) - -// func Test_SecretManager_List_SkipDockerAuthConfig(t *testing.T) { -// manager := secretManager{ -// repo: &core.Repository{ -// Secret: "m5bahAG7YVp114R4YgMv5uW7bTEzx7yn", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "DOCKER_AUTH_CONFIG": "LiDvQo6Zw5ArpwCByD4Pb9DAibl5bMaUInzXFT93sEoejT_jNZQCtXpIbuGJh7Iw3ixyd8vMDC0vXiQWw5VhKvLWLKg=", -// }, -// }, -// }, -// }, -// } -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } -// if len(got) != 0 { -// t.Errorf("Expect DOCKER_AUTH_CONFIG excluded from secret list") -// } -// } - -// func Test_SecretManager_ListInline(t *testing.T) { -// manager := secretManager{ -// repo: &core.Repository{ -// Secret: "dvBIW3c7P5WW0iwMaPNKRCKIN19NgqMH", -// Slug: "octocat/hello-world", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// Fork: "octocat/hello-world", -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "docker_password": "5OXQwLXkLY0eWcqx0oM7SzY6nKrMBBUlRIC5aod0kmRH0-85AaH-4itxTrS21VaG88NESE5HB5Klq9QtTkAXsaW9KQ==", -// }, -// }, -// }, -// }, -// } -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } -// want := []*core.Secret{ -// { -// Name: "docker_password", -// Data: "correct-horse-battery-staple", -// }, -// } -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } - -// func Test_SecretManager_ListInline_SkipPull(t *testing.T) { -// manager := secretManager{ -// repo: &core.Repository{ -// Secret: "dvBIW3c7P5WW0iwMaPNKRCKIN19NgqMH", -// Slug: "octocat/hello-world", -// }, -// build: &core.Build{ -// Event: core.EventPullRequest, -// Fork: "octocat/hello-world", -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "docker_password": "5OXQwLXkLY0eWcqx0oM7SzY6nKrMBBUlRIC5aod0kmRH0-85AaH-4itxTrS21VaG88NESE5HB5Klq9QtTkAXsaW9KQ==", -// }, -// }, -// }, -// }, -// } -// secrets, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } -// if len(secrets) != 0 { -// t.Errorf("Expect secret not exposed to a pull request") -// } -// } - -// func Test_SecretManager_ListInline_DecryptErr(t *testing.T) { -// manager := secretManager{ -// repo: &core.Repository{ -// Secret: "invalid", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "docker_password": "LiDvQo6Zw5ArpwCByD4Pb9DAibl5bMaUInzXFT93sEoejT_jNZQCtXpIbuGJh7Iw3ixyd8vMDC0vXiQWw5VhKvLWLKg=", -// }, -// }, -// }, -// }, -// } -// _, err := manager.list(noContext) -// if err == nil { -// t.Errorf("Expect decryption error") -// } -// } - -// func Test_SecretManager_ListInline_DecodeErr(t *testing.T) { -// manager := secretManager{ -// repo: &core.Repository{ -// Secret: "m5bahAG7YVp114R4YgMv5uW7bTEzx7yn", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "encrypted", -// Data: map[string]string{ -// "docker_password": "nNOfLyHNFMecBwWq4DxGIkIRqfCX3DElxc7sejue", -// }, -// }, -// }, -// }, -// } -// _, err := manager.list(noContext) -// if _, ok := err.(*json.UnmarshalTypeError); !ok { -// t.Errorf("Expect decoding error") -// } -// } - -// func Test_SecretManager_ListExternal(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// mockRepo := &core.Repository{ -// Slug: "octocat/hello-world", -// } - -// mockBuild := &core.Build{ -// Event: core.EventPullRequest, -// Fork: "octocat/hello-world", -// } - -// mockSecret := &core.Secret{ -// Name: "docker_password", -// Data: "correct-horse-battery-staple", -// } - -// mockSecretReq := &core.SecretRequest{ -// Name: mockSecret.Name, -// Repo: mockRepo, -// Build: mockBuild, -// } - -// mockResp := func(ctx context.Context, req *core.SecretRequest) (*core.Secret, error) { -// if diff := cmp.Diff(req, mockSecretReq); diff != "" { -// t.Errorf(diff) -// } -// return mockSecret, nil -// } - -// service := mock.NewMockSecretService(controller) -// service.EXPECT().Find(gomock.Any(), gomock.Any()).DoAndReturn(mockResp) - -// manager := secretManager{ -// repo: mockRepo, -// build: mockBuild, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_password": "docker_password", -// }, -// }, -// }, -// }, -// remote: service, -// } -// got, err := manager.list(noContext) -// if err != nil { -// t.Error(err) -// return -// } -// want := []*core.Secret{ -// { -// Name: "docker_password", -// Data: "correct-horse-battery-staple", -// }, -// } -// if diff := cmp.Diff(got, want); diff != "" { -// t.Errorf(diff) -// } -// } - -// func Test_SecretManager_ListExternal_Err(t *testing.T) { -// controller := gomock.NewController(t) -// defer controller.Finish() - -// service := mock.NewMockSecretService(controller) -// service.EXPECT().Find(gomock.Any(), gomock.Any()).Return(nil, io.EOF) - -// manager := secretManager{ -// repo: &core.Repository{ -// Slug: "octocat/hello-world", -// }, -// build: &core.Build{ -// Event: core.EventPush, -// }, -// config: &yaml.Manifest{ -// Resources: []yaml.Resource{ -// &yaml.Secret{ -// Kind: "secret", -// Type: "external", -// Data: map[string]string{ -// "docker_password": "docker_password", -// }, -// }, -// }, -// }, -// remote: service, -// } -// _, err := manager.list(noContext) -// if err == nil { -// t.Errorf("Expect error fetching external secret") -// } -// } - -// // func Test_extractCiphertext(t *testing.T) { -// // tests := []struct { -// // secret config.Secret -// // algorithm string -// // ciphertext string -// // ok bool -// // }{ -// // { -// // secret: config.Secret{Secretbox: "LiDvQo6Zw5ArpwCByD4Pb9DAibl5bMaUInzXFT93sEoejT_jNZQCtXpIbuGJh7Iw3ixyd8vMDC0vXiQWw5VhKvLWLKg="}, -// // algorithm: core.EncryptSecretBox, -// // ciphertext: "LiDvQo6Zw5ArpwCByD4Pb9DAibl5bMaUInzXFT93sEoejT_jNZQCtXpIbuGJh7Iw3ixyd8vMDC0vXiQWw5VhKvLWLKg=", -// // ok: true, -// // }, -// // { -// // secret: config.Secret{Aesgcm: "JjnUFKmN-H0GJmXO8oByrgZoCb0imNTcGgV496TNB7Y3MESCerxYvxjWWP1RQdPibfT1P97F1WA="}, -// // algorithm: core.EncryptAESGCM, -// // ciphertext: "JjnUFKmN-H0GJmXO8oByrgZoCb0imNTcGgV496TNB7Y3MESCerxYvxjWWP1RQdPibfT1P97F1WA=", -// // ok: true, -// // }, -// // { -// // secret: config.Secret{}, -// // ok: false, -// // }, -// // } -// // for i, test := range tests { -// // algorithm, ciphertext, ok := extractCiphertext(test.secret) -// // if got, want := algorithm, test.algorithm; got != want { -// // t.Errorf("Want algorithm %s at index %v", want, i) -// // } -// // if got, want := ciphertext, test.ciphertext; got != want { -// // t.Errorf("Want ciphertext %s at index %v", want, i) -// // } -// // if got, want := ok, test.ok; got != want { -// // t.Errorf("Want ok %v at index %v", want, i) -// // } -// // } -// // } - -// func Test_decrypt(t *testing.T) { -// tests := []struct { -// Key string -// Algorithm string -// Ciphertext string -// Plaintext string -// }{ -// { -// Algorithm: core.EncryptSecretBox, -// Plaintext: "correct-horse-battery-staple", -// Ciphertext: "LiDvQo6Zw5ArpwCByD4Pb9DAibl5bMaUInzXFT93sEoejT_jNZQCtXpIbuGJh7Iw3ixyd8vMDC0vXiQWw5VhKvLWLKg=", -// Key: "m5bahAG7YVp114R4YgMv5uW7bTEzx7yn", -// }, -// { -// Algorithm: core.EncryptAESGCM, -// Plaintext: "correct-horse-battery-staple", -// Ciphertext: "JjnUFKmN-H0GJmXO8oByrgZoCb0imNTcGgV496TNB7Y3MESCerxYvxjWWP1RQdPibfT1P97F1WA=", -// Key: "m5bahAG7YVp114R4YgMv5uW7bTEzx7yn", -// }, -// } -// for i, test := range tests { -// plaintext, _ := decrypt(test.Algorithm, test.Ciphertext, test.Key) -// if got, want := plaintext, test.Plaintext; got != want { -// t.Errorf("Want %v at index %v", want, i) -// } -// } -// } - -// func Test_isDockerConfig(t *testing.T) { -// tests := []struct { -// Name string -// Match bool -// }{ -// { -// Name: "docker_auth_config", -// Match: true, -// }, -// { -// Name: "DOCKER_auth_CONFIG", -// Match: true, -// }, -// { -// Name: "docker_config", -// Match: false, -// }, -// } -// for i, test := range tests { -// if got, want := isDockerConfig(test.Name), test.Match; got != want { -// t.Errorf("Want %v at index %v", want, i) -// } -// } -// } diff --git a/scheduler/kube/kube.go b/scheduler/kube/kube.go index d2566798d..a642faa31 100644 --- a/scheduler/kube/kube.go +++ b/scheduler/kube/kube.go @@ -110,14 +110,14 @@ func (s *kubeScheduler) Schedule(ctx context.Context, stage *core.Stage) error { Namespace: s.namespace(), Annotations: map[string]string{ "io.drone": "true", - "io.core.stage.created": time.Unix(stage.Created, 0).String(), - "io.core.stage.scheduled": time.Now().String(), - "io.core.stage.id": fmt.Sprint(stage.ID), - "io.core.stage.number": fmt.Sprint(stage.Number), - "io.core.stage.os": fmt.Sprint(stage.OS), - "io.core.stage.arch": fmt.Sprint(stage.Arch), - "io.core.build.id": fmt.Sprint(stage.BuildID), - "io.core.repo.id": fmt.Sprint(stage.RepoID), + "io.drone.stage.created": time.Unix(stage.Created, 0).String(), + "io.drone.stage.scheduled": time.Now().String(), + "io.drone.stage.id": fmt.Sprint(stage.ID), + "io.drone.stage.number": fmt.Sprint(stage.Number), + "io.drone.stage.os": fmt.Sprint(stage.OS), + "io.drone.stage.arch": fmt.Sprint(stage.Arch), + "io.drone.build.id": fmt.Sprint(stage.BuildID), + "io.drone.repo.id": fmt.Sprint(stage.RepoID), }, }, Spec: batchv1.JobSpec{ diff --git a/scheduler/nomad/nomad.go b/scheduler/nomad/nomad.go index dd054398a..78dc83f7c 100644 --- a/scheduler/nomad/nomad.go +++ b/scheduler/nomad/nomad.go @@ -112,14 +112,14 @@ func (s *nomadScheduler) Schedule(ctx context.Context, stage *core.Stage) error }, Meta: map[string]string{ "io.drone": "true", - "io.core.stage.created": time.Unix(stage.Created, 0).String(), - "io.core.stage.scheduled": time.Now().String(), - "io.core.stage.id": fmt.Sprint(stage.ID), - "io.core.stage.number": fmt.Sprint(stage.Number), - "io.core.stage.os": fmt.Sprint(stage.OS), - "io.core.stage.arch": fmt.Sprint(stage.Arch), - "io.core.build.id": fmt.Sprint(stage.BuildID), - "io.core.repo.id": fmt.Sprint(stage.RepoID), + "io.drone.stage.created": time.Unix(stage.Created, 0).String(), + "io.drone.stage.scheduled": time.Now().String(), + "io.drone.stage.id": fmt.Sprint(stage.ID), + "io.drone.stage.number": fmt.Sprint(stage.Number), + "io.drone.stage.os": fmt.Sprint(stage.OS), + "io.drone.stage.arch": fmt.Sprint(stage.Arch), + "io.drone.build.id": fmt.Sprint(stage.BuildID), + "io.drone.repo.id": fmt.Sprint(stage.RepoID), }, }