Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to configure config extensions for repos #3349

Open
wants to merge 62 commits into
base: main
Choose a base branch
from
Open

Allow to configure config extensions for repos #3349

wants to merge 62 commits into from

Conversation

anbraten
Copy link
Member

@anbraten anbraten commented Feb 7, 2024
edited
Loading

closes #783

Allow users to set / use service extensions (config) on a per repo basis. Those extensions are little external webservice which can implement a set of endpoints to replace woodpeckers internal functionality like:

  • pipeline config processing

TODO

  • add config & secrets extension service urls to repo settings
  • allow to change extensions urls for repo
  • add docs
  • restrict http call locations (prevent local ips)

image

@anbraten
add repo plugins
ab9f474
@anbraten
use ed25519 for signing
f4c234f
@anbraten
revert unrelated
180d767
@anbraten
clean up code and fix tests
c4e8f2d
@anbraten
Merge remote-tracking branch 'upstream/master' into repo-plugins
754a823
@anbraten
clean up
0a479bb
@anbraten
use async key pair for webhooks
ef13725
@anbraten
fix tests
ce7f026
@anbraten
fix linter
d0c8986
@anbraten
improve code
a63433f
@anbraten
add key pair to database
960bfac
@anbraten
Merge remote-tracking branch 'upstream/master' into repo-plugins
38d84e3
@anbraten
Merge branch 'webhook-pubkey' into repo-plugins
bdb6887
@anbraten
add some extension docs
5709122
@anbraten
Merge remote-tracking branch 'upstream/master' into repo-plugins
49396a9
@anbraten
fix migration and undo some changes
c1e1e4d
@anbraten
Merge remote-tracking branch 'upstream/master' into repo-plugins
c6257f3
@anbraten
remove vendor folder
8bed39b
@anbraten
adjust names
c603968
@anbraten
fiy typo
1399009
@anbraten
add extensions manager
889cc96
@anbraten
Merge remote-tracking branch 'upstream/master' into repo-plugins
554a2fc
@anbraten
add extensions ui
4bf532b
@anbraten
cleanup code
dbd9d83
@anbraten
adjust spacings
e497563
@anbraten
Merge branch 'master' into repo-plugins
84266ce
@anbraten
fix colors
12b8c54
@anbraten
Merge branch 'repo-plugins' of github.com:anbraten/woodpecker into re…
2539b6d 
…po-plugins
@anbraten
add docs links and fix types
2015d02
@anbraten
Merge branch 'master' into repo-plugins
bde2df0
@anbraten anbraten marked this pull request as ready for review June 5, 2024 16:26
@qwerty287 qwerty287 added this to the 2.6.0 milestone Jun 6, 2024
qwerty287
qwerty287 reviewed Jun 6, 2024
View reviewed changes
docs/docs/20-usage/72-extensions/72-extensions.md Show resolved Hide resolved
server/model/pagination.go Outdated Show resolved Hide resolved
server/model/repo.go Outdated
Comment on lines 53 to 54
SecretExtensionEndpoint string `json:"secret_extension_endpoint" xorm:"varchar(500) 'secret_extension_endpoint'"`
ConfigExtensionEndpoint string `json:"config_extension_endpoint" xorm:"varchar(500) 'config_extension_endpoint'"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are sent to all requests, including unauthorized.
Since you should use signing anyways that should be fine, but I just want to make sure this is expected?

server/services/secret/http.go Outdated Show resolved Hide resolved
server/services/secret/http.go Outdated Show resolved Hide resolved
server/services/utils/http.go Outdated Show resolved Hide resolved
server/services/utils/hostmatcher/http.go
}

var blockedError error
if blockList.MatchHostOrIP(host, tcpAddr.IP) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the blocklist used somewhere?

web/src/assets/locales/en.json Outdated
Comment on lines 466 to 474
"extensions": "Extensions",
"extensions_description": "Extensions are HTTP services that can be called by Woodpecker instead of using the builtin ones.",
"secrets_extension_endpoint": "Secrets extension endpoint",
"secrets_extension_alpha_state": "The secret extension is in alpha state and might change in the future.",
"extension_endpoint_placeholder": "e.g. https://my-extension-endpint.tld/api",
"config_extension_endpoint": "Config extension endpoint",
"extensions_signatures_public_key": "Public key for signatures",
"extensions_signatures_public_key_description": "This public key should be used by your extensions to verify webhook calls from Woodpecker.",
"extensions_configuration_saved": "Extensions configuration saved"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you put them into their own object?

web/src/assets/locales/en.json Outdated Show resolved Hide resolved
@anbraten anbraten modified the milestones: 2.6.0, 2.7.0 Jun 10, 2024
@anbraten anbraten mentioned this pull request Jun 22, 2024
Merged
@anbraten anbraten modified the milestones: 2.7.0, 2.8.0 Jul 13, 2024
@6543 6543 removed this from the 2.8.0 milestone Jul 22, 2024
@qwerty287 qwerty287 added this to the 3.0.0 milestone Jul 24, 2024
@anbraten anbraten changed the title Repo service extensions Allow to configure config extensions for repos Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qwerty287 qwerty287 qwerty287 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
addon feature add new functionality ui frontend related
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.

Configuration Extension
3 participants
@anbraten @qwerty287 @6543