Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/go_modules/golang.org/x/net-0.17.0
Browse files Browse the repository at this point in the history
  • Loading branch information
plyr4 authored Nov 3, 2023
2 parents dc6f490 + 19101a5 commit 7535dc6
Show file tree
Hide file tree
Showing 15 changed files with 304 additions and 153 deletions.
6 changes: 6 additions & 0 deletions constants/secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@ package constants

// Secret types.
const (
// SecretPullBuild defines the pull policy type for a secret.
SecretPullBuild = "build_start"

// SecretPullStep defines the pull policy type for a secret.
SecretPullStep = "step_start"

// SecretOrg defines the secret type for a secret scoped to a specific org.
SecretOrg = "org"

Expand Down
34 changes: 27 additions & 7 deletions pipeline/build.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,34 +33,54 @@ type Build struct {
// function will remove the steps that have a ruleset that do not
// match the provided ruledata. If both stages and steps are
// provided, then an empty pipeline is returned.
func (b *Build) Purge(r *RuleData) *Build {
func (b *Build) Purge(r *RuleData) (*Build, error) {
// return an empty pipeline if both stages and steps are provided
if len(b.Stages) > 0 && len(b.Steps) > 0 {
return nil
return nil, fmt.Errorf("cannot have both stages and steps at the top level of pipeline")
}

// purge stages pipeline if stages are provided
if len(b.Stages) > 0 {
b.Stages = *b.Stages.Purge(r)
pStages, err := b.Stages.Purge(r)
if err != nil {
return nil, err
}

b.Stages = *pStages
}

// purge steps pipeline if steps are provided
if len(b.Steps) > 0 {
b.Steps = *b.Steps.Purge(r)
pSteps, err := b.Steps.Purge(r)
if err != nil {
return nil, err
}

b.Steps = *pSteps
}

// purge services in pipeline if services are provided
if len(b.Services) > 0 {
b.Services = *b.Services.Purge(r)
pServices, err := b.Services.Purge(r)
if err != nil {
return nil, err
}

b.Services = *pServices
}

// purge secrets in pipeline if secrets are provided
if len(b.Secrets) > 0 {
b.Secrets = *b.Secrets.Purge(r)
pSecrets, err := b.Secrets.Purge(r)
if err != nil {
return nil, err
}

b.Secrets = *pSecrets
}

// return the purged pipeline
return b
return b, nil
}

// Sanitize cleans the fields for every step in each stage so they
Expand Down
41 changes: 39 additions & 2 deletions pipeline/build_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ func TestPipeline_Build_Purge(t *testing.T) {
tests := []struct {
pipeline *Build
want *Build
wantErr bool
}{
{
pipeline: testBuildStages(),
Expand Down Expand Up @@ -64,7 +65,39 @@ func TestPipeline_Build_Purge(t *testing.T) {
},
},
},
want: nil,
want: nil,
wantErr: true,
},
{
pipeline: &Build{
Steps: ContainerSlice{
{
ID: "step_github octocat._1_init",
Directory: "/home/github/octocat",
Environment: map[string]string{"FOO": "bar"},
Image: "#init",
Name: "init",
Number: 1,
Pull: "always",
},
{
ID: "step_github octocat._1_bad_regexp",
Directory: "/home/github/octocat",
Environment: map[string]string{"FOO": "bar"},
Image: "alpine",
Name: "bad_regexp",
Number: 2,
Pull: "always",
Ruleset: Ruleset{
If: Rules{Event: []string{"push"}, Branch: []string{"*-dev"}},
Operator: "and",
Matcher: "regexp",
},
},
},
},
want: nil,
wantErr: true,
},
}

Expand All @@ -78,7 +111,11 @@ func TestPipeline_Build_Purge(t *testing.T) {
Tag: "refs/heads/main",
}

got := test.pipeline.Purge(r)
got, err := test.pipeline.Purge(r)

if test.wantErr && err == nil {
t.Errorf("Purge should have returned an error, got: %v", got)
}

if !reflect.DeepEqual(got, test.want) {
t.Errorf("Purge is %v, want %v", got, test.want)
Expand Down
38 changes: 29 additions & 9 deletions pipeline/container.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,19 @@ type (

// Purge removes the Containers that have a ruleset
// that do not match the provided ruledata.
func (c *ContainerSlice) Purge(r *RuleData) *ContainerSlice {
func (c *ContainerSlice) Purge(r *RuleData) (*ContainerSlice, error) {
counter := 1
containers := new(ContainerSlice)

// iterate through each Container in the pipeline
for _, container := range *c {
// verify ruleset matches
if container.Ruleset.Match(r) {
match, err := container.Ruleset.Match(r)
if err != nil {
return nil, fmt.Errorf("unable to process ruleset for step %s: %w", container.Name, err)
}

if match {
// overwrite the Container number with the Container counter
container.Number = counter

Expand All @@ -76,7 +81,7 @@ func (c *ContainerSlice) Purge(r *RuleData) *ContainerSlice {
}

// return the new slice of Containers
return containers
return containers, nil
}

// Sanitize cleans the fields for every step in the pipeline so they
Expand Down Expand Up @@ -138,10 +143,10 @@ func (c *Container) Empty() bool {

// Execute returns true when the provided ruledata matches
// the conditions when we should be running the container on the worker.
func (c *Container) Execute(r *RuleData) bool {
func (c *Container) Execute(r *RuleData) (bool, error) {
// return false if the container is nil
if c == nil {
return false
return false, nil
}
// skip evaluating path in ruleset
//
Expand Down Expand Up @@ -189,31 +194,46 @@ func (c *Container) Execute(r *RuleData) bool {
// disregard the need to run the container
execute = false

match, err := c.Ruleset.Match(r)
if err != nil {
return false, err
}

// check if you need to run a status failure ruleset

if ((!(c.Ruleset.If.Empty() && c.Ruleset.Unless.Empty()) &&
!(c.Ruleset.If.NoStatus() && c.Ruleset.Unless.NoStatus())) || c.Ruleset.If.Parallel) &&
c.Ruleset.Match(r) {
match {
// approve the need to run the container
execute = true
}
}

r.Status = constants.StatusFailure

match, err := c.Ruleset.Match(r)
if err != nil {
return false, err
}

// check if you need to skip a status failure ruleset
if strings.EqualFold(status, constants.StatusSuccess) &&
!(c.Ruleset.If.NoStatus() && c.Ruleset.Unless.NoStatus()) &&
!(c.Ruleset.If.Empty() && c.Ruleset.Unless.Empty()) && c.Ruleset.Match(r) {
!(c.Ruleset.If.Empty() && c.Ruleset.Unless.Empty()) && match {
r.Status = constants.StatusSuccess

if !c.Ruleset.Match(r) {
match, err = c.Ruleset.Match(r)
if err != nil {
return false, err
}

if !match {
// disregard the need to run the container
execute = false
}
}

return execute
return execute, nil
}

// MergeEnv takes a list of environment variables and attempts
Expand Down
4 changes: 2 additions & 2 deletions pipeline/container_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ func TestPipeline_ContainerSlice_Purge(t *testing.T) {
Tag: "refs/heads/main",
}

got := test.containers.Purge(r)
got, _ := test.containers.Purge(r)

if !reflect.DeepEqual(got, test.want) {
t.Errorf("Purge is %v, want %v", got, test.want)
Expand Down Expand Up @@ -728,7 +728,7 @@ func TestPipeline_Container_Execute(t *testing.T) {

// run tests
for _, test := range tests {
got := test.container.Execute(test.ruleData)
got, _ := test.container.Execute(test.ruleData)

if got != test.want {
t.Errorf("Container Execute %s is %v, want %v", test.container.Name, got, test.want)
Expand Down
Loading

0 comments on commit 7535dc6

Please sign in to comment.