From 3f3b424037fdf38829dd0c2eacbb981bee2507f2 Mon Sep 17 00:00:00 2001 From: Easton Crupper <65553218+ecrupper@users.noreply.github.com> Date: Mon, 11 Nov 2024 09:43:31 -0500 Subject: [PATCH] fix(secret): update env values for secret origin ctn (#615) --- executor/linux/build.go | 22 +++++++++++++++++++++- executor/linux/secret.go | 8 +++++++- executor/linux/secret_test.go | 2 +- 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/executor/linux/build.go b/executor/linux/build.go index f6665ee6..d19ba495 100644 --- a/executor/linux/build.go +++ b/executor/linux/build.go @@ -12,6 +12,7 @@ import ( "golang.org/x/sync/errgroup" + "github.com/go-vela/sdk-go/vela" api "github.com/go-vela/server/api/types" "github.com/go-vela/server/compiler/types/pipeline" "github.com/go-vela/server/constants" @@ -356,8 +357,27 @@ func (c *client) AssembleBuild(ctx context.Context) error { } c.Logger.Infof("creating %s secret", s.Origin.Name) + + // fetch request token if id_request used in origin config + var requestToken string + + if len(s.Origin.IDRequest) > 0 { + opts := &vela.RequestTokenOptions{ + Image: s.Origin.Image, + Request: s.Origin.IDRequest, + Commands: len(s.Origin.Commands) > 0 || len(s.Origin.Entrypoint) > 0, + } + + tkn, _, err := c.Vela.Build.GetIDRequestToken(c.build.GetRepo().GetOrg(), c.build.GetRepo().GetName(), c.build.GetNumber(), opts) + if err != nil { + return err + } + + requestToken = tkn.GetToken() + } + // create the service - c.err = c.secret.create(ctx, s.Origin) + c.err = c.secret.create(ctx, s.Origin, requestToken) if c.err != nil { return fmt.Errorf("unable to create %s secret: %w", s.Origin.Name, c.err) } diff --git a/executor/linux/secret.go b/executor/linux/secret.go index b09d763c..71f46ad1 100644 --- a/executor/linux/secret.go +++ b/executor/linux/secret.go @@ -34,7 +34,7 @@ var ( ) // create configures the secret plugin for execution. -func (s *secretSvc) create(ctx context.Context, ctn *pipeline.Container) error { +func (s *secretSvc) create(ctx context.Context, ctn *pipeline.Container, reqToken string) error { // update engine logger with secret metadata // // https://pkg.go.dev/github.com/sirupsen/logrus#Entry.WithField @@ -45,6 +45,12 @@ func (s *secretSvc) create(ctx context.Context, ctn *pipeline.Container) error { ctn.Environment["VELA_HOST"] = s.client.build.GetHost() ctn.Environment["VELA_RUNTIME"] = s.client.build.GetRuntime() ctn.Environment["VELA_VERSION"] = s.client.Version + ctn.Environment["VELA_OUTPUTS"] = "/vela/outputs/.env" + ctn.Environment["VELA_MASKED_OUTPUTS"] = "/vela/outputs/masked.env" + + if len(reqToken) > 0 { + ctn.Environment["VELA_ID_TOKEN_REQUEST_TOKEN"] = reqToken + } logger.Debug("setting up container") // setup the runtime container diff --git a/executor/linux/secret_test.go b/executor/linux/secret_test.go index c1f6026f..79125175 100644 --- a/executor/linux/secret_test.go +++ b/executor/linux/secret_test.go @@ -128,7 +128,7 @@ func TestLinux_Secret_create(t *testing.T) { t.Errorf("unable to create %s executor engine: %v", test.name, err) } - err = _engine.secret.create(context.Background(), test.container) + err = _engine.secret.create(context.Background(), test.container, "") if test.failure { if err == nil {