upgpkg: woodpecker-agent-sudo 2.0.0-1

2023-11-23 23:07:58 +00:00 · 2023-11-23 23:07:58 +00:00 · db46f8945a
commit db46f8945a
parent b81d053a48
4 changed files with 83 additions and 41 deletions
--- a/woodpecker-agent-sudo/.SRCINFO
+++ b/woodpecker-agent-sudo/.SRCINFO
@ -1,7 +1,7 @@
 pkgbase = woodpecker-agent-sudo
 	pkgdesc = A simple CI engine with great extensibility (agent), patched to use sudo to run local pipelines
-	pkgver = 1.0.2
-	pkgrel = 2
+	pkgver = 2.0.0
+	pkgrel = 1
 	url = https://woodpecker-ci.org
 	arch = x86_64
 	license = Apache
@ -15,7 +15,7 @@ pkgbase = woodpecker-agent-sudo
 	replaces = woodpecker-agent
 	options = !lto
 	backup = etc/woodpecker/agent.env
-	source = woodpecker::git+https://github.com/woodpecker-ci/woodpecker#commit=d9e06696bf85f260a0550d58301ac396874b32e3
+	source = woodpecker::git+https://github.com/woodpecker-ci/woodpecker#commit=0fc428aa8eb8152aafd186d5232f27008c78add8
 	source = agent-systemd.service
 	source = agent-sysusers.conf
 	source = agent-tmpfiles.conf
@ -27,7 +27,7 @@ pkgbase = woodpecker-agent-sudo
 	b2sums = 373a5889c899445c4b583a48e6d0ff67d4572e30e0dfd0842b389e9338712771ec053ee3771202fe2874ee8bbfb7cb5965a04cf10d4071100c4f7c89cf2a14f3
 	b2sums = b6479a7f3b3cf1ecaf0fc4e0653de10176af29b780ff716bf038077d70b0440e45a649ccd5ad9a12d5f52c9eecf9b5d8b5a01510a53eec7b664162c8bb9153ab
 	b2sums = 9d64fa22d5fcfb8634926220aeb89b0fa914d8e04ee39fe14abf3f170292ab2dc875fe3fe14b054ca8173c167cec4d93518d15d5f08698bd70d86dec7728dee8
-	b2sums = 3f7cb5620859d171b0fc9c177c09388a830bdc2343f8182bb794c18544070a78f6fd692c699c5c9fda262bf4919bb53a696ea7396c4e9c7e987788f052e9f19f
-	b2sums = 85b75986c0df0853126eb20ce80861337654646bb3df02666b6c77962090df12be35eac11dab724d96c4c4b1e6c373ce0a8d6b99843232be0311273bddb1141a
+	b2sums = 1e586f4ef03c0928a9371c24c222b3dbe08cf11fd3ea912eff86103085faf04b5c19391d16bfb6d5ec67e5cb5556485825b3bee8124359bbaa89c6e6ea3357b8
+	b2sums = 86cbff1c5554c4426b3de872696cae6eed093987ccec940283e340e6cc23d226d268b38f0843b19d2706167f13ac4e20d9340f47ce5dc8ad3cbdb80d501c4fc4

 pkgname = woodpecker-agent-sudo
--- a/woodpecker-agent-sudo/PKGBUILD
+++ b/woodpecker-agent-sudo/PKGBUILD
@ -4,8 +4,8 @@

 _pkgname='woodpecker-agent'
 pkgname=$_pkgname-sudo
-pkgver=1.0.2
-pkgrel=2
+pkgver=2.0.0
+pkgrel=1
 pkgdesc='A simple CI engine with great extensibility (agent), patched to use sudo to run local pipelines'
 arch=('x86_64')
 url='https://woodpecker-ci.org'
@ -17,7 +17,7 @@ optdepends=(
 )
 makedepends=('git' 'go')
 options=('!lto')
-_commit='d9e06696bf85f260a0550d58301ac396874b32e3'
+_commit='0fc428aa8eb8152aafd186d5232f27008c78add8'
 replaces=($_pkgname)
 conflicts=($_pkgname)
 backup=('etc/woodpecker/agent.env')
@ -35,8 +35,8 @@ b2sums=('SKIP'
        '373a5889c899445c4b583a48e6d0ff67d4572e30e0dfd0842b389e9338712771ec053ee3771202fe2874ee8bbfb7cb5965a04cf10d4071100c4f7c89cf2a14f3'
        'b6479a7f3b3cf1ecaf0fc4e0653de10176af29b780ff716bf038077d70b0440e45a649ccd5ad9a12d5f52c9eecf9b5d8b5a01510a53eec7b664162c8bb9153ab'
        '9d64fa22d5fcfb8634926220aeb89b0fa914d8e04ee39fe14abf3f170292ab2dc875fe3fe14b054ca8173c167cec4d93518d15d5f08698bd70d86dec7728dee8'
-        '3f7cb5620859d171b0fc9c177c09388a830bdc2343f8182bb794c18544070a78f6fd692c699c5c9fda262bf4919bb53a696ea7396c4e9c7e987788f052e9f19f'
-        '85b75986c0df0853126eb20ce80861337654646bb3df02666b6c77962090df12be35eac11dab724d96c4c4b1e6c373ce0a8d6b99843232be0311273bddb1141a')
+        '1e586f4ef03c0928a9371c24c222b3dbe08cf11fd3ea912eff86103085faf04b5c19391d16bfb6d5ec67e5cb5556485825b3bee8124359bbaa89c6e6ea3357b8'
+        '86cbff1c5554c4426b3de872696cae6eed093987ccec940283e340e6cc23d226d268b38f0843b19d2706167f13ac4e20d9340f47ce5dc8ad3cbdb80d501c4fc4')

 pkgver() {
  cd woodpecker
--- a/woodpecker-agent-sudo/sudo.patch
+++ b/woodpecker-agent-sudo/sudo.patch
@ -1,21 +1,46 @@
+diff --git a/pipeline/backend/local/clone.go b/pipeline/backend/local/clone.go
+index b659a090a..82ae5c5cc 100644
+--- a/pipeline/backend/local/clone.go
+++ b/pipeline/backend/local/clone.go
+@@ -94,14 +94,13 @@ func (e *local) execClone(ctx context.Context, step *types.Step, state *workflow
+ 			}
+ 			cmd = exec.CommandContext(ctx, pwsh, "-Command", fmt.Sprintf("%s ; $code=$? ; %s ; if (!$code) {[Environment]::Exit(1)}", state.pluginGitBinary, rmCmd))
+ 		} else {
+-			cmd = exec.CommandContext(ctx, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
+			cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
+ 		}
+ 	} else {
+ 		// if we have NO netrc, we can just exec the clone directly
+-		cmd = exec.CommandContext(ctx, state.pluginGitBinary)
+		cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, state.pluginGitBinary)
+ 	}
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
+ 
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
 diff --git a/pipeline/backend/local/local.go b/pipeline/backend/local/local.go
-index 2405c19bb..50321b8e7 100644
+index 698a3f0f9..5bef80857 100644
 --- a/pipeline/backend/local/local.go
 +++ b/pipeline/backend/local/local.go
-@@ -44,7 +44,7 @@ var notAllowedEnvVarOverwrites = []string{
+@@ -36,7 +36,7 @@ import (
 
 type workflowState struct {
- 	stepCMDs     map[string]*exec.Cmd
-	baseDir      string
-+	user         string
- 	homeDir      string
- 	workspaceDir string
+ 	stepCMDs        map[string]*exec.Cmd
+-	baseDir         string
+	user            string
+ 	homeDir         string
+ 	workspaceDir    string
+ 	pluginGitBinary string
+@@ -80,26 +80,20 @@ func (e *local) Load(ctx context.Context) (*types.EngineInfo, error) {
 }
-@@ -79,23 +79,17 @@ func (e *local) Load(context.Context) error {
- func (e *local) SetupWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
+ 
+ // SetupWorkflow the pipeline environment.
+-func (e *local) SetupWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
+func (e *local) SetupWorkflow(ctx context.Context, conf *types.Config, taskUUID string) error {
 	log.Trace().Str("taskUUID", taskUUID).Msg("create workflow environment")
 
-	baseDir, err := os.MkdirTemp("", "woodpecker-local-*")
+-	baseDir, err := os.MkdirTemp(e.tempDir, "woodpecker-local-*")
 -	if err != nil {
 -		return err
 -	}
@ -26,36 +51,48 @@ index 2405c19bb..50321b8e7 100644
 -		baseDir:      baseDir,
 -		workspaceDir: filepath.Join(baseDir, "workspace"),
 -		homeDir:      filepath.Join(baseDir, "home"),
-	}
-
-	if err := os.Mkdir(state.homeDir, 0o700); err != nil {
-		return err
 +		user:         user,
-+		workspaceDir: filepath.Join("/tmp", user, conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
+		workspaceDir: filepath.Join("/home", user, ".cache", "woodpecker", conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
 +		homeDir:      filepath.Join("/home", user),
 	}
 
+-	if err := os.Mkdir(state.homeDir, 0o700); err != nil {
+-		return err
+-	}
+-
 -	if err := os.Mkdir(state.workspaceDir, 0o700); err != nil {
-+	err := exec.Command("sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
+	err := exec.CommandContext(ctx, "sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
 +	if err != nil {
 		return err
 	}
 
-@@ -132,7 +126,8 @@ func (e *local) StartStep(ctx context.Context, step *types.Step, taskUUID string
- 	// Set HOME
- 	env = append(env, "HOME="+state.homeDir)
+@@ -152,9 +146,8 @@ func (e *local) execCommands(ctx context.Context, step *types.Step, state *workf
+ 	}
 
-	var command []string
-+	// Run command as commit author user
-+	command := []string{"sudo", "-E", "-u", state.user}
- 	if step.Image == constant.DefaultCloneImage {
- 		// Default clone step
- 		// TODO: use tmp HOME and insert netrc and delete it after clone
-@@ -209,16 +204,6 @@ func (e *local) TailStep(_ context.Context, step *types.Step, taskUUID string) (
- func (e *local) DestroyWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
+ 	// Use "image name" as run command (indicate shell)
+-	cmd := exec.CommandContext(ctx, step.Image, args...)
+	cmd := exec.CommandContext(ctx, "sudo", append([]string{"-E", "-u", state.user, "-D", state.workspaceDir, step.Image}, args...)...)
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
+ 
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
+@@ -178,9 +171,8 @@ func (e *local) execPlugin(ctx context.Context, step *types.Step, state *workflo
+ 		return fmt.Errorf("lookup plugin binary: %w", err)
+ 	}
+ 
+-	cmd := exec.CommandContext(ctx, binary)
+	cmd := exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, binary)
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
+ 
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
+@@ -237,19 +229,9 @@ func (e *local) DestroyStep(_ context.Context, _ *types.Step, _ string) error {
+ func (e *local) DestroyWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
 	log.Trace().Str("taskUUID", taskUUID).Msgf("delete workflow environment")
 
-	state, err := e.getWorkflowStateFromConfig(conf)
+-	state, err := e.getState(taskUUID)
 -	if err != nil {
 -		return err
 -	}
@ -65,6 +102,10 @@ index 2405c19bb..50321b8e7 100644
 -		return err
 -	}
 -
- 	workflowID, err := e.getWorkflowIDFromConfig(conf)
- 	if err != nil {
- 		return err
+ 	e.deleteState(taskUUID)
+ 
+-	return err
+	return nil
+ }
+ 
+ func (e *local) getState(taskUUID string) (*workflowState, error) {
--- a/woodpecker-agent-sudo/sudoers
+++ b/woodpecker-agent-sudo/sudoers