diff --git a/README.md b/README.md index 2f4fcfd..a4892de 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ There is an official Docker image: https://hub.docker.com/r/bitsbeats/drone-tree ## Limitations -Currently supports +Currently supports * Github * Gitlab @@ -24,7 +24,7 @@ Currently supports - `PLUGIN_DEBUG`: Set this to `true` to enable debug messages. - `PLUGIN_ADDRESS`: Listen address for the plugins webserver. Defaults to `:3000`. - `PLUGIN_SECRET`: Shared secret with drone. You can generate the token using `openssl rand -hex 16`. -- `PLUGIN_WHITELIST_FILE`: (Optional) Path to regex pattern file. Matches the repo slug(s) against a list of regex patterns. Defaults to `""`, match everything +- `PLUGIN_ALLOW_LIST_FILE`: (Optional) Path to regex pattern file. Matches the repo slug(s) against a list of regex patterns. Defaults to `""`, match everything. Backend specific options @@ -83,10 +83,10 @@ services: Edit the Secrets (`***`), `` and `` to your needs. `` is used between Drone and drone-tree-config. -#### Whitelisting repos with regex matching: +#### Enable repos via regex matching: -By default this plugin matches against ALL repo slugs. If you want to enable the plugin for specific repos only, turn on -regex matching by specifying a `PLUGIN_WHITELIST_FILE`. +By default, this plugin matches against ALL repo slugs. If you want to enable the plugin for specific repos only, turn on +regex matching by specifying a `PLUGIN_ALLOW_LIST_FILE`. * Regex match rules must comply with [re2][3] syntax. * Each line is a single rule. @@ -104,7 +104,7 @@ Updated docker-compose: - PLUGIN_FALLBACK=true - PLUGIN_SECRET= - GITHUB_TOKEN= - - PLUGIN_WHITELIST_FILE=/drone-tree-config-matchfile + - PLUGIN_ALLOW_LIST_FILE=/drone-tree-config-matchfile restart: always volumes: - /var/lib/drone/drone-tree-config-matchfile:/drone-tree-config-matchfile diff --git a/cmd/drone-tree-config/main.go b/cmd/drone-tree-config/main.go index f110227..06d8bd1 100644 --- a/cmd/drone-tree-config/main.go +++ b/cmd/drone-tree-config/main.go @@ -12,11 +12,11 @@ import ( type ( spec struct { + AllowListFile string `envconfig:"PLUGIN_ALLOW_LIST_FILE"` Concat bool `envconfig:"PLUGIN_CONCAT"` MaxDepth int `envconfig:"PLUGIN_MAXDEPTH" default:"2"` Fallback bool `envconfig:"PLUGIN_FALLBACK"` Debug bool `envconfig:"PLUGIN_DEBUG"` - WhitelistFile string `envconfig:"PLUGIN_WHITELIST_FILE"` Address string `envconfig:"PLUGIN_ADDRESS" default:":3000"` Secret string `envconfig:"PLUGIN_SECRET"` Server string `envconfig:"SERVER" default:"https://api.github.com"` @@ -26,6 +26,8 @@ type ( BitBucketAuthServer string `envconfig:"BITBUCKET_AUTH_SERVER"` BitBucketClient string `envconfig:"BITBUCKET_CLIENT"` BitBucketSecret string `envconfig:"BITBUCKET_SECRET"` + // Deprecated: Use AllowListFile instead. + WhitelistFile string `envconfig:"PLUGIN_WHITELIST_FILE"` } ) @@ -50,6 +52,10 @@ func main() { if spec.BitBucketAuthServer == "" { spec.BitBucketAuthServer = spec.Server } + // TODO :: Remove this check, once the deprecation is deleted + if spec.AllowListFile == "" && spec.WhitelistFile != "" { + spec.AllowListFile = spec.WhitelistFile + } handler := config.Handler( plugin.New( @@ -57,7 +63,7 @@ func main() { plugin.WithFallback(spec.Fallback), plugin.WithMaxDepth(spec.MaxDepth), plugin.WithServer(spec.Server), - plugin.WithWhitelistFile(spec.WhitelistFile), + plugin.WithAllowListFile(spec.AllowListFile), plugin.WithBitBucketAuthServer(spec.BitBucketAuthServer), plugin.WithBitBucketClient(spec.BitBucketClient), plugin.WithBitBucketSecret(spec.BitBucketSecret), diff --git a/plugin/whitelist.go b/plugin/allowlist.go similarity index 86% rename from plugin/whitelist.go rename to plugin/allowlist.go index 9250858..7ef8599 100644 --- a/plugin/whitelist.go +++ b/plugin/allowlist.go @@ -9,23 +9,23 @@ import ( "github.com/sirupsen/logrus" ) -// whitelisted determines if the plugin is enabled for the repo slug. decisions are made +// allowlisted determines if the plugin is enabled for the repo slug. decisions are made // by considering the regex patterns in the regexFile. // // returns true (match) or false (no match). false means the repo slug should be bypassed -func (p *Plugin) whitelisted(req *request) bool { +func (p *Plugin) allowlisted(req *request) bool { slug := req.Repo.Slug noMatchMsg := fmt.Sprintf("%s no match: %s", req.UUID, slug) matchMsg := fmt.Sprintf("%s match: %s", req.UUID, slug) // requires a regex file - if p.whitelistFile == "" { + if p.allowListFile == "" { // match logrus.Info(matchMsg) return true } - buf, err := ioutil.ReadFile(p.whitelistFile) + buf, err := ioutil.ReadFile(p.allowListFile) if err != nil { // match logrus.Warnf("%s regex file read error: %s", req.UUID, err) diff --git a/plugin/options.go b/plugin/options.go index 4428e80..92f43ab 100644 --- a/plugin/options.go +++ b/plugin/options.go @@ -71,8 +71,14 @@ func WithMaxDepth(maxDepth int) func(*Plugin) { } // WithWhitelistFile configures with repo slug regex match list file -func WithWhitelistFile(whitelistFile string) func(*Plugin) { +// Deprecated: Use WithAllowlistFile instead. +func WithWhitelistFile(file string) func(*Plugin) { + return WithAllowListFile(file) +} + +// WithAllowListFile configures with repo slug regex match list file +func WithAllowListFile(file string) func(*Plugin) { return func(p *Plugin) { - p.whitelistFile = whitelistFile + p.allowListFile = file } } diff --git a/plugin/plugin.go b/plugin/plugin.go index aa0c8fa..df58abc 100644 --- a/plugin/plugin.go +++ b/plugin/plugin.go @@ -27,7 +27,7 @@ type ( concat bool fallback bool maxDepth int - whitelistFile string + allowListFile string } droneConfig struct { @@ -67,7 +67,7 @@ func (p *Plugin) Find(ctx context.Context, droneRequest *config.Request) (*drone req := request{droneRequest, someUuid, client} // make sure this plugin is enabled for the requested repo slug - if ok := p.whitelisted(&req); !ok { + if ok := p.allowlisted(&req); !ok { // do the default behavior by returning nil, nil return nil, nil } diff --git a/plugin/plugin_test.go b/plugin/plugin_test.go index 1dd1c1a..2afa6ff 100644 --- a/plugin/plugin_test.go +++ b/plugin/plugin_test.go @@ -215,7 +215,7 @@ func TestMatchEnable(t *testing.T) { WithGithubToken(mockToken), WithFallback(true), WithMaxDepth(2), - WithWhitelistFile(s.file), + WithAllowListFile(s.file), ) droneConfig, err := plugin.Find(noContext, req) if err != nil {