mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-26 13:29:12 -05:00
16696a42f5
close #27801 --------- Co-authored-by: silverwind <me@silverwind.io> (cherry picked from commit 62b073e6f31645e446c7e8d6b5a506f61b47924e) Conflicts: - modules/util/util.go Trivial resolution, only picking the newly introduced function - routers/api/v1/swagger/options.go Trivial resolution. We don't have UserBadges, don't pick that part. - templates/swagger/v1_json.tmpl Regenerated.
100 lines
2.6 KiB
Go
100 lines
2.6 KiB
Go
// Copyright 2024 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package actions
|
|
|
|
import (
|
|
"context"
|
|
"regexp"
|
|
"strings"
|
|
|
|
actions_model "code.gitea.io/gitea/models/actions"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/util"
|
|
secret_service "code.gitea.io/gitea/services/secrets"
|
|
)
|
|
|
|
func CreateVariable(ctx context.Context, ownerID, repoID int64, name, data string) (*actions_model.ActionVariable, error) {
|
|
if err := secret_service.ValidateName(name); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := envNameCIRegexMatch(name); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
v, err := actions_model.InsertVariable(ctx, ownerID, repoID, name, util.ReserveLineBreakForTextarea(data))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return v, nil
|
|
}
|
|
|
|
func UpdateVariable(ctx context.Context, variableID int64, name, data string) (bool, error) {
|
|
if err := secret_service.ValidateName(name); err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if err := envNameCIRegexMatch(name); err != nil {
|
|
return false, err
|
|
}
|
|
|
|
return actions_model.UpdateVariable(ctx, &actions_model.ActionVariable{
|
|
ID: variableID,
|
|
Name: strings.ToUpper(name),
|
|
Data: util.ReserveLineBreakForTextarea(data),
|
|
})
|
|
}
|
|
|
|
func DeleteVariableByID(ctx context.Context, variableID int64) error {
|
|
return actions_model.DeleteVariable(ctx, variableID)
|
|
}
|
|
|
|
func DeleteVariableByName(ctx context.Context, ownerID, repoID int64, name string) error {
|
|
if err := secret_service.ValidateName(name); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := envNameCIRegexMatch(name); err != nil {
|
|
return err
|
|
}
|
|
|
|
v, err := GetVariable(ctx, actions_model.FindVariablesOpts{
|
|
OwnerID: ownerID,
|
|
RepoID: repoID,
|
|
Name: name,
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return actions_model.DeleteVariable(ctx, v.ID)
|
|
}
|
|
|
|
func GetVariable(ctx context.Context, opts actions_model.FindVariablesOpts) (*actions_model.ActionVariable, error) {
|
|
vars, err := actions_model.FindVariables(ctx, opts)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(vars) != 1 {
|
|
return nil, util.NewNotExistErrorf("variable not found")
|
|
}
|
|
return vars[0], nil
|
|
}
|
|
|
|
// some regular expression of `variables` and `secrets`
|
|
// reference to:
|
|
// https://docs.github.com/en/actions/learn-github-actions/variables#naming-conventions-for-configuration-variables
|
|
// https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets
|
|
var (
|
|
forbiddenEnvNameCIRx = regexp.MustCompile("(?i)^CI")
|
|
)
|
|
|
|
func envNameCIRegexMatch(name string) error {
|
|
if forbiddenEnvNameCIRx.MatchString(name) {
|
|
log.Error("Env Name cannot be ci")
|
|
return util.NewInvalidArgumentErrorf("env name cannot be ci")
|
|
}
|
|
return nil
|
|
}
|