upgpkg: woodpecker-agent-sudo 2.0.0-1

author: Anthony Wang 2023-11-23 23:07:58 +0000
committer: Anthony Wang 2023-11-23 23:07:58 +0000
commit: 5ca5307ed2051a3353afda0e11328409aadd52ed (patch)
tree: 9937d15cfb40e9b7addaa330f7da3584577997bc
parent: 022837448e8e6877c3717160612ca8642db4e0ca (diff)
download: aur-5ca5307ed2051a3353afda0e11328409aadd52ed.tar.gz
4 files changed, 83 insertions, 41 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 2bec635865a1..a2175b98a1ee 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = woodpecker-agent-sudo
 	pkgdesc = A simple CI engine with great extensibility (agent), patched to use sudo to run local pipelines
-	pkgver = 1.0.2
-	pkgrel = 2
+	pkgver = 2.0.0
+	pkgrel = 1
 	url = https://woodpecker-ci.org
 	arch = x86_64
 	license = Apache
@@ -15,7 +15,7 @@ pkgbase = woodpecker-agent-sudo
 	replaces = woodpecker-agent
 	options = !lto
 	backup = etc/woodpecker/agent.env
-	source = woodpecker::git+https://github.com/woodpecker-ci/woodpecker#commit=d9e06696bf85f260a0550d58301ac396874b32e3
+	source = woodpecker::git+https://github.com/woodpecker-ci/woodpecker#commit=0fc428aa8eb8152aafd186d5232f27008c78add8
 	source = agent-systemd.service
 	source = agent-sysusers.conf
 	source = agent-tmpfiles.conf
@@ -27,7 +27,7 @@ pkgbase = woodpecker-agent-sudo
 	b2sums = 373a5889c899445c4b583a48e6d0ff67d4572e30e0dfd0842b389e9338712771ec053ee3771202fe2874ee8bbfb7cb5965a04cf10d4071100c4f7c89cf2a14f3
 	b2sums = b6479a7f3b3cf1ecaf0fc4e0653de10176af29b780ff716bf038077d70b0440e45a649ccd5ad9a12d5f52c9eecf9b5d8b5a01510a53eec7b664162c8bb9153ab
 	b2sums = 9d64fa22d5fcfb8634926220aeb89b0fa914d8e04ee39fe14abf3f170292ab2dc875fe3fe14b054ca8173c167cec4d93518d15d5f08698bd70d86dec7728dee8
-	b2sums = 3f7cb5620859d171b0fc9c177c09388a830bdc2343f8182bb794c18544070a78f6fd692c699c5c9fda262bf4919bb53a696ea7396c4e9c7e987788f052e9f19f
-	b2sums = 85b75986c0df0853126eb20ce80861337654646bb3df02666b6c77962090df12be35eac11dab724d96c4c4b1e6c373ce0a8d6b99843232be0311273bddb1141a
+	b2sums = 1e586f4ef03c0928a9371c24c222b3dbe08cf11fd3ea912eff86103085faf04b5c19391d16bfb6d5ec67e5cb5556485825b3bee8124359bbaa89c6e6ea3357b8
+	b2sums = 86cbff1c5554c4426b3de872696cae6eed093987ccec940283e340e6cc23d226d268b38f0843b19d2706167f13ac4e20d9340f47ce5dc8ad3cbdb80d501c4fc4
 
 pkgname = woodpecker-agent-sudo
diff --git a/PKGBUILD b/PKGBUILD
index aaa9e31fb5a6..28e20167b13c 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,8 +4,8 @@
 
 _pkgname='woodpecker-agent'
 pkgname=$_pkgname-sudo
-pkgver=1.0.2
-pkgrel=2
+pkgver=2.0.0
+pkgrel=1
 pkgdesc='A simple CI engine with great extensibility (agent), patched to use sudo to run local pipelines'
 arch=('x86_64')
 url='https://woodpecker-ci.org'
@@ -17,7 +17,7 @@ optdepends=(
 )
 makedepends=('git' 'go')
 options=('!lto')
-_commit='d9e06696bf85f260a0550d58301ac396874b32e3'
+_commit='0fc428aa8eb8152aafd186d5232f27008c78add8'
 replaces=($_pkgname)
 conflicts=($_pkgname)
 backup=('etc/woodpecker/agent.env')
@@ -35,8 +35,8 @@ b2sums=('SKIP'
         '373a5889c899445c4b583a48e6d0ff67d4572e30e0dfd0842b389e9338712771ec053ee3771202fe2874ee8bbfb7cb5965a04cf10d4071100c4f7c89cf2a14f3'
         'b6479a7f3b3cf1ecaf0fc4e0653de10176af29b780ff716bf038077d70b0440e45a649ccd5ad9a12d5f52c9eecf9b5d8b5a01510a53eec7b664162c8bb9153ab'
         '9d64fa22d5fcfb8634926220aeb89b0fa914d8e04ee39fe14abf3f170292ab2dc875fe3fe14b054ca8173c167cec4d93518d15d5f08698bd70d86dec7728dee8'
-        '3f7cb5620859d171b0fc9c177c09388a830bdc2343f8182bb794c18544070a78f6fd692c699c5c9fda262bf4919bb53a696ea7396c4e9c7e987788f052e9f19f'
-        '85b75986c0df0853126eb20ce80861337654646bb3df02666b6c77962090df12be35eac11dab724d96c4c4b1e6c373ce0a8d6b99843232be0311273bddb1141a')
+        '1e586f4ef03c0928a9371c24c222b3dbe08cf11fd3ea912eff86103085faf04b5c19391d16bfb6d5ec67e5cb5556485825b3bee8124359bbaa89c6e6ea3357b8'
+        '86cbff1c5554c4426b3de872696cae6eed093987ccec940283e340e6cc23d226d268b38f0843b19d2706167f13ac4e20d9340f47ce5dc8ad3cbdb80d501c4fc4')
 
 pkgver() {
   cd woodpecker
diff --git a/sudo.patch b/sudo.patch
index 6b5777abae9e..1bde0d917225 100644
--- a/sudo.patch
+++ b/sudo.patch
@@ -1,21 +1,46 @@
+diff --git a/pipeline/backend/local/clone.go b/pipeline/backend/local/clone.go
+index b659a090a..82ae5c5cc 100644
+--- a/pipeline/backend/local/clone.go
++++ b/pipeline/backend/local/clone.go
+@@ -94,14 +94,13 @@ func (e *local) execClone(ctx context.Context, step *types.Step, state *workflow
+ 			}
+ 			cmd = exec.CommandContext(ctx, pwsh, "-Command", fmt.Sprintf("%s ; $code=$? ; %s ; if (!$code) {[Environment]::Exit(1)}", state.pluginGitBinary, rmCmd))
+ 		} else {
+-			cmd = exec.CommandContext(ctx, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
++			cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
+ 		}
+ 	} else {
+ 		// if we have NO netrc, we can just exec the clone directly
+-		cmd = exec.CommandContext(ctx, state.pluginGitBinary)
++		cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, state.pluginGitBinary)
+ 	}
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
+ 
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
 diff --git a/pipeline/backend/local/local.go b/pipeline/backend/local/local.go
-index 2405c19bb..50321b8e7 100644
+index 698a3f0f9..5bef80857 100644
 --- a/pipeline/backend/local/local.go
 +++ b/pipeline/backend/local/local.go
-@@ -44,7 +44,7 @@ var notAllowedEnvVarOverwrites = []string{
+@@ -36,7 +36,7 @@ import (
  
  type workflowState struct {
- 	stepCMDs     map[string]*exec.Cmd
--	baseDir      string
-+	user         string
- 	homeDir      string
- 	workspaceDir string
+ 	stepCMDs        map[string]*exec.Cmd
+-	baseDir         string
++	user            string
+ 	homeDir         string
+ 	workspaceDir    string
+ 	pluginGitBinary string
+@@ -80,26 +80,20 @@ func (e *local) Load(ctx context.Context) (*types.EngineInfo, error) {
  }
-@@ -79,23 +79,17 @@ func (e *local) Load(context.Context) error {
- func (e *local) SetupWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
+ 
+ // SetupWorkflow the pipeline environment.
+-func (e *local) SetupWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
++func (e *local) SetupWorkflow(ctx context.Context, conf *types.Config, taskUUID string) error {
  	log.Trace().Str("taskUUID", taskUUID).Msg("create workflow environment")
  
--	baseDir, err := os.MkdirTemp("", "woodpecker-local-*")
+-	baseDir, err := os.MkdirTemp(e.tempDir, "woodpecker-local-*")
 -	if err != nil {
 -		return err
 -	}
@@ -26,36 +51,48 @@ index 2405c19bb..50321b8e7 100644
 -		baseDir:      baseDir,
 -		workspaceDir: filepath.Join(baseDir, "workspace"),
 -		homeDir:      filepath.Join(baseDir, "home"),
--	}
--
--	if err := os.Mkdir(state.homeDir, 0o700); err != nil {
--		return err
 +		user:         user,
-+		workspaceDir: filepath.Join("/tmp", user, conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
++		workspaceDir: filepath.Join("/home", user, ".cache", "woodpecker", conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
 +		homeDir:      filepath.Join("/home", user),
  	}
  
+-	if err := os.Mkdir(state.homeDir, 0o700); err != nil {
+-		return err
+-	}
+-
 -	if err := os.Mkdir(state.workspaceDir, 0o700); err != nil {
-+	err := exec.Command("sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
++	err := exec.CommandContext(ctx, "sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
 +	if err != nil {
  		return err
  	}
  
-@@ -132,7 +126,8 @@ func (e *local) StartStep(ctx context.Context, step *types.Step, taskUUID string
- 	// Set HOME
- 	env = append(env, "HOME="+state.homeDir)
+@@ -152,9 +146,8 @@ func (e *local) execCommands(ctx context.Context, step *types.Step, state *workf
+ 	}
+ 
+ 	// Use "image name" as run command (indicate shell)
+-	cmd := exec.CommandContext(ctx, step.Image, args...)
++	cmd := exec.CommandContext(ctx, "sudo", append([]string{"-E", "-u", state.user, "-D", state.workspaceDir, step.Image}, args...)...)
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
+ 
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
+@@ -178,9 +171,8 @@ func (e *local) execPlugin(ctx context.Context, step *types.Step, state *workflo
+ 		return fmt.Errorf("lookup plugin binary: %w", err)
+ 	}
+ 
+-	cmd := exec.CommandContext(ctx, binary)
++	cmd := exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, binary)
+ 	cmd.Env = env
+-	cmd.Dir = state.workspaceDir
  
--	var command []string
-+	// Run command as commit author user
-+	command := []string{"sudo", "-E", "-u", state.user}
- 	if step.Image == constant.DefaultCloneImage {
- 		// Default clone step
- 		// TODO: use tmp HOME and insert netrc and delete it after clone
-@@ -209,16 +204,6 @@ func (e *local) TailStep(_ context.Context, step *types.Step, taskUUID string) (
- func (e *local) DestroyWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
+ 	// Get output and redirect Stderr to Stdout
+ 	e.output, _ = cmd.StdoutPipe()
+@@ -237,19 +229,9 @@ func (e *local) DestroyStep(_ context.Context, _ *types.Step, _ string) error {
+ func (e *local) DestroyWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
  	log.Trace().Str("taskUUID", taskUUID).Msgf("delete workflow environment")
  
--	state, err := e.getWorkflowStateFromConfig(conf)
+-	state, err := e.getState(taskUUID)
 -	if err != nil {
 -		return err
 -	}
@@ -65,6 +102,10 @@ index 2405c19bb..50321b8e7 100644
 -		return err
 -	}
 -
- 	workflowID, err := e.getWorkflowIDFromConfig(conf)
- 	if err != nil {
- 		return err
+ 	e.deleteState(taskUUID)
+ 
+-	return err
++	return nil
+ }
+ 
+ func (e *local) getState(taskUUID string) (*workflowState, error) {
diff --git a/sudoers b/sudoers
index b65e4398138b..9de199008e7f 100644
--- a/sudoers
+++ b/sudoers
@@ -1,2 +1,3 @@
 # This is kinda hacky but I couldn't find a better way to do it
 woodpecker-agent ALL=(#1000, #1001, #1002, #1003, #1004, #1005, #1006, #1007, #1008, #1009, #1010, #1011, #1012, #1013, #1014, #1015, #1016, #1017, #1018, #1019, #1020, #1021, #1022, #1023, #1024, #1025, #1026, #1027, #1028, #1029, #1030, #1031, #1032, #1033, #1034, #1035, #1036, #1037, #1038, #1039, #1040, #1041, #1042, #1043, #1044, #1045, #1046, #1047, #1048, #1049, #1050, #1051, #1052, #1053, #1054, #1055, #1056, #1057, #1058, #1059, #1060, #1061, #1062, #1063, #1064, #1065, #1066, #1067, #1068, #1069, #1070, #1071, #1072, #1073, #1074, #1075, #1076, #1077, #1078, #1079, #1080, #1081, #1082, #1083, #1084, #1085, #1086, #1087, #1088, #1089, #1090, #1091, #1092, #1093, #1094, #1095, #1096, #1097, #1098, #1099, #1100, #1101, #1102, #1103, #1104, #1105, #1106, #1107, #1108, #1109, #1110, #1111, #1112, #1113, #1114, #1115, #1116, #1117, #1118, #1119, #1120, #1121, #1122, #1123, #1124, #1125, #1126, #1127, #1128, #1129, #1130, #1131, #1132, #1133, #1134, #1135, #1136, #1137, #1138, #1139, #1140, #1141, #1142, #1143, #1144, #1145, #1146, #1147, #1148, #1149, #1150, #1151, #1152, #1153, #1154, #1155, #1156, #1157, #1158, #1159, #1160, #1161, #1162, #1163, #1164, #1165, #1166, #1167, #1168, #1169, #1170, #1171, #1172, #1173, #1174, #1175, #1176, #1177, #1178, #1179, #1180, #1181, #1182, #1183, #1184, #1185, #1186, #1187, #1188, #1189, #1190, #1191, #1192, #1193, #1194, #1195, #1196, #1197, #1198, #1199, #1200, #1201, #1202, #1203, #1204, #1205, #1206, #1207, #1208, #1209, #1210, #1211, #1212, #1213, #1214, #1215, #1216, #1217, #1218, #1219, #1220, #1221, #1222, #1223, #1224, #1225, #1226, #1227, #1228, #1229, #1230, #1231, #1232, #1233, #1234, #1235, #1236, #1237, #1238, #1239, #1240, #1241, #1242, #1243, #1244, #1245, #1246, #1247, #1248, #1249, #1250, #1251, #1252, #1253, #1254, #1255, #1256, #1257, #1258, #1259, #1260, #1261, #1262, #1263, #1264, #1265, #1266, #1267, #1268, #1269, #1270, #1271, #1272, #1273, #1274, #1275, #1276, #1277, #1278, #1279, #1280, #1281, #1282, #1283, #1284, #1285, #1286, #1287, #1288, #1289, #1290, #1291, #1292, #1293, #1294, #1295, #1296, #1297, #1298, #1299, #1300, #1301, #1302, #1303, #1304, #1305, #1306, #1307, #1308, #1309, #1310, #1311, #1312, #1313, #1314, #1315, #1316, #1317, #1318, #1319, #1320, #1321, #1322, #1323, #1324, #1325, #1326, #1327, #1328, #1329, #1330, #1331, #1332, #1333, #1334, #1335, #1336, #1337, #1338, #1339, #1340, #1341, #1342, #1343, #1344, #1345, #1346, #1347, #1348, #1349, #1350, #1351, #1352, #1353, #1354, #1355, #1356, #1357, #1358, #1359, #1360, #1361, #1362, #1363, #1364, #1365, #1366, #1367, #1368, #1369, #1370, #1371, #1372, #1373, #1374, #1375, #1376, #1377, #1378, #1379, #1380, #1381, #1382, #1383, #1384, #1385, #1386, #1387, #1388, #1389, #1390, #1391, #1392, #1393, #1394, #1395, #1396, #1397, #1398, #1399, #1400, #1401, #1402, #1403, #1404, #1405, #1406, #1407, #1408, #1409, #1410, #1411, #1412, #1413, #1414, #1415, #1416, #1417, #1418, #1419, #1420, #1421, #1422, #1423, #1424, #1425, #1426, #1427, #1428, #1429, #1430, #1431, #1432, #1433, #1434, #1435, #1436, #1437, #1438, #1439, #1440, #1441, #1442, #1443, #1444, #1445, #1446, #1447, #1448, #1449, #1450, #1451, #1452, #1453, #1454, #1455, #1456, #1457, #1458, #1459, #1460, #1461, #1462, #1463, #1464, #1465, #1466, #1467, #1468, #1469, #1470, #1471, #1472, #1473, #1474, #1475, #1476, #1477, #1478, #1479, #1480, #1481, #1482, #1483, #1484, #1485, #1486, #1487, #1488, #1489, #1490, #1491, #1492, #1493, #1494, #1495, #1496, #1497, #1498, #1499, #1500, #1501, #1502, #1503, #1504, #1505, #1506, #1507, #1508, #1509, #1510, #1511, #1512, #1513, #1514, #1515, #1516, #1517, #1518, #1519, #1520, #1521, #1522, #1523, #1524, #1525, #1526, #1527, #1528, #1529, #1530, #1531, #1532, #1533, #1534, #1535, #1536, #1537, #1538, #1539, #1540, #1541, #1542, #1543, #1544, #1545, #1546, #1547, #1548, #1549, #1550, #1551, #1552, #1553, #1554, #1555, #1556, #1557, #1558, #1559, #1560, #1561, #1562, #1563, #1564, #1565, #1566, #1567, #1568, #1569, #1570, #1571, #1572, #1573, #1574, #1575, #1576, #1577, #1578, #1579, #1580, #1581, #1582, #1583, #1584, #1585, #1586, #1587, #1588, #1589, #1590, #1591, #1592, #1593, #1594, #1595, #1596, #1597, #1598, #1599, #1600, #1601, #1602, #1603, #1604, #1605, #1606, #1607, #1608, #1609, #1610, #1611, #1612, #1613, #1614, #1615, #1616, #1617, #1618, #1619, #1620, #1621, #1622, #1623, #1624, #1625, #1626, #1627, #1628, #1629, #1630, #1631, #1632, #1633, #1634, #1635, #1636, #1637, #1638, #1639, #1640, #1641, #1642, #1643, #1644, #1645, #1646, #1647, #1648, #1649, #1650, #1651, #1652, #1653, #1654, #1655, #1656, #1657, #1658, #1659, #1660, #1661, #1662, #1663, #1664, #1665, #1666, #1667, #1668, #1669, #1670, #1671, #1672, #1673, #1674, #1675, #1676, #1677, #1678, #1679, #1680, #1681, #1682, #1683, #1684, #1685, #1686, #1687, #1688, #1689, #1690, #1691, #1692, #1693, #1694, #1695, #1696, #1697, #1698, #1699, #1700, #1701, #1702, #1703, #1704, #1705, #1706, #1707, #1708, #1709, #1710, #1711, #1712, #1713, #1714, #1715, #1716, #1717, #1718, #1719, #1720, #1721, #1722, #1723, #1724, #1725, #1726, #1727, #1728, #1729, #1730, #1731, #1732, #1733, #1734, #1735, #1736, #1737, #1738, #1739, #1740, #1741, #1742, #1743, #1744, #1745, #1746, #1747, #1748, #1749, #1750, #1751, #1752, #1753, #1754, #1755, #1756, #1757, #1758, #1759, #1760, #1761, #1762, #1763, #1764, #1765, #1766, #1767, #1768, #1769, #1770, #1771, #1772, #1773, #1774, #1775, #1776, #1777, #1778, #1779, #1780, #1781, #1782, #1783, #1784, #1785, #1786, #1787, #1788, #1789, #1790, #1791, #1792, #1793, #1794, #1795, #1796, #1797, #1798, #1799, #1800, #1801, #1802, #1803, #1804, #1805, #1806, #1807, #1808, #1809, #1810, #1811, #1812, #1813, #1814, #1815, #1816, #1817, #1818, #1819, #1820, #1821, #1822, #1823, #1824, #1825, #1826, #1827, #1828, #1829, #1830, #1831, #1832, #1833, #1834, #1835, #1836, #1837, #1838, #1839, #1840, #1841, #1842, #1843, #1844, #1845, #1846, #1847, #1848, #1849, #1850, #1851, #1852, #1853, #1854, #1855, #1856, #1857, #1858, #1859, #1860, #1861, #1862, #1863, #1864, #1865, #1866, #1867, #1868, #1869, #1870, #1871, #1872, #1873, #1874, #1875, #1876, #1877, #1878, #1879, #1880, #1881, #1882, #1883, #1884, #1885, #1886, #1887, #1888, #1889, #1890, #1891, #1892, #1893, #1894, #1895, #1896, #1897, #1898, #1899, #1900, #1901, #1902, #1903, #1904, #1905, #1906, #1907, #1908, #1909, #1910, #1911, #1912, #1913, #1914, #1915, #1916, #1917, #1918, #1919, #1920, #1921, #1922, #1923, #1924, #1925, #1926, #1927, #1928, #1929, #1930, #1931, #1932, #1933, #1934, #1935, #1936, #1937, #1938, #1939, #1940, #1941, #1942, #1943, #1944, #1945, #1946, #1947, #1948, #1949, #1950, #1951, #1952, #1953, #1954, #1955, #1956, #1957, #1958, #1959, #1960, #1961, #1962, #1963, #1964, #1965, #1966, #1967, #1968, #1969, #1970, #1971, #1972, #1973, #1974, #1975, #1976, #1977, #1978, #1979, #1980, #1981, #1982, #1983, #1984, #1985, #1986, #1987, #1988, #1989, #1990, #1991, #1992, #1993, #1994, #1995, #1996, #1997, #1998, #1999) NOPASSWD: ALL
+Defaults:woodpecker-agent runcwd=*
author	Anthony Wang	2023-11-23 23:07:58 +0000
committer	Anthony Wang	2023-11-23 23:07:58 +0000
commit	5ca5307ed2051a3353afda0e11328409aadd52ed (patch)
tree	9937d15cfb40e9b7addaa330f7da3584577997bc
parent	022837448e8e6877c3717160612ca8642db4e0ca (diff)
download	aur-5ca5307ed2051a3353afda0e11328409aadd52ed.tar.gz