kgess-mirror/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-01-11 20:56:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
forgejo/services/actions/variables.go
nachtjasmin 70166de15a chore(lint): Add exceptions for dbfs_model and unittest (#10275) 
Thanks a lot to @floss4good who pointed this out in the comments of
#10253!

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/10275
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: floss4good <floss4good@noreply.codeberg.org>
Co-authored-by: nachtjasmin <nachtjasmin@posteo.de>
Co-committed-by: nachtjasmin <nachtjasmin@posteo.de>
2025-12-09 14:34:06 +01:00

99 lines
2.5 KiB
Go
Raw Blame History

// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
import (
"context"
"regexp"
"strings"
actions_model "forgejo.org/models/actions"
"forgejo.org/modules/log"
"forgejo.org/modules/util"
secrets_service "forgejo.org/services/secrets"
)
func CreateVariable(ctx context.Context, ownerID, repoID int64, name, data string) (*actions_model.ActionVariable, error) {
if err := secrets_service.ValidateName(name); err != nil {
return nil, err
}
if err := envNameCIRegexMatch(name); err != nil {
return nil, err
}
v, err := actions_model.InsertVariable(ctx, ownerID, repoID, name, util.ReserveLineBreakForTextarea(data))
if err != nil {
return nil, err
}
return v, nil
}
func UpdateVariable(ctx context.Context, variableID, ownerID, repoID int64, name, data string) (bool, error) {
if err := secrets_service.ValidateName(name); err != nil {
return false, err
}
if err := envNameCIRegexMatch(name); err != nil {
return false, err
}
return actions_model.UpdateVariable(ctx, &actions_model.ActionVariable{
ID: variableID,
Name: strings.ToUpper(name),
Data: util.ReserveLineBreakForTextarea(data),
OwnerID: ownerID,
RepoID: repoID,
})
}
func DeleteVariableByName(ctx context.Context, ownerID, repoID int64, name string) error {
if err := secrets_service.ValidateName(name); err != nil {
return err
}
if err := envNameCIRegexMatch(name); err != nil {
return err
}
v, err := GetVariable(ctx, actions_model.FindVariablesOpts{
OwnerID: ownerID,
RepoID: repoID,
Name: name,
})
if err != nil {
return err
}
_, err = actions_model.DeleteVariable(ctx, v.ID, ownerID, repoID)
return err
}
func GetVariable(ctx context.Context, opts actions_model.FindVariablesOpts) (*actions_model.ActionVariable, error) {
vars, err := actions_model.FindVariables(ctx, opts)
if err != nil {
return nil, err
}
if len(vars) != 1 {
return nil, util.NewNotExistErrorf("variable not found")
}
return vars[0], nil
}
// some regular expression of `variables` and `secrets`
// reference to:
// https://docs.github.com/en/actions/learn-github-actions/variables#naming-conventions-for-configuration-variables
// https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets
var (
forbiddenEnvNameCIRx = regexp.MustCompile("(?i)^CI$")
)
func envNameCIRegexMatch(name string) error {
if forbiddenEnvNameCIRx.MatchString(name) {
log.Error("Env Name cannot be ci")
return util.NewInvalidArgumentErrorf("env name cannot be ci")
}
return nil
}
Reference in a new issue View git blame Copy permalink