From ebb408f373a4fc6508d1d75aa6fddcba5fc7df81 Mon Sep 17 00:00:00 2001 From: R Date: Mon, 23 May 2022 22:27:12 +0200 Subject: [PATCH] fix: remove composite restrictions (#1128) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- pkg/model/workflow.go | 31 ----------------------- pkg/runner/action.go | 7 ----- pkg/runner/runner.go | 59 +++++++++++++++++++++---------------------- 3 files changed, 29 insertions(+), 68 deletions(-) diff --git a/pkg/model/workflow.go b/pkg/model/workflow.go index cca2049..55b80fc 100644 --- a/pkg/model/workflow.go +++ b/pkg/model/workflow.go @@ -23,21 +23,6 @@ type Workflow struct { Defaults Defaults `yaml:"defaults"` } -// CompositeRestrictions is the structure to control what is allowed in composite actions -type CompositeRestrictions struct { - AllowCompositeUses bool - AllowCompositeIf bool - AllowCompositeContinueOnError bool -} - -func defaultCompositeRestrictions() *CompositeRestrictions { - return &CompositeRestrictions{ - AllowCompositeUses: true, - AllowCompositeIf: true, - AllowCompositeContinueOnError: false, - } -} - // On events for the workflow func (w *Workflow) On() []string { switch w.RawOn.Kind { @@ -431,22 +416,6 @@ func (s *Step) Type() StepType { return StepTypeUsesActionRemote } -func (s *Step) Validate(config *CompositeRestrictions) error { - if config == nil { - config = defaultCompositeRestrictions() - } - if s.Type() != StepTypeRun && !config.AllowCompositeUses { - return fmt.Errorf("(StepID: %s): Unexpected value 'uses'", s.String()) - } else if s.Type() == StepTypeRun && s.Shell == "" { - return fmt.Errorf("(StepID: %s): Required property is missing: 'shell'", s.String()) - } else if !s.If.IsZero() && !config.AllowCompositeIf { - return fmt.Errorf("(StepID: %s): Property is not available: 'if'", s.String()) - } else if s.ContinueOnError && !config.AllowCompositeContinueOnError { - return fmt.Errorf("(StepID: %s): Property is not available: 'continue-on-error'", s.String()) - } - return nil -} - // ReadWorkflow returns a list of jobs for a given workflow file reader func ReadWorkflow(in io.Reader) (*Workflow, error) { w := new(Workflow) diff --git a/pkg/runner/action.go b/pkg/runner/action.go index 510e947..aeac196 100644 --- a/pkg/runner/action.go +++ b/pkg/runner/action.go @@ -364,13 +364,6 @@ func execAsComposite(step actionStep, containerActionDir string) common.Executor action := step.getActionModel() return func(ctx context.Context) error { - // Disable some features of composite actions, only for feature parity with github - for _, compositeStep := range action.Runs.Steps { - if err := compositeStep.Validate(rc.Config.CompositeRestrictions); err != nil { - return err - } - } - eval := rc.NewExpressionEvaluator() inputs := make(map[string]interface{}) diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 026f2ac..9e9e1b0 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -23,36 +23,35 @@ type Runner interface { // Config contains the config for a new runner type Config struct { - Actor string // the user that triggered the event - Workdir string // path to working directory - BindWorkdir bool // bind the workdir to the job container - EventName string // name of event to run - EventPath string // path to JSON file to use for event.json in containers - DefaultBranch string // name of the main branch for this repository - ReuseContainers bool // reuse containers to maintain state - ForcePull bool // force pulling of the image, even if already present - ForceRebuild bool // force rebuilding local docker image action - LogOutput bool // log the output from docker run - JSONLogger bool // use json or text logger - Env map[string]string // env for containers - Secrets map[string]string // list of secrets - Token string // GitHub token - InsecureSecrets bool // switch hiding output when printing to terminal - Platforms map[string]string // list of platforms - Privileged bool // use privileged mode - UsernsMode string // user namespace to use - ContainerArchitecture string // Desired OS/architecture platform for running containers - ContainerDaemonSocket string // Path to Docker daemon socket - UseGitIgnore bool // controls if paths in .gitignore should not be copied into container, default true - GitHubInstance string // GitHub instance to use, default "github.com" - ContainerCapAdd []string // list of kernel capabilities to add to the containers - ContainerCapDrop []string // list of kernel capabilities to remove from the containers - AutoRemove bool // controls if the container is automatically removed upon workflow completion - ArtifactServerPath string // the path where the artifact server stores uploads - ArtifactServerPort string // the port the artifact server binds to - CompositeRestrictions *model.CompositeRestrictions // describes which features are available in composite actions - NoSkipCheckout bool // do not skip actions/checkout - RemoteName string // remote name in local git repo config + Actor string // the user that triggered the event + Workdir string // path to working directory + BindWorkdir bool // bind the workdir to the job container + EventName string // name of event to run + EventPath string // path to JSON file to use for event.json in containers + DefaultBranch string // name of the main branch for this repository + ReuseContainers bool // reuse containers to maintain state + ForcePull bool // force pulling of the image, even if already present + ForceRebuild bool // force rebuilding local docker image action + LogOutput bool // log the output from docker run + JSONLogger bool // use json or text logger + Env map[string]string // env for containers + Secrets map[string]string // list of secrets + Token string // GitHub token + InsecureSecrets bool // switch hiding output when printing to terminal + Platforms map[string]string // list of platforms + Privileged bool // use privileged mode + UsernsMode string // user namespace to use + ContainerArchitecture string // Desired OS/architecture platform for running containers + ContainerDaemonSocket string // Path to Docker daemon socket + UseGitIgnore bool // controls if paths in .gitignore should not be copied into container, default true + GitHubInstance string // GitHub instance to use, default "github.com" + ContainerCapAdd []string // list of kernel capabilities to add to the containers + ContainerCapDrop []string // list of kernel capabilities to remove from the containers + AutoRemove bool // controls if the container is automatically removed upon workflow completion + ArtifactServerPath string // the path where the artifact server stores uploads + ArtifactServerPort string // the port the artifact server binds to + NoSkipCheckout bool // do not skip actions/checkout + RemoteName string // remote name in local git repo config } // Resolves the equivalent host path inside the container