-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[feat]: [CI-12562]: support for output secrets plugins #282
Conversation
4e18543
to
9b22760
Compare
pipeline/runtime/run.go
Outdated
finalErr = err | ||
for _, key := range r.OutputVars { | ||
if _, ok := outputs[key]; ok { | ||
output := &api.OutputV2{ | ||
Key: key, | ||
Value: outputs[key], | ||
Type: outputVariableTypeString, | ||
} | ||
outputsV2 = append(outputsV2, output) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we need to add this ?
OutputVars is deprecated so we can skip this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pipelines with older yaml can still use this OutputVars fields right ? added this code for backward compatibility
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah but yaml field is same. Internally we parse it to the new format. You can once check with @sahithibanda01 since she implemented it. AFIAK this is not required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah but yaml field is same. Internally we parse it to the new format. You can once check with @sahithibanda01 since she implemented it. AFIAK this is not required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can remove this elseif cond altogether
pipeline/runtime/runtestsV2.go
Outdated
@@ -106,6 +106,9 @@ func executeRunTestsV2Step(ctx context.Context, f RunFunc, r *api.StartStepReque | |||
outputFile := fmt.Sprintf("%s/%s-output.env", pipeline.SharedVolPath, step.ID) | |||
step.Envs["DRONE_OUTPUT"] = outputFile | |||
|
|||
outputSecretsFile := fmt.Sprintf("%s/%s-output-secrets.env", pipeline.SharedVolPath, step.ID) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same for this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
observed the following support in the file . so added logic for secrets here also . can be removed if not required
step.Envs["DRONE_OUTPUT"] = outputFile
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think let's do for run.go for now only ? If the requirement comes for runtest we can add that later ?
pipeline/runtime/run.go
Outdated
finalErr = err | ||
for _, key := range r.OutputVars { | ||
if _, ok := outputs[key]; ok { | ||
output := &api.OutputV2{ | ||
Key: key, | ||
Value: outputs[key], | ||
Type: outputVariableTypeString, | ||
} | ||
outputsV2 = append(outputsV2, output) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah but yaml field is same. Internally we parse it to the new format. You can once check with @sahithibanda01 since she implemented it. AFIAK this is not required.
pipeline/runtime/run.go
Outdated
finalErr = err | ||
for _, key := range r.OutputVars { | ||
if _, ok := outputs[key]; ok { | ||
output := &api.OutputV2{ | ||
Key: key, | ||
Value: outputs[key], | ||
Type: outputVariableTypeString, | ||
} | ||
outputsV2 = append(outputsV2, output) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah but yaml field is same. Internally we parse it to the new format. You can once check with @sahithibanda01 since she implemented it. AFIAK this is not required.
pipeline/runtime/run.go
Outdated
finalErr = err | ||
for _, key := range r.OutputVars { | ||
if _, ok := outputs[key]; ok { | ||
output := &api.OutputV2{ | ||
Key: key, | ||
Value: outputs[key], | ||
Type: outputVariableTypeString, | ||
} | ||
outputsV2 = append(outputsV2, output) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can remove this elseif cond altogether
pipeline/runtime/runtestsV2.go
Outdated
@@ -106,6 +106,9 @@ func executeRunTestsV2Step(ctx context.Context, f RunFunc, r *api.StartStepReque | |||
outputFile := fmt.Sprintf("%s/%s-output.env", pipeline.SharedVolPath, step.ID) | |||
step.Envs["DRONE_OUTPUT"] = outputFile | |||
|
|||
outputSecretsFile := fmt.Sprintf("%s/%s-output-secrets.env", pipeline.SharedVolPath, step.ID) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think let's do for run.go for now only ? If the requirement comes for runtest we can add that later ?
pipeline/runtime/run.go
Outdated
@@ -66,6 +67,9 @@ func executeRunStep(ctx context.Context, f RunFunc, r *api.StartStepRequest, out | |||
} | |||
} | |||
|
|||
outputSecretsFile := fmt.Sprintf("%s/%s-output-secrets.env", pipeline.SharedVolPath, step.ID) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add the same condition as L52 and add a SecretVarFile
variable. If it's set, we will use that directly otherwise generate it similarly to what you have. This will help integrate with runner in the future.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if r.SecretVarFile != "" {
// set the env variable to r.SecretVarFile
}
pipeline/runtime/run.go
Outdated
return exited, outputs, exportEnvs, artifact, nil, string(optimizationState), nil | ||
|
||
//checking exported secrets from plugins if any | ||
_, secretErr := os.Stat(outputSecretsFile) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's log if secretErr != nil
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@vistaarjuneja
Why do we need to log it ? this will return err for all the existing plugins and run steps also as they dont use secret file as of now . this check is to understand whether a secret is exported or not .
if we log it , the error will be logged for all the existing run steps and plugin steps .
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack, let's change it to this in a single line:
if _, err := os.Stat(outputSecretsFile); err == nil {
}
api/api.go
Outdated
type OutputType string | ||
|
||
const ( | ||
STRING OutputType = "STRING" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's renamename these so it's more clear what it does
OutputTypeString OutputType = "STRING"
OutputTypeSecret OutputType = "SECRET"
so api.OutputTypeString
is more clear
pipeline/runtime/run.go
Outdated
return exited, outputs, exportEnvs, artifact, nil, string(optimizationState), nil | ||
|
||
//checking exported secrets from plugins if any | ||
_, secretErr := os.Stat(outputSecretsFile) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack, let's change it to this in a single line:
if _, err := os.Stat(outputSecretsFile); err == nil {
}
This reverts commit 122e501.
Requirement : https://harness.atlassian.net/wiki/x/rgFbEgU
Changes
Testing
Tested in local setup for the following scenarios