Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
fa3fb23f
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fa3fb23f
编写于
9月 26, 2017
作者:
G
Grzegorz Bizon
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Move pipeline builder validation chain to a module
上级
609fa45f
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
125 addition
and
119 deletion
+125
-119
app/services/ci/create_pipeline_service.rb
app/services/ci/create_pipeline_service.rb
+3
-3
lib/gitlab/ci/pipeline/chain/validate/abilities.rb
lib/gitlab/ci/pipeline/chain/validate/abilities.rb
+54
-0
lib/gitlab/ci/pipeline/chain/validate/config.rb
lib/gitlab/ci/pipeline/chain/validate/config.rb
+35
-0
lib/gitlab/ci/pipeline/chain/validate/repository.rb
lib/gitlab/ci/pipeline/chain/validate/repository.rb
+32
-0
lib/gitlab/ci/pipeline/chain/validate_abilities.rb
lib/gitlab/ci/pipeline/chain/validate_abilities.rb
+0
-52
lib/gitlab/ci/pipeline/chain/validate_config.rb
lib/gitlab/ci/pipeline/chain/validate_config.rb
+0
-33
lib/gitlab/ci/pipeline/chain/validate_repository.rb
lib/gitlab/ci/pipeline/chain/validate_repository.rb
+0
-30
spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
+1
-1
未找到文件。
app/services/ci/create_pipeline_service.rb
浏览文件 @
fa3fb23f
...
...
@@ -2,9 +2,9 @@ module Ci
class
CreatePipelineService
<
BaseService
attr_reader
:pipeline
SEQUENCE
=
[
Gitlab
::
Ci
::
Pipeline
::
Chain
::
ValidateAbilities
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
ValidateRepository
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
ValidateConfig
,
SEQUENCE
=
[
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Validate
::
Abilities
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Validate
::
Repository
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Validate
::
Config
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Skip
,
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Create
].
freeze
...
...
lib/gitlab/ci/pipeline/chain/validate/abilities.rb
0 → 100644
浏览文件 @
fa3fb23f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
module
Validate
class
Abilities
<
Chain
::
Base
include
Gitlab
::
Allowable
include
Chain
::
Helpers
def
perform!
unless
project
.
builds_enabled?
return
error
(
'Pipelines are disabled!'
)
end
unless
allowed_to_trigger_pipeline?
if
can?
(
current_user
,
:create_pipeline
,
project
)
return
error
(
"Insufficient permissions for protected ref '
#{
pipeline
.
ref
}
'"
)
else
return
error
(
'Insufficient permissions to create a new pipeline'
)
end
end
end
def
break?
@pipeline
.
errors
.
any?
end
def
allowed_to_trigger_pipeline?
if
current_user
allowed_to_create?
else
# legacy triggers don't have a corresponding user
!
project
.
protected_for?
(
@pipeline
.
ref
)
end
end
def
allowed_to_create?
return
unless
can?
(
current_user
,
:create_pipeline
,
project
)
access
=
Gitlab
::
UserAccess
.
new
(
current_user
,
project:
project
)
if
branch_exists?
access
.
can_update_branch?
(
@pipeline
.
ref
)
elsif
tag_exists?
access
.
can_create_tag?
(
@pipeline
.
ref
)
else
true
# Allow it for now and we'll reject when we check ref existence
end
end
end
end
end
end
end
end
lib/gitlab/ci/pipeline/chain/validate/config.rb
0 → 100644
浏览文件 @
fa3fb23f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
module
Validate
class
Config
<
Chain
::
Base
include
Chain
::
Helpers
def
perform!
unless
@pipeline
.
config_processor
unless
@pipeline
.
ci_yaml_file
return
error
(
"Missing
#{
@pipeline
.
ci_yaml_file_path
}
file"
)
end
if
@command
.
save_incompleted
&&
@pipeline
.
has_yaml_errors?
@pipeline
.
drop
end
return
error
(
@pipeline
.
yaml_errors
)
end
unless
@pipeline
.
has_stage_seeds?
return
error
(
'No stages / jobs for this pipeline.'
)
end
end
def
break?
@pipeline
.
errors
.
any?
||
@pipeline
.
persisted?
end
end
end
end
end
end
end
lib/gitlab/ci/pipeline/chain/validate/repository.rb
0 → 100644
浏览文件 @
fa3fb23f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
module
Validate
class
Repository
<
Chain
::
Base
include
Chain
::
Helpers
def
perform!
unless
branch_exists?
||
tag_exists?
return
error
(
'Reference not found'
)
end
## TODO, we check commit in the service, that is why
# there is no repository access here.
#
# Should we validate repository before building a pipeline?
#
unless
pipeline
.
sha
return
error
(
'Commit not found'
)
end
end
def
break?
@pipeline
.
errors
.
any?
end
end
end
end
end
end
end
lib/gitlab/ci/pipeline/chain/validate_abilities.rb
已删除
100644 → 0
浏览文件 @
609fa45f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
class
ValidateAbilities
<
Chain
::
Base
include
Gitlab
::
Allowable
include
Chain
::
Helpers
def
perform!
unless
project
.
builds_enabled?
return
error
(
'Pipelines are disabled!'
)
end
unless
allowed_to_trigger_pipeline?
if
can?
(
current_user
,
:create_pipeline
,
project
)
return
error
(
"Insufficient permissions for protected ref '
#{
pipeline
.
ref
}
'"
)
else
return
error
(
'Insufficient permissions to create a new pipeline'
)
end
end
end
def
break?
@pipeline
.
errors
.
any?
end
def
allowed_to_trigger_pipeline?
if
current_user
allowed_to_create?
else
# legacy triggers don't have a corresponding user
!
project
.
protected_for?
(
@pipeline
.
ref
)
end
end
def
allowed_to_create?
return
unless
can?
(
current_user
,
:create_pipeline
,
project
)
access
=
Gitlab
::
UserAccess
.
new
(
current_user
,
project:
project
)
if
branch_exists?
access
.
can_update_branch?
(
@pipeline
.
ref
)
elsif
tag_exists?
access
.
can_create_tag?
(
@pipeline
.
ref
)
else
true
# Allow it for now and we'll reject when we check ref existence
end
end
end
end
end
end
end
lib/gitlab/ci/pipeline/chain/validate_config.rb
已删除
100644 → 0
浏览文件 @
609fa45f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
class
ValidateConfig
<
Chain
::
Base
include
Chain
::
Helpers
def
perform!
unless
@pipeline
.
config_processor
unless
@pipeline
.
ci_yaml_file
return
error
(
"Missing
#{
@pipeline
.
ci_yaml_file_path
}
file"
)
end
if
@command
.
save_incompleted
&&
@pipeline
.
has_yaml_errors?
@pipeline
.
drop
end
return
error
(
@pipeline
.
yaml_errors
)
end
unless
@pipeline
.
has_stage_seeds?
return
error
(
'No stages / jobs for this pipeline.'
)
end
end
def
break?
@pipeline
.
errors
.
any?
||
@pipeline
.
persisted?
end
end
end
end
end
end
lib/gitlab/ci/pipeline/chain/validate_repository.rb
已删除
100644 → 0
浏览文件 @
609fa45f
module
Gitlab
module
Ci
module
Pipeline
module
Chain
class
ValidateRepository
<
Chain
::
Base
include
Chain
::
Helpers
def
perform!
unless
branch_exists?
||
tag_exists?
return
error
(
'Reference not found'
)
end
## TODO, we check commit in the service, that is why
# there is no repository access here.
#
# Should we validate repository before building a pipeline?
#
unless
pipeline
.
sha
return
error
(
'Commit not found'
)
end
end
def
break?
@pipeline
.
errors
.
any?
end
end
end
end
end
end
spec/lib/gitlab/ci/pipeline/chain/validate
_
abilities_spec.rb
→
spec/lib/gitlab/ci/pipeline/chain/validate
/
abilities_spec.rb
浏览文件 @
fa3fb23f
require
'spec_helper'
describe
Gitlab
::
Ci
::
Pipeline
::
Chain
::
ValidateAbilities
do
describe
Gitlab
::
Ci
::
Pipeline
::
Chain
::
Validate
::
Abilities
do
describe
'#allowed_to_create?'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:project
)
{
create
(
:project
,
:repository
)
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录