From 6ab28f7446a0273fb8577ac944870f89cbf52be9 Mon Sep 17 00:00:00 2001 From: ecrupper Date: Thu, 2 Nov 2023 11:27:26 -0500 Subject: [PATCH] fix(schedule): honor allow list for previously created schedules --- cmd/vela-server/schedule.go | 12 +++++++++--- cmd/vela-server/server.go | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/cmd/vela-server/schedule.go b/cmd/vela-server/schedule.go index 441798fff..cceb70de8 100644 --- a/cmd/vela-server/schedule.go +++ b/cmd/vela-server/schedule.go @@ -14,6 +14,7 @@ import ( "github.com/go-vela/server/database" "github.com/go-vela/server/queue" "github.com/go-vela/server/scm" + "github.com/go-vela/server/util" "github.com/go-vela/types" "github.com/go-vela/types/constants" "github.com/go-vela/types/library" @@ -29,7 +30,7 @@ const ( scheduleWait = "waiting to trigger build for schedule" ) -func processSchedules(ctx context.Context, start time.Time, compiler compiler.Engine, database database.Interface, metadata *types.Metadata, queue queue.Service, scm scm.Service) error { +func processSchedules(ctx context.Context, start time.Time, compiler compiler.Engine, database database.Interface, metadata *types.Metadata, queue queue.Service, scm scm.Service, allowList []string) error { logrus.Infof("processing active schedules to create builds") // send API call to capture the list of active schedules @@ -122,7 +123,7 @@ func processSchedules(ctx context.Context, start time.Time, compiler compiler.En } // process the schedule and trigger a new build - err = processSchedule(ctx, schedule, compiler, database, metadata, queue, scm) + err = processSchedule(ctx, schedule, compiler, database, metadata, queue, scm, allowList) if err != nil { logrus.WithError(err).Warnf("%s %s", scheduleErr, schedule.GetName()) @@ -134,13 +135,18 @@ func processSchedules(ctx context.Context, start time.Time, compiler compiler.En } //nolint:funlen // ignore function length and number of statements -func processSchedule(ctx context.Context, s *library.Schedule, compiler compiler.Engine, database database.Interface, metadata *types.Metadata, queue queue.Service, scm scm.Service) error { +func processSchedule(ctx context.Context, s *library.Schedule, compiler compiler.Engine, database database.Interface, metadata *types.Metadata, queue queue.Service, scm scm.Service, allowList []string) error { // send API call to capture the repo for the schedule r, err := database.GetRepo(ctx, s.GetRepoID()) if err != nil { return fmt.Errorf("unable to fetch repo: %w", err) } + // ensure repo has not been removed from allow list + if !util.CheckAllowlist(r, allowList) { + return fmt.Errorf("skipping schedule: repo %s no longer on allow list", r.GetFullName()) + } + logrus.Tracef("processing schedule %s/%s", r.GetFullName(), s.GetName()) // check if the repo is active diff --git a/cmd/vela-server/server.go b/cmd/vela-server/server.go index 7768ca01d..8333a8921 100644 --- a/cmd/vela-server/server.go +++ b/cmd/vela-server/server.go @@ -212,7 +212,7 @@ func server(c *cli.Context) error { // sleep for a duration of time before processing schedules time.Sleep(jitter) - err = processSchedules(ctx, start, compiler, database, metadata, queue, scm) + err = processSchedules(ctx, start, compiler, database, metadata, queue, scm, c.StringSlice("vela-schedule-allowlist")) if err != nil { logrus.WithError(err).Warn("unable to process schedules") } else {