Merge remote-tracking branch 'upstream/main' into master-main

CHANGELOG.md

@@ -1,6 +1,6 @@
 # Changelog
 
-## [1.0.0-rc1](https://github.com/woodpecker-ci/woodpecker/releases/tag/v1.0.0-rc1) - 2023-07-25
+## [1.0.0](https://github.com/woodpecker-ci/woodpecker/releases/tag/v1.0.0) - 2023-07-29
 
 * BREAKING
   * Use IDs to access organizations (#1873)
@@ -13,6 +13,7 @@
   * Access repos by their IDs (#1691)
   * Drop "coding" support (#1644)
   * Add queue details UI for admins (#1632)
+  * Remove `command:` from steps (#1032)
   * Remove old `build` API routes (#1283)
   * Let single line command be a single command (#1009)
   * Drop deprecated environment vars (#920)
@@ -59,6 +60,7 @@
   * Support plugin-only secrets (#1344)
   * Fix insecure /tmp usage in local backend (#872)
 * BUGFIXES
+  * Handle case where there is no latest pipeline for GetBadge (#2042) (#2050)
   * Fix repo gate protection (#1969)
   * Make secrets with "/" in name editable / deletable (#1938)
   * Fix Bitbucket implement missing features (#1887) (#1889)

docs/blog/2023-06-11-hello-blog/index.md

@@ -8,7 +8,6 @@ authors:
     url: https://github.com/anbraten
     image_url: https://github.com/anbraten.png
 tags: [hello, woodpecker]
-image: https://i.imgur.com/mErPwqL.png
 hide_table_of_contents: false
 ---
 

docs/blog/2023-07-28-release-v1.0.0/index.md

@@ -0,0 +1,67 @@
+---
+title: Presenting Woodpecker 1.0.0
+description: Introducing Woodpecker 1.0.0 and its new features.
+slug: release-v1.0.0
+authors:
+  - name: 6543
+    title: Maintainer of Woodpecker
+    url: https://github.com/6543
+    image_url: https://github.com/6543.png
+tags: [release, stable]
+hide_table_of_contents: false
+---
+
+We are proud to present you Woodpecker v1.0.0.
+It took us quite some time, but now we are sure it's ready, and you should really have a look at it.
+
+<!--truncate-->
+
+We've refactored a lot of code, so contributing to the codebase should be much easier.  
+Furthermore, a ton of bugs where addressed and various enhancements introduced, along with some highly anticipated features.  
+With Woodpecker v1.0.0, you can now substantially improve and streamline your code pipelines,
+empowering you to automate and optimize workflows like never before.
+
+## Some picked highlights:
+
+### Add Support for Cron Jobs
+
+Automate recurring tasks with ease using Woodpecker's new cron jobs feature.
+Schedule pipelines to run at specified intervals or times, optimizing repetitive workflows.
+[Read more](/docs/usage/cron)
+
+### YAML Map Merge, Overrides, and Sequence Merge Support
+
+With enhanced YAML support, managing complex configurations becomes a breeze.  
+Merge maps, apply overrides, and sequence merging—all within your YAML files.
+This is providing more flexibility and control over your pipelines.
+[Read more](/docs/usage/advanced-yaml-syntax)
+
+### Web-UI for Admins
+
+Simplify administration tasks with Woodpecker's new Admin UI.  
+Effortlessly manage user accounts, agents, and tasks, including adding new agents or pausing the task queue for maintenance.
+
+![Image of admin queue view](./admin_queue_ui.png)
+
+### Localize Web-UI
+
+Embrace internationalization by changing your locale in the user settings.  
+Interact with Woodpecker in the language of your choice, tailored to your preferences.  
+If your language is not available or only partially translated, consider contributing to our [Weblate](https://translate.woodpecker-ci.org/engage/woodpecker-ci/).
+
+### Add `evaluate` to `when` Filter
+
+Enhance pipeline flexibility with the new "when evaluate" filter, enabling or disabling steps based on custom conditions.
+Customize your workflows to dynamically respond to specific triggers and events.  
+[Read more](/docs/usage/pipeline-syntax#evaluate)
+
+### Global- and Organization-Secrets
+
+Save time and effort by declaring secrets for your entire instance or organization.  
+Simplify your workflow and securely manage sensitive information across projects.
+
+![Image of settings view of org secrets](./org_secrets.png)
+
+## Changelog
+
+The full changelog can be viewed in our project source folder at [CHANGELOG.md](https://github.com/woodpecker-ci/woodpecker/blob/v1.0.0/CHANGELOG.md)

docs/docs/20-usage/20-pipeline-syntax.md

@@ -908,6 +908,6 @@ Woodpecker gives the ability to configure privileged mode in the YAML. You can u
  services:
    docker:
      image: docker:dind
-     command: [ "--storage-driver=vfs", "--tls=false" ]
+     commands: dockerd-entrypoint.sh --storage-driver=vfs --tls=false
 +    privileged: true
 ```

docs/docs/30-administration/11-forges/50-bitbucket.md

@@ -12,33 +12,38 @@ services:
     environment:
       - [...]
 +     - WOODPECKER_BITBUCKET=true
-+     - WOODPECKER_BITBUCKET_CLIENT=95c0282573633eb25e82
-+     - WOODPECKER_BITBUCKET_SECRET=30f5064039e6b359e075
++     - WOODPECKER_BITBUCKET_CLIENT=... # called "Key" in Bitbucket
++     - WOODPECKER_BITBUCKET_SECRET=...
 
   woodpecker-agent:
     [...]
 ```
 
 ## Registration
 
-You must register your application with Bitbucket in order to generate a client and secret. Navigate to your account settings and choose OAuth from the menu, and click Add Consumer.
+You must register an OAuth application at Bitbucket in order to get a key and secret combination for woodpecker. Navigate to your workspace settings and choose `OAuth consumers` from the menu, and finally click `Add Consumer` (the url should be like: `https://bitbucket.org/[your-project-name]/workspace/settings/api`).
 
-Please use the Authorization callback URL:
+Please set a name and set the `Callback URL` like this:
 
 ```nohighlight
-http://woodpecker.mycompany.com/authorize
+https://<your-woodpecker-address>/authorize
 ```
 
+![bitbucket oauth setup](bitbucket_oauth.png)
+
 Please also be sure to check the following permissions:
 
 ```nohighlight
-Account:Email
-Account:Read
-Team Membership:Read
-Repositories:Read
-Webhooks:Read and Write
+Account: Email, Read
+Workspace membership: Read
+Projects: Read
+Repositories: Read
+Pull requests: Read
+Webhooks: Read and Write
 ```
 
+![bitbucket permissions](bitbucket_permissions.png)
+
 ## Configuration
 
 This is a full list of configuration options. Please note that many of these options use default configuration values that should work for the majority of installations.
@@ -51,7 +56,7 @@ Enables the Bitbucket driver.
 ### `WOODPECKER_BITBUCKET_CLIENT`
 > Default: empty
 
-Configures the Bitbucket OAuth client id. This is used to authorize access.
+Configures the Bitbucket OAuth client key. This is used to authorize access.
 
 ### `WOODPECKER_BITBUCKET_CLIENT_FILE`
 > Default: empty

docs/docs/91-migrations.md

@@ -35,6 +35,9 @@ Some versions need some changes to the server configuration or the pipeline conf
   - To find the id of orgs use the `/api/orgs/lookup/{org_full_name}` endpoint.
   - The UI urls for a organization changed from `/org/{owner}/...` to `/orgs/{org-id}/...`. You will be redirected automatically when using the old url.
   - The woodpecker-go api-client is now using the `org-id` instead of `org name` for all functions
+- The `command:` field has been removed from steps. If you were using it, please check if the entrypoint of the image you used is a shell.
+  - If it is a shell, simply rename `command:` to `commands:`.
+  - If it's not, you need to prepend the entrypoint before and also rename it (e.g., `commands: <entrypoint> <cmd>`).
 
 ## 0.15.0
 

docs/versioned_docs/version-1.0/20-usage/20-pipeline-syntax.md

@@ -908,6 +908,6 @@ Woodpecker gives the ability to configure privileged mode in the YAML. You can u
  services:
    docker:
      image: docker:dind
-     command: [ "--storage-driver=vfs", "--tls=false" ]
+     commands: dockerd-entrypoint.sh --storage-driver=vfs --tls=false
 +    privileged: true
 ```

docs/versioned_docs/version-1.0/91-migrations.md

@@ -35,6 +35,9 @@ No breaking changes
   - To find the id of orgs use the `/api/orgs/lookup/{org_full_name}` endpoint.
   - The UI urls for a organization changed from `/org/{owner}/...` to `/orgs/{org-id}/...`. You will be redirected automatically when using the old url.
   - The woodpecker-go api-client is now using the `org-id` instead of `org name` for all functions
+- The `command:` field has been removed from steps. If you were using it, please check if the entrypoint of the image you used is a shell.
+  - If it is a shell, simply rename `command:` to `commands:`.
+  - If it's not, you need to prepend the entrypoint before and also rename it (e.g., `commands: <entrypoint> <cmd>`).
 
 ## 0.15.0
 

server/forge/bitbucket/bitbucket.go

@@ -77,7 +77,7 @@ func (c *config) URL() string {
 // Login authenticates an account with Bitbucket using the oauth2 protocol. The
 // Bitbucket account details are returned when the user is successfully authenticated.
 func (c *config) Login(ctx context.Context, w http.ResponseWriter, req *http.Request) (*model.User, error) {
-	config := c.newConfig(server.Config.Server.Host)
+	config := c.newOAuth2Config()
 
 	// get the OAuth errors
 	if err := req.FormValue("error"); err != "" {
@@ -122,7 +122,7 @@ func (c *config) Auth(ctx context.Context, token, secret string) (string, error)
 // Refresh refreshes the Bitbucket oauth2 access token. If the token is
 // refreshed the user is updated and a true value is returned.
 func (c *config) Refresh(ctx context.Context, user *model.User) (bool, error) {
-	config := c.newConfig("")
+	config := c.newOAuth2Config()
 	source := config.TokenSource(
 		ctx, &oauth2.Token{RefreshToken: user.Secret})
 
@@ -369,15 +369,15 @@ func (c *config) newClientToken(ctx context.Context, token, secret string) *inte
 }
 
 // helper function to return the bitbucket oauth2 config
-func (c *config) newConfig(redirect string) *oauth2.Config {
+func (c *config) newOAuth2Config() *oauth2.Config {
 	return &oauth2.Config{
 		ClientID:     c.Client,
 		ClientSecret: c.Secret,
 		Endpoint: oauth2.Endpoint{
 			AuthURL:  fmt.Sprintf("%s/site/oauth2/authorize", c.url),
 			TokenURL: fmt.Sprintf("%s/site/oauth2/access_token", c.url),
 		},
-		RedirectURL: fmt.Sprintf("%s/authorize", redirect),
+		RedirectURL: fmt.Sprintf("%s/authorize", server.Config.Server.OAuthHost),
 	}
 }
 

server/forge/bitbucket/convert.go

@@ -59,7 +59,7 @@ func convertRepo(from *internal.Repo, perm *internal.RepoPerm) *model.Repo {
 		IsSCMPrivate:  from.IsPrivate,
 		Avatar:        from.Owner.Links.Avatar.Href,
 		SCMKind:       model.SCMKind(from.Scm),
-		Branch:        "main",
+		Branch:        from.Mainbranch.Name,
 		Perm:          convertPerm(perm),
 	}
 	if repo.SCMKind == model.RepoHg {

server/forge/bitbucket/internal/types.go

@@ -99,15 +99,19 @@ type LinkClone struct {
 }
 
 type Repo struct {
-	UUID      string  `json:"uuid"`
-	Owner     Account `json:"owner"`
-	Name      string  `json:"name"`
-	FullName  string  `json:"full_name"`
-	Language  string  `json:"language"`
-	IsPrivate bool    `json:"is_private"`
-	Scm       string  `json:"scm"`
-	Desc      string  `json:"desc"`
-	Links     Links   `json:"links"`
+	UUID       string  `json:"uuid"`
+	Owner      Account `json:"owner"`
+	Name       string  `json:"name"`
+	FullName   string  `json:"full_name"`
+	Language   string  `json:"language"`
+	IsPrivate  bool    `json:"is_private"`
+	Scm        string  `json:"scm"`
+	Desc       string  `json:"desc"`
+	Links      Links   `json:"links"`
+	Mainbranch struct {
+		Type string `json:"type"`
+		Name string `json:"name"`
+	} `json:"mainbranch"`
 }
 
 type RepoResp struct {

server/forge/github/convert.go

@@ -23,8 +23,6 @@ import (
 	"github.com/woodpecker-ci/woodpecker/server/model"
 )
 
-const defaultBranch = "main"
-
 const (
 	statusPending = "pending"
 	statusSuccess = "success"
@@ -97,9 +95,6 @@ func convertRepo(from *github.Repository) *model.Repo {
 		Perm:          convertPerm(from.GetPermissions()),
 		SCMKind:       model.RepoGit,
 	}
-	if len(repo.Branch) == 0 {
-		repo.Branch = defaultBranch
-	}
 	return repo
 }
 
@@ -156,9 +151,6 @@ func convertRepoHook(eventRepo *github.PushEventRepository) *model.Repo {
 		Branch:        eventRepo.GetDefaultBranch(),
 		SCMKind:       model.RepoGit,
 	}
-	if repo.Branch == "" {
-		repo.Branch = defaultBranch
-	}
 	if repo.FullName == "" {
 		repo.FullName = repo.Owner + "/" + repo.Name
 	}

server/forge/github/parse.go

@@ -132,9 +132,6 @@ func parseDeployHook(hook *github.DeploymentEvent) (*model.Repo, *model.Pipeline
 	// if the ref is a sha or short sha we need to manually construct the ref.
 	if strings.HasPrefix(pipeline.Commit, pipeline.Ref) || pipeline.Commit == pipeline.Ref {
 		pipeline.Branch = hook.GetRepo().GetDefaultBranch()
-		if pipeline.Branch == "" {
-			pipeline.Branch = defaultBranch
-		}
 		pipeline.Ref = fmt.Sprintf("refs/heads/%s", pipeline.Branch)
 	}
 	// if the ref is a branch we should make sure it has refs/heads prefix

server/forge/gitlab/convert.go

@@ -53,10 +53,6 @@ func (g *GitLab) convertGitLabRepo(_repo *gitlab.Project) (*model.Repo, error) {
 		},
 	}
 
-	if len(repo.Branch) == 0 { // TODO: do we need that?
-		repo.Branch = "main"
-	}
-
 	if len(repo.Avatar) != 0 && !strings.HasPrefix(repo.Avatar, "http") {
 		repo.Avatar = fmt.Sprintf("%s/%s", g.url, repo.Avatar)
 	}
@@ -101,11 +97,7 @@ func convertMergeRequestHook(hook *gitlab.MergeEvent, req *http.Request) (int, *
 		repo.Clone = target.HTTPURL
 	}
 
-	if target.DefaultBranch != "" {
-		repo.Branch = target.DefaultBranch
-	} else {
-		repo.Branch = "main"
-	}
+	repo.Branch = target.DefaultBranch
 
 	if target.AvatarURL != "" {
 		repo.Avatar = target.AvatarURL