Documentation
¶
Index ¶
- Constants
- func CountWrongRepoLevelSecrets(ctx context.Context) (int64, error)
- func GetSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) (map[string]string, error)
- func UpdateSecret(ctx context.Context, secretID int64, data, description string) error
- func UpdateWrongRepoLevelSecrets(ctx context.Context) (int64, error)
- type ErrSecretNotFound
- type FindSecretsOptions
- type Secret
Constants ¶
const ( SecretDataMaxLength = 65536 SecretDescriptionMaxLength = 4096 )
Variables ¶
This section is empty.
Functions ¶
func CountWrongRepoLevelSecrets ¶
func GetSecretsOfTask ¶
func GetSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) (map[string]string, error)
func UpdateSecret ¶
UpdateSecret changes org or user repo secret. If data is empty, only the description is updated.
Types ¶
type ErrSecretNotFound ¶
type ErrSecretNotFound struct {
Name string
}
ErrSecretNotFound represents a "secret not found" error.
func (ErrSecretNotFound) Error ¶
func (err ErrSecretNotFound) Error() string
func (ErrSecretNotFound) Unwrap ¶
func (err ErrSecretNotFound) Unwrap() error
type FindSecretsOptions ¶
type FindSecretsOptions struct {
db.ListOptions
RepoID int64
OwnerID int64 // it will be ignored if RepoID is set
SecretID int64
Name string
Global bool // if true, search for global secrets (OwnerID=0, RepoID=0)
}
func (FindSecretsOptions) ToConds ¶
func (opts FindSecretsOptions) ToConds() builder.Cond
type Secret ¶
type Secret struct {
ID int64
OwnerID int64 `xorm:"INDEX UNIQUE(owner_repo_name) NOT NULL"`
RepoID int64 `xorm:"INDEX UNIQUE(owner_repo_name) NOT NULL DEFAULT 0"`
Name string `xorm:"UNIQUE(owner_repo_name) NOT NULL"`
Data string `xorm:"LONGTEXT"` // encrypted data
Description string `xorm:"TEXT"`
CreatedUnix timeutil.TimeStamp `xorm:"created NOT NULL"`
}
Secret represents a secret
It can be:
- global/system level secret, OwnerID is 0 and RepoID is 0 (admin only)
- org/user level secret, OwnerID is org/user ID and RepoID is 0
- repo level secret, OwnerID is 0 and RepoID is repo ID
Please note that it's not acceptable to have both OwnerID and RepoID to be non-zero, or it will be complicated to find secrets belonging to a specific owner. For example, conditions like `OwnerID = 1` will also return secret {OwnerID: 1, RepoID: 1}, but it's a repo level secret, not an org/user level secret. To avoid this, make it clear with {OwnerID: 0, RepoID: 1} for repo level secrets.
Global secrets (OwnerID=0, RepoID=0) are available to all workflows and can only be managed by admins.
func InsertEncryptedSecret ¶
func InsertEncryptedSecret(ctx context.Context, ownerID, repoID int64, name, data, description string) (*Secret, error)
InsertEncryptedSecret Creates, encrypts, and validates a new secret with yet unencrypted data and insert into database Note: Global secrets (ownerID=0, repoID=0) are allowed and can only be managed by admins
Source Files
¶
- secret.go