UNPKG

screwdriver-api

Version:

API server for the Screwdriver.cd service

screwdriver.cd

screwdriver-cd/screwdriver

103 lines (91 loc) 4.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
'use strict'; const urlLib = require('url'); const boom = require('@hapi/boom'); const joi = require('joi'); const schema = require('screwdriver-data-schema'); const baseSchema = schema.models.commandTag.base; const VERSION_REGEX = schema.config.regex.VERSION; const exactVersionSchema = schema.models.commandTag.base.extract('version'); const tagSchema = schema.models.commandTag.base.extract('tag'); /* Currently, only build scope is allowed to tag command due to security reasons. * The same pipeline that publishes the command has the permission to tag it. */ module.exports = () => ({ method: 'PUT', path: '/commands/{namespace}/{name}/tags/{tagName}', options: { description: 'Add or update a command tag', notes: 'Add or update a specific command', tags: ['api', 'commands'], auth: { strategies: ['token'], scope: ['build', '!guest'] }, handler: async (request, h) => { const { pipelineFactory, commandFactory, commandTagFactory } = request.server.app; const { pipelineId, isPR } = request.auth.credentials; const { namespace } = request.params; const { name } = request.params; const tag = request.params.tagName; let { version } = request.payload; const isVersion = VERSION_REGEX.exec(version); return Promise.resolve() .then(() => { if (version && isVersion) { return Promise.all([ pipelineFactory.get(pipelineId), commandFactory.get({ namespace, name, version }), commandTagFactory.get({ namespace, name, tag }) ]); } return commandTagFactory.get({ namespace, name, tag: version }).then(targetCommandTag => { version = targetCommandTag.version; return Promise.all([ pipelineFactory.get(pipelineId), commandFactory.get({ namespace, name, version }), commandTagFactory.get({ namespace, name, tag }) ]); }); }) .then(([pipeline, command, commandTag]) => { // If command doesn't exist, throw error if (!command) { throw boom.notFound(`Command ${namespace}/${name}@${version} not found`); } // If command exists, but this build's pipelineId is not the same as command's pipelineId // Then this build does not have permission to tag the command if (pipeline.id !== command.pipelineId || isPR) { throw boom.forbidden('Not allowed to tag this command'); } // If command tag exists, then the only thing it can update is the version if (commandTag) { commandTag.version = version; return commandTag.update().then(newTag => h.response(newTag.toJson()).code(200)); } // If command exists, then create the tag return commandTagFactory.create({ namespace, name, tag, version }).then(newTag => { const location = urlLib.format({ host: request.headers.host, port: request.headers.port, protocol: request.server.info.protocol, pathname: `${request.path}/${newTag.id}` }); return h.response(newTag.toJson()).header('Location', location).code(201); }); }) .catch(err => { throw err; }); }, validate: { params: joi.object({ namespace: baseSchema.extract('namespace'), name: baseSchema.extract('name'), tagName: baseSchema.extract('tag') }), payload: joi.object({ version: joi.alternatives().try(exactVersionSchema, tagSchema) }) } } });