source registry secrets from db

drone/registry_add.go

@@ -17,7 +17,7 @@ var registryCreateCmd = cli.Command{
 		cli.StringFlag{
 			Name:  "hostname",
 			Usage: "registry hostname",
-			Value: "index.docker.io",
+			Value: "docker.io",
 		},
 		cli.StringFlag{
 			Name:  "username",

drone/registry_info.go

@@ -19,7 +19,7 @@ var registryInfoCmd = cli.Command{
 		cli.StringFlag{
 			Name:  "hostname",
 			Usage: "registry hostname",
-			Value: "index.docker.io",
+			Value: "docker.io",
 		},
 		cli.StringFlag{
 			Name:   "format",

drone/registry_rm.go

@@ -14,7 +14,7 @@ var registryDeleteCmd = cli.Command{
 		cli.StringFlag{
 			Name:  "hostname",
 			Usage: "registry hostname",
-			Value: "index.docker.io",
+			Value: "docker.io",
 		},
 	},
 }

drone/registry_set.go

@@ -17,7 +17,7 @@ var registryUpdateCmd = cli.Command{
 		cli.StringFlag{
 			Name:  "hostname",
 			Usage: "registry hostname",
-			Value: "index.docker.io",
+			Value: "docker.io",
 		},
 		cli.StringFlag{
 			Name:  "username",

server/build.go

@@ -201,6 +201,10 @@ func PostApproval(c *gin.Context) {
 	if err != nil {
 		logrus.Debugf("Error getting secrets for %s#%d. %s", repo.FullName, build.Number, err)
 	}
+	regs, err := store.FromContext(c).RegistryList(repo)
+	if err != nil {
+		logrus.Debugf("Error getting registry credentials for %s#%d. %s", repo.FullName, build.Number, err)
+	}
 
 	defer func() {
 		uri := fmt.Sprintf("%s/%s/%d", httputil.GetURL(c.Request), repo.FullName, build.Number)
@@ -216,6 +220,7 @@ func PostApproval(c *gin.Context) {
 		Last:  last,
 		Netrc: netrc,
 		Secs:  secs,
+		Regs:  regs,
 		Link:  httputil.GetURL(c.Request),
 		Yaml:  string(raw),
 	}
@@ -475,6 +480,10 @@ func PostBuild(c *gin.Context) {
 	if err != nil {
 		logrus.Debugf("Error getting secrets for %s#%d. %s", repo.FullName, build.Number, err)
 	}
+	regs, err := store.FromContext(c).RegistryList(repo)
+	if err != nil {
+		logrus.Debugf("Error getting registry credentials for %s#%d. %s", repo.FullName, build.Number, err)
+	}
 
 	b := builder{
 		Repo:  repo,
@@ -482,6 +491,7 @@ func PostBuild(c *gin.Context) {
 		Last:  last,
 		Netrc: netrc,
 		Secs:  secs,
+		Regs:  regs,
 		Link:  httputil.GetURL(c.Request),
 		Yaml:  string(raw),
 	}

server/hook.go

@@ -159,6 +159,11 @@ func PostHook(c *gin.Context) {
 		logrus.Debugf("Error getting secrets for %s#%d. %s", repo.FullName, build.Number, err)
 	}
 
+	regs, err := store.FromContext(c).RegistryList(repo)
+	if err != nil {
+		logrus.Debugf("Error getting registry credentials for %s#%d. %s", repo.FullName, build.Number, err)
+	}
+
 	var mustApprove bool
 	if build.Event == model.EventPull {
 		for _, sec := range secs {
@@ -255,6 +260,7 @@ func PostHook(c *gin.Context) {
 		Last:  last,
 		Netrc: netrc,
 		Secs:  secs,
+		Regs:  regs,
 		Link:  httputil.GetURL(c.Request),
 		Yaml:  string(raw),
 	}
@@ -411,6 +417,7 @@ type builder struct {
 	Last  *model.Build
 	Netrc *model.Netrc
 	Secs  []*model.Secret
+	Regs  []*model.Registry
 	Link  string
 	Yaml  string
 }
@@ -491,6 +498,15 @@ func (b *builder) Build() ([]*buildItem, error) {
 			return nil, err
 		}
 
+		var registries []compiler.Registry
+		for _, reg := range b.Regs {
+			registries = append(registries, compiler.Registry{
+				Username: reg.Username,
+				Password: reg.Password,
+				Email:    reg.Email,
+			})
+		}
+
 		ir := compiler.New(
 			compiler.WithEnviron(environ),
 			// TODO ability to customize the escalated plugins
@@ -504,6 +520,7 @@ func (b *builder) Build() ([]*buildItem, error) {
 				),
 				b.Repo.IsPrivate,
 			),
+			compiler.WithRegistry(registries...),
 			compiler.WithPrefix(
 				fmt.Sprintf(
 					"%d_%d",

vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/compiler.go

@@ -12,17 +12,26 @@ import (
 // TODO(bradrydzewski) compiler should handle user-defined volumes from YAML
 // TODO(bradrydzewski) compiler should handle user-defined networks from YAML
 
+type Registry struct {
+	Hostname string
+	Username string
+	Password string
+	Email    string
+	Token    string
+}
+
 // Compiler compiles the yaml
 type Compiler struct {
-	local     bool
+	local      bool
-	escalated []string
+	escalated  []string
-	prefix    string
+	prefix     string
-	volumes   []string
+	volumes    []string
-	env       map[string]string
+	env        map[string]string
-	base      string
+	base       string
-	path      string
+	path       string
-	metadata  frontend.Metadata
+	metadata   frontend.Metadata
-	aliases   []string
+	registries []Registry
+	aliases    []string
 }
 
 // New creates a new Compiler with options.

vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/convert.go

@@ -88,6 +88,20 @@ func (c *Compiler) createProcess(name string, container *yaml.Container) *backen
 		environment["SHELL"] = "/bin/sh"
 	}
 
+	authConfig := backend.Auth{
+		Username: container.AuthConfig.Username,
+		Password: container.AuthConfig.Password,
+		Email:    container.AuthConfig.Email,
+	}
+	for _, registry := range c.registries {
+		if matchHostname(image, registry.Hostname) {
+			authConfig.Username = registry.Username
+			authConfig.Password = registry.Password
+			authConfig.Email = registry.Email
+			break
+		}
+	}
+
 	return &backend.Step{
 		Name:         name,
 		Alias:        container.Name,
@@ -112,12 +126,8 @@ func (c *Compiler) createProcess(name string, container *yaml.Container) *backen
 		CPUQuota:     int64(container.CPUQuota),
 		CPUShares:    int64(container.CPUShares),
 		CPUSet:       container.CPUSet,
-		AuthConfig: backend.Auth{
+		AuthConfig:   authConfig,
-			Username: container.AuthConfig.Username,
+		OnSuccess:    container.Constraints.Status.Match("success"),
-			Password: container.AuthConfig.Password,
-			Email:    container.AuthConfig.Email,
-		},
-		OnSuccess: container.Constraints.Status.Match("success"),
 		OnFailure: (len(container.Constraints.Status.Include)+
 			len(container.Constraints.Status.Exclude) != 0) &&
 			container.Constraints.Status.Match("failure"),

vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/image.go

@@ -34,3 +34,13 @@ func matchImage(from string, to ...string) bool {
 	}
 	return false
 }
+
+// matchHostname returns true if the image hostname
+// matches the specified hostname.
+func matchHostname(image, hostname string) bool {
+	ref, err := reference.ParseNamed(image)
+	if err != nil {
+		return false
+	}
+	return ref.Hostname() == hostname
+}

vendor/github.com/cncd/pipeline/pipeline/frontend/yaml/compiler/option.go

@@ -31,6 +31,14 @@ func WithVolumes(volumes ...string) Option {
 	}
 }
 
+// WithRegistry configures the compiler with registry credentials
+// that should be used to download images.
+func WithRegistry(registries ...Registry) Option {
+	return func(compiler *Compiler) {
+		compiler.registries = registries
+	}
+}
+
 // WithMetadata configutes the compiler with the repostiory, build
 // and system metadata. The metadata is used to remove steps from
 // the compiled pipeline configuration that should be skipped. The

vendor/github.com/cncd/queue/fifo.go

@@ -92,6 +92,23 @@ func (q *fifo) Error(c context.Context, id string, err error) error {
 	return nil
 }
 
+// Evict removes a pending task from the queue.
+func (q *fifo) Evict(c context.Context, id string) error {
+	q.Lock()
+	defer q.Unlock()
+
+	var next *list.Element
+	for e := q.pending.Front(); e != nil; e = next {
+		next = e.Next()
+		task, ok := e.Value.(*Task)
+		if ok && task.ID == id {
+			q.pending.Remove(e)
+			return nil
+		}
+	}
+	return ErrNotFound
+}
+
 // Wait waits until the item is done executing.
 func (q *fifo) Wait(c context.Context, id string) error {
 	q.Lock()

vendor/github.com/cncd/queue/queue.go

@@ -59,6 +59,9 @@ type Queue interface {
 	// Error signals the task is complete with errors.
 	Error(c context.Context, id string, err error) error
 
+	// Evict removes a pending task from the queue.
+	Evict(c context.Context, id string) error
+
 	// Wait waits until the task is complete.
 	Wait(c context.Context, id string) error
 

vendor/vendor.json

@@ -28,68 +28,68 @@
 		{
 			"checksumSHA1": "W3AuK8ocqHwlUajGmQLFvnRhTZE=",
 			"path": "github.com/cncd/pipeline/pipeline",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "Qu2FreqaMr8Yx2bW9O0cxAGgjr0=",
 			"path": "github.com/cncd/pipeline/pipeline/backend",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "0CGXRaYwZhJxGIrGhn8WGpkFqPo=",
 			"path": "github.com/cncd/pipeline/pipeline/backend/docker",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "/8wE+cVb7T4PQZgpLNu0DHzKGuE=",
 			"path": "github.com/cncd/pipeline/pipeline/frontend",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "O0sulBQAHJeNLg3lO38Cq5uf/eg=",
 			"path": "github.com/cncd/pipeline/pipeline/frontend/yaml",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
-			"checksumSHA1": "ftyr9EJQl9D5OvzOcqGBS6stt0g=",
+			"checksumSHA1": "4gmWpW2MkXgWGSSvSoRFu1YjGbQ=",
 			"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/compiler",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "Q0GkNUFamVYIA1Fd8r0A5M6Gx54=",
 			"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/linter",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "kx2sPUIMozPC/g6E4w48h3FfH3k=",
 			"path": "github.com/cncd/pipeline/pipeline/frontend/yaml/matrix",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "2/3f3oNmxXy5kcrRLCFa24Oc9O4=",
 			"path": "github.com/cncd/pipeline/pipeline/interrupt",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "uOjTfke7Qxosrivgz/nVTHeIP5g=",
 			"path": "github.com/cncd/pipeline/pipeline/multipart",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "TP5lK1T8cOKv5QjZ2nqdlYczSTo=",
 			"path": "github.com/cncd/pipeline/pipeline/rpc",
-			"revision": "4b348532eddd31220de9a179c197d31a78b200f5",
+			"revision": "087d10834b19bbb8d1665152696ca63883610021",
-			"revisionTime": "2017-03-29T08:36:18Z"
+			"revisionTime": "2017-04-06T15:46:03Z"
 		},
 		{
 			"checksumSHA1": "7Qj1DK0ceAXkYztW0l3+L6sn+V8=",
@@ -98,10 +98,10 @@
 			"revisionTime": "2017-03-03T07:06:35Z"
 		},
 		{
-			"checksumSHA1": "AG4M07wOZNTnSFHJIfdXT2ymnts=",
+			"checksumSHA1": "7/jDRi3wCIn5jExBspvFRzRQsGE=",
 			"path": "github.com/cncd/queue",
-			"revision": "1ce1ada7160f1eda015a16c1b7f9ea497fa36873",
+			"revision": "63b1974bbcc9b4b251ed18f88edc3a643eb64ff7",
-			"revisionTime": "2017-03-03T07:04:55Z"
+			"revisionTime": "2017-04-06T02:25:48Z"
 		},
 		{
 			"origin": "github.com/stretchr/testify/vendor/github.com/davecgh/go-spew/spew",