Skip to content

Releases: woodpecker-ci/woodpecker

2.7.3

05 Nov 23:53
b996e99
Compare
Choose a tag to compare

Changelog

2.7.3 - 2024-11-05

Important

To secure your instance, set WOODPECKER_PLUGINS_PRIVILEGED to only allow specific versions of the woodpeckerci/plugin-docker-buildx plugin, use version 5.0.0 or above. This prevents older, potentially unstable versions from being privileged.

For example, to allow only version 5.0.0, use:

WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx:5.0.0

To allow multiple versions, you can separate them with commas:

WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx:5.0.0,woodpeckerci/plugin-docker-buildx:5.1.0

This setup ensures only specified, stable plugin versions are given privileged access.

Read more about it in #4213

❤️ Thanks to all contributors! ❤️

@anbraten

🐛 Bug Fixes

  • Upgrade vue-i18n [#4298]

Misc

  • Bump release plugin [#4311]
  • Use release-helper for release/* branches [#4300]

2.7.2

03 Nov 12:16
ba382a0
Compare
Choose a tag to compare

Changelog

2.7.2 - 2024-11-03

Important

To secure your instance, set WOODPECKER_PLUGINS_PRIVILEGED to only allow specific versions of the woodpeckerci/plugin-docker-buildx plugin, use version 5.0.0 or above. This prevents older, potentially unstable versions from being privileged.

For example, to allow only version 5.0.0, use:

WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx:5.0.0

To allow multiple versions, you can separate them with commas:

WOODPECKER_PLUGINS_PRIVILEGED=woodpeckerci/plugin-docker-buildx:5.0.0,woodpeckerci/plugin-docker-buildx:5.1.0

This setup ensures only specified, stable plugin versions are given privileged access.

Read more about it in #4213

❤️ Thanks to all contributors! ❤️

@6543, @anbraten, @j04n-f, @pat-s, @qwerty287

🔒 Security

  • Chore(deps): update dependency vite to v5.4.6 [security] (#4163) [#4187]

🐛 Bug Fixes

  • Don't parse forge config files multiple times if no error occured (#4272) [#4273]
  • Fix repo/owner parsing for gitlab (#4255) [#4261]
  • Run queue.process() in background [#4115]
  • Only update agent.LastWork if not done recently (#4031) [#4100]

Misc

  • Backport JS dependency updates [#4189]

2.7.1

07 Sep 08:51
324ab4a
Compare
Choose a tag to compare

2.7.1 - 2024-09-07

❤️ Thanks to all contributors! ❤️

@6543, @anbraten, @j04n-f, @qwerty287, @dvjn

🔒 Security

  • Lint privileged plugin match and allow to be set empty [#4084]
  • Allow admins to specify privileged plugins by name and tag [#4076]
  • Warn if using secrets/env with plugin [#4039]

🐛 Bug Fixes

  • Set refspec for gitlab MR [#4021]
  • Change Bitbucket PR hook to point the source branch, commit & ref [#3965]
  • Add updated, merged and declined events to bb webhook activation [#3963]
  • Fix login via navbar [#3962]
  • Fix panic if forge is unreachable [#3944]
  • Fix org settings page [#4093]

Misc

  • Bump github.com/docker/docker from v24.0.9 to v24.0.9+30 [#4077]

2.7.0

18 Jul 21:51
805c315
Compare
Choose a tag to compare

2.7.0 - 2024-07-18

❤️ Thanks to all contributors! ❤️

@6543, @anbraten, @dvjn, @hhamalai, @lafriks, @pat-s, @qwerty287, @smainz, @tongjicoder, @zc-devs

❤️ Special thanks the security researchers and those who fixed them ❤️

  • Daniel Kilimnik @D_K_Dev (Neodyme AG) reporting the bugs and orchestrating the communication
  • Felipe Custodio Romero @localo (Neodyme AG) finding the bugs
  • @6543 fixing the bugs and orchestrating the communication

🔒 Security

  • Add blocklist of environment variables who could alter execution of plugins [#3934]
  • Make sure plugins only mount the workspace base in a predefinde location [#3933]
  • Disallow to set arbitrary environments for plugins [#3909]
  • Use proper oauth state [#3847]
  • Enhance token checking [#3842]
  • Bump github.com/hashicorp/go-retryablehttp v0.7.5 -> v0.7.7 [#3834]

✨ Features

  • Gracefully shutdown server [#3896]
  • Gracefully shutdown agent [#3895]
  • Convert urls in logs to links [#3904]
  • Allow login using multiple forges [#3822]
  • Global and organization registries [#1672]
  • Cli get repo from git remote [#3830]
  • Add api for forges [#3733]

📈 Enhancement

  • Cli fix pipeline logs [#3913]
  • Migrate to github.com/urfave/cli/v3 [#2951]
  • Allow to change the working directory also for plugins and services [#3914]
  • Remove unplugin-icons [#3809]
  • Release windows binaries as zip file [#3906]
  • Convert to openapi 3.0 [#3897]
  • Add user registries UI [#3888]
  • Sort users by login [#3891]
  • Exclude dummy backend in production [#3877]
  • Fix deploy task env [#3878]
  • Get default branch and show message in pipeline list [#3867]
  • Add timestamp for last work done by agent [#3844]
  • Adjust logger types [#3859]
  • Cleanup state reporting [#3850]
  • Unify DB tables/columns [#3806]
  • Let webhook pass on pipeline parsing error [#3829]
  • Exclude mocks from release build [#3831]
  • K8s secrets reference from step [#3655]

🐛 Bug Fixes

  • Handle empty repositories in gitea when listing PRs [#3925]
  • Update alpine package dep for docker images [#3917]
  • Don't report error if agent was terminated gracefully [#3894]
  • Let agents continuously report their health [#3893]
  • Ignore warnings for cli exec [#3868]
  • Correct favicon states [#3832]
  • Cleanup of the login flow and tests [#3810]
  • Fix newlines in logs [#3808]
  • Fix authentication error handling [#3807]

📚 Documentation

  • Streamline docs for new users [#3803]
  • Add mastodon verification [#3843]
  • chore(deps): update docs npm deps non-major [#3837]
  • fix(deps): update docs npm deps non-major [#3824]
  • Add openSUSE package [#3800]
  • chore(deps): update docs npm deps non-major [#3798]
  • Add "Docker Tags" Plugin [#3796]
  • chore(deps): update dependency marked to v13 [#3792]
  • chore: fix some comments [#3788]

Misc

  • chore(deps): update web npm deps non-major [#3930]
  • chore(deps): update dependency vitest to v2 [#3905]
  • fix(deps): update module github.com/google/go-github/v62 to v63 [#3910]
  • chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v4.1.0 [#3908]
  • Update plugin-git and add renovate trigger [#3901]
  • chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.0.3 [#3903]
  • fix(deps): update golang-packages [#3875]
  • chore(deps): lock file maintenance [#3876]
  • [pre-commit.ci] pre-commit autoupdate [#3862]
  • Add dummy backend [#3820]
  • chore(deps): update dependency replace-in-file to v8 [#3852]
  • Update forgejo sdk [#3840]
  • chore(deps): lock file maintenance [#3838]
  • Allow to set dist dir using env var [#3814]
  • chore(deps): lock file maintenance [#3805]
  • chore(deps): update docker.io/lycheeverse/lychee docker tag to v0.15.1 [#3797]

2.6.1

18 Jul 23:14
Compare
Choose a tag to compare

2.6.1 - 2024-07-19

🔒 Security

  • Add blocklist of environment variables who could alter execution of plugins [#3934]
  • Make sure plugins only mount the workspace base in a predefinde location [#3933]
  • Disalow to set arbitrary environments for plugins [#3909]
  • Bump trivy plugin version and remove unused variable [#3833]

🐛 Bug Fixes

  • Let webhook pass on pipeline parsion error [#3829]
  • Fix newlines in logs [#3808]

2.6.0

13 Jun 17:44
54b7dd1
Compare
Choose a tag to compare

2.6.0 - 2024-06-13

❤️ Thanks to all contributors! ❤️

@6543, @anbraten, @jcgl17, @pat-s, @qwerty287, @s00500, @wez, @zc-devs

🔒 Security

  • Bump trivy plugin version and remove unused variable [#3759]

✨ Features

  • Allow to store logs in files [#3568]
  • Native forgejo support [#3684]

🐛 Bug Fixes

  • Add release event to webhooks [#3784]
  • Respect cli argument when checking docker backend availability [#3770]
  • Fix repo creation [#3756]
  • Fix config loading of cli [#3764]
  • Fix missing WOODPECKER_BITBUCKET_DC_URL [#3761]
  • Correct repo repair success message in cli [#3757]

📈 Enhancement

  • Improve step logging [#3722]
  • chore(deps): update dependency eslint to v9 [#3594]
  • Show workflow names if there are multiple configs [#3767]
  • Use http constants [#3766]
  • Spellcheck "server/*" [#3753]
  • Agent-wide node selector [#3608]

📚 Documentation

  • Remove misleading crontab guru suggestion from docs [#3781]
  • Add documentation for KUBERNETES_SERVICE_HOST in Agent [#3747]
  • Remove web.archive.org workaround in docs [#3771]
  • Serve plugin icons locally [#3768]
  • Docs: update local backend page [#3765]
  • Remove old docs versions [#3743]
  • Merge release plugins [#3752]
  • Split FAQ [#3746]

Misc

  • Update nix flake [#3780]
  • chore(deps): lock file maintenance [#3783]
  • chore(deps): update pre-commit hook golangci/golangci-lint to v1.59.1 [#3782]
  • fix(deps): update codeberg.org/mvdkleijn/forgejo-sdk/forgejo digest to 168c988 [#3776]
  • chore(deps): lock file maintenance [#3750]
  • chore(deps): update gitea/gitea docker tag to v1.22 [#3749]
  • Fix setting name [#3744]

2.5.0

01 Jun 06:42
c30a575
Compare
Choose a tag to compare

2.5.0 - 2024-06-01

❤️ Thanks to all contributors! ❤️

@6543, @Andre601, @Elara6331, @OCram85, @anbraten, @aumetra, @da-Kai, @dominic-p, @dvjn, @eliasscosta, @fernandrone, @linghuying, @manuelluis, @nemunaire, @pat-s, @qwerty287, @sinlov, @stevapple, @xoxys, @zc-devs

🔒 Security

  • bump golang.org/x/net to v0.24.0 [#3628]

✨ Features

  • Add DeletePipeline API [#3506]
  • CLI: remove step logs [#3458]
  • Step logs removing API and Button [#3451]

📚 Documentation

  • Create 2.5 docs [#3732]
  • Fix spelling in README [#3741]
  • chore: fix some comments [#3740]
  • Add "Is It Up Yet?" Plugin [#3731]
  • Remove discord as official community channel [#3717]
  • Add Gitea Package plugin [#3707]
  • Add documentation for setting Kubernetes labels and annotations [#3687]
  • Remove broken link to gobook.io [#3694]
  • docs: add Gitea publisher-golang plugin [#3691]
  • Add Ansible+Woodpecker blog post [#3685]
  • Clarify info on failing workflows/Steps [#3679]
  • Add discord plugin [#3662]
  • chore(deps): update dependency trim to v1 [#3658]
  • chore(deps): update dependency got to v14 [#3657]
  • Fail on broken anchors [#3644]
  • Fix step syntax in docs [#3635]
  • chore(deps): update docs npm deps non-major [#3632]
  • Add Twine plugin [#3619]
  • Fix docs [#3615]
  • Document how to enable parallel step exec for all steps [#3605]
  • Update dependency @types/marked to v6 [#3544]
  • Update docs npm deps non-major [#3485]
  • Docs updates and fixes [#3535]

🐛 Bug Fixes

  • Fix privileged steps in kubernetes [#3711]
  • Check for error in repo middleware [#3688]
  • Fix parent pipeline number env on restarts [#3683]
  • Fix bitbucket dir fetching [#3668]
  • Sanitize tag ref for gitea/forgejo [#3664]
  • Fix secret loading [#3620]
  • fix cli config loading and correct comment [#3618]
  • Handle ImagePullBackOff pod status [#3580]
  • Apply skip ci filter only on push events [#3612]
  • agent: Continue to retry indefinitely [#3599]
  • Fix cli version comparison and improve setup [#3518]
  • Fix flag name [#3534]

📈 Enhancement

  • Use IDs for tokens [#3695]
  • Lint go code with cspell [#3706]
  • Replace duplicated strings [#3710]
  • Cleanup server env settings [#3670]
  • Setting for empty commits on path condition [#3708]
  • Lint file names and directories via cSpell too [#3703]
  • Make retry count of config fetching form forge configure [#3699]
  • Ability to set pod annotations and labels from step [#3609]
  • Support github deploy task [#3512]
  • Rework entrypoints [#3269]
  • Add cli output handlers [#3660]
  • Cleanup api docs and ts api-client options [#3663]
  • Split client into multiple files and add more tests [#3647]
  • Add filter options to GetPipelines API [#3645]
  • Deprecate environment filter and improve errors [#3634]
  • Add task details to queue info in woodpecker-go [#3636]
  • Use forge from db [#1417]
  • Remove review button from approval view [#3617]
  • Rework addons (use rpc) [#3268]
  • Allow to disable deployments [#3570]
  • Add flag to only access public repositories on GitHub [#3566]
  • Add runtimeClassName in Kubernetes backend options [#3474]
  • Remove unused cache properties [#3567]
  • Allow separate gitea oauth URL [#3513]
  • Add option to set the local repository path to the cli command exec. [#3524]

Misc

  • chore(deps): update pre-commit non-major [#3736]
  • chore(deps): update docker.io/alpine docker tag to v3.20 [#3735]
  • fix(deps): update module github.com/google/go-github/v61 to v62 [#3730]
  • chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v4 [#3729]
  • chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3 [#3728]
  • chore(deps): update woodpeckerci/plugin-ready-release-go docker tag to v1.1.2 [#3724]
  • fix(deps): update golang-packages [#3713]
  • chore(deps): update postgres docker tag to v16.3 [#3719]
  • chore(deps): update docker.io/appleboy/drone-discord docker tag to v1.3.2 [#3718]
  • Added steps to reproduce and expected behavior in bug_report.yaml [#3714]
  • flake: add flake-utils import and use eachDefaultSystem [#3704]
  • Add nix flake for dev shell [#3702]
  • Skip golangci in pre-commit.ci [#3692]
  • chore(deps): update woodpeckerci/plugin-github-release docker tag to v1.2.0 [#3690]
  • Switch back to upstream xgo image [#3682]
  • Allow running tests on arm64 runners [#2605]
  • chore(deps): update node.js to v22 [#3659]
  • chore(deps): lock file maintenance [#3656]
  • Add make target for spellcheck [#3648]
  • chore(deps): update woodpeckerci/plugin-ready-release-go docker tag to v1.1.1 [#3641]
  • chore(deps): update web npm deps non-major [#3640]
  • chore(deps): update web npm deps non-major [#3631]
  • Use our github-release plugin [#3624]
  • chore(deps): lock file maintenance [#3622]
  • Fix spellcheck and enable more dirs [#3603]
  • Update docker.io/golang Docker tag to v1.22.2 [#3596]
  • Update pre...
Read more

2.4.1

20 Mar 20:53
5a2a4bd
Compare
Choose a tag to compare

2.4.1 - 2024-03-20

❤️ Thanks to all contributors! ❤️

@manuelluis, @qwerty287, @xoxys

🔒 Security

  • Only allow to deploy from push, tag and release [#3522]

🐛 Bug Fixes

  • Exclude setup from cli command exec. [#3523]
  • Fix uppercased env [#3516]
  • Fix env schema [#3514]

Misc

  • Temp pin golangci version in makefile [#3520]

2.4.0

19 Mar 11:42
21d6ea2
Compare
Choose a tag to compare

2.4.0 - 2024-03-19

❤️ Thanks to all contributors! ❤️

@6543, @Ray-D-Song, @anbraten, @eliasscosta, @fernandrone, @kjuulh, @kytta, @langecode, @lukashass, @qwerty287, @rockdrilla, @sinlov, @smainz, @xoxys, @zc-devs, @zowhoey

🔒 Security

  • Improve security context handling [#3482]
  • fix(deps): update module github.com/moby/moby to v24.0.9+incompatible [#3323]

✨ Features

  • Cli setup command [#3384]
  • Add bitbucket datacenter (server) support [#2503]
  • Cli updater [#3382]

📚 Documentation

  • Delete docs for v0.15.x [#3508]
  • Add deployment plugin [#3495]
  • Bump follow-redirects and fix broken anchors [#3488]
  • fix: plugin doc page not found [#3480]
  • Documentation improvements [#3376]
  • fix(deps): update docs npm deps non-major [#3455]
  • Add "Sonatype Nexus" plugin [#3446]
  • Add blog post [#3439]
  • Add "Gradle Wrapper Validation" plugin [#3435]
  • Add blog post [#3410]
  • Extend core ideas documentation [#3405]
  • docs: fix contributions link [#3363]
  • Update/fix some docs [#3359]
  • chore(deps): update dependency marked to v12 [#3325]

🐛 Bug Fixes

  • Fix skip setup for some general cli commands [#3498]
  • Move generic agent flags to cmd/agent/core [#3484]
  • Fix usage of WOODPECKER_DATABASE_DATASOURCE_FILE [#3404]
  • Set pull-request id and labels on pr-closed event [#3442]
  • Update org name on login [#3409]
  • Do not alter secret key upper-/lowercase [#3375]
  • fix: can't run multiple services on k8s [#3395]
  • Fix agent polling [#3378]
  • Remove empty strings from slice before parsing agent config [#3387]
  • Set correct link for commit [#3368]
  • Fix schema links [#3369]
  • Fix correctly handle gitlab pr closed events [#3362]
  • fix: update schema event_enum to remove error warning when.event [#3357]
  • Fix version check on next [#3340]
  • Ignore gitlab merge request events without code changes [#3338]
  • Ignore gitlab push events without commits [#3339]
  • Consider gitlab inherited permissions [#3308]
  • fix: agent panic when node is terminated during step execution [#3331]

📈 Enhancement

  • Enable golangci linter gomnd [#3171]
  • Apply "grpcnotrace" go build tag [#3448]
  • Simplify store interfaces [#3437]
  • Deprecate alternative names on secrets [#3406]
  • Store workflows/steps for blocked pipeline [#2757]
  • Parse email from Gitea webhook [#3420]
  • Replace http types on forge interface [#3374]
  • Prevent agent deletion when it's still running tasks [#3377]
  • Refactor internal services [#915]
  • Lint for event filter and deprecate exclude [#3222]
  • Allow editing all environment variables in pipeline popups [#3314]
  • Parse backend options in backend [#3227]
  • Make agent usable for external backends [#3270]
  • Add no branches text [#3312]
  • Add loading spinner to repo list [#3310]

Misc

  • Post on mastodon when releasing a new version [#3509]
  • chore(deps): update dependency alpine_3_18/ca-certificates to v20240226 [#3501]
  • fix(deps): update module github.com/google/go-github/v59 to v60 [#3493]
  • fix(deps): update dependency @intlify/unplugin-vue-i18n to v3 [#3492]
  • chore(deps): update dependency vue-tsc to v2 [#3491]
  • chore(deps): update dependency eslint-config-airbnb-typescript to v18 [#3490]
  • chore(deps): update web npm deps non-major [#3489]
  • fix(deps): update golang (packages) [#3486]
  • fix(deps): update module google.golang.org/protobuf to v1.33.0 [security] [#3487]
  • chore(deps): update docker.io/techknowlogick/xgo docker tag to go-1.22.1 [#3476]
  • chore(deps): update docker.io/golang docker tag to v1.22.1 [#3475]
  • Update prettier version [#3471]
  • chore(deps): update woodpeckerci/plugin-ready-release-go docker tag to v1.1.0 [#3464]
  • chore(deps): lock file maintenance [#3465]
  • chore(deps): update postgres docker tag to v16.2 [#3461]
  • chore(deps): update lycheeverse/lychee docker tag to v0.14.3 [#3429]
  • fix(deps): update golang (packages) [#3430]
  • More when filters [#3407]
  • Apply documentation/ui label to corresponding renovate updates [#3400]
  • chore(deps): update dependency eslint-plugin-simple-import-sort to v12 [#3396]
  • chore(deps): update typescript-eslint monorepo to v7 (major) [#3397]
  • fix(deps): update module github.com/google/go-github/v58 to v59 [#3398]
  • chore(deps): update docker.io/techknowlogick/xgo docker tag to go-1.22.0 [#3392]
  • chore(deps): update docker.io/golang docker tag [#3391]
  • fix(deps): update golang (packages) [#3393]
  • chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v3.1.0 [#3394]
  • Add link checking [#3371]
  • Apply dependencies label to all PRs [#3358]
  • chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v3.0.1 [#3324]

2.3.0

31 Jan 16:45
ee56a6a
Compare
Choose a tag to compare

2.3.0 - 2024-01-31

❤️ Thanks to all contributors! ❤️

@anbraten, @HerHde, @qwerty287, @pat-s, @renovate[bot], @lukashass, @zc-devs, @Alonsohhl, @healdropper, @eliasscosta, @runephilosof-karnovgroup

✨ Features

  • Add release event [#3226]

📚 Documentation

  • Add release types [#3303]
  • Add opencollective footer [#3281]
  • Use array syntax in docs [#3242]

🐛 Bug Fixes

  • Fix Gitpod: Gitea auth token creation [#3299]
  • Fix agent updating [#3287]
  • Sanitize pod's step label [#3275]
  • Pipeline errors must be an array [#3276]
  • fix bitbucket SSO using UUID from bitbucket api response as ForgeRemoteID [#3265]
  • fix: bug pod service without label service [#3256]
  • Fix disabling PRs [#3258]
  • fix: bug annotations [#3255]

📈 Enhancement

  • Update theme on system color mode change [#3296]
  • Improve secrets availability checks [#3271]
  • Load more pipeline log lines (500 => 5000) [#3212]
  • Clean up models [#3228]

Misc

  • chore(deps): update docker.io/techknowlogick/xgo docker tag to go-1.21.6 [#3294]
  • fix(deps): update docs npm deps non-major [#3295]
  • Remove deprecated group from config [#3289]
  • Add spellcheck config [#3018]
  • fix(deps): update golang (packages) [#3284]
  • chore(deps): lock file maintenance [#3274]
  • chore(deps): update web npm deps non-major [#3273]
  • Pin prettier version [#3260]
  • Fix prettier [#3259]
  • Update UI building in Makefile [#3250]