def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.BUMP_MAJOR.value, default=None, doc= 'Increments the major version of the next development cycle', type=str, ), AttributeSpec.optional( name=cls.BUMP_MINOR.value, default=None, doc= 'Increments the minor version of the next development cycle', type=str, ), AttributeSpec.optional( name=cls.BUMP_PATCH.value, default=None, doc= 'Increments the patch version of the next development cycle', type=str, ), AttributeSpec.optional( name=cls.NOOP.value, default=None, doc='No change to the next development cycle version done', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.UPLOAD_IF_CHANGED.value, default=None, doc=''' upload the container images. This will :strong:`not` upload the images if they are already present. This will :strong:`not` cause images already present to be rescanned. ''', type=str, ), AttributeSpec.optional( name=cls.RESCAN.value, default=None, doc=''' trigger a scan of container images. Images will be uploaded unless they are already present. ''', type=str, ), AttributeSpec.optional( name=cls.FORCE_UPLOAD.value, default=None, doc=''' :strong:`always` upload the images. This will cause all images to be rescanned. ''', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.TAG_AND_PUSH_TO_BRANCH.value, doc='publish release tag to branch', default=None, ), AttributeSpec.optional( name=cls.TAG_ONLY.value, doc='publish release tag to dead-end', default=None, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.DEFAULT.value, default=None, doc='Create release notes and add them to the GitHub release.', type=str, ), AttributeSpec.optional( name=cls.DISABLED.value, default=None, doc='Do not create release notes.', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.NOT_EMPTY.value, default=None, doc=( 'Every given attribute (e.g.: "version") must also be given a ' 'non-empty value' ), type=str, ), AttributeSpec.optional( name=cls.FORBID_EXTRA_ATTRIBUTES.value, default=None, doc='**only** required attributes are allowed', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name='include_image_references', default=(), doc=''' a list of regular expressions. If configured, only matching image references are processed. By default, all image references are considered. ''', ), AttributeSpec.optional( name='exclude_image_references', default=(), doc=''' a list of regular expressions. If configured, matching image references are exempted from processing. Has precedence over include_image_references. By default, no image references are excluded. ''', ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.RESCAN.value, default=None, doc=''' (re-)scan container images if Protecode indicates this might bear new results. Upload absent images. ''', type=str, ), AttributeSpec.optional( name=cls.FORCE_UPLOAD.value, default=None, doc=''' `always` upload and scan all images. ''', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.ONLY_FIRST.value, default=True, doc='notify on first error only', type=str, ), AttributeSpec.optional( name=cls.ALWAYS.value, default=False, doc='notify on every error', type=str, ), AttributeSpec.optional( name=cls.NEVER.value, default=False, doc='notify never in case of errors', type=str, ), )
def _attribute_specs(cls): return ( AttributeSpec.optional( name=cls.COMMITTERS.value, default=None, doc='notify committers of the last commit', type=str, ), AttributeSpec.optional( name=cls.EMAIL_ADDRESSES.value, default=None, doc=''' notifiy specific email addresses Example: .. code-block:: yaml recipients: - email_addresses: - [email protected] - [email protected] ''', type=str, ), AttributeSpec.optional( name=cls.COMPONENT_DIFF_OWNERS.value, default=None, doc= 'notify the codeowners of a component. CODEOWNERS file must exist', type=str, ), AttributeSpec.optional( name=cls.CODEOWNERS.value, default=None, doc= 'notify the codeowners of the repository. CODEOWNERS file must exist', type=str, ), )
), AttributeSpec.optional( name=cls.CODEOWNERS.value, default=None, doc= 'notify the codeowners of the repository. CODEOWNERS file must exist', type=str, ), ) NOTIFICATION_CFG_ATTRS = ( AttributeSpec.optional( name='triggering_policy', default=NotificationTriggeringPolicy.ONLY_FIRST.value, doc= 'when to issue the configured notifications. Possible values see below', type=NotificationTriggeringPolicy, ), AttributeSpec.optional( name='email', default=True, doc='whether to send email notifications', type=bool, ), AttributeSpec.optional( name='inputs', default=['on_error_dir'], doc='configures the inputs that are made available to the notification', type=typing.List[str], ),
# XXX validate ref schema ref = self.raw['tgt_ref'] if ':' in ref: return ref # cp tag from src_ref _, tag = self.src_ref().rsplit(':', 1) return f'{ref}:{tag}' def rm_paths_file(self): return self.raw['remove_paths_file'] ATTRIBUTES = ( AttributeSpec.optional( name='parallel_jobs', default=12, doc='amount of parallel scanning threads', type=int, ), AttributeSpec.required( name='cfgs', doc='ImageAlterCfgs {name: ImageAlterCfg}', type=typing.Dict[str, ImageAlterCfg], ), ) class ImageAlterTrait(Trait): @classmethod def _attribute_specs(cls): return ATTRIBUTES
def exclude_image_names(self): return self.raw['exclude_image_names'] def include_component_names(self): return self.raw['include_component_names'] def exclude_component_names(self): return self.raw['exclude_component_names'] class ImageFilterMixin(ModelBase): def filters(self): return FilterCfg(raw_dict=self.raw['filters']) IMAGE_ATTRS = ( AttributeSpec.optional( name='filters', default={ 'include_image_references': (), 'exclude_image_references': (), 'include_image_names': (), 'exclude_image_names': (), 'include_component_names': (), 'exclude_component_names': (), }, doc='optional filters to restrict container images to process', type=FilterCfg, ), )
class MergePolicy(enum.Enum): MANUAL = 'manual' AUTO_MERGE = 'auto_merge' class UpstreamUpdatePolicy(enum.Enum): STRICTLY_FOLLOW = 'strictly_follow' ACCEPT_HOTFIXES = 'accept_hotfixes' MERGE_POLICY_CONFIG_ATTRIBUTES = ( AttributeSpec.optional( name='component_names', default=[], type=typing.List[str], doc= ('a sequence of regular expressions. This merge policy will be applied to matching ' 'component names. Matches all component names by default')), AttributeSpec.optional( name='merge_mode', default='manual', type=MergePolicy, doc='whether or not created PRs should be automatically merged', ), ) class MergePolicyConfig(ModelBase): @classmethod def _attribute_specs(cls):
# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from concourse.model.job import JobVariant from concourse.model.base import Trait, TraitTransformer, AttributeSpec ATTRIBUTES = ( AttributeSpec.optional( name='interval', default='5m', doc=''' go-style time interval between job executions. Supported suffixes are: `s`, `m`, `h` ''', ), ) class CronTrait(Trait): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) @classmethod def _attribute_specs(cls): return ATTRIBUTES def interval(self):
) from concourse.model.base import ( AttributeSpec, Trait, TraitTransformer, ModelValidationError, ScriptType, ) COMPONENT_DESCRIPTOR_DIR_INPUT = ('component_descriptor_dir', 'component_descriptor_dir') ATTRIBUTES = ( AttributeSpec.optional( name='step', default={'name': 'component_descriptor'}, doc='The build step name injected by this trait', type=dict, ), AttributeSpec.optional( name='resolve_dependencies', default=True, doc= 'Indicates whether or not unresolved component dependencies should be resolved', type=bool, ), AttributeSpec.optional( name='component_name', default=None, # actually, it is determined at runtime doc= 'Manually overwrites the component name (which defaults to github repository path)', ),
) from concourse.model.base import ( AttributeSpec, ModelValidationError, ScriptType, Trait, TraitTransformer, ) from concourse.model.job import ( JobVariant, ) ATTRIBUTES = ( AttributeSpec.optional( name='preprocess', default='finalize', doc='version processing operation to set effective version', ), ) class DraftReleaseTrait(Trait): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) def transformer(self): return DraftReleaseTraitTransformer() @classmethod def _attribute_specs(cls): return ATTRIBUTES
return False if qualifier is not None and id.qualifier() != qualifier: return False return True return filter(filter_expr, self.resources_dict.values()) def resource(self, resource_identifier): return self[resource_identifier] REPO_ATTRS = ( AttributeSpec.optional( name='name', default='source', doc=''' the logical repository name. affects environment variable names and is used to reference from traits. ''', ), AttributeSpec.optional( name='cfg_name', default=None, doc=''' the github_cfg to use for authentication. Defaults to concourse-specific default ''', ), AttributeSpec.optional( name='force_push', default=False, doc='whether or not force-pushes ought to be done', type=bool,
By default, no image references are excluded. ''', ), ) def include_image_references(self): return self.raw['include_image_references'] def exclude_image_references(self): return self.raw['exclude_image_references'] ATTRIBUTES = ( AttributeSpec.optional( name='parallel_jobs', default=12, doc='amount of parallel scanning threads', type=int, ), AttributeSpec.optional( name='cve_threshold', default=7, doc='CVE threshold to interpret as an error', type=int, ), AttributeSpec.optional( name='filters', default={ 'include_image_references': (), 'exclude_image_references': () }, doc='optional filters to restrict container images to process',
Trait, TraitTransformer, ScriptType, ) import concourse.model.traits.component_descriptor from .images import ( IMAGE_ATTRS, ImageFilterMixin, ) ATTRIBUTES = ( *IMAGE_ATTRS, AttributeSpec.optional( name='parallel_jobs', default=4, doc='how many uploads to process in parallel', type=int, ), AttributeSpec.required(name='upload_registry_prefix', doc=''' all matching container images are uploaded as copies to the specified container registry. The original image reference names are mangled. '''), ) class ImageUploadTrait(Trait, ImageFilterMixin): @classmethod def _attribute_specs(cls): return ATTRIBUTES
from concourse.model.step import ( PipelineStep, StepNotificationPolicy, ) from concourse.model.base import ( AttributeSpec, Trait, TraitTransformer, ModelBase, ScriptType, ) POLICIES_ATTRIBS = ( AttributeSpec.optional( name='require-label', default='reviewed/ok-to-test', doc='the label required for PR build to start', ), AttributeSpec.optional( name='replacement-label', default='needs/ok-to-test', doc='the label set after require-label was removed by PR build', ), ) class PullRequestPolicies(ModelBase): @classmethod def _attribute_specs(cls): return POLICIES_ATTRIBS
class ReleaseCommitPublishingPolicy(EnumWithDocumentation): TAG_AND_PUSH_TO_BRANCH = EnumValueWithDocumentation( value='push_to_branch', doc='publish release tag to branch', ) TAG_ONLY = EnumValueWithDocumentation( value='tag_only', doc='publish release tag to dead-end', ) ATTRIBUTES = (AttributeSpec.optional( name='nextversion', default=NextVersion.BUMP_MINOR.value, doc='specifies how the next development version is to be calculated', type=NextVersion, ), AttributeSpec.optional( name='release_callback', default=None, doc=''' an optional callback that is called during release commit creation. The callback is passed the absolute path to the main repository's work tree via environment variable `REPO_DIR`. Any changes left inside the worktree are added to the resulting release commit. ''', ), AttributeSpec.optional( name='release_callback_image_reference', default=None, doc='''
ModelBase, ScriptType, ) from model.base import ModelValidationError from product.scanning import ProcessingMode from .component_descriptor import COMPONENT_DESCRIPTOR_DIR_INPUT from .images import ( IMAGE_ATTRS, ImageFilterMixin, ) PROTECODE_ATTRS = ( AttributeSpec.optional( name='parallel_jobs', default=12, doc='amount of parallel scanning threads', type=int, ), AttributeSpec.optional( name='cve_threshold', default=7, doc='CVE threshold to interpret as an error', type=int, ), AttributeSpec.optional( name='processing_mode', default='upload_if_changed', doc='Protecode processing mode', type=ProcessingMode, ), AttributeSpec.optional(
# limitations under the License. from concourse.model.job import ( JobVariant, ) from concourse.model.base import ( AttributeSpec, Trait, TraitTransformer, ) ATTRIBUTES = ( AttributeSpec.optional( name='suppress_parallel_execution', default=None, doc='whether parallel executions of the same job should be prevented', type=bool, ), ) class SchedulingTrait(Trait): @classmethod def _attribute_specs(cls): return ATTRIBUTES # XXX: merge this with cron-trait def transformer(self): return SchedulingTraitTransformer() def suppress_parallel_execution(self):
def attrs(pipeline_step): return ( AttributeSpec.optional( name='depends', default=set(), doc='step names this step declares a dependency towards', type=set, ), AttributeSpec.optional( name='execute', default=from_instance(attr_name='name', value_doc='step name'), doc=''' The executable (with optional additional arguments) to run. The executable path is calculated relative to `<main_repo>/.ci`. Has two forms: - scalar value (str in most cases) --> no shell-escaping is done - list of scalar values -> used verbatim as ARGV ''', ), AttributeSpec.optional( name='notifications_cfg', default='default', doc=''' Configures build notification policies (see :ref:`notifications trait <trait-notifications>`) ''', type=str, ), AttributeSpec.optional( name='image', default=None, doc=''' the container image reference to use for the executing container. If not set, the default image will be used. ''', ), AttributeSpec.optional( name='registry', default=None, doc=''' The container image registry cfg_name. Required when retrieving container images from a non-default image registry that requires authentication. ''', ), AttributeSpec.optional( name='inputs', default={}, doc=''' a mapping of inputs produced by other build steps: { input_name: output_name } `input_name` is converted to UPPER_CASE and exposed to the step as an environment variable containing the relative path to the output. ''', type=dict, ), AttributeSpec.optional( name='output_dir', default=None, doc=''' exposes a writable directory to the job. The directory is specified via environment variable named as the given value + _PATH (converted to UPPER-case and snake_case). Any files placed into this directory are passed to subsequent steps declaring the output as input. The unchanged value configured is used as input name. e.g.: `output_dir: out` results in env var `OUT_PATH`. ''', ), AttributeSpec.optional( name='publish_to', default={}, doc=''' has two forms: * list of logical repository names to which commits created by this step should be published. * a dictionary: <name: options> The second form currently accepts exactly one argument: `force_push` (bool) and is used to specify that a force-push should be done. The step executable must only commit the changes in the repository's worktree without pushing them. Example: .. code-block:: yaml steps: foo: publish_to: my_repo: force_push: true ''', type=list, ), AttributeSpec.optional( name='vars', default={}, doc=''' pairs of {env_var_name: <python expression>} the specified python expressions are evaluated during pipeline replication. An instance of the current pipeline_model is accessible through the `pipeline_descriptor` symbol. The evaluation result is exposed to this build step via the specified environment variable. ''', ), AttributeSpec.optional( name='privilege_mode', default=PrivilegeMode.UNPRIVILEGED, type=PrivilegeMode, doc=''' privilege mode for step. Use carefully when running potentially untrusted code. ''', ), AttributeSpec.optional( name='timeout', default=None, doc=''' go-style time interval (e.g.: '1h30m') after which the step will be interrupted and fail. ''', ), AttributeSpec.optional( name='retries', default=None, doc=''' positive integer specifying the maximum amount of failures until the step is counted as failed ''', ), )
default=None, doc='Create release notes and add them to the GitHub release.', type=str, ), AttributeSpec.optional( name=cls.DISABLED.value, default=None, doc='Do not create release notes.', type=str, ), ) ATTRIBUTES = (AttributeSpec.optional( name='nextversion', default='bump_minor', doc='specifies how the next development version is to be calculated', ), AttributeSpec.optional( name='release_callback', default=None, doc=''' an optional callback that is called during release commit creation. The callback is passed the absolute path to the main repository's work tree via environment variable `REPO_DIR`. Any changes left inside the worktree are added to the resulting release commit. ''', ), AttributeSpec.optional( name='rebase_before_release', default=False, doc='''
AttributeSpec, AttribSpecMixin, ScriptType, Trait, TraitTransformer, ) from model.base import ( ModelDefaultsMixin, ModelValidationError, ) IMG_DESCRIPTOR_ATTRIBS = ( AttributeSpec.optional( name='registry', default=None, type=str, doc='name of the registry config to use when pushing the image (see cc-utils).', ), AttributeSpec.required( name='image', type=str, doc='image reference to publish the created container image to.', ), AttributeSpec.optional( name='inputs', default={ 'repos': None, # None -> default to main repository 'steps': {}, }, doc='configures the inputs that are made available to image build', type=dict, # todo: define types
class Notify(enum.Enum): EMAIL_RECIPIENTS = 'email_recipients' NOBODY = 'nobody' COMPONENT_OWNERS = 'component_owners' CHECKMARX_ATTRIBUTES = ( AttributeSpec.required( name='team_id', doc='checkmarx team id', type=int, ), AttributeSpec.optional( name='severity_threshold', default=30, doc='threshold above which to notify recipients', type=int, ), AttributeSpec.required( name='cfg_name', doc='config name for checkmarx', type=str, ), ) class CheckmarxCfg(ModelBase): @classmethod def _attribute_specs(cls): return CHECKMARX_ATTRIBUTES
class MergeMethod(enum.Enum): MERGE = 'merge' REBASE = 'rebase' SQUASH = 'squash' class UpstreamUpdatePolicy(enum.Enum): STRICTLY_FOLLOW = 'strictly_follow' ACCEPT_HOTFIXES = 'accept_hotfixes' MERGE_POLICY_CONFIG_ATTRIBUTES = ( AttributeSpec.optional( name='component_names', default=[], type=typing.List[str], doc= ('a sequence of regular expressions. This merge policy will be applied to matching ' 'component names. Matches all component names by default')), AttributeSpec.optional( name='merge_mode', default='manual', type=MergePolicy, doc='whether or not created PRs should be automatically merged', ), AttributeSpec.optional( name='merge_method', default='merge', type=MergeMethod, doc=( 'The method to use when merging PRs automatically. For more details, check '
from concourse.model.job import ( JobVariant, ) import concourse.model.traits.component_descriptor class MergePolicy(enum.Enum): MANUAL = 'manual' AUTO_MERGE = 'auto_merge' ATTRIBUTES = ( AttributeSpec.optional( name='set_dependency_version_script', default='.ci/set_dependency_version', doc='configures the path to set_dependency_version script', ), AttributeSpec.optional( name='upstream_component_name', default=None, # defaults to main repository doc='configures the upstream component', ), AttributeSpec.optional( name='merge_policy', default=MergePolicy.MANUAL, doc='whether or not created PRs should be automatically merged', ), AttributeSpec.optional( name='after_merge_callback', default=None,
JobVariant, ) from concourse.model.step import ( PipelineStep, StepNotificationPolicy, ) from concourse.model.base import ( AttributeSpec, Trait, TraitTransformer, ScriptType, ) ATTRIBUTES = ( AttributeSpec.optional( name='preprocess', default='inject-commit-hash', doc= 'sets the semver version operation to calculate the effective version during the build', ), AttributeSpec.optional( name='versionfile', default='VERSION', doc='relative path to the version file', ), AttributeSpec.optional( name='inject_effective_version', default=False, doc=''' whether or not the effective version is to be written into the source tree's VERSION file ''', type=bool, ),