Remove plugin-only option from secrets

cli/secret/secret_add.go

@@ -46,17 +46,13 @@ var secretCreateCmd = &cli.Command{
 			Usage: "secret value",
 		},
 		&cli.StringSliceFlag{
-			Name:  "event",
+			Name:  "events",
 			Usage: "secret limited to these events",
 		},
 		&cli.StringSliceFlag{
-			Name:  "image",
+			Name:  "images",
 			Usage: "secret limited to these images",
 		},
-		&cli.BoolFlag{
-			Name:  "plugins-only",
-			Usage: "secret limited to plugins",
-		},
 	),
 }
 
@@ -67,11 +63,10 @@ func secretCreate(c *cli.Context) error {
 	}
 
 	secret := &woodpecker.Secret{
-		Name:        strings.ToLower(c.String("name")),
-		Value:       c.String("value"),
-		Images:      c.StringSlice("image"),
-		PluginsOnly: c.Bool("plugins-only"),
-		Events:      c.StringSlice("event"),
+		Name:   strings.ToLower(c.String("name")),
+		Value:  c.String("value"),
+		Images: c.StringSlice("images"),
+		Events: c.StringSlice("events"),
 	}
 	if len(secret.Events) == 0 {
 		secret.Events = defaultSecretEvents

cli/secret/secret_set.go

@@ -46,17 +46,13 @@ var secretUpdateCmd = &cli.Command{
 			Usage: "secret value",
 		},
 		&cli.StringSliceFlag{
-			Name:  "event",
+			Name:  "events",
 			Usage: "secret limited to these events",
 		},
 		&cli.StringSliceFlag{
-			Name:  "image",
+			Name:  "images",
 			Usage: "secret limited to these images",
 		},
-		&cli.BoolFlag{
-			Name:  "plugins-only",
-			Usage: "secret limited to plugins",
-		},
 	),
 }
 
@@ -67,11 +63,10 @@ func secretUpdate(c *cli.Context) error {
 	}
 
 	secret := &woodpecker.Secret{
-		Name:        strings.ToLower(c.String("name")),
-		Value:       c.String("value"),
-		Images:      c.StringSlice("image"),
-		PluginsOnly: c.Bool("plugins-only"),
-		Events:      c.StringSlice("event"),
+		Name:   strings.ToLower(c.String("name")),
+		Value:  c.String("value"),
+		Images: c.StringSlice("images"),
+		Events: c.StringSlice("events"),
 	}
 	if strings.HasPrefix(secret.Value, "@") {
 		path := strings.TrimPrefix(secret.Value, "@")

pipeline/frontend/yaml/compiler/compiler.go

@@ -41,14 +41,13 @@ type Registry struct {
 }
 
 type Secret struct {
-	Name       string
-	Value      string
-	Match      []string
-	PluginOnly bool
+	Name          string
+	Value         string
+	AllowedImages []string
 }
 
 func (s *Secret) Available(container *yaml_types.Container) bool {
-	return (len(s.Match) == 0 || utils.MatchImage(container.Image, s.Match...)) && (!s.PluginOnly || container.IsPlugin())
+	return (len(s.AllowedImages) == 0 || utils.MatchImage(container.Image, s.AllowedImages...)) && (len(s.AllowedImages) == 0 || container.IsPlugin())
 }
 
 type secretMap map[string]Secret

pipeline/stepBuilder.go

@@ -236,10 +236,9 @@ func (b *StepBuilder) toInternalRepresentation(parsed *yaml_types.Workflow, envi
 			continue
 		}
 		secrets = append(secrets, compiler.Secret{
-			Name:       sec.Name,
-			Value:      sec.Value,
-			Match:      sec.Images,
-			PluginOnly: sec.PluginsOnly,
+			Name:          sec.Name,
+			Value:         sec.Value,
+			AllowedImages: sec.Images,
 		})
 	}
 

server/api/global_secret.go

@@ -83,11 +83,10 @@ func PostGlobalSecret(c *gin.Context) {
 		return
 	}
 	secret := &model.Secret{
-		Name:        in.Name,
-		Value:       in.Value,
-		Events:      in.Events,
-		Images:      in.Images,
-		PluginsOnly: in.PluginsOnly,
+		Name:   in.Name,
+		Value:  in.Value,
+		Events: in.Events,
+		Images: in.Images,
 	}
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusBadRequest, "Error inserting global secret. %s", err)
@@ -134,7 +133,6 @@ func PatchGlobalSecret(c *gin.Context) {
 	if in.Images != nil {
 		secret.Images = in.Images
 	}
-	secret.PluginsOnly = in.PluginsOnly
 
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusBadRequest, "Error updating global secret. %s", err)

server/api/org_secret.go

@@ -106,12 +106,11 @@ func PostOrgSecret(c *gin.Context) {
 		return
 	}
 	secret := &model.Secret{
-		OrgID:       orgID,
-		Name:        in.Name,
-		Value:       in.Value,
-		Events:      in.Events,
-		Images:      in.Images,
-		PluginsOnly: in.PluginsOnly,
+		OrgID:  orgID,
+		Name:   in.Name,
+		Value:  in.Value,
+		Events: in.Events,
+		Images: in.Images,
 	}
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusUnprocessableEntity, "Error inserting org %q secret. %s", orgID, err)
@@ -164,7 +163,6 @@ func PatchOrgSecret(c *gin.Context) {
 	if in.Images != nil {
 		secret.Images = in.Images
 	}
-	secret.PluginsOnly = in.PluginsOnly
 
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusUnprocessableEntity, "Error updating org %q secret. %s", orgID, err)

server/api/repo_secret.go

@@ -67,12 +67,11 @@ func PostSecret(c *gin.Context) {
 		return
 	}
 	secret := &model.Secret{
-		RepoID:      repo.ID,
-		Name:        strings.ToLower(in.Name),
-		Value:       in.Value,
-		Events:      in.Events,
-		Images:      in.Images,
-		PluginsOnly: in.PluginsOnly,
+		RepoID: repo.ID,
+		Name:   strings.ToLower(in.Name),
+		Value:  in.Value,
+		Events: in.Events,
+		Images: in.Images,
 	}
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusUnprocessableEntity, "Error inserting secret. %s", err)
@@ -123,7 +122,6 @@ func PatchSecret(c *gin.Context) {
 	if in.Images != nil {
 		secret.Images = in.Images
 	}
-	secret.PluginsOnly = in.PluginsOnly
 
 	if err := secret.Validate(); err != nil {
 		c.String(http.StatusUnprocessableEntity, "Error updating secret. %s", err)

server/model/secret.go

@@ -69,16 +69,13 @@ type SecretStore interface {
 
 // Secret represents a secret variable, such as a password or token.
 type Secret struct {
-	ID          int64          `json:"id"              xorm:"pk autoincr 'secret_id'"`
-	OrgID       int64          `json:"-"               xorm:"NOT NULL DEFAULT 0 UNIQUE(s) INDEX 'secret_org_id'"`
-	RepoID      int64          `json:"-"               xorm:"NOT NULL DEFAULT 0 UNIQUE(s) INDEX 'secret_repo_id'"`
-	Name        string         `json:"name"            xorm:"NOT NULL UNIQUE(s) INDEX 'secret_name'"`
-	Value       string         `json:"value,omitempty" xorm:"TEXT 'secret_value'"`
-	Images      []string       `json:"image"           xorm:"json 'secret_images'"`
-	PluginsOnly bool           `json:"plugins_only"    xorm:"secret_plugins_only"`
-	Events      []WebhookEvent `json:"event"           xorm:"json 'secret_events'"`
-	SkipVerify  bool           `json:"-"               xorm:"secret_skip_verify"`
-	Conceal     bool           `json:"-"               xorm:"secret_conceal"`
+	ID     int64          `json:"id"              xorm:"pk autoincr 'secret_id'"`
+	OrgID  int64          `json:"-"               xorm:"NOT NULL DEFAULT 0 UNIQUE(s) INDEX 'secret_org_id'"`
+	RepoID int64          `json:"-"               xorm:"NOT NULL DEFAULT 0 UNIQUE(s) INDEX 'secret_repo_id'"`
+	Name   string         `json:"name"            xorm:"NOT NULL UNIQUE(s) INDEX 'secret_name'"`
+	Value  string         `json:"value,omitempty" xorm:"TEXT 'secret_value'"`
+	Images []string       `json:"images"          xorm:"json 'secret_images'"`
+	Events []WebhookEvent `json:"events"          xorm:"json 'secret_events'"`
 } //	@name Secret
 
 // TableName return database table name for xorm
@@ -154,13 +151,12 @@ func (s *Secret) Validate() error {
 // Copy makes a copy of the secret without the value.
 func (s *Secret) Copy() *Secret {
 	return &Secret{
-		ID:          s.ID,
-		OrgID:       s.OrgID,
-		RepoID:      s.RepoID,
-		Name:        s.Name,
-		Images:      s.Images,
-		PluginsOnly: s.PluginsOnly,
-		Events:      sortEvents(s.Events),
+		ID:     s.ID,
+		OrgID:  s.OrgID,
+		RepoID: s.RepoID,
+		Name:   s.Name,
+		Images: s.Images,
+		Events: sortEvents(s.Events),
 	}
 }
 

web/src/components/secrets/SecretEdit.vue

@@ -16,12 +16,10 @@
 
       <InputField :label="$t(i18nPrefix + 'images.images')">
         <TextField v-model="images" :placeholder="$t(i18nPrefix + 'images.desc')" />
-
-        <Checkbox v-model="innerValue.plugins_only" class="mt-4" :label="$t(i18nPrefix + 'plugins_only')" />
       </InputField>
 
       <InputField :label="$t(i18nPrefix + 'events.events')">
-        <CheckboxesField v-model="innerValue.event" :options="secretEventsOptions" />
+        <CheckboxesField v-model="innerValue.events" :options="secretEventsOptions" />
       </InputField>
 
       <div class="flex gap-2">
@@ -71,11 +69,11 @@ const innerValue = computed({
 });
 const images = computed<string>({
   get() {
-    return innerValue.value?.image?.join(',') || '';
+    return innerValue.value?.images?.join(',') || '';
   },
   set(value) {
     if (innerValue.value) {
-      innerValue.value.image = value
+      innerValue.value.images = value
         .split(',')
         .map((s) => s.trim())
         .filter((s) => s !== '');

web/src/components/secrets/SecretList.vue

@@ -7,7 +7,7 @@
     >
       <span>{{ secret.name }}</span>
       <div class="ml-auto space-x-2">
-        <Badge v-for="event in secret.event" :key="event" :label="event" />
+        <Badge v-for="event in secret.events" :key="event" :label="event" />
       </div>
       <IconButton
         icon="edit"

web/src/lib/api/types/secret.ts

@@ -4,7 +4,7 @@ export type Secret = {
   id: string;
   name: string;
   value: string;
-  event: WebhookEvents[];
-  image: string[];
+  events: WebhookEvents[];
+  images: string[];
   plugins_only: string;
 };

woodpecker-go/woodpecker/types.go

@@ -132,12 +132,11 @@ type (
 
 	// Secret represents a secret variable, such as a password or token.
 	Secret struct {
-		ID          int64    `json:"id"`
-		Name        string   `json:"name"`
-		Value       string   `json:"value,omitempty"`
-		Images      []string `json:"image"`
-		PluginsOnly bool     `json:"plugins_only"`
-		Events      []string `json:"event"`
+		ID     int64    `json:"id"`
+		Name   string   `json:"name"`
+		Value  string   `json:"value,omitempty"`
+		Images []string `json:"images"`
+		Events []string `json:"events"`
 	}
 
 	// Activity represents an item in the user's feed or timeline.