enhance(secrets)!: use the same allow_events system as repos for secr…

…ets (#1033)

* init commit

* use allowed instead of eventallowed

api/secret/create.go

@@ -15,6 +15,7 @@ import (
 	"github.com/go-vela/server/util"
 	"github.com/go-vela/types/constants"
 	"github.com/go-vela/types/library"
+	"github.com/go-vela/types/library/actions"
 	"github.com/sirupsen/logrus"
 )
 
@@ -207,8 +208,21 @@ func CreateSecret(c *gin.Context) {
 		input.SetImages(util.Unique(input.GetImages()))
 	}
 
-	if len(input.GetEvents()) > 0 {
-		input.SetEvents(util.Unique(input.GetEvents()))
+	// default event set for secrets
+	if input.GetAllowEvents().ToDatabase() == 0 {
+		e := new(library.Events)
+
+		push := new(actions.Push)
+		push.SetBranch(true)
+		push.SetTag(true)
+
+		deploy := new(actions.Deploy)
+		deploy.SetCreated(true)
+
+		e.SetPush(push)
+		e.SetDeployment(deploy)
+
+		input.SetAllowEvents(e)
 	}
 
 	if len(input.GetEvents()) == 0 {

api/webhook/post.go

@@ -258,7 +258,7 @@ func PostWebhook(c *gin.Context) {
 	}
 
 	// verify the build has a valid event and the repo allows that event type
-	if !repo.EventAllowed(b.GetEvent(), b.GetEventAction()) {
+	if !repo.GetAllowEvents().Allowed(b.GetEvent(), b.GetEventAction()) {
 		var actionErr string
 		if len(b.GetEventAction()) > 0 {
 			actionErr = ":" + b.GetEventAction()

database/integration_test.go

@@ -2311,6 +2311,7 @@ func newResources() *Resources {
 	secretOrg.SetType("org")
 	secretOrg.SetImages([]string{"alpine"})
 	secretOrg.SetEvents([]string{"push", "tag", "deployment"})
+	secretOrg.SetAllowEvents(library.NewEventsFromMask(1))
 	secretOrg.SetAllowCommand(true)
 	secretOrg.SetCreatedAt(time.Now().UTC().Unix())
 	secretOrg.SetCreatedBy("octocat")
@@ -2327,6 +2328,7 @@ func newResources() *Resources {
 	secretRepo.SetType("repo")
 	secretRepo.SetImages([]string{"alpine"})
 	secretRepo.SetEvents([]string{"push", "tag", "deployment"})
+	secretRepo.SetAllowEvents(library.NewEventsFromMask(1))
 	secretRepo.SetAllowCommand(true)
 	secretRepo.SetCreatedAt(time.Now().UTC().Unix())
 	secretRepo.SetCreatedBy("octocat")
@@ -2344,6 +2346,7 @@ func newResources() *Resources {
 	secretShared.SetImages([]string{"alpine"})
 	secretShared.SetEvents([]string{"push", "tag", "deployment"})
 	secretShared.SetAllowCommand(true)
+	secretShared.SetAllowEvents(library.NewEventsFromMask(1))
 	secretShared.SetCreatedAt(time.Now().UTC().Unix())
 	secretShared.SetCreatedBy("octocat")
 	secretShared.SetUpdatedAt(time.Now().Add(time.Hour * 1).UTC().Unix())

database/repo/repo_test.go

@@ -222,6 +222,9 @@ func testEvents() *library.Events {
 			Created: new(bool),
 			Edited:  new(bool),
 		},
+		Schedule: &actions.Schedule{
+			Run: new(bool),
+		},
 	}
 }
 

database/secret/create_test.go

@@ -24,6 +24,7 @@ func TestSecret_Engine_CreateSecret(t *testing.T) {
 	_secretRepo.SetCreatedBy("user")
 	_secretRepo.SetUpdatedAt(1)
 	_secretRepo.SetUpdatedBy("user2")
+	_secretRepo.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_secretOrg := testSecret()
 	_secretOrg.SetID(2)
@@ -36,6 +37,7 @@ func TestSecret_Engine_CreateSecret(t *testing.T) {
 	_secretOrg.SetCreatedBy("user")
 	_secretOrg.SetUpdatedAt(1)
 	_secretOrg.SetUpdatedBy("user2")
+	_secretOrg.SetAllowEvents(library.NewEventsFromMask(3))
 
 	_secretShared := testSecret()
 	_secretShared.SetID(3)
@@ -48,6 +50,7 @@ func TestSecret_Engine_CreateSecret(t *testing.T) {
 	_secretShared.SetCreatedBy("user")
 	_secretShared.SetUpdatedAt(1)
 	_secretShared.SetUpdatedBy("user2")
+	_secretShared.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
@@ -57,23 +60,23 @@ func TestSecret_Engine_CreateSecret(t *testing.T) {
 
 	// ensure the mock expects the repo secrets query
 	_mock.ExpectQuery(`INSERT INTO "secrets"
-("org","repo","team","name","value","type","images","events","allow_command","created_at","created_by","updated_at","updated_by","id")
-VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14) RETURNING "id"`).
-		WithArgs("foo", "bar", nil, "baz", AnyArgument{}, "repo", nil, nil, false, 1, "user", 1, "user2", 1).
+("org","repo","team","name","value","type","images","events","allow_events","allow_command","created_at","created_by","updated_at","updated_by","id")
+VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15) RETURNING "id"`).
+		WithArgs("foo", "bar", nil, "baz", AnyArgument{}, "repo", nil, nil, 1, false, 1, "user", 1, "user2", 1).
 		WillReturnRows(_rows)
 
 	// ensure the mock expects the org secrets query
 	_mock.ExpectQuery(`INSERT INTO "secrets"
-("org","repo","team","name","value","type","images","events","allow_command","created_at","created_by","updated_at","updated_by","id")
-VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14) RETURNING "id"`).
-		WithArgs("foo", "*", nil, "bar", AnyArgument{}, "org", nil, nil, false, 1, "user", 1, "user2", 2).
+("org","repo","team","name","value","type","images","events","allow_events","allow_command","created_at","created_by","updated_at","updated_by","id")
+VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15) RETURNING "id"`).
+		WithArgs("foo", "*", nil, "bar", AnyArgument{}, "org", nil, nil, 3, false, 1, "user", 1, "user2", 2).
 		WillReturnRows(_rows)
 
 	// ensure the mock expects the shared secrets query
 	_mock.ExpectQuery(`INSERT INTO "secrets"
-("org","repo","team","name","value","type","images","events","allow_command","created_at","created_by","updated_at","updated_by","id")
-VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14) RETURNING "id"`).
-		WithArgs("foo", nil, "bar", "baz", AnyArgument{}, "shared", nil, nil, false, 1, "user", 1, "user2", 3).
+("org","repo","team","name","value","type","images","events","allow_events","allow_command","created_at","created_by","updated_at","updated_by","id")
+VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15) RETURNING "id"`).
+		WithArgs("foo", nil, "bar", "baz", AnyArgument{}, "shared", nil, nil, 1, false, 1, "user", 1, "user2", 3).
 		WillReturnRows(_rows)
 
 	_sqlite := testSqlite(t)

database/secret/get_org_test.go

@@ -25,14 +25,15 @@ func TestSecret_Engine_GetSecretForOrg(t *testing.T) {
 	_secret.SetCreatedBy("user")
 	_secret.SetUpdatedAt(1)
 	_secret.SetUpdatedBy("user2")
+	_secret.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(1, "org", "foo", "*", "", "baz", "bar", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(1, "org", "foo", "*", "", "baz", "bar", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 AND name = $3 LIMIT 1`).

database/secret/get_repo_test.go

@@ -35,14 +35,15 @@ func TestSecret_Engine_GetSecretForRepo(t *testing.T) {
 	_secret.SetCreatedBy("user")
 	_secret.SetUpdatedAt(1)
 	_secret.SetUpdatedBy("user2")
+	_secret.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 AND repo = $3 AND name = $4 LIMIT 1`).

database/secret/get_team_test.go

@@ -25,14 +25,15 @@ func TestSecret_Engine_GetSecretForTeam(t *testing.T) {
 	_secret.SetCreatedBy("user")
 	_secret.SetUpdatedAt(1)
 	_secret.SetUpdatedBy("user2")
+	_secret.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(1, "shared", "foo", "", "bar", "baz", "foob", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(1, "shared", "foo", "", "bar", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 AND team = $3 AND name = $4 LIMIT 1`).

database/secret/get_test.go

@@ -24,14 +24,15 @@ func TestSecret_Engine_GetSecret(t *testing.T) {
 	_secret.SetCreatedBy("user")
 	_secret.SetUpdatedAt(1)
 	_secret.SetUpdatedBy("user2")
+	_secret.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
 
 	// create expected result in mock
 	_rows := sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE id = $1 LIMIT 1`).WithArgs(1).WillReturnRows(_rows)

database/secret/list_org_test.go

@@ -25,6 +25,7 @@ func TestSecret_Engine_ListSecretsForOrg(t *testing.T) {
 	_secretOne.SetCreatedBy("user")
 	_secretOne.SetUpdatedAt(1)
 	_secretOne.SetUpdatedBy("user2")
+	_secretOne.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_secretTwo := testSecret()
 	_secretTwo.SetID(2)
@@ -37,6 +38,7 @@ func TestSecret_Engine_ListSecretsForOrg(t *testing.T) {
 	_secretTwo.SetCreatedBy("user")
 	_secretTwo.SetUpdatedAt(1)
 	_secretTwo.SetUpdatedBy("user2")
+	_secretTwo.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
@@ -50,9 +52,9 @@ func TestSecret_Engine_ListSecretsForOrg(t *testing.T) {
 
 	// create expected name query result in mock
 	_rows = sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(2, "org", "foo", "*", "", "bar", "baz", nil, nil, false, 1, "user", 1, "user2").
-		AddRow(1, "org", "foo", "*", "", "baz", "bar", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(2, "org", "foo", "*", "", "bar", "baz", nil, nil, 1, false, 1, "user", 1, "user2").
+		AddRow(1, "org", "foo", "*", "", "baz", "bar", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the name query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 ORDER BY id DESC LIMIT 10`).

database/secret/list_repo_test.go

@@ -36,6 +36,7 @@ func TestSecret_Engine_ListSecretsForRepo(t *testing.T) {
 	_secretOne.SetCreatedBy("user")
 	_secretOne.SetUpdatedAt(1)
 	_secretOne.SetUpdatedBy("user2")
+	_secretOne.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_secretTwo := testSecret()
 	_secretTwo.SetID(2)
@@ -48,6 +49,7 @@ func TestSecret_Engine_ListSecretsForRepo(t *testing.T) {
 	_secretTwo.SetCreatedBy("user")
 	_secretTwo.SetUpdatedAt(1)
 	_secretTwo.SetUpdatedBy("user2")
+	_secretTwo.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
@@ -61,9 +63,9 @@ func TestSecret_Engine_ListSecretsForRepo(t *testing.T) {
 
 	// create expected name query result in mock
 	_rows = sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(2, "repo", "foo", "bar", "", "foob", "baz", nil, nil, false, 1, "user", 1, "user2").
-		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(2, "repo", "foo", "bar", "", "foob", "baz", nil, nil, 1, false, 1, "user", 1, "user2").
+		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the name query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 AND repo = $3 ORDER BY id DESC LIMIT 10`).

database/secret/list_team_test.go

@@ -26,6 +26,7 @@ func TestSecret_Engine_ListSecretsForTeam(t *testing.T) {
 	_secretOne.SetCreatedBy("user")
 	_secretOne.SetUpdatedAt(1)
 	_secretOne.SetUpdatedBy("user2")
+	_secretOne.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_secretTwo := testSecret()
 	_secretTwo.SetID(2)
@@ -38,6 +39,7 @@ func TestSecret_Engine_ListSecretsForTeam(t *testing.T) {
 	_secretTwo.SetCreatedBy("user")
 	_secretTwo.SetUpdatedAt(1)
 	_secretTwo.SetUpdatedBy("user2")
+	_secretTwo.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
@@ -51,9 +53,9 @@ func TestSecret_Engine_ListSecretsForTeam(t *testing.T) {
 
 	// create expected name query result in mock
 	_rows = sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(2, "shared", "foo", "", "bar", "foob", "baz", nil, nil, false, 1, "user", 1, "user2").
-		AddRow(1, "shared", "foo", "", "bar", "baz", "foob", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(2, "shared", "foo", "", "bar", "foob", "baz", nil, nil, 1, false, 1, "user", 1, "user2").
+		AddRow(1, "shared", "foo", "", "bar", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the name query
 	_mock.ExpectQuery(`SELECT * FROM "secrets" WHERE type = $1 AND org = $2 AND team = $3 ORDER BY id DESC LIMIT 10`).

database/secret/list_test.go

@@ -24,6 +24,7 @@ func TestSecret_Engine_ListSecrets(t *testing.T) {
 	_secretOne.SetCreatedBy("user")
 	_secretOne.SetUpdatedAt(1)
 	_secretOne.SetUpdatedBy("user2")
+	_secretOne.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_secretTwo := testSecret()
 	_secretTwo.SetID(2)
@@ -36,6 +37,7 @@ func TestSecret_Engine_ListSecrets(t *testing.T) {
 	_secretTwo.SetCreatedBy("user")
 	_secretTwo.SetUpdatedAt(1)
 	_secretTwo.SetUpdatedBy("user2")
+	_secretTwo.SetAllowEvents(library.NewEventsFromMask(1))
 
 	_postgres, _mock := testPostgres(t)
 	defer func() { _sql, _ := _postgres.client.DB(); _sql.Close() }()
@@ -48,9 +50,9 @@ func TestSecret_Engine_ListSecrets(t *testing.T) {
 
 	// create expected result in mock
 	_rows = sqlmock.NewRows(
-		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
-		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, false, 1, "user", 1, "user2").
-		AddRow(2, "repo", "foo", "bar", "", "foob", "baz", nil, nil, false, 1, "user", 1, "user2")
+		[]string{"id", "type", "org", "repo", "team", "name", "value", "images", "events", "allow_events", "allow_command", "created_at", "created_by", "updated_at", "updated_by"}).
+		AddRow(1, "repo", "foo", "bar", "", "baz", "foob", nil, nil, 1, false, 1, "user", 1, "user2").
+		AddRow(2, "repo", "foo", "bar", "", "foob", "baz", nil, nil, 1, false, 1, "user", 1, "user2")
 
 	// ensure the mock expects the query
 	_mock.ExpectQuery(`SELECT * FROM "secrets"`).WillReturnRows(_rows)

database/secret/secret_test.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/DATA-DOG/go-sqlmock"
 	"github.com/go-vela/types/library"
+	"github.com/go-vela/types/library/actions"
 	"github.com/sirupsen/logrus"
 
 	"gorm.io/driver/postgres"
@@ -218,6 +219,7 @@ func testSecret() *library.Secret {
 		Type:         new(string),
 		Images:       new([]string),
 		Events:       new([]string),
+		AllowEvents:  testEvents(),
 		AllowCommand: new(bool),
 		CreatedAt:    new(int64),
 		CreatedBy:    new(string),
@@ -226,6 +228,31 @@ func testSecret() *library.Secret {
 	}
 }
 
+func testEvents() *library.Events {
+	return &library.Events{
+		Push: &actions.Push{
+			Branch: new(bool),
+			Tag:    new(bool),
+		},
+		PullRequest: &actions.Pull{
+			Opened:      new(bool),
+			Edited:      new(bool),
+			Synchronize: new(bool),
+			Reopened:    new(bool),
+		},
+		Deployment: &actions.Deploy{
+			Created: new(bool),
+		},
+		Comment: &actions.Comment{
+			Created: new(bool),
+			Edited:  new(bool),
+		},
+		Schedule: &actions.Schedule{
+			Run: new(bool),
+		},
+	}
+}
+
 // This will be used with the github.com/DATA-DOG/go-sqlmock library to compare values
 // that are otherwise not easily compared. These typically would be values generated
 // before adding or updating them in the database.

database/secret/table.go

@@ -23,6 +23,7 @@ secrets (
 	value         BYTEA,
 	images        VARCHAR(1000),
 	events        VARCHAR(1000),
+	allow_events  INTEGER,
 	allow_command BOOLEAN,
 	created_at    INTEGER,
 	created_by    VARCHAR(250),
@@ -47,6 +48,7 @@ secrets (
 	value         TEXT,
 	images        TEXT,
 	events        TEXT,
+	allow_events  INTEGER,
 	allow_command BOOLEAN,
 	created_at    INTEGER,
 	created_by	  TEXT,