Hello,

It appears that this project only looks at the most recent commit when looking for changes in files.

I have run into a small issue and was wondering if you have any ideas on how to work around it.

We do a production deploy whenever the master branch is tagged. Most of the time that happens after we push to master. However, sometimes there may be multiple commits pushed to master before releasing. If the most recent commit doesn't touch the same paths that the previous commits touched then the step won't be triggered on release.

A simple example is when drone is setup to only deploy the frontend when the frontend/ folder changes. I push changes to that folder to master. Then right after I realize I forgot to update the readme so I push that to master. Now, when I tag a release the plugin won't realize that there was a change to frontend/ since the last release and it won't deploy the frontend.

Is there any way this plugin can look back at all the commits since the last release when checking the paths?

Thanks so much for your work on this plugin!

Drone uses go-scm to interact with the different providers but doesn't have anything around getting diffs. Maybe now that the pathschanged plugin has been around for a bit you all could consider adding to go-scm?

Currently this plugin implements its own "bitbucket-server" support for self-hosted Bitbucket. Drone code refers to "bitbucket-server" as "stash" (see https://docs.drone.io/server/provider/bitbucket-server/).

As we work to add support for other SCM providers, it would be great to standardize on implementation to match what go-scm uses (see https://github.com/drone/go-scm/tree/master/scm/driver/stash).

I would like to implement "stash" provider support based on go-scm's implementation, and transition from BB_ADDRESS to STASH_SERVER, releasing a version which is backwards compatible, but with warnings that BB_ADDRESS is deprecated.

Describe the bug

When a new tag is pushed, it sends the 'ref' data (refs/tags/...) which makes sense. But there is also a pathschanged flag based on the last PR which does not make sense as the new tag build is for all PR's since the last build.

Steps to reproduce

1. Try a build which has new tag push and pathschanged condition evaluating as false. The build goes thru.
2. Now have a new tag push with pathschanged condition evaluating as true. The build does not go thru even if there are multiple PR's in between but pathschanged evaluation only looks at the last PR.

Expected behavior

pathschanged should not be checked for new tag push event.

So, build should go thru for #2 in the above example.

Additional context

Following logs were observed:
{"build_after":"e8bfa225210103b8f1eb5579d78729d9acaef2d6","build_before":"0000000000000000000000000000000000000000","level":"info","msg":"a path field was seen","repo_name":"logistics-dynamic-pricing","repo_namespace":"deliveryhero","time":"2023-04-24T12:18:21Z"}
{"build_after":"e8bfa225210103b8f1eb5579d78729d9acaef2d6","build_before":"0000000000000000000000000000000000000000","level":"info","msg":"excluding pipeline DPS Build","repo_name":"logistics-dynamic-pricing","repo_namespace":"deliveryhero","time":"2023-04-24T12:18:21Z"}

Trigger only on feature branches or if a certain keyword is contained within the commit message similar to how "[skip ci]" works. The rest of the time ignore the when-paths logic.

Functionally, this extension alters yaml that is sent back to drone-server for scheduling. Because of this, we are encountering a runtime issue on any signed repository when paths is invoked.

Steps to reproduce

Steps to reproduce the behavior:

1. Create a pipeline that will trigger paths plugin
2. Sign the pipeline drone sign --save <repo>
3. Submit a pull-request
4. You will be asked to approve the pipeline

Expected behavior

Pipeline validation should happen regardless of the changes paths makes to the yaml file based on pre-configured matches (or lack of the same). Perhaps validation of the signed pipeline needs to happen within or prior to a pipeline run?

Screenshots

No screenshot here, but very reproducible, it will ask for permission inside the UI from an admin on the repository.

Environment (anything that would help us investigate the bug)

• OS Linux
• Version Drone 2.11.0 / Paths 1.0.0
• Browser Chrome, Safari

Observed Behaviour

i try to run container

docker run -d \
  --publish=3000:3000 \
  --env=DRONE_DEBUG=true \
  --env=DRONE_SECRET=XXX \
  --env=TOKEN=XXX \
  --env=PROVIDER=gitlab \
  --env=GITHUB_SERVER=https://mygitlab.domain.com \
  --restart=always \
  --name=converter meltwater/drone-convert-pathschanged
  

but container didn't up , logs show "unsupported provider"

Version(s) Affected

latest

Steps to Reproduce

Expected Behaviour

No response

Feature

It would be nice if we provided a helm chart to assist users running in Kubernetes.

More discussion in #41

Add support for Gitea

Rest API's of Stash are paginated and have a default page size of 25. As a result when the plugin fetches the diff via go-scm it only picks up the first 25 paths that were affected in the PR/commit. Diffs with greater than 25 paths affected isn't uncommon for a monorepo. stash.go#GetStashFilesChanged takes in a pagination parameter but plugin doesn't have a way to set the size option.

Add an environment variable to set the page size to a higher value.

References:

1. API uses limit of 25 if unspecified.
   https://docs.atlassian.com/bitbucket-server/rest/4.0.0/bitbucket-rest.html#paging-params
2. go-scm stash driver takes scm.ListOptions.Size as a parameter to set this limit
   https://github.com/drone/go-scm/blob/3edbe5560fdc172e093e6214196ee37ce516152d/scm/driver/stash/git.go#L114
3. Plugin already supplies a empty parameter, this can be modified to set the configured size and probably default value greater than 25
   

   drone-convert-pathschanged/plugin/plugin.go

   Line 169 in 77a9eeb

   changedFiles, err = providers.GetStashFilesChanged(req.Repo, req.Build, p.params.StashServer, p.params.Token, scm.ListOptions{})

Expected behavior

Applicable pipelines must be evaluated based on the entire changeset and not just the first page (Bitbucket sets the limit to 1000 when making api requests for its web gui)

Describe the bug

I have an issue with the configuration converter + drone server. I'm using docker-compose on linux/amd64.
I'm almost sure that config has a problem with handling: DRONE_CONVERT_PLUGIN_ENDPOINT which isn't an IP.
When I'm trying to use DRONE_CONVERT_PLUGIN_ENDPOINT=drone_converter:3000 logs produced:

drone            | {"commit":"8583cff5096fde2cba19cdf929cda668d11929ca","error":"parse \"drone_converter:3000\": first path segment in URL cannot contain colon","event":"push","level":"warning","msg":"trigger: cannot convert yaml","ref":"refs/heads/kuba/droneCI","repo":"3sky/solid","time":"2022-03-24T14:52:59Z"}

Important that pipeline code looks like that:

trigger:
  event:
    - push
  paths:
    include:
      - .golangci.yml

steps:
- name: run linter
  image: golangci/golangci-lint:v1.45-alpine
  commands:
    - golangci-lint run

When I'm using DRONE_CONVERT_PLUGIN_ENDPOINT=http://drone_converter:3000

drone_converter  | {"level":"info","msg":"server listening on address :3000","time":"2022-03-24T14:58:11Z"}
drone_converter  | {"level":"debug","msg":"converter: invalid signature in http.Request","time":"2022-03-24T14:58:47Z"}

Steps to reproduce

My docker-compose looks like that:

version: '3.6'
networks:
  drone_net:
    external: true

volumes:
  drone_data:

services:
  drone:
    image: drone/drone:${DRONE_VERSION}
    container_name: drone
    restart: always
    hostname: drone
    volumes:
     - drone_data:/data
    environment:
      - TZ=UTC
      - DRONE_GITHUB_CLIENT_ID=${DRONE_GITHUB_CLIENT_ID}
      - DRONE_GITHUB_CLIENT_SECRET=${DRONE_GITHUB_CLIENT_SECRET}
      - DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
      - DRONE_SECRET=${DRONE_CONVERTER_SECRET}
      - DRONE_DATABASE_SECRET=${DRONE_DATABASE_SECRET}
      - DRONE_CONVERT_PLUGIN_ENDPOINT=http://drone_converter:3000
      - DRONE_SERVER_HOST=drone.3sky.dev
      - DRONE_SERVER_PROTO=http
      - DRONE_USER_FILTER=3sky
      - DRONE_USER_CREATE=username:3sky,admin:true
    networks:
      drone_net:

  drone-converter:
    container_name: drone_converter
    image: meltwater/drone-convert-pathschanged:${DRONE_CONVERTER_VERSION}
    depends_on: [ drone ]
    restart: always
    environment:
     - TZ=UTC
     - DRONE_DEBUG=true
     - DRONE_RPC_HOST=drone
     - DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
     - TOKEN=${DRONE_GITHUB_CLIENT_SECRET}
     - DRONE_SECRET=${DRONE_CONVERTER_SECRET}
     - PROVIDER=github
    networks:
      - drone_net

docker-compose up

And the logs:

drone            | {"acme":false,"host":"drone.3sky.dev","level":"info","msg":"starting the http server","port":":80","proto":"http","time":"2022-03-24T14:58:10Z","url":"http://drone.3sky.dev"}
drone            | {"interval":"30m0s","level":"info","msg":"starting the cron scheduler","time":"2022-03-24T14:58:10Z"}
drone            | {"interval":"24h0m0s","level":"info","msg":"starting the zombie build reaper","time":"2022-03-24T14:58:10Z"}
drone_converter  | {"level":"info","msg":"server listening on address :3000","time":"2022-03-24T14:58:11Z"}
drone_converter  | {"level":"debug","msg":"converter: invalid signature in http.Request","time":"2022-03-24T14:58:47Z"}
drone            | {"commit":"d6736f08d0cfa7d749406171ba796b2ba79855bb","error":"Invalid Signature\n","event":"custom","level":"warning","msg":"trigger: cannot convert yaml","ref":"refs/heads/kuba/droneCI","repo":"3sky/solid","time":"2022-03-24T14:58:47Z"}

### Expected behavior

I expected a connection with the converter.

Hello! Re-opening issue #70.

@jimsheldon hello and thanks for the response!
Unfortunately I cannot get it working :/ I am using the same versions as you and your .drone.yml and still nothing.
For README.md changes I get both pipelines running, and for non README.md changes I get only the pr pipeline.

Drone configs allow YAML anchors:

drone_gcs_cache_common: &drone_gcs_cache_common
  image: homerovalle/drone-gcs-cache
  settings:
    bucket: foo
    restore: true
  environment:
    GCS_CACHE_JSON_KEY:
      from_secret: gcs_cache_json_key

then in practice:

- name: restore_master_caches
  <<: *drone_gcs_cache_common
  when:
    event: push
    branch: master

- name: restore_pr_caches
  <<: *drone_gcs_cache_common
  when:
    event: pull_request

However, if combined with use of when: paths:, YAML anchors declared in the config cause Linter errors - they are apparently interpreted as steps with no name attribute.

Given:

kind: pipeline
type: docker
name: test

drone_gcs_cache_common: &drone_gcs_cache_common
  image: homerovalle/drone-gcs-cache
  settings:
    bucket: foo
    restore: true

steps:
- name: foo
  image: node:12.14.1
  commands: 
  - npm i
  when:
    paths:
      include:
      - README.md

This will break immediately when run by Drone:

Linter: invalid or missing step name

If the when block is removed completely: everything works.
when also works when paths is not present.

Help?

Observed Behaviour

I recently made an empty commit and our pipelines triggered by include clauses all kicked off. This was problematic for us since we have production infra pipelines which we did not want kicked off at that time, and could have caused outages for us.

Steps to Reproduce

1. Include a path include trigger on your pipeline.
2. Push a commit with no files.

Expected Behaviour

I would expect pipelines triggered by include clauses to only go off if that path name is matched by a changed file, so no include pipeline should run.

I saw this bug report from 2 years ago and this issue is basically the opposite case. The author of this bug report says "The pipeline should run, since none of the files didn't match (can't exclude nothing)." and we have the case where no files were included so the pipeline should not run, since none of the files were included.

Currently, I am trying to setup a pipeline that runs on pull_requests but exclude some changes. My .drone.yml looks like this:

kind: pipeline
name: pr

trigger:
  event:
  - pull_request
  paths:
    exclude:
    - README.md
 ...

It seems to pickup the event trigger, and ignore the paths block. Is it desirable? I wonder if it's possible to declare exclude without having an include declaration?

On the same yaml file, I also have:

---
kind: pipeline
name: test-pr

trigger:
  paths:
    - README.md
 ...

so effectively what happens, is when I make README.md changes, two jobs are triggered once I push to Github: On the first job, both pr and test-pr pipelines run, while on the second job, only test-pr pipeline runs.

Ideally, what I'd like is to run everything for the pr pipeline, only when there are not README.md changes, without running test-pr in parallel, and run test-pr pipeline when there are changes on README.md file, but for pull_requests only.

I've been hacking at this for the last few hours, but nothing's seeming to fix it.

Here's the full YAML file if it helps:

---
name: Build and Publish (Alpha Release)
kind: pipeline
type: docker
environment:
  test: testing
  pkgname: mpm\-alpha
  release_type: alpha
  nexus_repository_password:
    from_secret: nexus_repository_password
  DEBIAN_FRONTEND: noninteractive

trigger:
  event:
    - push
  branch:
    - alpha
  paths:
    include:
      - src/PKGBUILD
      - .trigger

steps:
  - name: build
    image: ubuntu
    commands:
      - scripts/build.sh
---
kind: signature
hmac: 0bd067baf86af239a29ff6d44954f8e4abeba37c9be15a7952245799d21b7c88

...

Built-in conditions can work without a include: https://docs.drone.io/pipeline/docker/syntax/conditions/

Problem: drone jsonnet --stream auto remove include if there is no exclude: https://github.com/drone/drone-yaml/blob/master/yaml/pretty/pipeline.go#L161

it caused this conversion extension does not work as expected.

As a temporary, I have to remove this part of code to make it work.

I will try to create a PR to fix it.

Many of the module dependencies in this project are out of date, we should update to the latest versions available.

Thanks for the amazing work with this extension!

Any chance you'll make an arm64 image available?

I have a bit of an odd workflow perhaps. I am using drone jsonnet to generate my final yml output. That plugin runs all of the final yaml through a parse and pretty-print phase. So even if I input jsonnet like:

trigger+: {
    paths+: {
      include: ["abc"],
    },
  },

drone jsonnet will output something like:

trigger:
  paths:
  - abc

Rather than have Include and Exclude fields, they assume a single string or list of strings is an Include. They have custom parsing and printing routines to handle those assumptions.

So if I generate yml with those compacted forms, this plugin will then choke with "yaml: unmarshal errors:\n line 79: cannot unmarshal !!seq into plugin.condition".

Perhaps this plugin should be using drone-yaml for its data types?

I guess one workaround I could do is add in an exclude for a random filename that won't ever exist to make it generate the full schema.

Describe the bug

BB_ADDRESS env var is not present on the BB server example and it is required.

We're currently using Github Server and this extension would be extremely useful.

Add gogs support

I'm trying to get it to work on my existing Gitea and DroneCI.
Your image appears to be running but fails in DroneCI and gets the following error

{"level":"info","msg":"server listening on address :3000","time":"2021-12-19T16:11:06Z"}
{"build_action":"","build_after":"d8aa21222644e2d4c3da049a63a68ccff7e264cc","build_before":"7f8d4ce2eb5cd416be621e83af3dc5869516be65","build_event":"push","build_ref":"refs/heads/master","build_source":"master","build_target":"master","build_trigger":"@hook","level":"info","msg":"initiated","repo_name":"blog","repo_namespace":"gitea","time":"2021-12-19T16:33:29Z"}
{"build_after":"d8aa21222644e2d4c3da049a63a68ccff7e264cc","build_before":"7f8d4ce2eb5cd416be621e83af3dc5869516be65","level":"info","msg":"a path field was seen","repo_name":"blog","repo_namespace":"gitea","time":"2021-12-19T16:33:29Z"}
{"level":"debug","msg":"converter: cannot convert configuration: gitea/blog: master: ","time":"2021-12-19T16:33:29Z"}

How my docker compose looks like:

version: "3"
services:
  gitea:
    image: gitea/gitea:1.14.6
    volumes:
      - /share/docker/swarm/appdata/gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro

  drone:
    image: drone/drone:2.1.0
    environment:
      - DRONE_DEBUG=true
      - DRONE_ADMIN=admin
      - DRONE_USER_CREATE=username:admin,admin:true
      - DRONE_SERVER_PORT=:80
      - DRONE_DATABASE_DRIVER=sqlite3
      - DRONE_GIT_ALWAYS_AUTH=false
      - DRONE_GITEA_SERVER=https://gitea.mydomain.com
      - DRONE_RPC_SECRET=ert26a2221fd8090ea38720fc445eca6
      - DRONE_SERVER_HOST=drone.mydomain.com
      - DRONE_HOST=https://drone.mydomain.com
      - DRONE_SERVER_PROTO=https
      - DRONE_TLS_AUTOCERT=false
      - DRONE_AGENTS_ENABLED=true
      - DRONE_GITEA_CLIENT_ID=06854c15-3165-4627-4352-8c5e25d7249d
      - DRONE_GITEA_CLIENT_SECRET=r4lJu-xetRS1WQA0DFGBkT_uwayKaNmNZ6L0dYsbEi0=
      - DRONE_LOGS_DEBUG=true
      - DRONE_LOGS_TEXT=true
      - DRONE_LOGS_PRETTY=true
      - DRONE_LOGS_COLOR=true
      - DRONE_CONVERT_PLUGIN_ENDPOINT=http://192.168.1.174:3003
      - DRONE_CONVERT_PLUGIN_SECRET=ert26a2221fd8090ea38720fc445eca6
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /share/docker/swarm/appdata/drone:/data

  drone-convert-pathschanged:
    image: meltwater/drone-convert-pathschanged
    depends_on:
      - drone
    environment:
      - DRONE_DEBUG=true
      - DRONE_SECRET=ert26a2221fd8090ea38720fc445eca6
      - TOKEN=44b979dc674998f99906865de89f6896abb67197
      - PROVIDER=github
      - GITHUB_SERVER=https://gitea.mydomain.com
    ports:
      - 3003:3000

Am I missing somsthing here?
should DRONE_CONVERT_PLUGIN_ENDPOINT be the url of the convert image?
and DRONE_CONVERT_PLUGIN_SECRET the same as DRONE_RPC_SECRET?

thanks in advance.

Hi, i would like to know if there's some limitation to use pathschangeg with jsonnet?

I'm trying to use, but every time that i commit something, all steps runs.

I already generate the yml file using drone jsonnet --target .drone-json.yml --stream and if i use this yml file, the pathschange works fine, but if i change to use jsonnet don't.

YML file generated:

---
kind: pipeline
name: terraform-buildstaging-plan

platform:
  os: linux
  arch: amd64

concurrency:
  limit: 1

steps:
- name: terraform-acm-plan
  pull: always
  image: my-pipeline
  settings:
    command: plan
    folders: acm
  environment:
    AWS_DEFAULT_REGION: us-east-1
  when:
    branch:
      exclude:
      - master
    event:
      exclude:
      - pull_request
    paths:
      include:
      - terraform/acm/**
      exclude:
      - README.md
  depends_on:
  - clone
...

PS.: I put the exclude just to test. If i use only include, the yml generated exclude the include key.

Describe the bug

When there are no files included in a commit with only an exclude trigger on the pipeline, the convert plugin will exclude the pipeline by default.

This is a bit weird, and was discovered because of faulty drone bitbucket server integration not sending the "before" commit on the webhook, meaning merge commits always showed no files changed. But, could be an issue if someone pushes a commit created with --allow-empty.

This may be a bit of an edge case, but I thought I'd bring it up as it was a bit hard to track down why the pipeline wasn't running.

Steps to reproduce

Steps to reproduce the behavior:

1. Include a paths exclude trigger on your pipeline.
2. Push a commit with no files.

Expected behavior

The pipeline should run, since none of the files didn't match (can't exclude nothing).

as per the README.md documentation, i can see only 2 examples :

• Github
• Bitbucket Server

Are you going to support Bitbucket Cloud ?

Feature

Allow passing TLS cert and key paths via cli or env vars to use when serving http requests.

Wondering about Gitea support.

There are configs for github and bitbucket. How about gitea ? What exactly would be required ?

Thanks for this great conversion extension with drone!!
And according to the guide, it seems we need to config DRONE_CONVERT_PLUGIN_ENDPOINT to include this conversion plugin, but since we've already define DRONE_CONVERT_PLUGIN_ENDPOINT for our internal use,
is there any possible method to support both conversion extension together?

Thanks

Hello,

Is it a planned feature to support merging multiple drone.yml files ?
It would ensure better readability of the pipelines and provide more flexibility for mono-repos.

Thanks

Feature

This would be essentially the same as how drone-server takes --env-file=<path> to set environment variables.

More discussion in #41

Hi 👋

Thanks so much for writing and maintaining this awesome plugin!

I wanted to open a quick issue about the access token scopes that are required for this to work, namely it seems that the token actually needs full access to private repos, instead of just access to commit statuses in order to work. Is that something that others have seen?

Thanks!

Hi!
Have you considered the possibility of using this include/exclude clauses for the trigger phase?
Example:

trigger:
  event:
  - push
  paths:
    exclude:
    - some-path/**"

Hello, Jsonnet is a much more flexible configuration language than yaml. My use case is one where a .drone.yml file would repeat code dozens of times. Jsonnet allows me to stay DRY. But this plugin doesn't work if I use a .drone.jsonnet file directly.

Are there plans to support Jsonnet with this plugin?

Debt Description

Based on multiple requests from GitHub to cleanup the personal access tokens of the meltwater-foundation user we need to scrub the drone-convert-pathschanged plugin token and retire secrets both on development and production services, there is no instance found of its use.

Version(s) Affected

All

Code / Process Detail

https://github.com/meltwater/drone-convert-pathschanged/blob/master/.drone.yml

Is there a way to configure drone yaml with your plugin so that it can run with master change or one specific file change? Which means either case satisfies it will run.