Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
}
gradlew_schema = Schema({
Required("using"): "gradlew",
Optional("pre-gradlew"): [[text_type]],
Required("gradlew"): [text_type],
Optional("post-gradlew"): [[text_type]],
# Base work directory used to set up the task.
Required("workdir"): text_type,
Optional("use-caches"): bool,
Optional("secrets"): [secret_schema],
})
run_commands_schema = Schema({
Required("using"): "run-commands",
Required("commands"): [[taskref_or_string]],
Required("workdir"): text_type,
Optional("use-caches"): bool,
Optional("secrets"): [secret_schema],
})
@run_job_using("docker-worker", "run-commands", schema=run_commands_schema)
def configure_run_commands_schema(config, job, taskdesc):
run = job["run"]
pre_commands = [
_generate_secret_command(secret) for secret in run.get("secrets", [])
]
all_commands = pre_commands + run.pop("commands", [])
run["command"] = _convert_commands_to_string(all_commands)
_inject_secrets_scopes(run, taskdesc)
Required("taskId"): taskref_or_string,
# type of signing task (for CoT)
Required("taskType"): text_type,
# Paths to the artifacts to sign
Required("paths"): [text_type],
# Signing formats to use on each of the paths
Required("formats"): [text_type],
}
],
},
)
def build_scriptworker_signing_payload(config, task, task_def):
worker = task["worker"]
task_def["tags"]["worker-implementation"] = "scriptworker"
task_def["payload"] = {
Required("taskId"): taskref_or_string,
Required("taskType"): text_type,
Required("paths"): [text_type],
}],
Required("channel"): text_type,
Required("target-store"): text_type,
Required("product"): text_type,
Required("dep"): bool,
}
)
def build_push_apk_payload(config, task, task_def):
worker = task["worker"]
task_def["tags"]["worker-implementation"] = "scriptworker"
task_def["payload"] = {
"target_store": worker["target-store"],
"upstreamArtifacts": worker["upstream-artifacts"],