ovh
diff --git a/‎cli/cdsctl/workflow_export.go
Lines changed: 20 additions & 1 deletion b/‎cli/cdsctl/workflow_export.go
Lines changed: 20 additions & 1 deletion
diff --git a/‎cli/cdsctl/workflow_pull.go
Lines changed: 14 additions & 1 deletion b/‎cli/cdsctl/workflow_pull.go
Lines changed: 14 additions & 1 deletion
diff --git a/‎engine/api/workflow/audit.go
Lines changed: 4 additions & 4 deletions b/‎engine/api/workflow/audit.go
Lines changed: 4 additions & 4 deletions
diff --git a/‎engine/api/workflow/dao.go
Lines changed: 16 additions & 0 deletions b/‎engine/api/workflow/dao.go
Lines changed: 16 additions & 0 deletions
diff --git a/‎engine/api/workflow/dao_node_run_vulnerability.go
Lines changed: 1 addition & 0 deletions b/‎engine/api/workflow/dao_node_run_vulnerability.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎engine/api/workflow/dao_test.go
Lines changed: 4 additions & 4 deletions b/‎engine/api/workflow/dao_test.go
Lines changed: 4 additions & 4 deletions
diff --git a/‎engine/api/workflow/hook.go
Lines changed: 15 additions & 2 deletions b/‎engine/api/workflow/hook.go
Lines changed: 15 additions & 2 deletions
diff --git a/‎engine/api/workflow/workflow_exporter.go
Lines changed: 19 additions & 6 deletions b/‎engine/api/workflow/workflow_exporter.go
Lines changed: 19 additions & 6 deletions
diff --git a/‎engine/api/workflow/workflow_exporter_test.go
Lines changed: 1 addition & 1 deletion b/‎engine/api/workflow/workflow_exporter_test.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎engine/api/workflow/workflow_importer.go
Lines changed: 9 additions & 0 deletions b/‎engine/api/workflow/workflow_importer.go
Lines changed: 9 additions & 0 deletions
@@ -2,9 +2,11 @@ package main
 
 import (
 	"fmt"
+	"net/http"
 	"reflect"
 
 	"github.com/ovh/cds/cli"
+	"github.com/ovh/cds/sdk/cdsclient"
 )
 
 var workflowExportCmd = cli.Command{
@@ -31,7 +33,24 @@ var workflowExportCmd = cli.Command{
 }
 
 func workflowExportRun(c cli.Values) error {
-	btes, err := client.WorkflowExport(c.GetString(_ProjectKey), c.GetString(_WorkflowName), c.GetBool("with-permissions"), c.GetString("format"))
+	mods := []cdsclient.RequestModifier{
+		func(r *http.Request) {
+			q := r.URL.Query()
+			q.Set("format", c.GetString("format"))
+			r.URL.RawQuery = q.Encode()
+		},
+	}
+	if c.GetBool("with-permissions") {
+		mods = append(mods,
+			func(r *http.Request) {
+				q := r.URL.Query()
+				q.Set("withPermissions", "true")
+				r.URL.RawQuery = q.Encode()
+			},
+		)
+	}
+
+	btes, err := client.WorkflowExport(c.GetString(_ProjectKey), c.GetString(_WorkflowName), mods...)
 	if err != nil {
 		return err
 	}
 
@@ -4,12 +4,14 @@ import (
 	"archive/tar"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"path/filepath"
 	"reflect"
 	"strings"
 
 	"github.com/ovh/cds/cli"
+	"github.com/ovh/cds/sdk/cdsclient"
 )
 
@@ -57,7 +59,18 @@ func workflowPullRun(c cli.Values) error {
 		return fmt.Errorf("Unable to create directory %s: %v", c.GetString("output-dir"), err)
 	}
 
-	tr, err := client.WorkflowPull(c.GetString(_ProjectKey), c.GetString(_WorkflowName), c.GetBool("with-permissions"))
+	mods := []cdsclient.RequestModifier{}
+	if c.GetBool("with-permissions") {
+		mods = append(mods,
+			func(r *http.Request) {
+				q := r.URL.Query()
+				q.Set("withPermissions", "true")
+				r.URL.RawQuery = q.Encode()
+			},
+		)
+	}
+
+	tr, err := client.WorkflowPull(c.GetString(_ProjectKey), c.GetString(_WorkflowName), mods...)
 	if err != nil {
 		return err
 	}
 
@@ -63,7 +63,7 @@ func (a addWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {
 	}
 
 	buffer := bytes.NewBufferString("")
-	_, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, false, buffer)
+	_, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, buffer)
 	if errE != nil {
 		return sdk.WrapError(errE, "addWorkflowAudit.Compute> Unable to export workflow")
 	}
@@ -88,12 +88,12 @@ func (u updateWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {
 	}
 
 	oldWorkflowBuffer := bytes.NewBufferString("")
-	_, errE := exportWorkflow(wEvent.OldWorkflow, exportentities.FormatYAML, false, oldWorkflowBuffer)
+	_, errE := exportWorkflow(wEvent.OldWorkflow, exportentities.FormatYAML, oldWorkflowBuffer)
 	if errE != nil {
 		return sdk.WrapError(errE, "updateWorkflowAudit.Compute> Unable to export workflow")
 	}
 	newWorkflowBuffer := bytes.NewBufferString("")
-	_, errN := exportWorkflow(wEvent.NewWorkflow, exportentities.FormatYAML, false, newWorkflowBuffer)
+	_, errN := exportWorkflow(wEvent.NewWorkflow, exportentities.FormatYAML, newWorkflowBuffer)
 	if errN != nil {
 		return sdk.WrapError(errN, "updateWorkflowAudit.Compute> Unable to export workflow")
 	}
@@ -119,7 +119,7 @@ func (d deleteWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {
 	}
 
 	oldWorkflowBuffer := bytes.NewBufferString("")
-	_, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, false, oldWorkflowBuffer)
+	_, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, oldWorkflowBuffer)
 	if errE != nil {
 		return sdk.WrapError(errE, "deleteWorkflowAudit.Compute> Unable to export workflow")
 	}
 
@@ -1040,6 +1040,22 @@ func Push(ctx context.Context, db *gorp.DbMap, store cache.Store, proj *sdk.Proj
 		dryRun = opts.DryRun
 	}
 
+	// In workflow as code context, if we only have the repowebhook, we skip it
+	//  because it will be automatically recreated later with the proper configuration
+	if opts != nil && opts.FromRepository != "" {
+		if len(wrkflw.Workflow) == 0 {
+			if len(wrkflw.PipelineHooks) == 1 && wrkflw.PipelineHooks[0].Model == sdk.RepositoryWebHookModelName {
+				wrkflw.PipelineHooks = nil
+			}
+		} else {
+			for node, hooks := range wrkflw.Hooks {
+				if len(hooks) == 1 && hooks[0].Model == sdk.RepositoryWebHookModelName {
+					wrkflw.Hooks[node] = nil
+				}
+			}
+		}
+	}
+
 	wf, msgList, err := ParseAndImport(ctx, tx, store, proj, &wrkflw, u, ImportOptions{DryRun: dryRun, Force: true})
 	if err != nil {
 		log.Error("Push> Unable to import workflow: %v", err)
 
@@ -205,6 +205,7 @@ func loadLatestRunVulnerabilityReport(db gorp.SqlExecutor, nr *sdk.WorkflowNodeR
 	return dbReport.Report.Summary, nil
 }
 
+// InsertVulnerabilityReport inserts vulnerability report
 func InsertVulnerabilityReport(db gorp.SqlExecutor, report sdk.WorkflowNodeRunVulnerabilityReport) error {
 	dbReport := dbNodeRunVulenrabilitiesReport(report)
 	if err := db.Insert(&dbReport); err != nil {
 
@@ -80,7 +80,7 @@ func TestInsertSimpleWorkflowAndExport(t *testing.T) {
 	test.NoError(t, err)
 	assert.Equal(t, 1, len(ws))
 
-	exp, err := exportentities.NewWorkflow(*w1, false)
+	exp, err := exportentities.NewWorkflow(*w1)
 	test.NoError(t, err)
 	btes, err := exportentities.Marshal(exp, exportentities.FormatYAML)
 	test.NoError(t, err)
@@ -311,7 +311,7 @@ func TestInsertComplexeWorkflowAndExport(t *testing.T) {
 
 	assertEqualNode(t, w.Root, w1.Root)
 
-	exp, err := exportentities.NewWorkflow(w, false)
+	exp, err := exportentities.NewWorkflow(w)
 	test.NoError(t, err)
 	btes, err := exportentities.Marshal(exp, exportentities.FormatYAML)
 	test.NoError(t, err)
@@ -789,7 +789,7 @@ func TestInsertComplexeWorkflowWithJoinsAndExport(t *testing.T) {
 	}, w1.Joins[0].SourceNodeIDs)
 	assert.Equal(t, pip5.Name, w.Joins[0].Triggers[0].WorkflowDestNode.PipelineName)
 
-	exp, err := exportentities.NewWorkflow(*w1, false)
+	exp, err := exportentities.NewWorkflow(*w1)
 	test.NoError(t, err)
 	btes, err := exportentities.Marshal(exp, exportentities.FormatYAML)
 	test.NoError(t, err)
@@ -1250,7 +1250,7 @@ func TestInsertSimpleWorkflowWithHookAndExport(t *testing.T) {
 	assert.Len(t, w.Root.Hooks, 1)
 	t.Log(w.Root.Hooks)
 
-	exp, err := exportentities.NewWorkflow(*w1, false)
+	exp, err := exportentities.NewWorkflow(*w1)
 	test.NoError(t, err)
 	btes, err := exportentities.Marshal(exp, exportentities.FormatYAML)
 	test.NoError(t, err)
 
@@ -295,8 +295,17 @@ func mergeAndDiffHook(oldHooks map[string]sdk.WorkflowNodeHook, newHooks map[str
 
 // DefaultPayload returns the default payload for the workflow root
 func DefaultPayload(ctx context.Context, db gorp.SqlExecutor, store cache.Store, p *sdk.Project, u *sdk.User, wf *sdk.Workflow) (interface{}, error) {
+	if wf.Root.Context == nil {
+		return nil, nil
+	}
+
+	if wf.Root.Context.Application == nil {
+		return wf.Root.Context.DefaultPayload, nil
+	}
+
 	var defaultPayload interface{}
-	if wf.Root.Context == nil || wf.Root.Context.Application == nil || wf.Root.Context.Application.ID == 0 {
+	// Load application if not available
+	if wf.Root.Context != nil && wf.Root.Context.Application == nil && wf.Root.Context.ApplicationID != 0 {
 		app, errLa := application.LoadByID(db, store, wf.Root.Context.ApplicationID, u)
 		if errLa != nil {
 			return wf.Root.Context.DefaultPayload, sdk.WrapError(errLa, "DefaultPayload> unable to load application by id %d", wf.Root.Context.ApplicationID)
@@ -328,10 +337,14 @@ func DefaultPayload(ctx context.Context, db gorp.SqlExecutor, store cache.Store,
 
 		defaultPayload = wf.Root.Context.DefaultPayload
 		if !wf.Root.Context.HasDefaultPayload() {
-			defaultPayload = sdk.WorkflowNodeContextDefaultPayloadVCS{
+			structuredDefaultPayload := sdk.WorkflowNodeContextDefaultPayloadVCS{
 				GitBranch:     defaultBranch,
 				GitRepository: wf.Root.Context.Application.RepositoryFullname,
 			}
+			defaultPayloadBtes, _ := json.Marshal(structuredDefaultPayload)
+			if err := json.Unmarshal(defaultPayloadBtes, &defaultPayload); err != nil {
+				return nil, err
+			}
 		} else if defaultPayloadMap, err := wf.Root.Context.DefaultPayloadToMap(); err == nil && defaultPayloadMap["git.branch"] == "" {
 			defaultPayloadMap["git.branch"] = defaultBranch
 			defaultPayloadMap["git.repository"] = wf.Root.Context.Application.RepositoryFullname
 
@@ -6,6 +6,7 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"reflect"
 
 	"github.com/go-gorp/gorp"
 
@@ -19,7 +20,7 @@ import (
 )
 
 // Export a workflow
-func Export(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk.Project, name string, f exportentities.Format, withPermissions bool, u *sdk.User, w io.Writer) (int, error) {
+func Export(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk.Project, name string, f exportentities.Format, u *sdk.User, w io.Writer, opts ...exportentities.WorkflowOptions) (int, error) {
 	ctx, end := observability.Span(ctx, "workflow.Export")
 	defer end()
 
@@ -28,11 +29,16 @@ func Export(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *s
 		return 0, sdk.WrapError(errload, "workflow.Export> Cannot load workflow %s", name)
 	}
 
-	return exportWorkflow(*wf, f, withPermissions, w)
+	// If repo is from as-code do not export WorkflowSkipIfOnlyOneRepoWebhook
+	if wf.FromRepository != "" {
+		opts = append(opts, exportentities.WorkflowSkipIfOnlyOneRepoWebhook)
+	}
+
+	return exportWorkflow(*wf, f, w, opts...)
 }
 
-func exportWorkflow(wf sdk.Workflow, f exportentities.Format, withPermissions bool, w io.Writer) (int, error) {
-	e, err := exportentities.NewWorkflow(wf, withPermissions)
+
func exportWorkflow(wf sdk.Workflow, f exportentities.Format, w io.Writer, opts ...exportentities.WorkflowOptions) (int, error) {func exportWorkflow(wf sdk.Workflow, f exportentities.Format, w io.Writer, opts ...exportentities.WorkflowOptions) (int, error) {
+	e, err := exportentities.NewWorkflow(wf, opts...)
 	if err != nil {
 		return 0, err
 	}
@@ -52,7 +58,7 @@ func exportWorkflow(wf sdk.Workflow, f exportentities.Format, withPermissions bo
 }
 
 // Pull a workflow with all it dependencies; it writes a tar buffer in the writer
-func Pull(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk.Project, name string, f exportentities.Format, withPermissions bool, encryptFunc sdk.EncryptFunc, u *sdk.User, w io.Writer) error {
+func Pull(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk.Project, name string, f exportentities.Format, encryptFunc sdk.EncryptFunc, u *sdk.User, w io.Writer, opts ...exportentities.WorkflowOptions) error {
 	ctx, end := observability.Span(ctx, "workflow.Pull")
 	defer end()
 
@@ -99,7 +105,7 @@ func Pull(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk
 	tw := tar.NewWriter(w)
 
 	buffw := new(bytes.Buffer)
-	size, errw := exportWorkflow(*wf, f, withPermissions, buffw)
+	size, errw := exportWorkflow(*wf, f, buffw, opts...)
 	if errw != nil {
 		tw.Close()
 		return sdk.WrapError(errw, "workflow.Pull> Unable to export workflow")
@@ -119,6 +125,13 @@ func Pull(ctx context.Context, db gorp.SqlExecutor, cache cache.Store, proj *sdk
 		return sdk.WrapError(err, "workflow.Pull> Unable to copy workflow buffer")
 	}
 
+	var withPermissions bool
+	for _, f := range opts {
+		if reflect.ValueOf(f).Pointer() == reflect.ValueOf(exportentities.WorkflowWithPermissions).Pointer() {
+			withPermissions = true
+		}
+	}
+
 	for _, a := range apps {
 		buff := new(bytes.Buffer)
 		size, err := application.ExportApplication(db, a, f, withPermissions, encryptFunc, buff)
 
@@ -123,7 +123,7 @@ func TestPull(t *testing.T) {
 	test.Equal(t, w.PurgeTags, w1.PurgeTags)
 
 	buff := new(bytes.Buffer)
-	test.NoError(t, workflow.Pull(context.TODO(), db, cache, proj, w1.Name, exportentities.FormatYAML, false, project.EncryptWithBuiltinKey, u, buff))
+	test.NoError(t, workflow.Pull(context.TODO(), db, cache, proj, w1.Name, exportentities.FormatYAML, project.EncryptWithBuiltinKey, u, buff))
 
 	// Open the tar archive for reading.
 	r := bytes.NewReader(buff.Bytes())
 
@@ -117,6 +117,15 @@ func Import(ctx context.Context, db gorp.SqlExecutor, store cache.Store, proj *s
 		return sdk.WrapError(errE, "Import> Cannot check if workflow exists")
 	}
 
+	//Manage default payload
+	var err error
+	if w.Root.Context == nil {
+		w.Root.Context = &sdk.WorkflowNodeContext{}
+	}
+	if w.Root.Context.DefaultPayload, err = DefaultPayload(ctx, db, store, proj, u, w); err != nil {
+		log.Warning("workflow.Import> Cannot set default payload : %v", err)
+	}
+
 	if !doUpdate {
 		if err := Insert(db, store, w, proj, u); err != nil {
 			return sdk.WrapError(err, "Import> Unable to insert workflow")
Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ func (a addWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`buffer := bytes.NewBufferString("")`
`66`		`- _, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, false, buffer)`
	`66`	`+ _, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, buffer)`
`67`	`67`	`if errE != nil {`
`68`	`68`	`return sdk.WrapError(errE, "addWorkflowAudit.Compute> Unable to export workflow")`
`69`	`69`	`}`
`@@ -88,12 +88,12 @@ func (u updateWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`oldWorkflowBuffer := bytes.NewBufferString("")`
`91`		`- _, errE := exportWorkflow(wEvent.OldWorkflow, exportentities.FormatYAML, false, oldWorkflowBuffer)`
	`91`	`+ _, errE := exportWorkflow(wEvent.OldWorkflow, exportentities.FormatYAML, oldWorkflowBuffer)`
`92`	`92`	`if errE != nil {`
`93`	`93`	`return sdk.WrapError(errE, "updateWorkflowAudit.Compute> Unable to export workflow")`
`94`	`94`	`}`
`95`	`95`	`newWorkflowBuffer := bytes.NewBufferString("")`
`96`		`- _, errN := exportWorkflow(wEvent.NewWorkflow, exportentities.FormatYAML, false, newWorkflowBuffer)`
	`96`	`+ _, errN := exportWorkflow(wEvent.NewWorkflow, exportentities.FormatYAML, newWorkflowBuffer)`
`97`	`97`	`if errN != nil {`
`98`	`98`	`return sdk.WrapError(errN, "updateWorkflowAudit.Compute> Unable to export workflow")`
`99`	`99`	`}`
`@@ -119,7 +119,7 @@ func (d deleteWorkflowAudit) Compute(db gorp.SqlExecutor, e sdk.Event) error {`
`119`	`119`	`}`
`120`	`120`
`121`	`121`	`oldWorkflowBuffer := bytes.NewBufferString("")`
`122`		`- _, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, false, oldWorkflowBuffer)`
	`122`	`+ _, errE := exportWorkflow(wEvent.Workflow, exportentities.FormatYAML, oldWorkflowBuffer)`
`123`	`123`	`if errE != nil {`
`124`	`124`	`return sdk.WrapError(errE, "deleteWorkflowAudit.Compute> Unable to export workflow")`
`125`	`125`	`}`
Original file line number	Diff line number	Diff line change
`@@ -205,6 +205,7 @@ func loadLatestRunVulnerabilityReport(db gorp.SqlExecutor, nr *sdk.WorkflowNodeR`
`205`	`205`	`return dbReport.Report.Summary, nil`
`206`	`206`	`}`
`207`	`207`
	`208`	`+// InsertVulnerabilityReport inserts vulnerability report`
`208`	`209`	`func InsertVulnerabilityReport(db gorp.SqlExecutor, report sdk.WorkflowNodeRunVulnerabilityReport) error {`
`209`	`210`	`dbReport := dbNodeRunVulenrabilitiesReport(report)`
`210`	`211`	`if err := db.Insert(&dbReport); err != nil {`