#3202

Committed 25 Jul 2025 04:52PM UTC coverage: 67.669% (-27.3%) from 94.935%

Build # #3202

Build Type

push

screwdriver

Committed by

web-flow

Commit Message

feat(3363): Update the existing endpoint to get admin for a pipeline from the specified SCM context (#3370)

Run Details

1284 of 2114 branches covered (60.74%)

Branch coverage included in aggregate %.

1 of 11 new or added lines in 1 file covered. (9.09%)

1235 existing lines in 49 files now uncovered.

3417 of 4833 relevant lines covered (70.7%)

50.53 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

31.58

/plugins/secrets/remove.js

'use strict';

const boom = require('@hapi/boom');
const joi = require('joi');
const schema = require('screwdriver-data-schema');
const logger = require('screwdriver-logger');
const idSchema = schema.models.secret.base.extract('id');

module.exports = () => ({
    method: 'DELETE',
    path: '/secrets/{id}',
    options: {
        description: 'Remove a single secret',
        notes: 'Returns null if successful',
        tags: ['api', 'secrets'],
        auth: {
            strategies: ['token'],
            scope: ['user', '!guest', 'pipeline']
        },

        handler: async (request, h) => {
            const { secretFactory } = request.server.app;
            const { credentials } = request.auth;
            const { canAccess } = request.server.plugins.secrets;

            // Get the secret first
            return secretFactory
                .get(request.params.id)
                .then(secret => {
                    if (!secret) {
                        throw boom.notFound('Secret does not exist');
                    }

                    // Make sure that user has permission before deleting
                    return canAccess(credentials, secret, 'admin', request.server.app)
                        .then(async () => {
                            logger.info(
                                `[Audit] user ${credentials.username}:${credentials.scmContext} deletes the secret key:${secret.name} from pipelineId:${secret.pipelineId}.`
                            );
                            await secret.remove();
                        })
                        .then(() => h.response().code(204));
                })
                .catch(err => {
                    throw err;
                });
        },
        validate: {
            params: joi.object({
                id: idSchema
            })
        }
    }
});

1	'use strict';
2
3	const boom = require('@hapi/boom');	1✔
4	const joi = require('joi');	1✔
5	const schema = require('screwdriver-data-schema');	1✔
6	const logger = require('screwdriver-logger');	1✔
7	const idSchema = schema.models.secret.base.extract('id');	1✔
8
9	module.exports = () => ({	66✔
10	method: 'DELETE',
11	path: '/secrets/{id}',
12	options: {
13	description: 'Remove a single secret',
14	notes: 'Returns null if successful',
15	tags: ['api', 'secrets'],
16	auth: {
17	strategies: ['token'],
18	scope: ['user', '!guest', 'pipeline']
19	},
20
21	handler: async (request, h) => {
UNCOV 22	const { secretFactory } = request.server.app;	×
UNCOV 23	const { credentials } = request.auth;	×
UNCOV 24	const { canAccess } = request.server.plugins.secrets;	×
25
26	// Get the secret first
UNCOV 27	return secretFactory	×
28	.get(request.params.id)
29	.then(secret => {
UNCOV 30	if (!secret) {	×
UNCOV 31	throw boom.notFound('Secret does not exist');	×
32	}
33
34	// Make sure that user has permission before deleting
UNCOV 35	return canAccess(credentials, secret, 'admin', request.server.app)	×
36	.then(async () => {
UNCOV 37	logger.info(	×
38	`[Audit] user ${credentials.username}:${credentials.scmContext} deletes the secret key:${secret.name} from pipelineId:${secret.pipelineId}.`
39	);
UNCOV 40	await secret.remove();	×
41	})
UNCOV 42	.then(() => h.response().code(204));	×
43	})
44	.catch(err => {
UNCOV 45	throw err;	×
46	});
47	},
48	validate: {
49	params: joi.object({
50	id: idSchema
51	})
52	}
53	}
54	});

screwdriver-cd / screwdriver / #3202

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous