Compare commits
17 commits
d224514695
...
a689f330ce
Author | SHA1 | Date | |
---|---|---|---|
a689f330ce | |||
|
cc80e66153 | ||
|
b7cff17de1 | ||
|
82d1eeb47e | ||
|
5f64346931 | ||
|
4889a3a171 | ||
|
8dcc7d9e8c | ||
|
8f5d5d49bc | ||
|
e702e79625 | ||
|
c2f9eacd50 | ||
|
cb8ec2287f | ||
|
fd47240545 | ||
|
127d9f743a | ||
|
2ee30d2651 | ||
|
387aea4434 | ||
|
69007f1444 | ||
|
c369619805 |
19 changed files with 282 additions and 29 deletions
|
@ -57,7 +57,7 @@ jobs:
|
||||||
uses: https://code.forgejo.org/actions/setup-go@v4
|
uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
if: secrets.ROLE == 'forgejo-experimental'
|
if: secrets.ROLE == 'forgejo-experimental'
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
check-latest: true
|
check-latest: true
|
||||||
- name: update the _release.experimental DNS record
|
- name: update the _release.experimental DNS record
|
||||||
if: secrets.ROLE == 'forgejo-experimental'
|
if: secrets.ROLE == 'forgejo-experimental'
|
||||||
|
|
|
@ -16,7 +16,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
check-latest: true
|
check-latest: true
|
||||||
- run: make deps-backend deps-tools
|
- run: make deps-backend deps-tools
|
||||||
- run: make lint-backend
|
- run: make lint-backend
|
||||||
|
@ -30,7 +30,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
check-latest: true
|
check-latest: true
|
||||||
- run: make deps-backend deps-tools
|
- run: make deps-backend deps-tools
|
||||||
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs
|
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs
|
||||||
|
@ -49,7 +49,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
- run: |
|
- run: |
|
||||||
git config --add safe.directory '*'
|
git config --add safe.directory '*'
|
||||||
adduser --quiet --comment forgejo --disabled-password forgejo
|
adduser --quiet --comment forgejo --disabled-password forgejo
|
||||||
|
@ -85,7 +85,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
- name: install dependencies
|
- name: install dependencies
|
||||||
run: |
|
run: |
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
@ -128,7 +128,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
- name: install dependencies
|
- name: install dependencies
|
||||||
run: |
|
run: |
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
@ -162,7 +162,7 @@ jobs:
|
||||||
- uses: https://code.forgejo.org/actions/checkout@v3
|
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||||
with:
|
with:
|
||||||
go-version: "1.21.9"
|
go-version: "1.21"
|
||||||
- name: install dependencies
|
- name: install dependencies
|
||||||
run: |
|
run: |
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
2
Makefile
2
Makefile
|
@ -89,7 +89,7 @@ endif
|
||||||
VERSION = ${GITEA_VERSION}
|
VERSION = ${GITEA_VERSION}
|
||||||
|
|
||||||
# SemVer
|
# SemVer
|
||||||
FORGEJO_VERSION := 6.0.10+0-gitea-1.21.10
|
FORGEJO_VERSION := 6.0.11+0-gitea-1.21.11
|
||||||
|
|
||||||
LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" -X "code.gitea.io/gitea/routers/api/forgejo/v1.ForgejoVersion=$(FORGEJO_VERSION)" -X "main.ForgejoVersion=$(FORGEJO_VERSION)"
|
LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" -X "code.gitea.io/gitea/routers/api/forgejo/v1.ForgejoVersion=$(FORGEJO_VERSION)" -X "main.ForgejoVersion=$(FORGEJO_VERSION)"
|
||||||
|
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -72,7 +72,7 @@ require (
|
||||||
github.com/lib/pq v1.10.9
|
github.com/lib/pq v1.10.9
|
||||||
github.com/markbates/goth v1.78.0
|
github.com/markbates/goth v1.78.0
|
||||||
github.com/mattn/go-isatty v0.0.20
|
github.com/mattn/go-isatty v0.0.20
|
||||||
github.com/mattn/go-sqlite3 v1.14.17
|
github.com/mattn/go-sqlite3 v1.14.22
|
||||||
github.com/meilisearch/meilisearch-go v0.25.1
|
github.com/meilisearch/meilisearch-go v0.25.1
|
||||||
github.com/mholt/archiver/v3 v3.5.1
|
github.com/mholt/archiver/v3 v3.5.1
|
||||||
github.com/microcosm-cc/bluemonday v1.0.26
|
github.com/microcosm-cc/bluemonday v1.0.26
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -714,8 +714,8 @@ github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m
|
||||||
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
||||||
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||||
github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
|
github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
|
||||||
github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
|
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||||
github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
|
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
||||||
github.com/meilisearch/meilisearch-go v0.25.1 h1:D5wY22sn5kkpRH3uYMGlwltdUEq5regIFmO7awHz3Vo=
|
github.com/meilisearch/meilisearch-go v0.25.1 h1:D5wY22sn5kkpRH3uYMGlwltdUEq5regIFmO7awHz3Vo=
|
||||||
|
|
|
@ -17,3 +17,23 @@
|
||||||
updated: 1683636626
|
updated: 1683636626
|
||||||
need_approval: 0
|
need_approval: 0
|
||||||
approved_by: 0
|
approved_by: 0
|
||||||
|
-
|
||||||
|
id: 891
|
||||||
|
title: "update actions"
|
||||||
|
repo_id: 1
|
||||||
|
owner_id: 1
|
||||||
|
workflow_id: "artifact.yaml"
|
||||||
|
index: 187
|
||||||
|
trigger_user_id: 1
|
||||||
|
ref: "refs/heads/branch2"
|
||||||
|
commit_sha: "985f0301dba5e7b34be866819cd15ad3d8f508ee"
|
||||||
|
event: "push"
|
||||||
|
is_fork_pull_request: 0
|
||||||
|
status: 1 # success
|
||||||
|
started: 1683636528
|
||||||
|
stopped: 1683636626
|
||||||
|
created: 1683636108
|
||||||
|
updated: 1683636626
|
||||||
|
need_approval: 0
|
||||||
|
approved_by: 0
|
||||||
|
event_payload: '{"head_commit":{"id":"5f22f7d0d95d614d25a5b68592adb345a4b5c7fd"}}'
|
||||||
|
|
|
@ -12,3 +12,17 @@
|
||||||
status: 1
|
status: 1
|
||||||
started: 1683636528
|
started: 1683636528
|
||||||
stopped: 1683636626
|
stopped: 1683636626
|
||||||
|
-
|
||||||
|
id: 292
|
||||||
|
run_id: 891
|
||||||
|
repo_id: 1
|
||||||
|
owner_id: 1
|
||||||
|
commit_sha: 985f0301dba5e7b34be866819cd15ad3d8f508ee
|
||||||
|
is_fork_pull_request: 0
|
||||||
|
name: job_2
|
||||||
|
attempt: 1
|
||||||
|
job_id: job_2
|
||||||
|
task_id: 47
|
||||||
|
status: 1
|
||||||
|
started: 1683636528
|
||||||
|
stopped: 1683636626
|
||||||
|
|
|
@ -9,6 +9,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
actions_model "code.gitea.io/gitea/models/actions"
|
||||||
"code.gitea.io/gitea/models/db"
|
"code.gitea.io/gitea/models/db"
|
||||||
"code.gitea.io/gitea/models/perm"
|
"code.gitea.io/gitea/models/perm"
|
||||||
repo_model "code.gitea.io/gitea/models/repo"
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
|
@ -401,6 +402,8 @@ func DeleteOrganization(ctx context.Context, org *Organization) error {
|
||||||
&TeamUnit{OrgID: org.ID},
|
&TeamUnit{OrgID: org.ID},
|
||||||
&TeamInvite{OrgID: org.ID},
|
&TeamInvite{OrgID: org.ID},
|
||||||
&secret_model.Secret{OwnerID: org.ID},
|
&secret_model.Secret{OwnerID: org.ID},
|
||||||
|
&actions_model.ActionRunner{OwnerID: org.ID},
|
||||||
|
&actions_model.ActionRunnerToken{OwnerID: org.ID},
|
||||||
); err != nil {
|
); err != nil {
|
||||||
return fmt.Errorf("DeleteBeans: %w", err)
|
return fmt.Errorf("DeleteBeans: %w", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,7 +44,7 @@ func (c *FilesystemClient) Download(ctx context.Context, objects []Pointer, call
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer f.Close()
|
||||||
if err := callback(p, f, nil); err != nil {
|
if err := callback(p, f, nil); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -75,7 +75,7 @@ func (c *FilesystemClient) Upload(ctx context.Context, objects []Pointer, callba
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer f.Close()
|
||||||
_, err = io.Copy(f, content)
|
_, err = io.Copy(f, content)
|
||||||
|
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -9,6 +9,8 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
actions_model "code.gitea.io/gitea/models/actions"
|
actions_model "code.gitea.io/gitea/models/actions"
|
||||||
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
"code.gitea.io/gitea/modules/actions"
|
"code.gitea.io/gitea/modules/actions"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
|
@ -54,6 +56,18 @@ func (s *Service) Register(
|
||||||
return nil, errors.New("runner registration token has been invalidated, please use the latest one")
|
return nil, errors.New("runner registration token has been invalidated, please use the latest one")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if runnerToken.OwnerID > 0 {
|
||||||
|
if _, err := user_model.GetUserByID(ctx, runnerToken.OwnerID); err != nil {
|
||||||
|
return nil, errors.New("owner of the token not found")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if runnerToken.RepoID > 0 {
|
||||||
|
if _, err := repo_model.GetRepositoryByID(ctx, runnerToken.RepoID); err != nil {
|
||||||
|
return nil, errors.New("repository of the token not found")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
labels := req.Msg.Labels
|
labels := req.Msg.Labels
|
||||||
// TODO: agent_labels should be removed from pb after Gitea 1.20 released.
|
// TODO: agent_labels should be removed from pb after Gitea 1.20 released.
|
||||||
// Old version runner's agent_labels slice is not empty and labels slice is empty.
|
// Old version runner's agent_labels slice is not empty and labels slice is empty.
|
||||||
|
|
|
@ -101,6 +101,57 @@ func (ctx *preReceiveContext) AssertCreatePullRequest() bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (ctx *preReceiveContext) canChangeSettings() bool {
|
||||||
|
if !ctx.loadPusherAndPermission() {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
perm, err := access_model.GetUserRepoPermission(ctx, ctx.Repo.Repository, ctx.user)
|
||||||
|
if err != nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
if !perm.IsOwner() && !perm.IsAdmin() {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
if ctx.Repo.Repository.IsFork {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
func (ctx *preReceiveContext) assertChangeSettings() bool {
|
||||||
|
opts := web.GetForm(ctx).(*private.HookOptions)
|
||||||
|
|
||||||
|
if len(opts.GitPushOptions) == 0 {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
_, hasPrivateOpt := opts.GitPushOptions[private.GitPushOptionRepoPrivate]
|
||||||
|
_, hasTemplateOpt := opts.GitPushOptions[private.GitPushOptionRepoTemplate]
|
||||||
|
|
||||||
|
if !hasPrivateOpt && !hasTemplateOpt {
|
||||||
|
// If neither `repo.private` nor `repo.template` is present in
|
||||||
|
// the push options, we're good to go without further permission
|
||||||
|
// checking.
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Either `repo.private` or `repo.template` is among the push options,
|
||||||
|
// do some permission checks.
|
||||||
|
if !ctx.canChangeSettings() {
|
||||||
|
if ctx.Written() {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
ctx.JSON(http.StatusForbidden, private.Response{
|
||||||
|
UserMsg: "Permission denied for changing repo settings.",
|
||||||
|
})
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
// HookPreReceive checks whether a individual commit is acceptable
|
// HookPreReceive checks whether a individual commit is acceptable
|
||||||
func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
||||||
opts := web.GetForm(ctx).(*private.HookOptions)
|
opts := web.GetForm(ctx).(*private.HookOptions)
|
||||||
|
@ -111,6 +162,10 @@ func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
||||||
opts: opts,
|
opts: opts,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !ourCtx.assertChangeSettings() {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// Iterate across the provided old commit IDs
|
// Iterate across the provided old commit IDs
|
||||||
for i := range opts.OldCommitIDs {
|
for i := range opts.OldCommitIDs {
|
||||||
oldCommitID := opts.OldCommitIDs[i]
|
oldCommitID := opts.OldCommitIDs[i]
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/charset"
|
"code.gitea.io/gitea/modules/charset"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
"code.gitea.io/gitea/modules/git"
|
"code.gitea.io/gitea/modules/git"
|
||||||
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/markup"
|
"code.gitea.io/gitea/modules/markup"
|
||||||
"code.gitea.io/gitea/modules/typesniffer"
|
"code.gitea.io/gitea/modules/typesniffer"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
|
@ -44,20 +45,17 @@ func RenderFile(ctx *context.Context) {
|
||||||
isTextFile := st.IsText()
|
isTextFile := st.IsText()
|
||||||
|
|
||||||
rd := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
|
rd := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
|
||||||
|
ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'; sandbox allow-scripts")
|
||||||
|
|
||||||
if markupType := markup.Type(blob.Name()); markupType == "" {
|
if markupType := markup.Type(blob.Name()); markupType == "" {
|
||||||
if isTextFile {
|
if isTextFile {
|
||||||
_, err = io.Copy(ctx.Resp, rd)
|
_, _ = io.Copy(ctx.Resp, rd)
|
||||||
if err != nil {
|
} else {
|
||||||
ctx.ServerError("Copy", err)
|
http.Error(ctx.Resp, "Unsupported file type render", http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
ctx.Error(http.StatusInternalServerError, "Unsupported file type render")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'; sandbox allow-scripts")
|
|
||||||
err = markup.Render(&markup.RenderContext{
|
err = markup.Render(&markup.RenderContext{
|
||||||
Ctx: ctx,
|
Ctx: ctx,
|
||||||
RelativePath: ctx.Repo.TreePath,
|
RelativePath: ctx.Repo.TreePath,
|
||||||
|
@ -71,7 +69,8 @@ func RenderFile(ctx *context.Context) {
|
||||||
InStandalonePage: true,
|
InStandalonePage: true,
|
||||||
}, rd, ctx.Resp)
|
}, rd, ctx.Resp)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.ServerError("Render", err)
|
log.Error("Failed to render file %q: %v", ctx.Repo.TreePath, err)
|
||||||
|
http.Error(ctx.Resp, "Failed to render file", http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,6 +15,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
api "code.gitea.io/gitea/modules/structs"
|
api "code.gitea.io/gitea/modules/structs"
|
||||||
webhook_module "code.gitea.io/gitea/modules/webhook"
|
webhook_module "code.gitea.io/gitea/modules/webhook"
|
||||||
|
files_service "code.gitea.io/gitea/services/repository/files"
|
||||||
|
|
||||||
"github.com/nektos/act/pkg/jobparser"
|
"github.com/nektos/act/pkg/jobparser"
|
||||||
)
|
)
|
||||||
|
@ -114,18 +115,15 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
|
||||||
}
|
}
|
||||||
|
|
||||||
creator := user_model.NewActionsUser()
|
creator := user_model.NewActionsUser()
|
||||||
if err := git_model.NewCommitStatus(ctx, git_model.NewCommitStatusOptions{
|
if err := files_service.CreateCommitStatus(ctx, repo, creator,
|
||||||
Repo: repo,
|
sha,
|
||||||
SHA: sha,
|
&git_model.CommitStatus{
|
||||||
Creator: creator,
|
|
||||||
CommitStatus: &git_model.CommitStatus{
|
|
||||||
SHA: sha,
|
SHA: sha,
|
||||||
TargetURL: fmt.Sprintf("%s/jobs/%d", run.Link(), index),
|
TargetURL: fmt.Sprintf("%s/jobs/%d", run.Link(), index),
|
||||||
Description: description,
|
Description: description,
|
||||||
Context: ctxname,
|
Context: ctxname,
|
||||||
CreatorID: creator.ID,
|
CreatorID: creator.ID,
|
||||||
State: state,
|
State: state,
|
||||||
},
|
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
return fmt.Errorf("NewCommitStatus: %w", err)
|
return fmt.Errorf("NewCommitStatus: %w", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -452,7 +452,7 @@ func handleSchedules(
|
||||||
RepoID: input.Repo.ID,
|
RepoID: input.Repo.ID,
|
||||||
OwnerID: input.Repo.OwnerID,
|
OwnerID: input.Repo.OwnerID,
|
||||||
WorkflowID: dwf.EntryName,
|
WorkflowID: dwf.EntryName,
|
||||||
TriggerUserID: input.Doer.ID,
|
TriggerUserID: user_model.ActionsUserID,
|
||||||
Ref: input.Repo.DefaultBranch,
|
Ref: input.Repo.DefaultBranch,
|
||||||
CommitSHA: commit.ID.String(),
|
CommitSHA: commit.ID.String(),
|
||||||
Event: webhook_module.HookEventType(api.HookScheduleCreated),
|
Event: webhook_module.HookEventType(api.HookScheduleCreated),
|
||||||
|
|
|
@ -72,6 +72,11 @@ func (g *GitBucketDownloader) LogString() string {
|
||||||
// NewGitBucketDownloader creates a GitBucket downloader
|
// NewGitBucketDownloader creates a GitBucket downloader
|
||||||
func NewGitBucketDownloader(ctx context.Context, baseURL, userName, password, token, repoOwner, repoName string) *GitBucketDownloader {
|
func NewGitBucketDownloader(ctx context.Context, baseURL, userName, password, token, repoOwner, repoName string) *GitBucketDownloader {
|
||||||
githubDownloader := NewGithubDownloaderV3(ctx, baseURL, userName, password, token, repoOwner, repoName)
|
githubDownloader := NewGithubDownloaderV3(ctx, baseURL, userName, password, token, repoOwner, repoName)
|
||||||
|
// Gitbucket 4.40 uses different internal hard-coded perPage values.
|
||||||
|
// Issues, PRs, and other major parts use 25. Release page uses 10.
|
||||||
|
// Some API doesn't support paging yet. Sounds difficult, but using
|
||||||
|
// minimum number among them worked out very well.
|
||||||
|
githubDownloader.maxPerPage = 10
|
||||||
githubDownloader.SkipReactions = true
|
githubDownloader.SkipReactions = true
|
||||||
githubDownloader.SkipReviews = true
|
githubDownloader.SkipReviews = true
|
||||||
return &GitBucketDownloader{
|
return &GitBucketDownloader{
|
||||||
|
|
|
@ -164,6 +164,7 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, uid, r
|
||||||
&actions_model.ActionScheduleSpec{RepoID: repoID},
|
&actions_model.ActionScheduleSpec{RepoID: repoID},
|
||||||
&actions_model.ActionSchedule{RepoID: repoID},
|
&actions_model.ActionSchedule{RepoID: repoID},
|
||||||
&actions_model.ActionArtifact{RepoID: repoID},
|
&actions_model.ActionArtifact{RepoID: repoID},
|
||||||
|
&actions_model.ActionRunnerToken{RepoID: repoID},
|
||||||
); err != nil {
|
); err != nil {
|
||||||
return fmt.Errorf("deleteBeans: %w", err)
|
return fmt.Errorf("deleteBeans: %w", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -95,6 +95,7 @@ func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error)
|
||||||
&actions_model.ActionRunner{OwnerID: u.ID},
|
&actions_model.ActionRunner{OwnerID: u.ID},
|
||||||
&user_model.BlockedUser{BlockID: u.ID},
|
&user_model.BlockedUser{BlockID: u.ID},
|
||||||
&user_model.BlockedUser{UserID: u.ID},
|
&user_model.BlockedUser{UserID: u.ID},
|
||||||
|
&actions_model.ActionRunnerToken{OwnerID: u.ID},
|
||||||
); err != nil {
|
); err != nil {
|
||||||
return fmt.Errorf("deleteBeans: %w", err)
|
return fmt.Errorf("deleteBeans: %w", err)
|
||||||
}
|
}
|
||||||
|
|
48
tests/integration/actions_commit_status_test.go
Normal file
48
tests/integration/actions_commit_status_test.go
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
// Copyright 20124 The Forgejo Authors. All rights reserved.
|
||||||
|
// SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
|
package integration
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
actions_model "code.gitea.io/gitea/models/actions"
|
||||||
|
"code.gitea.io/gitea/models/db"
|
||||||
|
issues_model "code.gitea.io/gitea/models/issues"
|
||||||
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
|
"code.gitea.io/gitea/models/unittest"
|
||||||
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
"code.gitea.io/gitea/services/actions"
|
||||||
|
"code.gitea.io/gitea/services/automerge"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestActionsAutomerge(t *testing.T) {
|
||||||
|
onGiteaRun(t, func(t *testing.T, u *url.URL) {
|
||||||
|
assert.True(t, setting.Actions.Enabled, "Actions should be enabled")
|
||||||
|
|
||||||
|
ctx := db.DefaultContext
|
||||||
|
|
||||||
|
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
|
||||||
|
pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
|
||||||
|
job := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunJob{ID: 292})
|
||||||
|
|
||||||
|
assert.False(t, pr.HasMerged, "PR should not be merged")
|
||||||
|
assert.Equal(t, issues_model.PullRequestStatusMergeable, pr.Status, "PR should be mergable")
|
||||||
|
|
||||||
|
scheduled, err := automerge.ScheduleAutoMerge(ctx, user, pr, repo_model.MergeStyleMerge, "Dummy")
|
||||||
|
|
||||||
|
assert.NoError(t, err, "PR should be scheduled for automerge")
|
||||||
|
assert.True(t, scheduled, "PR should be scheduled for automerge")
|
||||||
|
|
||||||
|
actions.CreateCommitStatus(ctx, job)
|
||||||
|
|
||||||
|
pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
|
||||||
|
|
||||||
|
assert.True(t, pr.HasMerged, "PR should be merged")
|
||||||
|
},
|
||||||
|
)
|
||||||
|
}
|
95
tests/integration/git_push_test.go
Normal file
95
tests/integration/git_push_test.go
Normal file
|
@ -0,0 +1,95 @@
|
||||||
|
// Copyright 2024 The Gitea Authors. All rights reserved.
|
||||||
|
// SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
|
package integration
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models/db"
|
||||||
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
|
"code.gitea.io/gitea/models/unittest"
|
||||||
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
|
repo_module "code.gitea.io/gitea/modules/repository"
|
||||||
|
repo_service "code.gitea.io/gitea/services/repository"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestOptionsGitPush(t *testing.T) {
|
||||||
|
onGiteaRun(t, testOptionsGitPush)
|
||||||
|
}
|
||||||
|
|
||||||
|
func testOptionsGitPush(t *testing.T, u *url.URL) {
|
||||||
|
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
|
||||||
|
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
|
||||||
|
Name: "repo-to-push",
|
||||||
|
Description: "test git push",
|
||||||
|
AutoInit: false,
|
||||||
|
DefaultBranch: "main",
|
||||||
|
IsPrivate: false,
|
||||||
|
})
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.NotEmpty(t, repo)
|
||||||
|
|
||||||
|
gitPath := t.TempDir()
|
||||||
|
|
||||||
|
doGitInitTestRepository(gitPath)(t)
|
||||||
|
|
||||||
|
u.Path = repo.FullName() + ".git"
|
||||||
|
u.User = url.UserPassword(user.LowerName, userPassword)
|
||||||
|
doGitAddRemote(gitPath, "origin", u)(t)
|
||||||
|
|
||||||
|
{
|
||||||
|
// owner sets private & template to true via push options
|
||||||
|
branchName := "branch1"
|
||||||
|
doGitCreateBranch(gitPath, branchName)(t)
|
||||||
|
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
|
||||||
|
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.True(t, repo.IsPrivate)
|
||||||
|
require.True(t, repo.IsTemplate)
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
// owner sets private & template to false via push options
|
||||||
|
branchName := "branch2"
|
||||||
|
doGitCreateBranch(gitPath, branchName)(t)
|
||||||
|
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=false", "-o", "repo.template=false")(t)
|
||||||
|
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.False(t, repo.IsPrivate)
|
||||||
|
require.False(t, repo.IsTemplate)
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
// create a collaborator with write access
|
||||||
|
collaborator := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
|
||||||
|
u.User = url.UserPassword(collaborator.LowerName, userPassword)
|
||||||
|
doGitAddRemote(gitPath, "collaborator", u)(t)
|
||||||
|
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||||
|
require.NoError(t, err)
|
||||||
|
repo_module.AddCollaborator(db.DefaultContext, repo, collaborator)
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
// collaborator with write access is allowed to push
|
||||||
|
branchName := "branch3"
|
||||||
|
doGitCreateBranch(gitPath, branchName)(t)
|
||||||
|
doGitPushTestRepository(gitPath, "collaborator", branchName)(t)
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
// collaborator with write access fails to change private & template via push options
|
||||||
|
branchName := "branch4"
|
||||||
|
doGitCreateBranch(gitPath, branchName)(t)
|
||||||
|
doGitPushTestRepositoryFail(gitPath, "collaborator", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
|
||||||
|
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||||
|
require.NoError(t, err)
|
||||||
|
require.False(t, repo.IsPrivate)
|
||||||
|
require.False(t, repo.IsTemplate)
|
||||||
|
}
|
||||||
|
|
||||||
|
require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, user.ID, repo.ID))
|
||||||
|
}
|
Loading…
Reference in a new issue