From 2d21d2af9ef907ed3407b07d6a0191c39a29ee54 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 19 Mar 2022 14:16:38 +0000 Subject: [PATCH] Make migrations SKIP_TLS_VERIFY apply to git too (#19132) Make SKIP_TLS_VERIFY apply to git data migrations too through adding the `-c http.sslVerify=false` option to the git clone command. Fix #18998 Signed-off-by: Andrew Thornton --- modules/git/repo.go | 22 +++++++++++++--------- modules/repository/repo.go | 16 +++++++++------- services/migrations/dump.go | 17 ++++++++++------- 3 files changed, 32 insertions(+), 23 deletions(-) diff --git a/modules/git/repo.go b/modules/git/repo.go index 8217521b0..5ba39ac7e 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -98,15 +98,16 @@ func (repo *Repository) IsEmpty() (bool, error) { // CloneRepoOptions options when clone a repository type CloneRepoOptions struct { - Timeout time.Duration - Mirror bool - Bare bool - Quiet bool - Branch string - Shared bool - NoCheckout bool - Depth int - Filter string + Timeout time.Duration + Mirror bool + Bare bool + Quiet bool + Branch string + Shared bool + NoCheckout bool + Depth int + Filter string + SkipTLSVerify bool } // Clone clones original repository to target path. @@ -124,6 +125,9 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo } cmd := NewCommandContextNoGlobals(ctx, args...).AddArguments("clone") + if opts.SkipTLSVerify { + cmd.AddArguments("-c", "http.sslVerify=false") + } if opts.Mirror { cmd.AddArguments("--mirror") } diff --git a/modules/repository/repo.go b/modules/repository/repo.go index ed9ed508b..13710bd4a 100644 --- a/modules/repository/repo.go +++ b/modules/repository/repo.go @@ -72,9 +72,10 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User, } if err = git.Clone(ctx, opts.CloneAddr, repoPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { return repo, fmt.Errorf("Clone: %v", err) } @@ -88,10 +89,11 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User, } if err = git.Clone(ctx, wikiRemotePath, wikiPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, - Branch: "master", + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + Branch: "master", + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { log.Warn("Clone wiki: %v", err) if err := util.RemoveAll(wikiPath); err != nil { diff --git a/services/migrations/dump.go b/services/migrations/dump.go index 9a093ef29..594b78511 100644 --- a/services/migrations/dump.go +++ b/services/migrations/dump.go @@ -22,6 +22,7 @@ import ( "code.gitea.io/gitea/modules/log" base "code.gitea.io/gitea/modules/migration" "code.gitea.io/gitea/modules/repository" + "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "gopkg.in/yaml.v2" @@ -149,9 +150,10 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp } err = git.Clone(g.ctx, remoteAddr, repoPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }) if err != nil { return fmt.Errorf("Clone: %v", err) @@ -166,10 +168,11 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp } if err := git.Clone(g.ctx, wikiRemotePath, wikiPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, - Branch: "master", + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + Branch: "master", + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { log.Warn("Clone wiki: %v", err) if err := os.RemoveAll(wikiPath); err != nil {