Commit graph

20661 commits

Author SHA1 Message Date
TheFox0x7
c738542201 Open telemetry integration (#3972)
This PR adds opentelemetry and chi wrapper to have basic instrumentation

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3972): <!--number 3972 --><!--line 0 --><!--description YWRkIHN1cHBvcnQgZm9yIGJhc2ljIHJlcXVlc3QgdHJhY2luZyB3aXRoIG9wZW50ZWxlbWV0cnk=-->add support for basic request tracing with opentelemetry<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3972
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2024-08-05 06:04:39 +00:00
0ko
7c74def6ff i18n(en): remove unused strings (#4805)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4805
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-05 05:54:29 +00:00
Earl Warren
e08e47bbec
Update module golang.org/x/sys to v0.23.0 (license updates) 2024-08-05 07:45:16 +02:00
forgejo-renovate-action
3d4271e731 Merge pull request 'Update renovate to v38.18.12 (forgejo)' (#4815) from renovate/forgejo-renovate into forgejo 2024-08-05 05:29:17 +00:00
Earl Warren
811d96e74a Merge pull request 'Lock file maintenance (forgejo)' (#4818) from renovate/forgejo-lock-file-maintenance into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4818
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-05 05:27:45 +00:00
Solomon Victorino
3ee5bc262f fix(ui): handle out-of-bounds end line in code selection (#4788)
- fallback to the last line, preventing TypeError
- add E2E test

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4788
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Solomon Victorino <git@solomonvictorino.com>
Co-committed-by: Solomon Victorino <git@solomonvictorino.com>
2024-08-05 04:45:07 +00:00
Renovate Bot
a3fa6c7d8e Lock file maintenance 2024-08-05 02:06:16 +00:00
Renovate Bot
2c95baffeb Update module golang.org/x/sys to v0.23.0 2024-08-05 02:04:33 +00:00
Renovate Bot
00ae44129d Update renovate to v38.18.12 2024-08-05 00:02:57 +00:00
Gergely Nagy
cd17eb0fa7
activitypub: Sign the Host header too
Mastodon with `AUTHORIZED_FETCH` enabled requires the `Host` header to
be signed too, add it to the default for `setting.Federation.GetHeaders`
and `setting.Federation.PostHeaders`.

For this to work, we need to sign the request later: not immediately
after `NewRequest`, but just before sending them out with `client.Do`.
Doing so also lets us use `setting.Federation.GetHeaders` (we were using
`.PostHeaders` even for GET requests before).

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-04 23:57:48 +02:00
Earl Warren
c031881a20 Merge pull request 'Update module github.com/meilisearch/meilisearch-go to v0.27.2 (forgejo)' (#4799) from renovate/forgejo-github.com-meilisearch-meilisearch-go-0.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4799
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-08-04 16:25:38 +00:00
Earl Warren
359f712b46
chore(release-notes): weekly cherry-pick week 2024-32 2024-08-04 18:24:10 +02:00
Lunny Xiao
46f9fc2bc6
Rename head branch of pull requests when renaming a branch (#31759)
Fix #31716

(cherry picked from commit 572aaebd96b43bc576fe32187be82f689e855464)
2024-08-04 18:24:10 +02:00
Lunny Xiao
19fe44e4aa
Fix wiki revision pagination (#31760)
Fix #31755

(cherry picked from commit 976f78eb772801a978e2fe9ab35dfb769a8f852b)
2024-08-04 18:24:10 +02:00
Earl Warren
5f1017f27d
chore: update .deadcode.out 2024-08-04 18:24:10 +02:00
Kemal Zebari
1aaa70fddb
Remove unused code from models/repos/release.go (#31756)
These blocks aren't used anywhere else when doing a grep search.

(cherry picked from commit 0e3d8f80486be11ff53bdd9030a8b32d4f477d19)
2024-08-04 18:24:10 +02:00
Jason Song
0c40cff9a4
Clear up old Actions logs (#31735)
Part of #24256.

Clear up old action logs to free up storage space.

Users will see a message indicating that the log has been cleared if
they view old tasks.

<img width="1361" alt="image"
src="https://github.com/user-attachments/assets/9f0f3a3a-bc5a-402f-90ca-49282d196c22">

Docs: https://gitea.com/gitea/docs/pulls/40

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 687c1182482ad9443a5911c068b317a91c91d586)

Conflicts:
	custom/conf/app.example.ini
	routers/web/repo/actions/view.go
  trivial context conflict
2024-08-04 18:24:10 +02:00
Denys Konovalov
5734499778
add skip secondary authorization option for public oauth2 clients (#31454) (migration v301)
(cherry picked from commit a8d0c879c38e21a8e78db627119bf622d919ee75)
2024-08-04 18:24:10 +02:00
Henry Goodman
ee8f3e09f8
Allow force push to protected branches (#28086) (migration v300)
Fixes #22722

Currently, it is not possible to force push to a branch with branch
protection rules in place. There are often times where this is necessary
(CI workflows/administrative tasks etc).

The current workaround is to rename/remove the branch protection,
perform the force push, and then reinstate the protections.

Provide an additional section in the branch protection rules to allow
users to specify which users with push access can also force push to the
branch. The default value of the rule will be set to `Disabled`, and the
UI is intuitive and very similar to the `Push` section.

It is worth noting in this implementation that allowing force push does
not override regular push access, and both will need to be enabled for a
user to force push.

This applies to manual force push to a remote, and also in Gitea UI
updating a PR by rebase (which requires force push)

This modifies the `BranchProtection` API structs to add:
- `enable_force_push bool`
- `enable_force_push_whitelist bool`
- `force_push_whitelist_usernames string[]`
- `force_push_whitelist_teams string[]`
- `force_push_whitelist_deploy_keys bool`

<img width="943" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/7491899c-d816-45d5-be84-8512abd156bf">

branch `test` being a protected branch:

![image](https://github.com/go-gitea/gitea/assets/79623665/e018e6e9-b7b2-4bd3-808e-4947d7da35cc)
<img width="1038" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/57ead13e-9006-459f-b83c-7079e6f4c654">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 12cb1d2998f2a307713ce979f8d585711e92061c)
2024-08-04 18:24:10 +02:00
Jason Song
3fdaabcdcf
Use UTC as default timezone when schedule Actions cron tasks (#31742)
Fix #31657.

According to the
[doc](https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#onschedule)
of GitHub Actions, The timezone for cron should be UTC, not the local
timezone. And Gitea Actions doesn't have any reasons to change this, so
I think it's a bug.

However, Gitea Actions has extended the syntax, as it supports
descriptors like `@weekly` and `@every 5m`, and supports specifying the
timezone like `TZ=UTC 0 10 * * *`. So we can make it use UTC only when
the timezone is not specified, to be compatible with GitHub Actions, and
also respect the user's specified.

It does break the feature because the times to run tasks would be
changed, and it may confuse users. So I don't think we should backport
this.

## ⚠️ BREAKING ⚠️

If the server's local time zone is not UTC, a scheduled task would run
at a different time after upgrading Gitea to this version.

(cherry picked from commit 21a73ae642b15982a911837775c9583deb47220c)
2024-08-04 18:24:10 +02:00
Jason Song
f6b1407e4c
Add permission description for API to add repo collaborator (#31744)
Fix #31552.

(cherry picked from commit 333c9ed8cab961b6dd58b04edc47a57dc4d6dbab)
2024-08-04 18:24:10 +02:00
Jason Song
6844258c67
Clarify Actions resources ownership (#31724)
Fix #31707.

Also related to #31715.

Some Actions resources could has different types of ownership. It could
be:

- global: all repos and orgs/users can use it.
- org/user level: only the org/user can use it.
- repo level: only the repo can use it.

There are two ways to distinguish org/user level from repo level:
1. `{owner_id: 1, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.
2. `{owner_id: 0, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.

The first way seems more reasonable, but it may not be true. The point
is that although a resource, like a runner, belongs to a repo (it can be
used by the repo), the runner doesn't belong to the repo's org (other
repos in the same org cannot use the runner). So, the second method
makes more sense.

And the first way is not user-friendly to query, we must set the repo id
to zero to avoid wrong results.

So, #31715 should be right. And the most simple way to fix #31707 is
just:

```diff
-	shared.GetRegistrationToken(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
+	shared.GetRegistrationToken(ctx, 0, ctx.Repo.Repository.ID)
```

However, it is quite intuitive to set both owner id and repo id since
the repo belongs to the owner. So I prefer to be compatible with it. If
we get both owner id and repo id not zero when creating or finding, it's
very clear that the caller want one with repo level, but set owner id
accidentally. So it's OK to accept it but fix the owner id to zero.

(cherry picked from commit a33e74d40d356e8f628ac06a131cb203a3609dec)
2024-08-04 18:24:10 +02:00
Jason Song
2302cf63c8
Distinguish LFS object errors to ignore missing objects during migration (#31702)
Fix #31137.

Replace #31623 #31697.

When migrating LFS objects, if there's any object that failed (like some
objects are losted, which is not really critical), Gitea will stop
migrating LFS immediately but treat the migration as successful.

This PR checks the error according to the [LFS api
doc](https://github.com/git-lfs/git-lfs/blob/main/docs/api/batch.md#successful-responses).

> LFS object error codes should match HTTP status codes where possible:
>
> - 404 - The object does not exist on the server.
> - 409 - The specified hash algorithm disagrees with the server's
acceptable options.
> - 410 - The object was removed by the owner.
> - 422 - Validation error.

If the error is `404`, it's safe to ignore it and continue migration.
Otherwise, stop the migration and mark it as failed to ensure data
integrity of LFS objects.

And maybe we should also ignore others errors (maybe `410`? I'm not sure
what's the difference between "does not exist" and "removed by the
owner".), we can add it later when some users report that they have
failed to migrate LFS because of an error which should be ignored.

(cherry picked from commit 09b56fc0690317891829906d45c1d645794c63d5)
2024-08-04 18:24:10 +02:00
Jason Song
51f414d466
Improve names of cron jobs for Actions (#31736)
Before:

<img width="1641" alt="image"
src="https://github.com/user-attachments/assets/60fa3f3e-cf19-4903-b080-616aef28057b">

After:

<img width="1674" alt="image"
src="https://github.com/user-attachments/assets/b04fd01e-838d-45c3-9655-cb39a2f7d1f2">

(cherry picked from commit 9ac57c957f9dc88b1394008d6efb79f29a4c3396)

Conflicts:
	options/locale/locale_en-US.ini
  trivial context conflict
2024-08-04 18:23:54 +02:00
Earl Warren
fd33cc5b45 Merge pull request 'Prevent uppercase in header of dashboard context selector' (#4806) from 0ko/forgejo:ui-dashboard-context-fix into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4806
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-04 13:21:30 +00:00
0ko
a4f1d0bc43 fix(ui): prevent uppercase in header of dashboard context selector 2024-08-04 16:10:15 +05:00
yp05327
c784a58740
Fix the display of project type for deleted projects (#31732)
Fix: #31727
After:

![image](https://github.com/user-attachments/assets/1dfb4b31-3bd6-47f7-b126-650f33f453e2)

(cherry picked from commit 75d0b61546e00390afdd850149de525dd64336a5)

Conflicts:
	options/locale/locale_en-US.ini
  trivial conflict & fix excessive uppercase to unify with the other translations
2024-08-04 10:14:34 +02:00
yp05327
49eb831663
Fix Null Pointer error for CommitStatusesHideActionsURL (#31731)
Fix https://github.com/go-gitea/gitea/pull/30156#discussion_r1695247028

Forgot fixing it in #31719

(cherry picked from commit 0a11bce87f07233d5f02554b8f3b4a2aabd37769)
2024-08-04 10:14:34 +02:00
Jason Song
43b184cf07
Move registerActionsCleanup to initActionsTasks (#31721)
There's already `initActionsTasks`; it will avoid additional check for
if Actions enabled to move `registerActionsCleanup` into it.

And we don't really need `OlderThanConfig`.

(cherry picked from commit f989f464386139592b6911cad1be4c901eb97fe5)
2024-08-04 10:14:34 +02:00
Jason Song
92fbc8e216
Set owner id to zero when GetRegistrationToken for repo (#31725)
Fix #31707.

It's split from #31724.

Although #31724 could also fix #31707, it has change a lot so it's not a
good idea to backport it.

(cherry picked from commit 81fa471119a6733d257f63f8c2c1f4acc583d21b)
2024-08-04 10:14:34 +02:00
Bo-Yi Wu
6a4d1dfab8
fix(api): owner ID should be zero when created repo secret (#31715)
- Change condition to include `RepoID` equal to 0 for organization
secrets

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit d39bce7f003cf2137a5a561ed488c7b638e52275)

Conflicts:
	routers/api/v1/repo/action.go
  trivial context conflict (PathParams vs Params)
2024-08-04 10:14:34 +02:00
Jason Song
6e63afe31f
Fix API endpoint for registration-token (#31722)
Partially fix #31707. Related to #30656

(cherry picked from commit bf5ae79c5163b8dd6a3185711ad11893b1270f62)
2024-08-04 10:14:34 +02:00
yp05327
2be49a3745
Fix loadRepository error when access user dashboard (#31719)
(cherry picked from commit 7b388630ecb4537f9bb04e55cbb10eb7cf83b9c5)
2024-08-04 10:14:34 +02:00
Lunny Xiao
7850fa30a5
Make GetRepositoryByName more safer (#31712)
Fix #31708

(cherry picked from commit d109923ed8e58bce0ad26b47385edbc79403803d)
2024-08-04 10:14:34 +02:00
Earl Warren
170c1c5152
Hide the "Details" link of commit status when the user cannot access actions (followup)
commit.Status may be nil
2024-08-04 10:14:34 +02:00
Earl Warren
c8e5e39865
Hide the "Details" link of commit status when the user cannot access actions (testifylint) 2024-08-04 08:54:32 +02:00
Zettat123
0dbc623028
Hide the "Details" link of commit status when the user cannot access actions (#30156)
Fix #26685

If a commit status comes from Gitea Actions and the user cannot access
the repo's actions unit (the user does not have the permission or the
actions unit is disabled), a 404 page will occur after clicking the
"Details" link. We should hide the "Details" link in this case.

<img
src="https://github.com/go-gitea/gitea/assets/15528715/68361714-b784-4bb5-baab-efde4221f466"
width="400px" />

(cherry picked from commit 7dec8de9147b20c014d68bb1020afe28a263b95a)

Conflicts:
	routers/web/repo/commit.go
  trivial context commit
2024-08-04 08:47:07 +02:00
Exploding Dragon
f17194ca91 Arch packages implementation (#4785)
This PR is from https://github.com/go-gitea/gitea/pull/31037

This PR was originally created by @d1nch8g , and the original source code comes from https://ion.lc/core/gitea.

This PR adds a package registry for [Arch Linux](https://archlinux.org/) packages with support for package files, [signatures](https://wiki.archlinux.org/title/Pacman/Package_signing), and automatic [pacman-database](https://archlinux.org/pacman/repo-add.8.html) management.

Features:

1. Push any ` tar.zst ` package and Gitea sign it.
2. Delete endpoint for specific package version and all related files
3. Supports trust levels with `SigLevel = Required`.
4. Package UI with instructions to connect to the new pacman database and visualised package metadata

![](/attachments/810ca6df-bd20-44c2-bdf7-95e94886d750)

You can follow [this tutorial](https://wiki.archlinux.org/title/Creating_packages) to build a *.pkg.tar.zst package for testing

docs pr: https://codeberg.org/forgejo/docs/pulls/791

Co-authored-by: d1nch8g@ion.lc
Co-authored-by: @KN4CK3R
Co-authored-by: @mahlzahn
Co-authored-by: @silverwind
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4785
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-08-04 06:16:29 +00:00
0ko
22d3659803 i18n(en): remove unused string admin.auths.enable_auto_register (#4797)
Introduced in d2aff9a46a.
Removed in cd37fccdfb.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4797
Reviewed-by: Otto <otto@codeberg.org>
2024-08-04 03:09:02 +00:00
Renovate Bot
d0684334b3 Update module github.com/meilisearch/meilisearch-go to v0.27.2 2024-08-04 00:03:09 +00:00
Earl Warren
e99be039d4 Merge pull request 'chore(ci): do not hardcode go version, use go.mod instead' (#4792) from earl-warren/forgejo:wip-go-mod into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4792
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: thefox <thefox@noreply.codeberg.org>
2024-08-03 14:51:59 +00:00
Earl Warren
94f3589623
chore(ci): do not hardcode go version, use go.mod instead 2024-08-03 11:53:55 +02:00
0ko
37151d75cb Merge pull request 'Refactor user-cards as a grid' (#4760) from 0ko/forgejo:ui-usercards-grid into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4760
Reviewed-by: Caesar Schinas <caesar@caesarschinas.com>
2024-08-02 17:43:40 +00:00
0ko
cad8d09ba8 ui: refactor user-cards as a grid 2024-08-02 19:27:31 +05:00
Earl Warren
63fdc1298f Merge pull request 'Soft-quota foundations' (#4212) from algernon/forgejo:quota/helpers into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4212
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-02 12:27:45 +00:00
Gergely Nagy
f826f673d1
feat(quota): Add a terse release not about quotas
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
Gergely Nagy
67fa52dedb
feat(quota): Quota enforcement
The previous commit laid out the foundation of the quota engine, this
one builds on top of it, and implements the actual enforcement.

Enforcement happens at the route decoration level, whenever possible. In
case of the API, when over quota, a 413 error is returned, with an
appropriate JSON payload. In case of web routes, a 413 HTML page is
rendered with similar information.

This implementation is for a **soft quota**: quota usage is checked
before an operation is to be performed, and the operation is *only*
denied if the user is already over quota. This makes it possible to go
over quota, but has the significant advantage of being practically
implementable within the current Forgejo architecture.

The goal of enforcement is to deny actions that can make the user go
over quota, and allow the rest. As such, deleting things should - in
almost all cases - be possible. A prime exemption is deleting files via
the web ui: that creates a new commit, which in turn increases repo
size, thus, is denied if the user is over quota.

Limitations
-----------

Because we generally work at a route decorator level, and rarely
look *into* the operation itself, `size:repos:public` and
`size:repos:private` are not enforced at this level, the engine enforces
against `size:repos:all`. This will be improved in the future.

AGit does not play very well with this system, because AGit PRs count
toward the repo they're opened against, while in the GitHub-style fork +
pull model, it counts against the fork. This too, can be improved in the
future.

There's very little done on the UI side to guard against going over
quota. What this patch implements, is enforcement, not prevention. The
UI will still let you *try* operations that *will* result in a denial.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
Gergely Nagy
a414703c09
tests: Add an IsTemplate option to DeclarativeRepoOptions
This lets us use `CreateDeclarativeRepoWithOptions` to create template
repositories.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
Gergely Nagy
e1fe3bbdc0
feat(quota): Humble beginnings of a quota engine
This is an implementation of a quota engine, and the API routes to
manage its settings. This does *not* contain any enforcement code: this
is just the bedrock, the engine itself.

The goal of the engine is to be flexible and future proof: to be nimble
enough to build on it further, without having to rewrite large parts of
it.

It might feel a little more complicated than necessary, because the goal
was to be able to support scenarios only very few Forgejo instances
need, scenarios the vast majority of mostly smaller instances simply do
not care about. The goal is to support both big and small, and for that,
we need a solid, flexible foundation.

There are thee big parts to the engine: counting quota use, setting
limits, and evaluating whether the usage is within the limits. Sounds
simple on paper, less so in practice!

Quota counting
==============

Quota is counted based on repo ownership, whenever possible, because
repo owners are in ultimate control over the resources they use: they
can delete repos, attachments, everything, even if they don't *own*
those themselves. They can clean up, and will always have the permission
and access required to do so. Would we count quota based on the owning
user, that could lead to situations where a user is unable to free up
space, because they uploaded a big attachment to a repo that has been
taken private since. It's both more fair, and much safer to count quota
against repo owners.

This means that if user A uploads an attachment to an issue opened
against organization O, that will count towards the quota of
organization O, rather than user A.

One's quota usage stats can be queried using the `/user/quota` API
endpoint. To figure out what's eating into it, the
`/user/repos?order_by=size`, `/user/quota/attachments`,
`/user/quota/artifacts`, and `/user/quota/packages` endpoints should be
consulted. There's also `/user/quota/check?subject=<...>` to check
whether the signed-in user is within a particular quota limit.

Quotas are counted based on sizes stored in the database.

Setting quota limits
====================

There are different "subjects" one can limit usage for. At this time,
only size-based limits are implemented, which are:

- `size:all`: As the name would imply, the total size of everything
  Forgejo tracks.
- `size:repos:all`: The total size of all repositories (not including
  LFS).
- `size:repos:public`: The total size of all public repositories (not
  including LFS).
- `size:repos:private`: The total size of all private repositories (not
  including LFS).
- `size:git:all`: The total size of all git data (including all
  repositories, and LFS).
- `size:git:lfs`: The size of all git LFS data (either in private or
  public repos).
- `size:assets:all`: The size of all assets tracked by Forgejo.
- `size:assets:attachments:all`: The size of all kinds of attachments
  tracked by Forgejo.
- `size:assets:attachments:issues`: Size of all attachments attached to
  issues, including issue comments.
- `size:assets:attachments:releases`: Size of all attachments attached
  to releases. This does *not* include automatically generated archives.
- `size:assets:artifacts`: Size of all Action artifacts.
- `size:assets:packages:all`: Size of all Packages.
- `size:wiki`: Wiki size

Wiki size is currently not tracked, and the engine will always deem it
within quota.

These subjects are built into Rules, which set a limit on *all* subjects
within a rule. Thus, we can create a rule that says: "1Gb limit on all
release assets, all packages, and git LFS, combined". For a rule to
stand, the total sum of all subjects must be below the rule's limit.

Rules are in turn collected into groups. A group is just a name, and a
list of rules. For a group to stand, all of its rules must stand. Thus,
if we have a group with two rules, one that sets a combined 1Gb limit on
release assets, all packages, and git LFS, and another rule that sets a
256Mb limit on packages, if the user has 512Mb of packages, the group
will not stand, because the second rule deems it over quota. Similarly,
if the user has only 128Mb of packages, but 900Mb of release assets, the
group will not stand, because the combined size of packages and release
assets is over the 1Gb limit of the first rule.

Groups themselves are collected into Group Lists. A group list stands
when *any* of the groups within stand. This allows an administrator to
set conservative defaults, but then place select users into additional
groups that increase some aspect of their limits.

To top it off, it is possible to set the default quota groups a user
belongs to in `app.ini`. If there's no explicit assignment, the engine
will use the default groups. This makes it possible to avoid having to
assign each and every user a list of quota groups, and only those need
to be explicitly assigned who need a different set of groups than the
defaults.

If a user has any quota groups assigned to them, the default list will
not be considered for them.

The management APIs
===================

This commit contains the engine itself, its unit tests, and the quota
management APIs. It does not contain any enforcement.

The APIs are documented in-code, and in the swagger docs, and the
integration tests can serve as an example on how to use them.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 11:10:34 +02:00
Gergely Nagy
250f87db59
feat(api): An order_by param for user.ListMyRepos
Add an optional `order_by` parameter to the `user.ListMyRepos`
handler (which handles the `/api/v1/user/repos` route), allowing a user
to sort repos by name (the default), id, or size.

The latter will be useful later for figuring out which repos use most
space, which repos eat most into a user's quota.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-08-02 10:52:21 +02:00