Compare commits

...

28 commits

Author SHA1 Message Date
Earl Warren
012ae8f161
[GITEA] add proper payload to scheduled events 2023-12-21 23:45:50 +01:00
Earl Warren
83cd7a3ad9
[CI] upload the forgejo under test as an artifact for end-to-end (squash) merge feature branches 2023-12-21 22:40:04 +01:00
Earl Warren
d1e8198553 Merge pull request '[CI] upload the forgejo under test as an artifact for end-to-end (squash) do not display env' (#2010) from earl-warren/forgejo:wip-ci-env into forgejo-ci
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2010
Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org>
2023-12-21 20:17:34 +00:00
Earl Warren
d186ec3db4
[CI] upload the forgejo under test as an artifact for end-to-end (squash) do not display env 2023-12-21 18:36:22 +01:00
Earl Warren
ba35f42e3d
[CI] upload the forgejo under test as an artifact for end-to-end (squash) after build 2023-12-21 18:12:23 +01:00
Earl Warren
011de92174
[CI] upload the forgejo under test as an artifact for end-to-end (squash) use forgejo-pr
cascade a PR to https://code.forgejo.org/forgejo/end-to-end on the
forgejo-pr branch which will only run end-to-end tests relevant to a
Forgejo PR and not the entire end-to-end suite.
2023-12-21 17:11:34 +01:00
Earl Warren
ded1f27ebb
[CI] upload the forgejo under test as an artifact for end-to-end 2023-12-19 22:51:12 +01:00
Gusted
d9cde3e346 Merge pull request '[CI] Forgejo Actions based CI for PR & branches (squash) lint workflows' (#1989) from earl-warren/forgejo:wip-ci-lint into forgejo-ci
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1989
Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2023-12-19 20:47:21 +00:00
Earl Warren
074f49937e
[CI] Forgejo Actions based CI for PR & branches (squash) lint workflows 2023-12-19 16:46:03 +01:00
Earl Warren
34513098e5
[CI] Forgejo Actions based release process (squash) lint fix 2023-12-19 16:46:03 +01:00
Gusted
0a3fd21db2
[GITEA] Update crypto dependency
- https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg & https://terrapin-attack.com/
2023-12-19 15:41:23 +01:00
Gusted
a064065cb9
[GITEA] Remove redundant syncBranchToDB
- The transaction in combination with Git push was causing deadlocks if
you had the `push_update` queue set to `immediate`. This was the root
cause of slow integration tests in CI.
- Remove the sync branch code as this is already being done in the Git
post-receive hook.
- Add tests to proof the branch models are in sync even with this code
removed.

(cherry picked from commit 90110e1f44)
2023-12-18 14:39:08 +01:00
Gusted
14b5efb1c4
[CI] Switch to non-coverage unit test (squash)
- Currently the collected coverage is not being used by the CI, so use
the non-coverage variant to not have the overhead of collecting
coverage.

(cherry picked from commit 9b3032c14b)
(cherry picked from commit b0fded409d)
2023-12-18 14:39:08 +01:00
Earl Warren
2e6c29fb2f
[CI] gitignore: emacs backups
(cherry picked from commit 5e418789d9)
(cherry picked from commit 3af6fd2ad3)
(cherry picked from commit 6926787d67)
(cherry picked from commit fe58e86a97)
(cherry picked from commit 5bf7ead625)
(cherry picked from commit 44480ea794)
(cherry picked from commit 813848cebe)
(cherry picked from commit 9c8d889e78)
(cherry picked from commit 914b1dcaf6)
(cherry picked from commit 5449933efa)
(cherry picked from commit 67f007b824)
(cherry picked from commit cf93863cd2)
(cherry picked from commit 82177a0f66)
(cherry picked from commit 3ef1fe468a)
(cherry picked from commit 305c935508)
(cherry picked from commit 268f12c53c)
2023-12-18 14:39:08 +01:00
Earl Warren
3e359ef3cd
[CI] Makefile: release: only supported platforms
(cherry picked from commit 16381262c5)
(cherry picked from commit c93f41dcef)
(cherry picked from commit cf17c69487)
(cherry picked from commit 174b8cf327)
(cherry picked from commit ae1b8dd441)
(cherry picked from commit 1b56d9049f)
(cherry picked from commit 6b00196175)
(cherry picked from commit 087b38c3f3)
(cherry picked from commit 70fcc63816)
(cherry picked from commit 81e2f27426)
(cherry picked from commit 9741a9960b)
(cherry picked from commit 0625fc7ad8)
(cherry picked from commit e7758aaa94)
(cherry picked from commit be25432687)
(cherry picked from commit 64c6d2f263)
(cherry picked from commit 3445ae53e3)
2023-12-18 14:39:08 +01:00
Earl Warren
f185ba6d03
[CI] lint-go-vet: do not include gitea-vet
(cherry picked from commit 8cbbab7fef)
(cherry picked from commit 51113f0f29)
(cherry picked from commit 0d061e411f)
(cherry picked from commit 1eb4e7e691)
(cherry picked from commit 3c3760f3b6)
(cherry picked from commit c11907373d)
(cherry picked from commit d990fcf446)
(cherry picked from commit 62fd8a0b39)
(cherry picked from commit 0663a25341)
(cherry picked from commit c20d4386e5)
(cherry picked from commit 5981040a19)
(cherry picked from commit b62809313f)
(cherry picked from commit 205512ef96)
(cherry picked from commit 8b923cf770)
(cherry picked from commit bdc50fff48)
(cherry picked from commit 35da9d2316)
2023-12-18 14:39:08 +01:00
oliverpool
6245948d6c
[CI] update DNS on experimental release (#1298)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1298
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
(cherry picked from commit 2aebc5ab4d)
(cherry picked from commit 8d66b6e7bc)
(cherry picked from commit c782935f1b)
(cherry picked from commit 51e071da73)
(cherry picked from commit 81dbc87e16)
(cherry picked from commit 7a98204743)
(cherry picked from commit c679954950)
(cherry picked from commit 8e4a03f302)
(cherry picked from commit 5846953f61)
(cherry picked from commit ffda919030)
(cherry picked from commit f923b26d1e)
(cherry picked from commit abfe5ec45d)
(cherry picked from commit 35a7f5eb20)
(cherry picked from commit c996d51bd6)
(cherry picked from commit c9d4a3d917)
(cherry picked from commit ae22f9c34f)
(cherry picked from commit 9c4eee7aab)
2023-12-18 14:39:08 +01:00
Earl Warren
efa8564e76
[CI] Forgejo Actions based release process
Refs: https://codeberg.org/forgejo/website/pulls/230
(cherry picked from commit 87d56bf6c7)

[CI] Forgejo Actions based release process (squash)

base64 -w0 to avoid wrapping when the doer name is long as it creates
a broken config.json

(cherry picked from commit 9efdc27e49)

[CI] Forgejo Actions based release process (squash) generate .xz files and sources

Generate .xz files
Check .sha256
Generate the source tarbal

(cherry picked from commit 7afec520c4)

[CI] Forgejo Actions based release process (squash) release notes

(cherry picked from commit d8f4f4807b)

[CI] Forgejo Actions based release process (squash) publish and sign release

(cherry picked from commit a52778c747)
(cherry picked from commit cf2ec62740)

[CI] Forgejo Actions based release process (squash) version

use Actions environment variables in Makefile (#25319) (#25318)

uses Actions variable to determine the version. But Forgejo builds
happen in a container where they are not available. Do not use them.

Also verify the version of the binary is as expected for sanity check.

(cherry picked from commit 6decf111a1)
(cherry picked from commit 206d0b3886)

[CI] read STORED_VERSION_FILE if available

(cherry picked from commit af74085ebf)

[CI] backward compatible executable compilation

Add a new static-executable target to use in Dockerfiles and restore
the $(EXECUTABLE) target to what it was before to for backward
compatibility.

The release process now builds static executables instead of
dynamically linked ones which makes them more portable. It changes the
requirements at compile time and is not backward compatible. In
particular it may break packaging that rely on the target that
currently creates a dynamically linked executable.

(cherry picked from commit 84d02a174a)
(cherry picked from commit 854be47328)

[CI] Forgejo Actions based release process (squash) doc / ca / verbosity

- Document workflow
- Increase verbosity if VERBOSE=true
- Download the Certificate Authority if behind the VPN

(cherry picked from commit 168d5d5869)
(cherry picked from commit 8756c9a72a)
(cherry picked from commit 2dad7ef20f)

[CI] Forgejo Actions based release process (squash) add assets sources-tarbal

Refs: https://codeberg.org/forgejo/forgejo/issues/1115
(cherry picked from commit 5531d01f19)

[CI] Forgejo Actions based release process (squash) add assets sources-tarbal

bindata.go is a file, not a directory

Refs: https://codeberg.org/forgejo/forgejo/issues/1115
(cherry picked from commit bd88a44778)
(cherry picked from commit b408085138)

[CI] Forgejo Actions based release process (squash) public/assets moved

(cherry picked from commit d8c921d5a6)
(cherry picked from commit f29e50b1a09b1a22fc2dbdb77e9a1def1196175b)

[CI] Fix release notes link

- Use substitution to replace all dots with dashes.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1163

(cherry picked from commit 96783728f53a072915cace392aa269adfe9a5c73)
(cherry picked from commit c8d8bf8996)

[CI] pin go v1.20 for testing

Refs: https://codeberg.org/forgejo/forgejo/issues/1228
(cherry picked from commit fd4b5a013e)
(cherry picked from commit 00bb15f57f)

Conflicts:
	Dockerfile
	Dockerfile.rootless
	see https://codeberg.org/forgejo/forgejo/pulls/1303
(cherry picked from commit 6e2be54a6d)
(cherry picked from commit 346c418b4a)
(cherry picked from commit 49061f8422)
(cherry picked from commit 8229d59b7e)
(cherry picked from commit 70d45d9193)

[CI] Forgejo Actions based release process (squash) need node 18

(cherry picked from commit 722b1f4590)
(cherry picked from commit a91d786169)

[CI] Forgejo Actions based release process (squash) fix indentation

(cherry picked from commit fbdf9d6abb)
(cherry picked from commit 2deff90a13)
(cherry picked from commit 5710a27fda)

[CI] Forgejo Actions based release process (squash) FQIN for docker

Refs: https://codeberg.org/forgejo/forgejo/issues/1600
(cherry picked from commit f63d38deb6)

[CI] Forgejo Actions based release process (squash) use forgejo-curl.sh

(cherry picked from commit c0c3ef506f)
(cherry picked from commit 933ca7ec5d)

Conflicts:
	Dockerfile
	Dockerfile.rootless
	https://codeberg.org/forgejo/forgejo/pulls/1691
(cherry picked from commit 1068e48805)

[CI] Forgejo Actions based release process (squash) size optimization

(cherry picked from commit 3c653ff742)
(cherry picked from commit 398567fc0c)
(cherry picked from commit e585db9a97)
(cherry picked from commit 17e91c96e3)

[CI] Forgejo Actions based release process (squash) gitea to forgejo

(cherry picked from commit 9c06a318b8)
(cherry picked from commit 95859da3b4)
(cherry picked from commit e3a5f6c1ed)
(cherry picked from commit 7b9b259c75)
(cherry picked from commit c4a152c8dc)
(cherry picked from commit b00bf599ef)
(cherry picked from commit a7836ee2ee)
(cherry picked from commit 3ea7dcbd5b)
(cherry picked from commit 454d705e83)
(cherry picked from commit 35e06c3009)
(cherry picked from commit 904468a38f)
(cherry picked from commit 890e86815a)
(cherry picked from commit bf9f94c63d)
(cherry picked from commit d025d061d1)
(cherry picked from commit 32f209a8e1)
(cherry picked from commit 38ef6802fc)
(cherry picked from commit 8a19bbd2a8)
(cherry picked from commit f352dee786)
(cherry picked from commit b53d9fc090)
(cherry picked from commit 3dae21f4c8)
(cherry picked from commit 8b59e016c7)
(cherry picked from commit 6f54ea6a0e)
(cherry picked from commit ed8d90de6b)
(cherry picked from commit 26ffd3fcac)
(cherry picked from commit 287b3bbfb5)
(cherry picked from commit ab81378d0c)
(cherry picked from commit f6bbe7e875)
(cherry picked from commit 8968f34edf)
(cherry picked from commit d3d914bba2)
(cherry picked from commit 4e4006a990)
(cherry picked from commit edb333569b)
(cherry picked from commit 6c1a4baa15)
(cherry picked from commit 51bda3bfc7)
(cherry picked from commit 6f5f318b8f)
(cherry picked from commit e128da2362)
(cherry picked from commit 3e6735ff23)
(cherry picked from commit 938c444125)
(cherry picked from commit 67f92dc9ab)
(cherry picked from commit ee31df71fb)
(cherry picked from commit 386f232191)
(cherry picked from commit 745785cd7f)
2023-12-18 14:39:08 +01:00
Earl Warren
2ff3080018
[CI] Forgejo Actions based CI for PR & branches
(cherry picked from commit f9d75d4705)
(cherry picked from commit 64f76f4ab2)
(cherry picked from commit 5d02454155)

[CI] Forgejo Actions workflows

(cherry picked from commit 3ff59b5379)
(cherry picked from commit 8af826a6f7)
(cherry picked from commit d7c09d9cc8)

[CI] use the docker label instead of ubuntu-latest

(cherry picked from commit b6a6470db6)

[CI] all tests need compliance before proceeding

(cherry picked from commit b35c496f2c)
(cherry picked from commit 36a4148a8e)
(cherry picked from commit 7ffcffa653)
(cherry picked from commit 8a246d296e)
(cherry picked from commit dd0b6e1826)

[CI] Forgejo Actions based release process (squash) MySQL optimization

Refs: https://codeberg.org/forgejo/forgejo/issues/976
(cherry picked from commit b4b8c489e6)
(cherry picked from commit 1e861db4af)
(cherry picked from commit a6c0e00330)
(cherry picked from commit f97b336465)
(cherry picked from commit 6d65d5f0d6f798556a8f9e547896be03a5ee2f87)
(cherry picked from commit 79bfbadbed)
(cherry picked from commit e86c40a34a)
(cherry picked from commit da0c454adb)
(cherry picked from commit b49d892cda)

[CI] enable minio tests

(cherry picked from commit 4d8f438031)
(cherry picked from commit c4eeb0a61e)

[CI] Forgejo Actions based CI for PR & branches (squash) cleanup

(cherry picked from commit 80eb20e842)
(cherry picked from commit d2ff589858)
(cherry picked from commit f6eedecb67)
(cherry picked from commit cf458091e2)
(cherry picked from commit ddd322cb2d)
(cherry picked from commit f0f5729b64)

Conflicts:
	.github/workflows/pull-db-tests.yml
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit bb347aedd4)
(cherry picked from commit 0f5ebe8c3e)
(cherry picked from commit 9101cb4715)
(cherry picked from commit ab118fe4ef)

[CI] Forgejo Actions based CI for PR & branches (squash) use node:20-bookworm

No longer use the custom test-env image, it is unecessary technical
debt.

Also upgrade to bitnami/minio:2023.8.31 to align with what Gitea tests

(cherry picked from commit d9b77fd273)
(cherry picked from commit ef8f099f9e)
(cherry picked from commit 6d3c675d20)
(cherry picked from commit fc00ff45f2)
(cherry picked from commit b7f02b9846)
(cherry picked from commit d23d86e567)
(cherry picked from commit e68e65460c)
(cherry picked from commit 96f93a1fdb)
2023-12-18 14:39:08 +01:00
Loïc Dachary
30f8d9ec3a
[CI] Search .forgejo/workflows first
(cherry picked from commit 8b11cab677)
(cherry picked from commit be59270696)
(cherry picked from commit e068f8b191)
(cherry picked from commit 7855bb0c60)
(cherry picked from commit 45c4c8f443)
(cherry picked from commit 89520d67ff)
(cherry picked from commit 15eeb417a4)
(cherry picked from commit 6db53a2643)
(cherry picked from commit 2f689b321f)
(cherry picked from commit 04dc478314c3b4927cca78c354ca46ee217f035a)
(cherry picked from commit a554624f40)
(cherry picked from commit abca05f0d1)
(cherry picked from commit dc13e7eb22)
(cherry picked from commit a161c5740e)
(cherry picked from commit 06d33e2773)
(cherry picked from commit f536275161)
(cherry picked from commit 84ac6f314a)
(cherry picked from commit 1e8126edfc)
(cherry picked from commit 0287ac3416)
(cherry picked from commit 3e5fca2aae)
(cherry picked from commit 03b220bfeb)
(cherry picked from commit 1d033f4aaf)
(cherry picked from commit 2ee9e3e9a3)
(cherry picked from commit d28c284993)
(cherry picked from commit 239df83859)
(cherry picked from commit 96ae0c2e5d)
(cherry picked from commit 49aef71b32)
(cherry picked from commit 38b56d108d)
2023-12-18 14:39:08 +01:00
Earl Warren
f4e9ca6db5
[CI] disable meilisearch/elasticsearch test, no server yet in CI
(cherry picked from commit a1381d9146fba42cb97d72d38525fa3e721bfb03)
(cherry picked from commit 74714e0246)
(cherry picked from commit 7749dbfe66)
(cherry picked from commit 4379249711)
(cherry picked from commit a69f55bebf)
(cherry picked from commit 24dd5fbfdb)
(cherry picked from commit dda856d6b8)
(cherry picked from commit bc14f4fa97)
(cherry picked from commit 78fef4f137)
(cherry picked from commit 69e013cc51)
(cherry picked from commit f173c6a273)
(cherry picked from commit 92f9d02547)
(cherry picked from commit c99d51e665)
(cherry picked from commit aa0650fd2b)
(cherry picked from commit 0a8ef91302)
(cherry picked from commit 7b54fe01c2)
(cherry picked from commit 0e154f366f)
(cherry picked from commit 02d88ee16d)
(cherry picked from commit 411924e017)
2023-12-18 14:39:08 +01:00
Earl Warren
a471ed4576
[CI] disable redis test, no redis server yet in CI
(cherry picked from commit e1bbfa3619)
(cherry picked from commit 91245ca917)
(cherry picked from commit 705d0558be)
(cherry picked from commit 9247594970)
(cherry picked from commit 9db1158a48)
(cherry picked from commit 3b36b77d87)
(cherry picked from commit 162fa1d8ae)
(cherry picked from commit d03d0afbb5)
(cherry picked from commit 7b8f92f787)
(cherry picked from commit 035abca969)
(cherry picked from commit a8fbf6bb56)
(cherry picked from commit 3be681d037b07880236cae1aa70245e5eb4d1497)
(cherry picked from commit 7e5d471c83)
(cherry picked from commit 323801d935)
(cherry picked from commit 3fdfe4bfea)
(cherry picked from commit 58a07421a4)
(cherry picked from commit dbb71a4c85)
(cherry picked from commit d442113520)
(cherry picked from commit d3329f01f8)
(cherry picked from commit 069a1d68b8)
(cherry picked from commit 14919e609a)
(cherry picked from commit 49b76be106)
(cherry picked from commit 0fe9f257d2)
(cherry picked from commit b583bebeab)
(cherry picked from commit 5c616e43a6)
(cherry picked from commit 854bcea905)
(cherry picked from commit c2acb181c5)
(cherry picked from commit 1cb07e71d1)
(cherry picked from commit 5d3f09e635)
(cherry picked from commit f8bf1c8d42)
2023-12-18 14:39:08 +01:00
Loïc Dachary
6696e09b1f
[CI] set PASSWORD_HASH_ALGO = argon2 for integration tests
(cherry picked from commit 1d7ce2a39c)
(cherry picked from commit 3af8757583)
(cherry picked from commit 0b81815209)
(cherry picked from commit 7180a3222a)
(cherry picked from commit 069044f4a6)
(cherry picked from commit dd1438f389)
(cherry picked from commit 4ae6b5d64d)
(cherry picked from commit c572666d78)
(cherry picked from commit de0a4480bc)
(cherry picked from commit 60272ef4f7)
(cherry picked from commit a68fdde4be)
(cherry picked from commit ff448cf3a6)
(cherry picked from commit 208498caaa)
(cherry picked from commit 1abd3efad8)
(cherry picked from commit 818c7f4ca9)
(cherry picked from commit 1e552bbe44)
(cherry picked from commit 88dbd6da1d)
(cherry picked from commit b1c86fb777)
(cherry picked from commit 185b1e25b1)
(cherry picked from commit 0af35605ae)
(cherry picked from commit 350975b63f)
(cherry picked from commit 2788142515)
(cherry picked from commit b418a53717b247e10d2dda26d1d236400d423a94)
(cherry picked from commit 086cde3f10)
(cherry picked from commit 3e4818c779)
(cherry picked from commit f2bf1fe64f)
(cherry picked from commit db4eb288ee)
(cherry picked from commit f8db31821b)
(cherry picked from commit 2b13c06f49)
(cherry picked from commit 3fd0092056)
(cherry picked from commit 6f7662507f)
(cherry picked from commit 8a15e41887)

Conflicts:
	tests/mysql8.ini.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit 56e67e34e2)
(cherry picked from commit 6a049a939b)
(cherry picked from commit 454fe7f5e1)
(cherry picked from commit 93fa4406b7)
(cherry picked from commit eab1c72227)
(cherry picked from commit 8228adfd26)
(cherry picked from commit ffdbe1bac8)
(cherry picked from commit 7df4407714)
(cherry picked from commit 9d8c4bc7ca)
2023-12-18 14:39:08 +01:00
Loïc Dachary
69ae87f11f
[CI] implementation: forgejo container images
(cherry picked from commit dd1971d4e6)
(cherry picked from commit 3981dbaf8c)
(cherry picked from commit 8dff3cc2d1)
(cherry picked from commit e7673e5d22)
(cherry picked from commit 326174064b)
(cherry picked from commit eb769dbde4)
(cherry picked from commit 335829ade2)
(cherry picked from commit 5e8e4f549d)

Conflicts:
	Dockerfile
	Dockerfile.rootless
(cherry picked from commit b777fc91d0)
(cherry picked from commit 02cda642ec)
(cherry picked from commit 96ef93f3bc)
(cherry picked from commit aa424551f2)

Conflicts:
	Dockerfile
	Dockerfile.rootless
(cherry picked from commit e54fa86e49)
(cherry picked from commit 043fa6d664)
(cherry picked from commit 805b162480)
(cherry picked from commit 86bf362a3c)
(cherry picked from commit 13e0007959)
(cherry picked from commit 00ff6f7cb3)
(cherry picked from commit 95c7d8e883)
(cherry picked from commit fb033d2bb6)
(cherry picked from commit 1147910a55)
(cherry picked from commit 6590b6e99c)
(cherry picked from commit 78938113e4)
(cherry picked from commit 57338224f172e30a72f03f565aa47876e1213e77)
(cherry picked from commit 4266cbcdd4)
(cherry picked from commit bdc766a5a2)
(cherry picked from commit 6fb9ad8504)
(cherry picked from commit c4e6383240)
(cherry picked from commit 490fa55b3a)
(cherry picked from commit 802c8e72be)
(cherry picked from commit 2b1efe2030)
(cherry picked from commit fdcdd7389a)
(cherry picked from commit b9ae491650)
(cherry picked from commit e7867c6512)
(cherry picked from commit 0a43263fa6)
(cherry picked from commit 64bb6b8982)
(cherry picked from commit dcc1fd6292)
(cherry picked from commit b0250fd533)
(cherry picked from commit 427b059996)
(cherry picked from commit b6058e28cb)
(cherry picked from commit b91a41dd79)
(cherry picked from commit b8bcb22726)
2023-12-18 14:39:08 +01:00
Loïc Dachary
f5f2b41f3c
[CI] implementation: publish forgejo- binaries instead of gitea-
(cherry picked from commit 6d910daafb)
(cherry picked from commit d447861cc9)
(cherry picked from commit dc6e9d8799)
(cherry picked from commit ef232fa20c)
(cherry picked from commit 290c55517a)
(cherry picked from commit db48af1784)
(cherry picked from commit 85f33237a2)
(cherry picked from commit 76899ee33e)
(cherry picked from commit 148b3ee9cb)
(cherry picked from commit 1f6ad8f465)
(cherry picked from commit c330afdba3)
(cherry picked from commit b1f87075a7)
(cherry picked from commit 7da40992cc)
(cherry picked from commit 7ab19ff5e5)
(cherry picked from commit e61e44921b)
(cherry picked from commit 83646119fb)
(cherry picked from commit 20cf748e61)
(cherry picked from commit 0a99919cec)
(cherry picked from commit 21215222a6)
(cherry picked from commit 0f6c5658d7)
(cherry picked from commit 1752e43d3c)
(cherry picked from commit 2332080929)
(cherry picked from commit 590aabf2a2)
(cherry picked from commit 87d8b7b315c3e25bd3fcf9dc9c1d359bcd107281)
(cherry picked from commit ff37de38be)
(cherry picked from commit cee32c9e7a)
(cherry picked from commit 39faade524)
(cherry picked from commit 0e5ca477b6)
(cherry picked from commit 70e2730f7b)
(cherry picked from commit 2ad4003944)
(cherry picked from commit 2429de9e87)
(cherry picked from commit c133915fc1)
(cherry picked from commit c607dcaf9f)
(cherry picked from commit 00f006637f)
(cherry picked from commit 0de6646475)
(cherry picked from commit b05e83bb1e)
(cherry picked from commit cb71f139f0)
(cherry picked from commit 2a8b08ee4f)
(cherry picked from commit 3ebab73c4e)
(cherry picked from commit 07626c088c)
(cherry picked from commit 844e9bc999)
(cherry picked from commit c315e24751)
2023-12-18 14:39:08 +01:00
Earl Warren
6ba97cf4b5
[CLI] implement forgejo-cli
(cherry picked from commit 2555e315f7)
(cherry picked from commit 51b9c9092e)

[CLI] implement forgejo-cli (squash) support initDB

(cherry picked from commit 5c31ae602a)
(cherry picked from commit bbf76489a7)

Conflicts:
	because of d0dbe52e76
	upgrade to https://pkg.go.dev/github.com/urfave/cli/v2
(cherry picked from commit b6c1bcc008)

[CLI] implement forgejo-cli actions

(cherry picked from commit 08be2b226e)
(cherry picked from commit b6cfa88c6e)
(cherry picked from commit 59704200de)

[CLI] implement forgejo-cli actions generate-secret

(cherry picked from commit 6f7905c8ec)
(cherry picked from commit e085d6d273)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb2)

[CLI] implement forgejo-cli actions register

(cherry picked from commit 2f95143000)
(cherry picked from commit 42f2f8731e)

[CLI] implement forgejo-cli actions register (squash) no private

Do not go through the private API, directly modify the database

(cherry picked from commit 1ba7c0d39d)

[CLI] implement forgejo-cli actions

(cherry picked from commit 6f7905c8ec)
(cherry picked from commit e085d6d273)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb2)
(cherry picked from commit 4c121ef022)

Conflicts:
	cmd/forgejo/actions.go
	tests/integration/cmd_forgejo_actions_test.go
(cherry picked from commit 36997a48e3)

[CLI] implement forgejo-cli actions (squash) restore --version

Refs: https://codeberg.org/forgejo/forgejo/issues/1134
(cherry picked from commit 9739eb52d8)

[CI] implement forgejo-cli (squash) the actions subcommand needs config

(cherry picked from commit def638475122a26082ab3835842c84cd03839154)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1209
(cherry picked from commit a1758a3910)
(cherry picked from commit 935fa650c7)
(cherry picked from commit cd21026bc9)
(cherry picked from commit 1700b8973a)
(cherry picked from commit 1def42a379)
(cherry picked from commit 839d97521d)
(cherry picked from commit fd8c13be6b)
(cherry picked from commit 588e5d552f)
(cherry picked from commit 151a726620)

[v1.22] [CLI] implement forgejo-cli

https://codeberg.org/forgejo/forgejo/pulls/1541
(cherry picked from commit 46708de7b9)
(cherry picked from commit a8e5c1369e)
(cherry picked from commit c8a32aaf24)

Conflicts:
	models/actions/main_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1656
(cherry picked from commit 79f4553063)
(cherry picked from commit 0379da0cf5)
(cherry picked from commit 331d58c085)
(cherry picked from commit 89705502c4)
(cherry picked from commit 4723d5febf)
(cherry picked from commit e71b260130)
(cherry picked from commit 6a376a5b48)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1969
2023-12-18 14:39:08 +01:00
Earl Warren
cb4ae4582c
[CI] DEFAULT_ACTIONS_URL = https://code.forgejo.org
[CI] Revert "Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581)"

This reverts commit 67bd9d4f1e.

(cherry picked from commit 0547e94023)
(cherry picked from commit d21ad654ad)
(cherry picked from commit b905e9d838)
(cherry picked from commit 251a5bf235b1723bc2bc324f9e8c03a8668bb5ae)
(cherry picked from commit b370e47694)
(cherry picked from commit 2cc28d0785)
(cherry picked from commit ed870a39e9)
(cherry picked from commit 7bb0c4654e)
(cherry picked from commit bab1f552c3)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413

[CI] DEFAULT_ACTIONS_URL = https://codeberg.org

(cherry picked from commit 52b364ddbd)
(cherry picked from commit 99887cd567)
(cherry picked from commit cd5788782a)
(cherry picked from commit 71c698a704)
(cherry picked from commit 71386241dd)
(cherry picked from commit b7ab05aeac)
(cherry picked from commit e78b9ca59c)
(cherry picked from commit edb3adf460)
(cherry picked from commit 3e40088197)

[BRANDING] DEFAULT_ACTIONS_URL = https://code.forgejo.org

(cherry picked from commit d0e4512c90)
(cherry picked from commit 8ba6e04709)
(cherry picked from commit 6349081044)
(cherry picked from commit e06bd44495)
(cherry picked from commit d58219d8e1)
(cherry picked from commit 052f2c2aa4)
(cherry picked from commit 29dc395386)
(cherry picked from commit 9eef3f59f3)
(cherry picked from commit d650391fed)
(cherry picked from commit c2e6e8c55d)
(cherry picked from commit e28a47741d)

[CI] DEFAULT_ACTIONS_URL support for self & github (squash)

Refs: https://codeberg.org/forgejo/forgejo/issues/1062
(cherry picked from commit 74cc25376e)
(cherry picked from commit 405430708f)
(cherry picked from commit 0274a6dee7f383bcd6b65b995b991b5ab0ee635a)
(cherry picked from commit be5cda0fd0)
(cherry picked from commit d27474849f)
(cherry picked from commit 4a5e9e2d81)
(cherry picked from commit 65b31906b2)
(cherry picked from commit 13cf0b0963)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413
(cherry picked from commit 49529badce)

Conflicts:
	custom/conf/app.example.ini
	docs/content/administration/config-cheat-sheet.en-us.md
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1460
(cherry picked from commit 00327b9b1f)
(cherry picked from commit 3b322e43d5)
(cherry picked from commit 492cc52059)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit 9027b655df)
(cherry picked from commit 4764383028)
(cherry picked from commit fbb00fd1cf)
(cherry picked from commit 417cd6c801)
(cherry picked from commit 6b70773ad8)
(cherry picked from commit 9ba069327d)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1827
(cherry picked from commit 727edf19ee)
(cherry picked from commit 689326ce20)
(cherry picked from commit 745d60aec4)
2023-12-18 14:39:08 +01:00
Earl Warren
c07b95b292
[FORGEJO] temporarily remove .github & .gitea 2023-12-18 14:37:29 +01:00
68 changed files with 1936 additions and 1624 deletions

View file

@ -0,0 +1,154 @@
name: 'Build release'
author: 'Forgejo authors'
description: |
Build release
inputs:
forgejo:
description: 'URL of the Forgejo instance where the release is uploaded'
required: true
owner:
description: 'User or organization where the release is uploaded, relative to the Forgejo instance'
required: true
repository:
description: 'Repository where the release is uploaded, relative to the owner'
required: true
doer:
description: 'Name of the user authoring the release'
required: true
tag-version:
description: 'Version of the release derived from the tag withint the leading v'
required: true
suffix:
description: 'Suffix to add to the image tag'
token:
description: 'token'
required: true
dockerfile:
description: 'path to the dockerfile'
default: 'Dockerfile'
platforms:
description: 'Coma separated list of platforms'
default: 'linux/amd64,linux/arm64'
release-notes:
description: 'Full text of the release notes'
default: 'Release notes placeholder'
binary-name:
description: 'Name of the binary'
binary-path:
description: 'Path of the binary within the container to extract into binary-name'
verbose:
description: 'Increase the verbosity level'
default: 'false'
runs:
using: "composite"
steps:
- run: echo "${{ github.action_path }}" >> $GITHUB_PATH
shell: bash
- name: Install dependencies
run: |
apt-get install -y -qq xz-utils
- name: set -x if verbose is required
id: verbose
run: |
if ${{ inputs.verbose }} ; then
echo "shell=set -x" >> "$GITHUB_OUTPUT"
fi
- name: Create the insecure and buildx-config variables for the container registry
id: registry
run: |
${{ steps.verbose.outputs.shell }}
url="${{ inputs.forgejo }}"
hostport=${url##http*://}
hostport=${hostport%%/}
echo "host-port=${hostport}" >> "$GITHUB_OUTPUT"
if ! [[ $url =~ ^http:// ]] ; then
exit 0
fi
cat >> "$GITHUB_OUTPUT" <<EOF
insecure=true
buildx-config<<ENDVAR
[registry."${hostport}"]
http = true
ENDVAR
EOF
- name: Allow docker pull/push to forgejo
if: ${{ steps.registry.outputs.insecure }}
run: |-
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"insecure-registries" : ["${{ steps.registry.outputs.host-port }}"],
"bip": "172.26.0.1/16"
}
EOF
- name: Install docker
run: |
echo deb http://deb.debian.org/debian bullseye-backports main | tee /etc/apt/sources.list.d/backports.list && apt-get -qq update
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -qq -y -t bullseye-backports docker.io
- uses: https://github.com/docker/setup-buildx-action@v2
with:
config-inline: |
${{ steps.registry.outputs.buildx-config }}
- name: Login to the container registry
run: |
BASE64_AUTH=`echo -n "${{ inputs.doer }}:${{ inputs.token }}" | base64 -w0`
mkdir -p ~/.docker
echo "{\"auths\": {\"$CI_REGISTRY\": {\"auth\": \"$BASE64_AUTH\"}}}" > ~/.docker/config.json
env:
CI_REGISTRY: "${{ steps.registry.outputs.host-port }}"
- name: Build the container image for each architecture
uses: https://github.com/docker/build-push-action@v4
# workaround until https://github.com/docker/build-push-action/commit/d8823bfaed2a82c6f5d4799a2f8e86173c461aba is in @v4 or @v5 is released
env:
ACTIONS_RUNTIME_TOKEN: ''
with:
context: .
push: true
file: ${{ inputs.dockerfile }}
platforms: ${{ inputs.platforms }}
tags: ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ inputs.tag-version }}${{ inputs.suffix }}
- name: Extract the binary from the container images into the release directory
if: inputs.binary-name != ''
run: |
${{ steps.verbose.outputs.shell }}
mkdir -p release
cd release
for platform in $(echo ${{ inputs.platforms }} | tr ',' ' '); do
arch=$(echo $platform | sed -e 's|linux/||g' -e 's|arm/v6|arm-6|g')
docker create --platform $platform --name forgejo-$arch ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ inputs.tag-version }}${{ inputs.suffix }}
binary="${{ inputs.binary-name }}-${{ inputs.tag-version }}-linux"
docker cp forgejo-$arch:${{ inputs.binary-path }} $binary-$arch
chmod +x $binary-$arch
# the displayed version has a + instead of the first -, deal with it
pattern=$(echo "${{ inputs.tag-version }}" | tr - .)
if ! ./$binary-$arch --version | grep "$pattern" ; then
echo "ERROR: expected version pattern $pattern not found in the output of $binary-$arch --version"
./$binary-$arch --version
exit 1
fi
xz --keep -9 $binary-$arch
shasum -a 256 $binary-$arch > $binary-$arch.sha256
shasum -a 256 $binary-$arch.xz > $binary-$arch.xz.sha256
docker rm forgejo-$arch
done
- name: publish release
if: inputs.binary-name != ''
uses: https://code.forgejo.org/actions/forgejo-release@v1
with:
direction: upload
release-dir: release
release-notes: "${{ inputs.release-notes }}"
token: ${{ inputs.token }}
verbose: ${{ steps.verbose.outputs.value }}

View file

@ -0,0 +1,110 @@
name: 'Publish release'
author: 'Forgejo authors'
description: |
Publish release
inputs:
forgejo:
description: 'URL of the Forgejo instance where the release is uploaded (e.g. https://codeberg.org)'
required: true
from-owner:
description: 'the owner from which a release is to be copied (e.g forgejo-integration)'
required: true
to-owner:
description: 'the owner to which a release is to be copied (e.g. forgejo-experimental). It has be an organization in which doer has the required permissions. Or be the same as the doer'
required: true
repo:
description: 'the repository from which a release is to be copied relative to from-owner and to-owner'
default: 'forgejo'
ref-name:
description: 'ref_name of the tag of the release to be copied (e.g. github.ref_name)'
required: true
doer:
description: 'Name of the user authoring the release (e.g. release-team). The user must be authorized to create packages in to-owner and releases in to-owner/repo'
required: true
token:
description: 'application token created on forgejo by the doer, with a scope allowing it to create packages in to-owner and releases in to-owner/repo'
required: true
gpg-private-key:
description: 'GPG Private Key to sign the release artifacts'
gpg-passphrase:
description: 'Passphrase of the GPG Private Key'
verbose:
description: 'Increase the verbosity level'
default: 'false'
runs:
using: "composite"
steps:
- id: hostport
run: |
url="${{ inputs.forgejo }}"
hostport=${url##http*://}
hostport=${hostport%%/}
echo "value=$hostport" >> "$GITHUB_OUTPUT"
- id: tag-version
run: |
version="${{ inputs.ref-name }}"
version=${version##*v}
echo "value=$version" >> "$GITHUB_OUTPUT"
- name: Create the release notes
id: release-notes
run: |
anchor=${{ steps.tag-version.outputs.value }}
anchor=${anchor//./-}
cat >> "$GITHUB_OUTPUT" <<EOF
value<<ENDVAR
See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#$anchor
ENDVAR
EOF
- name: apt-get install docker.io
run: |
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -qq -y docker.io
- name: download release
uses: https://code.forgejo.org/actions/forgejo-release@v1
with:
url: ${{ inputs.forgejo }}
repo: ${{ inputs.from-owner }}/${{ inputs.repo }}
direction: download
release-dir: release
download-retry: 60
token: ${{ inputs.token }}
verbose: ${{ inputs.verbose }}
- name: upload release
uses: https://code.forgejo.org/actions/forgejo-release@v1
with:
url: ${{ inputs.forgejo }}
repo: ${{ inputs.to-owner }}/${{ inputs.repo }}
direction: upload
release-dir: release
release-notes: ${{ steps.release-notes.outputs.value }}
token: ${{ inputs.token }}
gpg-private-key: ${{ inputs.gpg-private-key }}
gpg-passphrase: ${{ inputs.gpg-passphrase }}
verbose: ${{ inputs.verbose }}
- name: login to the registry
uses: https://github.com/docker/login-action@v2
with:
registry: ${{ steps.hostport.outputs.value }}
username: ${{ inputs.doer }}
password: ${{ inputs.token }}
- uses: https://code.forgejo.org/forgejo/forgejo-container-image@v1
env:
VERIFY: 'false'
with:
url: https://${{ steps.hostport.outputs.value }}
destination-owner: ${{ inputs.to-owner }}
owner: ${{ inputs.from-owner }}
suffixes: '-rootless'
project: ${{ inputs.repo }}
tag: ${{ steps.tag-version.outputs.value }}
doer: ${{ inputs.doer }}
token: ${{ inputs.token }}
verbose: ${{ inputs.verbose }}

View file

@ -0,0 +1,21 @@
#!/bin/bash
set -ex
end_to_end=$1
end_to_end_pr=$2
forgejo=$3
forgejo_pr=$4
head_url=$(jq --raw-output .head.repo.html_url < $forgejo_pr)
test "$head_url" != null
branch=$(jq --raw-output .head.ref < $forgejo_pr)
test "$branch" != null
cd $end_to_end
echo $head_url $branch 7.0.0+0-gitea-1.22.0 > forgejo/sources/1.22
date > last-upgrade
base_url=$(jq --raw-output .base.repo.html_url < $forgejo_pr)
test "$base_url" != null
test "$GITHUB_RUN_NUMBER"
echo $base_url/actions/runs/$GITHUB_RUN_NUMBER/artifacts/forgejo > forgejo/binary-url

View file

@ -0,0 +1,3 @@
FROM public.ecr.aws/docker/library/alpine:3.18
RUN mkdir -p /app/gitea
RUN ( echo '#!/bin/sh' ; echo "echo forgejo v1.2.3" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea

View file

@ -0,0 +1,5 @@
VERSION ?= $(shell cat VERSION 2>/dev/null)
sources-tarbal:
mkdir -p dist/release
echo $(VERSION) > VERSION
sources=forgejo-src-$(VERSION).tar.gz ; tar --transform 's|^./|forgejo-src-$(VERSION)/|' -czf dist/release/forgejo-src-$(VERSION).tar.gz . ; cd dist/release ; shasum -a 256 $$sources > $$sources.sha256

View file

@ -0,0 +1,99 @@
name: Integration tests for the release process
on:
push:
paths:
- Makefile
- Dockerfile
- Dockerfile.rootless
- docker/**
- .forgejo/actions/build-release/action.yml
- .forgejo/workflows/build-release.yml
- .forgejo/workflows/build-release-integration.yml
jobs:
release-simulation:
runs-on: self-hosted
if: secrets.ROLE != 'forgejo-integration' && secrets.ROLE != 'forgejo-experimental' && secrets.ROLE != 'forgejo-release'
steps:
- uses: actions/checkout@v3
- id: forgejo
uses: https://code.forgejo.org/actions/setup-forgejo@v1
with:
user: root
password: admin1234
image-version: 1.19
lxc-ip-prefix: 10.0.9
- name: publish the forgejo release
run: |
set -x
version=1.2.3
cat > /etc/docker/daemon.json <<EOF
{
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
}
EOF
systemctl restart docker
apt-get install -qq -y xz-utils
dir=$(mktemp -d)
trap "rm -fr $dir" EXIT
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
#
# Create a new project with a fake forgejo and the release workflow only
#
cp -a .forgejo/testdata/build-release/* $dir
mkdir -p $dir/.forgejo/workflows
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
cp -a .forgejo/actions $dir/.forgejo/actions
cp $dir/Dockerfile $dir/Dockerfile.rootless
forgejo-test-helper.sh push $dir $url root forgejo
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
#
# Push a tag to trigger the release workflow and wait for it to complete
#
forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
#
# uncomment to see the logs even when everything is reported to be working ok
#
#cat $FORGEJO_RUNNER_LOGS
#
# Minimal sanity checks. e2e test is for the setup-forgejo
# action and the infrastructure playbook. Since the binary
# is a script shell it does not test the sanity of the cross
# build, only the sanity of the naming of the binaries.
#
for arch in amd64 arm64 arm-6 ; do
binary=forgejo-$version-linux-$arch
for suffix in '' '.xz' ; do
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
if test "$suffix" = .xz ; then
unxz --keep $binary$suffix
fi
chmod +x $binary
./$binary --version | grep $version
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
shasum -a 256 --check $binary$suffix.sha256
rm $binary$suffix
done
done
sources=forgejo-src-$version.tar.gz
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
shasum -a 256 --check $sources.sha256
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless

View file

@ -0,0 +1,190 @@
name: Build release
on:
push:
tags: 'v*'
jobs:
release:
runs-on: self-hosted
# root is used for testing, allow it
if: secrets.ROLE == 'forgejo-integration' || github.repository_owner == 'root'
steps:
- uses: actions/checkout@v3
- name: Increase the verbosity when there are no secrets
id: verbose
run: |
if test -z "${{ secrets.TOKEN }}"; then
value=true
else
value=false
fi
echo "value=$value" >> "$GITHUB_OUTPUT"
- name: Sanitize the name of the repository
id: repository
run: |
set -x # comment out
repository="${{ github.repository }}"
echo "value=${repository##*/}" >> "$GITHUB_OUTPUT"
- name: When in a test environment, create a token
id: token
if: ${{ secrets.TOKEN == '' }}
run: |
apt-get -qq install -y jq
url="${{ env.GITHUB_SERVER_URL }}"
hostport=${url##http*://}
hostport=${hostport%%/}
doer=root
api=http://$doer:admin1234@$hostport/api/v1/users/$doer/tokens
curl -sS -X DELETE $api/release
token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
echo "value=${token}" >> "$GITHUB_OUTPUT"
- uses: https://code.forgejo.org/actions/setup-node@v3
with:
node-version: 18
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.20"
check-latest: true
- name: Create the version from ref_name
id: tag-version
run: |
version="${{ github.ref_name }}"
version=${version##*v}
echo "value=$version" >> "$GITHUB_OUTPUT"
- name: Create the release notes
id: release-notes
run: |
cat >> "$GITHUB_OUTPUT" <<EOF
value<<ENDVAR
See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#${{ steps.tag-version.outputs.value }}
ENDVAR
EOF
- name: Build sources
run: |
set -x
apt-get -qq install -y make
version=${{ steps.tag-version.outputs.value }}
#
# Make sure all files are owned by the current user.
# When run as root `npx webpack` will assume the identity
# of the owner of the current working directory and may
# fail to create files if some sub-directories are not owned
# by the same user.
#
# Binaries:
# Node: 18.17.0 - /usr/local/node-v18.17.0-linux-x64/bin/node
# npm: 9.6.7 - /usr/local/node-v18.17.0-linux-x64/bin/npm
# Packages:
# add-asset-webpack-plugin: 2.0.1 => 2.0.1
# css-loader: 6.8.1 => 6.8.1
# esbuild-loader: 3.0.1 => 3.0.1
# license-checker-webpack-plugin: 0.2.1 => 0.2.1
# monaco-editor-webpack-plugin: 7.0.1 => 7.0.1
# vue-loader: 17.2.2 => 17.2.2
# webpack: 5.87.0 => 5.87.0
# webpack-cli: 5.1.4 => 5.1.4
#
chown -R $(id -u) .
make VERSION=$version TAGS=bindata sources-tarbal
mv dist/release release
(
tmp=$(mktemp -d)
tar --directory $tmp -zxvf release/*$version*.tar.gz
cd $tmp/*
#
# Verify `make frontend` files are available
#
test -d public/assets/css
test -d public/assets/fonts
test -d public/assets/js
#
# Verify `make generate` files are available
#
test -f modules/public/bindata.go
#
# Sanity check to verify that the source tarbal knows the
# version and is able to rebuild itself from it.
#
# When in sources the version is determined with git.
# When in the tarbal the version is determined from a VERSION file.
#
make sources-tarbal
tarbal=$(echo dist/release/*$version*.tar.gz)
if ! test -f $tarbal ; then
echo $tarbal does not exist
find dist release
exit 1
fi
)
- name: build container & release (when TOKEN secret is not set)
if: ${{ secrets.TOKEN == '' }}
uses: ./.forgejo/actions/build-release
with:
forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}"
doer: root
tag-version: "${{ steps.tag-version.outputs.value }}"
token: ${{ steps.token.outputs.value }}
platforms: linux/amd64,linux/arm64,linux/arm/v6
release-notes: "${{ steps.release-notes.outputs.value }}"
binary-name: forgejo
binary-path: /app/gitea/gitea
verbose: ${{ steps.verbose.outputs.value }}
- name: build rootless container (when TOKEN secret is not set)
if: ${{ secrets.TOKEN == '' }}
uses: ./.forgejo/actions/build-release
with:
forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}"
doer: root
tag-version: "${{ steps.tag-version.outputs.value }}"
token: ${{ steps.token.outputs.value }}
platforms: linux/amd64,linux/arm64,linux/arm/v6
suffix: -rootless
dockerfile: Dockerfile.rootless
verbose: ${{ steps.verbose.outputs.value }}
- name: build container & release (when TOKEN secret is set)
if: ${{ secrets.TOKEN != '' }}
uses: ./.forgejo/actions/build-release
with:
forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}"
doer: "${{ secrets.DOER }}"
tag-version: "${{ steps.tag-version.outputs.value }}"
token: "${{ secrets.TOKEN }}"
platforms: linux/amd64,linux/arm64,linux/arm/v6
release-notes: "${{ steps.release-notes.outputs.value }}"
binary-name: forgejo
binary-path: /app/gitea/gitea
verbose: ${{ steps.verbose.outputs.value }}
- name: build rootless container (when TOKEN secret is set)
if: ${{ secrets.TOKEN != '' }}
uses: ./.forgejo/actions/build-release
with:
forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}"
doer: "${{ secrets.DOER }}"
tag-version: "${{ steps.tag-version.outputs.value }}"
token: "${{ secrets.TOKEN }}"
platforms: linux/amd64,linux/arm64,linux/arm/v6
suffix: -rootless
dockerfile: Dockerfile.rootless
verbose: ${{ steps.verbose.outputs.value }}

View file

@ -0,0 +1,82 @@
# SPDX-License-Identifier: MIT
on:
pull_request_target:
types:
- labeled
env:
FEATURE_BRANCHES: "privacy i18n moderation branding dependency"
jobs:
info:
runs-on: docker
container:
image: node:20-bookworm
steps:
- name: event
run: |
echo github.event.pull_request.head.repo.fork = ${{ github.event.pull_request.head.repo.fork }}
echo github.event.action = ${{ github.event.action }}
echo github.event.pull_request.merged = ${{ github.event.pull_request.merged }}
echo github.event.pull_request.labels.*.name
cat <<'EOF'
${{ toJSON(github.event.pull_request.labels.*.name) }}
EOF
build:
if: github.event.action == 'label_updated' && contains(github.event.pull_request.labels.*.name, 'run-end-to-end-tests')
runs-on: docker
container:
image: 'docker.io/node:20-bookworm'
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
with:
fetch-depth: '0'
show-progress: 'false'
- name: adduser forgejo
run: |
git config --add safe.directory '*'
git config user.email "you@example.com"
git config user.name "Your Name"
adduser --quiet --comment forgejo --disabled-password forgejo
chown -R forgejo:forgejo .
- name: merge feature branches
run: |
su forgejo -c 'set -ex ; for b in ${{ env.FEATURE_BRANCHES }} ; do git merge -m $b origin/forgejo-$b ; done'
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.21"
- name: make deps-backend
run: |
su forgejo -c 'make deps-backend'
- name: make forgejo
run: |
su forgejo -c 'make generate-backend static-executable && ln gitea forgejo'
env:
TAGS: bindata sqlite sqlite_unlock_notify
- uses: actions/upload-artifact@v3
with:
name: forgejo
path: forgejo
cascade:
if: github.event.action == 'label_updated' && contains(github.event.pull_request.labels.*.name, 'run-end-to-end-tests')
needs: [build]
runs-on: docker
container:
image: node:20-bookworm
steps:
- uses: actions/checkout@v4
- uses: actions/cascading-pr@v1
with:
origin-url: ${{ env.GITHUB_SERVER_URL }}
origin-repo: ${{ github.repository }}
origin-token: ${{ secrets.END_TO_END_CASCADING_PR_ORIGIN }}
origin-pr: ${{ github.event.pull_request.number }}
destination-url: https://code.forgejo.org
destination-fork-repo: cascading-pr/end-to-end
destination-repo: forgejo/end-to-end
destination-branch: forgejo-pr
destination-token: ${{ secrets.END_TO_END_CASCADING_PR_DESTINATION }}
close-merge: true
update: .forgejo/cascading-pr-end-to-end

View file

@ -0,0 +1,79 @@
# SPDX-License-Identifier: MIT
#
# See also https://forgejo.org/docs/next/developer/RELEASE/#release-process
#
# https://codeberg.org/forgejo-experimental/forgejo
#
# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
#
# ROLE: forgejo-experimental
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo-experimental
# DOER: forgejo-experimental-ci
# TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
#
# https://forgejo.octopuce.forgejo.org/forgejo/forgejo
#
# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
#
# ROLE: forgejo-release
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo
# DOER: release-team
# TOKEN: <generated from codeberg.org/release-team>
# GPG_PRIVATE_KEY: <XYZ>
# GPG_PASSPHRASE: <ABC>
#
name: Pubish release
on:
push:
tags: 'v*'
jobs:
publish:
runs-on: self-hosted
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
steps:
- name: install the certificate authority
if: secrets.ROLE == 'forgejo-release'
run: |
apt-get install -qq -y wget
wget --no-check-certificate -O /usr/local/share/ca-certificates/enough.crt https://forgejo.octopuce.forgejo.org/forgejo/enough/raw/branch/main/certs/2023-05-13/ca.crt
update-ca-certificates --fresh
- uses: actions/checkout@v3
- name: copy & sign binaries and container images from one owner to another
uses: ./.forgejo/actions/publish-release
with:
forgejo: ${{ secrets.FORGEJO }}
from-owner: ${{ secrets.FROM_OWNER }}
to-owner: ${{ secrets.TO_OWNER }}
ref-name: ${{ github.ref_name }}
doer: ${{ secrets.DOER }}
token: ${{ secrets.TOKEN }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
verbose: ${{ secrets.VERBOSE }}
- name: set up go for the DNS update below
uses: https://code.forgejo.org/actions/setup-go@v4
if: secrets.ROLE == 'forgejo-experimental'
with:
go-version: ">=1.21"
check-latest: true
- name: update the _release.experimental DNS record
if: secrets.ROLE == 'forgejo-experimental'
uses: https://code.forgejo.org/actions/ovh-dns-update@v1
with:
subdomain: _release.experimental
domain: forgejo.com # there is a CNAME from .org to .com (for security reasons)
record-id: 5283602601
value: v=${{ github.ref_name }}
ovh-app-key: ${{ secrets.OVH_APP_KEY }}
ovh-app-secret: ${{ secrets.OVH_APP_SECRET }}
ovh-consumer-key: ${{ secrets.OVH_CON_KEY }}

View file

@ -0,0 +1,189 @@
name: testing
on:
pull_request:
push:
branches:
- 'forgejo*'
- 'v*/forgejo*'
jobs:
lint-backend:
runs-on: docker
container:
image: 'docker.io/node:20-bookworm'
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.21"
check-latest: true
- run: make deps-backend deps-tools
- run: make lint-backend
env:
TAGS: bindata sqlite sqlite_unlock_notify
checks-backend:
runs-on: docker
container:
image: 'docker.io/node:20-bookworm'
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.21"
check-latest: true
- run: make deps-backend deps-tools
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs
test-unit:
runs-on: docker
needs: [lint-backend, checks-backend]
container:
image: 'docker.io/node:20-bookworm'
services:
minio:
image: 'docker.io/bitnami/minio:2023.8.31'
env:
MINIO_ROOT_USER: 123456
MINIO_ROOT_PASSWORD: 12345678
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.21"
- run: |
git config --add safe.directory '*'
adduser --quiet --comment forgejo --disabled-password forgejo
chown -R forgejo:forgejo .
- run: |
su forgejo -c 'make deps-backend'
- run: |
su forgejo -c 'make backend'
env:
TAGS: bindata
- run: |
su forgejo -c 'make test-backend test-check'
timeout-minutes: 50
env:
RACE_ENABLED: 'true'
TAGS: bindata
test-mysql:
runs-on: docker
needs: [lint-backend, checks-backend]
container:
image: 'docker.io/node:20-bookworm'
services:
mysql:
image: 'docker.io/mysql:8-debian'
env:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_DATABASE: testgitea
#
# See also https://codeberg.org/forgejo/forgejo/issues/976
#
cmd: ['mysqld', '--innodb-adaptive-flushing=OFF', '--innodb-buffer-pool-size=4G', '--innodb-log-buffer-size=128M', '--innodb-flush-log-at-trx-commit=0', '--innodb-flush-log-at-timeout=30', '--innodb-flush-method=nosync', '--innodb-fsync-threshold=1000000000']
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: "1.21"
- name: install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install --no-install-recommends -qq -y git-lfs
- name: setup user and permissions
run: |
git config --add safe.directory '*'
adduser --quiet --comment forgejo --disabled-password forgejo
chown -R forgejo:forgejo .
- run: |
su forgejo -c 'make deps-backend'
- run: |
su forgejo -c 'make backend'
env:
TAGS: bindata
- run: |
su forgejo -c 'make test-mysql-migration test-mysql'
timeout-minutes: 50
env:
TAGS: bindata
USE_REPO_TEST_DIR: 1
test-pgsql:
runs-on: docker
needs: [lint-backend, checks-backend]
container:
image: 'docker.io/node:20-bookworm'
services:
minio:
image: bitnami/minio:2021.3.17
env:
MINIO_ACCESS_KEY: 123456
MINIO_SECRET_KEY: 12345678
pgsql:
image: 'docker.io/postgres:15'
env:
POSTGRES_DB: test
POSTGRES_PASSWORD: postgres
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: "1.21"
- name: install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install --no-install-recommends -qq -y git-lfs
- name: setup user and permissions
run: |
git config --add safe.directory '*'
adduser --quiet --comment forgejo --disabled-password forgejo
chown -R forgejo:forgejo .
- run: |
su forgejo -c 'make deps-backend'
- run: |
su forgejo -c 'make backend'
env:
TAGS: bindata
- run: |
su forgejo -c 'make test-pgsql-migration test-pgsql'
timeout-minutes: 50
env:
TAGS: bindata gogit
RACE_ENABLED: true
TEST_TAGS: gogit
USE_REPO_TEST_DIR: 1
test-sqlite:
runs-on: docker
needs: [lint-backend, checks-backend]
container:
image: 'docker.io/node:20-bookworm'
steps:
- uses: https://code.forgejo.org/actions/checkout@v3
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: "1.21"
- name: install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install --no-install-recommends -qq -y git-lfs
- name: setup user and permissions
run: |
git config --add safe.directory '*'
adduser --quiet --comment forgejo --disabled-password forgejo
chown -R forgejo:forgejo .
- run: |
su forgejo -c 'make deps-backend'
- run: |
su forgejo -c 'make backend'
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
- run: |
su forgejo -c 'make test-sqlite-migration test-sqlite'
timeout-minutes: 50
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
RACE_ENABLED: true
TEST_TAGS: gogit sqlite sqlite_unlock_notify
USE_REPO_TEST_DIR: 1

View file

@ -1,42 +0,0 @@
<!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue -->
<!--
1. Please speak English, this is the language all maintainers can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
3. Please take a moment to check that your issue doesn't already exist.
4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
5. Please give all relevant information below for bug reports, because
incomplete details will be handled as an invalid report.
-->
- Gitea version (or commit ref):
- Git version:
- Operating system:
<!-- Please include information on whether you built gitea yourself, used one of our downloads or are using some other package -->
<!-- Please also tell us how you are running gitea, e.g. if it is being run from docker, a command-line, systemd etc. --->
<!-- If you are using a package or systemd tell us what distribution you are using -->
- Database (use `[x]`):
- [ ] PostgreSQL
- [ ] MySQL
- [ ] MSSQL
- [ ] SQLite
- Can you reproduce the bug at https://try.gitea.io:
- [ ] Yes (provide example URL)
- [ ] No
- Log gist:
<!-- It really is important to provide pertinent logs -->
<!-- Please read https://docs.gitea.com/administration/logging-config#collecting-logs-for-help -->
<!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini -->
## Description
<!-- If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please
disable the proxy/CDN fully and connect to gitea directly to confirm
the issue still persists without those services. -->
...
## Screenshots
<!-- **If this issue involves the Web Interface, please include a screenshot** -->

2
.github/FUNDING.yml vendored
View file

@ -1,2 +0,0 @@
open_collective: gitea
custom: https://www.bountysource.com/teams/gitea

View file

@ -1,91 +0,0 @@
name: Bug Report
description: Found something you weren't expecting? Report it here!
labels: ["type/bug"]
body:
- type: markdown
attributes:
value: |
NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue.
- type: markdown
attributes:
value: |
1. Please speak English, this is the language all maintainers can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
3. Make sure you are using the latest release and
take a moment to check that your issue hasn't been reported before.
4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
5. It's really important to provide pertinent details and logs (https://docs.gitea.com/help/support),
incomplete details will be handled as an invalid report.
- type: textarea
id: description
attributes:
label: Description
description: |
Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below)
If you are using a proxy or a CDN (e.g. Cloudflare) in front of Gitea, please disable the proxy/CDN fully and access Gitea directly to confirm the issue still persists without those services.
- type: input
id: gitea-ver
attributes:
label: Gitea Version
description: Gitea version (or commit reference) of your instance
validations:
required: true
- type: dropdown
id: can-reproduce
attributes:
label: Can you reproduce the bug on the Gitea demo site?
description: |
If so, please provide a URL in the Description field
URL of Gitea demo: https://try.gitea.io
options:
- "Yes"
- "No"
validations:
required: true
- type: markdown
attributes:
value: |
It's really important to provide pertinent logs
Please read https://docs.gitea.com/administration/logging-config#collecting-logs-for-help
In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini
- type: input
id: logs
attributes:
label: Log Gist
description: Please provide a gist URL of your logs, with any sensitive information (e.g. API keys) removed/hidden
- type: textarea
id: screenshots
attributes:
label: Screenshots
description: If this issue involves the Web Interface, please provide one or more screenshots
- type: input
id: git-ver
attributes:
label: Git Version
description: The version of git running on the server
- type: input
id: os-ver
attributes:
label: Operating System
description: The operating system you are using to run Gitea
- type: textarea
id: run-info
attributes:
label: How are you running Gitea?
description: |
Please include information on whether you built Gitea yourself, used one of our downloads, are using https://try.gitea.io or are using some other package
Please also tell us how you are running Gitea, e.g. if it is being run from docker, a command-line, systemd etc.
If you are using a package or systemd tell us what distribution you are using
validations:
required: true
- type: dropdown
id: database
attributes:
label: Database
description: What database system are you running?
options:
- PostgreSQL
- MySQL/MariaDB
- MSSQL
- SQLite

View file

@ -1,17 +0,0 @@
blank_issues_enabled: false
contact_links:
- name: Security Concern
url: https://tinyurl.com/security-gitea
about: For security concerns, please send a mail to security@gitea.io instead of opening a public issue.
- name: Discord Server
url: https://discord.gg/Gitea
about: Please ask questions and discuss configuration or deployment problems here.
- name: Discourse Forum
url: https://discourse.gitea.io
about: Questions and configuration or deployment problems can also be discussed on our forum.
- name: Frequently Asked Questions
url: https://docs.gitea.com/help/faq
about: Please check if your question isn't mentioned here.
- name: Crowdin Translations
url: https://crowdin.com/project/gitea
about: Translations are managed here.

View file

@ -1,24 +0,0 @@
name: Feature Request
description: Got an idea for a feature that Gitea doesn't have currently? Submit your idea here!
labels: ["type/proposal"]
body:
- type: markdown
attributes:
value: |
1. Please speak English, this is the language all maintainers can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
3. Please take a moment to check that your feature hasn't already been suggested.
- type: textarea
id: description
attributes:
label: Feature Description
placeholder: |
I think it would be great if Gitea had...
validations:
required: true
- type: textarea
id: screenshots
attributes:
label: Screenshots
description: If you can, provide screenshots of an implementation on another site e.g. GitHub

View file

@ -1,66 +0,0 @@
name: Web Interface Bug Report
description: Something doesn't look quite as it should? Report it here!
labels: ["type/bug", "topic/ui"]
body:
- type: markdown
attributes:
value: |
NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue.
- type: markdown
attributes:
value: |
1. Please speak English, this is the language all maintainers can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
3. Please take a moment to check that your issue doesn't already exist.
4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
5. Please give all relevant information below for bug reports, because
incomplete details will be handled as an invalid report.
6. In particular it's really important to provide pertinent logs. If you are certain that this is a javascript
error, show us the javascript console. If the error appears to relate to Gitea the server you must also give us
DEBUG level logs. (See https://docs.gitea.com/administration/logging-config#collecting-logs-for-help)
- type: textarea
id: description
attributes:
label: Description
description: |
Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below)
If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please disable the proxy/CDN fully and connect to gitea directly to confirm the issue still persists without those services.
- type: textarea
id: screenshots
attributes:
label: Screenshots
description: Please provide at least 1 screenshot showing the issue.
validations:
required: true
- type: input
id: gitea-ver
attributes:
label: Gitea Version
description: Gitea version (or commit reference) your instance is running
validations:
required: true
- type: dropdown
id: can-reproduce
attributes:
label: Can you reproduce the bug on the Gitea demo site?
description: |
If so, please provide a URL in the Description field
URL of Gitea demo: https://try.gitea.io
options:
- "Yes"
- "No"
validations:
required: true
- type: input
id: os-ver
attributes:
label: Operating System
description: The operating system you are using to access Gitea
- type: input
id: browser-ver
attributes:
label: Browser Version
description: The browser and version that you are using to access Gitea
validations:
required: true

View file

@ -1,5 +0,0 @@
self-hosted-runner:
labels:
- actuated-4cpu-8gb
- actuated-4cpu-16gb
- nscloud

36
.github/labeler.yml vendored
View file

@ -1,36 +0,0 @@
modifies/docs:
- "**/*.md"
- "docs/**"
modifies/frontend:
- "web_src/**/*"
modifies/templates:
- all: ["templates/**", "!templates/swagger/v1_json.tmpl"]
modifies/api:
- "routers/api/**"
- "templates/swagger/v1_json.tmpl"
modifies/cli:
- "cmd/**"
modifies/translation:
- "options/locale/*.ini"
modifies/migrations:
- "models/migrations/**/*"
modifies/internal:
- "Makefile"
- "Dockerfile"
- "Dockerfile.rootless"
- "docker/**"
- "webpack.config.js"
- ".eslintrc.yaml"
- ".golangci.yml"
- ".markdownlint.yaml"
- ".spectral.yaml"
- ".stylelintrc.yaml"
- ".yamllint.yaml"
- ".github/**"

View file

@ -1,9 +0,0 @@
<!-- start tips -->
Please check the following:
1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for backports.
2. Make sure you have read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md .
3. Describe what your pull request does and which issue you're targeting (if any).
4. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
5. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
6. Delete all these tips before posting.
<!-- end tips -->

View file

@ -1,29 +0,0 @@
name: cron-licenses
on:
schedule:
- cron: "7 0 * * 1" # every Monday at 00:07 UTC
workflow_dispatch:
jobs:
cron-licenses:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make generate-license generate-gitignore
timeout-minutes: 40
- name: push translations to repo
uses: appleboy/git-push-action@v0.0.3
with:
author_email: "teabot@gitea.io"
author_name: GiteaBot
branch: main
commit: true
commit_message: "[skip ci] Updated licenses and gitignores"
remote: "git@github.com:go-gitea/gitea.git"
ssh_key: ${{ secrets.DEPLOY_KEY }}

View file

@ -1,22 +0,0 @@
name: cron-lock
on:
schedule:
- cron: "0 0 * * *" # every day at 00:00 UTC
workflow_dispatch:
permissions:
issues: write
pull-requests: write
concurrency:
group: lock
jobs:
action:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
steps:
- uses: dessant/lock-threads@v4
with:
issue-inactive-days: 45

View file

@ -1,49 +0,0 @@
name: cron-translations
on:
schedule:
- cron: "7 0 * * *" # every day at 00:07 UTC
workflow_dispatch:
jobs:
crowdin-pull:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
steps:
- uses: actions/checkout@v4
- name: download from crowdin
uses: docker://jonasfranz/crowdin
env:
CROWDIN_KEY: ${{ secrets.CROWDIN_KEY }}
PLUGIN_DOWNLOAD: true
PLUGIN_EXPORT_DIR: options/locale/
PLUGIN_IGNORE_BRANCH: true
PLUGIN_PROJECT_IDENTIFIER: gitea
- name: update locales
run: ./build/update-locales.sh
- name: push translations to repo
uses: appleboy/git-push-action@v0.0.3
with:
author_email: "teabot@gitea.io"
author_name: GiteaBot
branch: main
commit: true
commit_message: "[skip ci] Updated translations via Crowdin"
remote: "git@github.com:go-gitea/gitea.git"
ssh_key: ${{ secrets.DEPLOY_KEY }}
crowdin-push:
runs-on: ubuntu-latest
if: github.repository == 'go-gitea/gitea'
steps:
- uses: actions/checkout@v4
- name: push translations to crowdin
uses: docker://jonasfranz/crowdin
env:
CROWDIN_KEY: ${{ secrets.CROWDIN_KEY }}
PLUGIN_UPLOAD: true
PLUGIN_EXPORT_DIR: options/locale/
PLUGIN_IGNORE_BRANCH: true
PLUGIN_PROJECT_IDENTIFIER: gitea
PLUGIN_FILES: |
locale_en-US.ini: options/locale/locale_en-US.ini
PLUGIN_BRANCH: main

View file

@ -1,25 +0,0 @@
name: disk-clean
on:
workflow_call:
jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
# this might remove tools that are actually needed,
# if set to "true" but frees about 6 GB
tool-cache: false
# all of these default to true, but feel free to set to
# "false" if necessary for your workflow
android: true
dotnet: true
haskell: true
large-packages: false
docker-images: false
swap-storage: true

View file

@ -1,97 +0,0 @@
name: files-changed
on:
workflow_call:
outputs:
backend:
value: ${{ jobs.detect.outputs.backend }}
frontend:
value: ${{ jobs.detect.outputs.frontend }}
docs:
value: ${{ jobs.detect.outputs.docs }}
actions:
value: ${{ jobs.detect.outputs.actions }}
templates:
value: ${{ jobs.detect.outputs.templates }}
docker:
value: ${{ jobs.detect.outputs.docker }}
swagger:
value: ${{ jobs.detect.outputs.swagger }}
yaml:
value: ${{ jobs.detect.outputs.yaml }}
jobs:
detect:
runs-on: ubuntu-latest
timeout-minutes: 3
outputs:
backend: ${{ steps.changes.outputs.backend }}
frontend: ${{ steps.changes.outputs.frontend }}
docs: ${{ steps.changes.outputs.docs }}
actions: ${{ steps.changes.outputs.actions }}
templates: ${{ steps.changes.outputs.templates }}
docker: ${{ steps.changes.outputs.docker }}
swagger: ${{ steps.changes.outputs.swagger }}
yaml: ${{ steps.changes.outputs.yaml }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v2
id: changes
with:
filters: |
backend:
- "**/*.go"
- "templates/**/*.tmpl"
- "assets/emoji.json"
- "go.mod"
- "go.sum"
- "Makefile"
- ".golangci.yml"
- ".editorconfig"
frontend:
- "**/*.js"
- "web_src/**"
- "assets/emoji.json"
- "package.json"
- "package-lock.json"
- "Makefile"
- ".eslintrc.yaml"
- ".stylelintrc.yaml"
- ".npmrc"
docs:
- "**/*.md"
- "docs/**"
- ".markdownlint.yaml"
- "package.json"
- "package-lock.json"
actions:
- ".github/workflows/*"
- "Makefile"
templates:
- "templates/**/*.tmpl"
- "pyproject.toml"
- "poetry.lock"
docker:
- "Dockerfile"
- "Dockerfile.rootless"
- "docker/**"
- "Makefile"
swagger:
- "templates/swagger/v1_json.tmpl"
- "Makefile"
- "package.json"
- "package-lock.json"
- ".spectral.yaml"
yaml:
- "**/*.yml"
- "**/*.yaml"
- ".yamllint.yaml"
- "pyproject.toml"
- "poetry.lock"

View file

@ -1,182 +0,0 @@
name: compliance
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
lint-backend:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend deps-tools
- run: make lint-backend
env:
TAGS: bindata sqlite sqlite_unlock_notify
lint-templates:
if: needs.files-changed.outputs.templates == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- run: pip install poetry
- run: make deps-py
- run: make lint-templates
lint-yaml:
if: needs.files-changed.outputs.yaml == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- run: pip install poetry
- run: make deps-py
- run: make lint-yaml
lint-swagger:
if: needs.files-changed.outputs.swagger == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend
- run: make lint-swagger
lint-go-windows:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend deps-tools
- run: make lint-go-windows lint-go-vet
env:
TAGS: bindata sqlite sqlite_unlock_notify
GOOS: windows
GOARCH: amd64
lint-go-gogit:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend deps-tools
- run: make lint-go
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
checks-backend:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend deps-tools
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs
frontend:
if: needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend
- run: make lint-frontend
- run: make checks-frontend
- run: make test-frontend
- run: make frontend
backend:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
# no frontend build here as backend should be able to build
# even without any frontend files
- run: make deps-backend
- run: go build -o gitea_no_gcc # test if build succeeds without the sqlite tag
- name: build-backend-arm64
run: make backend # test cross compile
env:
GOOS: linux
GOARCH: arm64
TAGS: bindata gogit
- name: build-backend-windows
run: go build -o gitea_windows
env:
GOOS: windows
GOARCH: amd64
TAGS: bindata gogit
- name: build-backend-386
run: go build -o gitea_linux_386 # test if compatible with 32 bit
env:
GOOS: linux
GOARCH: 386
docs:
if: needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend
- run: make lint-md
- run: make docs
actions:
if: needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make lint-actions

View file

@ -1,215 +0,0 @@
name: db-tests
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
test-pgsql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
services:
pgsql:
image: postgres:12
env:
POSTGRES_DB: test
POSTGRES_PASSWORD: postgres
ports:
- "5432:5432"
ldap:
image: gitea/test-openldap:latest
ports:
- "389:389"
- "636:636"
minio:
# as github actions doesn't support "entrypoint", we need to use a non-official image
# that has a custom entrypoint set to "minio server /data"
image: bitnami/minio:2023.8.31
env:
MINIO_ROOT_USER: 123456
MINIO_ROOT_PASSWORD: 12345678
ports:
- "9000:9000"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 pgsql ldap minio" | sudo tee -a /etc/hosts'
- run: make deps-backend
- run: make backend
env:
TAGS: bindata
- run: make test-pgsql-migration test-pgsql
timeout-minutes: 50
env:
TAGS: bindata gogit
RACE_ENABLED: true
TEST_TAGS: gogit
TEST_LDAP: 1
USE_REPO_TEST_DIR: 1
test-sqlite:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- run: make deps-backend
- run: make backend
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
- run: make test-sqlite-migration test-sqlite
timeout-minutes: 50
env:
TAGS: bindata gogit sqlite sqlite_unlock_notify
RACE_ENABLED: true
TEST_TAGS: gogit sqlite sqlite_unlock_notify
USE_REPO_TEST_DIR: 1
test-unit:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
services:
elasticsearch:
image: elasticsearch:7.5.0
env:
discovery.type: single-node
ports:
- "9200:9200"
meilisearch:
image: getmeili/meilisearch:v1.2.0
env:
MEILI_ENV: development # disable auth
ports:
- "7700:7700"
redis:
image: redis
options: >- # wait until redis has started
--health-cmd "redis-cli ping"
--health-interval 5s
--health-timeout 3s
--health-retries 10
ports:
- 6379:6379
minio:
image: bitnami/minio:2021.3.17
env:
MINIO_ACCESS_KEY: 123456
MINIO_SECRET_KEY: 12345678
ports:
- "9000:9000"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch meilisearch smtpimap" | sudo tee -a /etc/hosts'
- run: make deps-backend
- run: make backend
env:
TAGS: bindata
- name: unit-tests
run: make unit-test-coverage test-check
env:
TAGS: bindata
RACE_ENABLED: true
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
- name: unit-tests-gogit
run: make unit-test-coverage test-check
env:
TAGS: bindata gogit
RACE_ENABLED: true
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
test-mysql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
services:
mysql:
image: mysql:8.0
env:
MYSQL_ALLOW_EMPTY_PASSWORD: true
MYSQL_DATABASE: testgitea
ports:
- "3306:3306"
elasticsearch:
image: elasticsearch:7.5.0
env:
discovery.type: single-node
ports:
- "9200:9200"
smtpimap:
image: tabascoterrier/docker-imap-devel:latest
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch smtpimap" | sudo tee -a /etc/hosts'
- run: make deps-backend
- run: make backend
env:
TAGS: bindata
- name: run tests
run: make test-mysql-migration integration-test-coverage
env:
TAGS: bindata
RACE_ENABLED: true
USE_REPO_TEST_DIR: 1
TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200"
test-mssql:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
services:
mssql:
image: mcr.microsoft.com/mssql/server:2017-latest
env:
ACCEPT_EULA: Y
MSSQL_PID: Standard
SA_PASSWORD: MwantsaSecurePassword1
ports:
- "1433:1433"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- name: Add hosts to /etc/hosts
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mssql" | sudo tee -a /etc/hosts'
- run: make deps-backend
- run: make backend
env:
TAGS: bindata
- run: make test-mssql-migration test-mssql
timeout-minutes: 50
env:
TAGS: bindata
USE_REPO_TEST_DIR: 1

View file

@ -1,35 +0,0 @@
name: docker-dryrun
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
regular:
if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v5
with:
push: false
tags: gitea/gitea:linux-amd64
rootless:
if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v5
with:
push: false
file: Dockerfile.rootless
tags: gitea/gitea:linux-amd64

View file

@ -1,32 +0,0 @@
name: e2e-tests
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
test-e2e:
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend frontend deps-backend
- run: npx playwright install --with-deps
- run: make test-e2e-sqlite
timeout-minutes: 40
env:
USE_REPO_TEST_DIR: 1

View file

@ -1,20 +0,0 @@
name: labeler
on:
pull_request_target:
types: [opened, synchronize, reopened]
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
label:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/labeler@v4
with:
dot: true

View file

@ -1,134 +0,0 @@
name: release-nightly
on:
push:
branches: [main, release/v*]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
disk-clean:
uses: ./.github/workflows/disk-clean.yml
nightly-binary:
runs-on: nscloud
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend deps-backend
# xgo build
- run: make release
env:
TAGS: bindata sqlite sqlite_unlock_notify
- name: import gpg key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
- name: sign binaries
run: |
for f in dist/release/*; do
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
done
# clean branch name to get the folder name in S3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
nightly-docker-rootful:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Get cleaned branch name
id: clean_name
run: |
# if main then say nightly otherwise cleanup name
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "branch=nightly" >> "$GITHUB_OUTPUT"
exit 0
fi
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: fetch go modules
run: make vendor
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}
nightly-docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Get cleaned branch name
id: clean_name
run: |
# if main then say nightly otherwise cleanup name
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "branch=nightly" >> "$GITHUB_OUTPUT"
exit 0
fi
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: fetch go modules
run: make vendor
- name: build rootless docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless

View file

@ -1,132 +0,0 @@
name: release-tag-rc
on:
push:
tags:
- "v1*-rc*"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
binary:
runs-on: nscloud
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend deps-backend
# xgo build
- run: make release
env:
TAGS: bindata sqlite sqlite_unlock_notify
- name: import gpg key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
- name: sign binaries
run: |
for f in dist/release/*; do
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
done
# clean branch name to get the folder name in S3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\/v//' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: Install GH CLI
uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
with:
gh-cli-version: 2.39.1
- name: create github release
run: |
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
docker-rootful:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
flavor: |
latest=false
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
latest=false
suffix=-rootless
# 1.2.3-rc0
tags: |
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootless docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

View file

@ -1,143 +0,0 @@
name: release-tag-version
on:
push:
tags:
- "v1.*"
- "!v1*-rc*"
- "!v1*-dev"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
binary:
runs-on: nscloud
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: actions/setup-go@v4
with:
go-version-file: go.mod
check-latest: true
- uses: actions/setup-node@v4
with:
node-version: 20
- run: make deps-frontend deps-backend
# xgo build
- run: make release
env:
TAGS: bindata sqlite sqlite_unlock_notify
- name: import gpg key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
- name: sign binaries
run: |
for f in dist/release/*; do
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
done
# clean branch name to get the folder name in S3
- name: Get cleaned branch name
id: clean_name
run: |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\/v//' -e 's/release\/v//')
echo "Cleaned name is ${REF_NAME}"
echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
- name: configure aws
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: upload binaries to s3
run: |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
- name: Install GH CLI
uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
with:
gh-cli-version: 2.39.1
- name: create github release
run: |
gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --notes-from-tag dist/release/*
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
docker-rootful:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# this will generate tags in the following format:
# latest
# 1
# 1.2
# 1.2.3
tags: |
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootful docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
docker-rootless:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
- run: git fetch --unshallow --quiet --tags --force
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/metadata-action@v5
id: meta
with:
images: gitea/gitea
# each tag below will have the suffix of -rootless
flavor: |
suffix=-rootless,onlatest=true
# this will generate tags in the following format (with -rootless suffix added):
# latest
# 1
# 1.2
# 1.2.3
tags: |
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: build rootless docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
file: Dockerfile.rootless
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

3
.gitignore vendored
View file

@ -1,3 +1,6 @@
# Emacs
*~
# Compiled Object files, Static and Dynamic libs (Shared Objects) # Compiled Object files, Static and Dynamic libs (Shared Objects)
*.o *.o
*.a *.a

View file

@ -1,5 +1,6 @@
# Build stage FROM --platform=$BUILDPLATFORM docker.io/tonistiigi/xx AS xx
FROM docker.io/library/golang:1.21-alpine3.18 AS build-env
FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21-alpine3.18 as build-env
ARG GOPROXY ARG GOPROXY
ENV GOPROXY ${GOPROXY:-direct} ENV GOPROXY ${GOPROXY:-direct}
@ -9,24 +10,33 @@ ARG TAGS="sqlite sqlite_unlock_notify"
ENV TAGS "bindata timetzdata $TAGS" ENV TAGS "bindata timetzdata $TAGS"
ARG CGO_EXTRA_CFLAGS ARG CGO_EXTRA_CFLAGS
# Build deps #
RUN apk --no-cache add \ # Transparently cross compile for the target platform
build-base \ #
git \ COPY --from=xx / /
nodejs \ ARG TARGETPLATFORM
npm \ RUN apk --no-cache add clang lld
&& rm -rf /var/cache/apk/* RUN xx-apk --no-cache add gcc musl-dev
ENV CGO_ENABLED=1
RUN xx-go --wrap
#
# for go generate and binfmt to find
# without it the generate phase will fail with
# #19 25.04 modules/public/public_bindata.go:8: running "go": exit status 1
# #19 25.39 aarch64-binfmt-P: Could not open '/lib/ld-musl-aarch64.so.1': No such file or directory
# why exactly is it needed? where is binfmt involved?
#
RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
RUN apk --no-cache add build-base git nodejs npm
# Setup repo
COPY . ${GOPATH}/src/code.gitea.io/gitea COPY . ${GOPATH}/src/code.gitea.io/gitea
WORKDIR ${GOPATH}/src/code.gitea.io/gitea WORKDIR ${GOPATH}/src/code.gitea.io/gitea
# Checkout version if set RUN make clean-all
RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ RUN make frontend
&& make clean-all build RUN go build contrib/environment-to-ini/environment-to-ini.go && xx-verify environment-to-ini
RUN make go-check generate-backend static-executable && xx-verify gitea
# Begin env-to-ini build
RUN go build contrib/environment-to-ini/environment-to-ini.go
# Copy local files # Copy local files
COPY docker/root /tmp/local COPY docker/root /tmp/local
@ -42,7 +52,7 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
FROM docker.io/library/alpine:3.18 FROM docker.io/library/alpine:3.18
LABEL maintainer="maintainers@gitea.io" LABEL maintainer="contact@forgejo.org"
EXPOSE 22 3000 EXPOSE 22 3000
@ -81,6 +91,7 @@ ENTRYPOINT ["/usr/bin/entrypoint"]
CMD ["/bin/s6-svscan", "/etc/s6"] CMD ["/bin/s6-svscan", "/etc/s6"]
COPY --from=build-env /tmp/local / COPY --from=build-env /tmp/local /
RUN cd /usr/local/bin ; ln -s gitea forgejo
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh

View file

@ -1,5 +1,6 @@
# Build stage FROM --platform=$BUILDPLATFORM docker.io/tonistiigi/xx AS xx
FROM docker.io/library/golang:1.21-alpine3.18 AS build-env
FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21-alpine3.18 as build-env
ARG GOPROXY ARG GOPROXY
ENV GOPROXY ${GOPROXY:-direct} ENV GOPROXY ${GOPROXY:-direct}
@ -9,24 +10,33 @@ ARG TAGS="sqlite sqlite_unlock_notify"
ENV TAGS "bindata timetzdata $TAGS" ENV TAGS "bindata timetzdata $TAGS"
ARG CGO_EXTRA_CFLAGS ARG CGO_EXTRA_CFLAGS
#Build deps #
RUN apk --no-cache add \ # Transparently cross compile for the target platform
build-base \ #
git \ COPY --from=xx / /
nodejs \ ARG TARGETPLATFORM
npm \ RUN apk --no-cache add clang lld
&& rm -rf /var/cache/apk/* RUN xx-apk --no-cache add gcc musl-dev
ENV CGO_ENABLED=1
RUN xx-go --wrap
#
# for go generate and binfmt to find
# without it the generate phase will fail with
# #19 25.04 modules/public/public_bindata.go:8: running "go": exit status 1
# #19 25.39 aarch64-binfmt-P: Could not open '/lib/ld-musl-aarch64.so.1': No such file or directory
# why exactly is it needed? where is binfmt involved?
#
RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
RUN apk --no-cache add build-base git nodejs npm
# Setup repo
COPY . ${GOPATH}/src/code.gitea.io/gitea COPY . ${GOPATH}/src/code.gitea.io/gitea
WORKDIR ${GOPATH}/src/code.gitea.io/gitea WORKDIR ${GOPATH}/src/code.gitea.io/gitea
# Checkout version if set RUN make clean-all
RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ RUN make frontend
&& make clean-all build RUN go build contrib/environment-to-ini/environment-to-ini.go && xx-verify environment-to-ini
RUN make go-check generate-backend static-executable && xx-verify gitea
# Begin env-to-ini build
RUN go build contrib/environment-to-ini/environment-to-ini.go
# Copy local files # Copy local files
COPY docker/rootless /tmp/local COPY docker/rootless /tmp/local
@ -40,7 +50,7 @@ RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
FROM docker.io/library/alpine:3.18 FROM docker.io/library/alpine:3.18
LABEL maintainer="maintainers@gitea.io" LABEL maintainer="contact@forgejo.org"
EXPOSE 2222 3000 EXPOSE 2222 3000
@ -69,18 +79,19 @@ RUN mkdir -p /var/lib/gitea /etc/gitea
RUN chown git:git /var/lib/gitea /etc/gitea RUN chown git:git /var/lib/gitea /etc/gitea
COPY --from=build-env /tmp/local / COPY --from=build-env /tmp/local /
RUN cd /usr/local/bin ; ln -s gitea forgejo
COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
# git:git #git:git
USER 1000:1000 USER 1000:1000
ENV GITEA_WORK_DIR /var/lib/gitea ENV GITEA_WORK_DIR /var/lib/gitea
ENV GITEA_CUSTOM /var/lib/gitea/custom ENV GITEA_CUSTOM /var/lib/gitea/custom
ENV GITEA_TEMP /tmp/gitea ENV GITEA_TEMP /tmp/gitea
ENV TMPDIR /tmp/gitea ENV TMPDIR /tmp/gitea
# TODO add to docs the ability to define the ini to load (useful to test and revert a config) #TODO add to docs the ability to define the ini to load (useful to test and revert a config)
ENV GITEA_APP_INI /etc/gitea/app.ini ENV GITEA_APP_INI /etc/gitea/app.ini
ENV HOME "/var/lib/gitea/git" ENV HOME "/var/lib/gitea/git"
VOLUME ["/var/lib/gitea", "/etc/gitea"] VOLUME ["/var/lib/gitea", "/etc/gitea"]
@ -88,3 +99,4 @@ WORKDIR /var/lib/gitea
ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"]
CMD [] CMD []

View file

@ -83,31 +83,14 @@ endif
STORED_VERSION_FILE := VERSION STORED_VERSION_FILE := VERSION
HUGO_VERSION ?= 0.111.3 HUGO_VERSION ?= 0.111.3
GITHUB_REF_TYPE ?= branch
GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
ifneq ($(GITHUB_REF_TYPE),branch) STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
VERSION ?= $(subst v,,$(GITHUB_REF_NAME)) ifneq ($(STORED_VERSION),)
GITEA_VERSION ?= $(VERSION)
else
ifneq ($(GITHUB_REF_NAME),)
VERSION ?= $(subst release/v,,$(GITHUB_REF_NAME))
else
VERSION ?= main
endif
STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
ifneq ($(STORED_VERSION),)
GITEA_VERSION ?= $(STORED_VERSION) GITEA_VERSION ?= $(STORED_VERSION)
else else
GITEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//') GITEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
endif
endif
# if version = "main" then update version to "nightly"
ifeq ($(VERSION),main)
VERSION := main-nightly
endif endif
VERSION = ${GITEA_VERSION}
LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
@ -413,12 +396,11 @@ lint-go-windows:
.PHONY: lint-go-vet .PHONY: lint-go-vet
lint-go-vet: lint-go-vet:
@echo "Running go vet..." @echo "Running go vet..."
@GOOS= GOARCH= $(GO) build code.gitea.io/gitea-vet @$(GO) vet $(GO_PACKAGES)
@$(GO) vet -vettool=gitea-vet $(GO_PACKAGES)
.PHONY: lint-editorconfig .PHONY: lint-editorconfig
lint-editorconfig: lint-editorconfig:
$(GO) run $(EDITORCONFIG_CHECKER_PACKAGE) templates .github/workflows $(GO) run $(EDITORCONFIG_CHECKER_PACKAGE) templates .forgejo/workflows
.PHONY: lint-actions .PHONY: lint-actions
lint-actions: lint-actions:
@ -788,8 +770,14 @@ security-check:
$(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ) $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@ CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
static-executable: $(GO_SOURCES) $(TAGS_PREREQ)
CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags 'netgo osusergo $(TAGS)' -ldflags '-s -w -linkmode external -extldflags "-static" $(LDFLAGS)' -o $(EXECUTABLE)
.PHONY: release .PHONY: release
release: frontend generate release-windows release-linux release-darwin release-freebsd release-copy release-compress vendor release-sources release-docs release-check release: frontend generate release-linux release-copy release-compress vendor release-sources release-check
# just the sources, with all assets builtin and frontend resources generated
sources-tarbal: frontend generate vendor release-sources release-check
$(DIST_DIRS): $(DIST_DIRS):
mkdir -p $(DIST_DIRS) mkdir -p $(DIST_DIRS)
@ -803,7 +791,10 @@ endif
.PHONY: release-linux .PHONY: release-linux
release-linux: | $(DIST_DIRS) release-linux: | $(DIST_DIRS)
CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets '$(LINUX_ARCHS)' -out gitea-$(VERSION) . CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets '$(LINUX_ARCHS)' -out forgejo-$(VERSION) .
ifeq ($(CI),true)
cp /build/* $(DIST)/binaries
endif
.PHONY: release-darwin .PHONY: release-darwin
release-darwin: | $(DIST_DIRS) release-darwin: | $(DIST_DIRS)
@ -831,8 +822,8 @@ release-sources: | $(DIST_DIRS)
# bsdtar needs a ^ to prevent matching subdirectories # bsdtar needs a ^ to prevent matching subdirectories
$(eval EXCL := --exclude=$(shell tar --help | grep -q bsdtar && echo "^")./) $(eval EXCL := --exclude=$(shell tar --help | grep -q bsdtar && echo "^")./)
# use transform to a add a release-folder prefix; in bsdtar the transform parameter equivalent is -s # use transform to a add a release-folder prefix; in bsdtar the transform parameter equivalent is -s
$(eval TRANSFORM := $(shell tar --help | grep -q bsdtar && echo "-s '/^./gitea-src-$(VERSION)/'" || echo "--transform 's|^./|gitea-src-$(VERSION)/|'")) $(eval TRANSFORM := $(shell tar --help | grep -q bsdtar && echo "-s '/^./forgejo-src-$(VERSION)/'" || echo "--transform 's|^./|forgejo-src-$(VERSION)/|'"))
tar $(addprefix $(EXCL),$(TAR_EXCLUDES)) $(TRANSFORM) -czf $(DIST)/release/gitea-src-$(VERSION).tar.gz . tar $(addprefix $(EXCL),$(TAR_EXCLUDES)) $(TRANSFORM) -czf $(DIST)/release/forgejo-src-$(VERSION).tar.gz .
rm -f $(STORED_VERSION_FILE) rm -f $(STORED_VERSION_FILE)
.PHONY: release-docs .PHONY: release-docs

243
cmd/forgejo/actions.go Normal file
View file

@ -0,0 +1,243 @@
// Copyright The Forgejo Authors.
// SPDX-License-Identifier: MIT
package forgejo
import (
"context"
"encoding/hex"
"fmt"
"io"
"os"
"strings"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/modules/private"
"code.gitea.io/gitea/modules/setting"
private_routers "code.gitea.io/gitea/routers/private"
"github.com/urfave/cli/v2"
)
func CmdActions(ctx context.Context) *cli.Command {
return &cli.Command{
Name: "actions",
Usage: "Commands for managing Forgejo Actions",
Subcommands: []*cli.Command{
SubcmdActionsGenerateRunnerToken(ctx),
SubcmdActionsGenerateRunnerSecret(ctx),
SubcmdActionsRegister(ctx),
},
}
}
func SubcmdActionsGenerateRunnerToken(ctx context.Context) *cli.Command {
return &cli.Command{
Name: "generate-runner-token",
Usage: "Generate a new token for a runner to use to register with the server",
Action: prepareWorkPathAndCustomConf(ctx, func(cliCtx *cli.Context) error { return RunGenerateActionsRunnerToken(ctx, cliCtx) }),
Flags: []cli.Flag{
&cli.StringFlag{
Name: "scope",
Aliases: []string{"s"},
Value: "",
Usage: "{owner}[/{repo}] - leave empty for a global runner",
},
},
}
}
func SubcmdActionsGenerateRunnerSecret(ctx context.Context) *cli.Command {
return &cli.Command{
Name: "generate-secret",
Usage: "Generate a secret suitable for input to the register subcommand",
Action: func(cliCtx *cli.Context) error { return RunGenerateSecret(ctx, cliCtx) },
}
}
func SubcmdActionsRegister(ctx context.Context) *cli.Command {
return &cli.Command{
Name: "register",
Usage: "Idempotent registration of a runner using a shared secret",
Action: prepareWorkPathAndCustomConf(ctx, func(cliCtx *cli.Context) error { return RunRegister(ctx, cliCtx) }),
Flags: []cli.Flag{
&cli.StringFlag{
Name: "secret",
Usage: "the secret the runner will use to connect as a 40 character hexadecimal string",
},
&cli.StringFlag{
Name: "secret-stdin",
Usage: "the secret the runner will use to connect as a 40 character hexadecimal string, read from stdin",
},
&cli.StringFlag{
Name: "secret-file",
Usage: "path to the file containing the secret the runner will use to connect as a 40 character hexadecimal string",
},
&cli.StringFlag{
Name: "scope",
Aliases: []string{"s"},
Value: "",
Usage: "{owner}[/{repo}] - leave empty for a global runner",
},
&cli.StringFlag{
Name: "labels",
Value: "",
Usage: "comma separated list of labels supported by the runner (e.g. docker,ubuntu-latest,self-hosted) (not required since v1.21)",
},
&cli.StringFlag{
Name: "name",
Value: "runner",
Usage: "name of the runner (default runner)",
},
&cli.StringFlag{
Name: "version",
Value: "",
Usage: "version of the runner (not required since v1.21)",
},
},
}
}
func readSecret(ctx context.Context, cliCtx *cli.Context) (string, error) {
if cliCtx.IsSet("secret") {
return cliCtx.String("secret"), nil
}
if cliCtx.IsSet("secret-stdin") {
buf, err := io.ReadAll(ContextGetStdin(ctx))
if err != nil {
return "", err
}
return string(buf), nil
}
if cliCtx.IsSet("secret-file") {
path := cliCtx.String("secret-file")
buf, err := os.ReadFile(path)
if err != nil {
return "", err
}
return string(buf), nil
}
return "", fmt.Errorf("at least one of the --secret, --secret-stdin, --secret-file options is required")
}
func validateSecret(secret string) error {
secretLen := len(secret)
if secretLen != 40 {
return fmt.Errorf("the secret must be exactly 40 characters long, not %d: generate-secret can provide a secret matching the requirements", secretLen)
}
if _, err := hex.DecodeString(secret); err != nil {
return fmt.Errorf("the secret must be an hexadecimal string: %w", err)
}
return nil
}
func RunRegister(ctx context.Context, cliCtx *cli.Context) error {
if !ContextGetNoInit(ctx) {
var cancel context.CancelFunc
ctx, cancel = installSignals(ctx)
defer cancel()
if err := initDB(ctx); err != nil {
return err
}
}
setting.MustInstalled()
secret, err := readSecret(ctx, cliCtx)
if err != nil {
return err
}
if err := validateSecret(secret); err != nil {
return err
}
scope := cliCtx.String("scope")
labels := cliCtx.String("labels")
name := cliCtx.String("name")
version := cliCtx.String("version")
//
// There are two kinds of tokens
//
// - "registration token" only used when a runner interacts to
// register
//
// - "token" obtained after a successful registration and stored by
// the runner to authenticate
//
// The register subcommand does not need a "registration token", it
// needs a "token". Using the same name is confusing and secret is
// preferred for this reason in the cli.
//
// The ActionsRunnerRegister argument is token to be consistent with
// the internal naming. It is still confusing to the developer but
// not to the user.
//
owner, repo, err := private_routers.ParseScope(ctx, scope)
if err != nil {
return err
}
runner, err := actions_model.RegisterRunner(ctx, owner, repo, secret, strings.Split(labels, ","), name, version)
if err != nil {
return fmt.Errorf("error while registering runner: %v", err)
}
if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", runner.UUID); err != nil {
panic(err)
}
return nil
}
func RunGenerateSecret(ctx context.Context, cliCtx *cli.Context) error {
runner := actions_model.ActionRunner{}
if err := runner.GenerateToken(); err != nil {
return err
}
if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", runner.Token); err != nil {
panic(err)
}
return nil
}
func RunGenerateActionsRunnerToken(ctx context.Context, cliCtx *cli.Context) error {
if !ContextGetNoInit(ctx) {
var cancel context.CancelFunc
ctx, cancel = installSignals(ctx)
defer cancel()
}
setting.MustInstalled()
scope := cliCtx.String("scope")
respText, extra := private.GenerateActionsRunnerToken(ctx, scope)
if extra.HasError() {
return handleCliResponseExtra(ctx, extra)
}
if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", respText); err != nil {
panic(err)
}
return nil
}
func prepareWorkPathAndCustomConf(ctx context.Context, action cli.ActionFunc) func(cliCtx *cli.Context) error {
return func(cliCtx *cli.Context) error {
if !ContextGetNoInit(ctx) {
var args setting.ArgWorkPathAndCustomConf
// from children to parent, check the global flags
for _, curCtx := range cliCtx.Lineage() {
if curCtx.IsSet("work-path") && args.WorkPath == "" {
args.WorkPath = curCtx.String("work-path")
}
if curCtx.IsSet("custom-path") && args.CustomPath == "" {
args.CustomPath = curCtx.String("custom-path")
}
if curCtx.IsSet("config") && args.CustomConf == "" {
args.CustomConf = curCtx.String("config")
}
}
setting.InitWorkPathAndCommonConfig(os.Getenv, args)
}
return action(cliCtx)
}
}

147
cmd/forgejo/forgejo.go Normal file
View file

@ -0,0 +1,147 @@
// Copyright The Forgejo Authors.
// SPDX-License-Identifier: MIT
package forgejo
import (
"context"
"fmt"
"io"
"os"
"os/signal"
"syscall"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/private"
"code.gitea.io/gitea/modules/setting"
"github.com/urfave/cli/v2"
)
type key int
const (
noInitKey key = iota + 1
noExitKey
stdoutKey
stderrKey
stdinKey
)
func CmdForgejo(ctx context.Context) *cli.Command {
return &cli.Command{
Name: "forgejo-cli",
Usage: "Forgejo CLI",
Flags: []cli.Flag{},
Subcommands: []*cli.Command{
CmdActions(ctx),
},
}
}
func ContextSetNoInit(ctx context.Context, value bool) context.Context {
return context.WithValue(ctx, noInitKey, value)
}
func ContextGetNoInit(ctx context.Context) bool {
value, ok := ctx.Value(noInitKey).(bool)
return ok && value
}
func ContextSetNoExit(ctx context.Context, value bool) context.Context {
return context.WithValue(ctx, noExitKey, value)
}
func ContextGetNoExit(ctx context.Context) bool {
value, ok := ctx.Value(noExitKey).(bool)
return ok && value
}
func ContextSetStderr(ctx context.Context, value io.Writer) context.Context {
return context.WithValue(ctx, stderrKey, value)
}
func ContextGetStderr(ctx context.Context) io.Writer {
value, ok := ctx.Value(stderrKey).(io.Writer)
if !ok {
return os.Stderr
}
return value
}
func ContextSetStdout(ctx context.Context, value io.Writer) context.Context {
return context.WithValue(ctx, stdoutKey, value)
}
func ContextGetStdout(ctx context.Context) io.Writer {
value, ok := ctx.Value(stderrKey).(io.Writer)
if !ok {
return os.Stdout
}
return value
}
func ContextSetStdin(ctx context.Context, value io.Reader) context.Context {
return context.WithValue(ctx, stdinKey, value)
}
func ContextGetStdin(ctx context.Context) io.Reader {
value, ok := ctx.Value(stdinKey).(io.Reader)
if !ok {
return os.Stdin
}
return value
}
// copied from ../cmd.go
func initDB(ctx context.Context) error {
setting.MustInstalled()
setting.LoadDBSetting()
setting.InitSQLLoggersForCli(log.INFO)
if setting.Database.Type == "" {
log.Fatal(`Database settings are missing from the configuration file: %q.
Ensure you are running in the correct environment or set the correct configuration file with -c.
If this is the intended configuration file complete the [database] section.`, setting.CustomConf)
}
if err := db.InitEngine(ctx); err != nil {
return fmt.Errorf("unable to initialize the database using the configuration in %q. Error: %w", setting.CustomConf, err)
}
return nil
}
// copied from ../cmd.go
func installSignals(ctx context.Context) (context.Context, context.CancelFunc) {
ctx, cancel := context.WithCancel(ctx)
go func() {
// install notify
signalChannel := make(chan os.Signal, 1)
signal.Notify(
signalChannel,
syscall.SIGINT,
syscall.SIGTERM,
)
select {
case <-signalChannel:
case <-ctx.Done():
}
cancel()
signal.Reset()
}()
return ctx, cancel
}
func handleCliResponseExtra(ctx context.Context, extra private.ResponseExtra) error {
if false && extra.UserMsg != "" {
if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", extra.UserMsg); err != nil {
panic(err)
}
}
if ContextGetNoExit(ctx) {
return extra.Error
}
return cli.Exit(extra.Error, 1)
}

View file

@ -4,10 +4,13 @@
package cmd package cmd
import ( import (
"context"
"fmt" "fmt"
"os" "os"
"path/filepath"
"strings" "strings"
"code.gitea.io/gitea/cmd/forgejo"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
@ -113,6 +116,36 @@ func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(ctx *cli.Context)
} }
func NewMainApp(version, versionExtra string) *cli.App { func NewMainApp(version, versionExtra string) *cli.App {
path, err := os.Executable()
if err != nil {
panic(err)
}
executable := filepath.Base(path)
var subCmdsStandalone []*cli.Command = make([]*cli.Command, 0, 10)
var subCmdWithConfig []*cli.Command = make([]*cli.Command, 0, 10)
//
// If the executable is forgejo-cli, provide a Forgejo specific CLI
// that is NOT compatible with Gitea.
//
if executable == "forgejo-cli" {
subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdActions(context.Background()))
} else {
//
// Otherwise provide a Gitea compatible CLI which includes Forgejo
// specific additions under the forgejo-cli subcommand. It allows
// admins to migration from Gitea to Forgejo by replacing the gitea
// binary and rename it to forgejo if they want.
//
subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdForgejo(context.Background()))
subCmdWithConfig = append(subCmdWithConfig, CmdActions)
}
return innerNewMainApp(version, versionExtra, subCmdsStandalone, subCmdWithConfig)
}
func innerNewMainApp(version, versionExtra string, subCmdsStandaloneArgs, subCmdWithConfigArgs []*cli.Command) *cli.App {
app := cli.NewApp() app := cli.NewApp()
app.Name = "Gitea" app.Name = "Gitea"
app.HelpName = "gitea" app.HelpName = "gitea"
@ -137,15 +170,17 @@ func NewMainApp(version, versionExtra string) *cli.App {
CmdMigrateStorage, CmdMigrateStorage,
CmdDumpRepository, CmdDumpRepository,
CmdRestoreRepository, CmdRestoreRepository,
CmdActions,
} }
subCmdWithConfig = append(subCmdWithConfig, subCmdWithConfigArgs...)
// these sub-commands do not need the config file, and they do not depend on any path or environment variable. // these sub-commands do not need the config file, and they do not depend on any path or environment variable.
subCmdStandalone := []*cli.Command{ subCmdStandalone := []*cli.Command{
CmdCert, CmdCert,
CmdGenerate, CmdGenerate,
CmdDocs, CmdDocs,
} }
subCmdStandalone = append(subCmdStandalone, subCmdsStandaloneArgs...)
app.DefaultCommand = CmdWeb.Name app.DefaultCommand = CmdWeb.Name

View file

@ -2580,9 +2580,8 @@ LEVEL = Info
; [actions] ; [actions]
;; Enable/Disable actions capabilities ;; Enable/Disable actions capabilities
;ENABLED = true ;ENABLED = true
;; ;; Default address to get action plugins, e.g. the default value means downloading from "https://code.forgejo.org/actions/checkout" for "uses: actions/checkout@v3"
;; Default platform to get action plugins, `github` for `https://github.com`, `self` for the current Gitea instance. ;DEFAULT_ACTIONS_URL = https://code.forgejo.org
;DEFAULT_ACTIONS_URL = github
;; Default artifact retention time in days, default is 90 days ;; Default artifact retention time in days, default is 90 days
;ARTIFACT_RETENTION_DAYS = 90 ;ARTIFACT_RETENTION_DAYS = 90
;; Timeout to stop the task which have running status, but haven't been updated for a long time ;; Timeout to stop the task which have running status, but haven't been updated for a long time

6
go.mod
View file

@ -106,12 +106,12 @@ require (
github.com/yuin/goldmark v1.5.6 github.com/yuin/goldmark v1.5.6
github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
github.com/yuin/goldmark-meta v1.1.0 github.com/yuin/goldmark-meta v1.1.0
golang.org/x/crypto v0.14.0 golang.org/x/crypto v0.17.0
golang.org/x/image v0.13.0 golang.org/x/image v0.13.0
golang.org/x/net v0.17.0 golang.org/x/net v0.17.0
golang.org/x/oauth2 v0.13.0 golang.org/x/oauth2 v0.13.0
golang.org/x/sys v0.13.0 golang.org/x/sys v0.15.0
golang.org/x/text v0.13.0 golang.org/x/text v0.14.0
golang.org/x/tools v0.14.0 golang.org/x/tools v0.14.0
google.golang.org/grpc v1.58.3 google.golang.org/grpc v1.58.3
google.golang.org/protobuf v1.31.0 google.golang.org/protobuf v1.31.0

15
go.sum
View file

@ -1152,8 +1152,8 @@ golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2Uz
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -1345,8 +1345,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -1356,8 +1356,8 @@ golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -1372,8 +1372,9 @@ golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

68
models/actions/forgejo.go Normal file
View file

@ -0,0 +1,68 @@
// SPDX-License-Identifier: MIT
package actions
import (
"context"
"encoding/hex"
"fmt"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/util"
gouuid "github.com/google/uuid"
)
func RegisterRunner(ctx context.Context, ownerID, repoID int64, token string, labels []string, name, version string) (*ActionRunner, error) {
uuid, err := gouuid.FromBytes([]byte(token[:16]))
if err != nil {
return nil, fmt.Errorf("gouuid.FromBytes %v", err)
}
uuidString := uuid.String()
var runner ActionRunner
has, err := db.GetEngine(ctx).Where("uuid=?", uuidString).Get(&runner)
if err != nil {
return nil, fmt.Errorf("GetRunner %v", err)
} else if !has {
//
// The runner does not exist yet, create it
//
saltBytes, err := util.CryptoRandomBytes(16)
if err != nil {
return nil, fmt.Errorf("CryptoRandomBytes %v", err)
}
salt := hex.EncodeToString(saltBytes)
hash := auth_model.HashToken(token, salt)
runner = ActionRunner{
UUID: uuidString,
TokenHash: hash,
TokenSalt: salt,
}
if err := CreateRunner(ctx, &runner); err != nil {
return &runner, fmt.Errorf("can't create new runner %w", err)
}
}
//
// Update the existing runner
//
name, _ = util.SplitStringAtByteN(name, 255)
runner.Name = name
runner.OwnerID = ownerID
runner.RepoID = repoID
runner.Version = version
runner.AgentLabels = labels
if err := UpdateRunner(ctx, &runner, "name", "owner_id", "repo_id", "version", "agent_labels"); err != nil {
return &runner, fmt.Errorf("can't update the runner %+v %w", runner, err)
}
return &runner, nil
}

View file

@ -0,0 +1,29 @@
// SPDX-License-Identifier: MIT
package actions
import (
"crypto/subtle"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest"
"github.com/stretchr/testify/assert"
)
func TestActions_RegisterRunner(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
ownerID := int64(0)
repoID := int64(0)
token := "0123456789012345678901234567890123456789"
labels := []string{}
name := "runner"
version := "v1.2.3"
runner, err := RegisterRunner(db.DefaultContext, ownerID, repoID, token, labels, name, version)
assert.NoError(t, err)
assert.EqualValues(t, name, runner.Name)
assert.EqualValues(t, 1, subtle.ConstantTimeCompare([]byte(runner.TokenHash), []byte(auth_model.HashToken(token, runner.TokenSalt))), "the token cannot be verified with the same method as routers/api/actions/runner/interceptor.go as of 8228751c55d6a4263f0fec2932ca16181c09c97d")
}

View file

@ -40,11 +40,14 @@ func IsWorkflow(path string) bool {
return false return false
} }
return strings.HasPrefix(path, ".gitea/workflows") || strings.HasPrefix(path, ".github/workflows") return strings.HasPrefix(path, ".forgejo/workflows") || strings.HasPrefix(path, ".gitea/workflows") || strings.HasPrefix(path, ".github/workflows")
} }
func ListWorkflows(commit *git.Commit) (git.Entries, error) { func ListWorkflows(commit *git.Commit) (git.Entries, error) {
tree, err := commit.SubTree(".gitea/workflows") tree, err := commit.SubTree(".forgejo/workflows")
if _, ok := err.(git.ErrNotExist); ok {
tree, err = commit.SubTree(".gitea/workflows")
}
if _, ok := err.(git.ErrNotExist); ok { if _, ok := err.(git.ErrNotExist); ok {
tree, err = commit.SubTree(".github/workflows") tree, err = commit.SubTree(".github/workflows")
} }

View file

@ -14,6 +14,7 @@ import (
) )
func TestElasticsearchIndexer(t *testing.T) { func TestElasticsearchIndexer(t *testing.T) {
t.Skip("elasticsearch not found in Forgejo test yet")
// The elasticsearch instance started by pull-db-tests.yml > test-unit > services > elasticsearch // The elasticsearch instance started by pull-db-tests.yml > test-unit > services > elasticsearch
url := "http://elastic:changeme@elasticsearch:9200" url := "http://elastic:changeme@elasticsearch:9200"

View file

@ -14,6 +14,7 @@ import (
) )
func TestMeilisearchIndexer(t *testing.T) { func TestMeilisearchIndexer(t *testing.T) {
t.Skip("meilisearch not found in Forgejo test yet")
// The meilisearch instance started by pull-db-tests.yml > test-unit > services > meilisearch // The meilisearch instance started by pull-db-tests.yml > test-unit > services > meilisearch
url := "http://meilisearch:7700" url := "http://meilisearch:7700"
key := "" // auth has been disabled in test environment key := "" // auth has been disabled in test environment

View file

@ -0,0 +1,32 @@
// SPDX-License-Identifier: MIT
package private
import (
"context"
"code.gitea.io/gitea/modules/setting"
)
type ActionsRunnerRegisterRequest struct {
Token string
Scope string
Labels []string
Name string
Version string
}
func ActionsRunnerRegister(ctx context.Context, token, scope string, labels []string, name, version string) (string, ResponseExtra) {
reqURL := setting.LocalURL + "api/internal/actions/register"
req := newInternalRequest(ctx, reqURL, "POST", ActionsRunnerRegisterRequest{
Token: token,
Scope: scope,
Labels: labels,
Name: name,
Version: version,
})
resp, extra := requestJSONResp(req, &responseText{})
return resp.Text, extra
}

View file

@ -56,8 +56,8 @@ func TestBaseRedis(t *testing.T) {
}() }()
if !waitRedisReady("redis://127.0.0.1:6379/0", 0) { if !waitRedisReady("redis://127.0.0.1:6379/0", 0) {
redisServer = redisServerCmd(t) redisServer = redisServerCmd(t)
if redisServer == nil && os.Getenv("CI") == "" { if true {
t.Skip("redis-server not found") t.Skip("redis-server not found in Forgejo test yet")
return return
} }
assert.NoError(t, redisServer.Start()) assert.NoError(t, redisServer.Start())

View file

@ -7,8 +7,6 @@ import (
"fmt" "fmt"
"strings" "strings"
"time" "time"
"code.gitea.io/gitea/modules/log"
) )
// Actions settings // Actions settings
@ -25,7 +23,7 @@ var (
SkipWorkflowStrings []string `ìni:"SKIP_WORKFLOW_STRINGS"` SkipWorkflowStrings []string `ìni:"SKIP_WORKFLOW_STRINGS"`
}{ }{
Enabled: true, Enabled: true,
DefaultActionsURL: defaultActionsURLGitHub, DefaultActionsURL: defaultActionsURLForgejo,
SkipWorkflowStrings: []string{"[skip ci]", "[ci skip]", "[no ci]", "[skip actions]", "[actions skip]"}, SkipWorkflowStrings: []string{"[skip ci]", "[ci skip]", "[no ci]", "[skip actions]", "[actions skip]"},
} }
) )
@ -39,18 +37,14 @@ func (url defaultActionsURL) URL() string {
case defaultActionsURLSelf: case defaultActionsURLSelf:
return strings.TrimSuffix(AppURL, "/") return strings.TrimSuffix(AppURL, "/")
default: default:
// This should never happen, but just in case, use GitHub as fallback return string(url)
return "https://github.com"
} }
} }
const ( const (
defaultActionsURLForgejo = "https://code.forgejo.org"
defaultActionsURLGitHub = "github" // https://github.com defaultActionsURLGitHub = "github" // https://github.com
defaultActionsURLSelf = "self" // the root URL of the self-hosted Gitea instance defaultActionsURLSelf = "self" // the root URL of the self-hosted instance
// DefaultActionsURL only supports GitHub and the self-hosted Gitea.
// It's intentionally not supported more, so please be cautious before adding more like "gitea" or "gitlab".
// If you get some trouble with `uses: username/action_name@version` in your workflow,
// please consider to use `uses: https://the_url_you_want_to_use/username/action_name@version` instead.
) )
func loadActionsFrom(rootCfg ConfigProvider) error { func loadActionsFrom(rootCfg ConfigProvider) error {
@ -60,19 +54,6 @@ func loadActionsFrom(rootCfg ConfigProvider) error {
return fmt.Errorf("failed to map Actions settings: %v", err) return fmt.Errorf("failed to map Actions settings: %v", err)
} }
if urls := string(Actions.DefaultActionsURL); urls != defaultActionsURLGitHub && urls != defaultActionsURLSelf {
url := strings.Split(urls, ",")[0]
if strings.HasPrefix(url, "https://") || strings.HasPrefix(url, "http://") {
log.Error("[actions] DEFAULT_ACTIONS_URL does not support %q as custom URL any longer, fallback to %q",
urls,
defaultActionsURLGitHub,
)
Actions.DefaultActionsURL = defaultActionsURLGitHub
} else {
return fmt.Errorf("unsupported [actions] DEFAULT_ACTIONS_URL: %q", urls)
}
}
// don't support to read configuration from [actions] // don't support to read configuration from [actions]
Actions.LogStorage, err = getStorage(rootCfg, "actions_log", "", nil) Actions.LogStorage, err = getStorage(rootCfg, "actions_log", "", nil)
if err != nil { if err != nil {

View file

@ -110,7 +110,6 @@ func Test_getDefaultActionsURLForActions(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
iniStr string iniStr string
wantErr assert.ErrorAssertionFunc
wantURL string wantURL string
}{ }{
{ {
@ -118,8 +117,7 @@ func Test_getDefaultActionsURLForActions(t *testing.T) {
iniStr: ` iniStr: `
[actions] [actions]
`, `,
wantErr: assert.NoError, wantURL: "https://code.forgejo.org",
wantURL: "https://github.com",
}, },
{ {
name: "github", name: "github",
@ -127,7 +125,6 @@ func Test_getDefaultActionsURLForActions(t *testing.T) {
[actions] [actions]
DEFAULT_ACTIONS_URL = github DEFAULT_ACTIONS_URL = github
`, `,
wantErr: assert.NoError,
wantURL: "https://github.com", wantURL: "https://github.com",
}, },
{ {
@ -136,35 +133,15 @@ DEFAULT_ACTIONS_URL = github
[actions] [actions]
DEFAULT_ACTIONS_URL = self DEFAULT_ACTIONS_URL = self
`, `,
wantErr: assert.NoError,
wantURL: "http://test_get_default_actions_url_for_actions:3000", wantURL: "http://test_get_default_actions_url_for_actions:3000",
}, },
{
name: "custom url",
iniStr: `
[actions]
DEFAULT_ACTIONS_URL = https://gitea.com
`,
wantErr: assert.NoError,
wantURL: "https://github.com",
},
{ {
name: "custom urls", name: "custom urls",
iniStr: ` iniStr: `
[actions] [actions]
DEFAULT_ACTIONS_URL = https://gitea.com,https://github.com DEFAULT_ACTIONS_URL = https://example.com
`, `,
wantErr: assert.NoError, wantURL: "https://example.com",
wantURL: "https://github.com",
},
{
name: "invalid",
iniStr: `
[actions]
DEFAULT_ACTIONS_URL = gitea
`,
wantErr: assert.Error,
wantURL: "https://github.com",
}, },
} }
@ -172,7 +149,7 @@ DEFAULT_ACTIONS_URL = gitea
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
cfg, err := NewConfigProviderFromData(tt.iniStr) cfg, err := NewConfigProviderFromData(tt.iniStr)
require.NoError(t, err) require.NoError(t, err)
if !tt.wantErr(t, loadActionsFrom(cfg)) { if !assert.NoError(t, loadActionsFrom(cfg)) {
return return
} }
assert.EqualValues(t, tt.wantURL, Actions.DefaultActionsURL.URL()) assert.EqualValues(t, tt.wantURL, Actions.DefaultActionsURL.URL())

View file

@ -22,7 +22,7 @@ func TestMinioStorageIterator(t *testing.T) {
} }
testStorageIterator(t, setting.MinioStorageType, &setting.Storage{ testStorageIterator(t, setting.MinioStorageType, &setting.Storage{
MinioConfig: setting.MinioStorageConfig{ MinioConfig: setting.MinioStorageConfig{
Endpoint: "127.0.0.1:9000", Endpoint: "minio:9000",
AccessKeyID: "123456", AccessKeyID: "123456",
SecretAccessKey: "12345678", SecretAccessKey: "12345678",
Bucket: "gitea", Bucket: "gitea",

View file

@ -402,6 +402,16 @@ func (p *PullRequestPayload) JSONPayload() ([]byte, error) {
return json.MarshalIndent(p, "", " ") return json.MarshalIndent(p, "", " ")
} }
type HookScheduleAction string
const (
HookScheduleCreated HookScheduleAction = "created"
)
type SchedulePayload struct {
Action HookScheduleAction `json:"action"`
}
// ReviewPayload FIXME // ReviewPayload FIXME
type ReviewPayload struct { type ReviewPayload struct {
Type string `json:"type"` Type string `json:"type"`

View file

@ -4,6 +4,7 @@
package private package private
import ( import (
gocontext "context"
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
@ -64,7 +65,11 @@ func GenerateActionsRunnerToken(ctx *context.PrivateContext) {
ctx.PlainText(http.StatusOK, token.Token) ctx.PlainText(http.StatusOK, token.Token)
} }
func parseScope(ctx *context.PrivateContext, scope string) (ownerID, repoID int64, err error) { func ParseScope(ctx gocontext.Context, scope string) (ownerID, repoID int64, err error) {
return parseScope(ctx, scope)
}
func parseScope(ctx gocontext.Context, scope string) (ownerID, repoID int64, err error) {
ownerID = 0 ownerID = 0
repoID = 0 repoID = 0
if scope == "" { if scope == "" {

View file

@ -423,7 +423,11 @@ func handleSchedules(
return nil return nil
} }
p, err := json.Marshal(input.Payload) payload := &api.SchedulePayload{
Action: api.HookScheduleCreated,
}
p, err := json.Marshal(payload)
if err != nil { if err != nil {
return fmt.Errorf("json.Marshal: %w", err) return fmt.Errorf("json.Marshal: %w", err)
} }

View file

@ -276,16 +276,6 @@ func CreateNewBranchFromCommit(ctx context.Context, doer *user_model.User, repo
return err return err
} }
return db.WithTx(ctx, func(ctx context.Context) error {
commit, err := gitRepo.GetCommit(commitID)
if err != nil {
return err
}
// database operation should be done before git operation so that we can rollback if git operation failed
if err := syncBranchToDB(ctx, repo.ID, doer.ID, branchName, commit); err != nil {
return err
}
if err := git.Push(ctx, repo.RepoPath(), git.PushOptions{ if err := git.Push(ctx, repo.RepoPath(), git.PushOptions{
Remote: repo.RepoPath(), Remote: repo.RepoPath(),
Branch: fmt.Sprintf("%s:%s%s", commitID, git.BranchPrefix, branchName), Branch: fmt.Sprintf("%s:%s%s", commitID, git.BranchPrefix, branchName),
@ -296,8 +286,8 @@ func CreateNewBranchFromCommit(ctx context.Context, doer *user_model.User, repo
} }
return fmt.Errorf("push: %w", err) return fmt.Errorf("push: %w", err)
} }
return nil return nil
})
} }
// RenameBranch rename a branch // RenameBranch rename a branch

View file

@ -4,72 +4,55 @@
package integration package integration
import ( import (
"fmt"
"net/http" "net/http"
"net/url" "net/url"
"testing" "testing"
"code.gitea.io/gitea/modules/translation" git_model "code.gitea.io/gitea/models/git"
"code.gitea.io/gitea/tests" repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
gitea_context "code.gitea.io/gitea/modules/context"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestViewBranches(t *testing.T) { func TestBranchActions(t *testing.T) {
defer tests.PrepareTestEnv(t)()
req := NewRequest(t, "GET", "/user2/repo1/branches")
resp := MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
_, exists := htmlDoc.doc.Find(".delete-branch-button").Attr("data-url")
assert.False(t, exists, "The template has changed")
}
func TestDeleteBranch(t *testing.T) {
defer tests.PrepareTestEnv(t)()
deleteBranch(t)
}
func TestUndoDeleteBranch(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) { onGiteaRun(t, func(t *testing.T, u *url.URL) {
deleteBranch(t)
htmlDoc, name := branchAction(t, ".restore-branch-button")
assert.Contains(t,
htmlDoc.doc.Find(".ui.positive.message").Text(),
translation.NewLocale("en-US").Tr("repo.branch.restore_success", name),
)
})
}
func deleteBranch(t *testing.T) {
htmlDoc, name := branchAction(t, ".delete-branch-button")
assert.Contains(t,
htmlDoc.doc.Find(".ui.positive.message").Text(),
translation.NewLocale("en-US").Tr("repo.branch.deletion_success", name),
)
}
func branchAction(t *testing.T, button string) (*HTMLDoc, string) {
session := loginUser(t, "user2") session := loginUser(t, "user2")
req := NewRequest(t, "GET", "/user2/repo1/branches") repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
resp := session.MakeRequest(t, req, http.StatusOK) branch3 := unittest.AssertExistsAndLoadBean(t, &git_model.Branch{ID: 3, RepoID: repo1.ID})
branchesLink := repo1.FullName() + "/branches"
htmlDoc := NewHTMLParser(t, resp.Body) t.Run("View", func(t *testing.T) {
link, exists := htmlDoc.doc.Find(button).Attr("data-url") req := NewRequest(t, "GET", branchesLink)
if !assert.True(t, exists, "The template has changed") { MakeRequest(t, req, http.StatusOK)
t.Skip() })
}
req = NewRequestWithValues(t, "POST", link, map[string]string{ t.Run("Delete branch", func(t *testing.T) {
"_csrf": htmlDoc.GetCSRF(), link := fmt.Sprintf("/%s/branches/delete?name=%s", repo1.FullName(), branch3.Name)
req := NewRequestWithValues(t, "POST", link, map[string]string{
"_csrf": GetCSRF(t, session, branchesLink),
}) })
session.MakeRequest(t, req, http.StatusOK) session.MakeRequest(t, req, http.StatusOK)
flashCookie := session.GetCookie(gitea_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.Contains(t, flashCookie.Value, "success%3DBranch%2B%2522branch2%2522%2Bhas%2Bbeen%2Bdeleted.")
url, err := url.Parse(link) assert.True(t, unittest.AssertExistsAndLoadBean(t, &git_model.Branch{ID: 3, RepoID: repo1.ID}).IsDeleted)
assert.NoError(t, err) })
req = NewRequest(t, "GET", "/user2/repo1/branches")
resp = session.MakeRequest(t, req, http.StatusOK)
return NewHTMLParser(t, resp.Body), url.Query().Get("name") t.Run("Restore branch", func(t *testing.T) {
link := fmt.Sprintf("/%s/branches/restore?branch_id=%d&name=%s", repo1.FullName(), branch3.ID, branch3.Name)
req := NewRequestWithValues(t, "POST", link, map[string]string{
"_csrf": GetCSRF(t, session, branchesLink),
})
session.MakeRequest(t, req, http.StatusOK)
flashCookie := session.GetCookie(gitea_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.Contains(t, flashCookie.Value, "success%3DBranch%2B%2522branch2%2522%2Bhas%2Bbeen%2Brestored")
assert.False(t, unittest.AssertExistsAndLoadBean(t, &git_model.Branch{ID: 3, RepoID: repo1.ID}).IsDeleted)
})
})
} }

View file

@ -0,0 +1,209 @@
// SPDX-License-Identifier: MIT
package integration
import (
gocontext "context"
"net/url"
"os"
"strings"
"testing"
actions_model "code.gitea.io/gitea/models/actions"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"github.com/stretchr/testify/assert"
)
func Test_CmdForgejo_Actions(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
token, err := cmdForgejoCaptureOutput(t, []string{"forgejo", "forgejo-cli", "actions", "generate-runner-token"})
assert.NoError(t, err)
assert.EqualValues(t, 40, len(token))
secret, err := cmdForgejoCaptureOutput(t, []string{"forgejo", "forgejo-cli", "actions", "generate-secret"})
assert.NoError(t, err)
assert.EqualValues(t, 40, len(secret))
_, err = cmdForgejoCaptureOutput(t, []string{"forgejo", "forgejo-cli", "actions", "register"})
assert.ErrorContains(t, err, "at least one of the --secret")
for _, testCase := range []struct {
testName string
scope string
secret string
errorMessage string
}{
{
testName: "bad user",
scope: "baduser",
secret: "0123456789012345678901234567890123456789",
errorMessage: "user does not exist",
},
{
testName: "bad repo",
scope: "org25/badrepo",
secret: "0123456789012345678901234567890123456789",
errorMessage: "repository does not exist",
},
{
testName: "secret length != 40",
scope: "org25",
secret: "0123456789",
errorMessage: "40 characters long",
},
{
testName: "secret is not a hexadecimal string",
scope: "org25",
secret: "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",
errorMessage: "must be an hexadecimal string",
},
} {
t.Run(testCase.testName, func(t *testing.T) {
cmd := []string{"forgejo", "forgejo-cli", "actions", "register", "--secret", testCase.secret, "--scope", testCase.scope}
output, err := cmdForgejoCaptureOutput(t, cmd)
assert.ErrorContains(t, err, testCase.errorMessage)
assert.EqualValues(t, "", output)
})
}
secret = "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"
expecteduuid := "44444444-4444-4444-4444-444444444444"
for _, testCase := range []struct {
testName string
secretOption func() string
stdin []string
}{
{
testName: "secret from argument",
secretOption: func() string {
return "--secret=" + secret
},
},
{
testName: "secret from stdin",
secretOption: func() string {
return "--secret-stdin"
},
stdin: []string{secret},
},
{
testName: "secret from file",
secretOption: func() string {
secretFile := t.TempDir() + "/secret"
assert.NoError(t, os.WriteFile(secretFile, []byte(secret), 0o644))
return "--secret-file=" + secretFile
},
},
} {
t.Run(testCase.testName, func(t *testing.T) {
cmd := []string{"forgejo", "forgejo-cli", "actions", "register", testCase.secretOption(), "--scope=org26"}
uuid, err := cmdForgejoCaptureOutput(t, cmd, testCase.stdin...)
assert.NoError(t, err)
assert.EqualValues(t, expecteduuid, uuid)
})
}
secret = "0123456789012345678901234567890123456789"
expecteduuid = "30313233-3435-3637-3839-303132333435"
for _, testCase := range []struct {
testName string
scope string
secret string
name string
labels string
version string
uuid string
}{
{
testName: "org",
scope: "org25",
secret: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
uuid: "41414141-4141-4141-4141-414141414141",
},
{
testName: "user and repo",
scope: "user2/repo2",
secret: "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
uuid: "42424242-4242-4242-4242-424242424242",
},
{
testName: "labels",
scope: "org25",
name: "runnerName",
labels: "label1,label2,label3",
version: "v1.2.3",
secret: "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC",
uuid: "43434343-4343-4343-4343-434343434343",
},
{
testName: "insert a runner",
scope: "user10/repo6",
name: "runnerName",
labels: "label1,label2,label3",
version: "v1.2.3",
secret: secret,
uuid: expecteduuid,
},
{
testName: "update an existing runner",
scope: "user5/repo4",
name: "runnerNameChanged",
labels: "label1,label2,label3,more,label",
version: "v1.2.3-suffix",
secret: secret,
uuid: expecteduuid,
},
} {
t.Run(testCase.testName, func(t *testing.T) {
cmd := []string{
"forgejo", "forgejo-cli", "actions", "register",
"--secret", testCase.secret, "--scope", testCase.scope,
}
if testCase.name != "" {
cmd = append(cmd, "--name", testCase.name)
}
if testCase.labels != "" {
cmd = append(cmd, "--labels", testCase.labels)
}
if testCase.version != "" {
cmd = append(cmd, "--version", testCase.version)
}
//
// Run twice to verify it is idempotent
//
for i := 0; i < 2; i++ {
uuid, err := cmdForgejoCaptureOutput(t, cmd)
assert.NoError(t, err)
if assert.EqualValues(t, testCase.uuid, uuid) {
ownerName, repoName, found := strings.Cut(testCase.scope, "/")
action, err := actions_model.GetRunnerByUUID(gocontext.Background(), uuid)
assert.NoError(t, err)
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: action.OwnerID})
assert.Equal(t, ownerName, user.Name, action.OwnerID)
if found {
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: action.RepoID})
assert.Equal(t, repoName, repo.Name, action.RepoID)
}
if testCase.name != "" {
assert.EqualValues(t, testCase.name, action.Name)
}
if testCase.labels != "" {
labels := strings.Split(testCase.labels, ",")
assert.EqualValues(t, labels, action.AgentLabels)
}
if testCase.version != "" {
assert.EqualValues(t, testCase.version, action.Version)
}
}
}
})
}
})
}

View file

@ -0,0 +1,36 @@
// SPDX-License-Identifier: MIT
package integration
import (
"bytes"
"context"
"strings"
"testing"
"code.gitea.io/gitea/cmd/forgejo"
"github.com/urfave/cli/v2"
)
func cmdForgejoCaptureOutput(t *testing.T, args []string, stdin ...string) (string, error) {
buf := new(bytes.Buffer)
app := cli.NewApp()
app.Writer = buf
app.ErrWriter = buf
ctx := context.Background()
ctx = forgejo.ContextSetNoInit(ctx, true)
ctx = forgejo.ContextSetNoExit(ctx, true)
ctx = forgejo.ContextSetStdout(ctx, buf)
ctx = forgejo.ContextSetStderr(ctx, buf)
if len(stdin) > 0 {
ctx = forgejo.ContextSetStdin(ctx, strings.NewReader(strings.Join(stdin, "")))
}
app.Commands = []*cli.Command{
forgejo.CmdForgejo(ctx),
}
err := app.Run(args)
return buf.String(), err
}

View file

@ -10,6 +10,8 @@ import (
"strings" "strings"
"testing" "testing"
git_model "code.gitea.io/gitea/models/git"
"code.gitea.io/gitea/models/unittest"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test" "code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/translation" "code.gitea.io/gitea/modules/translation"
@ -47,12 +49,14 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
CreateRelease string CreateRelease string
FlashMessage string FlashMessage string
ExpectedStatus int ExpectedStatus int
CheckBranch bool
}{ }{
{ {
OldRefSubURL: "branch/master", OldRefSubURL: "branch/master",
NewBranch: "feature/test1", NewBranch: "feature/test1",
ExpectedStatus: http.StatusSeeOther, ExpectedStatus: http.StatusSeeOther,
FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test1"), FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test1"),
CheckBranch: true,
}, },
{ {
OldRefSubURL: "branch/master", OldRefSubURL: "branch/master",
@ -65,6 +69,7 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
NewBranch: "feature=test1", NewBranch: "feature=test1",
ExpectedStatus: http.StatusSeeOther, ExpectedStatus: http.StatusSeeOther,
FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature=test1"), FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature=test1"),
CheckBranch: true,
}, },
{ {
OldRefSubURL: "branch/master", OldRefSubURL: "branch/master",
@ -94,6 +99,7 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
NewBranch: "feature/test3", NewBranch: "feature/test3",
ExpectedStatus: http.StatusSeeOther, ExpectedStatus: http.StatusSeeOther,
FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test3"), FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test3"),
CheckBranch: true,
}, },
{ {
OldRefSubURL: "branch/master", OldRefSubURL: "branch/master",
@ -108,10 +114,15 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
CreateRelease: "v1.0.1", CreateRelease: "v1.0.1",
ExpectedStatus: http.StatusSeeOther, ExpectedStatus: http.StatusSeeOther,
FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test4"), FlashMessage: translation.NewLocale("en-US").Tr("repo.branch.create_success", "feature/test4"),
CheckBranch: true,
}, },
} }
for _, test := range tests {
session := loginUser(t, "user2") session := loginUser(t, "user2")
for _, test := range tests {
if test.CheckBranch {
unittest.AssertNotExistsBean(t, &git_model.Branch{RepoID: 1, Name: test.NewBranch})
}
if test.CreateRelease != "" { if test.CreateRelease != "" {
createNewRelease(t, session, "/user2/repo1", test.CreateRelease, test.CreateRelease, false, false) createNewRelease(t, session, "/user2/repo1", test.CreateRelease, test.CreateRelease, false, false)
} }
@ -125,6 +136,9 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
test.FlashMessage, test.FlashMessage,
) )
} }
if test.CheckBranch {
unittest.AssertExistsAndLoadBean(t, &git_model.Branch{RepoID: 1, Name: test.NewBranch})
}
} }
} }

View file

@ -96,6 +96,7 @@ COLORIZE = true
LEVEL = Debug LEVEL = Debug
[security] [security]
PASSWORD_HASH_ALGO = argon2
DISABLE_GIT_HOOKS = false DISABLE_GIT_HOOKS = false
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = 9pCviYTWSb SECRET_KEY = 9pCviYTWSb

View file

@ -12,8 +12,6 @@ SSL_MODE = disable
[indexer] [indexer]
REPO_INDEXER_ENABLED = true REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = tests/{{TEST_TYPE}}/gitea-{{TEST_TYPE}}-mysql/indexers/repos.bleve REPO_INDEXER_PATH = tests/{{TEST_TYPE}}/gitea-{{TEST_TYPE}}-mysql/indexers/repos.bleve
ISSUE_INDEXER_TYPE = elasticsearch
ISSUE_INDEXER_CONN_STR = http://elastic:changeme@elasticsearch:9200
[queue.issue_indexer] [queue.issue_indexer]
TYPE = level TYPE = level
@ -94,6 +92,7 @@ COLORIZE = true
LEVEL = Debug LEVEL = Debug
[security] [security]
PASSWORD_HASH_ALGO = argon2
DISABLE_GIT_HOOKS = false DISABLE_GIT_HOOKS = false
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = 9pCviYTWSb SECRET_KEY = 9pCviYTWSb

View file

@ -97,6 +97,7 @@ COLORIZE = true
LEVEL = Debug LEVEL = Debug
[security] [security]
PASSWORD_HASH_ALGO = argon2
DISABLE_GIT_HOOKS = false DISABLE_GIT_HOOKS = false
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = 9pCviYTWSb SECRET_KEY = 9pCviYTWSb

View file

@ -93,6 +93,7 @@ COLORIZE = true
LEVEL = Debug LEVEL = Debug
[security] [security]
PASSWORD_HASH_ALGO = argon2
DISABLE_GIT_HOOKS = false DISABLE_GIT_HOOKS = false
INSTALL_LOCK = true INSTALL_LOCK = true
SECRET_KEY = 9pCviYTWSb SECRET_KEY = 9pCviYTWSb