From e6d46eeb5597dabd6682e97b89a074548b15cbaa Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 19 Mar 2022 16:20:26 +0000 Subject: [PATCH] Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141) Backport #19132 Make SKIP_TLS_VERIFY apply to git data migrations too through adding the `-c http.sslVerify=false` option to the git clone command. Fix #18998 Signed-off-by: Andrew Thornton --- modules/git/repo.go | 22 +++++++++++++--------- modules/repository/repo.go | 20 +++++++++++--------- services/migrations/dump.go | 29 +++++++++++++++-------------- 3 files changed, 39 insertions(+), 32 deletions(-) diff --git a/modules/git/repo.go b/modules/git/repo.go index ec95bc7a81..c1b0c55cbd 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -97,15 +97,16 @@ func (repo *Repository) IsEmpty() (bool, error) { // CloneRepoOptions options when clone a repository type CloneRepoOptions struct { - Timeout time.Duration - Mirror bool - Bare bool - Quiet bool - Branch string - Shared bool - NoCheckout bool - Depth int - Filter string + Timeout time.Duration + Mirror bool + Bare bool + Quiet bool + Branch string + Shared bool + NoCheckout bool + Depth int + Filter string + SkipTLSVerify bool } // Clone clones original repository to target path. @@ -128,6 +129,9 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo } cmd := NewCommandContextNoGlobals(ctx, args...).AddArguments("clone") + if opts.SkipTLSVerify { + cmd.AddArguments("-c", "http.sslVerify=false") + } if opts.Mirror { cmd.AddArguments("--mirror") } diff --git a/modules/repository/repo.go b/modules/repository/repo.go index 17c0135ad7..83db165a5b 100644 --- a/modules/repository/repo.go +++ b/modules/repository/repo.go @@ -72,9 +72,10 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User, } if err = git.CloneWithContext(ctx, opts.CloneAddr, repoPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { return repo, fmt.Errorf("Clone: %v", err) } @@ -88,10 +89,11 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User, } if err = git.CloneWithContext(ctx, wikiRemotePath, wikiPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, - Branch: "master", + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + Branch: "master", + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { log.Warn("Clone wiki: %v", err) if err := util.RemoveAll(wikiPath); err != nil { @@ -310,7 +312,7 @@ func PushUpdateAddTag(repo *repo_model.Repository, gitRepo *git.Repository, tagN } var author *user_model.User - var createdAt = time.Unix(1, 0) + createdAt := time.Unix(1, 0) if sig != nil { author, err = user_model.GetUserByEmail(sig.Email) @@ -325,7 +327,7 @@ func PushUpdateAddTag(repo *repo_model.Repository, gitRepo *git.Repository, tagN return fmt.Errorf("unable to get CommitsCount: %w", err) } - var rel = models.Release{ + rel := models.Release{ RepoID: repo.ID, TagName: tagName, LowerTagName: strings.ToLower(tagName), diff --git a/services/migrations/dump.go b/services/migrations/dump.go index 1a8a3d296c..9a7aac82ab 100644 --- a/services/migrations/dump.go +++ b/services/migrations/dump.go @@ -22,14 +22,13 @@ import ( "code.gitea.io/gitea/modules/log" base "code.gitea.io/gitea/modules/migration" "code.gitea.io/gitea/modules/repository" + "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "gopkg.in/yaml.v2" ) -var ( - _ base.Uploader = &RepositoryDumper{} -) +var _ base.Uploader = &RepositoryDumper{} // RepositoryDumper implements an Uploader to the local directory type RepositoryDumper struct { @@ -151,9 +150,10 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp } err = git.Clone(remoteAddr, repoPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }) if err != nil { return fmt.Errorf("Clone: %v", err) @@ -168,10 +168,11 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp } if err := git.Clone(wikiRemotePath, wikiPath, git.CloneRepoOptions{ - Mirror: true, - Quiet: true, - Timeout: migrateTimeout, - Branch: "master", + Mirror: true, + Quiet: true, + Timeout: migrateTimeout, + Branch: "master", + SkipTLSVerify: setting.Migrations.SkipTLSVerify, }); err != nil { log.Warn("Clone wiki: %v", err) if err := os.RemoveAll(wikiPath); err != nil { @@ -403,7 +404,7 @@ func (g *RepositoryDumper) createItems(dir string, itemFiles map[int64]*os.File, // CreateComments creates comments of issues func (g *RepositoryDumper) CreateComments(comments ...*base.Comment) error { - var commentsMap = make(map[int64][]interface{}, len(comments)) + commentsMap := make(map[int64][]interface{}, len(comments)) for _, comment := range comments { commentsMap[comment.IssueIndex] = append(commentsMap[comment.IssueIndex], comment) } @@ -532,7 +533,7 @@ func (g *RepositoryDumper) CreatePullRequests(prs ...*base.PullRequest) error { // CreateReviews create pull request reviews func (g *RepositoryDumper) CreateReviews(reviews ...*base.Review) error { - var reviewsMap = make(map[int64][]interface{}, len(reviews)) + reviewsMap := make(map[int64][]interface{}, len(reviews)) for _, review := range reviews { reviewsMap[review.IssueIndex] = append(reviewsMap[review.IssueIndex], review) } @@ -611,7 +612,7 @@ func RestoreRepository(ctx context.Context, baseDir, ownerName, repoName string, if err != nil { return err } - var uploader = NewGiteaLocalUploader(ctx, doer, ownerName, repoName) + uploader := NewGiteaLocalUploader(ctx, doer, ownerName, repoName) downloader, err := NewRepositoryRestorer(ctx, baseDir, ownerName, repoName) if err != nil { return err @@ -622,7 +623,7 @@ func RestoreRepository(ctx context.Context, baseDir, ownerName, repoName string, } tp, _ := strconv.Atoi(opts["service_type"]) - var migrateOpts = base.MigrateOptions{ + migrateOpts := base.MigrateOptions{ GitServiceType: structs.GitServiceType(tp), } updateOptionsUnits(&migrateOpts, units)