Commit Graph
100 Commits
Author SHA1 Message Date
Jason SongandGitHub 5db21ce7e1 Fix counting and filtering on the dashboard page for issues (#26657)
This PR has multiple parts, and I didn't split them because
it's not easy to test them separately since they are all about the
dashboard page for issues.

1. Support counting issues via indexer to fix #26361
2. Fix repo selection so it also fixes #26653
3. Keep keywords in filter links.

The first two are regressions of #26012.

After:

https://github.com/go-gitea/gitea/assets/9418365/71dfea7e-d9e2-42b6-851a-cc081435c946

Thanks to @CaiCandong  for helping with some tests.
2023-08-23 02:29:17 +00:00
8cf3b61fb9 Add optimistic lock to ActionRun table (#26563)
Should fix #26559.

How xorm works: https://xorm.io/docs/chapter-06/1.lock/

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-21 14:07:52 +00:00
Jason SongandGitHub b658f2c61b Return empty when searching issues with no repos (#26545) 2023-08-17 12:42:17 -05:00
47fddaadc8 Support rebuilding issue indexer manually (#26546)
Provide a way to rebuild issue indexer manually.

So if the indexer get outdated because of some bugs like #26539, we can
rebuild it.

<img width="1104" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/ac242e29-6f04-47ca-b3d0-801a796448d3">

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-17 14:05:17 +00:00
c179ab4236 Fix "issueReposQueryPattern does not match query" (#26556)
Fix
`https://github.com/go-gitea/gitea/pull/26545#discussion_r1295734340`

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-17 12:38:02 +00:00
Jason SongandGitHub 3b129aaa80 Explain SearchOptions and fix ToSearchOptions (#26542)
Follow #26012 #26490.

A detailed description has been added to the comment.
2023-08-16 15:40:13 +00:00
Jason SongandGitHub 7e75e58ae4 Add missing triggers to update issue indexer (#26539)
Fix #26536

Follow #26012

Whatever the comment type is, always update the issue indexer. So the
issue indexer will be updated when there is a change in Status,
Assignee, Label, and so on.

I added the logic for `NotifyUpdateComment`, but missed it for
`NotifyCreateIssueComment` and `NotifyDeleteComment`.
2023-08-16 17:36:05 +08:00
1e76a824bc Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
Fix #24662.

Replace #24822 and #25708 (although it has been merged)


## Background

In the past, Gitea supported issue searching with a keyword and
conditions in a less efficient way. It worked by searching for issues
with the keyword and obtaining limited IDs (as it is heavy to get all)
on the indexer (bleve/elasticsearch/meilisearch), and then querying with
conditions on the database to find a subset of the found IDs. This is
why the results could be incomplete.

To solve this issue, we need to store all fields that could be used as
conditions in the indexer and support both keyword and additional
conditions when searching with the indexer.

## Major changes

- Redefine `IndexerData` to include all fields that could be used as
filter conditions.
- Refactor `Search(ctx context.Context, kw string, repoIDs []int64,
limit, start int, state string)` to `Search(ctx context.Context, options
*SearchOptions)`, so it supports more conditions now.
- Change the data type stored in `issueIndexerQueue`. Use
`IndexerMetadata` instead of `IndexerData` in case the data has been
updated while it is in the queue. This also reduces the storage size of
the queue.
- Enhance searching with Bleve/Elasticsearch/Meilisearch, make them
fully support `SearchOptions`. Also, update the data versions.
- Keep most logic of database indexer, but remove
`issues.SearchIssueIDsByKeyword` in `models` to avoid confusion where is
the entry point to search issues.
- Start a Meilisearch instance to test it in unit tests.
- Add unit tests with almost full coverage to test
Bleve/Elasticsearch/Meilisearch indexer.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-31 06:28:53 +00:00
Jason SongandGitHub a5e09a5595 Fix UI regression of asciinema player (#26159)
It was caused by updating `asciinema-player`, the upstream changed the
CSS class prefix:
`https://github.com/asciinema/asciinema-player/commit/40505e479e8ba6833f178a3b7e85503c72491614`

<details>
<summary>Before:</summary>

<img width="1320" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b91a2cf5-c1da-43d6-bac2-bc278728b11e">

</details>


<details>
<summary>After:</summary>

<img width="1311" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/c9872d25-e0bb-43d4-8b1e-d87c6b03c0a2">

</details>
2023-07-26 09:46:59 +00:00
Jason SongandGitHub 862f748b2b Fix loading LFS_JWT_SECRET from wrong section (#26109)
Regression of #25408.

`LFS_JWT_SECRET_URI` and `LFS_JWT_SECRET` are under the `server`
section, not `lfs`.

So each time gitea restarts, it resets `LFS_JWT_SECRET`.

<img width="1378" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/527ec9b9-eea2-4334-a274-6d1471456edd">
2023-07-25 05:06:31 +00:00
Jason SongandGitHub 6f1f3e6c08 Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947)
Since OAuth2 will callback the root URL, if the user starts signing in
from a wrong host, Gitea will return 500 because it cannot find the
session.

<details>
<summary>How to reproduce</summary>

<img width="901" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920">

<img width="1014" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1">

</details>


So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is
enabled.

<img width="1015" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa">
2023-07-18 22:14:30 +00:00
29e959fd00 Ignore runs-on with expressions when warning no matched runners (#25917)
Fix #25905

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-17 18:19:53 +02:00
aee14b9c0b Remove git.FileBlame (#25841)
The `FileBlame` function looks strange, it has `revision` as argument
but doesn't use it.

Since the function never be used, I think we could just remove it.

If anyone thinks it should be kept, please help fix `revision`.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-12 19:07:29 +02:00
5b7b7c4f3c Correct permissions for .ssh and authorized_keys (#25721)
Set the correct permissions on the .ssh directory and authorized_keys
file, or sshd will refuse to use them and lead to clone/push/pull
failures.

It could happen when users have copied their data to a new volume and
changed the file permission by accident, and it would be very hard to
troubleshoot unless users know how to check the logs of sshd which is
started by s6.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-06 17:00:38 +02:00
3c05aa4927 Check ctx.Written() for GetActionIssue (#25698)
Fix #25697.

Just avoid panic, maybe there's another bug to trigger this case.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-05 18:52:12 +00:00
9958642502 Fix issues indexer document mapping (#25619)
Fix regression of #5363 (so long ago).

The old code definded a document mapping for `issueIndexerDocType`, and
assigned it to `BleveIndexerData` as its type. (`BleveIndexerData` has
been renamed to `IndexerData` in #25174, but nothing more.) But the old
code never used `BleveIndexerData`, it wrote the index with an anonymous
struct type. Nonetheless, bleve would use the default auto-mapping for
struct it didn't know, so the indexer still worked. This means the
custom document mapping was always dead code.

The custom document mapping is not useless, it can reduce index storage,
this PR brings it back and disable default mapping to prevent it from
happening again. Since `IndexerData`(`BleveIndexerData`) has JSON tags,
and bleve uses them first, so we should use `repo_id` as the field name
instead of `RepoID`.

I did a test to compare the storage size before and after this, with
about 3k real comments that were migrated from some public repos.

Before:

```text
[ 160]  .
├── [  42]  index_meta.json
├── [  13]  rupture_meta.json
└── [ 128]  store
    ├── [6.9M]  00000000005d.zap
    └── [256K]  root.bolt
```

After:

```text
[ 160]  .
├── [  42]  index_meta.json
├── [  13]  rupture_meta.json
└── [ 128]  store
    ├── [3.5M]  000000000065.zap
    └── [256K]  root.bolt
```

It saves about half the storage space.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-04 09:05:28 +00:00
Jason SongandGitHub 67bd9d4f1e Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581)
Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70
2023-06-30 07:26:36 +00:00
6daf21c9b7 Fix content holes in Actions task logs file (#25560)
Fix #25451.

Bugfixes:
- When stopping the zombie or endless tasks, set `LogInStorage` to true
after transferring the file to storage. It was missing, it could write
to a nonexistent file in DBFS because `LogInStorage` was false.
- Always update `ActionTask.Updated` when there's a new state reported
by the runner, even if there's no change. This is to avoid the task
being judged as a zombie task.

Enhancement:
- Support `Stat()` for DBFS file.
- `WriteLogs` refuses to write if it could result in content holes.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 19:07:29 +02:00
Jason SongandGitHub 3c7f5ed7b5 Fix Init of db indexer (#25470)
Fix regression of #25174.

The `Init` of the db indexer should return true to indicate that the
index was opened/existed, or the indexer will try to populate the index
(not really populate, just fill the queue, `Index` method of the db
indexer is a dummy).
2023-06-23 14:39:52 +00:00
375fd15fbf Refactor indexer (#25174)
Refactor `modules/indexer` to make it more maintainable. And it can be
easier to support more features. I'm trying to solve some of issue
searching, this is a precursor to making functional changes.

Current supported engines and the index versions:

| engines | issues | code |
| - | - | - |
| db | Just a wrapper for database queries, doesn't need version | - |
| bleve | The version of index is **2** | The version of index is **6**
|
| elasticsearch | The old index has no version, will be treated as
version **0** in this PR | The version of index is **1** |
| meilisearch | The old index has no version, will be treated as version
**0** in this PR | - |


## Changes

### Split

Splited it into mutiple packages

```text
indexer
├── internal
│   ├── bleve
│   ├── db
│   ├── elasticsearch
│   └── meilisearch
├── code
│   ├── bleve
│   ├── elasticsearch
│   └── internal
└── issues
    ├── bleve
    ├── db
    ├── elasticsearch
    ├── internal
    └── meilisearch
```

- `indexer/interanal`: Internal shared package for indexer.
- `indexer/interanal/[engine]`: Internal shared package for each engine
(bleve/db/elasticsearch/meilisearch).
- `indexer/code`: Implementations for code indexer.
- `indexer/code/internal`: Internal shared package for code indexer.
- `indexer/code/[engine]`: Implementation via each engine for code
indexer.
- `indexer/issues`: Implementations for issues indexer.

### Deduplication

- Combine `Init/Ping/Close` for code indexer and issues indexer.
- ~Combine `issues.indexerHolder` and `code.wrappedIndexer` to
`internal.IndexHolder`.~ Remove it, use dummy indexer instead when the
indexer is not ready.
- Duplicate two copies of creating ES clients.
- Duplicate two copies of `indexerID()`.


### Enhancement

- [x] Support index version for elasticsearch issues indexer, the old
index without version will be treated as version 0.
- [x] Fix spell of `elastic_search/ElasticSearch`, it should be
`Elasticsearch`.
- [x] Improve versioning of ES index. We don't need `Aliases`:
- Gitea does't need aliases for "Zero Downtime" because it never delete
old indexes.
- The old code of issues indexer uses the orignal name to create issue
index, so it's tricky to convert it to an alias.
- [x] Support index version for meilisearch issues indexer, the old
index without version will be treated as version 0.
- [x] Do "ping" only when `Ping` has been called, don't ping
periodically and cache the status.
- [x] Support the context parameter whenever possible.
- [x] Fix outdated example config.
- [x] Give up the requeue logic of issues indexer: When indexing fails,
call Ping to check if it was caused by the engine being unavailable, and
only requeue the task if the engine is unavailable.
- It is fragile and tricky, could cause data losing (It did happen when
I was doing some tests for this PR). And it works for ES only.
- Just always requeue the failed task, if it caused by bad data, it's a
bug of Gitea which should be fixed.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-23 12:37:56 +00:00
Jason SongandGitHub 174213530d Fix Permission in API returned repository struct (#25388)
The old code generates `structs.Repository.Permissions` with only
`access.Permission.AccessMode`, however, it should check the units too,
or the value could be incorrect. For example,
`structs.Repository.Permissions.Push` could be false even the doer has
write access to code unit.

Should fix
https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128
(Not reported by it, I just found it when I was looking into this bug)

---

Review tips:

The major changes are
- `modules/structs/repo.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7
- `services/convert/repository.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101

And other changes are passive.
2023-06-22 13:08:08 +00:00
Jason SongandGitHub 59d2189875 Fix missing commit message body when the message has leading newlines (#25418)
Commit with `echo "\nmessage after a blank line\nsecond line of the
message" | git commit --cleanup=verbatim -F -` and push.

<img width="1139" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/f9a2c28c-e307-4c78-9e31-3d3ace7b9274">
2023-06-21 09:14:34 +00:00
Jason SongandGitHub 6348823eab Fix panic when migrating a repo from GitHub with issues (#25246)
Fix #25245. Regression of #23946.
2023-06-14 14:12:39 +08:00
Jason SongandGitHub 379ec13030 Fix 500 error caused by notifications without an issue such as repo transfers (#25101) 2023-06-06 23:17:56 +08:00
Jason SongandGitHub 7985cde84d Fix Actions being enabled accidentally (#24802)
Regression of #24536. If the user doesn't explicitly disable Actions, it
will be enabled.

1. Gitea will call `loadRepositoryFrom` before `loadActionsFrom`.

https://github.com/go-gitea/gitea/blob/25d4f95df25dae5226e96e813dde87b071d9155e/modules/setting/setting.go#L234-L237
2. In `loadRepositoryFrom`,
`rootCfg.Section("actions").Key("ENABLED").MustBool(true)` will set
`actions.ENABLED` with `true`.

https://github.com/go-gitea/gitea/blob/25d4f95df25dae5226e96e813dde87b071d9155e/modules/setting/repository.go#L313-L315
3. In `loadActionsFrom`, `rootCfg.Section("actions")` will get a section
with Actions enabled.

https://github.com/go-gitea/gitea/blob/25d4f95df25dae5226e96e813dde87b071d9155e/modules/setting/actions.go#L23-L26

Although the cause of the problem was using `true` by copy-paste
mistake, it also surprised me that
**`rootCfg.Section("actions").Key("ENABLED").MustBool(true)` doesn't
only read, but also write.**
2023-05-19 19:35:12 +08:00
Jason SongandGitHub d81659d039 Respect original content when creating secrets (#24745)
Fix #24721.

Follow what GitHub does:
- Don't trim spaces for secrets.
- Newline should be `\n` instead of `\r\n`.

Did some tests with:

```yaml
name: secrets
on: push
jobs:
  show_secrets:
    runs-on: ubuntu-latest
    steps:
      - name: Dump secrets context
        run: echo '${{ toJSON(secrets) }}' | base64
```

`AAAAAA`:
```text
   AAAAAA
AAAAAA


```
`BBBBBB`:
```text



BBBBBB
BBBBBB   
```


On GitHub:

<img width="675" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/0ec60652-c2a3-47bb-9f9d-7e81665355a8">


On Gitea (before):

<img width="673" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/cce818bf-5edc-4656-86e1-2c81c304cdb2">

On Gitea (after):

<img width="673" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/0b3b15af-4d48-4bab-a334-4738a1b0eb4a">
2023-05-16 14:49:40 +08:00
Jason SongandGitHub f74bd9dc81 Docs for creating a user to run Gitea on Fedora/RHEL/CentOS (#24725)
The current command doesn't work on Fedora/RHEL/CentOS.

- `--gecos`: use `--comment` instead.
- `--group`: use `--gid` instead, `--group` means "A list of
supplementary groups" on F/R/C.
- `--disabled-password`: leave `--password` empty instead, "The default
is to disable the password".
- `--home`: use `--home-dir` and `--create-home` instead.
2023-05-15 23:03:38 +08:00
a7773d28d2 Support migrating storage for actions log via command line (#24679)
Close #24677

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-12 13:30:28 +00:00
Jason SongandGitHub 84033cee86 Fix broken links in documents (#24630)
Before:

<img width="837" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/90c1c484-2d8d-4a57-8e86-2f4df0e7fbba">

After:

<img width="822" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/e27f6b63-9e7b-4894-b315-7be0cfebe8ca">
2023-05-10 12:34:16 +00:00
2d0ff00823 Improve updating Actions tasks (#24600)
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-10 13:54:18 +02:00
Jason SongandGitHub 35ab5cdedf Fix typo in Actions demo file (#24631)
Reported by @kerwin612.
2023-05-10 09:51:25 +00:00
8f314c6793 Docs for Gitea Actions (#24405)
A new documentation section for Gitea Actions.

Some content comes from:

- [Hacking on Gitea
Actions](https://blog.gitea.io/2023/03/hacking-on-gitea-actions/)
- The README of [act_runner](https://gitea.com/gitea/act_runner)
- @ChristopherHX's excellent overview of the differences between Gitea
Actions and GitHub Actions in [this
comment](https://github.com/go-gitea/gitea/issues/13539#issuecomment-1448888850).

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-05-05 20:07:20 +00:00
ea1afb945d Replace placeholders in licenses (#24354)
Replace #22117. Implement it in a more maintainable way.

Some licenses have placeholders e.g. the BSD licenses start with this
line:
```
Copyright (c) <year> <owner>. 
```
This PR replaces the placeholders with the correct value when initialize
a new repo.

### FAQ

- Why not use a regex?
It will be a pretty complicated regex which could be hard to maintain.

- There're still missing placeholders.
There are over 500 licenses, it's impossible for anyone to inspect all
of them alone. Please help to add them if you find any, and it is also
OK to leave them for the future.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-05 13:46:17 +00:00
Jason SongandGitHub 27a569609c Check length of LogIndexes in case it is outdated (#24516)
Fix #24458
2023-05-04 23:37:43 -04:00
Jason SongandGitHub cbe2e99aed Handle canceled workflow as a warning instead of a fail (#24282)
Follow what Drone CI does:


![image](https://user-images.githubusercontent.com/9418365/233829853-d1c30a30-10cc-4b97-a134-793a79d46d85.png)
2023-04-23 14:41:55 -04:00
Jason SongandGitHub 066af372e3 Load reviewer for comments when dismissing a review (#24281)
If a comment dismisses a review, we need to load the reviewer to show
whose review has been dismissed.

Related to:

https://github.com/go-gitea/gitea/blob/20b6ae0e5399cfc22c6a0989d8e520194e920bdd/templates/repo/issue/view_content/comments.tmpl#L765-L770

We don't need `.Review.Reviewer` for all comments, because
"dismissing" doesn't happen often, or we would have already received
error reports.
2023-04-23 11:04:23 -04:00
ac384c4e1d Support upload outputs and use needs context on Actions (#24230)
See [Defining outputs for
jobs](https://docs.github.com/en/actions/using-jobs/defining-outputs-for-jobs)
and [Example usage of the needs
context](https://docs.github.com/en/actions/learn-github-actions/contexts#example-usage-of-the-needs-context).

Related to:
- [actions-proto-def
#5](https://gitea.com/gitea/actions-proto-def/pulls/5)
- [act_runner #133](https://gitea.com/gitea/act_runner/pulls/133)

<details>
<summary>Tests & screenshots</summary>

Test workflow file:
```yaml
name: outputs
on: push

jobs:
  job1:
    runs-on: ubuntu-latest
    outputs:
      output1: ${{ steps.step1.outputs.output1 }}
      output2: ${{ steps.step2.outputs.output2 }}
    steps:
      - name: step1
        id: step1
        run: |
          date -Is > output1
          cat output1
          echo "output1=$(cat output1)" >> $GITHUB_OUTPUT
      - name: step2
        id: step2
        run: |
          cat /proc/sys/kernel/random/uuid > output2
          cat output2
          echo "output2=$(cat output2)" >> $GITHUB_OUTPUT
  job2:
    needs: job1
    runs-on: ubuntu-latest
    steps:
      - run: echo ${{ needs.job1.outputs.output1 }}
      - run: echo ${{ needs.job1.outputs.output2 }}
      - run: echo ${{ needs.job1.result }}
```

<img width="397" alt="image"
src="https://user-images.githubusercontent.com/9418365/233313322-903e7ebf-49a7-48e2-8c17-95a4581b3284.png">
<img width="385" alt="image"
src="https://user-images.githubusercontent.com/9418365/233313442-30909135-1711-4b78-a5c6-133fcc79f47c.png">



</details>

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-04-22 16:12:41 -04:00
8cbc4a367d Use actions job link as commit status URL instead of run link (#24023)
A commit status is bound to a job, not a run.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-10 06:40:30 -04:00
Jason SongandGitHub ecf34fcd89 Do not crash when parsing an invalid workflow file (#23972)
Fix #23658.

Related to https://gitea.com/gitea/act/pulls/39
2023-04-07 20:12:10 +08:00
Jason SongandGitHub d92909fa8b Treat PRs with agit flow as fork PRs when triggering actions. (#23884)
There is no fork concept in agit flow, anyone with read permission can
push `refs/for/<target-branch>/<topic-branch>` to the repo. So we should
treat it as a fork pull request because it may be from an untrusted
user.
2023-04-06 16:57:30 -04:00
Jason SongandGitHub d67e40684f Improve LoadUnitConfig to handle invalid or duplicate units (#23736)
The old code just parses an invalid key to `TypeInvalid` and uses it as
normal, and duplicate keys will be kept.

So this PR will ignore invalid key and log warning and also deduplicate
valid units.
2023-04-03 16:42:38 +08:00
Jason SongandGitHub 977ef215fa Rename actions unit to repo.actions and add docs for it (#23733)
I neglected that the `NameKey` of `Unit` is not only for translation,
but also configuration. So it should be `repo.actions` to maintain
consistency.

## ⚠️ BREAKING ⚠️

If users already use `actions.actions` in `DISABLED_REPO_UNITS` or
`DEFAULT_REPO_UNITS`, it will be treated as an invalid unit key.
2023-04-03 00:05:37 -04:00
Jason SongandGitHub 964a057a76 Fix checks for needs in Actions (#23789)
Fix:
- https://gitea.com/gitea/act_runner/issues/77
- https://gitea.com/gitea/act_runner/issues/81

Before:
<img width="1489" alt="image"
src="https://user-images.githubusercontent.com/9418365/228501567-f752cf87-a7ed-42c6-8f3d-ba741795c1fe.png">

Highlights:
- Upgrade act to make things doable, related to
  - https://gitea.com/gitea/act/pulls/32
  - https://gitea.com/gitea/act/pulls/33
  - https://gitea.com/gitea/act/pulls/35
- Make `needs` works
- Sort jobs in the original order in the workflow files
2023-03-30 22:33:17 +08:00
Jason SongandGitHub 3e8db31a5b Refactor commit status for Actions jobs (#23786)
Before:
<img width="353" alt="xnip_230329_163852"
src="https://user-images.githubusercontent.com/9418365/228479807-424452df-10fa-45cf-ae4b-09939c0ed54c.png">
After:
<img width="508" alt="xnip_230329_163358"
src="https://user-images.githubusercontent.com/9418365/228479923-537b54fe-9564-4105-a068-bcc75fa2a7ea.png">

Highlights:
- Treat `StatusSkipped` as `CommitStatusSuccess` instead of
`CommitStatusFailure`, so it fixed #23599.
- Use the bot user `gitea-actions` instead of the trigger as the creator
of commit status.
- New format `<run_name> / <job_name> / (<event>)` for the context of
commit status to avoid conflicts.
- Add descriptions for commit status.
- Add the missing calls to `CreateCommitStatus`.
- Refactor `CreateCommitStatus` to make it easier to use.
2023-03-29 11:27:37 -04:00
Jason SongandGitHub 265675a31c Add missing translation for actions.runners.reset_registration_token_success (#23732)
Used at

https://github.com/go-gitea/gitea/blob/4011821c946e8db032be86266dd9364ccb204118/routers/web/shared/actions/runners.go#L157
2023-03-29 09:20:48 +08:00
Jason SongandGitHub 9f39def991 Drop migration for ForeignReference (#23605)
Fix
https://github.com/go-gitea/gitea/issues/21086#issuecomment-1476560381

Related to #21721
2023-03-23 15:01:55 -04:00
Jason SongandGitHub 19bfea6d7d Update act (#23512)
Update replace:
```diff
- replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744
+ replace github.com/nektos/act => gitea.com/gitea/act v0.243.1
```

Update require:
```diff
-	github.com/nektos/act v0.0.0
+	github.com/nektos/act v0.2.43
```

Actually, `v0.2.43` doesn't work, it will be replaced by `gitea/act`, so
it's OK to put any version here. But `gitea/act` is based on
`nektos/act`, so keeping the right upstream version will make security
dependabot help.

BTW, the [security
report](https://github.com/go-gitea/gitea/security/dependabot/20) is
false positive, we don't use the artifact server in act, see #22738.
2023-03-16 18:09:11 +08:00
8cadd51bf2 Add Gitea Community Code of Conduct (#23188)
The Gitea Community Code of Conduct.

Authored by lunny. Slightly modified from [Go
CoC](https://go.dev/conduct)

---

CC all TOCs:

@go-gitea/technical-oversight-committee 

And we welcome suggestions from everyone.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Nick <nick@kousu.ca>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-03-09 10:49:34 +08:00
Jason SongandGitHub 1960ad5c90 Improve cache context (#23330)
Related to: #22294 #23186 #23054

Replace: #23218

Some discussion is in the comments of #23218.

Highlights:
- Add Expiration for cache context. If a cache context has been used for
more than 10s, the cache data will be ignored, and warning logs will be
printed.
- Add `discard` field to `cacheContext`, a `cacheContext` with `discard`
true will drop all cached data and won't store any new one.
- Introduce `WithNoCacheContext`, if one wants to run long-life tasks,
but the parent context is a cache context,
`WithNoCacheContext(perentCtx)` will discard the cache data, so it will
be safe to keep the context for a long time.
- It will be fine to treat an original context as a cache context, like
`GetContextData(context.Backgraud())`, no warning logs will be printed.

Some cases about nesting:

When:
- *A*, *B* or *C* means a cache context.
- ~*A*~, ~*B*~ or ~*C*~ means a discard cache context.
- `ctx` means `context.Backgrand()`
- *A(ctx)* means a cache context with `ctx` as the parent context.
- *B(A(ctx))* means a cache context with `A(ctx)` as the parent context.
- `With` means `WithCacheContext`
- `WithNo` means `WithNoCacheContext`

So:
- `With(ctx)` -> *A(ctx)*
- `With(With(ctx))` -> *A(ctx)*, not *B(A(ctx))*
- `With(With(With(ctx)))` -> *A(ctx)*, not *C(B(A(ctx)))*
- `WithNo(ctx)` -> *ctx*, not *~A~(ctx)*
- `WithNo(With(ctx))` -> *~A~(ctx)*
- `WithNo(WithNo(With(ctx)))` -> *~A~(ctx)*, not *~B~(~A~(ctx))*
- `With(WithNo(With(ctx)))` -> *B(~A~(ctx))*
- `WithNo(With(WithNo(With(ctx))))` -> *~B~(~A~(ctx))*
- `With(WithNo(With(WithNo(With(ctx)))))` -> *C(~B~(~A~(ctx)))*
2023-03-08 11:57:05 -06:00
Jason SongandGitHub 090e753923 Reduce duplicate and useless code in options (#23369)
Avoid maintaining two copies of code, some functions can be used with
both `bindata` and `no bindata`.

And removed `GetRepoInitFile`, it's useless now.
`Readme`/`Gitignore`/`License`/`Labels` will clean the name and use
custom files when available.
2023-03-08 17:31:27 +08:00
Jason SongandGitHub c84238800b Refactor setting.Database.UseXXX to methods (#23354)
Replace #23350.

Refactor `setting.Database.UseMySQL` to
`setting.Database.Type.IsMySQL()`.

To avoid mismatching between `Type` and `UseXXX`.

This refactor can fix the bug mentioned in #23350, so it should be
backported.
2023-03-07 18:51:06 +08:00
47b912cd52 Avoid panic caused by broken payload when creating commit status (#23216)
When creating commit status for Actons jobs, a payload with nil
`HeadCommit` will cause panic.

Reported at:
https://gitea.com/gitea/act_runner/issues/28#issuecomment-732166

Although the `HeadCommit` probably can not be nil after #23215,
`CreateCommitStatus` should protect itself, to avoid being broken in the
future.

In addition, it's enough to print error log instead of returning err
when `CreateCommitStatus` failed.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-03-04 02:12:37 -05:00
7b9e23cc1d Fill head commit to in payload when notifying push commits for mirroring (#23215)
Just like what has been done when pushing manually:

https://github.com/go-gitea/gitea/blob/7a5af25592003ddc3017fcd7b822a3e02fc40ef6/services/repository/push.go#L225-L226

Before:

<img width="448" alt="image"
src="https://user-images.githubusercontent.com/9418365/222100123-cd4839d1-2d4d-45f7-b7a0-0cbc73162b44.png">

After:

<img width="448" alt="image"
src="https://user-images.githubusercontent.com/9418365/222100225-f3c5bb65-7ab9-41e2-8e39-9d84c23c352d.png">

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-03 23:45:53 -05:00
Jason SongandGitHub 04347eb810 Use context parameter in services/repository (#23186)
Use context parameter in `services/repository`.

And use `cache.WithCacheContext(ctx)` to generate push action history
feeds.

Fix #23160
2023-02-28 16:17:51 -06:00
Jason SongandGitHub cbc9a0fe47 Avoid too long names for actions (#23162)
The name of the job or step comes from the workflow file, while the name
of the runner comes from its registration. If the strings used for these
names are too long, they could cause db issues.
2023-02-28 18:20:36 +08:00
edf98a2dc3 Require approval to run actions for fork pull request (#22803)
Currently, Gitea will run actions automatically which are triggered by
fork pull request. It's a security risk, people can create a PR and
modify the workflow yamls to execute a malicious script.

So we should require approval for first-time contributors, which is the
default strategy of a public repo on GitHub, see [Approving workflow
runs from public
forks](https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks).

Current strategy:

- don't need approval if it's not a fork PR;
- always need approval if the user is restricted;
- don't need approval if the user can write;
- don't need approval if the user has been approved before;
- otherwise, need approval.

https://user-images.githubusercontent.com/9418365/217207121-badf50a8-826c-4425-bef1-d82d1979bc81.mov

GitHub has an option for that, you can see that at
`/<owner>/<repo>/settings/actions`, and we can support that later.

<img width="835" alt="image"
src="https://user-images.githubusercontent.com/9418365/217199990-2967e68b-e693-4e59-8186-ab33a1314a16.png">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-24 15:58:49 +08:00
Jason SongandGitHub c8c2a31818 Add force_merge to merge request and fix checking mergable (#23010)
Fix #23000.
2023-02-21 08:42:07 -06:00
97aacc3ea1 Improve pull_request_template.md (#22888)
Update `pull_request_template.md` because:

- It's a kind idea to hide the tips. However, it's easier to include
them in the commit message by mistake when you cannot see them. Check
`git log | grep 'Please check the following:'`. So don't hide it, expose
it and help fix it.
- "for backports" is much clearer than "for bug fixes". I saw someone
post a PR to a release branch because they believed it was the right way
for a bugfix.
- "Allow edits by maintainers", or we have to ask the contributor to
update the branch and they could be confused.
- Remind the contributor that the words could be included in the commit
message, to avoid some words like "Hello", "Sorry". If they really need
them, they can separate them with a line, like:

```markdown
Close #xxxx
Because ... Then ... Finally ...
---
Hello, this is my first time opening a pull request. Sorry for any mistakes.
```
And the merger should be careful, check and delete the extra content
before merging.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-20 19:14:02 -05:00
Jason SongandGitHub 00b18ab42f Remove _actions.less (#22885)
Fix #22883.

Revert commit 59beb2dba6.
2023-02-13 08:33:33 -06:00
a354636966 Fix style of actions rerun button (#22835)
Authored by @a1012112796 at
https://github.com/go-gitea/gitea/pull/22798#issuecomment-1421820001

Avoid putting `button` in `a`.

A patch for #22798 .

Now it looks like:

<img width="393" alt="image"
src="https://user-images.githubusercontent.com/9418365/217791913-b491fc86-ee9b-4672-80ea-7286eef2d11f.png">
<img width="389" alt="image"
src="https://user-images.githubusercontent.com/9418365/217791967-d8c09c8b-4cea-4011-b01e-db0d1333e7f6.png">

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-12 19:19:50 +08:00
Jason SongandGitHub e253888a0e Fix isAllowed of escapeStreamer (#22814)
The use of `sort.Search` is wrong: The slice should be sorted, and
`return >= 0` doen't mean it exists, see the
[manual](https://pkg.go.dev/sort#Search).

Could be fixed like this if we really need it:

```diff
diff --git a/modules/charset/escape_stream.go b/modules/charset/escape_stream.go
index 823b63513..fcf1ffbc1 100644
--- a/modules/charset/escape_stream.go
+++ b/modules/charset/escape_stream.go
@@ -20,6 +20,9 @@ import (
 var defaultWordRegexp = regexp.MustCompile(`(-?\d*\.\d\w*)|([^\` + "`" + `\~\!\@\#\$\%\^\&\*\(\)\-\=\+\[\{\]\}\\\|\;\:\'\"\,\.\<\>\/\?\s\x00-\x1f]+)`)

 func NewEscapeStreamer(locale translation.Locale, next HTMLStreamer, allowed ...rune) HTMLStreamer {
+       sort.Slice(allowed, func(i, j int) bool {
+               return allowed[i] < allowed[j]
+       })
        return &escapeStreamer{
                escaped:                 &EscapeStatus{},
                PassthroughHTMLStreamer: *NewPassthroughStreamer(next),
@@ -284,14 +287,8 @@ func (e *escapeStreamer) runeTypes(runes ...rune) (types []runeType, confusables
 }

 func (e *escapeStreamer) isAllowed(r rune) bool {
-       if len(e.allowed) == 0 {
-               return false
-       }
-       if len(e.allowed) == 1 {
-               return e.allowed[0] == r
-       }
-
-       return sort.Search(len(e.allowed), func(i int) bool {
+       i := sort.Search(len(e.allowed), func(i int) bool {
                return e.allowed[i] >= r
-       }) >= 0
+       })
+       return i < len(e.allowed) && e.allowed[i] == r
 }
```

But I don't think so, a map is better to do it.
2023-02-09 20:51:36 +08:00
Jason SongandGitHub 7d3c4c3e8a Fix rerun button of Actions (#22798)
When clicking the return button, the page should be refreshed. However,
the browser may cancel the previous fetch request, and it fails to rerun
the job. It's easier to reproduce the bug in Safari or Firefox than
Chrome for some reason.

<img width="384" alt="image"
src="https://user-images.githubusercontent.com/9418365/217142792-a783f9a1-7089-44db-b7d8-46c46c72d284.png">


<img width="752" alt="image"
src="https://user-images.githubusercontent.com/9418365/217132406-b8381b63-b323-474e-935b-2596b1b5c046.png">
2023-02-08 15:55:57 +08:00
Jason SongandGitHub d74d16a4b1 Set PR for issue when load attributes for PRs (#22766)
A missing patch for #22650.
2023-02-05 08:24:43 -06:00
c18a62279a Fix time to NotifyPullRequestSynchronized (#22650)
Should call `PushToBaseRepo` before
`notification.NotifyPullRequestSynchronized`.

Or the notifier will get an old commit when reading branch
`pull/xxx/head`.

Found by ~#21937~ #22679.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 19:57:38 +08:00
Jason SongandGitHub 82728a7cec Do not overwrite empty DefaultBranch (#22708)
Fix #21994. 
And fix #19470.

While generating new repo from a template, it does something like
"commit to git repo, re-fetch repo model from DB, and update default
branch if it's empty".


https://github.com/go-gitea/gitea/blob/19d5b2f922c2defde579a935fbedb680eb8fff18/modules/repository/generate.go#L241-L253

Unfortunately, when load repo from DB, the default branch will be set to
`setting.Repository.DefaultBranch` if it's empty:


https://github.com/go-gitea/gitea/blob/19d5b2f922c2defde579a935fbedb680eb8fff18/models/repo/repo.go#L228-L233

I believe it's a very old temporary patch but has been kept for many
years, see:
[2d2d85bb](https://github.com/go-gitea/gitea/commit/2d2d85bb#diff-1851799b06733db4df3ec74385c1e8850ee5aedee70b8b55366910d22725eea8)

I know it's a risk to delete it, may lead to potential behavioral
changes, but we cannot keep the outdated `FIXME` forever. On the other
hand, an empty `DefaultBranch` does make sense: an empty repo doesn't
have one conceptually (actually, Gitea will still set it to
`setting.Repository.DefaultBranch` to make it safer).
2023-02-02 14:48:48 -06:00
Jason SongandGitHub b6145bfaa3 Use relative url in actions view (#22675)
Use relative url in actions view.
2023-01-31 22:46:10 +00:00
Jason SongandGitHub 707ecec715 Fix ref to trigger Actions (#22679)
If triggered by PR, the ref should be `pull/<index>/head` instead of
`repo.DefaultBranch`.

And improve UI:

<img width="493" alt="image"
src="https://user-images.githubusercontent.com/9418365/215731280-312564f2-2450-45d0-b986-1accb0670976.png">


Related to #21937.
2023-01-31 22:45:25 +00:00
4011821c94 Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
Jason SongandGitHub 4804900ac9 Load asciicast css async (#22502)
Load asciicast css asynchronously.

Related to #22448.
2023-01-18 12:19:38 -06:00
d9f748a700 Support asciicast files as new markup (#22448)
Support [asciicast
files](https://github.com/asciinema/asciinema/blob/develop/doc/asciicast-v2.md)
as a new markup via
[asciinema-player](https://github.com/asciinema/asciinema-player). For
more on asciinema, see the [introduction](https://asciinema.org/).

So users can use asciinema recorder to generate an asciicast file (or
you can download a sample file from
https://asciinema.org/a/335480.cast?dl=1), then upload it to Gitea and
play it on Gitea.

Snapshots:
<details>

## Upload asciicast files

<img width="1134" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461061-cc2c7181-0e14-4534-af55-1ec60a639fd1.png">

## Open an asciicast file

<img width="1137" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461090-a3b5141f-4894-430d-a2b4-ea257801a0ed.png">

## Play it

<img width="1144" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461157-4e82db69-0e41-471d-928f-ac1fe0737105.png">

## Copy contents from the "video"

<img width="1145" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461286-211612bc-15d6-427a-89a9-6abff5c6a0a5.png">


## View the source

<img width="1140" alt="image"
src="https://user-images.githubusercontent.com/9418365/212461187-05473b2d-ba3d-4072-84a6-4aa1e7d82182.png">


</details>

Known issue:

Don't support the [v1 version asciicast
files](https://github.com/asciinema/asciinema/blob/develop/doc/asciicast-v1.md),
it's a poorly designed version, it does not specify the file extension
and uses `*.json` usually, so it's impossible to recognize the files.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-18 08:46:58 +08:00
Jason SongandGitHub 21c91b7dff Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479)
When offline mode is true, we should set `disable_gravatar` to `true`
and `enable_federated_avatar` to `false` in system settings.
2023-01-17 17:00:19 +02:00
c86be819bb Add more packages to denylist (#22412)
After this, we can remove
[`denylist_imports`](https://gitea.com/gitea/gitea-vet/src/branch/master/checks/denylisted-imports.go#L13)
in gitea-vet
([gitea-vet/pulls/23](https://gitea.com/gitea/gitea-vet/pulls/23)).

```go
deniedImports   = []string{"io/ioutil", "encoding/json", "gitea.com/gitea/go-crypto"}
```

However, we needn't keep `gitea.com/gitea/go-crypto` any longer, it's
gone and can't be imported again.

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-12 23:35:53 +08:00
Jason SongandGitHub 477a1cc40e Improve utils of slices (#22379)
- Move the file `compare.go` and `slice.go` to `slice.go`.
- Fix `ExistsInSlice`, it's buggy
  - It uses `sort.Search`, so it assumes that the input slice is sorted.
- It passes `func(i int) bool { return slice[i] == target })` to
`sort.Search`, that's incorrect, check the doc of `sort.Search`.
- Conbine `IsInt64InSlice(int64, []int64)` and `ExistsInSlice(string,
[]string)` to `SliceContains[T]([]T, T)`.
- Conbine `IsSliceInt64Eq([]int64, []int64)` and `IsEqualSlice([]string,
[]string)` to `SliceSortedEqual[T]([]T, T)`.
- Add `SliceEqual[T]([]T, T)` as a distinction from
`SliceSortedEqual[T]([]T, T)`.
- Redesign `RemoveIDFromList([]int64, int64) ([]int64, bool)` to
`SliceRemoveAll[T]([]T, T) []T`.
- Add `SliceContainsFunc[T]([]T, func(T) bool)` and
`SliceRemoveAllFunc[T]([]T, func(T) bool)` for general use.
- Add comments to explain why not `golang.org/x/exp/slices`.
- Add unit tests.
2023-01-11 13:31:16 +08:00
a35714372d Fix halfCommitter and WithTx (#22366)
Related to #22362.

I overlooked that there's always `committer.Close()`, like:

```go
		ctx, committer, err := db.TxContext(db.DefaultContext)
		if err != nil {
			return nil
		}
		defer committer.Close()

		// ...

		if err != nil {
			return nil
		}

		// ...

		return committer.Commit()
```

So the `Close` of `halfCommitter` should ignore `commit and close`, it's
not a rollback.

See: [Why `halfCommitter` and `WithTx` should rollback IMMEDIATELY or
commit
LATER](https://github.com/go-gitea/gitea/pull/22366#issuecomment-1374778612).

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-01-09 12:19:19 -05:00
Jason SongandGitHub 9e94346529 Remove satori/go.uuid (#22375)
`github.com/satori/go.uuid` is no longer used, so the `replace` is not
needed now
2023-01-09 01:00:10 -05:00
7adc2de464 Use context parameter in models/git (#22367)
After #22362, we can feel free to use transactions without
`db.DefaultContext`.

And there are still lots of models using `db.DefaultContext`, I think we
should refactor them carefully and one by one.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-09 11:50:54 +08:00
Jason SongandGitHub 6135359a04 Always reuse transaction (#22362) 2023-01-08 09:34:58 +08:00
Jason SongandGitHub 3dbd2d942b Remove old HookEventType (#22358)
Supplement to #22256.
2023-01-06 19:49:14 +08:00
f8e93ce423 Reminder for no more logs to console (#22282)
Even if the log mode is `file`, there are still few logs printed to the
console at the very beginning.

That's fine but confusing. Someone will think the console is the only
place to find logs, and get nothing helpful. See
https://github.com/go-gitea/gitea/issues/22274#issuecomment-1367917717.

There should be a reminder that there are no more logs to the console.

And to avoid log loss, we should add configured loggers first, then
remove console logger if there's no `console` in the mode.

Tests with `MODE = file`:

Before:
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/210079862-d591677f-347e-46ed-a548-bb2ddbb0885c.png">

After:
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/210080002-d66cc418-6888-4909-b370-d03f5986ef41.png">

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-01-01 22:00:33 +08:00
Jason SongandGitHub e5deeda0aa Support estimated count with multiple schemas (#22276)
The `EstimateCount` could be incorrect when the table lives in multiple
schemas. Related to #19775.
2022-12-30 12:25:58 -06:00
d34f3a2213 Fix sitemap (#22272)
Fix #22270.

Related to #18407.

The old code treated both sitemap and sitemap index as the format like:

```xml
...
<url>
  <loc>http://localhost:3000/explore/users/sitemap-1.xml</loc>
</url>
...
```

Actually, it's incorrect for sitemap index, it should be:

```xml
...
<sitemap>
  <loc>http://localhost:3000/explore/users/sitemap-1.xml</loc>
</sitemap>
...
```

See https://www.sitemaps.org/protocol.html

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: delvh <dev.lh@web.de>
2022-12-30 23:31:00 +08:00
47efba78ec Support template for merge message description (#22248)
Fix #21435.

Use the first line of the template as the git commit message title, and
the rest as the description.

## Snapshots

<img width="806" alt="image"
src="https://user-images.githubusercontent.com/9418365/209644083-5d85179c-cf58-404f-bc98-c662398a2411.png">
<img width="860" alt="image"
src="https://user-images.githubusercontent.com/9418365/209644392-22573090-e2c1-458b-ba44-855b79735632.png">
<img width="1154" alt="image"
src="https://user-images.githubusercontent.com/9418365/209644457-a1b2711a-6787-45b4-b52c-a88d7fc132d7.png">

Co-authored-by: delvh <dev.lh@web.de>
2022-12-29 14:40:20 +02:00
6cf09ccab4 Use complete SHA to create and query commit status (#22244)
Fix #13485.

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-27 21:12:49 +08:00
Jason SongandGitHub 814b44aeaf Fix typo of Asia/Shanghai (#22242)
As the title.
2022-12-26 16:50:58 +08:00
71ca3067bc Check primary keys for all tables and drop ForeignReference (#21721)
Some dbs require that all tables have primary keys, see
- #16802
- #21086

We can add a test to keep it from being broken again.

Edit:

~Added missing primary key for `ForeignReference`~ Dropped the
`ForeignReference` table to satisfy the check, so it closes #21086.

More context can be found in comments.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2022-12-23 19:35:43 +08:00
659055138b Secrets storage with SecretKey encrypted (#22142)
Fork of #14483, but [gave up
MasterKey](https://github.com/go-gitea/gitea/pull/14483#issuecomment-1350728557),
and fixed some problems.

Close #12065.
Needed by #13539.

Featrues:
- Secrets for repo and org, not user yet.
- Use SecretKey to encrypte/encrypt secrets.
- Trim spaces of secret value.
- Add a new locale ini block, to make it easy to support secrets for
user.

Snapshots:

Repo level secrets:

![image](https://user-images.githubusercontent.com/9418365/207823319-b8a4903f-38ca-4af7-9d05-336a5af906f3.png)

Rrg level secrets

![image](https://user-images.githubusercontent.com/9418365/207823371-8bd02e93-1928-40d1-8c76-f48b255ace36.png)

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-12-20 17:07:13 +08:00
Jason SongandGitHub 2779d47ad3 Optimize html templates (#22080)
Replace `active{{end}} item` with `active{{end}} item`.
2022-12-09 21:34:51 +08:00
Jason SongandGitHub 8fb1e53ca2 Rename actions to operations on UI (#22067)
Use "operations" to indicate "some something can be done", to prevent
users from confusing it with CICD.

Releated to: #13539.

Snapshots:

<img width="389" alt="image"
src="https://user-images.githubusercontent.com/9418365/206409797-a99bac25-2d38-4066-b9ab-27a4f6fe67e7.png">
<img width="398" alt="image"
src="https://user-images.githubusercontent.com/9418365/206410099-bbd258a9-54d9-4664-8d95-31d29cb35209.png">
<img width="442" alt="image"
src="https://user-images.githubusercontent.com/9418365/206410218-009a3103-a9b9-4d0c-86b6-540dda5bce89.png">

I'm not a native English speaker, but I think "operations" may be good
enough, and Gitea already uses this word:

<img width="1440" alt="image"
src="https://user-images.githubusercontent.com/9418365/206410671-4a718b14-0603-40cb-bdcb-f6f84d1f5e24.png">
2022-12-08 21:14:09 +08:00
Jason SongandGitHub 0a85537c79 Support disabling database auto migration (#22053)
Gitea will migrate the database model version automatically, but it
should be able to be disabled and keep Gitea shutdown if the version is
not matched.
2022-12-07 09:58:31 -06:00
Jason SongandGitHub 74874d065f Fix issue/PR numbers (#22037)
When deleting a closed issue, we should update both `NumIssues`and
`NumClosedIssues`, or `NumOpenIssues`(`= NumIssues -NumClosedIssues`)
will be wrong. It's the same for pull requests.

Releated to #21557.

Alse fixed two harmless problems:

- The SQL to check issue/PR total numbers is wrong, that means it will
update the numbers even if they are correct.
- Replace legacy `num_issues = num_issues + 1` operations with
`UpdateRepoIssueNumbers`.
2022-12-06 15:53:09 +08:00
f59a74852b Update gitea-vet to check FSFE REUSE (#22004)
Related to:
- #21840
- https://gitea.com/gitea/gitea-vet/pulls/21

What it looks like when it's working:
https://drone.gitea.io/go-gitea/gitea/64040/1/5

All available SPDX license identifiers: [SPDX License
List](https://spdx.org/licenses/).

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-02 22:14:57 +08:00
f9cbf5a1bc Util type to parse ref name (#21969)
Provide a new type to make it easier to parse a ref name.

Actually, it's picked up from #21937, to make the origin PR lighter.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-01 19:56:04 +08:00
Jason SongandGitHub 4e5d4d0073 Skip initing LFS storage if disabled (#21996)
A complement to #21985.

I overlooked it because the name of the switch is `StartServer`, not
`Enabled`. I believe the weird name is a legacy, but renaming is out of
scope.
2022-12-01 11:02:04 +02:00
Jason SongandGitHub 67881ae99a Skip initing disabled storages (#21985)
If `Attachment` or `Packages` are disabled, we don't have to init the
storages for them.
2022-11-30 21:39:02 +08:00
Jason SongandGitHub f047ee0a40 Use random bytes to generate access token (#21959) 2022-11-28 23:37:42 +08:00
Jason SongandGitHub 9607750b5e Replace fmt.Sprintf with hex.EncodeToString (#21960)
`hex.EncodeToString` has better performance than `fmt.Sprintf("%x",
[]byte)`, we should use it as much as possible.

I'm not an extreme fan of performance, so I think there are some
exceptions:

- `fmt.Sprintf("%x", func(...)[N]byte())`
- We can't slice the function return value directly, and it's not worth
adding lines.
    ```diff
    func A()[20]byte { ... }
    - a := fmt.Sprintf("%x", A())
    - a := hex.EncodeToString(A()[:]) // invalid
    + tmp := A()
    + a := hex.EncodeToString(tmp[:])
    ```
- `fmt.Sprintf("%X", []byte)`
- `strings.ToUpper(hex.EncodeToString(bytes))` has even worse
performance.
2022-11-28 11:19:18 +00:00
Jason SongandGitHub 702f4b521e Add index for access_token (#21908)
The `token_last_eight` field has been used in `GetAccessTokenBySHA `:
2022-11-23 20:49:41 -06:00
Jason SongandGitHub e4eaa68a2b Replace yaml.v2 with yaml.v3 (#21832)
I don't see why we have to use two versions of yaml. The difference
between the two versions has nothing to do with our usage.
2022-11-21 16:36:59 +08:00
Jason SongandGitHub d3f850cc0e Support comma-delimited string as labels in issue template (#21831)
The [labels in issue YAML
templates](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms#top-level-syntax)
can be a string array or a comma-delimited string, so a single string
should be valid labels.

The old codes committed in #20987 ignore this, that's why the warning is
displayed:

<img width="618" alt="image"
src="https://user-images.githubusercontent.com/9418365/202112642-93dc72d0-71c3-40a2-9720-30fc2d48c97c.png">

Fixes #17877.
2022-11-19 15:22:15 +00:00
Jason SongandGitHub 92dd24716d Ignore issue template with a special name (#21830)
A file in `ISSUE_TEMPLATE` with the name `config.yml` shouldn't be
treated as a YAML template, it's for [configuring the template
chooser](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser).

The old code tried to ignore the file, but it didn't work, caused by
#20987. That's why the warning is displayed:

<img width="415" alt="image"
src="https://user-images.githubusercontent.com/9418365/202094067-804c42fe-0e9e-4fc5-bf01-d95fa336f54f.png">

Note that this PR is not an implementation of `config.yml`, there will
be another one to do it.
2022-11-16 19:14:58 +08:00