1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-27 09:11:53 -05:00
Commit graph

801 commits

Author SHA1 Message Date
Gusted
51988ef52b
[GITEA] rework long-term authentication
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.

(cherry-pick from eff097448b)

Conflicts:

	modules/context/context_cookie.go
	trivial context conflicts

	routers/web/web.go
	ctx.GetSiteCookie(setting.CookieRememberName) moved from services/auth/middleware.go
2023-10-05 08:50:54 +02:00
wxiaoguang
8f6d442a04
Use secure cookie for HTTPS sites (#26999) (#27013)
Backport #26999

If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

(cherry picked from commit b0a405c5fa)
2023-09-20 12:50:46 +02:00
Giteabot
957a64d91a
Fix INI parsing for value with trailing slash (#26995) (#27001)
Backport #26995 by @wxiaoguang

Fix #26977 (a temp fix)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit da7d7e60d8)
2023-09-20 12:50:46 +02:00
Giteabot
4d2b4008d3
Fix some slice append usages (#26778) (#26798)
Backport #26778 by @harryzcy

Co-authored-by: Chongyi Zheng <git@zcy.dev>
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 4013f3f600)
2023-09-08 08:09:18 +02:00
Earl Warren
d3b8870700
[TESTS] verify facts for the admin storage documentation (squash)
(cherry picked from commit d83d8ce57b)
2023-08-31 15:32:22 +02:00
Gusted
fa25b9eec6
[GITEA] Add slow SQL query warning
- Backport of https://codeberg.org/forgejo/forgejo/pulls/1284
  - Databases are one of the most important parts of Forgejo, every
interaction with Forgejo uses the database in one way or another.
Therefore, it is important to maintain the database and recognize when
Forgejo is not doing well with the database. Forgejo already has the
option to log *every* SQL query along with its execution time, but
monitoring becomes impractical for larger instances and takes up
unnecessary storage in the logs.
  - Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
  - The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen.
  - Added unit test.
2023-08-21 21:18:43 +02:00
Giteabot
b683b93d16
Fix storage path logic especially for relative paths (#26441) (#26481)
Backport #26441 by @lunny

This PR rewrites the function `getStorage` and make it more clear.

Include tests from #26435, thanks @earl-warren

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Earl Warren <contact@earl-warren.org>
(cherry picked from commit f1c5d33d3e)
2023-08-21 07:22:19 +02:00
Giteabot
0c8a96896f
Remove last newline from config file (#26468) (#26471)
Backport #26468 by @wxiaoguang

When users put the secrets into a file (GITEA__sec__KEY__FILE), the
newline sometimes is different to avoid (eg: echo/vim/...)

So the last newline could be removed when reading, it makes the users
easier to maintain the secret files.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 80d7288ea4)
2023-08-21 07:22:19 +02:00
Earl Warren
1b568e284f
[GITEA] add GetFile to config provider
(cherry picked from commit 88d1b53eea)
2023-08-21 07:22:19 +02:00
Earl Warren
03f33a0320
[SEMVER] store SemVer in ForgejoSemVer after a database upgrade
(cherry picked from commit b7fe7cf401)
2023-08-21 07:22:18 +02:00
Giteabot
5aa6a8288d
Fix the wrong derive path (#26271) (#26318)
Backport #26271 by @lunny

This PR will fix #26264, caused by #23911.

The package configuration derive is totally wrong when storage type is
local in that PR.

This PR fixed the inherit logic when storage type is local with some
unit tests.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 88f6f7579c)
2023-08-21 07:22:16 +02:00
Giteabot
b97dbf7a9e
Clarify the logger's MODE config option (#26267) (#26281)
Backport #26267 by @wxiaoguang

1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a758337046)
2023-08-21 07:22:16 +02:00
Earl Warren
20557c6bdb
[BRANDING] define the forgejo webhook type
templates/swagger/v1_json.tmpl updated with `make generate-swagger`

(cherry picked from commit 88899c492e)
(cherry picked from commit 7171bd9617)
(cherry picked from commit 1a742446c1)
(cherry picked from commit d7c189d7b2)

Conflicts:
	routers/web/web.go
(cherry picked from commit cbdea868e4)
(cherry picked from commit 6cd150483b)
(cherry picked from commit 47246da8d3)
(cherry picked from commit f2aa0e6b76)
(cherry picked from commit 5a4fc69a16)
(cherry picked from commit 48e444ca09)
(cherry picked from commit 888e537811)
(cherry picked from commit 5121f493c9)
(cherry picked from commit 9394e55fdf)
(cherry picked from commit 3a2ce51768)
(cherry picked from commit 719ead3a65)
(cherry picked from commit 83e6f82e2a)
(cherry picked from commit 494a429b21)
(cherry picked from commit 4d775db6b4)
(cherry picked from commit b68f777dc2)
(cherry picked from commit 5b934023fa)
(cherry picked from commit 3b1ed8b16c)
(cherry picked from commit 6bc4a46c9f)
(cherry picked from commit 8064bb24a3)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/org/settings/hook_new.tmpl
	templates/repo/settings/webhook/base_list.tmpl
	templates/repo/settings/webhook/new.tmpl
	templates/user/settings/hook_new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1181

(cherry picked from commit 55f5588a91)

Conflicts:
	routers/web/web.go
	https://codeberg.org/forgejo/forgejo/issues/1219
2023-08-21 07:22:16 +02:00
Earl Warren
c862cc15c8
Revert "[BRANDING] define the forgejo webhook type"
This reverts commit 02ba08ca84.
2023-08-21 07:22:16 +02:00
Giteabot
1d900bc6a9
Avoid writing config file if not installed (#26107) (#26113)
Backport #26107 by @wxiaoguang

Just like others (oauth2 secret, internal token, etc), do not generate
if no install lock

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit e2596b0a99)
(cherry picked from commit 78722734fe)
2023-08-21 07:22:15 +02:00
Earl Warren
a1986507b7
Revert "Avoid writing config file if not installed (#26107) (#26113)"
This reverts commit 78722734fe.

It does not create `LFS_JWT_SECRET` if `INSTALL_LOCK` is true and the
value of `LFS_JWT_SECRET` found in `app.ini` is incorrect. As a result
LFS_JWT_SECRET will not be set at all and the Forgejo admin will not
be notified that the value in the `app.ini` was ignored.
2023-07-30 09:30:36 +02:00
Giteabot
268569b462
Fix allowed user types setting problem (#26200) (#26206)
Backport #26200 by @lunny

Fix #25951

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 499c5594c3)
2023-07-30 07:46:19 +02:00
Giteabot
5a4b19435d
Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
(cherry picked from commit 892e24aaf1)
2023-07-30 07:46:18 +02:00
Lunny Xiao
28f4029e40
Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
backport #26094
Temporily resolve #25915
Related #25994

This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">

(cherry picked from commit c598741f01)
2023-07-30 07:42:53 +02:00
Earl Warren
f4fcdaba8c
Revert "[GITEA] do not use deprecatedSettingFatal for cosmetic reasons"
This reverts commit 2de8602855.
2023-07-30 07:42:38 +02:00
Giteabot
78722734fe
Avoid writing config file if not installed (#26107) (#26113)
Backport #26107 by @wxiaoguang

Just like others (oauth2 secret, internal token, etc), do not generate
if no install lock

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit e2596b0a99)
2023-07-26 13:49:15 +02:00
Giteabot
d4fa6a846a
Fix env config parsing for "GITEA____APP_NAME" (#26001) (#26013)
Backport #26001 by @wxiaoguang

Regression of #24832

Fix the bug and add a test for it

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 4d5e3b9372)
2023-07-24 07:59:10 +02:00
Giteabot
f890856cf4
Update path related documents (#25417) (#25982)
Backport #25417 by @wxiaoguang

Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.

![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ee47face12)
2023-07-24 07:58:56 +02:00
wxiaoguang
8630d63f57
Avoid creating directories when loading config (#25944) (#25957)
Backport #25944

The "creating dir/file during load config" is a longstanding and complex
problem.

This PR only does a quick patch, it still needs more refactorings in the
future.

Fix #25938

(cherry picked from commit 5c3662b902)
2023-07-24 07:58:56 +02:00
Earl Warren
2de8602855
[GITEA] do not use deprecatedSettingFatal for cosmetic reasons
It breaks existing instances that would otherwise work perfectly
fine. Failing to start an instance should only happen when there is a
compelling reason to do so, for instance if the `app.ini` could not be
modified in a way that is backward compatible. If the only motivation
is to remove the setting for cosmetic reason, it must not be fatal.

(cherry picked from commit c09ef82e9a)
(cherry picked from commit e80aaa11d9)
2023-07-24 07:58:17 +02:00
Giteabot
6c0932f8a4
Add shutting down notice (#25920) (#25922)
Backport #25920 by @KN4CK3R

Got the same problem as #25915 when updating an instance. The
`log.Fatal` should have been marked as breaking in #23911.

This PR adds a notice that the system is shutting down because of the
deprecated setting.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 6e82d0bb7c)
2023-07-24 07:56:33 +02:00
Earl Warren
f405880230
Revert "[GITEA] do not use deprecatedSettingFatal for cosmetic reasons"
This reverts commit e80aaa11d9.
2023-07-24 07:55:43 +02:00
Earl Warren
e80aaa11d9
[GITEA] do not use deprecatedSettingFatal for cosmetic reasons
It breaks existing instances that would otherwise work perfectly
fine. Failing to start an instance should only happen when there is a
compelling reason to do so, for instance if the `app.ini` could not be
modified in a way that is backward compatible. If the only motivation
is to remove the setting for cosmetic reason, it must not be fatal.

(cherry picked from commit c09ef82e9a)
2023-07-23 12:33:14 +02:00
Loïc Dachary
2eb558be4a
[CI] DEFAULT_ACTIONS_URL support for self & github (squash)
Refs: https://codeberg.org/forgejo/forgejo/issues/1062
(cherry picked from commit 74cc25376e)
2023-07-19 14:34:38 +02:00
Loïc Dachary
234e6d3648
[BRANDING] alias {FORGEJO,GITEA}_{CUSTOM,WORK_DIR}
FORGEJO_* environment variables are set to the corresponding GITEA_*
variable when the cli starts. This approach is intended to minimize
the conflicts on rebase. All occurences of GITEA_* are left untouched
in the codebase and they are only changed to FORGEJO_* if exposed to
the user.

(cherry picked from commit e466f9d10e)
(cherry picked from commit e33e95931b)
(cherry picked from commit 2cfc6519b7)
(cherry picked from commit af8864373a)
(cherry picked from commit a0550ff339)
(cherry picked from commit 24dc0a5191)
(cherry picked from commit e255eea2b4)
(cherry picked from commit 0c4f5afa7a)
(cherry picked from commit 42fce708d0)
(cherry picked from commit e7278c3c22)
(cherry picked from commit 0fb9ed7e0e)
(cherry picked from commit a98308aa4d)
(cherry picked from commit b8695fcbe0)
(cherry picked from commit 4aee8719f5)
(cherry picked from commit 1c503c1ba7)
(cherry picked from commit cf1ed8551e)
(cherry picked from commit c52459b088)
(cherry picked from commit 92cac277b2)
(cherry picked from commit 2c744f1118)
(cherry picked from commit 1482cfabe5)
2023-07-17 00:25:56 +02:00
Earl Warren
266948e08a
[BRANDING] parse FORGEJO__* in the container environment
(cherry picked from commit b075991747)
(cherry picked from commit ac8503150a)
2023-07-17 00:25:56 +02:00
Earl Warren
4466f7dc09
[BRANDING] DEFAULT_ACTIONS_URL = https://codeberg.org
(cherry picked from commit 52b364ddbd)
(cherry picked from commit 99887cd567)
(cherry picked from commit cd5788782a)
(cherry picked from commit 71c698a704)
(cherry picked from commit 71386241dd)
(cherry picked from commit b7ab05aeac)
(cherry picked from commit e78b9ca59c)
(cherry picked from commit edb3adf460)
(cherry picked from commit 3e40088197)

[BRANDING] DEFAULT_ACTIONS_URL = https://code.forgejo.org

(cherry picked from commit d0e4512c90)
(cherry picked from commit 8ba6e04709)
(cherry picked from commit 6349081044)
(cherry picked from commit e06bd44495)
(cherry picked from commit d58219d8e1)
(cherry picked from commit 052f2c2aa4)
(cherry picked from commit 29dc395386)
(cherry picked from commit 9eef3f59f3)
(cherry picked from commit 5ee6437aec)
(cherry picked from commit 52ba5e0900)
(cherry picked from commit e237fd39ca)
(cherry picked from commit 4c9a726e6b)
(cherry picked from commit 7fa4c3e00f)
2023-07-17 00:25:56 +02:00
Earl Warren
02ba08ca84
[BRANDING] define the forgejo webhook type
templates/swagger/v1_json.tmpl updated with `make generate-swagger`

(cherry picked from commit 88899c492e)
(cherry picked from commit 7171bd9617)
(cherry picked from commit 1a742446c1)
(cherry picked from commit d7c189d7b2)

Conflicts:
	routers/web/web.go
(cherry picked from commit cbdea868e4)
(cherry picked from commit 6cd150483b)
(cherry picked from commit 47246da8d3)
(cherry picked from commit f2aa0e6b76)
(cherry picked from commit 5a4fc69a16)
(cherry picked from commit 48e444ca09)
(cherry picked from commit 888e537811)
(cherry picked from commit 5121f493c9)
(cherry picked from commit 9394e55fdf)
(cherry picked from commit 3a2ce51768)
(cherry picked from commit 719ead3a65)
(cherry picked from commit 83e6f82e2a)
(cherry picked from commit 494a429b21)
(cherry picked from commit d30c90c0ab)
(cherry picked from commit 3c83b325c4)
(cherry picked from commit 470bffae63)
(cherry picked from commit 1d65921719)
(cherry picked from commit c101c2e0b9)
2023-07-17 00:25:56 +02:00
Caesar Schinas
30d27261d3
[BRANDING] Rebrand default meta tags
(cherry picked from commit b1a792b635)
(cherry picked from commit ba71acccdb)
(cherry picked from commit ef58efb8e0)
(cherry picked from commit 6a1b08241e)
(cherry picked from commit 132c7a3a07)
(cherry picked from commit a1f07975d6)
(cherry picked from commit f3793598b2)
(cherry picked from commit 60f38116af)
(cherry picked from commit 88884cf283)
(cherry picked from commit 520de41aef)
(cherry picked from commit cfd5e5b95a)
(cherry picked from commit 5cf1738f0a)
(cherry picked from commit b95f9b3142)
(cherry picked from commit 0118fba970)
(cherry picked from commit ef213ec79d)
(cherry picked from commit f6794f694b)
(cherry picked from commit 639110c03b)
(cherry picked from commit 16ed04f9f4)
(cherry picked from commit b6f50bf932)
(cherry picked from commit bcf255844d)
(cherry picked from commit 9eb9f86542)
(cherry picked from commit 9f98d6757b)
2023-07-17 00:25:55 +02:00
Caesar Schinas
c114933045
[BRANDING] Add Forgejo light, dark, and auto themes
(cherry picked from commit faab0c670e)
(cherry picked from commit b6d59493c7)
(cherry picked from commit 837da0c1f4)
(cherry picked from commit 71ad245e1d)
(cherry picked from commit 85a7032f1b)

Conflicts:
	web_src/css/themes/theme-forgejo-auto.less
	web_src/css/themes/theme-forgejo-dark.less
	web_src/css/themes/theme-forgejo-light.less
	web_src/less/_home.less
        see https://codeberg.org/forgejo/forgejo/pulls/552
(cherry picked from commit 0c2c131bb0)

[BRANDING] Add Forgejo light, dark, and auto themes: fix import

Closes: https://codeberg.org/forgejo/forgejo/issues/562
(cherry picked from commit 2b0dc1f80f)
(cherry picked from commit 494ad6a3b7)
(cherry picked from commit 6940fc22c4)
(cherry picked from commit bd6f00656c)
(cherry picked from commit ebb506a124)
(cherry picked from commit 43d72d3781)
(cherry picked from commit 1a87adca01)
(cherry picked from commit 0704c410b4)
(cherry picked from commit 9039b47c16)
(cherry picked from commit e32bb78924)
(cherry picked from commit 053ad84f91)
(cherry picked from commit a35f1b6da7)
(cherry picked from commit 7709d6a67b)
(cherry picked from commit 76aec99cdd)
(cherry picked from commit 76089f3482)
(cherry picked from commit bac925c76b)
(cherry picked from commit 8fcf1c608e)
2023-07-17 00:25:55 +02:00
Caesar Schinas
ee52d43903
[BRANDING] Rebrand default config settings for new installs (#140)
Replaces `Gitea` with `Forgejo` in the default config settings for new installs.

This will not affect existing installs.

Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/140
Co-authored-by: Caesar Schinas <caesar@noreply.codeberg.org>
Co-committed-by: Caesar Schinas <caesar@noreply.codeberg.org>
(cherry picked from commit ca1319aa16)
(cherry picked from commit 52a4d238a0)
(cherry picked from commit f63536538c)

Conflicts:
	web_src/js/features/install.js
(cherry picked from commit 861cc434e1)
(cherry picked from commit 0e6ea60c80)
(cherry picked from commit 0cbc0ec15d)
(cherry picked from commit 3cc19b0ae2)
(cherry picked from commit 50fcb885fe)
(cherry picked from commit f6039d4df4)
(cherry picked from commit 5ae5c6ba2d)
(cherry picked from commit f0b565e0ed)
(cherry picked from commit adbd4d2015)
(cherry picked from commit d26c540ffd)
(cherry picked from commit 6df6781b42)
(cherry picked from commit b6fb56e1c4)
(cherry picked from commit bb4f98a0ca)
(cherry picked from commit 6779229f27)
(cherry picked from commit d6e878a739)
(cherry picked from commit b3c612f2ab)
(cherry picked from commit ab09b75301)
(cherry picked from commit 4bd4279a96)
(cherry picked from commit 1882439f8d)
2023-07-17 00:25:55 +02:00
Caesar Schinas
71b2849d80
[BRANDING] Add forgejo emoji
(cherry picked from commit ade55ad308)
(cherry picked from commit 107f726618)
(cherry picked from commit f29cf9cfc1)
(cherry picked from commit 0761a41eee)
(cherry picked from commit 2b1fd9565f)
(cherry picked from commit 6a7c82f13b)
(cherry picked from commit 4a56d40494)
(cherry picked from commit b48e3e896d)
(cherry picked from commit bde83340cb)
(cherry picked from commit 74e0603d6b)
(cherry picked from commit 84bd1ddc08)
(cherry picked from commit 62d9acde2a)
(cherry picked from commit 5b84a90913)
(cherry picked from commit 5362f7d053)
(cherry picked from commit 65ad7d1bd9)
(cherry picked from commit 6e42d545a9)
(cherry picked from commit 24d3bb33e2)
(cherry picked from commit 359c197623)
(cherry picked from commit 1b45cee537)
(cherry picked from commit 8f85921df5)
(cherry picked from commit a4ff35cbba)
(cherry picked from commit 4700ee961e)
2023-07-17 00:25:55 +02:00
Earl Warren
4085181bd9
Revert "Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)"
This reverts commit 24cf06592e.

(cherry picked from commit bf8853299d)
(cherry picked from commit cd1b258e3e)
2023-07-16 23:21:44 +02:00
wxiaoguang
b4460cf541
Make "install page" respect environment config (#25648) (#25799)
Backport #25648

Replace #25580

Fix #19453

The problem was: when users set "GITEA__XXX__YYY" , the "install page"
doesn't respect it.

So, to make the result consistent and avoid surprising end users, now
the "install page" also writes the environment variables to the config
file.

And, to make things clear, there are enough messages on the UI to tell
users what will happen.

There are some necessary/related changes to `environment-to-ini.go`:

* The "--clear" flag is removed and it was incorrectly written there.
The "clear" operation should be done if INSTALL_LOCK=true
* The "--prefix" flag is removed because it's never used, never
documented and it only causes inconsistent behavior.

The only conflict during backport is "ui divider" in
templates/install.tmpl
2023-07-10 11:51:05 +00:00
silverwind
24e64fe372
Replace interface{} with any (#25686) (#25687)
Same perl replacement as https://github.com/go-gitea/gitea/pull/25686
but for 1.20 to ease future backporting.
2023-07-04 23:41:32 -04:00
Giteabot
24cf06592e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
Backport #25581 by @wolfogre

Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-30 07:53:00 +00:00
wxiaoguang
e6f62eea70
Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) (#25576)
Backport #25567

Ref:

* https://github.com/go-gitea/gitea/issues/25377#issuecomment-1609757289

And some sub-commands like "generate" / "docs", they do not need to use
the ini config
2023-06-29 06:30:40 +02:00
wxiaoguang
0eb4ab4246
Fix sub-command log level (#25537) (#25553)
Backport #25537

More fix for #24981

* #24981

Close #22361, #25552

* #22361
* #25552

There were many patches for Gitea's sub-commands to satisfy the facts:

* Some sub-commands shouldn't output any log, otherwise the git protocol
would be broken
* Sometimes the users want to see "verbose" or "quiet" outputs

That's a longstanding problem, and very fragile. This PR is only a quick
patch for the problem.

In the future, the sub-command system should be refactored to a clear
solution.

----

Other changes:

* Use `ReplaceAllWriters` to replace
`RemoveAllWriters().AddWriters(writer)`, then it's an atomic operation.
* Remove unnecessary `syncLevelInternal` calls, because
`AddWriters/addWritersInternal` already calls it.
2023-06-28 17:35:20 +08:00
Giteabot
71d2a6a41a
Use InitWorkPathAndCfgProvider for environment-to-ini to avoid unnecessary checks (#25480) (#25488)
Backport #25480 by @wxiaoguang

Fix #25481

The `InitWorkPathAndCommonConfig` calls `LoadCommonSettings` which does
many checks like "current user is root or not".

Some commands like "environment-to-ini" shouldn't do such check, because
it might be run with "root" user at the moment (eg: the docker's setup
script)

ps: in the future, the docker's setup script should be improved to avoid
Gitea's command running with "root"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-24 14:04:50 +00:00
wxiaoguang
061b68e995
Refactor path & config system (#25330) (#25416)
Backport #25330

# The problem

There were many "path tricks":

* By default, Gitea uses its program directory as its work path
* Gitea tries to use the "work path" to guess its "custom path" and
"custom conf (app.ini)"
* Users might want to use other directories as work path
* The non-default work path should be passed to Gitea by GITEA_WORK_DIR
or "--work-path"
* But some Gitea processes are started without these values
    * The "serv" process started by OpenSSH server
    * The CLI sub-commands started by site admin
* The paths are guessed by SetCustomPathAndConf again and again
* The default values of "work path / custom path / custom conf" can be
changed when compiling

# The solution

* Use `InitWorkPathAndCommonConfig` to handle these path tricks, and use
test code to cover its behaviors.
* When Gitea's web server runs, write the WORK_PATH to "app.ini", this
value must be the most correct one, because if this value is not right,
users would find that the web UI doesn't work and then they should be
able to fix it.
* Then all other sub-commands can use the WORK_PATH in app.ini to
initialize their paths.
* By the way, when Gitea starts for git protocol, it shouldn't output
any log, otherwise the git protocol gets broken and client blocks
forever.

The "work path" priority is: WORK_PATH in app.ini > cmd arg --work-path
> env var GITEA_WORK_DIR > builtin default

The "app.ini" searching order is: cmd arg --config > cmd arg "work path
/ custom path" > env var "work path / custom path" > builtin default


## ⚠️ BREAKING

If your instance's "work path / custom path / custom conf" doesn't meet
the requirements (eg: work path must be absolute), Gitea will report a
fatal error and exit. You need to set these values according to the
error log.
2023-06-22 16:27:18 +00:00
wxiaoguang
cb3173a1e9
Use "utf8mb4" for MySQL by default (#25432)
TBH, I don't see much difference from `Remove "CHARSET" config option
for MySQL, always use "utf8mb4"` #25413

Close #25413
2023-06-22 07:38:23 +02:00
Giteabot
8302b95d6b
Avoid polluting config file when "save" (#25395) (#25406)
Backport #25395 by @wxiaoguang

That's a longstanding INI package problem: the "MustXxx" calls change
the option values, and the following "Save" will save a lot of garbage
options into the user's config file.

Ideally we should refactor the INI package to a clear solution, but it's
a huge work.

A clear workaround is what this PR does: when "Save", load a clear INI
instance and save it.

Partially fix #25377, the "install" page needs more fine tunes.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-21 04:51:26 +00:00
Giteabot
e9fab3ea3e
Avoid polluting the config (#25345) (#25354)
Backport #25345 by @wxiaoguang

Caught by #25330

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-18 20:56:50 +00:00
Giteabot
21cd5c2f3d
Fix all possible setting error related storages and added some tests (#23911) (#25244)
Backport #23911 by @lunny

Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 08:36:52 +02:00
wxiaoguang
de4a21fcb4
Refactor INI package (first step) (#25024)
The INI package has many bugs and quirks, and in fact it is
unmaintained.

This PR is the first step for the INI package refactoring: 

* Use Gitea's "config_provider" to provide INI access
* Deprecate the INI package by golangci.yml rule
2023-06-02 17:27:30 +08:00