Commit Graph

1107 Commits

Author SHA1 Message Date
sillyguodong 538efb9df7
Make runs-on support variable expression (#29468) (#29782)
backport #29468 

Close issue: https://gitea.com/gitea/act_runner/issues/445
Follow: https://gitea.com/gitea/act/pulls/91

Move `getSecretsOfTask` and `getVariablesOfTask` under models because of
circular dependency issues.
2024-03-14 10:19:01 +08:00
Giteabot 5e3581f073
Fix possible NPE in ToPullReviewList (#29759) (#29775)
Backport #29759 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-13 21:42:17 +01:00
Giteabot 1f89763744
Fix commit_status problem when testing (#29672) (#29675)
Backport #29672 by @charles7668

Close #29661

fix #29656

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
2024-03-08 16:04:23 +00:00
yp05327 bd7de0c4e4
Add empty repo check in DetectAndHandleSchedules (#29606) (#29659)
Backport #29606
2024-03-08 09:50:04 +00:00
Giteabot 76b6754c3a
Fixing the issue when status check per rule matches multiple actions (#29631) (#29655)
Backport #29631 by @charles7668

Close #29628
rule
```
Test / Build*
Test / Build *
Test / Build 2*
Test / Build 1*
```

![image](https://github.com/go-gitea/gitea/assets/30816317/19bef0a9-fa97-43c5-887b-dece76064aa8)
rule2
```
Test / Build*
Test / Build 1*
```

![image](https://github.com/go-gitea/gitea/assets/30816317/19bef0a9-fa97-43c5-887b-dece76064aa8)

rule3
```
Test / Build*
Test / Build 1*
NotExist*
```

![image](https://github.com/go-gitea/gitea/assets/30816317/f6a5e832-2e1b-4049-915b-45bec5ef070c)

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-03-08 13:24:32 +08:00
Giteabot 0b5a4e7db4
Use strict protocol check when redirect (#29642) (#29644)
Backport #29642 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-07 03:53:33 +00:00
Lunny Xiao 5667ef9aab
Add missing database transaction for new issue (#29490) (#29607)
When creating an issue, inserting issue, assign users and set project
should be in the same transaction.

Backport #29490
2024-03-05 16:37:55 +00:00
Giteabot b519e4750b
Fix workflow trigger event IssueChangeXXX bug (#29559) (#29565)
Backport #29559 by @yp05327

Bugs from #29308
Follow #29467

partly fix #29558

Co-authored-by: yp05327 <576951401@qq.com>
2024-03-04 04:34:46 +08:00
Giteabot 8723389028
Fix incorrect relative/absolute URL usages (#29531) (#29547)
Backport #29531 by wxiaoguang

Add two "HTMLURL" methods for PackageDescriptor. 
And rename "FullWebLink" to "VersionWebLink"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-02 18:00:15 +00:00
Giteabot b43ce53a23
Fix workflow trigger event bugs (#29467) (#29475)
Backport #29467 by @Zettat123

1. Fix incorrect `HookEventType` for issue-related events in
`IssueChangeAssignee`
2. Add `case "types"` in the `switch` block in `matchPullRequestEvent`
to avoid warning logs

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-02-28 21:24:51 +01:00
Giteabot eabcfd3f7d
The job should always run when `if` is `always()` (#29464) (#29469)
Backport #29464 by @Zettat123

Fix #27906

According to GitHub's
[documentation](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds),
a job should always run when its `if` is `always()`

> If you would like a job to run even if a job it is dependent on did
not succeed, use the `always()` conditional expression in
`jobs.<job_id>.if`.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-02-28 12:22:31 +01:00
Giteabot c758a8afba
Ignore empty repo for CreateRepository in action notifier (#29416) (#29424)
Backport #29416 by @yp05327

Fix #29415

Co-authored-by: yp05327 <576951401@qq.com>
2024-02-26 09:59:12 +00:00
Giteabot 829b807a91
Fix tarball/zipball download bug (#29342) (#29352)
Backport #29342 by @Zettat123

Fix #29249

~~Use the `/repos/{owner}/{repo}/archive/{archive}` API to download.~~

Apply #26430 to archive download URLs.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-02-23 23:47:11 +01:00
wxiaoguang 511298e452
Use general token signing secret (#29205) (#29325)
Backport #29205 (including #29172)

Use a clearly defined "signing secret" for token signing.
2024-02-22 17:07:41 +00:00
Lunny Xiao 7ea2ffaf16
Fix SSPI user creation (#28948) (#29323)
Fixes #28945
Backport #28948

Setting the avatar is wrong and creating a random password is equal to
leave it empty.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-22 17:42:14 +01:00
Giteabot fdb0d03083
Improve the `issue_comment` workflow trigger event (#29277) (#29322)
Backport #29277 by @Zettat123

Fix #29175
Replace #29207

This PR makes some improvements to the `issue_comment` workflow trigger
event.

1. Fix the bug that pull requests cannot trigger `issue_comment`
workflows
2. Previously the `issue_comment` event only supported the `created`
activity type. This PR adds support for the missing `edited` and
`deleted` activity types.
3. Some events (including `issue_comment`, `issues`, etc. ) only trigger
workflows that belong to the workflow file on the default branch. This
PR introduces the `IsDefaultBranchWorkflow` function to check for these
events.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-02-22 17:19:48 +01:00
yp05327 0870e0bc9b
Implement some action notifier functions (#29173) (#29308)
Backport #29173

Fix #29166

Add support for the following activity types of `pull_request`
- assigned
- unassigned
- review_requested
- review_request_removed
- milestoned
- demilestoned
2024-02-22 03:55:03 +00:00
wxiaoguang c4a86b20a4
Fix missing link on outgoing new release notifications (#29079) (#29300)
Backport #29079

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Co-authored-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-21 19:01:48 +00:00
wxiaoguang f634982d23
Fix debian InRelease Acquire-By-Hash newline (#29204) (#29299)
Backport #29204

Co-authored-by: Robin Schoonover <robin@cornhooves.org>
2024-02-21 19:40:16 +01:00
Lunny Xiao 2762921e73
Fix missed edit issues event for actions (#29237) (#29251)
Fix #29213
Backport #29237
2024-02-20 11:13:05 +08:00
Markus Amshove 78f41e4fc4
Disallow merge when required checked are missing (#29143) (#29268)
backport #29143

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-19 20:48:17 +00:00
Lunny Xiao e2eac7574f
Fix bug when the linked account was disactived and list the linked accounts (#29263)
The bug has been fixed on v1.22 but not backport to v1.21.
This original PR have many refactors so I don't think it's necessary to
backport all of them.

Fix #28667
2024-02-19 15:23:47 +00:00
Jason Song f79530c50e
Do not use lower tag names to find releases/tags (#29261) (#29262)
Backport #29261.

Fix #26090, see
https://github.com/go-gitea/gitea/issues/26090#issuecomment-1952013206

Since `TagName` stores the original tag name and `LowerTagName` stores
the lower tag name, it doesn't make sense to use lowercase tags as
`TagNames` in `FindReleasesOptions`.

5e72526da4/services/repository/push.go (L396-L397)

While the only other usage looks correct:

5e72526da4/routers/web/repo/repo.go (L416)
2024-02-19 10:09:36 +00:00
Zettat123 7e0299b4fd
Only delete scheduled workflows when needed (#29091) (#29235)
Backport #29091 

Fix #29040

`handleSchedules` should be called only if `DetectWorkflows` should
detect schedule workflows
2024-02-18 14:31:05 +08:00
wxiaoguang dd8bc1d61d
Refactor issue template parsing and fix API endpoint (#29069) (#29140)
Backport #29069

The old code `GetTemplatesFromDefaultBranch(...) ([]*api.IssueTemplate,
map[string]error)` doesn't really follow Golang's habits, then the
second returned value might be misused. For example, the API function
`GetIssueTemplates` incorrectly checked the second returned value and
always responds 500 error.

This PR refactors GetTemplatesFromDefaultBranch to
ParseTemplatesFromDefaultBranch and clarifies its behavior, and fixes
the API endpoint bug, and adds some tests.

And by the way, add proper prefix `X-` for the header generated in
`checkDeprecatedAuthMethods`, because non-standard HTTP headers should
have `X-` prefix, and it is also consistent with the new code in
`GetIssueTemplates`
2024-02-14 01:32:31 +00:00
Giteabot 8def405047
Avoid sending update/delete release notice when it is draft (#29008) (#29025)
Backport #29008 by @yp05327

Fix #27157

Co-authored-by: yp05327 <576951401@qq.com>
2024-02-02 09:37:37 +00:00
Giteabot c398c25b18
Fix an actions schedule bug (#28942) (#28999)
Backport #28942 by @Zettat123

In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-31 15:52:31 +00:00
Giteabot 55c53080d1
Implement `MigrateRepository` for the actions notifier (#28920) (#28923)
Backport #28920 by @Zettat123

Fixes #28699

This PR implements the `MigrateRepository` method for `actionsNotifier`
to detect the schedules from the workflow files in the migrated
repository.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-01-25 12:27:11 +00:00
Giteabot cebf55f6b1
Only migrate the first 255 chars of a Github issue title (#28902) (#28912)
Backport #28902 by @JakobDev

Fixes #28846

Co-authored-by: JakobDev <jakobdev@gmx.de>
2024-01-24 19:56:54 +08:00
Giteabot fd1edb9d9d
Fix `DeleteCollaboration` transaction behaviour (#28886) (#28889)
Backport #28886 by @KN4CK3R

The method can't be called with an outer transaction because if the user
is not a collaborator the outer transaction will be rolled back even if
the inner transaction uses the no-error path.

`has == 0` leads to `return nil` which cancels the transaction. A
standalone call of this method does nothing but if used with an outer
transaction, that will be canceled.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-01-22 09:10:45 +01:00
Giteabot 633996db8e
Fix schedule not trigger bug because matching full ref name with short ref name (#28874) (#28888)
Backport #28874 by @lunny

Fix #28533

Caused by #28691

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-22 13:33:14 +08:00
Mihir Joshi 62f2d717b7
Fix reverting a merge commit failing (#28794) (#28825)
Backport https://github.com/go-gitea/gitea/pull/28794

Fixes #22236

---
Error occurring currently while trying to revert commit using read-tree
-m approach:
> 2022/12/26 16:04:43 ...rvices/pull/patch.go:240:AttemptThreeWayMerge()
[E] [63a9c61a] Unable to run read-tree -m! Error: exit status 128 -
fatal: this operation must be run in a work tree
> 	 - fatal: this operation must be run in a work tree

We need to clone a non-bare repository for `git read-tree -m` to work.


bb371aee6e
adds support to create a non-bare cloned temporary upload repository.

After cloning a non-bare temporary upload repository, we [set default
index](https://github.com/go-gitea/gitea/blob/main/services/repository/files/cherry_pick.go#L37)
(`git read-tree HEAD`).
This operation ends up resetting the git index file (see investigation
details below), due to which, we need to call `git update-index
--refresh` afterward.

Here's the diff of the index file before and after we execute
SetDefaultIndex: https://www.diffchecker.com/hyOP3eJy/

Notice the **ctime**, **mtime** are set to 0 after SetDefaultIndex.

You can reproduce the same behavior using these steps:
```bash
$ git clone https://try.gitea.io/me-heer/test.git -s -b main
$ cd test
$ git read-tree HEAD
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
error: Entry '1' not uptodate. Cannot merge.
```

After which, we can fix like this:
```bash
$ git update-index --refresh
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
```
2024-01-21 14:18:37 +00:00
KN4CK3R 022552d5b6
Rework markup link rendering (#26745) (#28803)
Backport #26745
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary>

https://try.gitea.io/KN4CK3R


![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>
2024-01-16 02:13:29 +00:00
Giteabot 376fa0d8c4
Forbid removing the last admin user (#28337) (#28793)
Backport #28337 by @yp05327

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-16 01:51:46 +00:00
Lunny Xiao 6e29242ebb
Fix schedule tasks bugs (#28691) (#28780)
Fix #28157
Backport #28691 

This PR fix the possible bugs about actions schedule.

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-14 23:54:22 +01:00
Giteabot 95901a99c0
Fix `convert.ToTeams` on empty input (#28426) (#28767)
Backport #28426 by @KN4CK3R

Fixes #28420

Don't return `nil` if the input was empty.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-01-12 07:12:18 +00:00
Giteabot bce27d0a31
Concatenate error in `checkIfPRContentChanged` (#28731) (#28737)
Backport #28731 by @earl-warren

- If there's a error with the Git command in `checkIfPRContentChanged`
the stderr wasn't concatendated to the error, which results in still not
knowing why an error happend.
- Adds concatenation for stderr to the returned error.
- Ref: https://codeberg.org/forgejo/forgejo/issues/2077

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2024-01-09 14:06:12 +00:00
Giteabot 3e1bd61000
Fix alpine package files are not rebuilt (#28638) (#28665)
Backport #28638 by @lng2020

I noticed the `BuildAllRepositoryFiles` function under the Alpine folder
is unused and I thought it was a bug.
But I'm not sure about this. Was it on purpose?

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
2023-12-31 06:18:26 +00:00
Giteabot 683b95f0da
fix empty ref for cron workflow runs (#28640) (#28647)
Backport #28640 by @denyskon

Fix #27678 
Please see
https://github.com/go-gitea/gitea/issues/27678#issuecomment-1871445853
for details.

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2023-12-29 09:08:16 +00:00
Lunny Xiao ff565a787f
Remove unnecessary syncbranchToDB with tests (#28624) (#28629)
Replace #28625

Backport #28624 by lunny

#28361 introduced `syncBranchToDB` in `CreateNewBranchFromCommit`. This
PR will revert the change because it's unnecessary. Every push will
already be checked by `syncBranchToDB`.
This PR also created a test to ensure it's right.
2023-12-29 08:47:02 +00:00
Giteabot bf983735fd
Use known issue IID to generate new PR index number when migrating from GitLab (#28616) (#28618)
Backport #28616 by wxiaoguang

Fix #13884

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-12-27 09:59:29 +08:00
wxiaoguang a3f403f438
Add option to disable ambiguous unicode characters detection (#28454) (#28499)
Backport #28454 (the only conflict is caused by some comments)

* Close #24483
* Close #28123
* Close #23682
* Close #23149
2023-12-18 12:20:37 +08:00
Giteabot 97a0bf151a
Fix possible nil pointer access (#28428) (#28440)
Backport #28428 by @KN4CK3R

There could be a nil pointer exception if the file is not found because
that specific error is suppressed but not handled.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-12-12 23:35:32 +08:00
Giteabot f144521aea
Deprecate query string auth tokens (#28390) (#28430)
Backport #28390 by @jackHay22

## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example: 
  ```
  HTTP/1.1 200 OK
  ...
  Warning: token and access_token API authentication is deprecated
  ...
  ```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`

## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed

## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)

Co-authored-by: Jack Hay <jack@allspice.io>
Co-authored-by: delvh <dev.lh@web.de>
2023-12-12 13:45:00 +08:00
Giteabot 6f4d5c0b8c
Recover from panic in cron task (#28409) (#28425)
Backport #28409 by @earl-warren

- Currently there's code to recover gracefully from panics that happen
within the execution of cron tasks. However this recover code wasn't
being run, because `RunWithShutdownContext` also contains code to
recover from any panic and then gracefully shutdown Forgejo. Because
`RunWithShutdownContext` registers that code as last, that would get run
first which in this case is not behavior that we want.
- Move the recover code to inside the function, so that is run first
before `RunWithShutdownContext`'s recover code (which is now a noop).

Fixes: https://codeberg.org/forgejo/forgejo/issues/1910

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-12-12 03:28:56 +00:00
Lunny Xiao 87db4a47c8
Also sync DB branches on push if necessary (#28361) (#28403)
Fix #28056
Backport #28361 

This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.

The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.

For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.

For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.
2023-12-11 06:16:56 +00:00
Giteabot 8b590de186
Fix migration panic due to an empty review comment diff (#28334) (#28362)
Backport #28334 by @lng2020

Fix #28328 
```
func (p *PullRequestComment) GetDiffHunk() string {
	if p == nil || p.DiffHunk == nil {
		return ""
	}
	return *p.DiffHunk
}
```
This function in the package `go-github` may return an empty diff. When
it's empty, the following code will panic because it access `ss[1]`

ec1feedbf5/services/migrations/gitea_uploader.go (L861-L867)

ec1feedbf5/modules/git/diff.go (L97-L101)

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
2023-12-05 16:58:15 +08:00
Giteabot b71d4c3ec0
Fix RPM/Debian signature key creation (#28352) (#28353)
Backport #28352 by @KN4CK3R

Fixes #28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-12-05 13:42:41 +08:00
Giteabot 8c8c24f8eb
Fix missing issue search index update when changing status (#28325) (#28330)
Backport #28325 by @brechtvl

Changing an issue status, assignee, labels or milestone without also
adding a comment would not update the index, resulting in wrong search
results.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-12-03 11:43:17 +00:00
Giteabot 24e03a125d
Fix required error for token name (#28267) (#28284)
Backport #28267 by @earl-warren

- Say to the binding middleware which locale should be used for the
required error.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1683

(cherry picked from commit 5a2d7966127b5639332038e9925d858ab54fc360)

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-29 23:00:32 +08:00