mirror of
https://codeberg.org/forgejo/forgejo
synced 2024-12-12 14:31:58 +01:00
5f82ead13c
## Purpose This is a refactor toward building an abstraction over managing git repositories. Afterwards, it does not matter anymore if they are stored on the local disk or somewhere remote. ## What this PR changes We used `git.OpenRepository` everywhere previously. Now, we should split them into two distinct functions: Firstly, there are temporary repositories which do not change: ```go git.OpenRepository(ctx, diskPath) ``` Gitea managed repositories having a record in the database in the `repository` table are moved into the new package `gitrepo`: ```go gitrepo.OpenRepository(ctx, repo_model.Repo) ``` Why is `repo_model.Repository` the second parameter instead of file path? Because then we can easily adapt our repository storage strategy. The repositories can be stored locally, however, they could just as well be stored on a remote server. ## Further changes in other PRs - A Git Command wrapper on package `gitrepo` could be created. i.e. `NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir: repo.RepoPath()}`, the directory should be empty before invoking this method and it can be filled in the function only. #28940 - Remove the `RepoPath()`/`WikiPath()` functions to reduce the possibility of mistakes. --------- Co-authored-by: delvh <dev.lh@web.de>
379 lines
11 KiB
Go
379 lines
11 KiB
Go
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package release
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"code.gitea.io/gitea/models"
|
|
"code.gitea.io/gitea/models/db"
|
|
git_model "code.gitea.io/gitea/models/git"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/container"
|
|
"code.gitea.io/gitea/modules/git"
|
|
"code.gitea.io/gitea/modules/gitrepo"
|
|
"code.gitea.io/gitea/modules/graceful"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/repository"
|
|
"code.gitea.io/gitea/modules/storage"
|
|
"code.gitea.io/gitea/modules/timeutil"
|
|
"code.gitea.io/gitea/modules/util"
|
|
notify_service "code.gitea.io/gitea/services/notify"
|
|
)
|
|
|
|
func createTag(ctx context.Context, gitRepo *git.Repository, rel *repo_model.Release, msg string) (bool, error) {
|
|
err := rel.LoadAttributes(ctx)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
err = rel.Repo.MustNotBeArchived()
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
var created bool
|
|
// Only actual create when publish.
|
|
if !rel.IsDraft {
|
|
if !gitRepo.IsTagExist(rel.TagName) {
|
|
if err := rel.LoadAttributes(ctx); err != nil {
|
|
log.Error("LoadAttributes: %v", err)
|
|
return false, err
|
|
}
|
|
|
|
protectedTags, err := git_model.GetProtectedTags(ctx, rel.Repo.ID)
|
|
if err != nil {
|
|
return false, fmt.Errorf("GetProtectedTags: %w", err)
|
|
}
|
|
|
|
// Trim '--' prefix to prevent command line argument vulnerability.
|
|
rel.TagName = strings.TrimPrefix(rel.TagName, "--")
|
|
isAllowed, err := git_model.IsUserAllowedToControlTag(ctx, protectedTags, rel.TagName, rel.PublisherID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
if !isAllowed {
|
|
return false, models.ErrProtectedTagName{
|
|
TagName: rel.TagName,
|
|
}
|
|
}
|
|
|
|
commit, err := gitRepo.GetCommit(rel.Target)
|
|
if err != nil {
|
|
return false, fmt.Errorf("createTag::GetCommit[%v]: %w", rel.Target, err)
|
|
}
|
|
|
|
if len(msg) > 0 {
|
|
if err = gitRepo.CreateAnnotatedTag(rel.TagName, msg, commit.ID.String()); err != nil {
|
|
if strings.Contains(err.Error(), "is not a valid tag name") {
|
|
return false, models.ErrInvalidTagName{
|
|
TagName: rel.TagName,
|
|
}
|
|
}
|
|
return false, err
|
|
}
|
|
} else if err = gitRepo.CreateTag(rel.TagName, commit.ID.String()); err != nil {
|
|
if strings.Contains(err.Error(), "is not a valid tag name") {
|
|
return false, models.ErrInvalidTagName{
|
|
TagName: rel.TagName,
|
|
}
|
|
}
|
|
return false, err
|
|
}
|
|
created = true
|
|
rel.LowerTagName = strings.ToLower(rel.TagName)
|
|
|
|
objectFormat, _ := gitRepo.GetObjectFormat()
|
|
commits := repository.NewPushCommits()
|
|
commits.HeadCommit = repository.CommitToPushCommit(commit)
|
|
commits.CompareURL = rel.Repo.ComposeCompareURL(objectFormat.EmptyObjectID().String(), commit.ID.String())
|
|
|
|
refFullName := git.RefNameFromTag(rel.TagName)
|
|
notify_service.PushCommits(
|
|
ctx, rel.Publisher, rel.Repo,
|
|
&repository.PushUpdateOptions{
|
|
RefFullName: refFullName,
|
|
OldCommitID: objectFormat.EmptyObjectID().String(),
|
|
NewCommitID: commit.ID.String(),
|
|
}, commits)
|
|
notify_service.CreateRef(ctx, rel.Publisher, rel.Repo, refFullName, commit.ID.String())
|
|
rel.CreatedUnix = timeutil.TimeStampNow()
|
|
}
|
|
commit, err := gitRepo.GetTagCommit(rel.TagName)
|
|
if err != nil {
|
|
return false, fmt.Errorf("GetTagCommit: %w", err)
|
|
}
|
|
|
|
rel.Sha1 = commit.ID.String()
|
|
rel.NumCommits, err = commit.CommitsCount()
|
|
if err != nil {
|
|
return false, fmt.Errorf("CommitsCount: %w", err)
|
|
}
|
|
|
|
if rel.PublisherID <= 0 {
|
|
u, err := user_model.GetUserByEmail(ctx, commit.Author.Email)
|
|
if err == nil {
|
|
rel.PublisherID = u.ID
|
|
}
|
|
}
|
|
} else {
|
|
rel.CreatedUnix = timeutil.TimeStampNow()
|
|
}
|
|
return created, nil
|
|
}
|
|
|
|
// CreateRelease creates a new release of repository.
|
|
func CreateRelease(gitRepo *git.Repository, rel *repo_model.Release, attachmentUUIDs []string, msg string) error {
|
|
has, err := repo_model.IsReleaseExist(gitRepo.Ctx, rel.RepoID, rel.TagName)
|
|
if err != nil {
|
|
return err
|
|
} else if has {
|
|
return repo_model.ErrReleaseAlreadyExist{
|
|
TagName: rel.TagName,
|
|
}
|
|
}
|
|
|
|
if _, err = createTag(gitRepo.Ctx, gitRepo, rel, msg); err != nil {
|
|
return err
|
|
}
|
|
|
|
rel.LowerTagName = strings.ToLower(rel.TagName)
|
|
if err = db.Insert(gitRepo.Ctx, rel); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err = repo_model.AddReleaseAttachments(gitRepo.Ctx, rel.ID, attachmentUUIDs); err != nil {
|
|
return err
|
|
}
|
|
|
|
if !rel.IsDraft {
|
|
notify_service.NewRelease(gitRepo.Ctx, rel)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// CreateNewTag creates a new repository tag
|
|
func CreateNewTag(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, commit, tagName, msg string) error {
|
|
has, err := repo_model.IsReleaseExist(ctx, repo.ID, tagName)
|
|
if err != nil {
|
|
return err
|
|
} else if has {
|
|
return models.ErrTagAlreadyExists{
|
|
TagName: tagName,
|
|
}
|
|
}
|
|
|
|
gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, repo)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer closer.Close()
|
|
|
|
rel := &repo_model.Release{
|
|
RepoID: repo.ID,
|
|
Repo: repo,
|
|
PublisherID: doer.ID,
|
|
Publisher: doer,
|
|
TagName: tagName,
|
|
Target: commit,
|
|
IsDraft: false,
|
|
IsPrerelease: false,
|
|
IsTag: true,
|
|
}
|
|
|
|
if _, err = createTag(ctx, gitRepo, rel, msg); err != nil {
|
|
return err
|
|
}
|
|
|
|
return db.Insert(ctx, rel)
|
|
}
|
|
|
|
// UpdateRelease updates information, attachments of a release and will create tag if it's not a draft and tag not exist.
|
|
// addAttachmentUUIDs accept a slice of new created attachments' uuids which will be reassigned release_id as the created release
|
|
// delAttachmentUUIDs accept a slice of attachments' uuids which will be deleted from the release
|
|
// editAttachments accept a map of attachment uuid to new attachment name which will be updated with attachments.
|
|
func UpdateRelease(ctx context.Context, doer *user_model.User, gitRepo *git.Repository, rel *repo_model.Release,
|
|
addAttachmentUUIDs, delAttachmentUUIDs []string, editAttachments map[string]string,
|
|
) error {
|
|
if rel.ID == 0 {
|
|
return errors.New("UpdateRelease only accepts an exist release")
|
|
}
|
|
isCreated, err := createTag(gitRepo.Ctx, gitRepo, rel, "")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
rel.LowerTagName = strings.ToLower(rel.TagName)
|
|
|
|
ctx, committer, err := db.TxContext(ctx)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer committer.Close()
|
|
|
|
if err = repo_model.UpdateRelease(ctx, rel); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err = repo_model.AddReleaseAttachments(ctx, rel.ID, addAttachmentUUIDs); err != nil {
|
|
return fmt.Errorf("AddReleaseAttachments: %w", err)
|
|
}
|
|
|
|
deletedUUIDs := make(container.Set[string])
|
|
if len(delAttachmentUUIDs) > 0 {
|
|
// Check attachments
|
|
attachments, err := repo_model.GetAttachmentsByUUIDs(ctx, delAttachmentUUIDs)
|
|
if err != nil {
|
|
return fmt.Errorf("GetAttachmentsByUUIDs [uuids: %v]: %w", delAttachmentUUIDs, err)
|
|
}
|
|
for _, attach := range attachments {
|
|
if attach.ReleaseID != rel.ID {
|
|
return util.SilentWrap{
|
|
Message: "delete attachment of release permission denied",
|
|
Err: util.ErrPermissionDenied,
|
|
}
|
|
}
|
|
deletedUUIDs.Add(attach.UUID)
|
|
}
|
|
|
|
if _, err := repo_model.DeleteAttachments(ctx, attachments, true); err != nil {
|
|
return fmt.Errorf("DeleteAttachments [uuids: %v]: %w", delAttachmentUUIDs, err)
|
|
}
|
|
}
|
|
|
|
if len(editAttachments) > 0 {
|
|
updateAttachmentsList := make([]string, 0, len(editAttachments))
|
|
for k := range editAttachments {
|
|
updateAttachmentsList = append(updateAttachmentsList, k)
|
|
}
|
|
// Check attachments
|
|
attachments, err := repo_model.GetAttachmentsByUUIDs(ctx, updateAttachmentsList)
|
|
if err != nil {
|
|
return fmt.Errorf("GetAttachmentsByUUIDs [uuids: %v]: %w", updateAttachmentsList, err)
|
|
}
|
|
for _, attach := range attachments {
|
|
if attach.ReleaseID != rel.ID {
|
|
return util.SilentWrap{
|
|
Message: "update attachment of release permission denied",
|
|
Err: util.ErrPermissionDenied,
|
|
}
|
|
}
|
|
}
|
|
|
|
for uuid, newName := range editAttachments {
|
|
if !deletedUUIDs.Contains(uuid) {
|
|
if err = repo_model.UpdateAttachmentByUUID(ctx, &repo_model.Attachment{
|
|
UUID: uuid,
|
|
Name: newName,
|
|
}, "name"); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if err := committer.Commit(); err != nil {
|
|
return err
|
|
}
|
|
|
|
for _, uuid := range delAttachmentUUIDs {
|
|
if err := storage.Attachments.Delete(repo_model.AttachmentRelativePath(uuid)); err != nil {
|
|
// Even delete files failed, but the attachments has been removed from database, so we
|
|
// should not return error but only record the error on logs.
|
|
// users have to delete this attachments manually or we should have a
|
|
// synchronize between database attachment table and attachment storage
|
|
log.Error("delete attachment[uuid: %s] failed: %v", uuid, err)
|
|
}
|
|
}
|
|
|
|
if !isCreated {
|
|
notify_service.UpdateRelease(gitRepo.Ctx, doer, rel)
|
|
return nil
|
|
}
|
|
|
|
if !rel.IsDraft {
|
|
notify_service.NewRelease(gitRepo.Ctx, rel)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// DeleteReleaseByID deletes a release and corresponding Git tag by given ID.
|
|
func DeleteReleaseByID(ctx context.Context, repo *repo_model.Repository, rel *repo_model.Release, doer *user_model.User, delTag bool) error {
|
|
if delTag {
|
|
protectedTags, err := git_model.GetProtectedTags(ctx, rel.RepoID)
|
|
if err != nil {
|
|
return fmt.Errorf("GetProtectedTags: %w", err)
|
|
}
|
|
isAllowed, err := git_model.IsUserAllowedToControlTag(ctx, protectedTags, rel.TagName, rel.PublisherID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !isAllowed {
|
|
return models.ErrProtectedTagName{
|
|
TagName: rel.TagName,
|
|
}
|
|
}
|
|
|
|
if stdout, _, err := git.NewCommand(ctx, "tag", "-d").AddDashesAndList(rel.TagName).
|
|
SetDescription(fmt.Sprintf("DeleteReleaseByID (git tag -d): %d", rel.ID)).
|
|
RunStdString(&git.RunOpts{Dir: repo.RepoPath()}); err != nil && !strings.Contains(err.Error(), "not found") {
|
|
log.Error("DeleteReleaseByID (git tag -d): %d in %v Failed:\nStdout: %s\nError: %v", rel.ID, repo, stdout, err)
|
|
return fmt.Errorf("git tag -d: %w", err)
|
|
}
|
|
|
|
refName := git.RefNameFromTag(rel.TagName)
|
|
objectFormat, err := git.GetObjectFormatOfRepo(ctx, repo.RepoPath())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
notify_service.PushCommits(
|
|
ctx, doer, repo,
|
|
&repository.PushUpdateOptions{
|
|
RefFullName: refName,
|
|
OldCommitID: rel.Sha1,
|
|
NewCommitID: objectFormat.EmptyObjectID().String(),
|
|
}, repository.NewPushCommits())
|
|
notify_service.DeleteRef(ctx, doer, repo, refName)
|
|
|
|
if _, err := db.DeleteByID[repo_model.Release](ctx, rel.ID); err != nil {
|
|
return fmt.Errorf("DeleteReleaseByID: %w", err)
|
|
}
|
|
} else {
|
|
rel.IsTag = true
|
|
|
|
if err := repo_model.UpdateRelease(ctx, rel); err != nil {
|
|
return fmt.Errorf("Update: %w", err)
|
|
}
|
|
}
|
|
|
|
rel.Repo = repo
|
|
if err := rel.LoadAttributes(ctx); err != nil {
|
|
return fmt.Errorf("LoadAttributes: %w", err)
|
|
}
|
|
|
|
if err := repo_model.DeleteAttachmentsByRelease(ctx, rel.ID); err != nil {
|
|
return fmt.Errorf("DeleteAttachments: %w", err)
|
|
}
|
|
|
|
for i := range rel.Attachments {
|
|
attachment := rel.Attachments[i]
|
|
if err := storage.Attachments.Delete(attachment.RelativePath()); err != nil {
|
|
log.Error("Delete attachment %s of release %s failed: %v", attachment.UUID, rel.ID, err)
|
|
}
|
|
}
|
|
|
|
notify_service.DeleteRelease(ctx, doer, rel)
|
|
|
|
return nil
|
|
}
|
|
|
|
// Init start release service
|
|
func Init() error {
|
|
return initTagSyncQueue(graceful.GetManager().ShutdownContext())
|
|
}
|