diff --git a/.drone.yml b/.drone.yml index 10444d689f54c..bba8747482f8c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -13,12 +13,25 @@ trigger: - tag - pull_request +volumes: + - name: deps + temp: {} + steps: - name: deps-frontend - pull: always image: node:16 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.17 + pull: always commands: - - make node_modules + - make deps-backend + volumes: + - name: deps + path: /go - name: lint-frontend image: node:16 @@ -27,17 +40,17 @@ steps: depends_on: [deps-frontend] - name: lint-backend - pull: always image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + pull: always commands: - make lint-backend environment: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not GOSUMDB: sum.golang.org TAGS: bindata sqlite sqlite_unlock_notify + depends_on: [deps-backend] - name: lint-backend-windows - pull: always image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env commands: - make golangci-lint vet @@ -47,9 +60,9 @@ steps: TAGS: bindata sqlite sqlite_unlock_notify GOOS: windows GOARCH: amd64 + depends_on: [deps-backend] - name: lint-backend-gogit - pull: always image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env commands: - make lint-backend @@ -57,6 +70,7 @@ steps: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not GOSUMDB: sum.golang.org TAGS: bindata gogit sqlite sqlite_unlock_notify + depends_on: [deps-backend] - name: checks-frontend image: node:16 @@ -65,11 +79,13 @@ steps: depends_on: [deps-frontend] - name: checks-backend - pull: always image: golang:1.17 commands: - make checks-backend - depends_on: [lint-backend] + depends_on: [deps-backend] + volumes: + - name: deps + path: /go - name: test-frontend image: node:16 @@ -84,14 +100,17 @@ steps: depends_on: [test-frontend] - name: build-backend-no-gcc - pull: always image: golang:1.16 # this step is kept as the lowest version of golang that we support + pull: always environment: GO111MODULE: on GOPROXY: https://goproxy.cn commands: - go build -o gitea_no_gcc # test if build succeeds without the sqlite tag - depends_on: [checks-backend] + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go - name: build-backend-arm64 image: golang:1.17 @@ -104,7 +123,10 @@ steps: commands: - make backend # test cross compile - rm ./gitea # clean - depends_on: [checks-backend] + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go - name: build-backend-windows image: golang:1.17 @@ -116,7 +138,10 @@ steps: TAGS: bindata gogit commands: - go build -o gitea_windows - depends_on: [checks-backend] + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go - name: build-backend-386 image: golang:1.17 @@ -127,7 +152,10 @@ steps: GOARCH: 386 commands: - go build -o gitea_linux_386 # test if compatible with 32 bit - depends_on: [checks-backend] + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go --- kind: pipeline @@ -147,21 +175,28 @@ trigger: - tag - pull_request +volumes: + - name: deps + temp: {} + services: - name: mysql image: mysql:5.7 + pull: always environment: MYSQL_ALLOW_EMPTY_PASSWORD: yes MYSQL_DATABASE: test - name: mysql8 image: mysql:8 + pull: always environment: MYSQL_ALLOW_EMPTY_PASSWORD: yes MYSQL_DATABASE: testgitea - name: mssql image: mcr.microsoft.com/mssql/server:latest + pull: always environment: ACCEPT_EULA: Y MSSQL_PID: Standard @@ -169,14 +204,17 @@ services: - name: ldap image: gitea/test-openldap:latest + pull: always - name: elasticsearch + image: elasticsearch:7.5.0 + pull: always environment: discovery.type: single-node - image: elasticsearch:7.5.0 - name: minio image: minio/minio:RELEASE.2021-03-12T00-00-47Z + pull: always commands: - minio server /data environment: @@ -186,6 +224,7 @@ services: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force when: @@ -193,19 +232,28 @@ steps: exclude: - pull_request - - name: tag-pre-condition + - name: deps-backend + image: golang:1.17 pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: tag-pre-condition image: drone/git + pull: always commands: - git update-ref refs/heads/tag_test ${DRONE_COMMIT_SHA} - name: prepare-test-env image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + pull: always commands: - ./build/test-env-prepare.sh - name: build - pull: always image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env user: gitea commands: @@ -215,8 +263,10 @@ steps: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not GOSUMDB: sum.golang.org TAGS: bindata sqlite sqlite_unlock_notify - depends_on: - - prepare-test-env + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go - name: unit-test image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env @@ -229,9 +279,12 @@ steps: RACE_ENABLED: true GITHUB_READ_TOKEN: from_secret: github_read_token + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go - name: unit-test-gogit - pull: always image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env user: gitea commands: @@ -242,6 +295,10 @@ steps: RACE_ENABLED: true GITHUB_READ_TOKEN: from_secret: github_read_token + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go - name: test-mysql image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env @@ -255,8 +312,10 @@ steps: TEST_LDAP: 1 USE_REPO_TEST_DIR: 1 TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200" - depends_on: - - build + depends_on: [build] + volumes: + - name: deps + path: /go - name: test-mysql8 image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env @@ -269,8 +328,10 @@ steps: RACE_ENABLED: true TEST_LDAP: 1 USE_REPO_TEST_DIR: 1 - depends_on: - - build + depends_on: [build] + volumes: + - name: deps + path: /go - name: test-mssql image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env @@ -283,8 +344,10 @@ steps: RACE_ENABLED: true TEST_LDAP: 1 USE_REPO_TEST_DIR: 1 - depends_on: - - build + depends_on: [build] + volumes: + - name: deps + path: /go - name: generate-coverage image: golang:1.17 @@ -293,9 +356,7 @@ steps: environment: GOPROXY: https://goproxy.cn TAGS: bindata - depends_on: - - unit-test - - test-mysql + depends_on: [unit-test, test-mysql] when: branch: - main @@ -304,15 +365,14 @@ steps: - pull_request - name: coverage-codecov - pull: always image: woodpeckerci/plugin-codecov:next-alpine + pull: always settings: files: - coverage.all token: from_secret: codecov_token - depends_on: - - generate-coverage + depends_on: [generate-coverage] when: branch: - main @@ -337,6 +397,10 @@ trigger: - tag - pull_request +volumes: + - name: deps + temp: {} + services: - name: pgsql pull: default @@ -352,6 +416,7 @@ services: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force when: @@ -359,13 +424,22 @@ steps: exclude: - pull_request + - name: deps-backend + image: golang:1.17 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + - name: prepare-test-env image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env + pull: always commands: - ./build/test-env-prepare.sh - name: build - pull: always image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env user: gitea commands: @@ -375,8 +449,10 @@ steps: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not GOSUMDB: sum.golang.org TAGS: bindata gogit sqlite sqlite_unlock_notify - depends_on: - - prepare-test-env + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go - name: test-sqlite image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env @@ -389,8 +465,10 @@ steps: RACE_ENABLED: true TEST_TAGS: gogit sqlite sqlite_unlock_notify USE_REPO_TEST_DIR: 1 - depends_on: - - build + depends_on: [build] + volumes: + - name: deps + path: /go - name: test-pgsql image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env @@ -404,8 +482,10 @@ steps: TEST_TAGS: gogit TEST_LDAP: 1 USE_REPO_TEST_DIR: 1 - depends_on: - - build + depends_on: [build] + volumes: + - name: deps + path: /go --- kind: pipeline @@ -425,8 +505,8 @@ trigger: steps: - name: download - pull: always image: jonasfranz/crowdin + pull: always settings: download: true export_dir: options/locale/ @@ -437,14 +517,14 @@ steps: from_secret: crowdin_key - name: update - pull: default image: alpine:3.13 + pull: always commands: - ./build/update-locales.sh - name: push - pull: always image: appleboy/drone-git-push + pull: always settings: author_email: "teabot@gitea.io" author_name: GiteaBot @@ -457,8 +537,8 @@ steps: from_secret: git_push_ssh_key - name: upload_translations - pull: always image: jonasfranz/crowdin + pull: always settings: files: locale_en-US.ini: options/locale/locale_en-US.ini @@ -488,12 +568,13 @@ trigger: steps: - name: download image: golang:1.17 + pull: always commands: - timeout -s ABRT 40m make generate-license generate-gitignore - name: push - pull: always image: appleboy/drone-git-push + pull: always settings: author_email: "teabot@gitea.io" author_name: GiteaBot @@ -529,15 +610,35 @@ depends_on: - testing-amd64 - testing-arm64 +volumes: + - name: deps + temp: {} + steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - - name: static + - name: deps-frontend + image: node:16 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.17 pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: static image: techknowlogick/xgo:go-1.17.x + pull: always commands: - curl -sL https://deb.nodesource.com/setup_16.x | bash - && apt-get install -y nodejs - export PATH=$PATH:$GOPATH/bin @@ -545,10 +646,13 @@ steps: environment: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not TAGS: bindata sqlite sqlite_unlock_notify + volumes: + - name: deps + path: /go - name: gpg-sign - pull: always image: plugins/gpgsign:1 + pull: always settings: detach_sign: true excludes: @@ -562,8 +666,8 @@ steps: from_secret: gpgsign_passphrase - name: release-branch - pull: always image: woodpeckerci/plugin-s3:latest + pull: always settings: acl: public-read bucket: gitea-artifacts @@ -624,16 +728,35 @@ depends_on: - testing-arm64 - testing-amd64 +volumes: + - name: deps + temp: {} + steps: - name: fetch-tags - pull: default image: docker:git + pull: always commands: - git fetch --tags --force - - name: static + - name: deps-frontend + image: node:16 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.17 pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: static image: techknowlogick/xgo:go-1.17.x + pull: always commands: - curl -sL https://deb.nodesource.com/setup_16.x | bash - && apt-get install -y nodejs - export PATH=$PATH:$GOPATH/bin @@ -642,10 +765,13 @@ steps: GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not TAGS: bindata sqlite sqlite_unlock_notify depends_on: [fetch-tags] + volumes: + - name: deps + path: /go - name: gpg-sign - pull: always image: plugins/gpgsign:1 + pull: always settings: detach_sign: true excludes: @@ -660,8 +786,8 @@ steps: depends_on: [static] - name: release-tag - pull: always image: woodpeckerci/plugin-s3:latest + pull: always settings: acl: public-read bucket: gitea-artifacts @@ -678,8 +804,8 @@ steps: depends_on: [gpg-sign] - name: github - pull: always image: plugins/github-release:1 + pull: always settings: files: - "dist/release/*" @@ -708,16 +834,16 @@ trigger: steps: - name: build-docs - pull: always image: plugins/hugo:latest + pull: always commands: - apk add --no-cache make bash curl - cd docs - make trans-copy clean build - name: publish-docs - pull: always image: techknowlogick/drone-netlify:latest + pull: always settings: path: docs/public/ site_id: d2260bae-7861-4c02-8646-8f6440b12672 @@ -753,12 +879,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: true auto_tag_suffix: linux-amd64 @@ -815,12 +942,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: false tags: dev-linux-amd64 @@ -876,12 +1004,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: false tags: ${DRONE_BRANCH##release/v}-dev-linux-amd64 @@ -933,8 +1062,8 @@ trigger: steps: - name: dryrun - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: dry_run: true repo: gitea/gitea @@ -971,12 +1100,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: true auto_tag_suffix: linux-arm64 @@ -1033,12 +1163,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: false tags: dev-linux-arm64 @@ -1094,12 +1225,13 @@ trigger: steps: - name: fetch-tags image: docker:git + pull: always commands: - git fetch --tags --force - name: publish - pull: always image: techknowlogick/drone-docker:latest + pull: always settings: auto_tag: false tags: ${DRONE_BRANCH##release/v}-dev-linux-arm64 @@ -1144,8 +1276,8 @@ platform: steps: - name: manifest-rootless - pull: always image: plugins/manifest + pull: always settings: auto_tag: true ignore_missing: true @@ -1190,6 +1322,7 @@ steps: - name: manifest-rootless pull: always image: plugins/manifest + pull: always settings: auto_tag: false ignore_missing: true @@ -1264,8 +1397,8 @@ depends_on: steps: - name: discord - pull: always image: appleboy/drone-discord:1.2.4 + pull: always settings: message: "{{#success build.status}} ✅ Build #{{build.number}} of `{{repo.name}}` succeeded.\n\n📝 Commit by {{commit.author}} on `{{commit.branch}}`:\n``` {{commit.message}} ```\n\n🌐 {{ build.link }} {{else}} ❌ Build #{{build.number}} of `{{repo.name}}` failed.\n\n📝 Commit by {{commit.author}} on `{{commit.branch}}`:\n``` {{commit.message}} ```\n\n🌐 {{ build.link }} {{/success}}\n" webhook_id: diff --git a/.golangci.yml b/.golangci.yml index 9bba34a10cd73..91faa75d73899 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -24,6 +24,10 @@ linters: run: timeout: 3m + skip-dirs: + - node_modules + - public + - web_src linters-settings: gocritic: diff --git a/Makefile b/Makefile index e3c948e33eb3d..da3901cc42a12 100644 --- a/Makefile +++ b/Makefile @@ -166,6 +166,9 @@ help: @echo " - watch-backend watch backend files and continuously rebuild" @echo " - clean delete backend and integration files" @echo " - clean-all delete backend, frontend and integration files" + @echo " - deps install dependencies" + @echo " - deps-frontend install frontend dependencies" + @echo " - deps-backend install backend dependencies" @echo " - lint lint everything" @echo " - lint-frontend lint frontend files" @echo " - lint-backend lint backend files" @@ -662,6 +665,16 @@ docs: fi cd docs; make trans-copy clean build-offline; +.PHONY: deps +deps: deps-frontend deps-backend + +.PHONY: deps-frontend +deps-frontend: node_modules + +.PHONY: deps-backend +deps-backend: + $(GO) mod download + node_modules: package-lock.json npm install --no-save @touch node_modules diff --git a/cmd/admin_auth_ldap.go b/cmd/admin_auth_ldap.go index 06f9244d50099..ec86b2c671d47 100644 --- a/cmd/admin_auth_ldap.go +++ b/cmd/admin_auth_ldap.go @@ -260,7 +260,6 @@ func parseLdapConfig(c *cli.Context, config *ldap.Source) error { if c.IsSet("skip-local-2fa") { config.SkipLocalTwoFA = c.Bool("skip-local-2fa") } - return nil } diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go index 6eb017017f8da..ef0fafc93de4e 100644 --- a/integrations/auth_ldap_test.go +++ b/integrations/auth_ldap_test.go @@ -11,6 +11,9 @@ import ( "strings" "testing" + "code.gitea.io/gitea/models" + "code.gitea.io/gitea/models/unittest" + user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/services/auth" "github.com/stretchr/testify/assert" @@ -97,7 +100,13 @@ func getLDAPServerHost() string { return host } -func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string) { +func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string, groupMapParams ...string) { + groupTeamMapRemoval := "off" + groupTeamMap := "" + if len(groupMapParams) == 2 { + groupTeamMapRemoval = groupMapParams[0] + groupTeamMap = groupMapParams[1] + } session := loginUser(t, "user1") csrf := GetCSRF(t, session, "/admin/auths/new") req := NewRequestWithValues(t, "POST", "/admin/auths/new", map[string]string{ @@ -119,6 +128,12 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string) { "attribute_ssh_public_key": sshKeyAttribute, "is_sync_enabled": "on", "is_active": "on", + "groups_enabled": "on", + "group_dn": "ou=people,dc=planetexpress,dc=com", + "group_member_uid": "member", + "group_team_map": groupTeamMap, + "group_team_map_removal": groupTeamMapRemoval, + "user_uid": "DN", }) session.MakeRequest(t, req, http.StatusFound) } @@ -294,3 +309,105 @@ func TestLDAPUserSSHKeySync(t *testing.T) { assert.ElementsMatch(t, u.SSHKeys, syncedKeys, "Unequal number of keys synchronized for user: %s", u.UserName) } } + +func TestLDAPGroupTeamSyncAddMember(t *testing.T) { + if skipLDAPTests() { + t.Skip() + return + } + defer prepareTestEnv(t)() + addAuthSourceLDAP(t, "", "on", `{"cn=ship_crew,ou=people,dc=planetexpress,dc=com":{"org26": ["team11"]},"cn=admin_staff,ou=people,dc=planetexpress,dc=com": {"non-existent": ["non-existent"]}}`) + org, err := models.GetOrgByName("org26") + assert.NoError(t, err) + team, err := models.GetTeam(org.ID, "team11") + assert.NoError(t, err) + auth.SyncExternalUsers(context.Background(), true) + for _, gitLDAPUser := range gitLDAPUsers { + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ + Name: gitLDAPUser.UserName, + }).(*user_model.User) + usersOrgs, err := models.FindOrgs(models.FindOrgOptions{ + UserID: user.ID, + IncludePrivate: true, + }) + assert.NoError(t, err) + allOrgTeams, err := models.GetUserOrgTeams(org.ID, user.ID) + assert.NoError(t, err) + if user.Name == "fry" || user.Name == "leela" || user.Name == "bender" { + // assert members of LDAP group "cn=ship_crew" are added to mapped teams + assert.Equal(t, len(usersOrgs), 1, "User [%s] should be member of one organization", user.Name) + assert.Equal(t, usersOrgs[0].Name, "org26", "Membership should be added to the right organization") + isMember, err := models.IsTeamMember(usersOrgs[0].ID, team.ID, user.ID) + assert.NoError(t, err) + assert.True(t, isMember, "Membership should be added to the right team") + err = team.RemoveMember(user.ID) + assert.NoError(t, err) + err = usersOrgs[0].RemoveMember(user.ID) + assert.NoError(t, err) + } else { + // assert members of LDAP group "cn=admin_staff" keep initial team membership since mapped team does not exist + assert.Empty(t, usersOrgs, "User should be member of no organization") + isMember, err := models.IsTeamMember(org.ID, team.ID, user.ID) + assert.NoError(t, err) + assert.False(t, isMember, "User should no be added to this team") + assert.Empty(t, allOrgTeams, "User should not be added to any team") + } + } +} + +func TestLDAPGroupTeamSyncRemoveMember(t *testing.T) { + if skipLDAPTests() { + t.Skip() + return + } + defer prepareTestEnv(t)() + addAuthSourceLDAP(t, "", "on", `{"cn=dispatch,ou=people,dc=planetexpress,dc=com": {"org26": ["team11"]}}`) + org, err := models.GetOrgByName("org26") + assert.NoError(t, err) + team, err := models.GetTeam(org.ID, "team11") + assert.NoError(t, err) + loginUserWithPassword(t, gitLDAPUsers[0].UserName, gitLDAPUsers[0].Password) + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ + Name: gitLDAPUsers[0].UserName, + }).(*user_model.User) + err = org.AddMember(user.ID) + assert.NoError(t, err) + err = team.AddMember(user.ID) + assert.NoError(t, err) + isMember, err := models.IsOrganizationMember(org.ID, user.ID) + assert.NoError(t, err) + assert.True(t, isMember, "User should be member of this organization") + isMember, err = models.IsTeamMember(org.ID, team.ID, user.ID) + assert.NoError(t, err) + assert.True(t, isMember, "User should be member of this team") + // assert team member "professor" gets removed from org26 team11 + loginUserWithPassword(t, gitLDAPUsers[0].UserName, gitLDAPUsers[0].Password) + isMember, err = models.IsOrganizationMember(org.ID, user.ID) + assert.NoError(t, err) + assert.False(t, isMember, "User membership should have been removed from organization") + isMember, err = models.IsTeamMember(org.ID, team.ID, user.ID) + assert.NoError(t, err) + assert.False(t, isMember, "User membership should have been removed from team") +} + +// Login should work even if Team Group Map contains a broken JSON +func TestBrokenLDAPMapUserSignin(t *testing.T) { + if skipLDAPTests() { + t.Skip() + return + } + defer prepareTestEnv(t)() + addAuthSourceLDAP(t, "", "on", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`) + + u := gitLDAPUsers[0] + + session := loginUserWithPassword(t, u.UserName, u.Password) + req := NewRequest(t, "GET", "/user/settings") + resp := session.MakeRequest(t, req, http.StatusOK) + + htmlDoc := NewHTMLParser(t, resp.Body) + + assert.Equal(t, u.UserName, htmlDoc.GetInputValueByName("name")) + assert.Equal(t, u.FullName, htmlDoc.GetInputValueByName("full_name")) + assert.Equal(t, u.Email, htmlDoc.Find(`label[for="email"]`).Siblings().First().Text()) +} diff --git a/integrations/pull_merge_test.go b/integrations/pull_merge_test.go index 57a9868678e97..8aded910d4b25 100644 --- a/integrations/pull_merge_test.go +++ b/integrations/pull_merge_test.go @@ -274,7 +274,13 @@ func TestCantMergeUnrelated(t *testing.T) { stdin := bytes.NewBufferString("Unrelated File") var stdout strings.Builder - err = git.NewCommand(git.DefaultContext, "hash-object", "-w", "--stdin").RunInDirFullPipeline(path, &stdout, nil, stdin) + err = git.NewCommand(git.DefaultContext, "hash-object", "-w", "--stdin").RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: path, + Stdin: stdin, + Stdout: &stdout, + }) + assert.NoError(t, err) sha := strings.TrimSpace(stdout.String()) @@ -301,7 +307,14 @@ func TestCantMergeUnrelated(t *testing.T) { _, _ = messageBytes.WriteString("\n") stdout.Reset() - err = git.NewCommand(git.DefaultContext, "commit-tree", treeSha).RunInDirTimeoutEnvFullPipeline(env, -1, path, &stdout, nil, messageBytes) + err = git.NewCommand(git.DefaultContext, "commit-tree", treeSha). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: path, + Stdin: messageBytes, + Stdout: &stdout, + }) assert.NoError(t, err) commitSha := strings.TrimSpace(stdout.String()) diff --git a/modules/context/context.go b/modules/context/context.go index 7ae37208e47bd..6aeeb9e694676 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -197,7 +197,10 @@ func (ctx *Context) RedirectToFirst(location ...string) { func (ctx *Context) HTML(status int, name base.TplName) { log.Debug("Template: %s", name) tmplStartTime := time.Now() - ctx.Data["TmplLoadTimes"] = func() string { + if !setting.IsProd { + ctx.Data["TemplateName"] = name + } + ctx.Data["TemplateLoadTimes"] = func() string { return strconv.FormatInt(time.Since(tmplStartTime).Nanoseconds()/1e6, 10) + "ms" } if err := ctx.Render.HTML(ctx.Resp, status, string(name), ctx.Data); err != nil { diff --git a/modules/git/batch_reader.go b/modules/git/batch_reader.go index 4cd6cb1217713..66ca118de5a49 100644 --- a/modules/git/batch_reader.go +++ b/modules/git/batch_reader.go @@ -34,7 +34,11 @@ func EnsureValidGitRepository(ctx context.Context, repoPath string) error { stderr := strings.Builder{} err := NewCommand(ctx, "rev-parse"). SetDescription(fmt.Sprintf("%s rev-parse [repo_path: %s]", GitExecutable, repoPath)). - RunInDirFullPipeline(repoPath, nil, &stderr, nil) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repoPath, + Stderr: &stderr, + }) if err != nil { return ConcatenateError(err, (&stderr).String()) } @@ -61,7 +65,13 @@ func CatFileBatchCheck(ctx context.Context, repoPath string) (WriteCloserError, stderr := strings.Builder{} err := NewCommand(ctx, "cat-file", "--batch-check"). SetDescription(fmt.Sprintf("%s cat-file --batch-check [repo_path: %s] (%s:%d)", GitExecutable, repoPath, filename, line)). - RunInDirFullPipeline(repoPath, batchStdoutWriter, &stderr, batchStdinReader) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repoPath, + Stdin: batchStdinReader, + Stdout: batchStdoutWriter, + Stderr: &stderr, + }) if err != nil { _ = batchStdoutWriter.CloseWithError(ConcatenateError(err, (&stderr).String())) _ = batchStdinReader.CloseWithError(ConcatenateError(err, (&stderr).String())) @@ -100,7 +110,13 @@ func CatFileBatch(ctx context.Context, repoPath string) (WriteCloserError, *bufi stderr := strings.Builder{} err := NewCommand(ctx, "cat-file", "--batch"). SetDescription(fmt.Sprintf("%s cat-file --batch [repo_path: %s] (%s:%d)", GitExecutable, repoPath, filename, line)). - RunInDirFullPipeline(repoPath, batchStdoutWriter, &stderr, batchStdinReader) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repoPath, + Stdin: batchStdinReader, + Stdout: batchStdoutWriter, + Stderr: &stderr, + }) if err != nil { _ = batchStdoutWriter.CloseWithError(ConcatenateError(err, (&stderr).String())) _ = batchStdinReader.CloseWithError(ConcatenateError(err, (&stderr).String())) diff --git a/modules/git/commit.go b/modules/git/commit.go index 77ba3c0eb22bf..340a7e21dd643 100644 --- a/modules/git/commit.go +++ b/modules/git/commit.go @@ -486,7 +486,12 @@ func GetCommitFileStatus(ctx context.Context, repoPath, commitID string) (*Commi stderr := new(bytes.Buffer) args := []string{"log", "--name-status", "-c", "--pretty=format:", "--parents", "--no-renames", "-z", "-1", commitID} - err := NewCommand(ctx, args...).RunInDirPipeline(repoPath, w, stderr) + err := NewCommand(ctx, args...).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repoPath, + Stdout: w, + Stderr: stderr, + }) w.Close() // Close writer to exit parsing goroutine if err != nil { return nil, ConcatenateError(err, stderr.String()) diff --git a/modules/git/diff.go b/modules/git/diff.go index 2d85db475396f..621878f620401 100644 --- a/modules/git/diff.go +++ b/modules/git/diff.go @@ -301,9 +301,12 @@ func GetAffectedFiles(repo *Repository, oldCommitID, newCommitID string, env []s // Run `git diff --name-only` to get the names of the changed files err = NewCommand(repo.Ctx, "diff", "--name-only", oldCommitID, newCommitID). - RunInDirTimeoutEnvFullPipelineFunc(env, -1, repo.Path, - stdoutWriter, nil, nil, - func(ctx context.Context, cancel context.CancelFunc) error { + RunWithContext(&RunContext{ + Env: env, + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { // Close the writer end of the pipe to begin processing _ = stdoutWriter.Close() defer func() { @@ -320,7 +323,8 @@ func GetAffectedFiles(repo *Repository, oldCommitID, newCommitID string, env []s affectedFiles = append(affectedFiles, path) } return scanner.Err() - }) + }, + }) if err != nil { log.Error("Unable to get affected files for commits from %s to %s in %s: %v", oldCommitID, newCommitID, repo.Path, err) } diff --git a/modules/git/log_name_status.go b/modules/git/log_name_status.go index 7720d53db19cc..0571a4dd20c65 100644 --- a/modules/git/log_name_status.go +++ b/modules/git/log_name_status.go @@ -55,7 +55,12 @@ func LogNameStatusRepo(ctx context.Context, repository, head, treepath string, p go func() { stderr := strings.Builder{} - err := NewCommand(ctx, args...).RunInDirFullPipeline(repository, stdoutWriter, &stderr, nil) + err := NewCommand(ctx, args...).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repository, + Stdout: stdoutWriter, + Stderr: &stderr, + }) if err != nil { _ = stdoutWriter.CloseWithError(ConcatenateError(err, (&stderr).String())) } else { diff --git a/modules/git/pipeline/catfile.go b/modules/git/pipeline/catfile.go index 15c3396ff5fa3..6948131e460d4 100644 --- a/modules/git/pipeline/catfile.go +++ b/modules/git/pipeline/catfile.go @@ -27,7 +27,13 @@ func CatFileBatchCheck(ctx context.Context, shasToCheckReader *io.PipeReader, ca stderr := new(bytes.Buffer) var errbuf strings.Builder cmd := git.NewCommand(ctx, "cat-file", "--batch-check") - if err := cmd.RunInDirFullPipeline(tmpBasePath, catFileCheckWriter, stderr, shasToCheckReader); err != nil { + if err := cmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdin: shasToCheckReader, + Stdout: catFileCheckWriter, + Stderr: stderr, + }); err != nil { _ = catFileCheckWriter.CloseWithError(fmt.Errorf("git cat-file --batch-check [%s]: %v - %s", tmpBasePath, err, errbuf.String())) } } @@ -40,7 +46,12 @@ func CatFileBatchCheckAllObjects(ctx context.Context, catFileCheckWriter *io.Pip stderr := new(bytes.Buffer) var errbuf strings.Builder cmd := git.NewCommand(ctx, "cat-file", "--batch-check", "--batch-all-objects") - if err := cmd.RunInDirPipeline(tmpBasePath, catFileCheckWriter, stderr); err != nil { + if err := cmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: catFileCheckWriter, + Stderr: stderr, + }); err != nil { log.Error("git cat-file --batch-check --batch-all-object [%s]: %v - %s", tmpBasePath, err, errbuf.String()) err = fmt.Errorf("git cat-file --batch-check --batch-all-object [%s]: %v - %s", tmpBasePath, err, errbuf.String()) _ = catFileCheckWriter.CloseWithError(err) @@ -56,7 +67,13 @@ func CatFileBatch(ctx context.Context, shasToBatchReader *io.PipeReader, catFile stderr := new(bytes.Buffer) var errbuf strings.Builder - if err := git.NewCommand(ctx, "cat-file", "--batch").RunInDirFullPipeline(tmpBasePath, catFileBatchWriter, stderr, shasToBatchReader); err != nil { + if err := git.NewCommand(ctx, "cat-file", "--batch").RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: catFileBatchWriter, + Stdin: shasToBatchReader, + Stderr: stderr, + }); err != nil { _ = shasToBatchReader.CloseWithError(fmt.Errorf("git rev-list [%s]: %v - %s", tmpBasePath, err, errbuf.String())) } } diff --git a/modules/git/pipeline/lfs_nogogit.go b/modules/git/pipeline/lfs_nogogit.go index 90ffef16bbe5f..1d43080a5a01e 100644 --- a/modules/git/pipeline/lfs_nogogit.go +++ b/modules/git/pipeline/lfs_nogogit.go @@ -53,7 +53,12 @@ func FindLFSFile(repo *git.Repository, hash git.SHA1) ([]*LFSResult, error) { go func() { stderr := strings.Builder{} - err := git.NewCommand(repo.Ctx, "rev-list", "--all").RunInDirPipeline(repo.Path, revListWriter, &stderr) + err := git.NewCommand(repo.Ctx, "rev-list", "--all").RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: revListWriter, + Stderr: &stderr, + }) if err != nil { _ = revListWriter.CloseWithError(git.ConcatenateError(err, (&stderr).String())) } else { diff --git a/modules/git/pipeline/namerev.go b/modules/git/pipeline/namerev.go index 84006e9005d85..357322070ecea 100644 --- a/modules/git/pipeline/namerev.go +++ b/modules/git/pipeline/namerev.go @@ -23,7 +23,13 @@ func NameRevStdin(ctx context.Context, shasToNameReader *io.PipeReader, nameRevS stderr := new(bytes.Buffer) var errbuf strings.Builder - if err := git.NewCommand(ctx, "name-rev", "--stdin", "--name-only", "--always").RunInDirFullPipeline(tmpBasePath, nameRevStdinWriter, stderr, shasToNameReader); err != nil { + if err := git.NewCommand(ctx, "name-rev", "--stdin", "--name-only", "--always").RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: nameRevStdinWriter, + Stdin: shasToNameReader, + Stderr: stderr, + }); err != nil { _ = shasToNameReader.CloseWithError(fmt.Errorf("git name-rev [%s]: %v - %s", tmpBasePath, err, errbuf.String())) } } diff --git a/modules/git/pipeline/revlist.go b/modules/git/pipeline/revlist.go index 75dc676f367be..a1f8f079f9593 100644 --- a/modules/git/pipeline/revlist.go +++ b/modules/git/pipeline/revlist.go @@ -25,7 +25,12 @@ func RevListAllObjects(ctx context.Context, revListWriter *io.PipeWriter, wg *sy stderr := new(bytes.Buffer) var errbuf strings.Builder cmd := git.NewCommand(ctx, "rev-list", "--objects", "--all") - if err := cmd.RunInDirPipeline(basePath, revListWriter, stderr); err != nil { + if err := cmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: basePath, + Stdout: revListWriter, + Stderr: stderr, + }); err != nil { log.Error("git rev-list --objects --all [%s]: %v - %s", basePath, err, errbuf.String()) err = fmt.Errorf("git rev-list --objects --all [%s]: %v - %s", basePath, err, errbuf.String()) _ = revListWriter.CloseWithError(err) @@ -40,7 +45,12 @@ func RevListObjects(ctx context.Context, revListWriter *io.PipeWriter, wg *sync. stderr := new(bytes.Buffer) var errbuf strings.Builder cmd := git.NewCommand(ctx, "rev-list", "--objects", headSHA, "--not", baseSHA) - if err := cmd.RunInDirPipeline(tmpBasePath, revListWriter, stderr); err != nil { + if err := cmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: revListWriter, + Stderr: stderr, + }); err != nil { log.Error("git rev-list [%s]: %v - %s", tmpBasePath, err, errbuf.String()) errChan <- fmt.Errorf("git rev-list [%s]: %v - %s", tmpBasePath, err, errbuf.String()) } diff --git a/modules/git/repo.go b/modules/git/repo.go index ff704138a7b10..79a540209c5d1 100644 --- a/modules/git/repo.go +++ b/modules/git/repo.go @@ -204,7 +204,13 @@ func Push(ctx context.Context, repoPath string, opts PushOptions) error { opts.Timeout = -1 } - err := cmd.RunInDirTimeoutEnvPipeline(opts.Env, opts.Timeout, repoPath, &outbuf, &errbuf) + err := cmd.RunWithContext(&RunContext{ + Env: opts.Env, + Timeout: opts.Timeout, + Dir: repoPath, + Stdout: &outbuf, + Stderr: &errbuf, + }) if err != nil { if strings.Contains(errbuf.String(), "non-fast-forward") { return &ErrPushOutOfDate{ diff --git a/modules/git/repo_archive.go b/modules/git/repo_archive.go index cf09bba0db344..b7c339c271fd7 100644 --- a/modules/git/repo_archive.go +++ b/modules/git/repo_archive.go @@ -57,7 +57,12 @@ func (repo *Repository) CreateArchive(ctx context.Context, format ArchiveType, t ) var stderr strings.Builder - err := NewCommand(ctx, args...).RunInDirPipeline(repo.Path, target, &stderr) + err := NewCommand(ctx, args...).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: target, + Stderr: &stderr, + }) if err != nil { return ConcatenateError(err, stderr.String()) } diff --git a/modules/git/repo_attribute.go b/modules/git/repo_attribute.go index c63dfacdfc2bd..d31203aabd049 100644 --- a/modules/git/repo_attribute.go +++ b/modules/git/repo_attribute.go @@ -76,7 +76,13 @@ func (repo *Repository) CheckAttribute(opts CheckAttributeOpts) (map[string]map[ cmd := NewCommand(repo.Ctx, cmdArgs...) - if err := cmd.RunInDirTimeoutEnvPipeline(env, -1, repo.Path, stdOut, stdErr); err != nil { + if err := cmd.RunWithContext(&RunContext{ + Env: env, + Timeout: -1, + Dir: repo.Path, + Stdout: stdOut, + Stderr: stdErr, + }); err != nil { return nil, fmt.Errorf("failed to run check-attr: %v\n%s\n%s", err, stdOut.String(), stdErr.String()) } @@ -182,9 +188,17 @@ func (c *CheckAttributeReader) Run() error { _ = c.Close() }() stdErr := new(bytes.Buffer) - err := c.cmd.RunInDirTimeoutEnvFullPipelineFunc(c.env, -1, c.Repo.Path, c.stdOut, stdErr, c.stdinReader, func(_ context.Context, _ context.CancelFunc) error { - close(c.running) - return nil + err := c.cmd.RunWithContext(&RunContext{ + Env: c.env, + Timeout: -1, + Dir: c.Repo.Path, + Stdin: c.stdinReader, + Stdout: c.stdOut, + Stderr: stdErr, + PipelineFunc: func(_ context.Context, _ context.CancelFunc) error { + close(c.running) + return nil + }, }) if err != nil && c.ctx.Err() != nil && err.Error() != "signal: killed" { return fmt.Errorf("failed to run attr-check. Error: %w\nStderr: %s", err, stdErr.String()) diff --git a/modules/git/repo_branch_nogogit.go b/modules/git/repo_branch_nogogit.go index 2e9335a31636c..66990add6fd98 100644 --- a/modules/git/repo_branch_nogogit.go +++ b/modules/git/repo_branch_nogogit.go @@ -96,7 +96,12 @@ func walkShowRef(ctx context.Context, repoPath, arg string, skip, limit int, wal if arg != "" { args = append(args, arg) } - err := NewCommand(ctx, args...).RunInDirPipeline(repoPath, stdoutWriter, stderrBuilder) + err := NewCommand(ctx, args...).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repoPath, + Stdout: stdoutWriter, + Stderr: stderrBuilder, + }) if err != nil { if stderrBuilder.Len() == 0 { _ = stdoutWriter.Close() diff --git a/modules/git/repo_commit.go b/modules/git/repo_commit.go index 5ccc42a383eb5..8e059ce0ea252 100644 --- a/modules/git/repo_commit.go +++ b/modules/git/repo_commit.go @@ -211,7 +211,12 @@ func (repo *Repository) CommitsByFileAndRange(revision, file string, page int) ( err := NewCommand(repo.Ctx, "log", revision, "--follow", "--max-count="+strconv.Itoa(setting.Git.CommitsRangeSize*page), prettyLogFormat, "--", file). - RunInDirPipeline(repo.Path, stdoutWriter, &stderr) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + Stderr: &stderr, + }) if err != nil { _ = stdoutWriter.CloseWithError(ConcatenateError(err, (&stderr).String())) } else { diff --git a/modules/git/repo_compare.go b/modules/git/repo_compare.go index dddc158dcc453..aa8015af14e50 100644 --- a/modules/git/repo_compare.go +++ b/modules/git/repo_compare.go @@ -147,13 +147,23 @@ func (repo *Repository) GetDiffNumChangedFiles(base, head string, directComparis } if err := NewCommand(repo.Ctx, "diff", "-z", "--name-only", base+separator+head). - RunInDirPipeline(repo.Path, w, stderr); err != nil { + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + Stderr: stderr, + }); err != nil { if strings.Contains(stderr.String(), "no merge base") { // git >= 2.28 now returns an error if base and head have become unrelated. // previously it would return the results of git diff -z --name-only base head so let's try that... w = &lineCountWriter{} stderr.Reset() - if err = NewCommand(repo.Ctx, "diff", "-z", "--name-only", base, head).RunInDirPipeline(repo.Path, w, stderr); err == nil { + if err = NewCommand(repo.Ctx, "diff", "-z", "--name-only", base, head).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + Stderr: stderr, + }); err == nil { return w.numLines, nil } } @@ -238,28 +248,46 @@ func (repo *Repository) GetDiffOrPatch(base, head string, w io.Writer, patch, bi // GetDiff generates and returns patch data between given revisions, optimized for human readability func (repo *Repository) GetDiff(base, head string, w io.Writer) error { - return NewCommand(repo.Ctx, "diff", "-p", base, head). - RunInDirPipeline(repo.Path, w, nil) + return NewCommand(repo.Ctx, "diff", "-p", base, head).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + }) } // GetDiffBinary generates and returns patch data between given revisions, including binary diffs. func (repo *Repository) GetDiffBinary(base, head string, w io.Writer) error { if CheckGitVersionAtLeast("1.7.7") == nil { - return NewCommand(repo.Ctx, "diff", "-p", "--binary", "--histogram", base, head). - RunInDirPipeline(repo.Path, w, nil) + return NewCommand(repo.Ctx, "diff", "-p", "--binary", "--histogram", base, head).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + }) } - return NewCommand(repo.Ctx, "diff", "-p", "--binary", "--patience", base, head). - RunInDirPipeline(repo.Path, w, nil) + return NewCommand(repo.Ctx, "diff", "-p", "--binary", "--patience", base, head).RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + }) } // GetPatch generates and returns format-patch data between given revisions, able to be used with `git apply` func (repo *Repository) GetPatch(base, head string, w io.Writer) error { stderr := new(bytes.Buffer) err := NewCommand(repo.Ctx, "format-patch", "--binary", "--stdout", base+"..."+head). - RunInDirPipeline(repo.Path, w, stderr) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + Stderr: stderr, + }) if err != nil && bytes.Contains(stderr.Bytes(), []byte("no merge base")) { return NewCommand(repo.Ctx, "format-patch", "--binary", "--stdout", base, head). - RunInDirPipeline(repo.Path, w, nil) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + }) } return err } @@ -268,7 +296,12 @@ func (repo *Repository) GetPatch(base, head string, w io.Writer) error { func (repo *Repository) GetDiffFromMergeBase(base, head string, w io.Writer) error { stderr := new(bytes.Buffer) err := NewCommand(repo.Ctx, "diff", "-p", "--binary", base+"..."+head). - RunInDirPipeline(repo.Path, w, stderr) + RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: w, + Stderr: stderr, + }) if err != nil && bytes.Contains(stderr.Bytes(), []byte("no merge base")) { return repo.GetDiffBinary(base, head, w) } diff --git a/modules/git/repo_index.go b/modules/git/repo_index.go index 8e76c5e466095..53de0f1cb8ec1 100644 --- a/modules/git/repo_index.go +++ b/modules/git/repo_index.go @@ -106,7 +106,13 @@ func (repo *Repository) RemoveFilesFromIndex(filenames ...string) error { buffer.WriteByte('\000') } } - return cmd.RunInDirFullPipeline(repo.Path, stdout, stderr, bytes.NewReader(buffer.Bytes())) + return cmd.RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdin: bytes.NewReader(buffer.Bytes()), + Stdout: stdout, + Stderr: stderr, + }) } // AddObjectToIndex adds the provided object hash to the index at the provided filename diff --git a/modules/git/repo_object.go b/modules/git/repo_object.go index a9ab66b28f17e..378e657ce4f4a 100644 --- a/modules/git/repo_object.go +++ b/modules/git/repo_object.go @@ -45,7 +45,13 @@ func (repo *Repository) hashObject(reader io.Reader) (string, error) { cmd := NewCommand(repo.Ctx, "hash-object", "-w", "--stdin") stdout := new(bytes.Buffer) stderr := new(bytes.Buffer) - err := cmd.RunInDirFullPipeline(repo.Path, stdout, stderr, reader) + err := cmd.RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdin: reader, + Stdout: stdout, + Stderr: stderr, + }) if err != nil { return "", err } diff --git a/modules/git/repo_ref_nogogit.go b/modules/git/repo_ref_nogogit.go index e17d23eb9c418..42295e43ac580 100644 --- a/modules/git/repo_ref_nogogit.go +++ b/modules/git/repo_ref_nogogit.go @@ -23,7 +23,12 @@ func (repo *Repository) GetRefsFiltered(pattern string) ([]*Reference, error) { go func() { stderrBuilder := &strings.Builder{} - err := NewCommand(repo.Ctx, "for-each-ref").RunInDirPipeline(repo.Path, stdoutWriter, stderrBuilder) + err := NewCommand(repo.Ctx, "for-each-ref").RunWithContext(&RunContext{ + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + Stderr: stderrBuilder, + }) if err != nil { _ = stdoutWriter.CloseWithError(ConcatenateError(err, stderrBuilder.String())) } else { diff --git a/modules/git/repo_stats.go b/modules/git/repo_stats.go index 6f5973ebe5f24..598ec37a2c61c 100644 --- a/modules/git/repo_stats.go +++ b/modules/git/repo_stats.go @@ -67,12 +67,14 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string) } stderr := new(strings.Builder) - err = NewCommand(repo.Ctx, args...).RunInDirTimeoutEnvFullPipelineFunc( - nil, -1, repo.Path, - stdoutWriter, stderr, nil, - func(ctx context.Context, cancel context.CancelFunc) error { + err = NewCommand(repo.Ctx, args...).RunWithContext(&RunContext{ + Env: []string{}, + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + Stderr: stderr, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { _ = stdoutWriter.Close() - scanner := bufio.NewScanner(stdoutReader) scanner.Split(bufio.ScanLines) stats.CommitCount = 0 @@ -103,11 +105,7 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string) case 4: // E-mail email := strings.ToLower(l) if _, ok := authors[email]; !ok { - authors[email] = &CodeActivityAuthor{ - Name: author, - Email: email, - Commits: 0, - } + authors[email] = &CodeActivityAuthor{Name: author, Email: email, Commits: 0} } authors[email].Commits++ default: // Changed file @@ -128,7 +126,6 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string) } } } - a := make([]*CodeActivityAuthor, 0, len(authors)) for _, v := range authors { a = append(a, v) @@ -137,14 +134,13 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string) sort.Slice(a, func(i, j int) bool { return a[i].Commits > a[j].Commits }) - stats.AuthorCount = int64(len(authors)) stats.ChangedFiles = int64(len(files)) stats.Authors = a - _ = stdoutReader.Close() return nil - }) + }, + }) if err != nil { return nil, fmt.Errorf("Failed to get GetCodeActivityStats for repository.\nError: %w\nStderr: %s", err, stderr) } diff --git a/modules/git/repo_tree.go b/modules/git/repo_tree.go index 9efacc8dfe00c..3219b569a53d0 100644 --- a/modules/git/repo_tree.go +++ b/modules/git/repo_tree.go @@ -60,7 +60,14 @@ func (repo *Repository) CommitTree(author, committer *Signature, tree *Tree, opt stdout := new(bytes.Buffer) stderr := new(bytes.Buffer) - err = cmd.RunInDirTimeoutEnvFullPipeline(env, -1, repo.Path, stdout, stderr, messageBytes) + err = cmd.RunWithContext(&RunContext{ + Env: env, + Timeout: -1, + Dir: repo.Path, + Stdin: messageBytes, + Stdout: stdout, + Stderr: stderr, + }) if err != nil { return SHA1{}, ConcatenateError(err, stderr.String()) diff --git a/modules/gitgraph/graph.go b/modules/gitgraph/graph.go index c0618152d8a8b..e15441b8831d7 100644 --- a/modules/gitgraph/graph.go +++ b/modules/gitgraph/graph.go @@ -64,57 +64,63 @@ func GetCommitGraph(r *git.Repository, page, maxAllowedColors int, hidePRRefs bo scanner := bufio.NewScanner(stdoutReader) - if err := graphCmd.RunInDirTimeoutEnvFullPipelineFunc(nil, -1, r.Path, stdoutWriter, stderr, nil, func(ctx context.Context, cancel context.CancelFunc) error { - _ = stdoutWriter.Close() - defer stdoutReader.Close() - parser := &Parser{} - parser.firstInUse = -1 - parser.maxAllowedColors = maxAllowedColors - if maxAllowedColors > 0 { - parser.availableColors = make([]int, maxAllowedColors) - for i := range parser.availableColors { - parser.availableColors[i] = i + 1 - } - } else { - parser.availableColors = []int{1, 2} - } - for commitsToSkip > 0 && scanner.Scan() { - line := scanner.Bytes() - dataIdx := bytes.Index(line, []byte("DATA:")) - if dataIdx < 0 { - dataIdx = len(line) + if err := graphCmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: r.Path, + Stdout: stdoutWriter, + Stderr: stderr, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { + _ = stdoutWriter.Close() + defer stdoutReader.Close() + parser := &Parser{} + parser.firstInUse = -1 + parser.maxAllowedColors = maxAllowedColors + if maxAllowedColors > 0 { + parser.availableColors = make([]int, maxAllowedColors) + for i := range parser.availableColors { + parser.availableColors[i] = i + 1 + } + } else { + parser.availableColors = []int{1, 2} } - starIdx := bytes.IndexByte(line, '*') - if starIdx >= 0 && starIdx < dataIdx { - commitsToSkip-- + for commitsToSkip > 0 && scanner.Scan() { + line := scanner.Bytes() + dataIdx := bytes.Index(line, []byte("DATA:")) + if dataIdx < 0 { + dataIdx = len(line) + } + starIdx := bytes.IndexByte(line, '*') + if starIdx >= 0 && starIdx < dataIdx { + commitsToSkip-- + } + parser.ParseGlyphs(line[:dataIdx]) } - parser.ParseGlyphs(line[:dataIdx]) - } - row := 0 + row := 0 + + // Skip initial non-commit lines + for scanner.Scan() { + line := scanner.Bytes() + if bytes.IndexByte(line, '*') >= 0 { + if err := parser.AddLineToGraph(graph, row, line); err != nil { + cancel() + return err + } + break + } + parser.ParseGlyphs(line) + } - // Skip initial non-commit lines - for scanner.Scan() { - line := scanner.Bytes() - if bytes.IndexByte(line, '*') >= 0 { + for scanner.Scan() { + row++ + line := scanner.Bytes() if err := parser.AddLineToGraph(graph, row, line); err != nil { cancel() return err } - break - } - parser.ParseGlyphs(line) - } - - for scanner.Scan() { - row++ - line := scanner.Bytes() - if err := parser.AddLineToGraph(graph, row, line); err != nil { - cancel() - return err } - } - return scanner.Err() + return scanner.Err() + }, }); err != nil { return graph, err } diff --git a/modules/notification/mail/mail.go b/modules/notification/mail/mail.go index 21709d9454c47..4ce2726fc68df 100644 --- a/modules/notification/mail/mail.go +++ b/modules/notification/mail/mail.go @@ -124,7 +124,7 @@ func (m *mailNotifier) NotifyPullRequestCodeComment(pr *models.PullRequest, comm func (m *mailNotifier) NotifyIssueChangeAssignee(doer *user_model.User, issue *models.Issue, assignee *user_model.User, removed bool, comment *models.Comment) { // mail only sent to added assignees and not self-assignee - if !removed && doer.ID != assignee.ID && assignee.EmailNotifications() == user_model.EmailNotificationsEnabled { + if !removed && doer.ID != assignee.ID && (assignee.EmailNotifications() == user_model.EmailNotificationsEnabled || assignee.EmailNotifications() == user_model.EmailNotificationsOnMention) { ct := fmt.Sprintf("Assigned #%d.", issue.Index) if err := mailer.SendIssueAssignedMail(issue, doer, ct, comment, []*user_model.User{assignee}); err != nil { log.Error("Error in SendIssueAssignedMail for issue[%d] to assignee[%d]: %v", issue.ID, assignee.ID, err) @@ -133,7 +133,7 @@ func (m *mailNotifier) NotifyIssueChangeAssignee(doer *user_model.User, issue *m } func (m *mailNotifier) NotifyPullReviewRequest(doer *user_model.User, issue *models.Issue, reviewer *user_model.User, isRequest bool, comment *models.Comment) { - if isRequest && doer.ID != reviewer.ID && reviewer.EmailNotifications() == user_model.EmailNotificationsEnabled { + if isRequest && doer.ID != reviewer.ID && (reviewer.EmailNotifications() == user_model.EmailNotificationsEnabled || reviewer.EmailNotifications() == user_model.EmailNotificationsOnMention) { ct := fmt.Sprintf("Requested to review %s.", issue.HTMLURL()) if err := mailer.SendIssueAssignedMail(issue, doer, ct, comment, []*user_model.User{reviewer}); err != nil { log.Error("Error in SendIssueAssignedMail for issue[%d] to reviewer[%d]: %v", issue.ID, reviewer.ID, err) diff --git a/modules/queue/manager.go b/modules/queue/manager.go index 73c57540be85d..bba2c54ad21f5 100644 --- a/modules/queue/manager.go +++ b/modules/queue/manager.go @@ -84,6 +84,8 @@ type ManagedPool interface { BoostWorkers() int // SetPoolSettings sets the user updatable settings for the pool SetPoolSettings(maxNumberOfWorkers, boostWorkers int, timeout time.Duration) + // NumberInQueue returns the total number of items in the pool + NumberInQueue() int64 // Done returns a channel that will be closed when the Pool's baseCtx is closed Done() <-chan struct{} } @@ -427,6 +429,14 @@ func (q *ManagedQueue) SetPoolSettings(maxNumberOfWorkers, boostWorkers int, tim } } +// NumberInQueue returns the number of items in the queue +func (q *ManagedQueue) NumberInQueue() int64 { + if pool, ok := q.Managed.(ManagedPool); ok { + return pool.NumberInQueue() + } + return -1 +} + func (l ManagedQueueList) Len() int { return len(l) } diff --git a/modules/queue/queue_bytefifo.go b/modules/queue/queue_bytefifo.go index bf153d70bb751..ead3828f332b9 100644 --- a/modules/queue/queue_bytefifo.go +++ b/modules/queue/queue_bytefifo.go @@ -135,6 +135,13 @@ func (q *ByteFIFOQueue) IsEmpty() bool { return q.byteFIFO.Len(q.terminateCtx) == 0 } +// NumberInQueue returns the number in the queue +func (q *ByteFIFOQueue) NumberInQueue() int64 { + q.lock.Lock() + defer q.lock.Unlock() + return q.byteFIFO.Len(q.terminateCtx) + q.WorkerPool.NumberInQueue() +} + // Flush flushes the ByteFIFOQueue func (q *ByteFIFOQueue) Flush(timeout time.Duration) error { select { diff --git a/modules/queue/workerpool.go b/modules/queue/workerpool.go index 100197c5e1f1f..5f6ec1871019e 100644 --- a/modules/queue/workerpool.go +++ b/modules/queue/workerpool.go @@ -204,6 +204,11 @@ func (p *WorkerPool) NumberOfWorkers() int { return p.numberOfWorkers } +// NumberInQueue returns the number of items in the queue +func (p *WorkerPool) NumberInQueue() int64 { + return atomic.LoadInt64(&p.numInQueue) +} + // MaxNumberOfWorkers returns the maximum number of workers automatically added to the pool func (p *WorkerPool) MaxNumberOfWorkers() int { p.lock.Lock() diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 1c4313247871a..f52fef3c0590b 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -2581,11 +2581,13 @@ auths.filter = User Filter auths.admin_filter = Admin Filter auths.restricted_filter = Restricted Filter auths.restricted_filter_helper = Leave empty to not set any users as restricted. Use an asterisk ('*') to set all users that do not match Admin Filter as restricted. -auths.verify_group_membership = Verify group membership in LDAP +auths.verify_group_membership = Verify group membership in LDAP (leave the filter empty to skip) auths.group_search_base = Group Search Base DN -auths.valid_groups_filter = Valid Groups Filter auths.group_attribute_list_users = Group Attribute Containing List Of Users auths.user_attribute_in_group = User Attribute Listed In Group +auths.map_group_to_team = Map LDAP groups to Organization teams (leave the field empty to skip) +auths.map_group_to_team_removal = Remove users from synchronized teams if user does not belong to corresponding LDAP group +auths.enable_ldap_groups = Enable LDAP groups auths.ms_ad_sa = MS AD Search Attributes auths.smtp_auth = SMTP Authentication Type auths.smtphost = SMTP Host @@ -2818,6 +2820,7 @@ monitor.queue.type = Type monitor.queue.exemplar = Exemplar Type monitor.queue.numberworkers = Number of Workers monitor.queue.maxnumberworkers = Max Number of Workers +monitor.queue.numberinqueue = Number in Queue monitor.queue.review = Review Config monitor.queue.review_add = Review/Add Workers monitor.queue.configuration = Initial Configuration diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini index 9afa2b6667c5c..47d4d86e5005b 100644 --- a/options/locale/locale_pt-PT.ini +++ b/options/locale/locale_pt-PT.ini @@ -562,6 +562,7 @@ comment_type_group_deadline=Prazo comment_type_group_dependency=Dependência comment_type_group_review_request=Pedido de revisão comment_type_group_pull_request_push=Cometimentos adicionados +comment_type_group_project=Projecto comment_type_group_issue_ref=Referência da questão saved_successfully=As suas configurações foram guardadas com sucesso. privacy=Privacidade @@ -1073,6 +1074,10 @@ editor.add_tmpl=Adicionar '' editor.add=Adicionar '%s' editor.update=Modificar '%s' editor.delete=Eliminar '%s' +editor.patch=Aplicar remendo (patch) +editor.patching=Remendando (patching): +editor.fail_to_apply_patch=Não foi possível aplicar o remendo (patch) '%s' +editor.new_patch=Novo remendo (patch) editor.commit_message_desc=Adicionar uma descrição alargada opcional… editor.signoff_desc=Adicionar "Assinado-por" seguido do autor do cometimento no fim da mensagem do registo de cometimentos. editor.commit_directly_to_this_branch=Cometer imediatamente no ramo %s. @@ -1108,6 +1113,8 @@ editor.cannot_commit_to_protected_branch=Não é possível cometer para o ramo p editor.no_commit_to_branch=Não é possível cometer imediatamente para o ramo porque: editor.user_no_push_to_branch=O utilizador não pode enviar para o ramo editor.require_signed_commit=O ramo requer um cometimento assinado +editor.cherry_pick=Escolher a dedo %s para: +editor.revert=Reverter %s para: commits.desc=Navegar pelo histórico de modificações no código fonte. commits.commits=Cometimentos @@ -1132,6 +1139,9 @@ commit.actions=Operações commit.revert=Reverter commit.revert-header=Reverter: %s commit.revert-content=Escolha o ramo para onde vai reverter: +commit.cherry-pick=Escolher a dedo +commit.cherry-pick-header=Escolher a dedo: %s +commit.cherry-pick-content=Escolha o ramo para onde vai escolher a dedo: ext_issues=Acesso a questões externas ext_issues.desc=Ligação para um rastreador de questões externo. @@ -2226,7 +2236,7 @@ branch.renamed=O ramo %s foi renomeado para %s. tag.create_tag=Criar etiqueta %s tag.create_tag_operation=Criar etiqueta tag.confirm_create_tag=Criar etiqueta -tag.create_tag_from=Criar uma etiqueta a partir de '%s' +tag.create_tag_from=Criar uma etiqueta a partir do ramo '%s' tag.create_success=A etiqueta '%s' foi criada. @@ -2371,6 +2381,7 @@ first_page=Primeira last_page=Última total=total: %d +dashboard.new_version_hint=O Gitea %s está agora disponível, você está a correr a versão %s. Verifique o blog para mais detalhes. dashboard.statistic=Resumo dashboard.operations=Operações de manutenção dashboard.system_status=Estado do sistema @@ -2825,6 +2836,12 @@ monitor.queue.pool.flush.title=Despejar fila monitor.queue.pool.flush.desc=O despejo irá adicionar um trabalhador que termina assim que a fila esteja vazia ou o prazo acabe. monitor.queue.pool.flush.submit=Adicionar trabalhador de despejo monitor.queue.pool.flush.added=Foi adicionado um trabalhador de despejo para %[1]s +monitor.queue.pool.pause.title=Pausar fila +monitor.queue.pool.pause.desc=Pausar uma fila impede que ela processe dados +monitor.queue.pool.pause.submit=Pausar fila +monitor.queue.pool.resume.title=Retomar fila +monitor.queue.pool.resume.desc=Definir esta fila para continuar o trabalho +monitor.queue.pool.resume.submit=Retomar fila monitor.queue.settings.title=Configurações do agregado monitor.queue.settings.desc=Os agregados crescem dinamicamente com um impulso em resposta à ocorrência de bloqueios na sua fila de trabalhadores. Essas mudanças não irão influenciar os grupos de trabalhadores correntes. diff --git a/options/locale/locale_uk-UA.ini b/options/locale/locale_uk-UA.ini index 78433a5c77960..5ac1710f1cee3 100644 --- a/options/locale/locale_uk-UA.ini +++ b/options/locale/locale_uk-UA.ini @@ -34,6 +34,7 @@ twofa=Двофакторна авторизація twofa_scratch=Двофакторний одноразовий пароль passcode=Код доступу +webauthn_reload=Оновити repository=Репозиторій organization=Організація @@ -92,7 +93,9 @@ error404=Сторінка, до якої ви намагаєтеся зверн never=Ніколи [error] +occurred=Сталася помилка missing_csrf=Некоректний запит: токен CSRF не задано +network_error=Помилка мережі [startpage] app_desc=Зручний власний сервіс хостингу репозиторіїв Git diff --git a/options/locale/locale_zh-CN.ini b/options/locale/locale_zh-CN.ini index 2c2515dafbeb6..fc7acb5636149 100644 --- a/options/locale/locale_zh-CN.ini +++ b/options/locale/locale_zh-CN.ini @@ -1075,6 +1075,10 @@ editor.add_tmpl=添加 '' editor.add=添加 '%s' editor.update=更新 '%s' editor.delete=删除 '%s' +editor.patch=应用补丁 +editor.patching=打补丁: +editor.fail_to_apply_patch=无法应用补丁'%s' +editor.new_patch=新补丁 editor.commit_message_desc=添加一个可选的扩展描述... editor.signoff_desc=在提交日志消息末尾添加签署人信息。 editor.commit_directly_to_this_branch=直接提交至 %s 分支。 @@ -1130,6 +1134,7 @@ commits.signed_by_untrusted_user_unmatched=由与提交者不匹配的未授信 commits.gpg_key_id=GPG 密钥 ID commits.ssh_key_fingerprint=SSH 密钥指纹 +commit.actions=操作 ext_issues=访问外部工单 ext_issues.desc=链接到外部工单跟踪系统。 @@ -2216,11 +2221,15 @@ branch.included_desc=此分支是默认分支的一部分 branch.included=已包含 branch.create_new_branch=从下列分支创建分支: branch.confirm_create_branch=创建分支 +branch.create_branch_operation=创建分支 branch.new_branch=创建新分支 branch.new_branch_from=从 %s 创建新分支 branch.renamed=分支 %s 被重命名为 %s。 tag.create_tag=创建标签 %s +tag.create_tag_operation=创建标签 +tag.confirm_create_tag=创建标签 +tag.create_tag_from=从 "%s" 创建新标签 tag.create_success=标签 '%s' 已创建。 @@ -2365,6 +2374,7 @@ first_page=首页 last_page=末页 total=总计:%d +dashboard.new_version_hint=Gitea %s 现已可用,您正在运行 %s。查看 博客 了解更多详情。 dashboard.statistic=摘要 dashboard.operations=维护操作 dashboard.system_status=系统状态 diff --git a/options/locale/locale_zh-TW.ini b/options/locale/locale_zh-TW.ini index e456ad90c855a..40fda2322dce4 100644 --- a/options/locale/locale_zh-TW.ini +++ b/options/locale/locale_zh-TW.ini @@ -404,8 +404,8 @@ repo.collaborator.added.subject=%s 把您加入到 %s repo.collaborator.added.text=您已被新增為儲存庫的協作者: [modal] -yes=確認操作 -no=取消操作 +yes=是 +no=否 modify=更新 [form] @@ -532,7 +532,7 @@ webauthn=安全金鑰 public_profile=公開的個人資料 biography_placeholder=告訴我們一些關於你的事 -profile_desc=您的電子信箱將被用於通知提醒和其他操作。 +profile_desc=您的電子信箱將被用於通知提醒和其他作業。 password_username_disabled=非本地使用者不允許更改他們的帳號。詳細資訊請聯絡您的系統管理員。 full_name=全名 website=個人網站 @@ -546,7 +546,7 @@ update_profile_success=已更新您的個人資料。 change_username=您的帳號已更改。 change_username_prompt=注意:修改帳號也會更改您的帳戶的 URL。 change_username_redirect_prompt=舊的帳號被領用前,會重新導向您的新帳號。 -continue=繼續操作 +continue=繼續 cancel=取消 language=語言 ui=佈景主題 @@ -593,7 +593,7 @@ emails=電子信箱 manage_emails=管理電子信箱 manage_themes=選擇預設佈景主題 manage_openid=管理 OpenID 位址 -email_desc=您的主要電子信箱將被用於通知提醒和其他操作。 +email_desc=您的主要電子信箱將被用於通知提醒和其他作業。 theme_desc=這將是您在整個網站上的預設佈景主題。 primary=主要 activated=已啟用 @@ -738,7 +738,7 @@ oauth2_regenerate_secret_hint=遺失您的密鑰? oauth2_client_secret_hint=請備份您的祕鑰。祕鑰在您離開這個頁面後將不會再顯示。 oauth2_application_edit=編輯 oauth2_application_create_description=OAuth2 應用程式讓您的第三方應用程式可以存取此 Gitea 上的帳戶。 -oauth2_application_remove_description=刪除 OAuth2 應用會拒絕它存取此 Gitea 上已授權的帳戶。是否繼續? +oauth2_application_remove_description=刪除 OAuth2 應用程式會拒絕它存取此 Gitea 上已授權的帳戶。是否繼續? authorized_oauth2_applications=已授權的 OAuth2 應用程式 authorized_oauth2_applications_description=您已授權給這些第三方應用程式存取您個人 Gitea 帳戶。請對不再需要的應用程式撤銷存取權。 @@ -957,14 +957,14 @@ migrate.migrating=正在從 %s 遷移... migrate.migrating_failed=從 %s 遷移失敗 migrate.migrating_failed.error=錯誤:%s migrate.migrating_failed_no_addr=遷移失敗。 -migrate.github.description=從 github.com 或其他 GitHub 實例遷移資料。 +migrate.github.description=從 github.com 或其他 GitHub 執行個體遷移資料。 migrate.git.description=從任何 Git 服務遷移儲存庫。 -migrate.gitlab.description=從 gitlab.com 或其他 GitLab 實例遷移資料。 -migrate.gitea.description=從 gitea.com 或其他 Gitea 實例遷移資料。 -migrate.gogs.description=從 notabug.org 或其他 Gogs 實例遷移資料。 -migrate.onedev.description=從 code.onedev.io 或其他 OneDev 實例遷移資料。 +migrate.gitlab.description=從 gitlab.com 或其他 GitLab 執行個體遷移資料。 +migrate.gitea.description=從 gitea.com 或其他 Gitea 執行個體遷移資料。 +migrate.gogs.description=從 notabug.org 或其他 Gogs 執行個體遷移資料。 +migrate.onedev.description=從 code.onedev.io 或其他 OneDev 執行個體遷移資料。 migrate.codebase.description=從 codebasehq.com 遷移資料。 -migrate.gitbucket.description=從 GitBucket 實例遷移資料。 +migrate.gitbucket.description=從 GitBucket 執行個體遷移資料。 migrate.migrating_git=正在遷移 Git 資料 migrate.migrating_topics=正在遷移主題 migrate.migrating_milestones=正在遷移里程碑 @@ -993,7 +993,7 @@ clone_this_repo=Clone 此儲存庫 create_new_repo_command=從命令列建立新儲存庫。 push_exist_repo=從命令行推送已經建立的儲存庫 empty_message=此儲存庫未包含任何內容。 -broken_message=無法讀取此儲存庫底層的 Git 資料。請聯絡此 Gitea 實例的管理員或刪除此儲存庫。 +broken_message=無法讀取此儲存庫底層的 Git 資料。請聯絡此 Gitea 執行個體的管理員或刪除此儲存庫。 code=程式碼 code.desc=存取原始碼、檔案、提交和分支。 @@ -1075,6 +1075,10 @@ editor.add_tmpl=新增「」 editor.add=新增「%s」 editor.update=更新「%s」 editor.delete=刪除「%s」 +editor.patch=套用 Patch +editor.patching=正在 Patch: +editor.fail_to_apply_patch=無法套用 Patch「%s」 +editor.new_patch=新增 Patch editor.commit_message_desc=(選填)加入詳細說明... editor.signoff_desc=在提交訊息底部加入提交者的「Signed-off-by」資訊。 editor.commit_directly_to_this_branch=直接提交到 %s 分支。 @@ -1110,6 +1114,8 @@ editor.cannot_commit_to_protected_branch=無法提交到受保護的分支「%s editor.no_commit_to_branch=無法直接提交到分支因為: editor.user_no_push_to_branch=使用者無法推送到分支 editor.require_signed_commit=分支僅接受經簽署的提交 +editor.cherry_pick=Cherry-pick %s 到: +editor.revert=還原 %s 到: commits.desc=瀏覽原始碼修改歷程。 commits.commits=次程式碼提交 @@ -1121,7 +1127,7 @@ commits.find=搜尋 commits.search_all=所有分支 commits.author=作者 commits.message=備註 -commits.date=提交日期 +commits.date=日期 commits.older=更舊的提交 commits.newer=更新的提交 commits.signed_by=簽署人 @@ -1130,6 +1136,13 @@ commits.signed_by_untrusted_user_unmatched=由不受信任且與提交者不相 commits.gpg_key_id=GPG 金鑰 ID commits.ssh_key_fingerprint=SSH 金鑰指紋 +commit.actions=操作 +commit.revert=還原 +commit.revert-header=還原: %s +commit.revert-content=選擇還原的目標分支: +commit.cherry-pick=Cherry-pick +commit.cherry-pick-header=Cherry-pick: %s +commit.cherry-pick-content=選擇 Cherry-pick 的目標分支: ext_issues=存取外部問題 ext_issues.desc=連結到外部問題追蹤器。 @@ -2216,11 +2229,15 @@ branch.included_desc=此分支是預設分支的一部分 branch.included=包含 branch.create_new_branch=從下列分支建立分支: branch.confirm_create_branch=建立分支 +branch.create_branch_operation=建立分支 branch.new_branch=建立新分支 branch.new_branch_from=從「%s」建立新分支 branch.renamed=分支 %s 被重新命名為 %s。 tag.create_tag=建立標籤 %s +tag.create_tag_operation=建立標籤 +tag.confirm_create_tag=建立標籤 +tag.create_tag_from=從「%s」建立新標籤 tag.create_success=已建立標籤「%s」。 @@ -2365,11 +2382,12 @@ first_page=首頁 last_page=末頁 total=總計:%d +dashboard.new_version_hint=現已推出 Gitea %s,您正在執行 %s。查看部落格以獲得更多資訊。 dashboard.statistic=摘要 -dashboard.operations=維護操作 +dashboard.operations=維護作業 dashboard.system_status=系統狀態 dashboard.statistic_info=Gitea 資料庫統計:%d 位使用者,%d 個組織,%d 個公鑰,%d 個儲存庫,%d 個儲存庫關注,%d 個星號,%d 次行為,%d 條權限記錄,%d 個問題,%d 則留言,%d 個社群帳戶,%d 個用戶關注,%d 個鏡像,%d 個版本發佈,%d 個認證來源,%d 個 Webhook ,%d 個里程碑,%d 個標籤,%d 個 Hook 任務,%d 個團隊,%d 個更新任務,%d 個附件。 -dashboard.operation_name=操作名稱 +dashboard.operation_name=作業名稱 dashboard.operation_switch=開關 dashboard.operation_run=執行 dashboard.clean_unbind_oauth=清理未綁定的 OAuth 連結 @@ -2619,7 +2637,7 @@ auths.tips.oauth2.general=OAuth2 認證 auths.tips.oauth2.general.tip=註冊新的 OAuth2 認證時,callback/redirect 網址應為:/user/oauth2//callback auths.tip.oauth2_provider=OAuth2 提供者 auths.tip.bitbucket=註冊新的 OAuth 客戶端並加入權限「Account - Read」。網址:https://bitbucket.org/account/user//oauth-consumers/new -auths.tip.nextcloud=在您的 Nextcloud 使用「設定 -> 安全性 -> OAuth 2.0 客戶端」註冊新的 OAuth 客戶端 +auths.tip.nextcloud=在您的執行個體中,於選單「設定 -> 安全性 -> OAuth 2.0 客戶端」註冊新的 OAuth 客戶端 auths.tip.dropbox=建立一個新的 App。網址:https://www.dropbox.com/developers/apps auths.tip.facebook=註冊一個新的應用程式並新增產品「Facebook 登入」。網址:https://developers.facebook.com/apps auths.tip.github=註冊新的 OAuth 應用程式。網址:https://github.com/settings/applications/new diff --git a/routers/private/hook_verification.go b/routers/private/hook_verification.go index 565cb273e790f..683ed8d071c62 100644 --- a/routers/private/hook_verification.go +++ b/routers/private/hook_verification.go @@ -45,9 +45,12 @@ func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env [] // This is safe as force pushes are already forbidden err = git.NewCommand(repo.Ctx, "rev-list", oldCommitID+"..."+newCommitID). - RunInDirTimeoutEnvFullPipelineFunc(env, -1, repo.Path, - stdoutWriter, nil, nil, - func(ctx context.Context, cancel context.CancelFunc) error { + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { _ = stdoutWriter.Close() err := readAndVerifyCommitsFromShaReader(stdoutReader, repo, env) if err != nil { @@ -56,7 +59,8 @@ func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env [] } _ = stdoutReader.Close() return err - }) + }, + }) if err != nil && !isErrUnverifiedCommit(err) { log.Error("Unable to check commits from %s to %s in %s: %v", oldCommitID, newCommitID, repo.Path, err) } @@ -89,9 +93,12 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error { hash := git.MustIDFromString(sha) return git.NewCommand(repo.Ctx, "cat-file", "commit", sha). - RunInDirTimeoutEnvFullPipelineFunc(env, -1, repo.Path, - stdoutWriter, nil, nil, - func(ctx context.Context, cancel context.CancelFunc) error { + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: repo.Path, + Stdout: stdoutWriter, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { _ = stdoutWriter.Close() commit, err := git.CommitFromReader(repo, hash, stdoutReader) if err != nil { @@ -105,7 +112,8 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error { } } return nil - }) + }, + }) } type errUnverifiedCommit struct { diff --git a/routers/web/admin/auths.go b/routers/web/admin/auths.go index 20f364739e12e..748f2e7a8b8bf 100644 --- a/routers/web/admin/auths.go +++ b/routers/web/admin/auths.go @@ -145,6 +145,8 @@ func parseLDAPConfig(form forms.AuthenticationForm) *ldap.Source { GroupDN: form.GroupDN, GroupFilter: form.GroupFilter, GroupMemberUID: form.GroupMemberUID, + GroupTeamMap: form.GroupTeamMap, + GroupTeamMapRemoval: form.GroupTeamMapRemoval, UserUID: form.UserUID, AdminFilter: form.AdminFilter, RestrictedFilter: form.RestrictedFilter, diff --git a/services/auth/source/ldap/README.md b/services/auth/source/ldap/README.md index 3a839fa3142a9..59fc5cabad759 100644 --- a/services/auth/source/ldap/README.md +++ b/services/auth/source/ldap/README.md @@ -120,3 +120,11 @@ share the following fields: * Group Attribute for User (optional) * Which group LDAP attribute contains an array above user attribute names. * Example: memberUid + +* Team group map (optional) + * Automatically add users to Organization teams, depending on LDAP group memberships. + * Note: this function only adds users to teams, it never removes users. + * Example: {"cn=MyGroup,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2", ...], ...}, ...} + +* Team group map removal (optional) + * If set to true, users will be removed from teams if they are not members of the corresponding group. diff --git a/services/auth/source/ldap/source.go b/services/auth/source/ldap/source.go index fc778b0114d77..ad97e2dd499be 100644 --- a/services/auth/source/ldap/source.go +++ b/services/auth/source/ldap/source.go @@ -52,6 +52,8 @@ type Source struct { GroupDN string // Group Search Base GroupFilter string // Group Name Filter GroupMemberUID string // Group Attribute containing array of UserUID + GroupTeamMap string // Map LDAP groups to teams + GroupTeamMapRemoval bool // Remove user from teams which are synchronized and user is not a member of the corresponding LDAP group UserUID string // User Attribute listed in Group SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go index 52971bb87e58c..e804e32e845db 100644 --- a/services/auth/source/ldap/source_authenticate.go +++ b/services/auth/source/ldap/source_authenticate.go @@ -8,6 +8,7 @@ import ( "fmt" "strings" + "code.gitea.io/gitea/models" asymkey_model "code.gitea.io/gitea/models/asymkey" "code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/models/db" @@ -59,10 +60,14 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str } if user != nil { + if source.GroupsEnabled && (source.GroupTeamMap != "" || source.GroupTeamMapRemoval) { + orgCache := make(map[string]*models.Organization) + teamCache := make(map[string]*models.Team) + source.SyncLdapGroupsToTeams(user, sr.LdapTeamAdd, sr.LdapTeamRemove, orgCache, teamCache) + } if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(user, source.authSource, sr.SSHPublicKey) { return user, asymkey_model.RewriteAllPublicKeys() } - return user, nil } @@ -98,10 +103,14 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(user, source.authSource, sr.SSHPublicKey) { err = asymkey_model.RewriteAllPublicKeys() } - if err == nil && len(source.AttributeAvatar) > 0 { _ = user_service.UploadAvatar(user, sr.Avatar) } + if source.GroupsEnabled && (source.GroupTeamMap != "" || source.GroupTeamMapRemoval) { + orgCache := make(map[string]*models.Organization) + teamCache := make(map[string]*models.Team) + source.SyncLdapGroupsToTeams(user, sr.LdapTeamAdd, sr.LdapTeamRemove, orgCache, teamCache) + } return user, err } diff --git a/services/auth/source/ldap/source_group_sync.go b/services/auth/source/ldap/source_group_sync.go new file mode 100644 index 0000000000000..7c62af705e04a --- /dev/null +++ b/services/auth/source/ldap/source_group_sync.go @@ -0,0 +1,100 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package ldap + +import ( + "code.gitea.io/gitea/models" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/log" +) + +// SyncLdapGroupsToTeams maps LDAP groups to organization and team memberships +func (source *Source) SyncLdapGroupsToTeams(user *user_model.User, ldapTeamAdd, ldapTeamRemove map[string][]string, orgCache map[string]*models.Organization, teamCache map[string]*models.Team) { + var err error + if source.GroupsEnabled && source.GroupTeamMapRemoval { + // when the user is not a member of configs LDAP group, remove mapped organizations/teams memberships + removeMappedMemberships(user, ldapTeamRemove, orgCache, teamCache) + } + for orgName, teamNames := range ldapTeamAdd { + org, ok := orgCache[orgName] + if !ok { + org, err = models.GetOrgByName(orgName) + if err != nil { + // organization must be created before LDAP group sync + log.Warn("LDAP group sync: Could not find organisation %s: %v", orgName, err) + continue + } + orgCache[orgName] = org + } + if isMember, err := models.IsOrganizationMember(org.ID, user.ID); !isMember && err == nil { + log.Trace("LDAP group sync: adding user [%s] to organization [%s]", user.Name, org.Name) + err = org.AddMember(user.ID) + if err != nil { + log.Error("LDAP group sync: Could not add user to organization: %v", err) + continue + } + } + for _, teamName := range teamNames { + team, ok := teamCache[orgName+teamName] + if !ok { + team, err = org.GetTeam(teamName) + if err != nil { + // team must be created before LDAP group sync + log.Warn("LDAP group sync: Could not find team %s: %v", teamName, err) + continue + } + teamCache[orgName+teamName] = team + } + if isMember, err := models.IsTeamMember(org.ID, team.ID, user.ID); !isMember && err == nil { + log.Trace("LDAP group sync: adding user [%s] to team [%s]", user.Name, org.Name) + } else { + continue + } + err := team.AddMember(user.ID) + if err != nil { + log.Error("LDAP group sync: Could not add user to team: %v", err) + } + } + } +} + +// remove membership to organizations/teams if user is not member of corresponding LDAP group +// e.g. lets assume user is member of LDAP group "x", but LDAP group team map contains LDAP groups "x" and "y" +// then users membership gets removed for all organizations/teams mapped by LDAP group "y" +func removeMappedMemberships(user *user_model.User, ldapTeamRemove map[string][]string, orgCache map[string]*models.Organization, teamCache map[string]*models.Team) { + var err error + for orgName, teamNames := range ldapTeamRemove { + org, ok := orgCache[orgName] + if !ok { + org, err = models.GetOrgByName(orgName) + if err != nil { + // organization must be created before LDAP group sync + log.Warn("LDAP group sync: Could not find organisation %s: %v", orgName, err) + continue + } + orgCache[orgName] = org + } + for _, teamName := range teamNames { + team, ok := teamCache[orgName+teamName] + if !ok { + team, err = org.GetTeam(teamName) + if err != nil { + // team must must be created before LDAP group sync + log.Warn("LDAP group sync: Could not find team %s: %v", teamName, err) + continue + } + } + if isMember, err := models.IsTeamMember(org.ID, team.ID, user.ID); isMember && err == nil { + log.Trace("LDAP group sync: removing user [%s] from team [%s]", user.Name, org.Name) + } else { + continue + } + err = team.RemoveMember(user.ID) + if err != nil { + log.Error("LDAP group sync: Could not remove user from team: %v", err) + } + } + } +} diff --git a/services/auth/source/ldap/source_search.go b/services/auth/source/ldap/source_search.go index 1f1cca270d40a..f2b940cabe026 100644 --- a/services/auth/source/ldap/source_search.go +++ b/services/auth/source/ldap/source_search.go @@ -12,22 +12,26 @@ import ( "strconv" "strings" + "code.gitea.io/gitea/modules/json" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/util" "github.com/go-ldap/ldap/v3" ) // SearchResult : user data type SearchResult struct { - Username string // Username - Name string // Name - Surname string // Surname - Mail string // E-mail address - SSHPublicKey []string // SSH Public Key - IsAdmin bool // if user is administrator - IsRestricted bool // if user is restricted - LowerName string // Lowername - Avatar []byte + Username string // Username + Name string // Name + Surname string // Surname + Mail string // E-mail address + SSHPublicKey []string // SSH Public Key + IsAdmin bool // if user is administrator + IsRestricted bool // if user is restricted + LowerName string // LowerName + Avatar []byte + LdapTeamAdd map[string][]string // organizations teams to add + LdapTeamRemove map[string][]string // organizations teams to remove } func (ls *Source) sanitizedUserQuery(username string) (string, bool) { @@ -192,6 +196,71 @@ func checkRestricted(l *ldap.Conn, ls *Source, userDN string) bool { return false } +// List all group memberships of a user +func (ls *Source) listLdapGroupMemberships(l *ldap.Conn, uid string) []string { + var ldapGroups []string + groupFilter := fmt.Sprintf("(%s=%s)", ls.GroupMemberUID, uid) + result, err := l.Search(ldap.NewSearchRequest( + ls.GroupDN, + ldap.ScopeWholeSubtree, + ldap.NeverDerefAliases, + 0, + 0, + false, + groupFilter, + []string{}, + nil, + )) + if err != nil { + log.Error("Failed group search using filter[%s]: %v", groupFilter, err) + return ldapGroups + } + + for _, entry := range result.Entries { + if entry.DN == "" { + log.Error("LDAP search was successful, but found no DN!") + continue + } + ldapGroups = append(ldapGroups, entry.DN) + } + + return ldapGroups +} + +// parse LDAP groups and return map of ldap groups to organizations teams +func (ls *Source) mapLdapGroupsToTeams() map[string]map[string][]string { + ldapGroupsToTeams := make(map[string]map[string][]string) + err := json.Unmarshal([]byte(ls.GroupTeamMap), &ldapGroupsToTeams) + if err != nil { + log.Error("Failed to unmarshall LDAP teams map: %v", err) + return ldapGroupsToTeams + } + return ldapGroupsToTeams +} + +// getMappedMemberships : returns the organizations and teams to modify the users membership +func (ls *Source) getMappedMemberships(l *ldap.Conn, uid string) (map[string][]string, map[string][]string) { + // get all LDAP group memberships for user + usersLdapGroups := ls.listLdapGroupMemberships(l, uid) + // unmarshall LDAP group team map from configs + ldapGroupsToTeams := ls.mapLdapGroupsToTeams() + membershipsToAdd := map[string][]string{} + membershipsToRemove := map[string][]string{} + for group, memberships := range ldapGroupsToTeams { + isUserInGroup := util.IsStringInSlice(group, usersLdapGroups) + if isUserInGroup { + for org, teams := range memberships { + membershipsToAdd[org] = teams + } + } else if !isUserInGroup { + for org, teams := range memberships { + membershipsToRemove[org] = teams + } + } + } + return membershipsToAdd, membershipsToRemove +} + // SearchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter func (ls *Source) SearchEntry(name, passwd string, directBind bool) *SearchResult { // See https://tools.ietf.org/search/rfc4513#section-5.1.2 @@ -308,9 +377,12 @@ func (ls *Source) SearchEntry(name, passwd string, directBind bool) *SearchResul surname := sr.Entries[0].GetAttributeValue(ls.AttributeSurname) mail := sr.Entries[0].GetAttributeValue(ls.AttributeMail) uid := sr.Entries[0].GetAttributeValue(ls.UserUID) + if ls.UserUID == "dn" || ls.UserUID == "DN" { + uid = sr.Entries[0].DN + } // Check group membership - if ls.GroupsEnabled { + if ls.GroupsEnabled && ls.GroupFilter != "" { groupFilter, ok := ls.sanitizedGroupFilter(ls.GroupFilter) if !ok { return nil @@ -373,16 +445,24 @@ func (ls *Source) SearchEntry(name, passwd string, directBind bool) *SearchResul Avatar = sr.Entries[0].GetRawAttributeValue(ls.AttributeAvatar) } + teamsToAdd := make(map[string][]string) + teamsToRemove := make(map[string][]string) + if ls.GroupsEnabled && (ls.GroupTeamMap != "" || ls.GroupTeamMapRemoval) { + teamsToAdd, teamsToRemove = ls.getMappedMemberships(l, uid) + } + return &SearchResult{ - LowerName: strings.ToLower(username), - Username: username, - Name: firstname, - Surname: surname, - Mail: mail, - SSHPublicKey: sshPublicKey, - IsAdmin: isAdmin, - IsRestricted: isRestricted, - Avatar: Avatar, + LowerName: strings.ToLower(username), + Username: username, + Name: firstname, + Surname: surname, + Mail: mail, + SSHPublicKey: sshPublicKey, + IsAdmin: isAdmin, + IsRestricted: isRestricted, + Avatar: Avatar, + LdapTeamAdd: teamsToAdd, + LdapTeamRemove: teamsToRemove, } } @@ -417,7 +497,7 @@ func (ls *Source) SearchEntries() ([]*SearchResult, error) { isAttributeSSHPublicKeySet := len(strings.TrimSpace(ls.AttributeSSHPublicKey)) > 0 isAtributeAvatarSet := len(strings.TrimSpace(ls.AttributeAvatar)) > 0 - attribs := []string{ls.AttributeUsername, ls.AttributeName, ls.AttributeSurname, ls.AttributeMail} + attribs := []string{ls.AttributeUsername, ls.AttributeName, ls.AttributeSurname, ls.AttributeMail, ls.UserUID} if isAttributeSSHPublicKeySet { attribs = append(attribs, ls.AttributeSSHPublicKey) } @@ -444,12 +524,23 @@ func (ls *Source) SearchEntries() ([]*SearchResult, error) { result := make([]*SearchResult, len(sr.Entries)) for i, v := range sr.Entries { + teamsToAdd := make(map[string][]string) + teamsToRemove := make(map[string][]string) + if ls.GroupsEnabled && (ls.GroupTeamMap != "" || ls.GroupTeamMapRemoval) { + userAttributeListedInGroup := v.GetAttributeValue(ls.UserUID) + if ls.UserUID == "dn" || ls.UserUID == "DN" { + userAttributeListedInGroup = v.DN + } + teamsToAdd, teamsToRemove = ls.getMappedMemberships(l, userAttributeListedInGroup) + } result[i] = &SearchResult{ - Username: v.GetAttributeValue(ls.AttributeUsername), - Name: v.GetAttributeValue(ls.AttributeName), - Surname: v.GetAttributeValue(ls.AttributeSurname), - Mail: v.GetAttributeValue(ls.AttributeMail), - IsAdmin: checkAdmin(l, ls, v.DN), + Username: v.GetAttributeValue(ls.AttributeUsername), + Name: v.GetAttributeValue(ls.AttributeName), + Surname: v.GetAttributeValue(ls.AttributeSurname), + Mail: v.GetAttributeValue(ls.AttributeMail), + IsAdmin: checkAdmin(l, ls, v.DN), + LdapTeamAdd: teamsToAdd, + LdapTeamRemove: teamsToRemove, } if !result[i].IsAdmin { result[i].IsRestricted = checkRestricted(l, ls, v.DN) diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go index 398d9ef79883d..74a62ce4e72dc 100644 --- a/services/auth/source/ldap/source_sync.go +++ b/services/auth/source/ldap/source_sync.go @@ -10,6 +10,7 @@ import ( "sort" "strings" + "code.gitea.io/gitea/models" asymkey_model "code.gitea.io/gitea/models/asymkey" "code.gitea.io/gitea/models/db" user_model "code.gitea.io/gitea/models/user" @@ -61,6 +62,8 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error { }) userPos := 0 + orgCache := make(map[string]*models.Organization) + teamCache := make(map[string]*models.Team) for _, su := range sr { select { @@ -166,6 +169,10 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error { } } } + // Synchronize LDAP groups with organization and team memberships + if source.GroupsEnabled && (source.GroupTeamMap != "" || source.GroupTeamMapRemoval) { + source.SyncLdapGroupsToTeams(usr, su.LdapTeamAdd, su.LdapTeamRemove, orgCache, teamCache) + } } // Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed diff --git a/services/forms/auth_form.go b/services/forms/auth_form.go index d0962926014b1..7e7c75675299b 100644 --- a/services/forms/auth_form.go +++ b/services/forms/auth_form.go @@ -79,6 +79,8 @@ type AuthenticationForm struct { SSPIStripDomainNames bool SSPISeparatorReplacement string `binding:"AlphaDashDot;MaxSize(5)"` SSPIDefaultLanguage string + GroupTeamMap string + GroupTeamMapRemoval bool } // Validate validates fields diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go index 4710f9642da30..c86f15efc0210 100644 --- a/services/mirror/mirror_pull.go +++ b/services/mirror/mirror_pull.go @@ -161,7 +161,12 @@ func pruneBrokenReferences(ctx context.Context, stdoutBuilder.Reset() pruneErr := git.NewCommand(ctx, "remote", "prune", m.GetRemoteName()). SetDescription(fmt.Sprintf("Mirror.runSync %ssPrune references: %s ", wiki, m.Repo.FullName())). - RunInDirTimeoutPipeline(timeout, repoPath, stdoutBuilder, stderrBuilder) + RunWithContext(&git.RunContext{ + Timeout: timeout, + Dir: repoPath, + Stdout: stdoutBuilder, + Stderr: stderrBuilder, + }) if pruneErr != nil { stdout := stdoutBuilder.String() stderr := stderrBuilder.String() @@ -203,7 +208,12 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo stderrBuilder := strings.Builder{} if err := git.NewCommand(ctx, gitArgs...). SetDescription(fmt.Sprintf("Mirror.runSync: %s", m.Repo.FullName())). - RunInDirTimeoutPipeline(timeout, repoPath, &stdoutBuilder, &stderrBuilder); err != nil { + RunWithContext(&git.RunContext{ + Timeout: timeout, + Dir: repoPath, + Stdout: &stdoutBuilder, + Stderr: &stderrBuilder, + }); err != nil { stdout := stdoutBuilder.String() stderr := stderrBuilder.String() @@ -226,7 +236,12 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo stdoutBuilder.Reset() if err = git.NewCommand(ctx, gitArgs...). SetDescription(fmt.Sprintf("Mirror.runSync: %s", m.Repo.FullName())). - RunInDirTimeoutPipeline(timeout, repoPath, &stdoutBuilder, &stderrBuilder); err != nil { + RunWithContext(&git.RunContext{ + Timeout: timeout, + Dir: repoPath, + Stdout: &stdoutBuilder, + Stderr: &stderrBuilder, + }); err != nil { stdout := stdoutBuilder.String() stderr := stderrBuilder.String() @@ -282,7 +297,12 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo stdoutBuilder.Reset() if err := git.NewCommand(ctx, "remote", "update", "--prune", m.GetRemoteName()). SetDescription(fmt.Sprintf("Mirror.runSync Wiki: %s ", m.Repo.FullName())). - RunInDirTimeoutPipeline(timeout, wikiPath, &stdoutBuilder, &stderrBuilder); err != nil { + RunWithContext(&git.RunContext{ + Timeout: timeout, + Dir: wikiPath, + Stdout: &stdoutBuilder, + Stderr: &stderrBuilder, + }); err != nil { stdout := stdoutBuilder.String() stderr := stderrBuilder.String() @@ -314,7 +334,12 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo if err = git.NewCommand(ctx, "remote", "update", "--prune", m.GetRemoteName()). SetDescription(fmt.Sprintf("Mirror.runSync Wiki: %s ", m.Repo.FullName())). - RunInDirTimeoutPipeline(timeout, wikiPath, &stdoutBuilder, &stderrBuilder); err != nil { + RunWithContext(&git.RunContext{ + Timeout: timeout, + Dir: wikiPath, + Stdout: &stdoutBuilder, + Stderr: &stderrBuilder, + }); err != nil { stdout := stdoutBuilder.String() stderr := stderrBuilder.String() stderrMessage = sanitizer.Replace(stderr) diff --git a/services/pull/merge.go b/services/pull/merge.go index 62c502011a32e..cb857cc60dbc7 100644 --- a/services/pull/merge.go +++ b/services/pull/merge.go @@ -188,35 +188,65 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User } // Switch off LFS process (set required, clean and smudge here also) - if err := gitConfigCommand().AddArguments("filter.lfs.process", "").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := gitConfigCommand().AddArguments("filter.lfs.process", ""). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git config [filter.lfs.process -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git config [filter.lfs.process -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } outbuf.Reset() errbuf.Reset() - if err := gitConfigCommand().AddArguments("filter.lfs.required", "false").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := gitConfigCommand().AddArguments("filter.lfs.required", "false"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git config [filter.lfs.required -> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git config [filter.lfs.required -> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } outbuf.Reset() errbuf.Reset() - if err := gitConfigCommand().AddArguments("filter.lfs.clean", "").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := gitConfigCommand().AddArguments("filter.lfs.clean", ""). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git config [filter.lfs.clean -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git config [filter.lfs.clean -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } outbuf.Reset() errbuf.Reset() - if err := gitConfigCommand().AddArguments("filter.lfs.smudge", "").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := gitConfigCommand().AddArguments("filter.lfs.smudge", ""). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git config [filter.lfs.smudge -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git config [filter.lfs.smudge -> <> ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } outbuf.Reset() errbuf.Reset() - if err := gitConfigCommand().AddArguments("core.sparseCheckout", "true").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := gitConfigCommand().AddArguments("core.sparseCheckout", "true"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git config [core.sparseCheckout -> true ]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git config [core.sparsecheckout -> true]: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } @@ -224,7 +254,13 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User errbuf.Reset() // Read base branch index - if err := git.NewCommand(ctx, "read-tree", "HEAD").RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "read-tree", "HEAD"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git read-tree HEAD: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("Unable to read base branch in to the index: %v\n%s\n%s", err, outbuf.String(), errbuf.String()) } @@ -279,7 +315,13 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User fallthrough case repo_model.MergeStyleRebaseMerge: // Checkout head branch - if err := git.NewCommand(ctx, "checkout", "-b", stagingBranch, trackingBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "checkout", "-b", stagingBranch, trackingBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git checkout base prior to merge post staging rebase [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git checkout base prior to merge post staging rebase [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } @@ -287,7 +329,13 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User errbuf.Reset() // Rebase before merging - if err := git.NewCommand(ctx, "rebase", baseBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "rebase", baseBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { // Rebase will leave a REBASE_HEAD file in .git if there is a conflict if _, statErr := os.Stat(filepath.Join(tmpBasePath, ".git", "REBASE_HEAD")); statErr == nil { var commitSha string @@ -335,7 +383,13 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User } // Checkout base branch again - if err := git.NewCommand(ctx, "checkout", baseBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "checkout", baseBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git checkout base prior to merge post staging rebase [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git checkout base prior to merge post staging rebase [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } @@ -375,7 +429,14 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User } sig := pr.Issue.Poster.NewGitSig() if signArg == "" { - if err := git.NewCommand(ctx, "commit", fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email), "-m", message).RunInDirTimeoutEnvPipeline(env, -1, tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "commit", fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email), "-m", message). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } @@ -384,7 +445,14 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User // add trailer message += fmt.Sprintf("\nCo-authored-by: %s\nCo-committed-by: %s\n", sig.String(), sig.String()) } - if err := git.NewCommand(ctx, "commit", signArg, fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email), "-m", message).RunInDirTimeoutEnvPipeline(env, -1, tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "commit", signArg, fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email), "-m", message). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return "", fmt.Errorf("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } @@ -448,7 +516,13 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User } // Push back to upstream. - if err := pushCmd.RunInDirTimeoutEnvPipeline(env, -1, tmpBasePath, &outbuf, &errbuf); err != nil { + if err := pushCmd.RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { if strings.Contains(errbuf.String(), "non-fast-forward") { return "", &git.ErrPushOutOfDate{ StdOut: outbuf.String(), @@ -475,12 +549,26 @@ func rawMerge(ctx context.Context, pr *models.PullRequest, doer *user_model.User func commitAndSignNoAuthor(ctx context.Context, pr *models.PullRequest, message, signArg, tmpBasePath string, env []string) error { var outbuf, errbuf strings.Builder if signArg == "" { - if err := git.NewCommand(ctx, "commit", "-m", message).RunInDirTimeoutEnvPipeline(env, -1, tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "commit", "-m", message). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return fmt.Errorf("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } } else { - if err := git.NewCommand(ctx, "commit", signArg, "-m", message).RunInDirTimeoutEnvPipeline(env, -1, tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "commit", signArg, "-m", message). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) return fmt.Errorf("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String()) } @@ -490,7 +578,12 @@ func commitAndSignNoAuthor(ctx context.Context, pr *models.PullRequest, message, func runMergeCommand(pr *models.PullRequest, mergeStyle repo_model.MergeStyle, cmd *git.Command, tmpBasePath string) error { var outbuf, errbuf strings.Builder - if err := cmd.RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := cmd.RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { // Merge will leave a MERGE_HEAD file in the .git folder if there is a conflict if _, statErr := os.Stat(filepath.Join(tmpBasePath, ".git", "MERGE_HEAD")); statErr == nil { // We have a merge conflict error @@ -523,7 +616,13 @@ func getDiffTree(ctx context.Context, repoPath, baseBranch, headBranch string) ( getDiffTreeFromBranch := func(repoPath, baseBranch, headBranch string) (string, error) { var outbuf, errbuf strings.Builder // Compute the diff-tree for sparse-checkout - if err := git.NewCommand(ctx, "diff-tree", "--no-commit-id", "--name-only", "-r", "-z", "--root", baseBranch, headBranch, "--").RunInDirPipeline(repoPath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "diff-tree", "--no-commit-id", "--name-only", "-r", "-z", "--root", baseBranch, headBranch, "--"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: repoPath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { return "", fmt.Errorf("git diff-tree [%s base:%s head:%s]: %s", repoPath, baseBranch, headBranch, errbuf.String()) } return outbuf.String(), nil diff --git a/services/pull/patch.go b/services/pull/patch.go index a2c8345326f0b..f401b85345ebe 100644 --- a/services/pull/patch.go +++ b/services/pull/patch.go @@ -383,10 +383,11 @@ func checkConflicts(ctx context.Context, pr *models.PullRequest, gitRepo *git.Re // 7. Run the check command conflict = false err = git.NewCommand(gitRepo.Ctx, args...). - RunInDirTimeoutEnvFullPipelineFunc( - nil, -1, tmpBasePath, - nil, stderrWriter, nil, - func(ctx context.Context, cancel context.CancelFunc) error { + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stderr: stderrWriter, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { // Close the writer end of the pipe to begin processing _ = stderrWriter.Close() defer func() { @@ -444,7 +445,8 @@ func checkConflicts(ctx context.Context, pr *models.PullRequest, gitRepo *git.Re } return nil - }) + }, + }) // 8. If there is a conflict the `git apply` command will return a non-zero error code - so there will be a positive error. if err != nil { diff --git a/services/pull/patch_unmerged.go b/services/pull/patch_unmerged.go index 65264f9865ae0..abd54b07cf122 100644 --- a/services/pull/patch_unmerged.go +++ b/services/pull/patch_unmerged.go @@ -63,10 +63,12 @@ func readUnmergedLsFileLines(ctx context.Context, tmpBasePath string, outputChan stderr := &strings.Builder{} err = git.NewCommand(ctx, "ls-files", "-u", "-z"). - RunInDirTimeoutEnvFullPipelineFunc( - nil, -1, tmpBasePath, - lsFilesWriter, stderr, nil, - func(_ context.Context, _ context.CancelFunc) error { + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: lsFilesWriter, + Stderr: stderr, + PipelineFunc: func(_ context.Context, _ context.CancelFunc) error { _ = lsFilesWriter.Close() defer func() { _ = lsFilesReader.Close() @@ -102,8 +104,8 @@ func readUnmergedLsFileLines(ctx context.Context, tmpBasePath string, outputChan toemit.path = split[2][2 : len(split[2])-1] outputChan <- toemit } - }) - + }, + }) if err != nil { outputChan <- &lsFileLine{err: fmt.Errorf("git ls-files -u -z: %v", git.ConcatenateError(err, stderr.String()))} } diff --git a/services/pull/temp_repo.go b/services/pull/temp_repo.go index e9c227d79422b..831d98745e4ca 100644 --- a/services/pull/temp_repo.go +++ b/services/pull/temp_repo.go @@ -93,7 +93,13 @@ func createTemporaryRepo(ctx context.Context, pr *models.PullRequest) (string, e } var outbuf, errbuf strings.Builder - if err := git.NewCommand(ctx, "remote", "add", "-t", pr.BaseBranch, "-m", pr.BaseBranch, "origin", baseRepoPath).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "remote", "add", "-t", pr.BaseBranch, "-m", pr.BaseBranch, "origin", baseRepoPath). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("Unable to add base repository as origin [%s -> %s]: %v\n%s\n%s", pr.BaseRepo.FullName(), tmpBasePath, err, outbuf.String(), errbuf.String()) if err := models.RemoveTemporaryPath(tmpBasePath); err != nil { log.Error("CreateTempRepo: RemoveTemporaryPath: %s", err) @@ -103,7 +109,13 @@ func createTemporaryRepo(ctx context.Context, pr *models.PullRequest) (string, e outbuf.Reset() errbuf.Reset() - if err := git.NewCommand(ctx, "fetch", "origin", "--no-tags", "--", pr.BaseBranch+":"+baseBranch, pr.BaseBranch+":original_"+baseBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "fetch", "origin", "--no-tags", "--", pr.BaseBranch+":"+baseBranch, pr.BaseBranch+":original_"+baseBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("Unable to fetch origin base branch [%s:%s -> base, original_base in %s]: %v:\n%s\n%s", pr.BaseRepo.FullName(), pr.BaseBranch, tmpBasePath, err, outbuf.String(), errbuf.String()) if err := models.RemoveTemporaryPath(tmpBasePath); err != nil { log.Error("CreateTempRepo: RemoveTemporaryPath: %s", err) @@ -113,7 +125,13 @@ func createTemporaryRepo(ctx context.Context, pr *models.PullRequest) (string, e outbuf.Reset() errbuf.Reset() - if err := git.NewCommand(ctx, "symbolic-ref", "HEAD", git.BranchPrefix+baseBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "symbolic-ref", "HEAD", git.BranchPrefix+baseBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("Unable to set HEAD as base branch [%s]: %v\n%s\n%s", tmpBasePath, err, outbuf.String(), errbuf.String()) if err := models.RemoveTemporaryPath(tmpBasePath); err != nil { log.Error("CreateTempRepo: RemoveTemporaryPath: %s", err) @@ -131,7 +149,13 @@ func createTemporaryRepo(ctx context.Context, pr *models.PullRequest) (string, e return "", fmt.Errorf("Unable to head base repository to temporary repo [%s -> tmpBasePath]: %v", pr.HeadRepo.FullName(), err) } - if err := git.NewCommand(ctx, "remote", "add", remoteRepoName, headRepoPath).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "remote", "add", remoteRepoName, headRepoPath). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { log.Error("Unable to add head repository as head_repo [%s -> %s]: %v\n%s\n%s", pr.HeadRepo.FullName(), tmpBasePath, err, outbuf.String(), errbuf.String()) if err := models.RemoveTemporaryPath(tmpBasePath); err != nil { log.Error("CreateTempRepo: RemoveTemporaryPath: %s", err) @@ -151,7 +175,13 @@ func createTemporaryRepo(ctx context.Context, pr *models.PullRequest) (string, e } else { headBranch = pr.GetGitRefName() } - if err := git.NewCommand(ctx, "fetch", "--no-tags", remoteRepoName, headBranch+":"+trackingBranch).RunInDirPipeline(tmpBasePath, &outbuf, &errbuf); err != nil { + if err := git.NewCommand(ctx, "fetch", "--no-tags", remoteRepoName, headBranch+":"+trackingBranch). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: tmpBasePath, + Stdout: &outbuf, + Stderr: &errbuf, + }); err != nil { if err := models.RemoveTemporaryPath(tmpBasePath); err != nil { log.Error("CreateTempRepo: RemoveTemporaryPath: %s", err) } diff --git a/services/repository/files/temp_repo.go b/services/repository/files/temp_repo.go index b89d51601afe6..2223e1c8fda3f 100644 --- a/services/repository/files/temp_repo.go +++ b/services/repository/files/temp_repo.go @@ -97,7 +97,13 @@ func (t *TemporaryUploadRepository) LsFiles(filenames ...string) ([]string, erro } } - if err := git.NewCommand(t.ctx, cmdArgs...).RunInDirPipeline(t.basePath, stdOut, stdErr); err != nil { + if err := git.NewCommand(t.ctx, cmdArgs...). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: t.basePath, + Stdout: stdOut, + Stderr: stdErr, + }); err != nil { log.Error("Unable to run git ls-files for temporary repo: %s (%s) Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), t.basePath, err, stdOut.String(), stdErr.String()) err = fmt.Errorf("Unable to run git ls-files for temporary repo of: %s Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), err, stdOut.String(), stdErr.String()) return nil, err @@ -124,7 +130,14 @@ func (t *TemporaryUploadRepository) RemoveFilesFromIndex(filenames ...string) er } } - if err := git.NewCommand(t.ctx, "update-index", "--remove", "-z", "--index-info").RunInDirFullPipeline(t.basePath, stdOut, stdErr, stdIn); err != nil { + if err := git.NewCommand(t.ctx, "update-index", "--remove", "-z", "--index-info"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: t.basePath, + Stdin: stdIn, + Stdout: stdOut, + Stderr: stdErr, + }); err != nil { log.Error("Unable to update-index for temporary repo: %s (%s) Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), t.basePath, err, stdOut.String(), stdErr.String()) return fmt.Errorf("Unable to update-index for temporary repo: %s Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), err, stdOut.String(), stdErr.String()) } @@ -136,7 +149,14 @@ func (t *TemporaryUploadRepository) HashObject(content io.Reader) (string, error stdOut := new(bytes.Buffer) stdErr := new(bytes.Buffer) - if err := git.NewCommand(t.ctx, "hash-object", "-w", "--stdin").RunInDirFullPipeline(t.basePath, stdOut, stdErr, content); err != nil { + if err := git.NewCommand(t.ctx, "hash-object", "-w", "--stdin"). + RunWithContext(&git.RunContext{ + Timeout: -1, + Dir: t.basePath, + Stdin: content, + Stdout: stdOut, + Stderr: stdErr, + }); err != nil { log.Error("Unable to hash-object to temporary repo: %s (%s) Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), t.basePath, err, stdOut.String(), stdErr.String()) return "", fmt.Errorf("Unable to hash-object to temporary repo: %s Error: %v\nstdout: %s\nstderr: %s", t.repo.FullName(), err, stdOut.String(), stdErr.String()) } @@ -254,7 +274,15 @@ func (t *TemporaryUploadRepository) CommitTreeWithDate(author, committer *user_m stdout := new(bytes.Buffer) stderr := new(bytes.Buffer) - if err := git.NewCommand(t.ctx, args...).RunInDirTimeoutEnvFullPipeline(env, -1, t.basePath, stdout, stderr, messageBytes); err != nil { + if err := git.NewCommand(t.ctx, args...). + RunWithContext(&git.RunContext{ + Env: env, + Timeout: -1, + Dir: t.basePath, + Stdin: messageBytes, + Stdout: stdout, + Stderr: stderr, + }); err != nil { log.Error("Unable to commit-tree in temporary repo: %s (%s) Error: %v\nStdout: %s\nStderr: %s", t.repo.FullName(), t.basePath, err, stdout, stderr) return "", fmt.Errorf("Unable to commit-tree in temporary repo: %s Error: %v\nStdout: %s\nStderr: %s", @@ -304,15 +332,21 @@ func (t *TemporaryUploadRepository) DiffIndex() (*gitdiff.Diff, error) { var finalErr error if err := git.NewCommand(t.ctx, "diff-index", "--src-prefix=\\a/", "--dst-prefix=\\b/", "--cached", "-p", "HEAD"). - RunInDirTimeoutEnvFullPipelineFunc(nil, 30*time.Second, t.basePath, stdoutWriter, stderr, nil, func(ctx context.Context, cancel context.CancelFunc) error { - _ = stdoutWriter.Close() - diff, finalErr = gitdiff.ParsePatch(setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, stdoutReader, "") - if finalErr != nil { - log.Error("ParsePatch: %v", finalErr) - cancel() - } - _ = stdoutReader.Close() - return finalErr + RunWithContext(&git.RunContext{ + Timeout: 30 * time.Second, + Dir: t.basePath, + Stdout: stdoutWriter, + Stderr: stderr, + PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error { + _ = stdoutWriter.Close() + diff, finalErr = gitdiff.ParsePatch(setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, stdoutReader, "") + if finalErr != nil { + log.Error("ParsePatch: %v", finalErr) + cancel() + } + _ = stdoutReader.Close() + return finalErr + }, }); err != nil { if finalErr != nil { log.Error("Unable to ParsePatch in temporary repo %s (%s). Error: %v", t.repo.FullName(), t.basePath, finalErr) diff --git a/services/repository/fork.go b/services/repository/fork.go index e592e477b3bc9..ec8fb1a09e708 100644 --- a/services/repository/fork.go +++ b/services/repository/fork.go @@ -143,7 +143,17 @@ func ForkRepository(doer, owner *user_model.User, opts ForkRepoOptions) (_ *repo log.Error("Failed to update size for repository: %v", err) } if err := repo_model.CopyLanguageStat(opts.BaseRepo, repo); err != nil { - log.Error("Copy language stat from oldRepo failed") + log.Error("Copy language stat from oldRepo failed: %v", err) + } + + gitRepo, err := git.OpenRepositoryCtx(git.DefaultContext, repo.RepoPath()) + if err != nil { + log.Error("Open created git repository failed: %v", err) + } else { + defer gitRepo.Close() + if err := repo_module.SyncReleasesWithTags(repo, gitRepo); err != nil { + log.Error("Sync releases from git tags failed: %v", err) + } } notification.NotifyForkRepository(doer, opts.BaseRepo, repo) diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl index efa440ff33ef4..31c87597f0551 100644 --- a/templates/admin/auth/edit.tmpl +++ b/templates/admin/auth/edit.tmpl @@ -108,31 +108,43 @@ + + +
- - + +
-
+
+
+ + +
- - + +
- - + +
- - + +
- - + + +
+
+ +
-
+ + {{if .Source.IsLDAP}}
diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl index 9ea0fdf8c060f..afdfbadd6518e 100644 --- a/templates/admin/auth/source/ldap.tmpl +++ b/templates/admin/auth/source/ldap.tmpl @@ -79,31 +79,42 @@
+ +
- - + +
-
+
- - + +
- - + +
- - + +
- - + + +
+
+ + +
+
+ +
-
+ +
diff --git a/templates/admin/monitor.tmpl b/templates/admin/monitor.tmpl index 8a90f9b6474cb..a35b587bd5092 100644 --- a/templates/admin/monitor.tmpl +++ b/templates/admin/monitor.tmpl @@ -48,6 +48,7 @@ {{.i18n.Tr "admin.monitor.queue.type"}} {{.i18n.Tr "admin.monitor.queue.exemplar"}} {{.i18n.Tr "admin.monitor.queue.numberworkers"}} + {{.i18n.Tr "admin.monitor.queue.numberinqueue"}} @@ -58,6 +59,7 @@ {{.Type}} {{.ExemplarType}} {{$sum := .NumberOfWorkers}}{{if lt $sum 0}}-{{else}}{{$sum}}{{end}} + {{$sum := .NumberInQueue}}{{if lt $sum 0}}-{{else}}{{$sum}}{{end}} {{if lt $sum 0}}{{$.i18n.Tr "admin.monitor.queue.review"}}{{else}}{{$.i18n.Tr "admin.monitor.queue.review_add"}}{{end}} {{end}} diff --git a/templates/admin/queue.tmpl b/templates/admin/queue.tmpl index d2d2c83baf487..a08b44277cac6 100644 --- a/templates/admin/queue.tmpl +++ b/templates/admin/queue.tmpl @@ -15,6 +15,7 @@ {{.i18n.Tr "admin.monitor.queue.exemplar"}} {{.i18n.Tr "admin.monitor.queue.numberworkers"}} {{.i18n.Tr "admin.monitor.queue.maxnumberworkers"}} + {{.i18n.Tr "admin.monitor.queue.numberinqueue"}} @@ -24,6 +25,7 @@ {{.Queue.ExemplarType}} {{$sum := .Queue.NumberOfWorkers}}{{if lt $sum 0}}-{{else}}{{$sum}}{{end}} {{if lt $sum 0}}-{{else}}{{.Queue.MaxNumberOfWorkers}}{{end}} + {{$sum := .Queue.NumberInQueue}}{{if lt $sum 0}}-{{else}}{{$sum}}{{end}} diff --git a/templates/base/footer_content.tmpl b/templates/base/footer_content.tmpl index 979c03146cdc5..ef183191a4a49 100644 --- a/templates/base/footer_content.tmpl +++ b/templates/base/footer_content.tmpl @@ -1,7 +1,7 @@