From 54d4ec04c05f11f54a623996054fa19b39d4633e Mon Sep 17 00:00:00 2001 From: qwerty287 <80460567+qwerty287@users.noreply.github.com> Date: Sun, 30 Apr 2023 14:01:11 +0200 Subject: [PATCH] Drop Gogs private mode (#1726) You should use `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS` instead if repos sent from forge as public should be authenticated --- cmd/server/flags.go | 5 --- cmd/server/setup.go | 9 +++-- .../30-administration/11-forges/70-gogs.md | 5 --- docs/docs/91-migrations.md | 1 + server/api/repo.go | 2 +- server/forge/gitlab/convert.go | 2 +- server/forge/gogs/gogs.go | 36 +++++++++---------- server/forge/gogs/gogs_test.go | 10 +++--- server/forge/gogs/helper.go | 4 +-- server/forge/gogs/helper_test.go | 6 ++-- server/forge/gogs/parse.go | 20 +++++------ server/forge/types/errors.go | 2 +- server/model/const.go | 10 +++--- server/model/repo.go | 2 +- 14 files changed, 49 insertions(+), 65 deletions(-) diff --git a/cmd/server/flags.go b/cmd/server/flags.go index d4bd8962a..1fd8416fa 100644 --- a/cmd/server/flags.go +++ b/cmd/server/flags.go @@ -337,11 +337,6 @@ var flags = []cli.Flag{ Usage: "gogs service account password", FilePath: os.Getenv("WOODPECKER_GOGS_GIT_PASSWORD_FILE"), }, - &cli.BoolFlag{ - EnvVars: []string{"WOODPECKER_GOGS_PRIVATE_MODE"}, - Name: "gogs-private-mode", - Usage: "gogs private mode enabled", - }, &cli.BoolFlag{ EnvVars: []string{"WOODPECKER_GOGS_SKIP_VERIFY"}, Name: "gogs-skip-verify", diff --git a/cmd/server/setup.go b/cmd/server/setup.go index 6f0d1706c..904d649c4 100644 --- a/cmd/server/setup.go +++ b/cmd/server/setup.go @@ -218,11 +218,10 @@ func setupBitbucket(c *cli.Context) (forge.Forge, error) { // helper function to setup the Gogs forge from the CLI arguments. func setupGogs(c *cli.Context) (forge.Forge, error) { opts := gogs.Opts{ - URL: c.String("gogs-server"), - Username: c.String("gogs-git-username"), - Password: c.String("gogs-git-password"), - PrivateMode: c.Bool("gogs-private-mode"), - SkipVerify: c.Bool("gogs-skip-verify"), + URL: c.String("gogs-server"), + Username: c.String("gogs-git-username"), + Password: c.String("gogs-git-password"), + SkipVerify: c.Bool("gogs-skip-verify"), } log.Trace().Msgf("Forge (gogs) opts: %#v", opts) return gogs.New(opts) diff --git a/docs/docs/30-administration/11-forges/70-gogs.md b/docs/docs/30-administration/11-forges/70-gogs.md index c1d4876b4..810da0227 100644 --- a/docs/docs/30-administration/11-forges/70-gogs.md +++ b/docs/docs/30-administration/11-forges/70-gogs.md @@ -34,11 +34,6 @@ The password is used to authenticate and clone all private repositories. Read the value for `WOODPECKER_GOGS_GIT_PASSWORD` from the specified filepath -### `WOODPECKER_GOGS_PRIVATE_MODE` -> Default: `false` - -TODO - ### `WOODPECKER_GOGS_SKIP_VERIFY` > Default: `false` diff --git a/docs/docs/91-migrations.md b/docs/docs/91-migrations.md index 82b5b29f1..23b15d83f 100644 --- a/docs/docs/91-migrations.md +++ b/docs/docs/91-migrations.md @@ -17,6 +17,7 @@ Some versions need some changes to the server configuration or the pipeline conf - The pipelines are now also read from `.yaml` files, the new default order is `.woodpecker/*.yml` and `.woodpecker/*.yaml` (without any prioritization) -> `.woodpecker.yml` -> `.woodpecker.yaml` -> `.drone.yml` - Dropped support for [Coding](https://coding.net/). - `/api/queue/resume` & `/api/queue/pause` endpoint methods were changed from `GET` to `POST` +- Dropped `WOODPECKER_GOGS_PRIVATE_MODE` (use `WOODPECKER_AUTHENTICATE_PUBLIC_REPOS`) ## 0.15.0 diff --git a/server/api/repo.go b/server/api/repo.go index 2c0c06f12..edc2b7cc5 100644 --- a/server/api/repo.go +++ b/server/api/repo.go @@ -178,7 +178,7 @@ func PatchRepo(c *gin.Context) { if in.Visibility != nil { switch *in.Visibility { case string(model.VisibilityInternal), string(model.VisibilityPrivate), string(model.VisibilityPublic): - repo.Visibility = model.RepoVisibly(*in.Visibility) + repo.Visibility = model.RepoVisibility(*in.Visibility) default: c.String(http.StatusBadRequest, "Invalid visibility type") return diff --git a/server/forge/gitlab/convert.go b/server/forge/gitlab/convert.go index 4548534d2..b863f218c 100644 --- a/server/forge/gitlab/convert.go +++ b/server/forge/gitlab/convert.go @@ -44,7 +44,7 @@ func (g *GitLab) convertGitLabRepo(_repo *gitlab.Project) (*model.Repo, error) { Link: _repo.WebURL, Clone: _repo.HTTPURLToRepo, Branch: _repo.DefaultBranch, - Visibility: model.RepoVisibly(_repo.Visibility), + Visibility: model.RepoVisibility(_repo.Visibility), IsSCMPrivate: !_repo.Public, Perm: &model.Perm{ Pull: isRead(_repo), diff --git a/server/forge/gogs/gogs.go b/server/forge/gogs/gogs.go index 6d112bbdd..7ed272db3 100644 --- a/server/forge/gogs/gogs.go +++ b/server/forge/gogs/gogs.go @@ -18,7 +18,6 @@ package gogs import ( "context" "crypto/tls" - "fmt" "net" "net/http" "net/url" @@ -34,19 +33,17 @@ import ( // Opts defines configuration options. type Opts struct { - URL string // Gogs server url. - Username string // Optional machine account username. - Password string // Optional machine account password. - PrivateMode bool // Gogs is running in private mode. - SkipVerify bool // Skip ssl verification. + URL string // Gogs server url. + Username string // Optional machine account username. + Password string // Optional machine account password. + SkipVerify bool // Skip ssl verification. } type client struct { - URL string - Username string - Password string - PrivateMode bool - SkipVerify bool + URL string + Username string + Password string + SkipVerify bool } // New returns a Forge implementation that integrates with Gogs, an open @@ -61,11 +58,10 @@ func New(opts Opts) (forge.Forge, error) { u.Host = host } return &client{ - URL: opts.URL, - Username: opts.Username, - Password: opts.Password, - PrivateMode: opts.PrivateMode, - SkipVerify: opts.SkipVerify, + URL: opts.URL, + Username: opts.Username, + Password: opts.Password, + SkipVerify: opts.SkipVerify, }, nil } @@ -131,7 +127,7 @@ func (c *client) Login(_ context.Context, res http.ResponseWriter, req *http.Req // Auth is not supported by the Gogs driver. func (c *client) Auth(_ context.Context, _, _ string) (string, error) { - return "", fmt.Errorf("Not Implemented") + return "", forge_types.ErrNotImplemented } // Teams is not supported by the Gogs driver. @@ -156,7 +152,7 @@ func (c *client) Repo(_ context.Context, u *model.User, _ model.ForgeRemoteID, o if err != nil { return nil, err } - return toRepo(repo, c.PrivateMode), nil + return toRepo(repo), nil } // Repos returns a list of all repositories for the Gogs account, including @@ -171,7 +167,7 @@ func (c *client) Repos(_ context.Context, u *model.User) ([]*model.Repo, error) } for _, repo := range all { - repos = append(repos, toRepo(repo, c.PrivateMode)) + repos = append(repos, toRepo(repo)) } return repos, err } @@ -296,7 +292,7 @@ func (c *client) PullRequests(_ context.Context, _ *model.User, _ *model.Repo, _ // Hook parses the incoming Gogs hook and returns the Repository and Pipeline // details. If the hook is unsupported nil values are returned. func (c *client) Hook(_ context.Context, r *http.Request) (*model.Repo, *model.Pipeline, error) { - return parseHook(r, c.PrivateMode) + return parseHook(r) } // OrgMembership returns if user is member of organization and if user diff --git a/server/forge/gogs/gogs_test.go b/server/forge/gogs/gogs_test.go index d09cdaae0..217ee6511 100644 --- a/server/forge/gogs/gogs_test.go +++ b/server/forge/gogs/gogs_test.go @@ -46,17 +46,15 @@ func Test_gogs(t *testing.T) { g.Describe("Creating a forge", func() { g.It("Should return client with specified options", func() { forge, _ := New(Opts{ - URL: "http://localhost:8080", - Username: "someuser", - Password: "password", - SkipVerify: true, - PrivateMode: true, + URL: "http://localhost:8080", + Username: "someuser", + Password: "password", + SkipVerify: true, }) g.Assert(forge.(*client).URL).Equal("http://localhost:8080") g.Assert(forge.(*client).Username).Equal("someuser") g.Assert(forge.(*client).Password).Equal("password") g.Assert(forge.(*client).SkipVerify).Equal(true) - g.Assert(forge.(*client).PrivateMode).Equal(true) }) g.It("Should handle malformed url", func() { _, err := New(Opts{URL: "%gh&%ij"}) diff --git a/server/forge/gogs/helper.go b/server/forge/gogs/helper.go index c3890aba5..7198ebe4e 100644 --- a/server/forge/gogs/helper.go +++ b/server/forge/gogs/helper.go @@ -29,7 +29,7 @@ import ( ) // helper function that converts a Gogs repository to a Woodpecker repository. -func toRepo(from *gogs.Repository, privateMode bool) *model.Repo { +func toRepo(from *gogs.Repository) *model.Repo { name := strings.Split(from.FullName, "/")[1] avatar := expandAvatar( from.HTMLURL, @@ -43,7 +43,7 @@ func toRepo(from *gogs.Repository, privateMode bool) *model.Repo { FullName: from.FullName, Avatar: avatar, Link: from.HTMLURL, - IsSCMPrivate: from.Private || privateMode, + IsSCMPrivate: from.Private, Clone: from.CloneURL, Branch: from.DefaultBranch, Perm: toPerm(from.Permissions), diff --git a/server/forge/gogs/helper_test.go b/server/forge/gogs/helper_test.go index 70a53daf8..9749a2f52 100644 --- a/server/forge/gogs/helper_test.go +++ b/server/forge/gogs/helper_test.go @@ -107,7 +107,7 @@ func Test_parse(t *testing.T) { g.It("Should return a Repo struct from a push hook", func() { buf := bytes.NewBufferString(fixtures.HookPush) hook, _ := parsePush(buf) - repo := toRepo(hook.Repo, false) + repo := toRepo(hook.Repo) g.Assert(repo.Name).Equal(hook.Repo.Name) g.Assert(repo.Owner).Equal(hook.Repo.Owner.UserName) g.Assert(repo.FullName).Equal("gordon/hello-world") @@ -131,7 +131,7 @@ func Test_parse(t *testing.T) { g.It("Should return a Repo struct from a pull_request hook", func() { buf := bytes.NewBufferString(fixtures.HookPullRequest) hook, _ := parsePullRequest(buf) - repo := toRepo(hook.Repo, false) + repo := toRepo(hook.Repo) g.Assert(repo.Name).Equal(hook.Repo.Name) g.Assert(repo.Owner).Equal(hook.Repo.Owner.UserName) g.Assert(repo.FullName).Equal("gordon/hello-world") @@ -176,7 +176,7 @@ func Test_parse(t *testing.T) { DefaultBranch: "master", Permissions: &gogs.Permission{Admin: true}, } - repo := toRepo(&from, false) + repo := toRepo(&from) g.Assert(repo.FullName).Equal(from.FullName) g.Assert(repo.Owner).Equal(from.Owner.UserName) g.Assert(repo.Name).Equal("hello-world") diff --git a/server/forge/gogs/parse.go b/server/forge/gogs/parse.go index d6af5227c..1ab4455eb 100644 --- a/server/forge/gogs/parse.go +++ b/server/forge/gogs/parse.go @@ -39,21 +39,21 @@ const ( // parseHook parses a Bitbucket hook from an http.Request request and returns // Repo and Pipeline detail. If a hook type is unsupported nil values are returned. -func parseHook(r *http.Request, privateMode bool) (*model.Repo, *model.Pipeline, error) { +func parseHook(r *http.Request) (*model.Repo, *model.Pipeline, error) { switch r.Header.Get(hookEvent) { case hookPush: - return parsePushHook(r.Body, privateMode) + return parsePushHook(r.Body) case hookCreated: - return parseCreatedHook(r.Body, privateMode) + return parseCreatedHook(r.Body) case hookPullRequest: - return parsePullRequestHook(r.Body, privateMode) + return parsePullRequestHook(r.Body) } return nil, nil, nil } // parsePushHook parses a push hook and returns the Repo and Pipeline details. // If the commit type is unsupported nil values are returned. -func parsePushHook(payload io.Reader, privateMode bool) (*model.Repo, *model.Pipeline, error) { +func parsePushHook(payload io.Reader) (*model.Repo, *model.Pipeline, error) { var ( repo *model.Repo pipeline *model.Pipeline @@ -69,14 +69,14 @@ func parsePushHook(payload io.Reader, privateMode bool) (*model.Repo, *model.Pip return nil, nil, nil } - repo = toRepo(push.Repo, privateMode) + repo = toRepo(push.Repo) pipeline = pipelineFromPush(push) return repo, pipeline, err } // parseCreatedHook parses a push hook and returns the Repo and Pipeline details. // If the commit type is unsupported nil values are returned. -func parseCreatedHook(payload io.Reader, privateMode bool) (*model.Repo, *model.Pipeline, error) { +func parseCreatedHook(payload io.Reader) (*model.Repo, *model.Pipeline, error) { var ( repo *model.Repo pipeline *model.Pipeline @@ -91,13 +91,13 @@ func parseCreatedHook(payload io.Reader, privateMode bool) (*model.Repo, *model. return nil, nil, nil } - repo = toRepo(push.Repo, privateMode) + repo = toRepo(push.Repo) pipeline = pipelineFromTag(push) return repo, pipeline, err } // parsePullRequestHook parses a pull_request hook and returns the Repo and Pipeline details. -func parsePullRequestHook(payload io.Reader, privateMode bool) (*model.Repo, *model.Pipeline, error) { +func parsePullRequestHook(payload io.Reader) (*model.Repo, *model.Pipeline, error) { var ( repo *model.Repo pipeline *model.Pipeline @@ -116,7 +116,7 @@ func parsePullRequestHook(payload io.Reader, privateMode bool) (*model.Repo, *mo return nil, nil, nil } - repo = toRepo(pr.Repo, privateMode) + repo = toRepo(pr.Repo) pipeline = pipelineFromPullRequest(pr) return repo, pipeline, err } diff --git a/server/forge/types/errors.go b/server/forge/types/errors.go index 79cdb779f..47aae2f62 100644 --- a/server/forge/types/errors.go +++ b/server/forge/types/errors.go @@ -39,4 +39,4 @@ func (ae *AuthError) Error() string { // check interface var _ error = new(AuthError) -var ErrNotImplemented = errors.New("Not implemented") +var ErrNotImplemented = errors.New("not implemented") diff --git a/server/model/const.go b/server/model/const.go index ebfa6fb9d..15a9c97f2 100644 --- a/server/model/const.go +++ b/server/model/const.go @@ -66,11 +66,11 @@ const ( RepoPerforce SCMKind = "perforce" ) -// RepoVisibly represent to wat state a repo in woodpecker is visible to others -type RepoVisibly string +// RepoVisibility represent to wat state a repo in woodpecker is visible to others +type RepoVisibility string const ( - VisibilityPublic RepoVisibly = "public" - VisibilityPrivate RepoVisibly = "private" - VisibilityInternal RepoVisibly = "internal" + VisibilityPublic RepoVisibility = "public" + VisibilityPrivate RepoVisibility = "private" + VisibilityInternal RepoVisibility = "internal" ) diff --git a/server/model/repo.go b/server/model/repo.go index d78f349be..97f8e9c12 100644 --- a/server/model/repo.go +++ b/server/model/repo.go @@ -37,7 +37,7 @@ type Repo struct { Branch string `json:"default_branch,omitempty" xorm:"varchar(500) 'repo_branch'"` SCMKind SCMKind `json:"scm,omitempty" xorm:"varchar(50) 'repo_scm'"` Timeout int64 `json:"timeout,omitempty" xorm:"repo_timeout"` - Visibility RepoVisibly `json:"visibility" xorm:"varchar(10) 'repo_visibility'"` + Visibility RepoVisibility `json:"visibility" xorm:"varchar(10) 'repo_visibility'"` IsSCMPrivate bool `json:"private" xorm:"repo_private"` IsTrusted bool `json:"trusted" xorm:"repo_trusted"` IsGated bool `json:"gated" xorm:"repo_gated"`