2020-01-12 13:11:17 +01:00
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
2022-11-27 19:20:29 +01:00
|
|
|
// SPDX-License-Identifier: MIT
|
2020-01-12 13:11:17 +01:00
|
|
|
|
|
|
|
package repository
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
2021-09-23 17:45:36 +02:00
|
|
|
"context"
|
2020-01-12 13:11:17 +01:00
|
|
|
"fmt"
|
|
|
|
"os"
|
2022-03-29 09:23:45 +02:00
|
|
|
"path"
|
2020-01-12 13:11:17 +01:00
|
|
|
"path/filepath"
|
2022-03-29 09:23:45 +02:00
|
|
|
"sort"
|
2020-01-12 13:11:17 +01:00
|
|
|
"strings"
|
|
|
|
"time"
|
|
|
|
|
2022-06-13 11:37:59 +02:00
|
|
|
issues_model "code.gitea.io/gitea/models/issues"
|
2021-12-10 02:27:50 +01:00
|
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
2021-11-24 10:49:20 +01:00
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
2020-01-12 13:11:17 +01:00
|
|
|
"code.gitea.io/gitea/modules/git"
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
2022-03-29 09:23:45 +02:00
|
|
|
"code.gitea.io/gitea/modules/options"
|
2020-06-17 22:53:55 +02:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2022-04-01 10:47:50 +02:00
|
|
|
"code.gitea.io/gitea/modules/templates/vars"
|
2020-08-11 22:05:34 +02:00
|
|
|
"code.gitea.io/gitea/modules/util"
|
2021-12-10 09:14:24 +01:00
|
|
|
asymkey_service "code.gitea.io/gitea/services/asymkey"
|
2020-01-12 13:11:17 +01:00
|
|
|
)
|
|
|
|
|
2022-03-29 09:23:45 +02:00
|
|
|
var (
|
|
|
|
// Gitignores contains the gitiginore files
|
|
|
|
Gitignores []string
|
|
|
|
|
|
|
|
// Licenses contains the license files
|
|
|
|
Licenses []string
|
|
|
|
|
|
|
|
// Readmes contains the readme files
|
|
|
|
Readmes []string
|
|
|
|
|
|
|
|
// LabelTemplates contains the label template files and the list of labels for each file
|
|
|
|
LabelTemplates map[string]string
|
|
|
|
)
|
|
|
|
|
|
|
|
// ErrIssueLabelTemplateLoad represents a "ErrIssueLabelTemplateLoad" kind of error.
|
|
|
|
type ErrIssueLabelTemplateLoad struct {
|
|
|
|
TemplateFile string
|
|
|
|
OriginalError error
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsErrIssueLabelTemplateLoad checks if an error is a ErrIssueLabelTemplateLoad.
|
|
|
|
func IsErrIssueLabelTemplateLoad(err error) bool {
|
|
|
|
_, ok := err.(ErrIssueLabelTemplateLoad)
|
|
|
|
return ok
|
|
|
|
}
|
|
|
|
|
|
|
|
func (err ErrIssueLabelTemplateLoad) Error() string {
|
|
|
|
return fmt.Sprintf("Failed to load label template file '%s': %v", err.TemplateFile, err.OriginalError)
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetRepoInitFile returns repository init files
|
|
|
|
func GetRepoInitFile(tp, name string) ([]byte, error) {
|
|
|
|
cleanedName := strings.TrimLeft(path.Clean("/"+name), "/")
|
|
|
|
relPath := path.Join("options", tp, cleanedName)
|
|
|
|
|
|
|
|
// Use custom file when available.
|
|
|
|
customPath := path.Join(setting.CustomPath, relPath)
|
|
|
|
isFile, err := util.IsFile(customPath)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("Unable to check if %s is a file. Error: %v", customPath, err)
|
|
|
|
}
|
|
|
|
if isFile {
|
|
|
|
return os.ReadFile(customPath)
|
|
|
|
}
|
|
|
|
|
|
|
|
switch tp {
|
|
|
|
case "readme":
|
|
|
|
return options.Readme(cleanedName)
|
|
|
|
case "gitignore":
|
|
|
|
return options.Gitignore(cleanedName)
|
|
|
|
case "license":
|
|
|
|
return options.License(cleanedName)
|
|
|
|
case "label":
|
|
|
|
return options.Labels(cleanedName)
|
|
|
|
default:
|
|
|
|
return []byte{}, fmt.Errorf("Invalid init file type")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetLabelTemplateFile loads the label template file by given name,
|
|
|
|
// then parses and returns a list of name-color pairs and optionally description.
|
|
|
|
func GetLabelTemplateFile(name string) ([][3]string, error) {
|
|
|
|
data, err := GetRepoInitFile("label", name)
|
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return nil, ErrIssueLabelTemplateLoad{name, fmt.Errorf("GetRepoInitFile: %w", err)}
|
2022-03-29 09:23:45 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
lines := strings.Split(string(data), "\n")
|
|
|
|
list := make([][3]string, 0, len(lines))
|
|
|
|
for i := 0; i < len(lines); i++ {
|
|
|
|
line := strings.TrimSpace(lines[i])
|
|
|
|
if len(line) == 0 {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
parts := strings.SplitN(line, ";", 2)
|
|
|
|
|
|
|
|
fields := strings.SplitN(parts[0], " ", 2)
|
|
|
|
if len(fields) != 2 {
|
|
|
|
return nil, ErrIssueLabelTemplateLoad{name, fmt.Errorf("line is malformed: %s", line)}
|
|
|
|
}
|
|
|
|
|
|
|
|
color := strings.Trim(fields[0], " ")
|
|
|
|
if len(color) == 6 {
|
|
|
|
color = "#" + color
|
|
|
|
}
|
2022-06-13 11:37:59 +02:00
|
|
|
if !issues_model.LabelColorPattern.MatchString(color) {
|
2022-03-29 09:23:45 +02:00
|
|
|
return nil, ErrIssueLabelTemplateLoad{name, fmt.Errorf("bad HTML color code in line: %s", line)}
|
|
|
|
}
|
|
|
|
|
|
|
|
var description string
|
|
|
|
|
|
|
|
if len(parts) > 1 {
|
|
|
|
description = strings.TrimSpace(parts[1])
|
|
|
|
}
|
|
|
|
|
|
|
|
fields[1] = strings.TrimSpace(fields[1])
|
|
|
|
list = append(list, [3]string{fields[1], color, description})
|
|
|
|
}
|
|
|
|
|
|
|
|
return list, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func loadLabels(labelTemplate string) ([]string, error) {
|
|
|
|
list, err := GetLabelTemplateFile(labelTemplate)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
labels := make([]string, len(list))
|
|
|
|
for i := 0; i < len(list); i++ {
|
|
|
|
labels[i] = list[i][0]
|
|
|
|
}
|
|
|
|
return labels, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// LoadLabelsFormatted loads the labels' list of a template file as a string separated by comma
|
|
|
|
func LoadLabelsFormatted(labelTemplate string) (string, error) {
|
|
|
|
labels, err := loadLabels(labelTemplate)
|
|
|
|
return strings.Join(labels, ", "), err
|
|
|
|
}
|
|
|
|
|
|
|
|
// LoadRepoConfig loads the repository config
|
|
|
|
func LoadRepoConfig() {
|
|
|
|
// Load .gitignore and license files and readme templates.
|
|
|
|
types := []string{"gitignore", "license", "readme", "label"}
|
|
|
|
typeFiles := make([][]string, 4)
|
|
|
|
for i, t := range types {
|
|
|
|
files, err := options.Dir(t)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal("Failed to get %s files: %v", t, err)
|
|
|
|
}
|
|
|
|
customPath := path.Join(setting.CustomPath, "options", t)
|
|
|
|
isDir, err := util.IsDir(customPath)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal("Failed to get custom %s files: %v", t, err)
|
|
|
|
}
|
|
|
|
if isDir {
|
|
|
|
customFiles, err := util.StatDir(customPath)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal("Failed to get custom %s files: %v", t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, f := range customFiles {
|
Improve utils of slices (#22379)
- Move the file `compare.go` and `slice.go` to `slice.go`.
- Fix `ExistsInSlice`, it's buggy
- It uses `sort.Search`, so it assumes that the input slice is sorted.
- It passes `func(i int) bool { return slice[i] == target })` to
`sort.Search`, that's incorrect, check the doc of `sort.Search`.
- Conbine `IsInt64InSlice(int64, []int64)` and `ExistsInSlice(string,
[]string)` to `SliceContains[T]([]T, T)`.
- Conbine `IsSliceInt64Eq([]int64, []int64)` and `IsEqualSlice([]string,
[]string)` to `SliceSortedEqual[T]([]T, T)`.
- Add `SliceEqual[T]([]T, T)` as a distinction from
`SliceSortedEqual[T]([]T, T)`.
- Redesign `RemoveIDFromList([]int64, int64) ([]int64, bool)` to
`SliceRemoveAll[T]([]T, T) []T`.
- Add `SliceContainsFunc[T]([]T, func(T) bool)` and
`SliceRemoveAllFunc[T]([]T, func(T) bool)` for general use.
- Add comments to explain why not `golang.org/x/exp/slices`.
- Add unit tests.
2023-01-11 06:31:16 +01:00
|
|
|
if !util.SliceContainsString(files, f, true) {
|
2022-03-29 09:23:45 +02:00
|
|
|
files = append(files, f)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
typeFiles[i] = files
|
|
|
|
}
|
|
|
|
|
|
|
|
Gitignores = typeFiles[0]
|
|
|
|
Licenses = typeFiles[1]
|
|
|
|
Readmes = typeFiles[2]
|
|
|
|
LabelTemplatesFiles := typeFiles[3]
|
|
|
|
sort.Strings(Gitignores)
|
|
|
|
sort.Strings(Licenses)
|
|
|
|
sort.Strings(Readmes)
|
|
|
|
sort.Strings(LabelTemplatesFiles)
|
|
|
|
|
|
|
|
// Load label templates
|
|
|
|
LabelTemplates = make(map[string]string)
|
|
|
|
for _, templateFile := range LabelTemplatesFiles {
|
|
|
|
labels, err := LoadLabelsFormatted(templateFile)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("Failed to load labels: %v", err)
|
|
|
|
}
|
|
|
|
LabelTemplates[templateFile] = labels
|
|
|
|
}
|
|
|
|
|
|
|
|
// Filter out invalid names and promote preferred licenses.
|
|
|
|
sortedLicenses := make([]string, 0, len(Licenses))
|
|
|
|
for _, name := range setting.Repository.PreferredLicenses {
|
Improve utils of slices (#22379)
- Move the file `compare.go` and `slice.go` to `slice.go`.
- Fix `ExistsInSlice`, it's buggy
- It uses `sort.Search`, so it assumes that the input slice is sorted.
- It passes `func(i int) bool { return slice[i] == target })` to
`sort.Search`, that's incorrect, check the doc of `sort.Search`.
- Conbine `IsInt64InSlice(int64, []int64)` and `ExistsInSlice(string,
[]string)` to `SliceContains[T]([]T, T)`.
- Conbine `IsSliceInt64Eq([]int64, []int64)` and `IsEqualSlice([]string,
[]string)` to `SliceSortedEqual[T]([]T, T)`.
- Add `SliceEqual[T]([]T, T)` as a distinction from
`SliceSortedEqual[T]([]T, T)`.
- Redesign `RemoveIDFromList([]int64, int64) ([]int64, bool)` to
`SliceRemoveAll[T]([]T, T) []T`.
- Add `SliceContainsFunc[T]([]T, func(T) bool)` and
`SliceRemoveAllFunc[T]([]T, func(T) bool)` for general use.
- Add comments to explain why not `golang.org/x/exp/slices`.
- Add unit tests.
2023-01-11 06:31:16 +01:00
|
|
|
if util.SliceContainsString(Licenses, name, true) {
|
2022-03-29 09:23:45 +02:00
|
|
|
sortedLicenses = append(sortedLicenses, name)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, name := range Licenses {
|
Improve utils of slices (#22379)
- Move the file `compare.go` and `slice.go` to `slice.go`.
- Fix `ExistsInSlice`, it's buggy
- It uses `sort.Search`, so it assumes that the input slice is sorted.
- It passes `func(i int) bool { return slice[i] == target })` to
`sort.Search`, that's incorrect, check the doc of `sort.Search`.
- Conbine `IsInt64InSlice(int64, []int64)` and `ExistsInSlice(string,
[]string)` to `SliceContains[T]([]T, T)`.
- Conbine `IsSliceInt64Eq([]int64, []int64)` and `IsEqualSlice([]string,
[]string)` to `SliceSortedEqual[T]([]T, T)`.
- Add `SliceEqual[T]([]T, T)` as a distinction from
`SliceSortedEqual[T]([]T, T)`.
- Redesign `RemoveIDFromList([]int64, int64) ([]int64, bool)` to
`SliceRemoveAll[T]([]T, T) []T`.
- Add `SliceContainsFunc[T]([]T, func(T) bool)` and
`SliceRemoveAllFunc[T]([]T, func(T) bool)` for general use.
- Add comments to explain why not `golang.org/x/exp/slices`.
- Add unit tests.
2023-01-11 06:31:16 +01:00
|
|
|
if !util.SliceContainsString(setting.Repository.PreferredLicenses, name, true) {
|
2022-03-29 09:23:45 +02:00
|
|
|
sortedLicenses = append(sortedLicenses, name)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Licenses = sortedLicenses
|
|
|
|
}
|
|
|
|
|
2022-08-25 04:31:57 +02:00
|
|
|
func prepareRepoCommit(ctx context.Context, repo *repo_model.Repository, tmpDir, repoPath string, opts CreateRepoOptions) error {
|
2020-01-12 13:11:17 +01:00
|
|
|
commitTimeStr := time.Now().Format(time.RFC3339)
|
|
|
|
authorSig := repo.Owner.NewGitSig()
|
|
|
|
|
|
|
|
// Because this may call hooks we should pass in the environment
|
|
|
|
env := append(os.Environ(),
|
|
|
|
"GIT_AUTHOR_NAME="+authorSig.Name,
|
|
|
|
"GIT_AUTHOR_EMAIL="+authorSig.Email,
|
|
|
|
"GIT_AUTHOR_DATE="+commitTimeStr,
|
|
|
|
"GIT_COMMITTER_NAME="+authorSig.Name,
|
|
|
|
"GIT_COMMITTER_EMAIL="+authorSig.Email,
|
|
|
|
"GIT_COMMITTER_DATE="+commitTimeStr,
|
|
|
|
)
|
|
|
|
|
|
|
|
// Clone to temporary path and do the init commit.
|
2022-10-23 16:44:45 +02:00
|
|
|
if stdout, _, err := git.NewCommand(ctx, "clone").AddDynamicArguments(repoPath, tmpDir).
|
2020-01-12 13:11:17 +01:00
|
|
|
SetDescription(fmt.Sprintf("prepareRepoCommit (git clone): %s to %s", repoPath, tmpDir)).
|
2022-04-01 04:55:30 +02:00
|
|
|
RunStdString(&git.RunOpts{Dir: "", Env: env}); err != nil {
|
2020-01-12 13:11:17 +01:00
|
|
|
log.Error("Failed to clone from %v into %s: stdout: %s\nError: %v", repo, tmpDir, stdout, err)
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("git clone: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// README
|
2022-03-29 09:23:45 +02:00
|
|
|
data, err := GetRepoInitFile("readme", opts.Readme)
|
2020-01-12 13:11:17 +01:00
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("GetRepoInitFile[%s]: %w", opts.Readme, err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
cloneLink := repo.CloneLink()
|
|
|
|
match := map[string]string{
|
|
|
|
"Name": repo.Name,
|
|
|
|
"Description": repo.Description,
|
|
|
|
"CloneURL.SSH": cloneLink.SSH,
|
|
|
|
"CloneURL.HTTPS": cloneLink.HTTPS,
|
2020-04-07 03:40:38 +02:00
|
|
|
"OwnerName": repo.OwnerName,
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
2022-04-01 10:47:50 +02:00
|
|
|
res, err := vars.Expand(string(data), match)
|
|
|
|
if err != nil {
|
|
|
|
// here we could just log the error and continue the rendering
|
|
|
|
log.Error("unable to expand template vars for repo README: %s, err: %v", opts.Readme, err)
|
|
|
|
}
|
2021-09-22 07:38:34 +02:00
|
|
|
if err = os.WriteFile(filepath.Join(tmpDir, "README.md"),
|
2022-04-01 10:47:50 +02:00
|
|
|
[]byte(res), 0o644); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("write README.md: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// .gitignore
|
|
|
|
if len(opts.Gitignores) > 0 {
|
|
|
|
var buf bytes.Buffer
|
|
|
|
names := strings.Split(opts.Gitignores, ",")
|
|
|
|
for _, name := range names {
|
2022-03-29 09:23:45 +02:00
|
|
|
data, err = GetRepoInitFile("gitignore", name)
|
2020-01-12 13:11:17 +01:00
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("GetRepoInitFile[%s]: %w", name, err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
buf.WriteString("# ---> " + name + "\n")
|
|
|
|
buf.Write(data)
|
|
|
|
buf.WriteString("\n")
|
|
|
|
}
|
|
|
|
|
|
|
|
if buf.Len() > 0 {
|
2022-01-20 18:46:10 +01:00
|
|
|
if err = os.WriteFile(filepath.Join(tmpDir, ".gitignore"), buf.Bytes(), 0o644); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("write .gitignore: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// LICENSE
|
|
|
|
if len(opts.License) > 0 {
|
2022-03-29 09:23:45 +02:00
|
|
|
data, err = GetRepoInitFile("license", opts.License)
|
2020-01-12 13:11:17 +01:00
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("GetRepoInitFile[%s]: %w", opts.License, err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
if err = os.WriteFile(filepath.Join(tmpDir, "LICENSE"), data, 0o644); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("write LICENSE: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// initRepoCommit temporarily changes with work directory.
|
2022-01-20 00:26:57 +01:00
|
|
|
func initRepoCommit(ctx context.Context, tmpPath string, repo *repo_model.Repository, u *user_model.User, defaultBranch string) (err error) {
|
2020-01-12 13:11:17 +01:00
|
|
|
commitTimeStr := time.Now().Format(time.RFC3339)
|
|
|
|
|
|
|
|
sig := u.NewGitSig()
|
|
|
|
// Because this may call hooks we should pass in the environment
|
|
|
|
env := append(os.Environ(),
|
|
|
|
"GIT_AUTHOR_NAME="+sig.Name,
|
|
|
|
"GIT_AUTHOR_EMAIL="+sig.Email,
|
|
|
|
"GIT_AUTHOR_DATE="+commitTimeStr,
|
|
|
|
"GIT_COMMITTER_DATE="+commitTimeStr,
|
|
|
|
)
|
2020-09-19 18:44:55 +02:00
|
|
|
committerName := sig.Name
|
|
|
|
committerEmail := sig.Email
|
2020-01-12 13:11:17 +01:00
|
|
|
|
2022-04-01 04:55:30 +02:00
|
|
|
if stdout, _, err := git.NewCommand(ctx, "add", "--all").
|
2020-01-12 13:11:17 +01:00
|
|
|
SetDescription(fmt.Sprintf("initRepoCommit (git add): %s", tmpPath)).
|
2022-04-01 04:55:30 +02:00
|
|
|
RunStdString(&git.RunOpts{Dir: tmpPath}); err != nil {
|
2020-01-12 13:11:17 +01:00
|
|
|
log.Error("git add --all failed: Stdout: %s\nError: %v", stdout, err)
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("git add --all: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)
## Review without space diff
https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1
## Purpose of this PR
1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command
## The main idea of this PR
* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
* Before: `AddArguments("-m").AddDynamicArguments(message)`
* After: `AddOptionValues("-m", message)`
* -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`
## FAQ
### Why these changes were not done in #21535 ?
#21535 is mainly a search&replace, it did its best to not change too
much logic.
Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.
### The naming of `AddOptionXxx`
According to git's manual, the `--xxx` part is called `option`.
### How can it guarantee that `internal.CmdArg` won't be not misused?
Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.
And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.
### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?
Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.
### Why there was a `CmdArgCheck` and why it's removed?
At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.
### Why many codes for `signArg == ""` is deleted?
Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 03:30:43 +01:00
|
|
|
cmd := git.NewCommand(ctx, "commit").
|
|
|
|
AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email).
|
|
|
|
AddOptionValues("-m", "Initial commit")
|
2020-01-12 13:11:17 +01:00
|
|
|
|
2022-06-16 17:47:44 +02:00
|
|
|
sign, keyID, signer, _ := asymkey_service.SignInitialCommit(ctx, tmpPath, u)
|
|
|
|
if sign {
|
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)
## Review without space diff
https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1
## Purpose of this PR
1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command
## The main idea of this PR
* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
* Before: `AddArguments("-m").AddDynamicArguments(message)`
* After: `AddOptionValues("-m", message)`
* -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`
## FAQ
### Why these changes were not done in #21535 ?
#21535 is mainly a search&replace, it did its best to not change too
much logic.
Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.
### The naming of `AddOptionXxx`
According to git's manual, the `--xxx` part is called `option`.
### How can it guarantee that `internal.CmdArg` won't be not misused?
Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.
And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.
### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?
Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.
### Why there was a `CmdArgCheck` and why it's removed?
At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.
### Why many codes for `signArg == ""` is deleted?
Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 03:30:43 +01:00
|
|
|
cmd.AddOptionFormat("-S%s", keyID)
|
2022-06-16 17:47:44 +02:00
|
|
|
|
|
|
|
if repo.GetTrustModel() == repo_model.CommitterTrustModel || repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
|
|
|
|
// need to set the committer to the KeyID owner
|
|
|
|
committerName = signer.Name
|
|
|
|
committerEmail = signer.Email
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
2022-06-16 17:47:44 +02:00
|
|
|
} else {
|
2022-10-23 16:44:45 +02:00
|
|
|
cmd.AddArguments("--no-gpg-sign")
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
2020-09-19 18:44:55 +02:00
|
|
|
env = append(env,
|
|
|
|
"GIT_COMMITTER_NAME="+committerName,
|
|
|
|
"GIT_COMMITTER_EMAIL="+committerEmail,
|
|
|
|
)
|
|
|
|
|
2022-10-23 16:44:45 +02:00
|
|
|
if stdout, _, err := cmd.
|
2020-01-12 13:11:17 +01:00
|
|
|
SetDescription(fmt.Sprintf("initRepoCommit (git commit): %s", tmpPath)).
|
2022-04-01 04:55:30 +02:00
|
|
|
RunStdString(&git.RunOpts{Dir: tmpPath, Env: env}); err != nil {
|
2022-10-23 16:44:45 +02:00
|
|
|
log.Error("Failed to commit: %v: Stdout: %s\nError: %v", cmd.String(), stdout, err)
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("git commit: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
2020-03-26 20:14:51 +01:00
|
|
|
if len(defaultBranch) == 0 {
|
2020-06-17 22:53:55 +02:00
|
|
|
defaultBranch = setting.Repository.DefaultBranch
|
2020-03-26 20:14:51 +01:00
|
|
|
}
|
|
|
|
|
2022-10-23 16:44:45 +02:00
|
|
|
if stdout, _, err := git.NewCommand(ctx, "push", "origin").AddDynamicArguments("HEAD:" + defaultBranch).
|
2020-01-12 13:11:17 +01:00
|
|
|
SetDescription(fmt.Sprintf("initRepoCommit (git push): %s", tmpPath)).
|
2022-05-08 18:46:32 +02:00
|
|
|
RunStdString(&git.RunOpts{Dir: tmpPath, Env: InternalPushingEnvironment(u, repo)}); err != nil {
|
2020-11-28 22:00:38 +01:00
|
|
|
log.Error("Failed to push back to HEAD: Stdout: %s\nError: %v", stdout, err)
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("git push: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-01-20 00:26:57 +01:00
|
|
|
func checkInitRepository(ctx context.Context, owner, name string) (err error) {
|
2020-01-12 13:11:17 +01:00
|
|
|
// Somehow the directory could exist.
|
2021-12-10 02:27:50 +01:00
|
|
|
repoPath := repo_model.RepoPath(owner, name)
|
2020-11-28 03:42:08 +01:00
|
|
|
isExist, err := util.IsExist(repoPath)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("Unable to check if %s exists. Error: %v", repoPath, err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if isExist {
|
2021-12-12 16:48:20 +01:00
|
|
|
return repo_model.ErrRepoFilesAlreadyExist{
|
2020-09-25 06:09:23 +02:00
|
|
|
Uname: owner,
|
|
|
|
Name: name,
|
|
|
|
}
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Init git bare new repository.
|
2022-01-20 00:26:57 +01:00
|
|
|
if err = git.InitRepository(ctx, repoPath, true); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("git.InitRepository: %w", err)
|
2020-01-20 21:01:19 +01:00
|
|
|
} else if err = createDelegateHooks(repoPath); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("createDelegateHooks: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// InitRepository initializes README and .gitignore if needed.
|
2022-08-25 04:31:57 +02:00
|
|
|
func initRepository(ctx context.Context, repoPath string, u *user_model.User, repo *repo_model.Repository, opts CreateRepoOptions) (err error) {
|
2022-01-20 00:26:57 +01:00
|
|
|
if err = checkInitRepository(ctx, repo.OwnerName, repo.Name); err != nil {
|
2020-01-12 13:11:17 +01:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Initialize repository according to user's choice.
|
|
|
|
if opts.AutoInit {
|
2021-09-22 07:38:34 +02:00
|
|
|
tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-"+repo.Name)
|
2020-01-12 13:11:17 +01:00
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("Failed to create temp dir for repository %s: %w", repo.RepoPath(), err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
2020-08-11 22:05:34 +02:00
|
|
|
defer func() {
|
|
|
|
if err := util.RemoveAll(tmpDir); err != nil {
|
|
|
|
log.Warn("Unable to remove temporary directory: %s: Error: %v", tmpDir, err)
|
|
|
|
}
|
|
|
|
}()
|
2020-01-12 13:11:17 +01:00
|
|
|
|
|
|
|
if err = prepareRepoCommit(ctx, repo, tmpDir, repoPath, opts); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("prepareRepoCommit: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Apply changes and commit.
|
2022-01-20 00:26:57 +01:00
|
|
|
if err = initRepoCommit(ctx, tmpDir, repo, u, opts.DefaultBranch); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("initRepoCommit: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Re-fetch the repository from database before updating it (else it would
|
|
|
|
// override changes that were done earlier with sql)
|
2022-12-03 03:48:26 +01:00
|
|
|
if repo, err = repo_model.GetRepositoryByID(ctx, repo.ID); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("getRepositoryByID: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if !opts.AutoInit {
|
|
|
|
repo.IsEmpty = true
|
|
|
|
}
|
|
|
|
|
2020-09-25 06:09:23 +02:00
|
|
|
repo.DefaultBranch = setting.Repository.DefaultBranch
|
|
|
|
|
2020-03-26 20:14:51 +01:00
|
|
|
if len(opts.DefaultBranch) > 0 {
|
|
|
|
repo.DefaultBranch = opts.DefaultBranch
|
2022-03-29 21:13:41 +02:00
|
|
|
gitRepo, err := git.OpenRepository(ctx, repo.RepoPath())
|
2020-07-05 17:25:46 +02:00
|
|
|
if err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("openRepository: %w", err)
|
2020-07-05 17:25:46 +02:00
|
|
|
}
|
2020-12-11 22:41:59 +01:00
|
|
|
defer gitRepo.Close()
|
2020-07-05 17:25:46 +02:00
|
|
|
if err = gitRepo.SetDefaultBranch(repo.DefaultBranch); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("setDefaultBranch: %w", err)
|
2020-07-05 17:25:46 +02:00
|
|
|
}
|
2020-03-26 20:14:51 +01:00
|
|
|
}
|
|
|
|
|
2022-06-06 10:01:49 +02:00
|
|
|
if err = UpdateRepository(ctx, repo, false); err != nil {
|
2022-10-24 21:29:17 +02:00
|
|
|
return fmt.Errorf("updateRepository: %w", err)
|
2020-01-12 13:11:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2022-03-29 09:23:45 +02:00
|
|
|
|
|
|
|
// InitializeLabels adds a label set to a repository using a template
|
|
|
|
func InitializeLabels(ctx context.Context, id int64, labelTemplate string, isOrg bool) error {
|
|
|
|
list, err := GetLabelTemplateFile(labelTemplate)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-13 11:37:59 +02:00
|
|
|
labels := make([]*issues_model.Label, len(list))
|
2022-03-29 09:23:45 +02:00
|
|
|
for i := 0; i < len(list); i++ {
|
2022-06-13 11:37:59 +02:00
|
|
|
labels[i] = &issues_model.Label{
|
2022-03-29 09:23:45 +02:00
|
|
|
Name: list[i][0],
|
|
|
|
Description: list[i][2],
|
|
|
|
Color: list[i][1],
|
|
|
|
}
|
|
|
|
if isOrg {
|
|
|
|
labels[i].OrgID = id
|
|
|
|
} else {
|
|
|
|
labels[i].RepoID = id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, label := range labels {
|
2022-06-13 11:37:59 +02:00
|
|
|
if err = issues_model.NewLabel(ctx, label); err != nil {
|
2022-03-29 09:23:45 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|