1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-04 14:46:57 -05:00
Commit Graph

1013 Commits

Author SHA1 Message Date
Leon Busch-George
7a8a4f5432
Prefer native parser for SSH public key parsing (#23798)
Without this patch, the setting SSH.StartBuiltinServer decides whether
the native (Go) implementation is used rather than calling 'ssh-keygen'.
It's possible for 'using ssh-keygen' and 'using the built-in server' to
be independent.
In fact, the gitea rootless container doesn't ship ssh-keygen and can be
configured to use the host's SSH server - which will cause the public
key parsing mechanism to break.

This commit changes the decision to be based on SSH.KeygenPath instead.
Any existing configurations with a custom KeygenPath set will continue
to function. The new default value of '' selects the native version. The
downside of this approach is that anyone who has relying on plain
'ssh-keygen' to have special properties will now be using the native
version instead.
I assume the exec-variant is only there because /x/crypto/ssh didn't
support ssh-ed25519 until 2016. I don't see any other reason for using
it so it might be an acceptable risk.

Fixes #23363

EDIT: this message was garbled when I tried to get the commit
description back in.. Trying to reconstruct it:

## ⚠️ BREAKING ⚠️ Users who don't have SSH.KeygenPath
explicitly set and rely on the ssh-keygen binary need to set
SSH.KeygenPath to 'ssh-keygen' in order to be able to continue using it
for public key parsing.

There was something else but I can't remember at the moment.

EDIT2: It was about `make test` and `make lint`. Can't get them to run.
To reproduce the issue, I installed `golang` in `docker.io/node:16` and
got:
```
...
go: mvdan.cc/xurls/v2@v2.4.0: unknown revision mvdan.cc/xurls/v2.4.0
go: gotest.tools/v3@v3.4.0: unknown revision gotest.tools/v3.4.0
...
go: gotest.tools/v3@v3.0.3: unknown revision gotest.tools/v3.0.3
...
go: error loading module requirements
```

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-04-11 14:34:28 +08:00
silverwind
55d93fed8a
Fix markdownlint (#24024)
Should fix the currently broken CI, and also validate via new
`complicance-docs` pipeline.
2023-04-09 14:39:37 -04:00
Lunny Xiao
53439e5c79
Fix https setup doc zh-cn (#24015) 2023-04-09 19:53:08 +02:00
Yarden Shoham
42e009fa11
Reference the zh-CN version of reverse-proxies in https-support (#24016) 2023-04-09 17:31:31 +08:00
Yarden Shoham
768ee158f5
Fix lint problem in https-support.zh-cn.md (#24014)
https://github.com/DavidAnson/markdownlint/blob/v0.26.2/doc/Rules.md#md051
2023-04-09 17:06:31 +08:00
阿卡林刘
57aab79b0d
docs: HTTPS configuration for zh-cn (#23039)
added the Use HTTPS Configuration section Translation Chinese

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-09 16:30:26 +08:00
Lunny Xiao
8857e97b5f
Merge push to create, open PR from push, and push options docs articles into one (#23744)
Add documentation for this feature.

<img width="734" alt="gitea-push-hint"
src="https://user-images.githubusercontent.com/81045/227921177-af08ab76-7556-4a69-8da9-bb59cec1388b.png">

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-04-07 07:36:19 +08:00
Lunny Xiao
5cb394ff2f
Adjust some documentations titles (#23941)
As title.
2023-04-06 11:06:32 +02:00
alex
0983b237d5
docs: make the required backticks in email password more explicit (#23923)
updated the example config to make the needed backticks around the
password more obvious
2023-04-04 13:19:01 -04:00
alex
e6685fc4ce
docs: fix typo (#23924)
fixes a minor typo in the email templates page
2023-04-04 11:22:45 -04:00
Lunny Xiao
67103eb2bc
Update docs markdown file weight to make it clear (#23909)
For Docusaurus, it needs a meta data named `sidebar_position`, so we
copy all `weight` under `menu/sidebar` as top meta key.
2023-04-04 21:47:31 +08:00
Jason Song
977ef215fa
Rename actions unit to repo.actions and add docs for it (#23733)
I neglected that the `NameKey` of `Unit` is not only for translation,
but also configuration. So it should be `repo.actions` to maintain
consistency.

## ⚠️ BREAKING ⚠️

If users already use `actions.actions` in `DISABLED_REPO_UNITS` or
`DEFAULT_REPO_UNITS`, it will be treated as an invalid unit key.
2023-04-03 00:05:37 -04:00
wxiaoguang
e57e1144c5
Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766)
Follow #21962

After I eat my own dogfood, I would say that
ONLY_SHOW_RELEVANT_REPOS=false is necessary for many private/enterprise
instances, because many private repositories do not have
"description/topic", users just want to search by their names.

This PR also adds `PageIsExploreRepositories` check, to make code more
strict, because the `search` template is shared for different purpose.

And during the test, I found a bug that the "Search" button didn't
respect the "relevant" parameter, so this PR fixes the bug by the way
together.

I think this PR needs to be backported.
2023-03-29 08:41:45 -05:00
techknowlogick
92c160d8e7
Add meilisearch support (#23136)
Add meilisearch support

Fixes #20665
2023-03-28 22:23:23 -04:00
JakobDev
f384b13f1c
Implement Issue Config (#20956)
Closes #20955

This PR adds the possibility to disable blank Issues, when the Repo has
templates. This can be done by creating the file
`.gitea/issue_config.yaml` with the content `blank_issues_enabled` in
the Repo.
2023-03-28 14:22:07 -04:00
wxiaoguang
5727056ea1
Make minio package support legacy MD5 checksum (#23768)
A feedback from discord:
https://discord.com/channels/322538954119184384/561007778139734027/1090185427115319386

Some storages like:

 * https://developers.cloudflare.com/r2/api/s3/api/
 * https://www.backblaze.com/b2/docs/s3_compatible_api.html

They do not support "x-amz-checksum-algorithm" header

But minio recently uses that header with CRC32C by default. So we have
to tell minio to use legacy MD5 checksum.

I guess this needs to be backported because IIRC we 1.19 and 1.20 are
using similar minio package.


The minio package code for SendContentMD5 looks like this:

<details>

<img width="755" alt="image"
src="https://user-images.githubusercontent.com/2114189/228186768-4f2f6f67-62b9-4aee-9251-5af714ad9674.png">

</details>
2023-03-28 11:10:24 -04:00
Akkariin Meiko
d5f9a4ef44
Add Simplified Chinese translate for oauth2-provider (#23713) 2023-03-26 11:55:11 -04:00
Sandro
0fd7e373c8
Fix codeblocks in the cheat sheet (#23664) 2023-03-23 16:42:22 -04:00
Lunny Xiao
e8433b7fe6
Restructure documentation. Now the documentation has installation, administration, usage, development, contributing the 5 main parts (#23629)
- **Installation**: includes how to install Gitea and related other
tools, also includes upgrade Gitea
- **Administration**: includes how to configure Gitea, customize Gitea
and manage Gitea instance out of Gitea admin UI
- **Usage**: includes how to use Gitea's functionalities. A sub
documentation is about packages, in future we could also include CI/CD
and others.
- **Development**: includes how to integrate with Gitea's API, how to
develop new features within Gitea
- **Contributing**: includes how to contribute code to Gitea
repositories.

After this is merged, I think we can have a sub-documentation of `Usage`
part named `Actions` to describe how to use Gitea actions

---------

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-03-23 23:18:24 +08:00
Tim
662fbe0ce0
Add extra features to product comparison (#23638)
Add some review features that are notably missing from Gitlab CE but not
Gitea.

Also add Merge Queues which is not supported by Gitea but is quite an
important feature.
2023-03-22 11:43:08 -05:00
John Olheiser
71be6572d6
Update PR documentation (#23620)
This updates the PR docs and explains how to work with PRs, for those
who may not know.

It was mentioned that this page could explain PRs a bit better, in case
some users are not familiar with GitHub or similar forges.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-03-21 18:05:52 -04:00
silverwind
af3711100a
Add .patch to attachment.ALLOWED_TYPES (#23580) 2023-03-19 15:58:43 -04:00
Lunny Xiao
623a539f23
Move pidfile creation from setting to web cmd package (#23285)
Creating pid file should not belong to setting package and only web
command needs that. So this PR moves pidfile creation from setting
package to web command package to keep setting package more readable.

I marked this as `break` because the PIDFile path moved. For those who
have used the pid build argument, it has to be changed.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-16 15:22:54 +08:00
silverwind
202803fc69
Replace Less with CSS (#23481)
Ran most of the Less files through the Less compiler and Prettier and
then followed up with a round of manual fixes.

The Less compiler had unfortunately stripped all `//` style comments
that I had to restore (It did preserve `/* */` comments). Other fixes
include duplicate selector removal which were revealed after the
transpilation and which weren't caught by stylelint before but now are.

Fixes: https://github.com/go-gitea/gitea/issues/15565
2023-03-14 22:20:19 -04:00
Jordan Cech
69c9ab387f
Update app.example.ini (#23480) 2023-03-14 20:39:36 -04:00
John Olheiser
6e75739c5b
Push option bonus for PTC docs (#23473)
Follow-up for #23458 

I could have suggested this on the original PR, but I thought there
would be more to add. Hadn't noticed the push options docs already had
nearly the same shell command. 😅

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-03-14 19:12:27 +02:00
techknowlogick
991ab3b5ad
Lint Markdown pass 2023-03-14 12:53:02 -04:00
techknowlogick
db9bb3699a
Push to create docs (#23458)
This PR adds user friendly documentation on how to use push to create
feature
2023-03-14 11:37:11 -05:00
techknowlogick
0efa9d5649
fix markdown lint issue (#23457)
CI is failing with the following:
```
docs/content/doc/features/localization.zh-cn.md:16 MD022/blanks-around-headings/blanks-around-headers Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "# 本地化"]
docs/content/doc/features/localization.zh-cn.md:23 MD022/blanks-around-headings/blanks-around-headers Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "## 支持的语言"]
```

This fixes that error
2023-03-14 12:10:01 +08:00
LeenHawk
b942838bd4
Update localization.zh-cn.md (#23448)
As title.
2023-03-14 11:38:20 +08:00
KN4CK3R
c709fa17a7
Add Swift package registry (#22404)
This PR adds a [Swift](https://www.swift.org/) package registry.


![grafik](https://user-images.githubusercontent.com/1666336/211842523-07521cbd-8fb6-400f-820c-ee8048b05ae8.png)
2023-03-13 15:28:39 -05:00
Philip Peterson
757b4c17e9
Support reflogs (#22451)
This PR adds support for reflogs on all repositories. It does this by
adding a global configuration entry.

Implements #14865

---------

Signed-off-by: Philip Peterson <philip.c.peterson@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-13 15:51:07 +08:00
Brecht Van Lommel
a8e13e64da
Scoped label display and documentation tweaks (#23430)
* Fix scoped label left and right part breaking across lines.
* Remove slanted divider in scoped label display, make it straight.
After using this for a while, this feels more visually noisy than
helpful.
* Reduce contrast between scope and item to reduce probability of
unreadable text on background.
* Change documentation to remove mention of non-exclusive scoped labels.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-13 08:46:13 +08:00
sillyguodong
5155ec35c5
Parse external request id from request headers, and print it in access log (#22906)
Close: #22890.

---
### Configure in .ini file:
```ini
[log]
REQUEST_ID_HEADERS = X-Request-ID, X-Trace-Id
```

### Params in Request Header
```
X-Trace-ID: trace-id-1q2w3e4r
```

![image](https://user-images.githubusercontent.com/33891828/218665296-8fd19a0f-ada6-4236-8bdb-f99201c703e8.png)



### Log output:

![image](https://user-images.githubusercontent.com/33891828/218665225-cc242a57-4ffc-449a-a1f6-f45ded0ead60.png)
2023-03-10 09:54:32 -06:00
KN4CK3R
2173f14708
Add user webhooks (#21563)
Currently we can add webhooks for organizations but not for users. This
PR adds the latter. You can access it from the current users settings.


![grafik](https://user-images.githubusercontent.com/1666336/197391408-15dfdc23-b476-4d0c-82f7-9bc9b065988f.png)
2023-03-10 08:28:32 -06:00
InsanusMokrassar
92d3e2a6f8
Add gradle samples in maven doc of packages (#23374)
Samples for gitea.io docs to help to use maven packages with
gradle-oriented projects

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-09 22:14:59 -05:00
JonRB
84a299310d
Update documentation for the new YAML label file format (#23020)
update documentation to include an overview of the yaml label template that is part of PR #22976

Signed-off-by: Jon Roadley-Battin <jon.roadleybattin@gmail.com>

---------

Co-authored-by: Yarden Shoham <hrsi88@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-03-07 00:39:07 +01:00
Lunny Xiao
e0800133dc
Update hacking-on-gitea-zh_cn documentation (#23315)
This PR fix outdated hacking-on-gitea-zh_cn documentation.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-03-06 15:14:00 +08:00
wxiaoguang
21a1d76911
Improve the frontend guideline (#23298)
### The CustomEvent prefix

There was already `ce-quick-submit`, the `ce-` prefix seems better than
`us-`. Rename the only `us-` prefixed `us-load-context-popup` to `ce-`
prefixed.

### Styles and Attributes in Go HTML Template

https://github.com/go-gitea/gitea/pull/21855#issuecomment-1429643073

Suggest to stick to `class="c1 {{if $var}}c2{{end}}"`

The readability and maintainability should be applied to the code which
is read by developers, but not for the generated outputs.

The template code is the code for developers, while the generated HTML
are only for browsers.

The `class="c1 {{if $var}}c2{{end}}"` style is clearer for developers
and more intuitive, and the generated HTML also makes browsers happy (a
few spaces do not affect anything)

Think about a more complex case:

* `class="{{if $active}}active{{end}} menu item {{if $show}}show{{end}}
{{if $warn}}warn{{end}}"`
* --vs--
* `class="{{if $active}}active {{end}}menu item{{if $show}}
show{{end}}{{if $warn}} warn{{end}}"`

The first style make it clearer to see each CSS class name with its
`{{if}}` block.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-05 22:23:42 +08:00
Brecht Van Lommel
5d621fe9a7
Add basic documentation for labels, including scoped labels (#23304)
Part of #22974

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-03-05 20:35:12 +08:00
Lunny Xiao
8d6e9bc819
Re-add accidentally removed hacking-on-gitea.zh-cn.md (#23297)
#21627 accidentally removed the docs file `hacking-on-gitea.zh-cn.md`.
This re-adds it and merges some changes from #23289
2023-03-04 22:34:02 +01:00
wxiaoguang
0a9a3c2a6d
Improve frontend guideline (#23252)
If an event listener must be `async`, the `e.preventDefault()` should be
before any `await`,
it's recommended to put it at the beginning of the function.
2023-03-02 11:46:47 -05:00
Yarden Shoham
0e7bec1849
Add InsecureSkipVerify to Minio Client for Storage (#23166)
Allows using Minio with untrusted certificates

Closes #23128

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-02-27 16:26:13 +00:00
Yarden Shoham
8540fc45b1
Fix secrets overview page missing from docs sidebar (#23143)
There was a warning while building the docs: `Building sites … WARN
2023/02/25 08:56:37
"/workspace/gitea/docs/content/doc/secrets/overview.en-us.md:1:1":
duplicate menu entry with identifier "overview" in menu "sidebar"`.

### Before

![image](https://user-images.githubusercontent.com/20454870/221348741-55cef254-f2ac-4507-9a66-818b406c668f.png)

### After

![image](https://user-images.githubusercontent.com/20454870/221348757-42066303-e1b7-43fe-9c4f-e05182fbabdd.png)

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-02-25 10:56:02 +01:00
Sven
659cf30b69
Avoid Hugo from adding quote to actions url (#23097) 2023-02-23 12:19:52 -05:00
techknowlogick
dd7d6e3ad0
Nest metadata in refactoring docs (#23087)
Whitespace was missing from refactoring docs metadata.

backport label applied so it is included in versioned docs.
2023-02-23 16:25:18 +08:00
Joakim Pettersen
0ce79bb9f6
Improve reverse proxies documentation (#23068)
Add "Traefik with a sub-path" documentation

closes #23047

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-23 15:34:09 +08:00
zeripath
43405c35f0
Add Bash and Zsh completion scripts (#22646)
This PR adds contrib scripts for bash and zsh completion.

Simply call:

```bash
source contrib/autocompletion/bash_autocomplete
```

or for Zsh:

```bash
source contrib/autocompletion/zsh_autocomplete
```

Signed-off-by: Andrew Thornton <art27@cantab.net>

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-21 12:32:24 -05:00
wxiaoguang
e7be610d57
Improve frontend guidelines (#23007)
Some were out-dated, some are added.
2023-02-21 14:13:37 +08:00
wxiaoguang
6cb76bf1df
Add some guidelines for refactoring (#22880)
Just some brief ideas.

Feel free to complete these guidelines, feel free to edit on this PR
directly.
2023-02-19 21:25:23 +08:00
zeripath
61b89747ed
Provide the ability to set password hash algorithm parameters (#22942)
This PR refactors and improves the password hashing code within gitea
and makes it possible for server administrators to set the password
hashing parameters

In addition it takes the opportunity to adjust the settings for `pbkdf2`
in order to make the hashing a little stronger.

The majority of this work was inspired by PR #14751 and I would like to
thank @boppy for their work on this.

Thanks to @gusted for the suggestion to adjust the `pbkdf2` hashing
parameters.

Close #14751

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-19 15:35:20 +08:00
wxiaoguang
d32af84a10
Refactor hiding-methods, remove jQuery show/hide, remove .hide class, remove inline style=display:none (#22950)
Close #22847

This PR:

* introduce Gitea's own `showElem` and related functions
* remove jQuery show/hide
* remove .hide class
* remove inline style=display:none 

From now on:

do not use:
* "[hidden]" attribute: it's too weak, can not be applied to an element
with "display: flex"
* ".hidden" class: it has been polluted by Fomantic UI in many cases
* inline style="display: none": it's difficult to tweak
* jQuery's show/hide/toggle: it can not show/hide elements with
"display: xxx !important"

only use:
* this ".gt-hidden" class
* showElem/hideElem/toggleElem functions in "utils/dom.js"

cc: @silverwind , this is the all-in-one PR
2023-02-19 12:06:14 +08:00
zeripath
aa1d95300a
Add command to bulk set must-change-password (#22823)
As part of administration sometimes it is appropriate to forcibly tell
users to update their passwords.

This PR creates a new command `gitea admin user must-change-password`
which will set the `MustChangePassword` flag on the provided users.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-02-14 16:12:19 -06:00
Xinyu Zhou
b6d77229cf
docs: Update translation from-binary.zh-cn.md (#22820)
Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-13 13:14:51 +08:00
KN4CK3R
e8186f1c0f
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555

Test-Instructions:
https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000

This PR implements the mapping of user groups provided by OIDC providers
to orgs teams in Gitea. The main part is a refactoring of the existing
LDAP code to make it usable from different providers.

Refactorings:
- Moved the router auth code from module to service because of import
cycles
- Changed some model methods to take a `Context` parameter
- Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The
JSON mapping format is the same as for LDAP.


![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-08 14:44:42 +08:00
Peyton Duncan
3ae78bc0a9
Grammar fix (#22790)
Noticed a minor grammatical error.
2023-02-06 16:05:59 -06:00
John Olheiser
189d5b7045
Add repo adoption to FAQ (#22778)
This should be a simple set of steps to achieve
repo adoption.
2023-02-06 10:20:20 -06:00
John Olheiser
361d807274
Update gogs upgrade information (#22777)
It seems that migrating from Gogs `0.12.x` and above may require more
work as time goes on and the projects continue to diverge.

This PR updates the docs to make it more clear.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-06 14:37:18 +08:00
Adi
c13eb8e6b3
Add CLI option tenant ID for oauth2 source (#22769)
Fixes #22713
2023-02-05 22:12:13 -06:00
KN4CK3R
d987ac6bf1
Add Chef package registry (#22554)
This PR implements a [Chef registry](https://chef.io/) to manage
cookbooks. This package type was a bit complicated because Chef uses RSA
signed requests as authentication with the registry.


![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png)


![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 09:49:21 +08:00
KN4CK3R
df789d962b
Add Cargo package registry (#21888)
This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/)
to manage Rust packages. This package type was a little bit more
complicated because Cargo needs an additional Git repository to store
its package index.

Screenshots:

![grafik](https://user-images.githubusercontent.com/1666336/203102004-08d812ac-c066-4969-9bda-2fed818554eb.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102141-d9970f14-dca6-4174-b17a-50ba1bd79087.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102244-dc05743b-78b6-4d97-998e-ef76341a978f.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 18:12:31 +08:00
ByLCY
7baeb9c52a
Add new captcha: cloudflare turnstile (#22369)
Added a new captcha(cloudflare turnstile) and its corresponding
document. Cloudflare turnstile official instructions are here:
https://developers.cloudflare.com/turnstile

Signed-off-by: ByLCY <bylcy@bylcy.dev>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-05 15:29:03 +08:00
delvh
4d20a4a1ba
Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
Every user can already disable the filter manually, so the explicit
setting is absolutely useless and only complicates the logic.

Previously, there was also unexpected behavior when multiple query
parameters were present.

---------

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 21:26:38 +08:00
techknowlogick
2741546bed
Repositories: by default disable all units except code and pulls on forks (#22541)
Most of the time forks are used for contributing code only, so not
having
issues, projects, release and packages is a better default for such
cases.
They can still be enabled in the settings.

A new option `DEFAULT_FORK_REPO_UNITS` is added to configure the default
units on forks.

Also add missing `repo.packages` unit to documentation.

code by: @brechtvl

## ⚠️ BREAKING ⚠️ 

When forking a repository, the fork will now have issues, projects,
releases, packages and wiki disabled. These can be enabled in the
repository settings afterwards. To change back to the previous default
behavior, configure `DEFAULT_FORK_REPO_UNITS` to be the same value as
`DEFAULT_REPO_UNITS`.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-02-04 14:48:38 +08:00
Lunny Xiao
1410e13dc5
Add missed reverse proxy authentication documentation (#22250)
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-03 18:37:25 +08:00
KN4CK3R
6ba9ff7b48
Add Conda package registry (#22262)
This PR adds a [Conda](https://conda.io/) package registry.
2023-02-01 12:30:39 -06:00
KN4CK3R
5882e179a9
Add user secrets (#22191)
Fixes #22183
Replaces #22187

This PR adds secrets for users. I refactored the files for organizations
and repos to use the same logic and templates. I splitted the secrets
from deploy keys again and reverted the fix from #22187.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-01 20:53:04 +08:00
Ivan Maximov
519939fa8c
Fix typo in command-line.en-us.md (#22681)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-31 21:43:39 +00:00
Ivan Maximov
f518b42d4c
Fix typo in linked-references.en-us.md (#22682) 2023-01-31 21:43:27 +00:00
Ivan Maximov
66877aed54
Fix typo in guidelines-backend.en-us.md (#22690) 2023-01-31 21:43:12 +00:00
Ivan Maximov
706f4686b8
Fix typo in storage.en-us.md (#22694) 2023-01-31 22:42:41 +01:00
Jason Song
4011821c94
Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
KN4CK3R
51a92cb821
Use --index-url in PyPi description (#22620)
Fixes #22616

Co-authored-by: zeripath <art27@cantab.net>
2023-01-27 15:12:18 +01:00
techknowlogick
6737e1c5d5
gitlab supports ssh key signing (#22564) 2023-01-22 18:17:49 +08:00
Chongyi Zheng
de484e86bc
Support scoped access tokens (#20908)
This PR adds the support for scopes of access tokens, mimicking the
design of GitHub OAuth scopes.

The changes of the core logic are in `models/auth` that `AccessToken`
struct will have a `Scope` field. The normalized (no duplication of
scope), comma-separated scope string will be stored in `access_token`
table in the database.
In `services/auth`, the scope will be stored in context, which will be
used by `reqToken` middleware in API calls. Only OAuth2 tokens will have
granular token scopes, while others like BasicAuth will default to scope
`all`.
A large amount of work happens in `routers/api/v1/api.go` and the
corresponding `tests/integration` tests, that is adding necessary scopes
to each of the API calls as they fit.


- [x] Add `Scope` field to `AccessToken`
- [x] Add access control to all API endpoints
- [x] Update frontend & backend for when creating tokens
- [x] Add a database migration for `scope` column (enable 'all' access
to past tokens)

I'm aiming to complete it before Gitea 1.19 release.

Fixes #4300
2023-01-17 15:46:03 -06:00
John Olheiser
60c4725cc2
docs: add swagger.json file location to FAQ (#22489)
This just adds a mention on how to get the `swagger.json` for an
instance.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-17 14:18:42 -06:00
Bradley D. Thornton
1aba53db62
Update overview.en-us.md (#22463)
Fix grammar
2023-01-16 16:24:24 -06:00
zeripath
2cc3a6381c
Add cron method to gc LFS MetaObjects (#22385)
This PR adds a task to the cron service to allow garbage collection of
LFS meta objects. As repositories may have a large number of
LFSMetaObjects, an updated column is added to this table and it is used
to perform a generational GC to attempt to reduce the amount of work.
(There may need to be a bit more work here but this is probably enough
for the moment.)

Fix #7045

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-01-16 13:50:53 -06:00
KN4CK3R
fc037b4b82
Add support for incoming emails (#22056)
closes #13585
fixes #9067
fixes #2386
ref #6226
ref #6219
fixes #745

This PR adds support to process incoming emails to perform actions.
Currently I added handling of replies and unsubscribing from
issues/pulls. In contrast to #13585 the IMAP IDLE command is used
instead of polling which results (in my opinion 😉) in cleaner code.

Procedure:
- When sending an issue/pull reply email, a token is generated which is
present in the Reply-To and References header.
- IMAP IDLE waits until a new email arrives
- The token tells which action should be performed

A possible signature and/or reply gets stripped from the content.

I added a new service to the drone pipeline to test the receiving of
incoming mails. If we keep this in, we may test our outgoing emails too
in future.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-14 23:57:10 +08:00
Sascha Bannier
20e3ffd208
Fix stylesheet HTML snippet for external renderers documentation (#22435)
The documentation is missing the rel attribute. Neither Firefox nor
Chrome did use the linked file as CSS if rel="stylesheet" is not set.

The problem is described in issue #22434.

Co-authored-by: silverwind <me@silverwind.io>
2023-01-13 23:25:15 +00:00
delvh
70043da3dd
Fix typo (#22396)
DEFAUlT -> DEFAULT
2023-01-10 22:00:42 +01:00
Kyle D
f0159c3e8a
Add deprecated warning for DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR (#22318) 2023-01-03 07:54:27 +08:00
James Liu
e61ce934bc
Update Gmail mailer configuration (#22291)
This PR updates the `[mailer]` configuration snippet for Gmail:

- The `HELO_HOSTNAME` isn't required.
- The `USER` must not include the @gmail domain.
- `HOST` needs to be supplied, and the SMTP port number needs to be
appended to the URL.

I also added a note about the requirement to use App passwords instead
of your Google account password directly.

Co-authored-by: delvh <dev.lh@web.de>
2023-01-02 10:52:36 +08:00
JonRB
cf07f247b7
Add Gentoo to the from package providers (#22284)
Signed-off-by: Jonathan Roadley-Battin <jon.roadleybattin@gmail.com>
2022-12-30 11:14:51 -06:00
Xinyu Zhou
7cc7db73b9
Add option to prohibit fork if user reached maximum limit of repositories (#21848)
If user has reached the maximum limit of repositories:

- Before
  - disallow create
  - allow fork without limit
- This patch:
  - disallow create
  - disallow fork
- Add option `ALLOW_FORK_WITHOUT_MAXIMUM_LIMIT` (Default **true**) :
enable this allow user fork repositories without maximum number limit

fixed https://github.com/go-gitea/gitea/issues/21847

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
2022-12-27 15:21:14 -06:00
Christian Ullrich
d0c3d0ba26
Add the 'ui.user' section to the cheat sheet (#22249)
The `ui.user` ini section with its single setting is not yet mentioned
in the config cheat sheet.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-27 09:38:15 -06:00
Jason Song
814b44aeaf
Fix typo of Asia/Shanghai (#22242)
As the title.
2022-12-26 16:50:58 +08:00
Dan Church
70d15e7785
Fix misc whitespace issues in install docs (#22189)
I ran into issues when copy-pasting the docker-compose.yml contents from
https://docs.gitea.io/en-us/install-with-docker/ - specifically the part
about adding PostgreSQL to the YAML file; I tried manually adding the
diffs by removing the `+` at the beginning of lines, and the resulting
YAML was unparsable.

This forces the indentation to be consistent across all places where
YAML is used.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-12-20 17:26:03 -05:00
Jason Song
659055138b
Secrets storage with SecretKey encrypted (#22142)
Fork of #14483, but [gave up
MasterKey](https://github.com/go-gitea/gitea/pull/14483#issuecomment-1350728557),
and fixed some problems.

Close #12065.
Needed by #13539.

Featrues:
- Secrets for repo and org, not user yet.
- Use SecretKey to encrypte/encrypt secrets.
- Trim spaces of secret value.
- Add a new locale ini block, to make it easy to support secrets for
user.

Snapshots:

Repo level secrets:

![image](https://user-images.githubusercontent.com/9418365/207823319-b8a4903f-38ca-4af7-9d05-336a5af906f3.png)

Rrg level secrets

![image](https://user-images.githubusercontent.com/9418365/207823371-8bd02e93-1928-40d1-8c76-f48b255ace36.png)

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-12-20 17:07:13 +08:00
zeripath
d6b96627c1
Add setting to disable the git apply step in test patch (#22130)
For a long time Gitea has tested PR patches using a git apply --check
method, and in fact prior to the introduction of a read-tree assisted
three-way merge in #18004, this was the only way of checking patches.

Since #18004, the git apply --check method has been a fallback method,
only used when the read-tree three-way merge method has detected a
conflict. The read-tree assisted three-way merge method is much faster
and less resource intensive method of detecting conflicts. #18004 kept
the git apply method around because it was thought possible that this
fallback might be able to rectify conflicts that the read-tree three-way
merge detected. I am not certain if this could ever be the case.

Given the uncertainty here and the now relative stability of the
read-tree method - this PR makes using this fallback optional and
disables it by default. The hope is that users will not notice any
significant difference in conflict detection and we will be able to
remove the git apply fallback in future, and/or improve the read-tree
three-way merge method to catch any conflicts that git apply method
might have been able to fix.

An additional benefit is that patch checking should be significantly
less resource intensive and much quicker.

(See
https://github.com/go-gitea/gitea/issues/22083\#issuecomment-1347961737)

Ref #22083

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-12-19 19:37:15 +08:00
Yakov5776
5aa854693f
Fix markdown typo of an extra backtick in docs (#22123)
Fixes a visual bug in docs which is caused by a typo of an extra backtick.
2022-12-13 18:20:36 -06:00
Lunny Xiao
c9ef03af65
Fix wrong default value for update checker on app.example.ini (#22084) 2022-12-11 16:08:01 -06:00
Jason Song
0a85537c79
Support disabling database auto migration (#22053)
Gitea will migrate the database model version automatically, but it
should be able to be disabled and keep Gitea shutdown if the version is
not matched.
2022-12-07 09:58:31 -06:00
xtexChooser
21bcb92926
Add pnpm to packages/overview (#22008)
[`pnpm`](https://pnpm.io/) is a "fast, disk space efficient" node
package manager.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-12-02 11:23:47 -05:00
luzpaz
fdfd77f478
Fix typos (#21979)
Found via codespell
2022-11-29 18:41:29 -06:00
zeripath
f6fd501841
Correct the fallbacks for mailer configuration (#21945)
Unfortunately the fallback configuration code for [mailer] that were
added in #18982 are incorrect. When you read a value from an ini section
that key is added. This leads to a failure of the fallback mechanism.
Further there is also a spelling mistake in the startTLS configuration.

This PR restructures the mailer code to first map the deprecated
settings on to the new ones - and then use ini.MapTo to map those on to
the struct with additional validation as necessary.

Ref #21744

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-11-27 10:08:40 +00:00
KN4CK3R
7a4f7b35e3
Fix typo in sidebar (#21934)
Same as #21922 
I used the npm file as template which was a bad idea to spot these
casing errors...
2022-11-25 17:52:23 +08:00
KN4CK3R
b2269dedf2
Fix typo in sidebar (#21922) 2022-11-24 18:31:32 +08:00
Xinyu Zhou
a3c09fb36d
Improve docker rootless documentation (#21913)
Emphasize folder creation/permission granting

Signed-off-by: Xinyu Zhou <i@sourcehut.net>

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-11-23 13:01:38 -05:00
Xinyu Zhou
68e934ab5d
Add option to enable CAPTCHA validation for login (#21638)
Enable this to require captcha validation for user login. You also must
enable `ENABLE_CAPTCHA`.

Summary:
- Consolidate CAPTCHA template
- add CAPTCHA handle and context
- add `REQUIRE_CAPTCHA_FOR_LOGIN` config and docs
- Consolidate CAPTCHA set-up and verification code 

Partially resolved #6049 

Signed-off-by: Xinyu Zhou <i@sourcehut.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-11-22 21:13:18 +00:00