1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-10-29 08:17:31 -04:00
Commit Graph

235 Commits

Author SHA1 Message Date
Bo-Yi Wu
24b5a384d2
chore(security): Support Go Vulnerability Management (#21139)
See https://go.dev/security/vuln/

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2022-09-11 15:02:18 +08:00
silverwind
b5d21c0adf
Generate go-licenses during tidy again (#21108)
We can not have the `frontend` target depend on golang because of they
way drone is set up. Move the `go-licenses` generation back into `tidy`
where it will now also be checked for consistency during `tidy-check`.

(I assume all `main` branch builds should currently fail [like
this](https://drone.gitea.io/go-gitea/gitea/60244/1/11)).

The reasony why it shouldn't be treated the same as for example `go
generate` is because output files are checked in. tidy is imho the
optimal target to run this after.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-09-09 11:33:01 -04:00
silverwind
52c2ef7902
Rewrite go license generator in go (#21078)
This removes the JS dependency in the checks pipeline. JSON output is
different because the previous JS did indent the license data
differently and a JSON key was changed, but the end result is the same
as it gets re-indented by wepack.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-09-07 17:35:54 -04:00
Kyle D
6361b48b21
Bump playwright test image to match version in package.json (#21097)
Bump the playwright test image to match version in package.json (so it
doesn't re-download browsers setup)
2022-09-07 00:00:34 +01:00
silverwind
7f6306ccd1
Add missing volume to test-e2e (#21079)
Without it, the deps-backend step before is useless as `go test` will not see the files in GOPATH and re-download them.
2022-09-05 17:35:46 -04:00
silverwind
49efd1fb96
Add go licenses to licenses.txt (#21034)
`make go-licenses` will generate `assets/go-licenses.json` which is then included in the webpack build. 

This step depends on both go and node being present, so unfortunately, I could not automate the generation by hooking it up to `tidy` as that target is triggered on CI where we do not have a docker image with both go an node.

It should be ran from time to time, ideally after each go mod update.
2022-09-04 00:20:46 +02:00
Kyle D
c8ded77680
Kd/ci playwright go test (#20123)
* Add initial playwright config

* Simplify Makefile

* Simplify Makefile

* Use correct config files

* Update playwright settings

* Fix package-lock file

* Don't use test logger for e2e tests

* fix frontend lint

* Allow passing TEST_LOGGER variable

* Init postgres database

* use standard gitea env variables

* Update playwright

* update drone

* Move empty env var to commands

* Cleanup

* Move integrations to subfolder

* tests integrations to tests integraton

* Run e2e tests with go test

* Fix linting

* install CI deps

* Add files to ESlint

* Fix drone typo

* Don't log to console in CI

* Use go test http server

* Add build step before tests

* Move shared init function to common package

* fix drone

* Clean up tests

* Fix linting

* Better mocking for page + version string

* Cleanup test generation

* Remove dependency on gitea binary

* Fix linting

* add initial support for running specific tests

* Add ACCEPT_VISUAL variable

* don't require git-lfs

* Add initial documentation

* Review feedback

* Add logged in session test

* Attempt fixing drone race

* Cleanup and bump version

* Bump deps

* Review feedback

* simplify installation

* Fix ci

* Update install docs
2022-09-02 15:18:23 -04:00
techknowlogick
be824890e4
Switch to building with go1.19 (#20695) 2022-08-07 12:25:03 -04:00
silverwind
aec6b30e2a
Unbreak release pipeline (#20356)
Downgrade release pipeline to node 16 until xgo updates its base OS to a
version with a compatible glibc.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-14 16:09:26 +08:00
silverwind
9cd1f38f70
Upgrade to Node 18 on CI (#20340)
* Upgrade to Node 18 on CI

Should be pretty stable now.

* restart ci

Co-authored-by: 6543 <6543@obermui.de>
2022-07-13 11:45:08 -04:00
wxiaoguang
5f618248a9
Use Golang 1.18 for Gitea 1.17 release (#19918)
Use Golang 1.18 (as minimal requirement) for Gitea 1.17 release, make sure the Golang version is still actively supported during Gitea 1.17 lifecycle.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-06-10 05:34:41 +02:00
Lunny Xiao
48be5e77e5
Increment tests time out from 40m to 50m because sometimes the machine is slow (#19887) 2022-06-05 12:24:51 +08:00
techknowlogick
cab3a8b59d
Set safe dir for git operations in .drone.yml CI (#19641)
Our drone by necessity runs on git repositories not owned by the drone process. Unfortunately this means that git operations and thence CI builds will fail without the `safe.directory` option being set. 

See: https://drone.gitea.io/go-gitea/gitea/54632/2/8
2022-05-06 18:25:18 +01:00
Lunny Xiao
54961f3ac9
Use goproxy.io instead of goproxy.cn (#19242) 2022-03-28 20:01:07 +03:00
techknowlogick
ed1d95c55d
use go1.18 to build gitea (#19099)
* use go1.18 to build gitea& update min go version to 1.17

* bump in a few more places

* add a few simple tests for isipprivate

* update go.mod

* update URL to https://go.dev/dl/

* golangci-lint

* attempt golangci-lint workaround

* change version

* bump fumpt version

* skip strings.title test

* go mod tidy

* update tests as some aren't private??

* update tests
2022-03-16 00:08:31 -04:00
silverwind
fe9626af29
Use go run for tool dependencies, require go 1.17 (#18874)
This ensures the tools only run in the versions we've tested and it also
does not polute PATH with those tools so they are truly isolated. This
syntax of `go run` requires go 1.17, so the minimum version is set
accordingly.

Fixes: https://github.com/go-gitea/gitea/issues/18867

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-03-15 22:50:26 -04:00
6543
e800bc0cf4
allow overwrite artifacts for github releases (#18987) 2022-03-03 15:28:41 +01:00
silverwind
2ddff74a54
Reduce CI go module downloads, add make targets (#18708)
The CI currently downloads all go modules in each pipeline step because
go modules reside outside the project directory. Fix this by introducing
a volume for the `/go` directory [1] so modules are only downloaded once per
pipeline using a new `deps-backend` make target.

For completeness, I also included new `deps` and `deps-frontend` targets
and the frontend one is also triggered explicitly on CI where needed.

[1] https://docs.drone.io/pipeline/kubernetes/examples/language/golang/#dependencies
2022-02-12 07:08:53 +00:00
zeripath
9f9ca0aae4
Fix pushing to 1-x-dev docker tag (#18578)
* Fix pushing to 1-x-dev docker tag

It appears that #18551 and #18573 have a mistake in that raymond does not have
an {{else}} on {{#equal}}. This PR notes that Sprig has a hasPrefix function
and so we use this with another if.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix pushing to 1-x-dev docker tag (part 2)

Although we now have the manifest working, we need to create the images.

Here we adjust the .drone.yml to force building of the images

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix pushing to 1-x-dev docker tag

OK now we have the images building we should make sure that the main ones stays
dev and the release/v* ones become *-dev-*

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review
2022-02-03 22:44:51 +01:00
zeripath
bc77b28d9d
Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551)
* Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch

One of the problems with our current docker tagging is that although we
have strict version tags, latest and dev we do not have a way for docker
users to track the current release branch. This PR simply suggests that
we use the 1.x-dev tag for these and we build and push these. This will
give users who want or need unreleased bug fixes the option of tracking
the pre-release version instead of simply jumping to dev.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-03 09:47:27 +01:00
techknowlogick
115e4772cc
point to s3 endpoint directly (#18497)
Co-authored-by: 6543 <6543@obermui.de>
2022-01-31 17:39:39 -05:00
techknowlogick
b2250d2fb3
upload to github & s3 at same time (#18475) 2022-01-30 17:40:44 -05:00
6543
246902cd63
use next gen codecov uploader (#18443) 2022-01-30 03:21:15 +01:00
techknowlogick
84145e45c5
Remove golang vendored directory (#18277)
* rm go vendor

* fix drone yaml

* add to gitignore
2022-01-14 18:16:05 -05:00
techknowlogick
b24a965b81
no need for docker image mirror (#18031)
Co-authored-by: zeripath <art27@cantab.net>
2021-12-19 16:53:15 -05:00
techknowlogick
6255ff8c6b
update xgo to use 1.17 (#17915) 2021-12-05 19:48:38 -05:00
wxiaoguang
e4b95de388
Prepare and check test env during CI (#17725)
This PR should resolve the permission problems during CI, if the uid doesn't match, a more clear message is shown.

*  CI fails with unknown permission problems #17710

The new drone step dependencies:

(root)prepare-test-env -> (gitea)build -> (gitea)test
2021-11-19 13:58:34 +08:00
techknowlogick
f0bd1e9896
Add protection to disable Gitea when run as root (#17168)
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-07 10:52:08 +02:00
6543
70d8d64cb8
CI: migrate from 'plugins/s3:1' to 'woodpeckerci/plugin-s3:latest' (#17234)
- this fixes the CI release upload issues, as the docker image for this is freshly built (unlike the mostly unmaintained "official" drone plugins), thus containing current CA certs needed for letsencrypt since 2021-09-31.
- woodpecker is a drone-ci fork maintained partially by @6543. it's API compatible with current drone plugins afaik
2021-10-06 13:58:11 +02:00
6543
7815f244d6
CI: rm unit-test-race step since its now coverd by unit-test too (#16856)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-29 09:42:56 +08:00
Mura Li
b60e814055
Enable race detector for CI (#1441)
* Enable race detector by default

Set RACE_ENABLED=0 to disable it when release

* Disable race detector for release builds

* use `true`

* fix

* debug issue

* fix

* verbose

* clean

* Fix wrong merge

* Fix coverage merge

Co-authored-by: Mura Li <typeless@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-26 16:50:04 +08:00
techknowlogick
274aeb3a9e
build with go1.17 (#16707)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-08-17 08:31:28 -04:00
zeripath
806aa870cb
Switch back to node 16 (#16624)
Now that node 16.6.1 is out we can (if desired) switch back to node 16.

This PR proposes changing drone to run node:16

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-08-05 01:46:19 +02:00
zeripath
35735bbef9
Upgrade to golang-jwt 3.2.2 (#16590)
* Upgrade to golang-jwt 3.2.2

Upgrade to the latest version of golang-jwt

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Forcibly replace the 3.2.1 version of golang-jwt/jwt and increase minimum Go version

Using go.mod we can forcibly replace the 3.2.1 version used by goth to 3.2.2.

Further given golang-jwt/jwts stated policy of only supporting supported go versions
we should just raise our minimal version of go to 1.16 for 1.16 as by time of release
1.15 will be out of support.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update minimal go required

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update config.yaml

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-08-03 14:32:01 -04:00
6543
24366eddec
[CI] Use node v14 instead of node v16 untill it will pass again (#16595)
* for CI release: use node 14 (lts) to build until 16 do fail

* all in for node v14.x
2021-08-02 03:47:29 +02:00
zeripath
e3b6526922
Use node:16.5 for frontend instead of node:16 (#16591)
* Disable frontend testing

Jest does not appear to work on the latest node 16.6.0 and fails with an inscrutable
message.

I have been unable to work out what the problem is. This PR simply disables the
test-frontend part in the makefile.

Another alternative would be to drop node to node 14 - which is the LTS for node.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* actually just tell on 16.5 instead

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use node 16.5 instead of 16

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-08-01 17:33:02 +03:00
6543
4b512abf5b
CI: Add unit-test-race (#16470) 2021-07-17 22:46:20 +02:00
techknowlogick
7b31aae414
revert to use alpine 3.13 (#16451)
Co-authored-by: zeripath <art27@cantab.net>
2021-07-16 09:54:39 +08:00
techknowlogick
e180456983
Change docker tag logic (#16421)
* Change docker logic

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>

* docs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2021-07-14 18:08:43 +01:00
6543
5b1d0a7701
Replace plugins/docker with techknowlogick/drone-dockerin ci (#16407)
* plugins/docker -> techknowlogick/drone-docker

* It is multi-arch
2021-07-12 15:20:44 -04:00
techknowlogick
061a8e7bb9
Alpine 3.14 released (#16170)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-07-07 15:43:00 -04:00
techknowlogick
d4ae87ea32
Run compliance on amd64 infra (#16232)
* Run compliance on amd64 infra

* Update .drone.yml
2021-06-23 01:36:27 -04:00
Patrick Schratz
d957a1569a
Bump postgres and mysql versions (#15710)
* bump postgres and mysql DB versions

* posgres test against v10

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-21 18:11:48 -04:00
silverwind
9b7d692e9e
Use node 16 on release tasks too (#15936)
Forgot these in https://github.com/go-gitea/gitea/pull/15804.
2021-05-20 16:37:20 -04:00
silverwind
9545c345a8
Update JS dependencies, use Node 16 (#15804)
- Update all JS dependencies to latest version
- Use Node 16 on CI
- Add new lint rules
- Add some gitignore entries for debug files

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-13 11:12:36 -04:00
techknowlogick
ffbd0fef06
change s3 bucket name (#15847) 2021-05-12 15:08:33 -04:00
techknowlogick
2dc3e4edc8
point appleboy/drone-git-push to use updated primary branch 2021-05-10 20:27:56 -04:00
techknowlogick
ab77a24f18
update branch in CI and docs (#15631) 2021-05-04 12:16:23 -04:00
silverwind
0991f9aa42
Stop packaging node_modules in release tarballs (#15273)
- Don't package node_modules in tarballs, they are not cross-platform
  anymore and npm cache should not be messed with directly. Instead,
  require an internet connection to rebuild the UI, which is not necessary
  in the general use case because prebuilt UI files are shipped in the
  public directory.
- Simplify the fomantic build and make the target phony. We don't need
  anything more for something that is rarely ran.
- Use regular tar again to build tarballs and add variable for excludes
- Disable annoying npm update notifications

Fixes: https://github.com/go-gitea/gitea/pull/14578
Fixes: https://github.com/go-gitea/gitea/pull/15256
Fixes: https://github.com/go-gitea/gitea/pull/15262

Co-authored-by: 6543 <6543@obermui.de>
2021-04-09 01:08:14 -04:00
silverwind
0d1a5e0ffc
Add frontend testing, require node 12 (#15315)
- Add basic frontend unit testing infrastructure using jest in ESM mode
- Rename 'make test' to 'make test-backend'
- Introduce 'make test-frontend' and 'make test' that runs both
- Bump Node.js requirement to v12. v10 will be EOL in less than a month.
- Convert all build-related JS files to ESM.

I opted to run frontend tests run as part of the compliance pipeline because
they complete fast and are not platform-specific like the golang tests.
2021-04-08 12:41:57 +02:00