This PR fixes#7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Prevent deadlock in indexer initialisation during graceful restart
* Move from gracehttp to our own service to add graceful ssh
* Add timeout for start of indexers and make hammer time configurable
* Fix issue with re-initialization in indexer during tests
* move the code to detect use of closed to graceful
* Handle logs gracefully - add a pid suffix just before restart
* Move to using a cond and a holder for indexers
* use time.Since
* Add some comments and attribution
* update modules.txt
* Use zero to disable timeout
* Move RestartProcess to its own file
* Add cleanup routine
* Recalculate repository access only for specific user
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Handle user repositories as well, and only add access if minimum mode
* Need to get repo owner to check if organization
* Ensure .ssh dir exists before rewriting public keys
* Ensure .ssh dir exists before appending to authorized_keys
* Log the error because it would be useful to know where it is trying to MkdirAll
* Only try to create RootPath if it's not empty
* Change tests to make it possible to run TestGit with 1.7.2
* Make merge run on 1.7.2
* Fix tracking and staging branch name problem
* Ensure that git 1.7.2 works on tests
* ensure that there is no chance for conflicts
* Fix-up missing merge issues
* Final rm
* Ensure LFS filters run on the tests
* Do not sign commits from temp repo
* Restore tracking fetch change
* Apply suggestions from code review
* Update modules/repofiles/temp_repo.go
* Draft for ResolveMentionsByVisibility()
* Correct typo
* Resolve teams instead of orgs for mentions
* Create test for ResolveMentionsByVisibility
* Fix check for individual users and doer
* Test and fix team mentions
* Run all mentions through visibility filter
* Fix error check
* Simplify code, fix doer included in teams
* Simplify team id list build
* fix issues/pr list broken when there are many repositories
* remove unused codes
* fix counting error on issues/prs
* keep the old logic
* fix panic
* fix tests
* fix milestone num_issues
* update missing completeness
* only update milestone closed number when closed issue is assigned a new milestone or clear milestone
* fix tests
* fix update milestone num
* fix completeness calculate
* make completeness calucation more clear
* Add API for Repo Advanced Settings of wiki and issue tracker
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add some integration tests for tracker and wiki settings through API
* Should return StatusUnprocessableEntity in case of invalid API values.
* Add tests for invalid URLs for external tracker and wiki.
* Do not set inital values if they are default of type
* Make issue tracker and wiki units separate structures in Repository API structure.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix comment of structures
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Rewrite API to use struct for setting tracker and wiki settings.
* LetOnlyContributorsTrackTime -> AllowOnlyContributorsToTrackTime
* Api endpoint for searching teams.
Signed-off-by: dasv <david.svantesson@qrtech.se>
* Move API to /orgs/:org/teams/search
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Regenerate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix search is Get
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add test for search team API.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Update routers/api/v1/org/team.go
grammar
Co-Authored-By: Richard Mahn <richmahn@users.noreply.github.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix some issues in repo collaboration team search, after changes in this PR.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove teamUser which is not used and replace with actual user id.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Remove unused search variable UserIsAdmin.
* Add paging to team search.
* Re-genereate swagger
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix review comments
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fix
* Regenerate swagger
* Use correct index when fetching commit status
Signed-off-by: Elias Norberg <elias@aisle.se>
* Compare against base repo to avoid mismatch when merging from fork
Signed-off-by: Elias Norberg <elias@aisle.se>
* extract actions on new pull request from models to pulls service
* improve code
* move code.gitea.io/gitea/modules/pull to code.gitea.io/gitea/services/pull
* fix fmt
* Rename pulls.go to pull.go
* Always return local url for users avatar
Avoids having to wait for DNS lookups when libravatar is activated
fixing #6046
* Avoid double slash in avatar link
* Move avatar route to the correct place
* Test more reserved usernames
* Add more reserved usernames, sort them
* Reserve "attachments" username (is a used route)
* It's "avatars" being reserved, not "avatar"
* move all mail related codes from models to modules/mailer
* fix lint
* use DBContext instead Engine
* use WithContext not WithEngine
* Use DBContext instead of Engine
* don't use defer when sess.Close()
* move DBContext to context.go and add some methods
* move mailer from modules/ to services
* fix lint
* fix tests
* fix fmt
* add gitea copyright
* fix tests
* don't expose db functions
* make code clear
* add DefaultDBContext
* fix build
* fix bug
* Add teams to repo on collaboration page.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add option for repository admins to change teams access to repo.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add comment for functions
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make RepoAdminChangeTeamAccess default false in xorm and make it default checked in template instead.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Make proper language strings and fix error redirection.
* Add unit tests for adding and deleting team from repository.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Add database migration
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix redirect
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Fix locale string mismatch.
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Move team access mode text logic to template.
* Move collaborator access mode text logic to template.