Simon Ser
45812720f3
gitsrht-update-hook: always enable secrets when submitting builds
...
Ensure secrets are enabled for all builds. This disables the
auto-detection done by default by builds.sr.ht when the secrets arg
is left unspecified.
While at it, remove the unbound $execute variable.
2024-02-15 13:36:31 +01:00
Simon Ser
2da016a3d3
Add support for [objects]s3-insecure
2024-01-24 12:51:32 +01:00
Simon Ser
3f02d409c2
Upgrade core-go
2024-01-24 12:06:52 +01:00
Simon Ser
408f23a5b2
Drop gqlparser v1 dependency
2024-01-17 13:47:52 +01:00
Drew DeVault
26809b6b5b
Add more missing database close calls
2024-01-17 10:42:14 +01:00
Simon Ser
81e2e8471b
Drop go.mod files in subdirectories
...
Only use a single top-level go.mod.
2023-12-04 12:13:23 +01:00
Simon Ser
5610eb6e5c
gitsrht-update-hook: drop trivial getters
...
Individual fields can be accessed directly.
2023-12-04 12:13:22 +01:00
Thorben Günther
fb1f3a947c
gitsrht-update-hook: Remove doubled context import
2023-12-04 11:06:12 +01:00
Thorben Günther
86dbd617ee
gitsrht-update-hook: Remove unused function
2023-12-04 11:06:12 +01:00
Thorben Günther
7325a149a0
gitsrht-update-hook: Don't exit on build submission failure
...
Right now the postUpdate function exits early when it fails to submit
the build manifests. This prevents the function from other tasks like
delivering webhooks.
2023-11-17 14:38:57 +01:00
Thorben Günther
59efc97987
gitsrht-update-hook: Submit builds under the pusher's account
...
If you give a user read/write access to a repository, in theory he would
be able to leak the repo owner's secrets by adding them to the build
manifest. Instead submit the build under the account of the one who
initiated the push.
2023-10-24 13:26:21 +02:00
Simon Ser
a99fda3715
gitsrht-update-hook: drop BuildSubmitter interface
...
This is unused.
2023-08-16 11:50:26 +02:00
Simon Ser
da71f500a9
gitsrht-update-hook: set GIT_REF environment variable
...
This is useful to terminate the build early unless it was started
from a specific branch.
2023-08-16 11:18:29 +02:00
Adnan Maolood
a8ae4727f2
gitsrht-update-hook: Use repository visbility for builds
2023-04-19 09:06:47 +02:00
Simon Ser
163edba401
gitsrht-update-hook: include branch name in job tags
...
This allows having a per-branch filter for build jobs. Use-cases
include a build badge which only displays status for the default
branch, or a getting the latest build artifacts only for the
default branch.
2022-04-08 14:09:07 +02:00
Adnan Maolood
ad42bf4448
gitsrht: Store visibility as enum instead of varchar
...
Add a 'visibility' enum type to the database and use it for the
repository.visibility column.
This required changes to scm.sr.ht code. Instead of updating scm.sr.ht,
most of the scm.sr.ht code that git.sr.ht uses was moved to git.sr.ht.
2022-03-14 09:59:12 +01:00
Adnan Maolood
26f3346fff
gitsrht-update-hook: Use owner username instead of pusher username
...
Use the owner username to authenticate to the GraphQL API instead of the
pusher username.
Fixes: https://todo.sr.ht/~sircmpwn/git.sr.ht/362
2022-02-21 11:25:13 +01:00
Adnan Maolood
d0c8853244
gitsrht-update-hook/post-update: Always execute updateRepository
...
Always execute the updateRepository GraphQL mutation so that the
repository updated timestamp will be set.
2022-02-15 13:12:07 +01:00
Adnan Maolood
902c41aa31
gitsrht-update-hook: Only update repo when necessary
...
Only update repository information when a new description or visibility
is specified in the push options. This prevents an extraneous
REPO_UPDATE event from being triggered on every push.
Also remove the updateVisibility function, as this is taken care of by
the GraphQL API.
2022-02-14 15:42:10 +01:00
Adnan Maolood
8cc65ff876
gitsrht-update-hook: Use GraphQL for repository updates
...
Use GraphQL to update repository information so that user webhooks are
delivered.
The notice for autocreated repositories has been updated to reflect that
autocreated repositories are no longer deleted automatically.
2022-02-14 15:42:09 +01:00
Adnan Maolood
ea08854593
gitsrht-update-hook: go fmt
2022-02-14 15:42:09 +01:00
Adnan Maolood
91f92f2eac
gitsrht-{shell,update-hook}: Support SRHT_CONFIG variable
...
Attempt to load the configuration file from the path specified in the
SRHT_CONFIG environment variable. If that fails, fallback to
/etc/sr.ht/config.ini.
2022-02-14 15:42:09 +01:00
наб
94786a1ec9
gitsrht-update-hook: only print "skip-ci => not submitting" message once
...
Instead of for every pushed ref with submittable manifests
2021-12-15 11:34:41 +01:00
Julien Moutinho
34326ace88
gitsrht-update-hook: update go.{mod,sum} for go-redis
2021-12-08 11:58:10 +01:00
Julien Moutinho
5a74fbcf42
gitsrht-update-hook: update go-redis to support Unix sockets
2021-12-08 11:58:09 +01:00
Simon Ser
4bddca82e9
gitsrht-update-hook: fix logger formatting
...
- Some Println calls were using format strings
- Some Printf calls were used without a format string
- %e is not valid, use %v instead
2021-11-05 10:33:01 +01:00
Bor Grošelj Simić
94489852d6
gitsrht-update-hook: update fnmatch upstream location
2021-10-25 08:48:19 +02:00
Drew DeVault
c270776e0e
gitsrht-update-hook: handle 402 from builds.sr.ht
2021-04-22 07:37:53 -04:00
Drew DeVault
41b9b5e610
update-hook: remove shell: true from manifests
2021-04-07 08:03:47 -04:00
наб
cde2f4791c
Revert "Ensure all pushed refs are UTF-8, lest the webapp 500 on reading the repo"
...
This reverts commit 424b962d84
.
2021-02-26 08:01:05 -05:00
Drew DeVault
a76ff9c1cc
gitsrht-update-hook: add oauth key
2021-02-18 11:37:18 -05:00
Alexey Yerin
05dfb95664
Export BUILD_SUBMITTER=git.sr.ht
2021-02-02 10:21:24 -05:00
Drew DeVault
69a51420aa
gitsrht-update-hook: update internal auth structure
2021-01-25 09:34:05 -05:00
Drew DeVault
8e957371a3
gitsrht-update-hook: update core-go
2020-10-05 13:36:55 -04:00
Thorben Günther
16c6314a93
Fix maximum number of concurrent builds.
2020-10-02 15:38:35 -04:00
наб
5dae4f3359
Warn when we'd submit duplicate-basename manifest
2020-09-14 12:36:56 -04:00
Drew DeVault
0c45d64b6b
Always use internal auth for build submit
2020-09-10 10:57:09 -04:00
Drew DeVault
2ce254f94f
Take basename of submitted build manifests
2020-09-07 11:09:55 -04:00
наб
bdef2bc8fc
Allow specifying -o submit='fnmatch/*.pattern,another' to build alternate manifests
...
Defaults to ".build.yml,.builds/*.yml"
Ref: ~sircmpwn/git.sr.ht#316
2020-09-07 10:19:53 -04:00
Drew DeVault
6ae1c92c1d
stage-3: fix nil dereference
2020-08-31 10:26:42 -04:00
Drew DeVault
657601b858
update-hook: correct error in manifest limit
2020-08-21 09:44:09 -04:00
Drew DeVault
a9fd6012b4
post-update: refuse to submit >4 builds at once
2020-08-21 09:32:28 -04:00
Drew DeVault
25f5679663
update-hook stage 3: delete artifacts for refs
...
If the user removes a reference, this deletes any artifacts which were
associated with that reference.
2020-08-20 15:58:07 -04:00
Drew DeVault
fdccb95b91
gitsrht-update-hook: add deleted refs to webhook
2020-08-20 10:52:00 -04:00
наб
c37d51279a
Use core-go's crypto for webhook signing
2020-08-20 10:07:23 -04:00
наб
f76de68845
Also create/delete git-daemon-export-ok in gitsrht-update-hook
2020-08-19 09:00:30 -04:00
наб
ec44ef4a75
Allow push options description/visibility for setting description/visibility
...
Also gofmt cleanup
Ref: ~sircmpwn/git.sr.ht#293
2020-08-17 10:17:37 -04:00
наб
83570315f4
Update to go-git v5 in gitsrht-update-hook
2020-08-14 10:59:37 -04:00
Drew DeVault
2e9afc6435
gitsrht-update-hook: strip ANSI from webhook output
2020-08-12 08:20:20 -04:00
наб
424b962d84
Ensure all pushed refs are UTF-8, lest the webapp 500 on reading the repo
...
New push output:
-- >8 --
nabijaczleweli@tarta:~/code/git.sr.ht/gitsrht-update-hook$ git push 'git@git.shi.rt:~nabijaczleweli/empty' HEAD:▒ HEAD:owo
Enumerating objects: 34, done.
Counting objects: 100% (34/34), done.
Delta compression using up to 24 threads
Compressing objects: 100% (23/23), done.
Writing objects: 100% (23/23), 5.86 KiB | 1.95 MiB/s, done.
Total 23 (delta 17), reused 0 (delta 0)
remote: refs/heads/▒ not valid UTF-8, see https://github.com/libgit2/pygit2/issues/1028 for more information
remote: error: hook declined to update refs/heads/▒
remote: Builds started:
remote: http://127.0.0.1:5002/~nabijaczleweli/job/133 [alpine.yml]
remote: http://127.0.0.1:5002/~nabijaczleweli/job/134 [archlinux.yml]
remote: http://127.0.0.1:5002/~nabijaczleweli/job/135 [debian.yml]
To git.shi.rt:~nabijaczleweli/empty
* [new branch] HEAD -> owo
! [remote rejected] HEAD -> ▒ (hook declined)
error: failed to push some refs to 'git@git.shi.rt:~nabijaczleweli/empty'
-- >8 --
New log output:
-- >8 --
hooks/pre-receive 2020/08/10 18:44:24 [hooks/pre-receive]
hooks/pre-receive 2020/08/10 18:44:24 Running pre-receive for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/update 2020/08/10 18:44:24 [hooks/update refs/heads/▒ 0000000000000000000000000000000000000000 98d9b505ba528ccfccaba0605930bf1140648dbb]
hooks/update 2020/08/10 18:44:24 Running update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/update 2020/08/10 18:44:24 Refusing ref 'refs/heads/▒': not UTF-8
hooks/update 2020/08/10 18:44:24 [hooks/update refs/heads/owo 0000000000000000000000000000000000000000 98d9b505ba528ccfccaba0605930bf1140648dbb]
hooks/update 2020/08/10 18:44:24 Running update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/post-update 2020/08/10 18:44:24 [hooks/post-update refs/heads/owo]
hooks/post-update 2020/08/10 18:44:24 Running post-update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/post-update 2020/08/10 18:44:24 Submitted 3 builds for refs/heads/owo
hooks/post-update 2020/08/10 18:44:24 Skipping stage 3, no work
-- >8 --
2020-08-11 10:32:46 -04:00