opensourcemirror
/
git.sr.ht
mirror of https://git.sr.ht/~sircmpwn/git.sr.ht
1
0
Fork 0
Code Issues Releases Wiki Activity
984 Commits 2 Branches 517 Tags 6.3 MiB
Commit Graph

90 Commits

Author SHA1 Message Date
Simon Ser 45812720f3 gitsrht-update-hook: always enable secrets when submitting builds 
Ensure secrets are enabled for all builds. This disables the
auto-detection done by default by builds.sr.ht when the secrets arg
is left unspecified.

While at it, remove the unbound $execute variable.
 2024-02-15 13:36:31 +01:00
Simon Ser 2da016a3d3 Add support for [objects]s3-insecure 2024-01-24 12:51:32 +01:00
Simon Ser 3f02d409c2 Upgrade core-go 2024-01-24 12:06:52 +01:00
Simon Ser 408f23a5b2 Drop gqlparser v1 dependency 2024-01-17 13:47:52 +01:00
Drew DeVault 26809b6b5b Add more missing database close calls 2024-01-17 10:42:14 +01:00
Simon Ser 81e2e8471b Drop go.mod files in subdirectories 
Only use a single top-level go.mod.
 2023-12-04 12:13:23 +01:00
Simon Ser 5610eb6e5c gitsrht-update-hook: drop trivial getters 
Individual fields can be accessed directly.
 2023-12-04 12:13:22 +01:00
Thorben Günther fb1f3a947c gitsrht-update-hook: Remove doubled context import 2023-12-04 11:06:12 +01:00
Thorben Günther 86dbd617ee gitsrht-update-hook: Remove unused function 2023-12-04 11:06:12 +01:00
Thorben Günther 7325a149a0 gitsrht-update-hook: Don't exit on build submission failure 
Right now the postUpdate function exits early when it fails to submit
the build manifests. This prevents the function from other tasks like
delivering webhooks.
 2023-11-17 14:38:57 +01:00
Thorben Günther 59efc97987 gitsrht-update-hook: Submit builds under the pusher's account 
If you give a user read/write access to a repository, in theory he would
be able to leak the repo owner's secrets by adding them to the build
manifest. Instead submit the build under the account of the one who
initiated the push.
 2023-10-24 13:26:21 +02:00
Simon Ser a99fda3715 gitsrht-update-hook: drop BuildSubmitter interface 
This is unused.
 2023-08-16 11:50:26 +02:00
Simon Ser da71f500a9 gitsrht-update-hook: set GIT_REF environment variable 
This is useful to terminate the build early unless it was started
from a specific branch.
 2023-08-16 11:18:29 +02:00
Adnan Maolood a8ae4727f2 gitsrht-update-hook: Use repository visbility for builds 2023-04-19 09:06:47 +02:00
Simon Ser 163edba401 gitsrht-update-hook: include branch name in job tags 
This allows having a per-branch filter for build jobs. Use-cases
include a build badge which only displays status for the default
branch, or a getting the latest build artifacts only for the
default branch.
 2022-04-08 14:09:07 +02:00
Adnan Maolood ad42bf4448 gitsrht: Store visibility as enum instead of varchar 
Add a 'visibility' enum type to the database and use it for the
repository.visibility column.

This required changes to scm.sr.ht code. Instead of updating scm.sr.ht,
most of the scm.sr.ht code that git.sr.ht uses was moved to git.sr.ht.
 2022-03-14 09:59:12 +01:00
Adnan Maolood 26f3346fff gitsrht-update-hook: Use owner username instead of pusher username 
Use the owner username to authenticate to the GraphQL API instead of the
pusher username.

Fixes: https://todo.sr.ht/~sircmpwn/git.sr.ht/362
 2022-02-21 11:25:13 +01:00
Adnan Maolood d0c8853244 gitsrht-update-hook/post-update: Always execute updateRepository 
Always execute the updateRepository GraphQL mutation so that the
repository updated timestamp will be set.
 2022-02-15 13:12:07 +01:00
Adnan Maolood 902c41aa31 gitsrht-update-hook: Only update repo when necessary 
Only update repository information when a new description or visibility
is specified in the push options. This prevents an extraneous
REPO_UPDATE event from being triggered on every push.

Also remove the updateVisibility function, as this is taken care of by
the GraphQL API.
 2022-02-14 15:42:10 +01:00
Adnan Maolood 8cc65ff876 gitsrht-update-hook: Use GraphQL for repository updates 
Use GraphQL to update repository information so that user webhooks are
delivered.

The notice for autocreated repositories has been updated to reflect that
autocreated repositories are no longer deleted automatically.
 2022-02-14 15:42:09 +01:00
Adnan Maolood ea08854593 gitsrht-update-hook: go fmt 2022-02-14 15:42:09 +01:00
Adnan Maolood 91f92f2eac gitsrht-{shell,update-hook}: Support SRHT_CONFIG variable 
Attempt to load the configuration file from the path specified in the
SRHT_CONFIG environment variable. If that fails, fallback to
/etc/sr.ht/config.ini.
 2022-02-14 15:42:09 +01:00
наб 94786a1ec9 gitsrht-update-hook: only print "skip-ci => not submitting" message once 
Instead of for every pushed ref with submittable manifests
 2021-12-15 11:34:41 +01:00
Julien Moutinho 34326ace88 gitsrht-update-hook: update go.{mod,sum} for go-redis 2021-12-08 11:58:10 +01:00
Julien Moutinho 5a74fbcf42 gitsrht-update-hook: update go-redis to support Unix sockets 2021-12-08 11:58:09 +01:00
Simon Ser 4bddca82e9 gitsrht-update-hook: fix logger formatting 
- Some Println calls were using format strings
- Some Printf calls were used without a format string
- %e is not valid, use %v instead
 2021-11-05 10:33:01 +01:00
Bor Grošelj Simić 94489852d6 gitsrht-update-hook: update fnmatch upstream location 2021-10-25 08:48:19 +02:00
Drew DeVault c270776e0e gitsrht-update-hook: handle 402 from builds.sr.ht 2021-04-22 07:37:53 -04:00
Drew DeVault 41b9b5e610 update-hook: remove shell: true from manifests 2021-04-07 08:03:47 -04:00
наб cde2f4791c Revert "Ensure all pushed refs are UTF-8, lest the webapp 500 on reading the repo" 
This reverts commit 424b962d84.
 2021-02-26 08:01:05 -05:00
Drew DeVault a76ff9c1cc gitsrht-update-hook: add oauth key 2021-02-18 11:37:18 -05:00
Alexey Yerin 05dfb95664 Export BUILD_SUBMITTER=git.sr.ht 2021-02-02 10:21:24 -05:00
Drew DeVault 69a51420aa gitsrht-update-hook: update internal auth structure 2021-01-25 09:34:05 -05:00
Drew DeVault 8e957371a3 gitsrht-update-hook: update core-go 2020-10-05 13:36:55 -04:00
Thorben Günther 16c6314a93 Fix maximum number of concurrent builds. 2020-10-02 15:38:35 -04:00
наб 5dae4f3359 Warn when we'd submit duplicate-basename manifest 2020-09-14 12:36:56 -04:00
Drew DeVault 0c45d64b6b Always use internal auth for build submit 2020-09-10 10:57:09 -04:00
Drew DeVault 2ce254f94f Take basename of submitted build manifests 2020-09-07 11:09:55 -04:00
наб bdef2bc8fc Allow specifying -o submit='fnmatch/*.pattern,another' to build alternate manifests 
Defaults to ".build.yml,.builds/*.yml"

Ref: ~sircmpwn/git.sr.ht#316
 2020-09-07 10:19:53 -04:00
Drew DeVault 6ae1c92c1d stage-3: fix nil dereference 2020-08-31 10:26:42 -04:00
Drew DeVault 657601b858 update-hook: correct error in manifest limit 2020-08-21 09:44:09 -04:00
Drew DeVault a9fd6012b4 post-update: refuse to submit >4 builds at once 2020-08-21 09:32:28 -04:00
Drew DeVault 25f5679663 update-hook stage 3: delete artifacts for refs 
If the user removes a reference, this deletes any artifacts which were
associated with that reference.
 2020-08-20 15:58:07 -04:00
Drew DeVault fdccb95b91 gitsrht-update-hook: add deleted refs to webhook 2020-08-20 10:52:00 -04:00
наб c37d51279a Use core-go's crypto for webhook signing 2020-08-20 10:07:23 -04:00
наб f76de68845 Also create/delete git-daemon-export-ok in gitsrht-update-hook 2020-08-19 09:00:30 -04:00
наб ec44ef4a75 Allow push options description/visibility for setting description/visibility 
Also gofmt cleanup

Ref: ~sircmpwn/git.sr.ht#293
 2020-08-17 10:17:37 -04:00
наб 83570315f4 Update to go-git v5 in gitsrht-update-hook 2020-08-14 10:59:37 -04:00
Drew DeVault 2e9afc6435 gitsrht-update-hook: strip ANSI from webhook output 2020-08-12 08:20:20 -04:00
наб 424b962d84 Ensure all pushed refs are UTF-8, lest the webapp 500 on reading the repo 
New push output:
-- >8 --
nabijaczleweli@tarta:~/code/git.sr.ht/gitsrht-update-hook$ git push 'git@git.shi.rt:~nabijaczleweli/empty' HEAD:▒ HEAD:owo
Enumerating objects: 34, done.
Counting objects: 100% (34/34), done.
Delta compression using up to 24 threads
Compressing objects: 100% (23/23), done.
Writing objects: 100% (23/23), 5.86 KiB | 1.95 MiB/s, done.
Total 23 (delta 17), reused 0 (delta 0)
remote: refs/heads/▒ not valid UTF-8, see https://github.com/libgit2/pygit2/issues/1028 for more information
remote: error: hook declined to update refs/heads/▒
remote: Builds started:
remote: http://127.0.0.1:5002/~nabijaczleweli/job/133 [alpine.yml]
remote: http://127.0.0.1:5002/~nabijaczleweli/job/134 [archlinux.yml]
remote: http://127.0.0.1:5002/~nabijaczleweli/job/135 [debian.yml]
To git.shi.rt:~nabijaczleweli/empty
 * [new branch]      HEAD -> owo
 ! [remote rejected] HEAD -> ▒ (hook declined)
error: failed to push some refs to 'git@git.shi.rt:~nabijaczleweli/empty'
-- >8 --

New log output:
-- >8 --
hooks/pre-receive 2020/08/10 18:44:24 [hooks/pre-receive]
hooks/pre-receive 2020/08/10 18:44:24 Running pre-receive for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/update 2020/08/10 18:44:24 [hooks/update refs/heads/▒ 0000000000000000000000000000000000000000 98d9b505ba528ccfccaba0605930bf1140648dbb]
hooks/update 2020/08/10 18:44:24 Running update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/update 2020/08/10 18:44:24 Refusing ref 'refs/heads/▒': not UTF-8
hooks/update 2020/08/10 18:44:24 [hooks/update refs/heads/owo 0000000000000000000000000000000000000000 98d9b505ba528ccfccaba0605930bf1140648dbb]
hooks/update 2020/08/10 18:44:24 Running update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/post-update 2020/08/10 18:44:24 [hooks/post-update refs/heads/owo]
hooks/post-update 2020/08/10 18:44:24 Running post-update for push 7c774348-3d6e-46fe-a613-ca344e079249
hooks/post-update 2020/08/10 18:44:24 Submitted 3 builds for refs/heads/owo
hooks/post-update 2020/08/10 18:44:24 Skipping stage 3, no work
-- >8 --
 2020-08-11 10:32:46 -04:00