mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-24 07:13:33 +01:00
4011821c94
Close #13539. Co-authored by: @lunny @appleboy @fuxiaohei and others. Related projects: - https://gitea.com/gitea/actions-proto-def - https://gitea.com/gitea/actions-proto-go - https://gitea.com/gitea/act - https://gitea.com/gitea/act_runner ### Summary The target of this PR is to bring a basic implementation of "Actions", an internal CI/CD system of Gitea. That means even though it has been merged, the state of the feature is **EXPERIMENTAL**, and please note that: - It is disabled by default; - It shouldn't be used in a production environment currently; - It shouldn't be used in a public Gitea instance currently; - Breaking changes may be made before it's stable. **Please comment on #13539 if you have any different product design ideas**, all decisions reached there will be adopted here. But in this PR, we don't talk about **naming, feature-creep or alternatives**. ### ⚠️ Breaking `gitea-actions` will become a reserved user name. If a user with the name already exists in the database, it is recommended to rename it. ### Some important reviews - What is `DEFAULT_ACTIONS_URL` in `app.ini` for? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954 - Why the api for runners is not under the normal `/api/v1` prefix? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592 - Why DBFS? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178 - Why ignore events triggered by `gitea-actions` bot? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103 - Why there's no permission control for actions? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868 ### What it looks like <details> #### Manage runners <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png"> #### List runs <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png"> #### View logs <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png"> </details> ### How to try it <details> #### 1. Start Gitea Clone this branch and [install from source](https://docs.gitea.io/en-us/install-from-source). Add additional configurations in `app.ini` to enable Actions: ```ini [actions] ENABLED = true ``` Start it. If all is well, you'll see the management page of runners: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png"> #### 2. Start runner Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow the [README](https://gitea.com/gitea/act_runner/src/branch/main/README.md) to start it. If all is well, you'll see a new runner has been added: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png"> #### 3. Enable actions for a repo Create a new repo or open an existing one, check the `Actions` checkbox in settings and submit. <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png"> <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png"> If all is well, you'll see a new tab "Actions": <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png"> #### 4. Upload workflow files Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can follow the [quickstart](https://docs.github.com/en/actions/quickstart) of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions in most cases, you can use the same demo: ```yaml name: GitHub Actions Demo run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 on: [push] jobs: Explore-GitHub-Actions: runs-on: ubuntu-latest steps: - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." - name: Check out repository code uses: actions/checkout@v3 - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." - run: echo "🖥️ The workflow is now ready to test your code on the runner." - name: List files in the repository run: | ls ${{ github.workspace }} - run: echo "🍏 This job's status is ${{ job.status }}." ``` If all is well, you'll see a new run in `Actions` tab: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png"> #### 5. Check the logs of jobs Click a run and you'll see the logs: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png"> #### 6. Go on You can try more examples in [the documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions) of GitHub Actions, then you might find a lot of bugs. Come on, PRs are welcome. </details> See also: [Feature Preview: Gitea Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/) --------- Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: ChristopherHX <christopher.homberger@web.de> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
303 lines
10 KiB
Go
303 lines
10 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package org
|
|
|
|
import (
|
|
"net/http"
|
|
"net/url"
|
|
"strings"
|
|
|
|
"code.gitea.io/gitea/models"
|
|
"code.gitea.io/gitea/models/db"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
secret_model "code.gitea.io/gitea/models/secret"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/models/webhook"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/log"
|
|
repo_module "code.gitea.io/gitea/modules/repository"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
"code.gitea.io/gitea/modules/web"
|
|
user_setting "code.gitea.io/gitea/routers/web/user/setting"
|
|
"code.gitea.io/gitea/services/forms"
|
|
"code.gitea.io/gitea/services/org"
|
|
container_service "code.gitea.io/gitea/services/packages/container"
|
|
repo_service "code.gitea.io/gitea/services/repository"
|
|
user_service "code.gitea.io/gitea/services/user"
|
|
)
|
|
|
|
const (
|
|
// tplSettingsOptions template path for render settings
|
|
tplSettingsOptions base.TplName = "org/settings/options"
|
|
// tplSettingsDelete template path for render delete repository
|
|
tplSettingsDelete base.TplName = "org/settings/delete"
|
|
// tplSettingsHooks template path for render hook settings
|
|
tplSettingsHooks base.TplName = "org/settings/hooks"
|
|
// tplSettingsLabels template path for render labels settings
|
|
tplSettingsLabels base.TplName = "org/settings/labels"
|
|
// tplSettingsSecrets template path for render secrets settings
|
|
tplSettingsSecrets base.TplName = "org/settings/secrets"
|
|
// tplSettingsRunners template path for render runners settings
|
|
tplSettingsRunners base.TplName = "org/settings/runners"
|
|
// tplSettingsRunnersEdit template path for render runners edit settings
|
|
tplSettingsRunnersEdit base.TplName = "org/settings/runners_edit"
|
|
)
|
|
|
|
// Settings render the main settings page
|
|
func Settings(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("org.settings")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsSettingsOptions"] = true
|
|
ctx.Data["CurrentVisibility"] = ctx.Org.Organization.Visibility
|
|
ctx.Data["RepoAdminChangeTeamAccess"] = ctx.Org.Organization.RepoAdminChangeTeamAccess
|
|
ctx.HTML(http.StatusOK, tplSettingsOptions)
|
|
}
|
|
|
|
// SettingsPost response for settings change submitted
|
|
func SettingsPost(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.UpdateOrgSettingForm)
|
|
ctx.Data["Title"] = ctx.Tr("org.settings")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsSettingsOptions"] = true
|
|
ctx.Data["CurrentVisibility"] = ctx.Org.Organization.Visibility
|
|
|
|
if ctx.HasError() {
|
|
ctx.HTML(http.StatusOK, tplSettingsOptions)
|
|
return
|
|
}
|
|
|
|
org := ctx.Org.Organization
|
|
nameChanged := org.Name != form.Name
|
|
|
|
// Check if organization name has been changed.
|
|
if org.LowerName != strings.ToLower(form.Name) {
|
|
isExist, err := user_model.IsUserExist(ctx, org.ID, form.Name)
|
|
if err != nil {
|
|
ctx.ServerError("IsUserExist", err)
|
|
return
|
|
} else if isExist {
|
|
ctx.Data["OrgName"] = true
|
|
ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), tplSettingsOptions, &form)
|
|
return
|
|
} else if err = user_model.ChangeUserName(org.AsUser(), form.Name); err != nil {
|
|
switch {
|
|
case db.IsErrNameReserved(err):
|
|
ctx.Data["OrgName"] = true
|
|
ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplSettingsOptions, &form)
|
|
case db.IsErrNamePatternNotAllowed(err):
|
|
ctx.Data["OrgName"] = true
|
|
ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplSettingsOptions, &form)
|
|
default:
|
|
ctx.ServerError("ChangeUserName", err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if err := container_service.UpdateRepositoryNames(ctx, org.AsUser(), form.Name); err != nil {
|
|
ctx.ServerError("UpdateRepositoryNames", err)
|
|
return
|
|
}
|
|
|
|
// reset ctx.org.OrgLink with new name
|
|
ctx.Org.OrgLink = setting.AppSubURL + "/org/" + url.PathEscape(form.Name)
|
|
log.Trace("Organization name changed: %s -> %s", org.Name, form.Name)
|
|
nameChanged = false
|
|
}
|
|
|
|
// In case it's just a case change.
|
|
org.Name = form.Name
|
|
org.LowerName = strings.ToLower(form.Name)
|
|
|
|
if ctx.Doer.IsAdmin {
|
|
org.MaxRepoCreation = form.MaxRepoCreation
|
|
}
|
|
|
|
org.FullName = form.FullName
|
|
org.Description = form.Description
|
|
org.Website = form.Website
|
|
org.Location = form.Location
|
|
org.RepoAdminChangeTeamAccess = form.RepoAdminChangeTeamAccess
|
|
|
|
visibilityChanged := form.Visibility != org.Visibility
|
|
org.Visibility = form.Visibility
|
|
|
|
if err := user_model.UpdateUser(ctx, org.AsUser(), false); err != nil {
|
|
ctx.ServerError("UpdateUser", err)
|
|
return
|
|
}
|
|
|
|
// update forks visibility
|
|
if visibilityChanged {
|
|
repos, _, err := repo_model.GetUserRepositories(&repo_model.SearchRepoOptions{
|
|
Actor: org.AsUser(), Private: true, ListOptions: db.ListOptions{Page: 1, PageSize: org.NumRepos},
|
|
})
|
|
if err != nil {
|
|
ctx.ServerError("GetRepositories", err)
|
|
return
|
|
}
|
|
for _, repo := range repos {
|
|
repo.OwnerName = org.Name
|
|
if err := repo_service.UpdateRepository(repo, true); err != nil {
|
|
ctx.ServerError("UpdateRepository", err)
|
|
return
|
|
}
|
|
}
|
|
} else if nameChanged {
|
|
if err := repo_model.UpdateRepositoryOwnerNames(org.ID, org.Name); err != nil {
|
|
ctx.ServerError("UpdateRepository", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
log.Trace("Organization setting updated: %s", org.Name)
|
|
ctx.Flash.Success(ctx.Tr("org.settings.update_setting_success"))
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings")
|
|
}
|
|
|
|
// SettingsAvatar response for change avatar on settings page
|
|
func SettingsAvatar(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.AvatarForm)
|
|
form.Source = forms.AvatarLocal
|
|
if err := user_setting.UpdateAvatarSetting(ctx, form, ctx.Org.Organization.AsUser()); err != nil {
|
|
ctx.Flash.Error(err.Error())
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("org.settings.update_avatar_success"))
|
|
}
|
|
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings")
|
|
}
|
|
|
|
// SettingsDeleteAvatar response for delete avatar on settings page
|
|
func SettingsDeleteAvatar(ctx *context.Context) {
|
|
if err := user_service.DeleteAvatar(ctx.Org.Organization.AsUser()); err != nil {
|
|
ctx.Flash.Error(err.Error())
|
|
}
|
|
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings")
|
|
}
|
|
|
|
// SettingsDelete response for deleting an organization
|
|
func SettingsDelete(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("org.settings")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsSettingsDelete"] = true
|
|
|
|
if ctx.Req.Method == "POST" {
|
|
if ctx.Org.Organization.Name != ctx.FormString("org_name") {
|
|
ctx.Data["Err_OrgName"] = true
|
|
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_org_name"), tplSettingsDelete, nil)
|
|
return
|
|
}
|
|
|
|
if err := org.DeleteOrganization(ctx.Org.Organization); err != nil {
|
|
if models.IsErrUserOwnRepos(err) {
|
|
ctx.Flash.Error(ctx.Tr("form.org_still_own_repo"))
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings/delete")
|
|
} else if models.IsErrUserOwnPackages(err) {
|
|
ctx.Flash.Error(ctx.Tr("form.org_still_own_packages"))
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings/delete")
|
|
} else {
|
|
ctx.ServerError("DeleteOrganization", err)
|
|
}
|
|
} else {
|
|
log.Trace("Organization deleted: %s", ctx.Org.Organization.Name)
|
|
ctx.Redirect(setting.AppSubURL + "/")
|
|
}
|
|
return
|
|
}
|
|
|
|
ctx.HTML(http.StatusOK, tplSettingsDelete)
|
|
}
|
|
|
|
// Webhooks render webhook list page
|
|
func Webhooks(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("org.settings")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsSettingsHooks"] = true
|
|
ctx.Data["BaseLink"] = ctx.Org.OrgLink + "/settings/hooks"
|
|
ctx.Data["BaseLinkNew"] = ctx.Org.OrgLink + "/settings/hooks"
|
|
ctx.Data["Description"] = ctx.Tr("org.settings.hooks_desc")
|
|
|
|
ws, err := webhook.ListWebhooksByOpts(ctx, &webhook.ListWebhookOptions{OrgID: ctx.Org.Organization.ID})
|
|
if err != nil {
|
|
ctx.ServerError("GetWebhooksByOrgId", err)
|
|
return
|
|
}
|
|
|
|
ctx.Data["Webhooks"] = ws
|
|
ctx.HTML(http.StatusOK, tplSettingsHooks)
|
|
}
|
|
|
|
// DeleteWebhook response for delete webhook
|
|
func DeleteWebhook(ctx *context.Context) {
|
|
if err := webhook.DeleteWebhookByOrgID(ctx.Org.Organization.ID, ctx.FormInt64("id")); err != nil {
|
|
ctx.Flash.Error("DeleteWebhookByOrgID: " + err.Error())
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("repo.settings.webhook_deletion_success"))
|
|
}
|
|
|
|
ctx.JSON(http.StatusOK, map[string]interface{}{
|
|
"redirect": ctx.Org.OrgLink + "/settings/hooks",
|
|
})
|
|
}
|
|
|
|
// Labels render organization labels page
|
|
func Labels(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("repo.labels")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsOrgSettingsLabels"] = true
|
|
ctx.Data["RequireTribute"] = true
|
|
ctx.Data["LabelTemplates"] = repo_module.LabelTemplates
|
|
ctx.HTML(http.StatusOK, tplSettingsLabels)
|
|
}
|
|
|
|
// Secrets render organization secrets page
|
|
func Secrets(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("repo.secrets")
|
|
ctx.Data["PageIsOrgSettings"] = true
|
|
ctx.Data["PageIsOrgSettingsSecrets"] = true
|
|
|
|
secrets, err := secret_model.FindSecrets(ctx, secret_model.FindSecretsOptions{OwnerID: ctx.Org.Organization.ID})
|
|
if err != nil {
|
|
ctx.ServerError("FindSecrets", err)
|
|
return
|
|
}
|
|
ctx.Data["Secrets"] = secrets
|
|
|
|
ctx.HTML(http.StatusOK, tplSettingsSecrets)
|
|
}
|
|
|
|
// SecretsPost add secrets
|
|
func SecretsPost(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.AddSecretForm)
|
|
|
|
_, err := secret_model.InsertEncryptedSecret(ctx, ctx.Org.Organization.ID, 0, form.Title, form.Content)
|
|
if err != nil {
|
|
ctx.Flash.Error(ctx.Tr("secrets.creation.failed"))
|
|
log.Error("validate secret: %v", err)
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings/secrets")
|
|
return
|
|
}
|
|
|
|
log.Trace("Org %d: secret added", ctx.Org.Organization.ID)
|
|
ctx.Flash.Success(ctx.Tr("secrets.creation.success", form.Title))
|
|
ctx.Redirect(ctx.Org.OrgLink + "/settings/secrets")
|
|
}
|
|
|
|
// SecretsDelete delete secrets
|
|
func SecretsDelete(ctx *context.Context) {
|
|
id := ctx.FormInt64("id")
|
|
if _, err := db.DeleteByBean(ctx, &secret_model.Secret{ID: id}); err != nil {
|
|
ctx.Flash.Error(ctx.Tr("secrets.deletion.failed"))
|
|
log.Error("delete secret %d: %v", id, err)
|
|
} else {
|
|
ctx.Flash.Success(ctx.Tr("secrets.deletion.success"))
|
|
}
|
|
|
|
ctx.JSON(http.StatusOK, map[string]interface{}{
|
|
"redirect": ctx.Org.OrgLink + "/settings/secrets",
|
|
})
|
|
}
|