diff options
| author | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
|---|---|---|
| committer | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
| commit | dd136858f1ea40ad3c94191d647487fa4f31926c (patch) | |
| tree | 58fec94a7b2a12510c9664b21793f1ed560c6518 /.forgejo | |
| parent | Initial commit. (diff) | |
| download | forgejo-dd136858f1ea40ad3c94191d647487fa4f31926c.tar.xz forgejo-dd136858f1ea40ad3c94191d647487fa4f31926c.zip | |
Adding upstream version 9.0.0.upstream/9.0.0upstreamdebian
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to '.forgejo')
26 files changed, 1447 insertions, 0 deletions
diff --git a/.forgejo/cascading-pr-end-to-end b/.forgejo/cascading-pr-end-to-end new file mode 100755 index 0000000..8013fde --- /dev/null +++ b/.forgejo/cascading-pr-end-to-end @@ -0,0 +1,34 @@ +#!/bin/bash + +set -ex + +end_to_end=$1 +end_to_end_pr=$2 +forgejo=$3 +forgejo_pr_or_ref=$4 + +cd $forgejo +full_version=$(make show-version-full) +minor_version=$(make show-version-minor) + +cd $end_to_end + +if ! test -f forgejo/sources/$minor_version; then + echo "FAIL: forgejo/sources/$minor_version does not exist in the end-to-end repository" + false +fi + +echo -n $minor_version >forgejo/build-from-sources +date >last-upgrade + +if test -f "$forgejo_pr_or_ref"; then + forgejo_pr=$forgejo_pr_or_ref + head_url=$(jq --raw-output .head.repo.html_url <$forgejo_pr) + test "$head_url" != null + branch=$(jq --raw-output .head.ref <$forgejo_pr) + test "$branch" != null + echo $head_url $branch $full_version >forgejo/sources/$minor_version +else + forgejo_ref=$forgejo_pr_or_ref + echo $GITHUB_SERVER_URL/$GITHUB_REPOSITORY ${forgejo_ref#refs/heads/} $full_version >forgejo/sources/$minor_version +fi diff --git a/.forgejo/cascading-release-end-to-end b/.forgejo/cascading-release-end-to-end new file mode 100755 index 0000000..9be0737 --- /dev/null +++ b/.forgejo/cascading-release-end-to-end @@ -0,0 +1,22 @@ +#!/bin/bash + +set -ex + +end_to_end=$1 +end_to_end_pr=$2 +forgejo=$3 +forgejo_ref=$4 + +cd $end_to_end +date >last-upgrade +organizations=lib/ORGANIZATIONS +if ! test -f $organizations; then + echo "$organizations file not found" + false +fi +# +# Inverse the order of lookup because the goal in the release built +# pipeline is to test the latest build, if available, instead of the +# stable version by the same version. +# +echo forgejo-integration forgejo-experimental forgejo >$organizations diff --git a/.forgejo/issue_template/bug-report-ui.yaml b/.forgejo/issue_template/bug-report-ui.yaml new file mode 100644 index 0000000..57d578b --- /dev/null +++ b/.forgejo/issue_template/bug-report-ui.yaml @@ -0,0 +1,57 @@ +name: 🦋 Bug Report (web interface / frontend) +description: Something doesn't look quite as it should? Report it here! +title: "bug: " +labels: ["bug/new-report", "forgejo/ui"] +body: +- type: markdown + attributes: + value: | + **NOTE: If your issue is a security concern, please email <security@forgejo.org> (GPG: `A4676E79`) instead of opening a public issue.** +- type: markdown + attributes: + value: | + - Please speak English, as this is the language all maintainers can speak and write. + - Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way. + - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). + - Take a moment to [check that your issue hasn't been reported before](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78137). +- type: dropdown + id: can-reproduce + attributes: + label: Can you reproduce the bug on the Forgejo test instance? + description: | + Please try reproducing your issue at https://dev.next.forgejo.org. + It is running the latest development branch and will confirm the problem is not already fixed. + If you can reproduce it, provide a URL in the description. + options: + - "Yes" + - "No" + validations: + required: true +- type: textarea + id: description + attributes: + label: Description + description: | + Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above). + If you think this is a JavaScript error, include a copy of the JavaScript console. + validations: + required: true +- type: textarea + id: screenshots + attributes: + label: Screenshots + description: Please provide at least one screenshot showing the issue. + validations: + required: true +- type: input + id: forgejo-ver + attributes: + label: Forgejo Version + description: Forgejo version (or commit reference) your instance is running +- type: input + id: browser-ver + attributes: + label: Browser Version + description: The browser and version that you are using to access Forgejo + validations: + required: true diff --git a/.forgejo/issue_template/bug-report.yaml b/.forgejo/issue_template/bug-report.yaml new file mode 100644 index 0000000..6e9b116 --- /dev/null +++ b/.forgejo/issue_template/bug-report.yaml @@ -0,0 +1,72 @@ +name: 🐛 Bug Report (server / backend) +description: Found something you weren't expecting? Report it here! +title: "bug: " +labels: bug/new-report +body: +- type: markdown + attributes: + value: | + **NOTE: If your issue is a security concern, please email <security@forgejo.org> (GPG: `A4676E79`) instead of opening a public issue.** +- type: markdown + attributes: + value: | + - Please speak English, as this is the language all maintainers can speak and write. + - Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way. + - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). + - Take a moment to [check that your issue hasn't been reported before](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78137). +- type: dropdown + id: can-reproduce + attributes: + label: Can you reproduce the bug on the Forgejo test instance? + description: | + Please try reproducing your issue at https://dev.next.forgejo.org. + It is running the latest development branch and will confirm the problem is not already fixed. + If you can reproduce it, provide a URL in the description. + options: + - "Yes" + - "No" + validations: + required: true +- type: textarea + id: description + attributes: + label: Description + description: | + Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above). + validations: + required: true +- type: input + id: forgejo-ver + attributes: + label: Forgejo Version + description: Forgejo version (or commit reference) of your instance +- type: textarea + id: run-info + attributes: + label: How are you running Forgejo? + description: | + Please include information on whether you built Forgejo yourself, used one of our downloads, or are using some other package. + Please also tell us how you are running Forgejo, e.g. if it is being run from a container, a command-line, systemd etc. + If you are using a package or systemd tell us what distribution you are using. + validations: + required: true +- type: textarea + id: logs + attributes: + label: Logs + description: | + It's really important to provide pertinent logs. You must give us `DEBUG` level logs. + Please read https://forgejo.org/docs/latest/admin/logging-documentation/. + In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of `app.ini`. + + Please copy and paste your logs here, with any sensitive information (e.g. API keys) removed/hidden. + You can wrap your logs in `<details>...</details>` tags so it doesn't take up too much space in the issue. +- type: dropdown + id: database + attributes: + label: Database + description: What database system are you running? + options: + - SQLite + - PostgreSQL + - MySQL diff --git a/.forgejo/issue_template/config.yml b/.forgejo/issue_template/config.yml new file mode 100644 index 0000000..0e3caf9 --- /dev/null +++ b/.forgejo/issue_template/config.yml @@ -0,0 +1,16 @@ +contact_links: + - name: 🔓 Security Reports + url: mailto:security@forgejo.org + about: "Please email <security@forgejo.org> (GPG: `A4676E79`) instead of opening a public issue." + - name: 💬 Matrix Chat Room + url: https://matrix.to/#/#forgejo-chat:matrix.org + about: Please ask questions and discuss configuration or deployment problems here. + - name: 💬 Matrix Space + url: https://matrix.to/#/#forgejo:matrix.org + about: A collection of Matrix rooms relating to Forgejo in addition to the main chat room. + - name: 📚 Documentation + url: https://forgejo.org/docs/latest/ + about: Documentation about Forgejo. + - name: ❓ Frequently Asked Questions + url: https://forgejo.org/faq/ + about: Please check if your question is mentioned here. diff --git a/.forgejo/issue_template/feature-request.yaml b/.forgejo/issue_template/feature-request.yaml new file mode 100644 index 0000000..0996680 --- /dev/null +++ b/.forgejo/issue_template/feature-request.yaml @@ -0,0 +1,31 @@ +name: 💡 Feature Request +description: Got an idea for a feature that Forgejo doesn't have yet? Suggest it here! +title: "feat: " +labels: ["enhancement/feature"] +body: +- type: markdown + attributes: + value: | + - Please speak English, as this is the language all maintainers can speak and write. + - Be as clear and concise as possible. A very verbose request is harder to interpret in a concrete way. + - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). + - Please make sure you are using the latest release of Forgejo and take a moment to [check that your feature hasn't already been suggested](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78139). +- type: textarea + id: needs-benefits + attributes: + label: Needs and benefits + description: As concisely as possible, describe the benefits your feature request will provide or the problems it will try to solve. + validations: + required: true +- type: textarea + id: description + attributes: + label: Feature Description + description: As concisely as possible, describe the feature you would like to see added or the changes you would like to see made to Forgejo. + validations: + required: true +- type: textarea + id: screenshots + attributes: + label: Screenshots + description: If you can, provide screenshots of an implementation on another site, e.g. GitHub. diff --git a/.forgejo/pull_request_template.md b/.forgejo/pull_request_template.md new file mode 100644 index 0000000..d30af48 --- /dev/null +++ b/.forgejo/pull_request_template.md @@ -0,0 +1,33 @@ +--- + +name: "Pull Request Template" +about: "Template for all Pull Requests" +labels: + +- test/needed + +--- + +## Checklist + +The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). + +### Tests + +- I added test coverage for Go changes... + - [ ] in their respective `*_test.go` for unit tests. + - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. +- I added test coverage for JavaScript changes... + - [ ] in `web_src/js/*.test.js` if it can be unit tested. + - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). + +### Documentation + +- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. +- [ ] I did not document these changes and I do not expect someone else to do it. + +### Release notes + +- [ ] I do not want this change to show in the release notes. +- [ ] I want the title to show in the release notes with a link to this pull request. +- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. diff --git a/.forgejo/testdata/build-release/Dockerfile b/.forgejo/testdata/build-release/Dockerfile new file mode 100644 index 0000000..9c44ded --- /dev/null +++ b/.forgejo/testdata/build-release/Dockerfile @@ -0,0 +1,6 @@ +FROM code.forgejo.org/oci/alpine:3.20 +ARG RELEASE_VERSION=unkown +LABEL maintainer="contact@forgejo.org" \ + org.opencontainers.image.version="${RELEASE_VERSION}" +RUN mkdir -p /app/gitea +RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$RELEASE_VERSION" ) > /app/gitea/forgejo-cli ; chmod +x /app/gitea/forgejo-cli diff --git a/.forgejo/testdata/build-release/Makefile b/.forgejo/testdata/build-release/Makefile new file mode 100644 index 0000000..406acd0 --- /dev/null +++ b/.forgejo/testdata/build-release/Makefile @@ -0,0 +1,5 @@ +VERSION ?= $(shell cat VERSION 2>/dev/null) +sources-tarbal: + mkdir -p dist/release + echo $(VERSION) > VERSION + sources=forgejo-src-$(VERSION).tar.gz ; tar --transform 's|^./|forgejo-src-$(VERSION)/|' -czf dist/release/forgejo-src-$(VERSION).tar.gz . ; cd dist/release ; shasum -a 256 $$sources > $$sources.sha256 diff --git a/.forgejo/testdata/build-release/go.mod b/.forgejo/testdata/build-release/go.mod new file mode 100644 index 0000000..1c44204 --- /dev/null +++ b/.forgejo/testdata/build-release/go.mod @@ -0,0 +1,3 @@ +module code.gitea.io/gitea + +go 1.23.2 diff --git a/.forgejo/testdata/build-release/modules/public/bindata.go b/.forgejo/testdata/build-release/modules/public/bindata.go new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/.forgejo/testdata/build-release/modules/public/bindata.go diff --git a/.forgejo/testdata/build-release/public/assets/css/placeholder b/.forgejo/testdata/build-release/public/assets/css/placeholder new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/.forgejo/testdata/build-release/public/assets/css/placeholder diff --git a/.forgejo/testdata/build-release/public/assets/fonts/placeholder b/.forgejo/testdata/build-release/public/assets/fonts/placeholder new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/.forgejo/testdata/build-release/public/assets/fonts/placeholder diff --git a/.forgejo/testdata/build-release/public/assets/js/placeholder b/.forgejo/testdata/build-release/public/assets/js/placeholder new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/.forgejo/testdata/build-release/public/assets/js/placeholder diff --git a/.forgejo/workflows/backport.yml b/.forgejo/workflows/backport.yml new file mode 100644 index 0000000..32a93ed --- /dev/null +++ b/.forgejo/workflows/backport.yml @@ -0,0 +1,59 @@ +# Copyright 2024 The Forgejo Authors +# SPDX-License-Identifier: MIT +# +# To modify this workflow: +# +# - change pull_request_target: to pull_request: +# so that it runs from a pull request instead of the default branch +# +# - push it to the wip-ci-backport branch on the forgejo repository +# otherwise it will not have access to the secrets required to push +# the PR +# +# - open a pull request targetting wip-ci-backport that includes a change +# that can be backported without conflict in v1.21 and set the +# `backport/v1.21` label. +# +# - once it works, open a pull request for the sake of keeping track +# of the change even if the PR won't run it because it will use +# whatever is in the default branch instead +# +# - after it is merged, double check it works by setting a +# `backport/v1.21` label on a merged pull request that can be backported +# without conflict. +# +on: + pull_request_target: + types: + - closed + - labeled + +jobs: + backporting: + if: > + !startsWith(vars.ROLE, 'forgejo-') && ( + github.event.pull_request.merged + && + contains(toJSON(github.event.pull_request.labels), 'backport/v') + ) + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - name: event info + run: | + cat <<'EOF' + ${{ toJSON(github) }} + EOF + - uses: https://code.forgejo.org/actions/git-backporting@v4.8.0 + with: + target-branch-pattern: "^backport/(?<target>(v.*))$" + strategy: ort + strategy-option: find-renames + cherry-pick-options: -x + auth: ${{ secrets.BACKPORT_TOKEN }} + pull-request: ${{ github.event.pull_request.url }} + auto-no-squash: true + enable-err-notification: true + git-user: forgejo-backport-action + git-email: forgejo-backport-action@noreply.codeberg.org diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml new file mode 100644 index 0000000..f5f0d19 --- /dev/null +++ b/.forgejo/workflows/build-release-integration.yml @@ -0,0 +1,135 @@ +name: Integration tests for the release process + +on: + push: + paths: + - Makefile + - Dockerfile + - Dockerfile.rootless + - docker/** + - .forgejo/workflows/build-release.yml + - .forgejo/workflows/build-release-integration.yml + branches-ignore: + - renovate/** + pull_request: + paths: + - Makefile + - Dockerfile + - Dockerfile.rootless + - docker/** + - .forgejo/workflows/build-release.yml + - .forgejo/workflows/build-release-integration.yml + +jobs: + release-simulation: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: self-hosted + steps: + - uses: actions/checkout@v4 + + - id: forgejo + uses: https://code.forgejo.org/actions/setup-forgejo@v1 + with: + user: root + password: admin1234 + image-version: 1.21 + lxc-ip-prefix: 10.0.9 + + - name: publish the forgejo release + shell: bash + run: | + set -x + + cat > /etc/docker/daemon.json <<EOF + { + "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"] + } + EOF + systemctl restart docker + + apt-get install -qq -y xz-utils + + dir=$(mktemp -d) + trap "rm -fr $dir" EXIT + + url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }} + export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}" + + function sanity_check() { + local url=$1 version=$2 + # + # Minimal sanity checks. Since the binary + # is a script shell it does not test the sanity of the cross + # build, only the sanity of the naming of the binaries. + # + for arch in amd64 arm64 arm-6 ; do + local binary=forgejo-$version-linux-$arch + for suffix in '' '.xz' ; do + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix + if test "$suffix" = .xz ; then + unxz --keep $binary$suffix + fi + chmod +x $binary + ./$binary --version | grep $version + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256 + shasum -a 256 --check $binary$suffix.sha256 + rm $binary$suffix + done + done + + local sources=forgejo-src-$version.tar.gz + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256 + shasum -a 256 --check $sources.sha256 + + docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version + docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless + } + + # + # Create a new project with a fake forgejo and the release workflow only + # + cp -a .forgejo/testdata/build-release/* $dir + mkdir -p $dir/.forgejo/workflows + cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows + cp $dir/Dockerfile $dir/Dockerfile.rootless + + forgejo-test-helper.sh push $dir $url root forgejo + + forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN + forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER + forgejo-curl.sh api_json -X PUT --data-raw '{"data":"true"}' $url/api/v1/repos/root/forgejo/actions/secrets/VERBOSE + + # + # Push a tag to trigger the release workflow and wait for it to complete + # + version=1.2.3 + sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main) + forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags + LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha + sanity_check $url $version + + # + # Push a commit to a branch that triggers the build of a test release + # + version=1.2-test + ( + git clone $url/root/forgejo /tmp/forgejo + cd /tmp/forgejo + date > DATE + git config user.email root@example.com + git config user.name username + git add . + git commit -m 'update' + git push $url/root/forgejo main:forgejo + ) + sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo forgejo) + LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha + sanity_check $url $version + + - name: full logs + if: always() + run: | + sed -e 's/^/[RUNNER LOGS] /' ${{ steps.forgejo.outputs.runner-logs }} + docker logs forgejo | sed -e 's/^/[FORGEJO LOGS]/' + sleep 5 # hack to avoid mixing outputs in Forgejo v1.21 diff --git a/.forgejo/workflows/build-release.yml b/.forgejo/workflows/build-release.yml new file mode 100644 index 0000000..a132242 --- /dev/null +++ b/.forgejo/workflows/build-release.yml @@ -0,0 +1,231 @@ +# +# See also https://forgejo.org/docs/next/contributor/release/#stable-release-process +# +# https://codeberg.org/forgejo-integration/forgejo +# +# Builds a release from a codeberg.org/forgejo-integration tag +# +# vars.ROLE: forgejo-integration +# +# secrets.DOER: forgejo-experimental-ci +# secrets.TOKEN: <generated from codeberg.org/forgejo-experimental-ci> scope read:user, write:repository, write:package +# +# secrets.CASCADE_ORIGIN_TOKEN: <generated from codeberg.org/forgejo-experimental-ci> scope read:user, write:repository, write:issue +# secrets.CASCADE_DESTINATION_TOKEN: <generated from code.forgejo.org/forgejo-ci> scope read:user, write:repository, write:issue +# vars.CASCADE_DESTINATION_DOER: forgejo-ci +# +on: + push: + tags: 'v[0-9]+.[0-9]+.*' + branches: + - 'forgejo' + - 'v*/forgejo' + +jobs: + release: + runs-on: self-hosted + # root is used for testing, allow it + if: vars.ROLE == 'forgejo-integration' || github.repository_owner == 'root' + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Sanitize the name of the repository + id: repository + run: | + repository="${{ github.repository }}" + echo "value=${repository##*/}" >> "$GITHUB_OUTPUT" + + - uses: https://code.forgejo.org/actions/setup-node@v4 + with: + node-version: 20 + + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + + - name: version from ref + id: release-info + shell: bash + run: | + set -x + ref="${{ github.ref }}" + if [[ $ref =~ ^refs/heads/ ]] ; then + if test "$ref" = "refs/heads/forgejo" ; then + version=$(git tag -l --sort=version:refname --merged | grep -v -e '-test$' | tail -1 | sed -E -e 's/^(v[0-9]+\.[0-9]+).*/\1/')-test + else + version=${ref#refs/heads/} + version=${version%/forgejo}-test + fi + override=true + fi + if [[ $ref =~ ^refs/tags/ ]] ; then + version=${ref#refs/tags/} + override=false + fi + if test -z "$version" ; then + echo failed to figure out the release version from the reference=$ref + exit 1 + fi + version=${version#v} + git describe --exclude '*-test' --tags --always + echo "sha=${{ github.sha }}" >> "$GITHUB_OUTPUT" + echo "version=$version" >> "$GITHUB_OUTPUT" + echo "override=$override" >> "$GITHUB_OUTPUT" + + - name: release notes + id: release-notes + run: | + anchor=${{ steps.release-info.outputs.version }} + anchor=${anchor//./-} + cat >> "$GITHUB_OUTPUT" <<EOF + value<<ENDVAR + See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#$anchor + ENDVAR + EOF + + - name: cache node_modules + id: node + uses: https://code.forgejo.org/actions/cache@v4 + with: + path: | + node_modules + key: node-${{ steps.release-info.outputs.version }} + + - name: skip if node cache hit + if: steps.node.outputs.cache-hit != 'true' + run: echo no hit + + - name: Build sources + run: | + set -x + apt-get -qq install -y make + version=${{ steps.release-info.outputs.version }} + # + # Make sure all files are owned by the current user. + # When run as root `npx webpack` will assume the identity + # of the owner of the current working directory and may + # fail to create files if some sub-directories are not owned + # by the same user. + # + # Binaries: + # Node: 18.17.0 - /usr/local/node-v18.17.0-linux-x64/bin/node + # npm: 9.6.7 - /usr/local/node-v18.17.0-linux-x64/bin/npm + # Packages: + # add-asset-webpack-plugin: 2.0.1 => 2.0.1 + # css-loader: 6.8.1 => 6.8.1 + # esbuild-loader: 3.0.1 => 3.0.1 + # license-checker-webpack-plugin: 0.2.1 => 0.2.1 + # monaco-editor-webpack-plugin: 7.0.1 => 7.0.1 + # vue-loader: 17.2.2 => 17.2.2 + # webpack: 5.87.0 => 5.87.0 + # webpack-cli: 5.1.4 => 5.1.4 + # + chown -R $(id -u) . + make VERSION=$version TAGS=bindata sources-tarbal + mv dist/release release + + ( + tmp=$(mktemp -d) + tar --directory $tmp -zxvf release/*$version*.tar.gz + cd $tmp/* + # + # Verify `make frontend` files are available + # + test -d public/assets/css + test -d public/assets/fonts + test -d public/assets/js + # + # Verify `make generate` files are available + # + test -f modules/public/bindata.go + # + # Sanity check to verify that the source tarbal knows the + # version and is able to rebuild itself from it. + # + # When in sources the version is determined with git. + # When in the tarbal the version is determined from a VERSION file. + # + make sources-tarbal + tarbal=$(echo dist/release/*$version*.tar.gz) + if ! test -f $tarbal ; then + echo $tarbal does not exist + find dist release + exit 1 + fi + ) + + - name: build container & release + if: ${{ secrets.TOKEN != '' }} + uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v5.1.1 + with: + forgejo: "${{ env.GITHUB_SERVER_URL }}" + owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" + repository: "${{ steps.repository.outputs.value }}" + doer: "${{ secrets.DOER }}" + release-version: "${{ steps.release-info.outputs.version }}" + sha: "${{ steps.release-info.outputs.sha }}" + token: "${{ secrets.TOKEN }}" + platforms: linux/amd64,linux/arm64,linux/arm/v6 + release-notes: "${{ steps.release-notes.outputs.value }}" + binary-name: forgejo + binary-path: /app/gitea/forgejo-cli + override: "${{ steps.release-info.outputs.override }}" + verify-labels: "maintainer=contact@forgejo.org,org.opencontainers.image.version=${{ steps.release-info.outputs.version }}" + verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }} + + - name: build rootless container + if: ${{ secrets.TOKEN != '' }} + uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v5.1.1 + with: + forgejo: "${{ env.GITHUB_SERVER_URL }}" + owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" + repository: "${{ steps.repository.outputs.value }}" + doer: "${{ secrets.DOER }}" + release-version: "${{ steps.release-info.outputs.version }}" + sha: "${{ steps.release-info.outputs.sha }}" + token: "${{ secrets.TOKEN }}" + platforms: linux/amd64,linux/arm64,linux/arm/v6 + suffix: -rootless + dockerfile: Dockerfile.rootless + override: "${{ steps.release-info.outputs.override }}" + verify-labels: "maintainer=contact@forgejo.org,org.opencontainers.image.version=${{ steps.release-info.outputs.version }}" + verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }} + + - name: end-to-end tests + if: ${{ secrets.TOKEN != '' && vars.ROLE == 'forgejo-integration' }} + uses: https://code.forgejo.org/actions/cascading-pr@v2 + with: + origin-url: ${{ env.GITHUB_SERVER_URL }} + origin-repo: ${{ github.repository }} + origin-token: ${{ secrets.CASCADE_ORIGIN_TOKEN }} + origin-ref: refs/heads/forgejo + destination-url: https://code.forgejo.org + destination-fork-repo: ${{ vars.CASCADE_DESTINATION_DOER }}/end-to-end + destination-repo: forgejo/end-to-end + destination-branch: main + destination-token: ${{ secrets.CASCADE_DESTINATION_TOKEN }} + update: .forgejo/cascading-release-end-to-end + + - name: copy to experimental + if: vars.ROLE == 'forgejo-integration' && secrets.TOKEN != '' + run: | + if test "${{ vars.VERBOSE }}" = true ; then + set -x + fi + tag=v${{ steps.release-info.outputs.version }} + url=https://any:${{ secrets.TOKEN }}@codeberg.org + if test "${{ steps.release-info.outputs.override }}" = "true" ; then + curl -sS -X DELETE $url/api/v1/repos/forgejo-experimental/forgejo/releases/tags/$tag > /dev/null + curl -sS -X DELETE $url/api/v1/repos/forgejo-experimental/forgejo/tags/$tag > /dev/null + fi + # actions/checkout@v3 sets http.https://codeberg.org/.extraheader with the automatic token. + # Get rid of it so it does not prevent using the token that has write permissions + git config --local --unset http.https://codeberg.org/.extraheader + if test -f .git/shallow ; then + echo "unexptected .git/shallow file is present" + echo "it suggests a checkout --depth X was used which may prevent pushing the commit" + echo "it happens when actions/checkout is called without depth: 0" + fi + git push $url/forgejo-experimental/forgejo ${{ steps.release-info.outputs.sha }}:refs/tags/$tag diff --git a/.forgejo/workflows/cascade-setup-end-to-end.yml b/.forgejo/workflows/cascade-setup-end-to-end.yml new file mode 100644 index 0000000..404bbe8 --- /dev/null +++ b/.forgejo/workflows/cascade-setup-end-to-end.yml @@ -0,0 +1,74 @@ +# Copyright 2024 The Forgejo Authors +# SPDX-License-Identifier: MIT +# +# To modify this workflow: +# +# - push it to the wip-ci-end-to-end branch on the forgejo repository +# otherwise it will not have access to the secrets required to push +# the cascading PR +# +# - once it works, open a pull request for the sake of keeping track +# of the change even if the PR won't run it because it will use +# whatever is in the default branch instead +# +# - after it is merged, double check it works by setting the +# run-end-to-end-test on a pull request (any pull request will doe +# +on: + push: + branches: + - 'wip-ci-end-to-end' + pull_request_target: + types: + - labeled + +jobs: + info: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + container: + image: code.forgejo.org/oci/node:20-bookworm + steps: + - name: event + run: | + echo github.event.pull_request.head.repo.fork = ${{ github.event.pull_request.head.repo.fork }} + echo github.event.action = ${{ github.event.action }} + echo github.event.pull_request.merged = ${{ github.event.pull_request.merged }} + echo github.event.pull_request.labels.*.name + cat <<'EOF' + ${{ toJSON(github.event.pull_request.labels.*.name) }} + EOF + cat <<'EOF' + ${{ toJSON(github.event) }} + EOF + + cascade: + if: > + !startsWith(vars.ROLE, 'forgejo-') && ( + github.event_name == 'push' || + ( + github.event.action == 'label_updated' && contains(github.event.pull_request.labels.*.name, 'run-end-to-end-tests') + ) + ) + runs-on: docker + container: + image: code.forgejo.org/oci/node:20-bookworm + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: '0' + show-progress: 'false' + - uses: actions/cascading-pr@v2 + with: + origin-url: ${{ env.GITHUB_SERVER_URL }} + origin-repo: ${{ github.repository }} + origin-token: ${{ secrets.END_TO_END_CASCADING_PR_ORIGIN }} + origin-pr: ${{ github.event.pull_request.number }} + origin-ref: ${{ github.event_name == 'push' && github.event.ref || '' }} + destination-url: https://code.forgejo.org + destination-fork-repo: cascading-pr/end-to-end + destination-repo: forgejo/end-to-end + destination-branch: main + destination-token: ${{ secrets.END_TO_END_CASCADING_PR_DESTINATION }} + close-merge: true + update: .forgejo/cascading-pr-end-to-end diff --git a/.forgejo/workflows/e2e.yml b/.forgejo/workflows/e2e.yml new file mode 100644 index 0000000..9f2fbb0 --- /dev/null +++ b/.forgejo/workflows/e2e.yml @@ -0,0 +1,37 @@ +name: e2e + +on: + pull_request: + paths: + - Makefile + - playwright.config.js + - .forgejo/workflows/e2e.yml + - tests/e2e/** + - web_src/js/** + - web_src/css/form.css + - templates/webhook/shared-settings.tmpl + - templates/org/team/new.tmpl + +jobs: + test-e2e: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + container: + image: 'code.forgejo.org/oci/playwright:latest' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - run: | + git config --add safe.directory '*' + chown -R forgejo:forgejo . + - run: | + su forgejo -c 'make deps-frontend frontend deps-backend' + - run: | + su forgejo -c 'make backend' + - run: | + su forgejo -c 'make generate test-e2e-sqlite' + timeout-minutes: 40 + env: + USE_REPO_TEST_DIR: 1 diff --git a/.forgejo/workflows/forgejo-integration-cleanup.yml b/.forgejo/workflows/forgejo-integration-cleanup.yml new file mode 100644 index 0000000..049679a --- /dev/null +++ b/.forgejo/workflows/forgejo-integration-cleanup.yml @@ -0,0 +1,39 @@ +on: + workflow_dispatch: + + schedule: + - cron: '@daily' + +jobs: + integration-cleanup: + if: vars.ROLE == 'forgejo-integration' + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + + - name: apt install curl jq + run: | + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get -q install -qq -y curl jq + + - name: remove old releases and tags + run: | + url=https://any:${{ secrets.TOKEN }}@codeberg.org + curl -sS "$url/api/v1/repos/forgejo-integration/forgejo/releases" | jq -r '.[] | "\(.published_at) \(.tag_name)"' | sort | while read published_at version ; do + if echo $version | grep -e '-test$' >/dev/null; then + old="18 months" + else + old="1 day" + fi + too_old=$(env -i date --date="- $old" +%F) + too_old_seconds=$(env -i date --date="- $old" +%s) + published_at_seconds=$(env -i date --date="$published_at" +%s) + if test $published_at_seconds -le $too_old_seconds ; then + echo "$version was published more than $old ago ($published_at <= $too_old) and will be removed" + curl -X DELETE -sS "$url/api/v1/repos/forgejo-integration/forgejo/releases/tags/$version" + else + echo "$version was published less than $old ago" + fi + done diff --git a/.forgejo/workflows/mirror.yml b/.forgejo/workflows/mirror.yml new file mode 100644 index 0000000..fd22211 --- /dev/null +++ b/.forgejo/workflows/mirror.yml @@ -0,0 +1,27 @@ +name: mirror + +on: + workflow_dispatch: + + schedule: + - cron: '@daily' + +jobs: + mirror: + if: ${{ secrets.MIRROR_TOKEN != '' }} + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - name: git push {v*/,}forgejo + run: | + git init --bare . + git remote add origin ${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }} + git fetch origin refs/heads/forgejo:refs/mirror/forgejo + git ls-remote origin refs/heads/v*/forgejo | while read sha full_ref ; do + ref=${full_ref#refs/heads/} + echo git fetch origin $full_ref:refs/mirror/$ref + git fetch origin $full_ref:refs/mirror/$ref + done + echo git push --force https://${{ vars.MIRROR_DESTINATION }} refs/mirror/*:refs/heads/* + git push --force https://any:${{ secrets.MIRROR_TOKEN }}@${{ vars.MIRROR_DESTINATION }} refs/mirror/*:refs/heads/* diff --git a/.forgejo/workflows/publish-release.yml b/.forgejo/workflows/publish-release.yml new file mode 100644 index 0000000..5de8785 --- /dev/null +++ b/.forgejo/workflows/publish-release.yml @@ -0,0 +1,88 @@ +# SPDX-License-Identifier: MIT +# +# See also https://forgejo.org/docs/next/contributor/release/#stable-release-process +# +# https://codeberg.org/forgejo-experimental/forgejo +# +# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental +# +# vars.ROLE: forgejo-experimental +# vars.FORGEJO: https://codeberg.org +# vars.FROM_OWNER: forgejo-integration +# vars.TO_OWNER: forgejo-experimental +# vars.REPO: forgejo +# vars.DOER: forgejo-experimental-ci +# secrets.TOKEN: <generated from codeberg.org/forgejo-experimental-ci> +# +# http://private.forgejo.org/forgejo/forgejo +# +# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo +# +# vars.ROLE: forgejo-release +# vars.FORGEJO: https://codeberg.org +# vars.FROM_OWNER: forgejo-integration +# vars.TO_OWNER: forgejo +# vars.REPO: forgejo +# vars.DOER: release-team +# secrets.TOKEN: <generated from codeberg.org/release-team> +# secrets.GPG_PRIVATE_KEY: <XYZ> +# secrets.GPG_PASSPHRASE: <ABC> +# +name: Pubish release + +on: + push: + tags: 'v*' + +jobs: + publish: + runs-on: self-hosted + if: vars.DOER != '' && vars.FORGEJO != '' && vars.TO_OWNER != '' && vars.FROM_OWNER != '' && secrets.TOKEN != '' + steps: + - uses: actions/checkout@v4 + + - name: copy & sign + uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v5 + with: + from-forgejo: ${{ vars.FORGEJO }} + to-forgejo: ${{ vars.FORGEJO }} + from-owner: ${{ vars.FROM_OWNER }} + to-owner: ${{ vars.TO_OWNER }} + repo: ${{ vars.REPO }} + release-notes: "See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#{ANCHOR}" + ref-name: ${{ github.ref_name }} + sha: ${{ github.sha }} + from-token: ${{ secrets.TOKEN }} + to-doer: ${{ vars.DOER }} + to-token: ${{ secrets.TOKEN }} + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} + verbose: ${{ vars.VERBOSE }} + + - name: upgrade v*.next.forgejo.org + run: | + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get -q install -y -qq curl + version="${{ github.ref_name }}" + version=${version##*v} + major=$(echo $version | sed -E -e 's/^([0-9]+).*/\1/') + # https://forgejo.org/docs/next/developer/infrastructure + curl -o /dev/null -sS https://v$major.next.forgejo.org/.well-known/wakeup-on-logs/forgejo-v$major + + - name: set up go for the DNS update below + if: vars.ROLE == 'forgejo-experimental' && secrets.OVH_APP_KEY != '' + uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - name: update the _release.experimental DNS record + if: vars.ROLE == 'forgejo-experimental' && secrets.OVH_APP_KEY != '' + uses: https://code.forgejo.org/actions/ovh-dns-update@v1 + with: + subdomain: _release.experimental + domain: forgejo.com # there is a CNAME from .org to .com (for security reasons) + record-id: 5283602601 + value: v=${{ github.ref_name }} + ovh-app-key: ${{ secrets.OVH_APP_KEY }} + ovh-app-secret: ${{ secrets.OVH_APP_SECRET }} + ovh-consumer-key: ${{ secrets.OVH_CON_KEY }} diff --git a/.forgejo/workflows/release-notes-assistant-milestones.yml b/.forgejo/workflows/release-notes-assistant-milestones.yml new file mode 100644 index 0000000..dfe9a33 --- /dev/null +++ b/.forgejo/workflows/release-notes-assistant-milestones.yml @@ -0,0 +1,33 @@ +on: + workflow_dispatch: + + schedule: + - cron: '@daily' + +jobs: + release-notes: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + cache: false + + - name: apt install jq + run: | + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get -q install -y -qq jq + + - name: update open milestones + run: | + set -x + curl -sS $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/milestones?state=open | jq -r '.[] | .title' | while read forgejo version ; do + milestone="$forgejo $version" + go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone" --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version + done diff --git a/.forgejo/workflows/release-notes-assistant.yml b/.forgejo/workflows/release-notes-assistant.yml new file mode 100644 index 0000000..3fed2d0 --- /dev/null +++ b/.forgejo/workflows/release-notes-assistant.yml @@ -0,0 +1,39 @@ +on: + pull_request_target: + types: + - edited + - synchronize + - labeled + +jobs: + release-notes: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') && contains(github.event.pull_request.labels.*.name, 'worth a release-note') }} + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + + - name: event + run: | + cat <<'EOF' + ${{ toJSON(github.event.pull_request.labels.*.name) }} + EOF + cat <<'EOF' + ${{ toJSON(github.event) }} + EOF + + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + cache: false + + - name: apt install jq + run: | + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get -q install -y -qq jq + + - name: release-notes-assistant preview + run: | + go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage pr --storage-location ${{ github.event.pull_request.number }} --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} preview ${{ github.event.pull_request.number }} diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml new file mode 100644 index 0000000..400cd45 --- /dev/null +++ b/.forgejo/workflows/renovate.yml @@ -0,0 +1,69 @@ +# +# Runs every 2 hours, but Renovate is limited to create new PR before 4am. +# See renovate.json for more settings. +# Automerge is enabled for Renovate PR's but need to be approved before. +# +name: renovate + +on: + push: + branches: + - 'renovate/**' # self-test updates + schedule: + - cron: '0 0/2 * * *' + workflow_dispatch: + +env: + RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }} + RENOVATE_REPOSITORIES: ${{ github.repository }} + +jobs: + renovate: + if: ${{ secrets.RENOVATE_TOKEN != '' }} + + runs-on: docker + container: + image: code.forgejo.org/forgejo-contrib/renovate:38.93.2 + + steps: + - name: Load renovate repo cache + uses: https://code.forgejo.org/actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: | + .tmp/cache/renovate/repository + .tmp/cache/renovate/renovate-cache-sqlite + .tmp/osv + key: repo-cache-${{ github.run_id }} + restore-keys: | + repo-cache- + + - name: Run renovate + run: renovate + env: + GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }} + LOG_LEVEL: debug + RENOVATE_BASE_DIR: ${{ github.workspace }}/.tmp + RENOVATE_ENDPOINT: ${{ github.server_url }} + RENOVATE_PLATFORM: gitea + RENOVATE_REPOSITORY_CACHE: 'enabled' + RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} + RENOVATE_GIT_AUTHOR: 'Renovate Bot <forgejo-renovate-action@forgejo.org>' + + RENOVATE_X_SQLITE_PACKAGE_CACHE: true + + GIT_AUTHOR_NAME: 'Renovate Bot' + GIT_AUTHOR_EMAIL: 'forgejo-renovate-action@forgejo.org' + GIT_COMMITTER_NAME: 'Renovate Bot' + GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org' + + OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv + + - name: Save renovate repo cache + if: always() && env.RENOVATE_DRY_RUN != 'full' + uses: https://code.forgejo.org/actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: | + .tmp/cache/renovate/repository + .tmp/cache/renovate/renovate-cache-sqlite + .tmp/osv + key: repo-cache-${{ github.run_id }} diff --git a/.forgejo/workflows/testing.yml b/.forgejo/workflows/testing.yml new file mode 100644 index 0000000..563ff3b --- /dev/null +++ b/.forgejo/workflows/testing.yml @@ -0,0 +1,337 @@ +name: testing + +on: + pull_request: + push: + branches: + - 'forgejo*' + - 'v*/forgejo*' + +jobs: + backend-checks: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - name: event info + run: | + cat <<'EOF' + ${{ toJSON(github) }} + EOF + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - run: make deps-backend deps-tools + - run: make --always-make -j$(nproc) lint-backend tidy-check swagger-check fmt-check swagger-validate # ensure the "go-licenses" make target runs + - run: | + make backend + env: + TAGS: bindata + - uses: actions/cache@v4 + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + frontend-checks: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - run: make deps-frontend + - run: make lint-frontend + - run: make checks-frontend + - run: make test-frontend-coverage + - run: make frontend + test-unit: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: [backend-checks, frontend-checks] + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + services: + elasticsearch: + image: docker.io/bitnami/elasticsearch:7 + env: + discovery.type: single-node + ES_JAVA_OPTS: "-Xms512m -Xmx512m" + minio: + image: docker.io/bitnami/minio:2024.8.17 + options: >- + --hostname gitea.minio + env: + MINIO_DOMAIN: minio + MINIO_ROOT_USER: 123456 + MINIO_ROOT_PASSWORD: 12345678 + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - run: | + git config --add safe.directory '*' + adduser --quiet --comment forgejo --disabled-password forgejo + chown -R forgejo:forgejo . + - name: install git >= 2.42 + run: | + export DEBIAN_FRONTEND=noninteractive + echo deb http://deb.debian.org/debian/ testing main > /etc/apt/sources.list.d/testing.list + apt-get update -qq + apt-get -q install -qq -y git + rm /etc/apt/sources.list.d/testing.list + apt-get update -qq + - name: test release-notes-assistant.sh + run: | + apt-get -q install -qq -y jq + ./release-notes-assistant.sh test_main + - run: | + su forgejo -c 'make deps-backend' + - uses: actions/cache/restore@v4 + id: cache-backend + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + - if: steps.cache-backend.outputs.cache-hit != 'true' + run: | + su forgejo -c 'make backend' + env: + TAGS: bindata + - run: | + su forgejo -c 'make test-backend test-check' + timeout-minutes: 50 + env: + RACE_ENABLED: 'true' + TAGS: bindata + TEST_ELASTICSEARCH_URL: http://elasticsearch:9200 + test-remote-cacher: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: [backend-checks, frontend-checks] + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + strategy: + matrix: + cacher: + # redis + - image: docker.io/bitnami/redis:7.2 + port: 6379 + # redict + - image: registry.redict.io/redict:7.3.0-scratch + port: 6379 + # valkey + - image: docker.io/bitnami/valkey:7.2 + port: 6379 + # garnet + - image: ghcr.io/microsoft/garnet-alpine:1.0.14 + port: 6379 + services: + cacher: + image: ${{ matrix.cacher.image }} + options: ${{ matrix.cacher.options }} + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - run: | + git config --add safe.directory '*' + adduser --quiet --comment forgejo --disabled-password forgejo + chown -R forgejo:forgejo . + - name: install git >= 2.42 + run: | + export DEBIAN_FRONTEND=noninteractive + echo deb http://deb.debian.org/debian/ testing main > /etc/apt/sources.list.d/testing.list + apt-get update -qq + apt-get -q install -qq -y git + rm /etc/apt/sources.list.d/testing.list + apt-get update -qq + - run: | + su forgejo -c 'make deps-backend' + - uses: actions/cache/restore@v4 + id: cache-backend + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + - if: steps.cache-backend.outputs.cache-hit != 'true' + run: | + su forgejo -c 'make backend' + env: + TAGS: bindata + - run: | + su forgejo -c 'make test-remote-cacher test-check' + timeout-minutes: 50 + env: + RACE_ENABLED: 'true' + TAGS: bindata + TEST_REDIS_SERVER: cacher:${{ matrix.cacher.port }} + test-mysql: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: [backend-checks, frontend-checks] + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + services: + mysql: + image: 'docker.io/bitnami/mysql:8.4' + env: + ALLOW_EMPTY_PASSWORD: yes + MYSQL_DATABASE: testgitea + # + # See also https://codeberg.org/forgejo/forgejo/issues/976 + # + MYSQL_EXTRA_FLAGS: --innodb-adaptive-flushing=OFF --innodb-buffer-pool-size=4G --innodb-log-buffer-size=128M --innodb-flush-log-at-trx-commit=0 --innodb-flush-log-at-timeout=30 --innodb-flush-method=nosync --innodb-fsync-threshold=1000000000 + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - name: install dependencies & git >= 2.42 + run: | + export DEBIAN_FRONTEND=noninteractive + echo deb http://deb.debian.org/debian/ testing main > /etc/apt/sources.list.d/testing.list + apt-get update -qq + apt-get install --no-install-recommends -qq -y git git-lfs + rm /etc/apt/sources.list.d/testing.list + apt-get update -qq + - name: setup user and permissions + run: | + git config --add safe.directory '*' + adduser --quiet --comment forgejo --disabled-password forgejo + chown -R forgejo:forgejo . + - run: | + su forgejo -c 'make deps-backend' + - uses: actions/cache/restore@v4 + id: cache-backend + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + - if: steps.cache-backend.outputs.cache-hit != 'true' + run: | + su forgejo -c 'make backend' + env: + TAGS: bindata + - run: | + su forgejo -c 'make test-mysql-migration test-mysql' + timeout-minutes: 50 + env: + USE_REPO_TEST_DIR: 1 + test-pgsql: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: [backend-checks, frontend-checks] + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + services: + minio: + image: docker.io/bitnami/minio:2024.8.17 + env: + MINIO_ROOT_USER: 123456 + MINIO_ROOT_PASSWORD: 12345678 + ldap: + image: docker.io/gitea/test-openldap:latest + pgsql: + image: 'code.forgejo.org/oci/postgres:15' + env: + POSTGRES_DB: test + POSTGRES_PASSWORD: postgres + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - name: install dependencies & git >= 2.42 + run: | + export DEBIAN_FRONTEND=noninteractive + echo deb http://deb.debian.org/debian/ testing main > /etc/apt/sources.list.d/testing.list + apt-get update -qq + apt-get install --no-install-recommends -qq -y git git-lfs + rm /etc/apt/sources.list.d/testing.list + apt-get update -qq + - name: setup user and permissions + run: | + git config --add safe.directory '*' + adduser --quiet --comment forgejo --disabled-password forgejo + chown -R forgejo:forgejo . + - run: | + su forgejo -c 'make deps-backend' + - uses: actions/cache/restore@v4 + id: cache-backend + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + - if: steps.cache-backend.outputs.cache-hit != 'true' + run: | + su forgejo -c 'make backend' + env: + TAGS: bindata + - run: | + su forgejo -c 'make test-pgsql-migration test-pgsql' + timeout-minutes: 50 + env: + RACE_ENABLED: true + USE_REPO_TEST_DIR: 1 + TEST_LDAP: 1 + test-sqlite: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: [backend-checks, frontend-checks] + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - name: install dependencies & git >= 2.42 + run: | + export DEBIAN_FRONTEND=noninteractive + echo deb http://deb.debian.org/debian/ testing main > /etc/apt/sources.list.d/testing.list + apt-get update -qq + apt-get install --no-install-recommends -qq -y git git-lfs + rm /etc/apt/sources.list.d/testing.list + apt-get update -qq + - name: setup user and permissions + run: | + git config --add safe.directory '*' + adduser --quiet --comment forgejo --disabled-password forgejo + chown -R forgejo:forgejo . + - run: | + su forgejo -c 'make deps-backend' + - uses: actions/cache/restore@v4 + id: cache-backend + with: + path: '/workspace/forgejo/forgejo/gitea' + key: backend-build-${{ github.sha }} + - if: steps.cache-backend.outputs.cache-hit != 'true' + run: | + su forgejo -c 'make backend' + env: + TAGS: bindata sqlite sqlite_unlock_notify + - run: | + su forgejo -c 'make test-sqlite-migration test-sqlite' + timeout-minutes: 50 + env: + TAGS: sqlite sqlite_unlock_notify + RACE_ENABLED: true + TEST_TAGS: sqlite sqlite_unlock_notify + USE_REPO_TEST_DIR: 1 + security-check: + if: ${{ !startsWith(vars.ROLE, 'forgejo-') }} + runs-on: docker + needs: + - test-sqlite + - test-pgsql + - test-mysql + - test-remote-cacher + - test-unit + container: + image: 'code.forgejo.org/oci/node:20-bookworm' + steps: + - uses: https://code.forgejo.org/actions/checkout@v4 + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version-file: "go.mod" + - run: make deps-backend deps-tools + - run: make security-check |