Merge branch 'main' into viewed-files

Author: delvh

build.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build vendor
-// +build vendor
 
 package main
 

build/code-batch-process.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ignore
-// +build ignore
 
 package main
 

build/generate-bindata.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ignore
-// +build ignore
 
 package main
 

build/generate-emoji.go

@@ -4,7 +4,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ignore
-// +build ignore
 
 package main
 

build/generate-gitignores.go

@@ -1,5 +1,4 @@
 //go:build ignore
-// +build ignore
 
 package main
 

build/generate-licenses.go

@@ -1,5 +1,4 @@
 //go:build ignore
-// +build ignore
 
 package main
 

build/gitea-format-imports.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ignore
-// +build ignore
 
 package main
 

build/gocovmerge.go

@@ -7,7 +7,6 @@
 // merges them into one profile
 
 //go:build ignore
-// +build ignore
 
 package main
 

cmd/admin.go

@@ -556,7 +556,7 @@ func runCreateUser(c *cli.Context) error {
 
 	// If this is the first user being created.
 	// Take it as the admin and don't force a password update.
-	if n := user_model.CountUsers(); n == 0 {
+	if n := user_model.CountUsers(nil); n == 0 {
 		changePassword = false
 	}
 

cmd/embedded.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build bindata
-// +build bindata
 
 package cmd
 

cmd/embedded_stub.go

@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !bindata
-// +build !bindata
 
 package cmd
 

custom/conf/app.example.ini

@@ -2240,6 +2240,9 @@ PATH =
 ;;
 ;; Enable/Disable federation capabilities
 ; ENABLED = true
+;;
+;; Enable/Disable user statistics for nodeinfo if federation is enabled
+; SHARE_USER_STATISTICS = true
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

docs/content/doc/advanced/config-cheat-sheet.en-us.md

@@ -1085,6 +1085,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
 ## Federation (`federation`)
 
 - `ENABLED`: **true**: Enable/Disable federation capabilities
+- `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled
 
 ## Packages (`packages`)
 

docs/content/doc/installation/from-binary.en-us.md

@@ -50,7 +50,8 @@ Of note, configuring `GITEA_WORK_DIR` will tell Gitea where to base its working
 
 ### Prepare environment
 
-Check that Git is installed on the server. If it is not, install it first.
+Check that Git is installed on the server. If it is not, install it first. Gitea requires Git version >= 2.0.
+
 ```sh
 git --version
 ```

docs/content/doc/installation/on-kubernetes.en-us.md

@@ -25,3 +25,47 @@ helm install gitea gitea-charts/gitea
 ```
 
 If you would like to customize your install, which includes kubernetes ingress, please refer to the complete [Gitea helm chart configuration details](https://gitea.com/gitea/helm-chart/)
+
+## Health check endpoint
+
+Gitea comes with a health check endpoint `/api/healthz`, you can configure it in kubernetes like this:
+
+```yaml
+  livenessProbe:
+    httpGet:
+      path: /api/healthz
+      port: http
+    initialDelaySeconds: 200
+    timeoutSeconds: 5
+    periodSeconds: 10
+    successThreshold: 1
+    failureThreshold: 10
+```
+
+a successful health check response will respond with http code `200`, here's example:
+
+```
+HTTP/1.1 200 OK
+
+
+{
+  "status": "pass",
+  "description": "Gitea: Git with a cup of tea",
+  "checks": {
+    "cache:ping": [
+      {
+        "status": "pass",
+        "time": "2022-02-19T09:16:08Z"
+      }
+    ],
+    "database:ping": [
+      {
+        "status": "pass",
+        "time": "2022-02-19T09:16:08Z"
+      }
+    ]
+  }
+}
+```
+
+for more information, please reference to kubernetes documentation [Define a liveness HTTP request](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-a-liveness-http-request)

docs/content/doc/installation/on-kubernetes.zh-tw.md

@@ -25,3 +25,47 @@ helm install gitea gitea-charts/gitea
 ```
 
 若您想自訂安裝（包括使用 kubernetes ingress），請前往完整的 [Gitea helm chart configuration details](https://gitea.com/gitea/helm-chart/)
+
+##運行狀況檢查終端節點
+
+Gitea 附帶了一個運行狀況檢查端點 `/api/healthz`，你可以像這樣在 kubernetes 中配置它:
+
+```yaml
+  livenessProbe:
+    httpGet:
+      path: /api/healthz
+      port: http
+    initialDelaySeconds: 200
+    timeoutSeconds: 5
+    periodSeconds: 10
+    successThreshold: 1
+    failureThreshold: 10
+```
+
+成功的運行狀況檢查回應將使用 HTTP 代碼 `200` 進行回應，下面是示例:
+
+```
+HTTP/1.1 200 OK
+
+
+{
+  "status": "pass",
+  "description": "Gitea: Git with a cup of tea",
+  "checks": {
+    "cache:ping": [
+      {
+        "status": "pass",
+        "time": "2022-02-19T09:16:08Z"
+      }
+    ],
+    "database:ping": [
+      {
+        "status": "pass",
+        "time": "2022-02-19T09:16:08Z"
+      }
+    ]
+  }
+}
+```
+
+有關更多信息，請參考kubernetes文檔[定義一個存活態 HTTP請求接口]（https://kubernetes.io/zh/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/）

integrations/api_nodeinfo_test.go

@@ -26,6 +26,10 @@ func TestNodeinfo(t *testing.T) {
 		resp := MakeRequest(t, req, http.StatusOK)
 		var nodeinfo api.NodeInfo
 		DecodeJSON(t, resp, &nodeinfo)
+		assert.True(t, nodeinfo.OpenRegistrations)
 		assert.Equal(t, "gitea", nodeinfo.Software.Name)
+		assert.Equal(t, 23, nodeinfo.Usage.Users.Total)
+		assert.Equal(t, 15, nodeinfo.Usage.LocalPosts)
+		assert.Equal(t, 2, nodeinfo.Usage.LocalComments)
 	})
 }

integrations/pull_merge_test.go

@@ -243,11 +243,11 @@ func TestCantMergeConflict(t *testing.T) {
 		gitRepo, err := git.OpenRepository(git.DefaultContext, repo_model.RepoPath(user1.Name, repo1.Name))
 		assert.NoError(t, err)
 
-		err = pull.Merge(git.DefaultContext, pr, user1, gitRepo, repo_model.MergeStyleMerge, "", "CONFLICT")
+		err = pull.Merge(pr, user1, gitRepo, repo_model.MergeStyleMerge, "", "CONFLICT")
 		assert.Error(t, err, "Merge should return an error due to conflict")
 		assert.True(t, models.IsErrMergeConflicts(err), "Merge error is not a conflict error")
 
-		err = pull.Merge(git.DefaultContext, pr, user1, gitRepo, repo_model.MergeStyleRebase, "", "CONFLICT")
+		err = pull.Merge(pr, user1, gitRepo, repo_model.MergeStyleRebase, "", "CONFLICT")
 		assert.Error(t, err, "Merge should return an error due to conflict")
 		assert.True(t, models.IsErrRebaseConflicts(err), "Merge error is not a conflict error")
 		gitRepo.Close()
@@ -342,7 +342,7 @@ func TestCantMergeUnrelated(t *testing.T) {
 			BaseBranch: "base",
 		}).(*models.PullRequest)
 
-		err = pull.Merge(git.DefaultContext, pr, user1, gitRepo, repo_model.MergeStyleMerge, "", "UNRELATED")
+		err = pull.Merge(pr, user1, gitRepo, repo_model.MergeStyleMerge, "", "UNRELATED")
 		assert.Error(t, err, "Merge should return an error due to unrelated")
 		assert.True(t, models.IsErrMergeUnrelatedHistories(err), "Merge error is not a unrelated histories error")
 		gitRepo.Close()

models/auth/oauth2.go

@@ -245,7 +245,7 @@ func deleteOAuth2Application(sess db.Engine, id, userid int64) error {
 		"oauth2_authorization_code.grant_id = oauth2_grant.id AND oauth2_grant.application_id = ?", id).Find(&codes); err != nil {
 		return err
 	}
-	codeIDs := make([]int64, 0)
+	codeIDs := make([]int64, 0, len(codes))
 	for _, grant := range codes {
 		codeIDs = append(codeIDs, grant.ID)
 	}

models/branches.go

@@ -104,7 +104,7 @@ func (protectBranch *ProtectedBranch) CanUserPush(userID int64) bool {
 }
 
 // IsUserMergeWhitelisted checks if some user is whitelisted to merge to this branch
-func IsUserMergeWhitelisted(protectBranch *ProtectedBranch, userID int64, permissionInRepo Permission) bool {
+func IsUserMergeWhitelisted(ctx context.Context, protectBranch *ProtectedBranch, userID int64, permissionInRepo Permission) bool {
 	if !protectBranch.EnableMergeWhitelist {
 		// Then we need to fall back on whether the user has write permission
 		return permissionInRepo.CanWrite(unit.TypeCode)
@@ -118,7 +118,7 @@ func IsUserMergeWhitelisted(protectBranch *ProtectedBranch, userID int64, permis
 		return false
 	}
 
-	in, err := organization.IsUserInTeams(db.DefaultContext, userID, protectBranch.MergeWhitelistTeamIDs)
+	in, err := organization.IsUserInTeams(ctx, userID, protectBranch.MergeWhitelistTeamIDs)
 	if err != nil {
 		log.Error("IsUserInTeams: %v", err)
 		return false
@@ -159,16 +159,16 @@ func isUserOfficialReviewer(ctx context.Context, protectBranch *ProtectedBranch,
 }
 
 // HasEnoughApprovals returns true if pr has enough granted approvals.
-func (protectBranch *ProtectedBranch) HasEnoughApprovals(pr *PullRequest) bool {
+func (protectBranch *ProtectedBranch) HasEnoughApprovals(ctx context.Context, pr *PullRequest) bool {
 	if protectBranch.RequiredApprovals == 0 {
 		return true
 	}
-	return protectBranch.GetGrantedApprovalsCount(pr) >= protectBranch.RequiredApprovals
+	return protectBranch.GetGrantedApprovalsCount(ctx, pr) >= protectBranch.RequiredApprovals
 }
 
 // GetGrantedApprovalsCount returns the number of granted approvals for pr. A granted approval must be authored by a user in an approval whitelist.
-func (protectBranch *ProtectedBranch) GetGrantedApprovalsCount(pr *PullRequest) int64 {
-	sess := db.GetEngine(db.DefaultContext).Where("issue_id = ?", pr.IssueID).
+func (protectBranch *ProtectedBranch) GetGrantedApprovalsCount(ctx context.Context, pr *PullRequest) int64 {
+	sess := db.GetEngine(ctx).Where("issue_id = ?", pr.IssueID).
 		And("type = ?", ReviewTypeApprove).
 		And("official = ?", true).
 		And("dismissed = ?", false)
@@ -185,11 +185,11 @@ func (protectBranch *ProtectedBranch) GetGrantedApprovalsCount(pr *PullRequest)
 }
 
 // MergeBlockedByRejectedReview returns true if merge is blocked by rejected reviews
-func (protectBranch *ProtectedBranch) MergeBlockedByRejectedReview(pr *PullRequest) bool {
+func (protectBranch *ProtectedBranch) MergeBlockedByRejectedReview(ctx context.Context, pr *PullRequest) bool {
 	if !protectBranch.BlockOnRejectedReviews {
 		return false
 	}
-	rejectExist, err := db.GetEngine(db.DefaultContext).Where("issue_id = ?", pr.IssueID).
+	rejectExist, err := db.GetEngine(ctx).Where("issue_id = ?", pr.IssueID).
 		And("type = ?", ReviewTypeReject).
 		And("official = ?", true).
 		And("dismissed = ?", false).
@@ -204,11 +204,11 @@ func (protectBranch *ProtectedBranch) MergeBlockedByRejectedReview(pr *PullReque
 
 // MergeBlockedByOfficialReviewRequests block merge because of some review request to official reviewer
 // of from official review
-func (protectBranch *ProtectedBranch) MergeBlockedByOfficialReviewRequests(pr *PullRequest) bool {
+func (protectBranch *ProtectedBranch) MergeBlockedByOfficialReviewRequests(ctx context.Context, pr *PullRequest) bool {
 	if !protectBranch.BlockOnOfficialReviewRequests {
 		return false
 	}
-	has, err := db.GetEngine(db.DefaultContext).Where("issue_id = ?", pr.IssueID).
+	has, err := db.GetEngine(ctx).Where("issue_id = ?", pr.IssueID).
 		And("type = ?", ReviewTypeRequest).
 		And("official = ?", true).
 		Exist(new(Review))

models/db/context.go

@@ -103,15 +103,22 @@ func WithContext(f func(ctx *Context) error) error {
 }
 
 // WithTx represents executing database operations on a transaction
-func WithTx(f func(ctx context.Context) error) error {
+// you can optionally change the context to a parrent one
+func WithTx(f func(ctx context.Context) error, stdCtx ...context.Context) error {
+	parentCtx := DefaultContext
+	if len(stdCtx) != 0 && stdCtx[0] != nil {
+		// TODO: make sure parent context has no open session
+		parentCtx = stdCtx[0]
+	}
+
 	sess := x.NewSession()
 	defer sess.Close()
 	if err := sess.Begin(); err != nil {
 		return err
 	}
 
 	if err := f(&Context{
-		Context: DefaultContext,
+		Context: parentCtx,
 		e:       sess,
 	}); err != nil {
 		return err

models/error.go

@@ -296,7 +296,6 @@ type ErrInvalidCloneAddr struct {
 	IsProtocolInvalid  bool
 	IsPermissionDenied bool
 	LocalPath          bool
-	NotResolvedIP      bool
 }
 
 // IsErrInvalidCloneAddr checks if an error is a ErrInvalidCloneAddr.
@@ -306,9 +305,6 @@ func IsErrInvalidCloneAddr(err error) bool {
 }
 
 func (err *ErrInvalidCloneAddr) Error() string {
-	if err.NotResolvedIP {
-		return fmt.Sprintf("migration/cloning from '%s' is not allowed: unknown hostname", err.Host)
-	}
 	if err.IsInvalidPath {
 		return fmt.Sprintf("migration/cloning from '%s' is not allowed: the provided path is invalid", err.Host)
 	}