Allow pushmirror to use publickey authentication

[Gusted]

• Adds the option to use let the pushmirror use publickey authentication for push actions instead of using user:password authentication. The Publickey algorithm uses for this is ed25519, and is saved in OpenSSH's format so it can be used directly with git.
• Resolves Push mirror using public key authorization #18159

[Gusted]

@wxiaoguang I've changed my comment to reflect a more accurate representation. Sorry for the confusion.

[wxiaoguang]

No need to say sorry .... 😊 I just hope most people can realize the fact, and make Gitea frontend get rid of the current nobody-cares situation.

[Gusted]

Ready for review... I'm not sure how to handle the UI to display the long ssh key.

[codecov-commenter]

Codecov Report

Merging #18835 (801741d) into main (a3d55ac) will increase coverage by 0.01%.
The diff coverage is 60.87%.

@@            Coverage Diff             @@
##             main   #18835      +/-   ##
==========================================
+ Coverage   46.93%   46.95%   +0.01%     
==========================================
  Files         977      979       +2     
  Lines      135302   135609     +307     
==========================================
+ Hits        63508    63672     +164     
- Misses      64012    64132     +120     
- Partials     7782     7805      +23     

Impacted Files	Coverage Δ
cmd/dump.go	0.67% <ø> (ø)
models/repo/pushmirror.go	78.00% <ø> (ø)
modules/context/package.go	48.27% <0.00%> (-8.49%)	⬇️
modules/lfs/content_store.go	74.66% <ø> (+4.66%)	⬆️
modules/packages/container/metadata.go	76.92% <ø> (ø)
routers/web/org/setting.go	0.00% <0.00%> (ø)
routers/web/repo/packages.go	0.00% <0.00%> (ø)
routers/web/repo/setting.go	16.70% <0.00%> (-0.23%)	⬇️
routers/web/user/setting/account.go	25.65% <0.00%> (-0.12%)	⬇️
routers/web/user/setting/profile.go	35.36% <0.00%> (-0.44%)	⬇️
... and 48 more

Help us with your feedback. Take ten seconds to tell us how you rate us.

[Gusted]

Force-pushed twice, because git was being funny.

[zeripath]

This will be a TEXT field on MySQL which is potentially too small for an RSA key - how big is the potential representation for ED25519 keys?

[Gusted]

I once run a script with the old code in modules/crypto/ed25519.go to generate a few million private keys and get their max length. IIRC it was 387, so I just got at 400 to be safe.

Public keys are: ssh-ed25519 + base64 of the ssh's marshaled of the public key bytes + new line And should result in a max of 81 bytes per the analysis of the code (we likely should have a test that verifies these lengths)

[silverwind]

Might still want to enlarge it now to accomodate future key formats. There's no need to define database fields so tightly.

[Gusted]

I'm not able to guess future key formats. I prefer to just limit it to Ed25519 signatures and only add other signatures scheme if there's a need for them.

[silverwind]

If we enlarge now, it saves us from the pain of a future migration. So, unless this is a critical performance code path where there are indexing benefits by using the smaller type, I would enlarge.

[Gusted]

Alright then, I give in. What would be a good size to use here?

[silverwind]

Correct, MySQL TEXT should be limited to 65535 bytes, which seems plenty. So this is LGTM.

[lunny]

Please resolve the conflicts.

[elipsion]

@Gusted Is this PR abandoned? Do you need any help finishing up the merge conflicts?

[Gusted]

@Gusted Is this PR abandoned? Do you need any help finishing up the merge conflicts?

No, the merge conflicts aren't the problem. Rather that I forgot that Git-LFS exists, which is way harder to support with SSH. I'm not knowledgeable enough about LFS to even try add support for it.

[elipsion]

No, the merge conflicts aren't the problem. Rather that I forgot that Git-LFS exists, which is way harder to support with SSH. I'm not knowledgeable enough about LFS to even try add support for it.

Would it be possible to implement push mirrors without support for Git-LFS and leave that feature for the future? There are a fair number of repositories that doesn't require it, so the implementation would not be wasted.

[puni9869]

👀

[denyskon]

@Gusted Are you still willing to work on this PR? I think this feature would be a great addition even without Git LFS support. I see that you suggested to force HTTP auth for LFS-enabled repos - I think this would be an acceptable approach.

If you still want to continue with this PR, please resolve merge conflicts and maybe we could merge it soon.

[philip-peterson]

@Gusted Any way I can help? I am also interested in pushing this through to the finish line. I know a lot about LFS.

[denyskon]

@philip-peterson AFAIK this contributor is now rather more active over at Forgejo. As there was no response in a while, we can consider this PR as abandoned.

As this feature still would be a valuable addition, it would be great if you or somebody else could take over this PR.

[techknowlogick]

I'll close this PR for those reasons. Im refactoring other code areas that might make this easier anyway