Add require signed commit for protected branch (#9708)
* Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>tokarchuk/v1.17
parent
6b1fa12359
commit
66ee9b87f9
@ -0,0 +1,18 @@ |
||||
// Copyright 2020 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package migrations |
||||
|
||||
import ( |
||||
"xorm.io/xorm" |
||||
) |
||||
|
||||
func addRequireSignedCommits(x *xorm.Engine) error { |
||||
|
||||
type ProtectedBranch struct { |
||||
RequireSignedCommits bool `xorm:"NOT NULL DEFAULT false"` |
||||
} |
||||
|
||||
return x.Sync2(new(ProtectedBranch)) |
||||
} |
@ -0,0 +1,108 @@ |
||||
// Copyright 2020 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package git |
||||
|
||||
import ( |
||||
"bufio" |
||||
"bytes" |
||||
"io" |
||||
"strings" |
||||
|
||||
"gopkg.in/src-d/go-git.v4/plumbing" |
||||
) |
||||
|
||||
// CommitFromReader will generate a Commit from a provided reader
|
||||
// We will need this to interpret commits from cat-file
|
||||
func CommitFromReader(gitRepo *Repository, sha plumbing.Hash, reader io.Reader) (*Commit, error) { |
||||
commit := &Commit{ |
||||
ID: sha, |
||||
} |
||||
|
||||
payloadSB := new(strings.Builder) |
||||
signatureSB := new(strings.Builder) |
||||
messageSB := new(strings.Builder) |
||||
message := false |
||||
pgpsig := false |
||||
|
||||
scanner := bufio.NewScanner(reader) |
||||
// Split by '\n' but include the '\n'
|
||||
scanner.Split(func(data []byte, atEOF bool) (advance int, token []byte, err error) { |
||||
if atEOF && len(data) == 0 { |
||||
return 0, nil, nil |
||||
} |
||||
if i := bytes.IndexByte(data, '\n'); i >= 0 { |
||||
// We have a full newline-terminated line.
|
||||
return i + 1, data[0 : i+1], nil |
||||
} |
||||
// If we're at EOF, we have a final, non-terminated line. Return it.
|
||||
if atEOF { |
||||
return len(data), data, nil |
||||
} |
||||
// Request more data.
|
||||
return 0, nil, nil |
||||
}) |
||||
|
||||
for scanner.Scan() { |
||||
line := scanner.Bytes() |
||||
if pgpsig { |
||||
if len(line) > 0 && line[0] == ' ' { |
||||
_, _ = signatureSB.Write(line[1:]) |
||||
continue |
||||
} else { |
||||
pgpsig = false |
||||
} |
||||
} |
||||
|
||||
if !message { |
||||
// This is probably not correct but is copied from go-gits interpretation...
|
||||
trimmed := bytes.TrimSpace(line) |
||||
if len(trimmed) == 0 { |
||||
message = true |
||||
_, _ = payloadSB.Write(line) |
||||
continue |
||||
} |
||||
|
||||
split := bytes.SplitN(trimmed, []byte{' '}, 2) |
||||
var data []byte |
||||
if len(split) > 1 { |
||||
data = split[1] |
||||
} |
||||
|
||||
switch string(split[0]) { |
||||
case "tree": |
||||
commit.Tree = *NewTree(gitRepo, plumbing.NewHash(string(data))) |
||||
_, _ = payloadSB.Write(line) |
||||
case "parent": |
||||
commit.Parents = append(commit.Parents, plumbing.NewHash(string(data))) |
||||
_, _ = payloadSB.Write(line) |
||||
case "author": |
||||
commit.Author = &Signature{} |
||||
commit.Author.Decode(data) |
||||
_, _ = payloadSB.Write(line) |
||||
case "committer": |
||||
commit.Committer = &Signature{} |
||||
commit.Committer.Decode(data) |
||||
_, _ = payloadSB.Write(line) |
||||
case "gpgsig": |
||||
_, _ = signatureSB.Write(data) |
||||
_ = signatureSB.WriteByte('\n') |
||||
pgpsig = true |
||||
} |
||||
} else { |
||||
_, _ = messageSB.Write(line) |
||||
} |
||||
} |
||||
commit.CommitMessage = messageSB.String() |
||||
_, _ = payloadSB.WriteString(commit.CommitMessage) |
||||
commit.Signature = &CommitGPGSignature{ |
||||
Signature: signatureSB.String(), |
||||
Payload: payloadSB.String(), |
||||
} |
||||
if len(commit.Signature.Signature) == 0 { |
||||
commit.Signature = nil |
||||
} |
||||
|
||||
return commit, scanner.Err() |
||||
} |
Loading…
Reference in new issue