Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)

Backport #19132

Make SKIP_TLS_VERIFY apply to git data migrations too through adding the `-c http.sslVerify=false` option to the git clone command.

Fix #18998

Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath 2022-03-19 16:20:26 +00:00 committed by GitHub
parent 5bb0c92b6c
commit e6d46eeb55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 39 additions and 32 deletions

View File

@ -106,6 +106,7 @@ type CloneRepoOptions struct {
NoCheckout bool NoCheckout bool
Depth int Depth int
Filter string Filter string
SkipTLSVerify bool
} }
// Clone clones original repository to target path. // Clone clones original repository to target path.
@ -128,6 +129,9 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo
} }
cmd := NewCommandContextNoGlobals(ctx, args...).AddArguments("clone") cmd := NewCommandContextNoGlobals(ctx, args...).AddArguments("clone")
if opts.SkipTLSVerify {
cmd.AddArguments("-c", "http.sslVerify=false")
}
if opts.Mirror { if opts.Mirror {
cmd.AddArguments("--mirror") cmd.AddArguments("--mirror")
} }

View File

@ -75,6 +75,7 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
Mirror: true, Mirror: true,
Quiet: true, Quiet: true,
Timeout: migrateTimeout, Timeout: migrateTimeout,
SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil { }); err != nil {
return repo, fmt.Errorf("Clone: %v", err) return repo, fmt.Errorf("Clone: %v", err)
} }
@ -92,6 +93,7 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
Quiet: true, Quiet: true,
Timeout: migrateTimeout, Timeout: migrateTimeout,
Branch: "master", Branch: "master",
SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil { }); err != nil {
log.Warn("Clone wiki: %v", err) log.Warn("Clone wiki: %v", err)
if err := util.RemoveAll(wikiPath); err != nil { if err := util.RemoveAll(wikiPath); err != nil {
@ -310,7 +312,7 @@ func PushUpdateAddTag(repo *repo_model.Repository, gitRepo *git.Repository, tagN
} }
var author *user_model.User var author *user_model.User
var createdAt = time.Unix(1, 0) createdAt := time.Unix(1, 0)
if sig != nil { if sig != nil {
author, err = user_model.GetUserByEmail(sig.Email) author, err = user_model.GetUserByEmail(sig.Email)
@ -325,7 +327,7 @@ func PushUpdateAddTag(repo *repo_model.Repository, gitRepo *git.Repository, tagN
return fmt.Errorf("unable to get CommitsCount: %w", err) return fmt.Errorf("unable to get CommitsCount: %w", err)
} }
var rel = models.Release{ rel := models.Release{
RepoID: repo.ID, RepoID: repo.ID,
TagName: tagName, TagName: tagName,
LowerTagName: strings.ToLower(tagName), LowerTagName: strings.ToLower(tagName),

View File

@ -22,14 +22,13 @@ import (
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
base "code.gitea.io/gitea/modules/migration" base "code.gitea.io/gitea/modules/migration"
"code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/repository"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/structs"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
) )
var ( var _ base.Uploader = &RepositoryDumper{}
_ base.Uploader = &RepositoryDumper{}
)
// RepositoryDumper implements an Uploader to the local directory // RepositoryDumper implements an Uploader to the local directory
type RepositoryDumper struct { type RepositoryDumper struct {
@ -154,6 +153,7 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp
Mirror: true, Mirror: true,
Quiet: true, Quiet: true,
Timeout: migrateTimeout, Timeout: migrateTimeout,
SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}) })
if err != nil { if err != nil {
return fmt.Errorf("Clone: %v", err) return fmt.Errorf("Clone: %v", err)
@ -172,6 +172,7 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp
Quiet: true, Quiet: true,
Timeout: migrateTimeout, Timeout: migrateTimeout,
Branch: "master", Branch: "master",
SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil { }); err != nil {
log.Warn("Clone wiki: %v", err) log.Warn("Clone wiki: %v", err)
if err := os.RemoveAll(wikiPath); err != nil { if err := os.RemoveAll(wikiPath); err != nil {
@ -403,7 +404,7 @@ func (g *RepositoryDumper) createItems(dir string, itemFiles map[int64]*os.File,
// CreateComments creates comments of issues // CreateComments creates comments of issues
func (g *RepositoryDumper) CreateComments(comments ...*base.Comment) error { func (g *RepositoryDumper) CreateComments(comments ...*base.Comment) error {
var commentsMap = make(map[int64][]interface{}, len(comments)) commentsMap := make(map[int64][]interface{}, len(comments))
for _, comment := range comments { for _, comment := range comments {
commentsMap[comment.IssueIndex] = append(commentsMap[comment.IssueIndex], comment) commentsMap[comment.IssueIndex] = append(commentsMap[comment.IssueIndex], comment)
} }
@ -532,7 +533,7 @@ func (g *RepositoryDumper) CreatePullRequests(prs ...*base.PullRequest) error {
// CreateReviews create pull request reviews // CreateReviews create pull request reviews
func (g *RepositoryDumper) CreateReviews(reviews ...*base.Review) error { func (g *RepositoryDumper) CreateReviews(reviews ...*base.Review) error {
var reviewsMap = make(map[int64][]interface{}, len(reviews)) reviewsMap := make(map[int64][]interface{}, len(reviews))
for _, review := range reviews { for _, review := range reviews {
reviewsMap[review.IssueIndex] = append(reviewsMap[review.IssueIndex], review) reviewsMap[review.IssueIndex] = append(reviewsMap[review.IssueIndex], review)
} }
@ -611,7 +612,7 @@ func RestoreRepository(ctx context.Context, baseDir, ownerName, repoName string,
if err != nil { if err != nil {
return err return err
} }
var uploader = NewGiteaLocalUploader(ctx, doer, ownerName, repoName) uploader := NewGiteaLocalUploader(ctx, doer, ownerName, repoName)
downloader, err := NewRepositoryRestorer(ctx, baseDir, ownerName, repoName) downloader, err := NewRepositoryRestorer(ctx, baseDir, ownerName, repoName)
if err != nil { if err != nil {
return err return err
@ -622,7 +623,7 @@ func RestoreRepository(ctx context.Context, baseDir, ownerName, repoName string,
} }
tp, _ := strconv.Atoi(opts["service_type"]) tp, _ := strconv.Atoi(opts["service_type"])
var migrateOpts = base.MigrateOptions{ migrateOpts := base.MigrateOptions{
GitServiceType: structs.GitServiceType(tp), GitServiceType: structs.GitServiceType(tp),
} }
updateOptionsUnits(&migrateOpts, units) updateOptionsUnits(&migrateOpts, units)