This is a bugfix update upgrade from v1.21.10 to v1.21.11. None of the
templates we override have been changed between these two versions
according to git diff.
A full changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.21.11/CHANGELOG.md
Change-Id: I4d3648e311fe87b275856f2d73aca4a79c2c5507
Gitea and OpenDev are playing a game of tag. Whenever we bump our
deployment up to the lastest version they release a new version the next
day. That means there is now a v1.21.10 available shortly after updating
to v1.21.9.
Again this appears to be a fairly straight forward bug fix release.
There are no diffs in the templates we override between 1.21.9 and
1.21.10. Full release notes can be found here:
https://github.com/go-gitea/gitea/blob/v1.21.10/CHANGELOG.md
Change-Id: I7491d18b14100ca6457d42994a45de1e70de8758
Almost immediately after we upgraded to 1.21.8 a new 1.21.9 release
became available. Again this appears to largely be a bugfix release with
no super important changes for us. However, there are performance
improvements which are always nice to see. The template files that we
override have not changed between 1.21.8 and 1.21.9.
Full change log can be found here:
https://github.com/go-gitea/gitea/blob/v1.21.9/CHANGELOG.md
Change-Id: Ica763081203d9be44c9de0923a261afa820c891b
This is a bugfix release with no template updates and no other impactful
deployment changes that I can see. Full changelog notes can be found
here:
https://github.com/go-gitea/gitea/blob/v1.21.8/CHANGELOG.md
Change-Id: I6009bbebc261e87702b7f603bf179be89d31edb9
This upgrades our gitea container image and, thus deployment, to version
1.21.7 from 1.21.5. There are no updates to the three template files we
override upstream according to git diff in the gitea repo.
A full changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.21.7/CHANGELOG.md
Change-Id: I95d92f47085532275bf0f2508f9026e9394aebc7
This update includes a number of bugfixes. The changelog can be found
here: https://github.com/go-gitea/gitea/blob/v1.21.5/CHANGELOG.md.
There is a security fix for inappropriate access to non public container
images. We don't how private data and we don't use the container
registry in gitea so this doesn't affect us.
There are no changes to template files that we override.
Change-Id: I9419a22736de82e135a25fca22aef1ed10c19e1a
We are currently running 1.21.3 so this shouldn't be a huge upgrade for
us. Full changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.21.4/CHANGELOG.md
Two template files are removed from our custom template overrides. They
were both included for the 1.21.3 so that we could manually patch a bug
that resulted in HTTP 500 errors when using gitea's code search
functionality. Upstream included these fixes in the 1.21.4 release so we
don't need to override to fix this any longer. This should be covered by
a testinfra test case now too.
Change-Id: I221e5cd185631751c082bdf5e2902057e5200dc0
Upgrade Gitea to 1.21.3. The changelogs for this release can be found
here:
https://github.com/go-gitea/gitea/blob/v1.21.3/CHANGELOG.md
I have attempted to collect the interesting bits in this commit message
as well as information on why we do or don't make changes to address
these items.
1.21.0
* BREAKING
* Restrict certificate type for builtin SSH server (https://github.com/go-gitea/gitea/pull/26789)
* We don't use the builtin SSH server and don't use certificates
for auth. Nothing to do here.
* Refactor to use urfave/cli/v2 (https://github.com/go-gitea/gitea/pull/25959)
* The major change here updated `gitea` to stop accepting
`gitea web`'s command options. Our dockerfile is set up to use
`CMD ["/usr/local/bin/gitea", "web"]` so we are not affected.
* Move public asset files to the proper directory (https://github.com/go-gitea/gitea/pull/25907)
* We update the testinfra test for robots.txt to more robustly
check file contents. Previously it checked a very generic
prefix which may indicate a generic file being served.
* We move custom/public/img into custom/public/assets/img.
Screenshots should be used to confirm this works as expected.
* Remove commit status running and warning to align GitHub (https://github.com/go-gitea/gitea/pull/25839)
(partially reverted: Restore warning commit status (https://github.com/go-gitea/gitea/pull/27504) (https://github.com/go-gitea/gitea/pull/27529))
* We don't rely on commit statuses as this is a read only replica
of Gerrit.
* Remove "CHARSET" config option for MySQL, always use "utf8mb4" (https://github.com/go-gitea/gitea/pull/25413)
* We don't set [database].CHARSET. Doesn't affect us.
* Set SSH_AUTHORIZED_KEYS_BACKUP to false (https://github.com/go-gitea/gitea/pull/25412)
* We don't set this value explicitly so the default will flip from
true to false for us. I don't think this is an issue because we
keep track of our pubkeys in git.
* SECURITY
* Dont leak private users via extensions (https://github.com/go-gitea/gitea/pull/28023) (https://github.com/go-gitea/gitea/pull/28029)
* We don't use private users.
* Expanded minimum RSA Keylength to 3072 (https://github.com/go-gitea/gitea/pull/26604)
* We have rotated keys used to replicate from gerrit to gitea to
work around this. Now are keys are long enough to make gitea
happy.
* BUILD
* Dockerfile small refactor (https://github.com/go-gitea/gitea/pull/27757) (https://github.com/go-gitea/gitea/pull/27826)
* I've updated our Dockerfile to mimic these changes. Comment
whitespace as well as how things are copied and chmoded in the
build image have been updated.
* TODO the file copies aren't working for us. I think due to how we
ultimately clone the git repo. We use RUN but upstream is using
COPY against the local build dir. I've aligned as best as I can,
but we should see if we can do a similar COPY on our end.
* Fix build errors on BSD (in BSDMakefile) (#27594) (#27608)
* We don't run on BSD.
* Fully replace drone with actions (#27556) (#27575)
* This is how upstream builds their images. Doesn't affect our
builds.
* Enable markdownlint no-duplicate-header (#27500) (#27506)
* Build time linters are somethign we don't care too much about on
our end.
* Enable production source maps for index.js, fix CSS sourcemaps (https://github.com/go-gitea/gitea/pull/27291) (https://github.com/go-gitea/gitea/pull/27295)
* This emits a source map for index.js which can be used for in
browser debugging. Don't think this is anything we need to take
action on.
* Update snap package (#27021)
* We don't use a snap package.
* Bump go to 1.21 (https://github.com/go-gitea/gitea/pull/26608)
* Our go version is updated in the Dockerfile.
* Bump xgo to go-1.21.x and node to 20 in release-version (https://github.com/go-gitea/gitea/pull/26589)
* Our node version is updated in the Dockerfile.
* Add template linting via djlint (#25212)
* Build time linters are somethign we don't care too much about on
our end.
1.21.1
* SECURITY
* Fix comment permissions (https://github.com/go-gitea/gitea/pull/28213) (https://github.com/go-gitea/gitea/pull/28216)
* This affects disclosure of private repo content. We don't have
private repos so shouldn't be affected.
1.21.2
* SECURITY
* Rebuild with recently released golang version
* We'll automatically rebuild with newer golang too.
* Fix missing check (https://github.com/go-gitea/gitea/pull/28406) (https://github.com/go-gitea/gitea/pull/28411)
* There is minimal info here but it appears to be related to
issues. We don't use issues so shouldn't affect us.
* Do some missing checks (https://github.com/go-gitea/gitea/pull/28423) (https://github.com/go-gitea/gitea/pull/28432)
* There is minimal info here but it appears to be related to
checks around private repos. We don't use private repos so this
shouldn't affect us.
1.21.3
* SECURITY
* Update golang.org/x/crypto (https://github.com/go-gitea/gitea/pull/28519)
* This addresses recent concerns found in ssh for gitea's built in
ssh implementation. We use openssh as provided by debian so will
rely on our distro to provide fixes.
Finally 1.21.x broke rendering of code search templates. The issue is
here: https://github.com/go-gitea/gitea/issues/28607. To address this
I've vendored the two fixed template files
(https://github.com/go-gitea/gitea/pull/28576/files)into our custom
template dirs. Once upstream makes a release with these fixes we can
drop the custom files entirely as we don't override anything special in
them.
Change-Id: Id714826a9bc7682403afcf90f2761db8c84eacbf
This is a bugfix release with some security updates that while maybe not
critical due to our use of gitea as a read only mirror would be good to
get in anyway. Additionally we'll want to be on the latest 1.20 release
before updating to 1.21.
The changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.20.6/CHANGELOG.md
Git diff reports no template updates between 1.20.5 and 1.20.6 in the
templates that we override.
Change-Id: Idd38660dce53b5765c1ab4bc021544bd105df138
Upstream golang updates are worth recompiling gitea under. Details can
be found in the golang 1.20 release notes:
https://go.dev/doc/devel/release#go1.20.minor
Change-Id: I6ddeaa23d5aee23928d6f448095bb69fe82d94a9
This ensures we're always up to date with our packages even if the
upstream container images lag behind debian proper. Useful for pulling
in bugfixes more quickly than upstream seems to think we want them.
Change-Id: Ia7ec97ca17ad1175c8ddd4c5d037f516dcdd891a
This looks like a straightforward bugfix release according to the
release notes [0]. There are also no template changes in the three
templates we override.
[0] https://github.com/go-gitea/gitea/blob/v1.20.5/CHANGELOG.md
Change-Id: Id5521289daeb974ac1ec73ffb85d5adb5780fae8
This is a small update from what we are currently running (1.20.4). The
full changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.20.4/CHANGELOG.md
There is one small template update in 1.20.4, but it is to documentation
urls which we are already overriding with our own documentation links so
doesn't affect us.
Change-Id: I5ed374e2e6e0056397e05404e0bf42ffd3906469
There are two main components that I expect will be affected by this
bookworm update. The first is git. Git is updated from 2.30.2-1+deb11u2
to 2.39.2-1.1. In general git has been very good about maintaining
compatibility, but there is some risk of a behavior change impacting us.
Second is openssh-server. In particular we upgrade from 8.4p1-5+deb11u1
to 9.2p1-2 which crosses the 8.8 release threshold. 8.8 changed how RSA
keys are handled. Now by default only RSA + SHA2 is negotiated by
default and RSA + SHA1 is not allowed. Gerrit currently uses RSA keys
for replication. This should all be fine because MINA added support for
negotiating RSA + SHA2 as both a client and server in version prior to
that running in Gerrit 3.7, but there is still some risk this will
break.
We can test this with held nodes, or we can assume it will work given
the fixes in MINA. Then if it breaks we can switched to ed25519 keys or
update config to openssh to reenable SHA1 or we can revert to bullseye.
Note, we make a small update to the image to set `ENV USER git` in both
the web and ssh iamges as the ssh image uses this env var to dynamically
set sshd_config's AllowUsers value. We weren't setting this value
previously which older sshd seems to ignore. Bookworm sshd gets angry
about this directly being set without a value in its config.
Change-Id: I5a923798e90be4dcd9486a97014180ed1790fab1
We want to rebuild gitea on bullseye before upgrading to bookworm. The
reason for this is we only prune images that are more than 72 hours old.
Deploying a new bullseye image then deploying the bookworm image ensures
we have 72 hours before that bullseye image is pruned allowing us to
easily revert if necessary.
Change-Id: I5cc8078e0c5f6e55215e9419ac3569a686060b05
The 1.20 release is here. Upgrade to this version.
Things we change:
* Nodejs is updated to v20 to match the alpine 3.18 package version
that gitea switched to.
* Templates are updated to match upstream 1.20 templates.
* We drop the deprecated LFS_CONTENT_PATH from our server config and
add an equivalent [lfs] config section.
* Normalize app.ini content so that gitea won't write it back out to
disk which fails due to permissions (and we don't want it overriding
our configs anyway). For this we need to add WORK_PATH,
oauth2.JWT_SECRET, and normliazing spacing and quoting for entries.
* Set JWT_SIGNING_PRIVATE_KEY_FILE explicitly to be located at
/data/gitea/jwt/private.pem otherwise gitea attempts to create the
jwt/ directory somewhere it doesn't have permissions to (I think /)
and won't be persisted across containers.
* Replace log.ENABLE_ACCESS_LOG with log.logger.access.MODE = file as
log.ENABLE_ACCESS_LOG is deprecated and doesn't appear to work
anymore. This appears to be a documentation issue or they deprecated
and removed things more quickly than originaly anticipated.
* Add log.ACCESS_LOG_TEMPLATE to readd source port info to the access
logs.
* Add a templates/custom/header.tmpl file to set theme-color as the
config item for this has been removed.
The 1.20.0 changelog [0] lists a number of breaking changes. I have
tried to capture there here as well as potential impacts to us:
* Fix WORK_DIR for docker (root) image (#25738) (#25811)
* We set APP_DATA_PATH to /data/gitea in our app.ini config which
means we aren't relying on the inferred value from WORK_DIR. I
think this isolates us from this chnage. But we can check for any
content in /app/gitea on our running containers to be sure.
Note we hardcode WORK_PATH to /data/gitea because gitea attempts to
write this back to our config file otherwise as a result of this
change.
* Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
* We disable actions. This shouldn't affect us.
* Refactor path & config system (#25330) (#25416)
* This is related to the first breaking changes. Basically we need
to check our use of WORK_PATH and determine if we need to hardcode
it to something. Probably a good idea given how they keep changing
this on us...
* Fix all possible setting error related storages and added some tests (#23911) (#25244)
* We don't use storage configs. This shouldn't affect us.
* Use a separate admin page to show global stats, remove actions stat (#25062)
* The breaking change only affects the use of Prometheus which we
don't have yet.
* Remove the service worker (#25010)
* Is listed as a breaking change for UI cleanup that we don't need to
cleanup. (ui.USE_SERVICE_WORKER can be removed).
* Remove meta tags theme-color and default-theme (#24960)
* https://github.com/go-gitea/gitea/pull/24960
* Addressed by adding a custome templates/custom/header.tmpl file
that sets this meta tag to the existing value. Note this only
affects mobile clients so needs to be double checked via a mobile
device.
* Use [git.config] for reflog cleaning up (#24958)
* Affects git.reflog config entries and we don' thave any.
* Allow all URL schemes in Markdown links by default (#24805)
* TODO determine if we need to limit link types and add that
change if so. A point release was made to exclude bad types
already. Not sure if there are others we need to add.
* Redesign Scoped Access Tokens (#24767)
* This breaks scoped tokens with scopes that don't exist anymore.
I don't think we use scoped tokens.
* Fix team members API endpoint pagination (#24754)
* They 1 index the pagination of this endpoint now instead of 0
indexing it.
* Rewrite logger system (#24726)
* They made changes to the loggers and encourage people to check
their logs work as expected when upgrading. Using our test instance
logs I don't see anything that is a problem.
* Increase default LFS auth timeout from 20m to 24h (#24628)
* We don't LFS but can change the timeout if necssary.
* Rewrite queue (#24505)
* Check for 'Removed queue option:' log entries and clean up
corresponding entries in app.ini. We don't have any of these
entries in our logs.
* Remove unused setting time.FORMAT (#24430)
* We didn't have this entry in app.ini.
* Refactor setting.Other and remove unused SHOW_FOOTER_BRANDING (#24270)
* This setting can be removed from app.ini, but we don't set it.
* Correct the access log format (#24085)
* We uncorrect it because they removed source port info in the
correction step. They did this because some log parsers don't
understand having the port info present, but if you are behind a
reverse proxy this information is very important. We run gitea behind
a reverse proxy.
* Reserve ".png" suffix for user/org names (#23992)
* .png is no longer a valid user/org name (it didn't work before
anyway).
* Prefer native parser for SSH public key parsing (#23798)
* If you relied on the openssh ssh-keygen executable for public key
parsing then you must explicitly set config to use it. I don't
think we do as the golang native parser should handle the keytypes
we use.
* Editor preview support for external renderers (#23333)
* This removed an app.ini settings we don't seem to set.
* Add Gitea Profile Readmes (#23260)
* Readmes in .profile repositories will always be shown now. We don't
have .profiles repos so this doesn't affect us.
* Refactor ctx in templates (#23105)
* This affects custom templates as we may need to replace ctx with
ctxData in our templates.
* I've searched our templates for 'root', 'ctx', and 'ctxData' and
have found no instances. Looking at the files modifying by the
commits related to this change:
bd7f218dce7c01260e1d
we don't seem to override the affected files. I think we are fine
as is.
The 1.20.1 changelog indicates there are no breaking changes, and git
diff shows no changes to the templates between 1.20.0 and 1.20.1.
The 1.20.2 changelog indicates there are no breaking changes, and git
diff shows no changes to the templates between 1.20.1 and 1.20.2.
The 1.20.3 changelog indicates there is a single breaking change:
* Fix the wrong derive path (#26271) (#26318)
* If I'm reading the code correctly, I think the problem was storage
configuration inheriting the base storage config and particularly
the related path. Then when archival storage looked for its config
the path was the root gitea storage path and it would inadverdently
delete all repos when deleting a single repo or something like
that. We don't use these features and these are mirrors anyway so I
don't think this really affects us.
[0] https://github.com/go-gitea/gitea/blob/v1.20.3/CHANGELOG.md
Change-Id: I265f0ad16c0e757a11c1d889996ffe2198625a1a
Gitea 1.19.4 patch update. Release notes can be found at:
https://github.com/go-gitea/gitea/blob/v1.19.4/CHANGELOG.md
There are no breaking changes listed since the 1.19.3 we're
currently running, but one minor security improvement which is
basically not relevant to us, as well as a number of bug fixes some
of which may be (I skimmed and don't think any are but can't be
certain). Mainly this merges one template update to keep our forked
templates in line with upstream.
Change-Id: Ibf49a7b5701a3bfbee91acb53485443ff3c29411
Gitea 1.19 is here. Release notes can be found at:
https://github.com/go-gitea/gitea/blob/v1.19.3/CHANGELOG.md
I've highlighted the breaking changes entries in this commit message
with notes on whether or not this affects us.
* 1.19.0
* Add loading yaml label template files (#22976) (#23232)
* I think this is for auto applying labels to PRs? Shouldn't affect
us.
* Make issue and code search support camel case for Bleve (#22829)
* We don't rely on code search in gitea yet, but this seems like a
good addition.
* Repositories: by default disable all units except code and pulls on forks (#22541)
* We don't allow forks so this shouldn't affect us.
* Support template for merge message description (#22248)
* We don't do merging via gitea so this shouldn't affect us.
* Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
* We don't set this flag in our app.ini config file.
* Implement actions (#21937)
* They are disabled by default, but I've explicitly disabled them as
we use Zuul.
* Remove deprecated DSA host key from Docker Container (#21522)
* Our installatins were all created prior to this update which
generated DSA keys. We can go and manually clean them up with
gitea disabled if we like.
* Improve valid user name check (#20136)
* As long as our CI job is able to create the necessary accounts we
should be fine.
* 1.19.1
* Rename actions unit to repo.actions and add docs for it (#23733) (#23881)
* app.ini.j2 updated to use repo.actions to disable the repo unit.
* 1.19.2
* No breaking changes listed.
* 1.19.3
* No breaking changes listed.
In addition to the breaking changes upstream has updated to golang 1.20
and nodejs 18. We update our image to match.
In 1.19.0 and 1.19.1 org listing required authentication which was a new
change/regression in [0] gitea. I have updated the logo update role to
drop authentication details to make it clear this API should be publicly
accessible. In earlier patchsets I was forcing basic auth due to another
bug [1] which is not correct as we expect this API to be public.
Updating the role this way makes that more clear.
Finally the usual template updates are applied to keep our forked
templates in line with upstream. There were no template changes between
1.19.0, 1.19.1, 1.19.2, and 1.19.3 according to git diff.
[0] https://github.com/go-gitea/gitea/issues/24159
[1] https://github.com/go-gitea/gitea/issues/24160
Change-Id: I5570deaf505a27c8c90c58896de990a4d2d44530
This upgrade bumps us up two minor releases for gitea. Changelogs can be
found here:
https://github.com/go-gitea/gitea/blob/v1.18.5/CHANGELOG.md
On the whole seems pretty minor for our uses. I did check the diffs
between 1.18.3 and 1.18.5 for template files we override and those diffs
are empty.
Change-Id: I68204afc28b6382559ece115994c36d35ab60844
Add logos for our cloud donors, similar to the
https://openinfra.dev/members/#infrastructure or
https://www.openstack.org/community/supporting-organizations/#infra-donors
lists.
Companies whose logos are listed on the OpenInfra members page have
given explicit permission to the foundation to display those logos
in order to promote their involvement in foundation-led activities,
which includes projects and communities represented by the
foundation (like the OpenDev Collaboratory). The agreements the
companies referenced in this change have entered into aren't limited
to specific web sites, so displaying them on opendev.org shouldn't
require that we seek additional permission in order to do so.
When adding these logos in a subdirectory (for ease of maintenance),
we need to update the copy step from the assets image to the gitea
image making it recursive, otherwise the directory will be omitted
form the final image build. It's also worth noting that COPY
directives in Dockerfiles behave in an odd and non-shell-like
manner, as they flatten the files when recursing source directories,
so you end up needing to force them into the intended target
directories.
Change-Id: I56279da7008cd4961c964b00f23a255e2865b602
This reverts commit eb823707ab.
Upstream Debian has updated git to 2.30.2-1+deb11u1 which patches git
for the issues we manually patched to cover. We don't need the manual
patch anymore and can switch to the distro hence this revert.
Reviewers should double check that the image build process installs the
expected 2.30.2-1+deb11u1 version.
Change-Id: I17fd16a88fbcaa9bbd5d32bfc6d4bb8cdd52ce99
This updates our Gitea installation to 1.18.3. We bump our go verison to
1.19 to match upstream, disable some newer features in app.ini, and
synchronize our template files with upstream edits.
Otherwise not much stood out to me in the changelog as far as backward
compatibility goes:
https://github.com/go-gitea/gitea/blob/v1.18.3/CHANGELOG.md
Reviewers should look this over and double check that though.
Change-Id: I9679fb4908621a065ab3a0bc670a0e96ea15f476
The template files we override do not appear to have changed between
1.17.3 and 1.17.4. This update should get us into a spot where we can
plan to upgrade to 1.18.
Change-Id: I9690a7339bb8ca913ca279c9eaf3ff13eefff9e1
This updates our gitea images from 1.17.2 to 1.17.3. Git diff of the
three template files we override between 1.17.2 and 1.17.3 show no
changes to the templates. Also, while the changelog indicates go 1.19
fmt is used with gitea 1.17 now the 1.17 Dockerfile continues to build
gitea itself with go 1.18. We don't update our golang version for this
reason.
The changelog can be found here:
https://github.com/go-gitea/gitea/blob/v1.17.3/CHANGELOG.md
Additionally, I've modified how we do our docker image prune step to
keep old images for 3 days. The reason for this is it gives us a short
window of time where we can easily revert to the old image that we have
stored locally on the system. Keep in mind that this will slightly
increase disk consumption on the nodes by about 1GB per
gitea+gitea-ssh+mariadb set. I think this is worthwhile considering
these images don't update often so we should only ever have one extra
old set on the node. If others don't care for this feel free to modify
the change to remove this edit.
Change-Id: I84e89e461ae8957c553c8f3d1b537af622a824b4
This is the first minor Gitea update we've seen in a long time with
updated template files. I've updated the header.tmpl file to match
1.17.2's content.
Full changelog can be seen at:
https://github.com/go-gitea/gitea/blob/v1.17.2/CHANGELOG.md#1172---2022-09-06
Change-Id: I087f13beb64e2a3b607f1f60e2d3841567845543
Please carefully review the changelog:
https://github.com/go-gitea/gitea/blob/v1.17.1/CHANGELOG.md
and ensure that we've properly addressed the items listed there.
I have listed the breaking changes list here and any actions we've taken
or justification for why they don't affect us:
* Require go1.18 for Gitea 1.17 (#19918)
We were already using go 1.18.
* Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
Path is already absolute:
playbooks/roles/gitea/templates/app.ini.j2:APP_DATA_PATH = /data/gitea
* Nuke the incorrect permission report on /api/v1/notifications (#19761)
This has to do with how that api endpoint returns permissions. We
don't use this anywhere as far as I can tell.
* Refactor git module, make Gitea use internal git config (#19732)
In the gitea container /data/git/.gitconfig is present but we don't
appear to manage this in system-config. I think that means this
change is a noop for us as gitea will move its managed .gitconfig
from /data/git/.gitconfig to /data/git/repositories/.gitconfig.
I expect the contents to be the same since gitea must be managing
the file old content today.
* Remove RequireHighlightJS field, update plantuml example. (#19615)
This was a flag that toggled syntax highlighting on and off as best
as I can tell. The default is to just have it turned on and we don't
check the flag in any of our templates.
* Increase minimal required git version to 2.0 (#19577)
Debian Bullseye ships with 2.30.2-1.
* Add a directory prefix gitea-src-VERSION to release-tar-file (#19396)
They were tarbombing people and their tarballs extracted into the
current dir. They now no longer do that. We build from git so this
doesn't affect us.
* Use "main" as default branch name (#19354)
We explicitly set the default branch name to master for both gitea and
gerrit. This should be a noop for us. Testing has been added to check
this.
https://opendev.org/opendev/system-config/src/branch/master/playbooks/roles/gitea-git-repos/library/gitea_create_repos.py#L129-L132https://opendev.org/opendev/jeepyb/src/branch/master/jeepyb/cmd/manage_projects.py#L488
* Make cron task no notice on success (#19221)
I'm not aware of us relying on any cron tasks or any cron task
notifications.
* Add pam account authorization check (#19040)
We don't integrate with pam so the change in behavior to check
authorization does not affect us.
* Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
This message shows up in CI because ROOT_URL is https://opendev.org
but we access gitea in testing via localhost. I don't think this
is worth fixing. Its a good reminder that the instance is a test
instance.
* Refactor mirror code & fix StartToMirror (#18904)
We don't mirror repos with gitea. Should be a noop for us.
* Remove deprecated SSH ciphers from default (#18697)
hmac-sha1-96, diffie-hellman-group1-sha1, and arcfour{128,256} are
removed. The only ssh user is gerrit's replication. MINA should
be able to support more modern ciphers and be fine.
* Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
Previously, logo.svg was used as the favicon.svg and gitea only fell
back to favicon.png if the browser couldn't so the .svg. But now they
want to support users having different logo.svg and favicon.svg. This
necessitates explicitly adding a favicon.svg. Something we already do.
Details at https://github.com/go-gitea/gitea/pull/18542
* Update reserved usernames list (#18438)
This shouldn't be a problem for us as we don't have regular users and
gerrit is not a reserved name.
* Support custom ACME provider (#18340)
We run ACME with LE out of band. This doesn't affect us.
* Change initial TrustModel to committer (#18335)
This changes the signed commits trust model from collaborator
to committer. THis won't affect us as we aren't maintaining trusted
keys. But basically this now shows if the signed commit by the
committer matches the committer's key.
* Update HTTP status codes (#18063)
This changed redirect HTTP codes from 302 to 307. Shouldn't
affect us.
* Upgrade Alpine from 3.13 to 3.15 (#18050)
We build on Debian and not alpine. The alpine nodejs version did
change from 14 to 16 in this change and we've updated to match.
* Restrict email address validation (#17688)
If we had real users this may pose a problem as they are limiting
the set of emails gitea would accept to a smaller set than they
accepted before. Also fewer than actually allowed by email. But
we don't have real users so this should be fine.
* Refactor Router Logger (#17308)
This streamlines and improves the log format of some of the gitea
logs. We aren't automatically processing these logs today so this
shouldn't have a major impact on us.
Additionally this release adds a new git.HOME_PATH setting to set the
location for writing out git configs and potential gnupg configs. We
should be fine to let gitea write this content out to the default path,
but there is potential for this to impact our ssh daemon.
Changes made include:
* Minimal updates to web templates to match 1.17
* Updating nodejs to v16 as v14 failed to build gitea
* Disabling the new enabled by default "packages" feature
* New test to check repos have a master branch by default instead of
Gitea's new default of main.
Change-Id: I88105eccd118e3daca72f0b86a6b351c35e37413
This is a bugfix release that gitea suggests we update to for important
fixes.
Changelog can be found at:
https://github.com/go-gitea/gitea/blob/v1.16.9/CHANGELOG.md
One thing I note is the inclusion of support for git safe.directory in
newer git versions. Our bullseye git version is too old to support this,
but we also configure consistent users so this should be a non issue for
us.
Change-Id: I8c3e4e5eead13eeb72bee3ae6c8b89081cdc5cf0
This appears to be a straightforward bug fix release according to the
release notes:
https://github.com/go-gitea/gitea/blob/v1.16.8/CHANGELOG.md
No template change between v1.16.7 and v1.16.8 according to git.
Change-Id: I0b9bb2f15beb7d3b1541c02e6e96601d25449e33
This is the latest bug fix release. Upgrade to it to pull in those bug
fixes. You can see the full list of changes in the release notes:
https://github.com/go-gitea/gitea/blob/v1.16.7/CHANGELOG.md#1167---2022-05-02
I've checked template diffs between v1.16.6 and v1.16.7 and they are
empty.
Change-Id: I5c8cb5bf02ab5ca8f64da25f1384291921ba8bba
This update brings a number of bugfixes. The most visible to us is it
should fix partial clones for older clients. This means we can reenable
partial cloning again. Note that we have testing of partial clones which
should detect if this is working for us.
There are no template diffs for the three template files we override
between 1.16.5 and 1.16.6. The release notes can be found at:
https://github.com/go-gitea/gitea/blob/v1.16.6/CHANGELOG.md#1166---2022-04-20
Change-Id: Ie5b6a3bcd73f135fe8914b55896a3a428a41dccc
We update gitea to v1.16.5 and update to using the golang:1.18-bullseye
image as the release notes [0] for this version indicate that upstream
has switched to golang 1.18 to build now.
I don't see any deltas in the templates that we updated between v1.16.4
and v1.16.5
[0] https://raw.githubusercontent.com/go-gitea/gitea/v1.16.5/CHANGELOG.md
Change-Id: I794d0db2dbb64d962debaba385eb0e46b463877a
Gitea 1.16.4 is now available. Note that this update includes the
changes from 1.16.0-1.16.3 as well since we are upgrading from
1.15.x. The changelog can be found at:
https://github.com/go-gitea/gitea/blob/v1.16.4/CHANGELOG.md
In particular this calls out:
https://github.com/go-gitea/gitea/pull/17846
as a potentially breaking change that may impact our use of ssh. We
attempt to update our Dockerfile to use the correct gitea command script
to address this but we should likely test replication before landing
this update.
The changelog is quite large and I haven't been able to fully examine it
for impacts. Reviewers are encouraged to look it over and find items we
should address. Additionally once this is reliably building we should
hold a node and inspect it directly.
Change-Id: I0bf7400d43583a8e8b54581225c70cba53007876
Changelog here:
https://github.com/go-gitea/gitea/blob/v1.15.7/CHANGELOG.md#1157---2021-12-01
Seems to mostly be a number of bugfixes which we like to get.
Note there is one tiny mostly inconsequently template update that we
make to a commented out portion of the head navbar file. But we do this
to avoid unnecessary future delta that needs to be resolved.
Change-Id: I9bf19c4f63d1713701ec889a705f3c8855d943d7
We move robots.txt to custom/ instead of custom/public/ as
custom/public/ is now served at /assets/ via the gitea webserver and we
need robots.txt at the root. Related to this we update image urls to be
prefixed with AssetUrlPrefix in their paths so that if this path changes
against in the future we should automatically accomodate that.
Change-Id: I8ce5fe8ff342617ff156a401be8418d593fd35c4