Upgrade Gitea to 1.21.3. The changelogs for this release can be found
here:
https://github.com/go-gitea/gitea/blob/v1.21.3/CHANGELOG.md
I have attempted to collect the interesting bits in this commit message
as well as information on why we do or don't make changes to address
these items.
1.21.0
* BREAKING
* Restrict certificate type for builtin SSH server (https://github.com/go-gitea/gitea/pull/26789)
* We don't use the builtin SSH server and don't use certificates
for auth. Nothing to do here.
* Refactor to use urfave/cli/v2 (https://github.com/go-gitea/gitea/pull/25959)
* The major change here updated `gitea` to stop accepting
`gitea web`'s command options. Our dockerfile is set up to use
`CMD ["/usr/local/bin/gitea", "web"]` so we are not affected.
* Move public asset files to the proper directory (https://github.com/go-gitea/gitea/pull/25907)
* We update the testinfra test for robots.txt to more robustly
check file contents. Previously it checked a very generic
prefix which may indicate a generic file being served.
* We move custom/public/img into custom/public/assets/img.
Screenshots should be used to confirm this works as expected.
* Remove commit status running and warning to align GitHub (https://github.com/go-gitea/gitea/pull/25839)
(partially reverted: Restore warning commit status (https://github.com/go-gitea/gitea/pull/27504) (https://github.com/go-gitea/gitea/pull/27529))
* We don't rely on commit statuses as this is a read only replica
of Gerrit.
* Remove "CHARSET" config option for MySQL, always use "utf8mb4" (https://github.com/go-gitea/gitea/pull/25413)
* We don't set [database].CHARSET. Doesn't affect us.
* Set SSH_AUTHORIZED_KEYS_BACKUP to false (https://github.com/go-gitea/gitea/pull/25412)
* We don't set this value explicitly so the default will flip from
true to false for us. I don't think this is an issue because we
keep track of our pubkeys in git.
* SECURITY
* Dont leak private users via extensions (https://github.com/go-gitea/gitea/pull/28023) (https://github.com/go-gitea/gitea/pull/28029)
* We don't use private users.
* Expanded minimum RSA Keylength to 3072 (https://github.com/go-gitea/gitea/pull/26604)
* We have rotated keys used to replicate from gerrit to gitea to
work around this. Now are keys are long enough to make gitea
happy.
* BUILD
* Dockerfile small refactor (https://github.com/go-gitea/gitea/pull/27757) (https://github.com/go-gitea/gitea/pull/27826)
* I've updated our Dockerfile to mimic these changes. Comment
whitespace as well as how things are copied and chmoded in the
build image have been updated.
* TODO the file copies aren't working for us. I think due to how we
ultimately clone the git repo. We use RUN but upstream is using
COPY against the local build dir. I've aligned as best as I can,
but we should see if we can do a similar COPY on our end.
* Fix build errors on BSD (in BSDMakefile) (#27594) (#27608)
* We don't run on BSD.
* Fully replace drone with actions (#27556) (#27575)
* This is how upstream builds their images. Doesn't affect our
builds.
* Enable markdownlint no-duplicate-header (#27500) (#27506)
* Build time linters are somethign we don't care too much about on
our end.
* Enable production source maps for index.js, fix CSS sourcemaps (https://github.com/go-gitea/gitea/pull/27291) (https://github.com/go-gitea/gitea/pull/27295)
* This emits a source map for index.js which can be used for in
browser debugging. Don't think this is anything we need to take
action on.
* Update snap package (#27021)
* We don't use a snap package.
* Bump go to 1.21 (https://github.com/go-gitea/gitea/pull/26608)
* Our go version is updated in the Dockerfile.
* Bump xgo to go-1.21.x and node to 20 in release-version (https://github.com/go-gitea/gitea/pull/26589)
* Our node version is updated in the Dockerfile.
* Add template linting via djlint (#25212)
* Build time linters are somethign we don't care too much about on
our end.
1.21.1
* SECURITY
* Fix comment permissions (https://github.com/go-gitea/gitea/pull/28213) (https://github.com/go-gitea/gitea/pull/28216)
* This affects disclosure of private repo content. We don't have
private repos so shouldn't be affected.
1.21.2
* SECURITY
* Rebuild with recently released golang version
* We'll automatically rebuild with newer golang too.
* Fix missing check (https://github.com/go-gitea/gitea/pull/28406) (https://github.com/go-gitea/gitea/pull/28411)
* There is minimal info here but it appears to be related to
issues. We don't use issues so shouldn't affect us.
* Do some missing checks (https://github.com/go-gitea/gitea/pull/28423) (https://github.com/go-gitea/gitea/pull/28432)
* There is minimal info here but it appears to be related to
checks around private repos. We don't use private repos so this
shouldn't affect us.
1.21.3
* SECURITY
* Update golang.org/x/crypto (https://github.com/go-gitea/gitea/pull/28519)
* This addresses recent concerns found in ssh for gitea's built in
ssh implementation. We use openssh as provided by debian so will
rely on our distro to provide fixes.
Finally 1.21.x broke rendering of code search templates. The issue is
here: https://github.com/go-gitea/gitea/issues/28607. To address this
I've vendored the two fixed template files
(https://github.com/go-gitea/gitea/pull/28576/files)into our custom
template dirs. Once upstream makes a release with these fixes we can
drop the custom files entirely as we don't override anything special in
them.
Change-Id: Id714826a9bc7682403afcf90f2761db8c84eacbf
The 1.20 release is here. Upgrade to this version.
Things we change:
* Nodejs is updated to v20 to match the alpine 3.18 package version
that gitea switched to.
* Templates are updated to match upstream 1.20 templates.
* We drop the deprecated LFS_CONTENT_PATH from our server config and
add an equivalent [lfs] config section.
* Normalize app.ini content so that gitea won't write it back out to
disk which fails due to permissions (and we don't want it overriding
our configs anyway). For this we need to add WORK_PATH,
oauth2.JWT_SECRET, and normliazing spacing and quoting for entries.
* Set JWT_SIGNING_PRIVATE_KEY_FILE explicitly to be located at
/data/gitea/jwt/private.pem otherwise gitea attempts to create the
jwt/ directory somewhere it doesn't have permissions to (I think /)
and won't be persisted across containers.
* Replace log.ENABLE_ACCESS_LOG with log.logger.access.MODE = file as
log.ENABLE_ACCESS_LOG is deprecated and doesn't appear to work
anymore. This appears to be a documentation issue or they deprecated
and removed things more quickly than originaly anticipated.
* Add log.ACCESS_LOG_TEMPLATE to readd source port info to the access
logs.
* Add a templates/custom/header.tmpl file to set theme-color as the
config item for this has been removed.
The 1.20.0 changelog [0] lists a number of breaking changes. I have
tried to capture there here as well as potential impacts to us:
* Fix WORK_DIR for docker (root) image (#25738) (#25811)
* We set APP_DATA_PATH to /data/gitea in our app.ini config which
means we aren't relying on the inferred value from WORK_DIR. I
think this isolates us from this chnage. But we can check for any
content in /app/gitea on our running containers to be sure.
Note we hardcode WORK_PATH to /data/gitea because gitea attempts to
write this back to our config file otherwise as a result of this
change.
* Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
* We disable actions. This shouldn't affect us.
* Refactor path & config system (#25330) (#25416)
* This is related to the first breaking changes. Basically we need
to check our use of WORK_PATH and determine if we need to hardcode
it to something. Probably a good idea given how they keep changing
this on us...
* Fix all possible setting error related storages and added some tests (#23911) (#25244)
* We don't use storage configs. This shouldn't affect us.
* Use a separate admin page to show global stats, remove actions stat (#25062)
* The breaking change only affects the use of Prometheus which we
don't have yet.
* Remove the service worker (#25010)
* Is listed as a breaking change for UI cleanup that we don't need to
cleanup. (ui.USE_SERVICE_WORKER can be removed).
* Remove meta tags theme-color and default-theme (#24960)
* https://github.com/go-gitea/gitea/pull/24960
* Addressed by adding a custome templates/custom/header.tmpl file
that sets this meta tag to the existing value. Note this only
affects mobile clients so needs to be double checked via a mobile
device.
* Use [git.config] for reflog cleaning up (#24958)
* Affects git.reflog config entries and we don' thave any.
* Allow all URL schemes in Markdown links by default (#24805)
* TODO determine if we need to limit link types and add that
change if so. A point release was made to exclude bad types
already. Not sure if there are others we need to add.
* Redesign Scoped Access Tokens (#24767)
* This breaks scoped tokens with scopes that don't exist anymore.
I don't think we use scoped tokens.
* Fix team members API endpoint pagination (#24754)
* They 1 index the pagination of this endpoint now instead of 0
indexing it.
* Rewrite logger system (#24726)
* They made changes to the loggers and encourage people to check
their logs work as expected when upgrading. Using our test instance
logs I don't see anything that is a problem.
* Increase default LFS auth timeout from 20m to 24h (#24628)
* We don't LFS but can change the timeout if necssary.
* Rewrite queue (#24505)
* Check for 'Removed queue option:' log entries and clean up
corresponding entries in app.ini. We don't have any of these
entries in our logs.
* Remove unused setting time.FORMAT (#24430)
* We didn't have this entry in app.ini.
* Refactor setting.Other and remove unused SHOW_FOOTER_BRANDING (#24270)
* This setting can be removed from app.ini, but we don't set it.
* Correct the access log format (#24085)
* We uncorrect it because they removed source port info in the
correction step. They did this because some log parsers don't
understand having the port info present, but if you are behind a
reverse proxy this information is very important. We run gitea behind
a reverse proxy.
* Reserve ".png" suffix for user/org names (#23992)
* .png is no longer a valid user/org name (it didn't work before
anyway).
* Prefer native parser for SSH public key parsing (#23798)
* If you relied on the openssh ssh-keygen executable for public key
parsing then you must explicitly set config to use it. I don't
think we do as the golang native parser should handle the keytypes
we use.
* Editor preview support for external renderers (#23333)
* This removed an app.ini settings we don't seem to set.
* Add Gitea Profile Readmes (#23260)
* Readmes in .profile repositories will always be shown now. We don't
have .profiles repos so this doesn't affect us.
* Refactor ctx in templates (#23105)
* This affects custom templates as we may need to replace ctx with
ctxData in our templates.
* I've searched our templates for 'root', 'ctx', and 'ctxData' and
have found no instances. Looking at the files modifying by the
commits related to this change:
bd7f218dce7c01260e1d
we don't seem to override the affected files. I think we are fine
as is.
The 1.20.1 changelog indicates there are no breaking changes, and git
diff shows no changes to the templates between 1.20.0 and 1.20.1.
The 1.20.2 changelog indicates there are no breaking changes, and git
diff shows no changes to the templates between 1.20.1 and 1.20.2.
The 1.20.3 changelog indicates there is a single breaking change:
* Fix the wrong derive path (#26271) (#26318)
* If I'm reading the code correctly, I think the problem was storage
configuration inheriting the base storage config and particularly
the related path. Then when archival storage looked for its config
the path was the root gitea storage path and it would inadverdently
delete all repos when deleting a single repo or something like
that. We don't use these features and these are mirrors anyway so I
don't think this really affects us.
[0] https://github.com/go-gitea/gitea/blob/v1.20.3/CHANGELOG.md
Change-Id: I265f0ad16c0e757a11c1d889996ffe2198625a1a
Gitea 1.19.4 patch update. Release notes can be found at:
https://github.com/go-gitea/gitea/blob/v1.19.4/CHANGELOG.md
There are no breaking changes listed since the 1.19.3 we're
currently running, but one minor security improvement which is
basically not relevant to us, as well as a number of bug fixes some
of which may be (I skimmed and don't think any are but can't be
certain). Mainly this merges one template update to keep our forked
templates in line with upstream.
Change-Id: Ibf49a7b5701a3bfbee91acb53485443ff3c29411
Gitea 1.19 is here. Release notes can be found at:
https://github.com/go-gitea/gitea/blob/v1.19.3/CHANGELOG.md
I've highlighted the breaking changes entries in this commit message
with notes on whether or not this affects us.
* 1.19.0
* Add loading yaml label template files (#22976) (#23232)
* I think this is for auto applying labels to PRs? Shouldn't affect
us.
* Make issue and code search support camel case for Bleve (#22829)
* We don't rely on code search in gitea yet, but this seems like a
good addition.
* Repositories: by default disable all units except code and pulls on forks (#22541)
* We don't allow forks so this shouldn't affect us.
* Support template for merge message description (#22248)
* We don't do merging via gitea so this shouldn't affect us.
* Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
* We don't set this flag in our app.ini config file.
* Implement actions (#21937)
* They are disabled by default, but I've explicitly disabled them as
we use Zuul.
* Remove deprecated DSA host key from Docker Container (#21522)
* Our installatins were all created prior to this update which
generated DSA keys. We can go and manually clean them up with
gitea disabled if we like.
* Improve valid user name check (#20136)
* As long as our CI job is able to create the necessary accounts we
should be fine.
* 1.19.1
* Rename actions unit to repo.actions and add docs for it (#23733) (#23881)
* app.ini.j2 updated to use repo.actions to disable the repo unit.
* 1.19.2
* No breaking changes listed.
* 1.19.3
* No breaking changes listed.
In addition to the breaking changes upstream has updated to golang 1.20
and nodejs 18. We update our image to match.
In 1.19.0 and 1.19.1 org listing required authentication which was a new
change/regression in [0] gitea. I have updated the logo update role to
drop authentication details to make it clear this API should be publicly
accessible. In earlier patchsets I was forcing basic auth due to another
bug [1] which is not correct as we expect this API to be public.
Updating the role this way makes that more clear.
Finally the usual template updates are applied to keep our forked
templates in line with upstream. There were no template changes between
1.19.0, 1.19.1, 1.19.2, and 1.19.3 according to git diff.
[0] https://github.com/go-gitea/gitea/issues/24159
[1] https://github.com/go-gitea/gitea/issues/24160
Change-Id: I5570deaf505a27c8c90c58896de990a4d2d44530
This updates our Gitea installation to 1.18.3. We bump our go verison to
1.19 to match upstream, disable some newer features in app.ini, and
synchronize our template files with upstream edits.
Otherwise not much stood out to me in the changelog as far as backward
compatibility goes:
https://github.com/go-gitea/gitea/blob/v1.18.3/CHANGELOG.md
Reviewers should look this over and double check that though.
Change-Id: I9679fb4908621a065ab3a0bc670a0e96ea15f476
This is the first minor Gitea update we've seen in a long time with
updated template files. I've updated the header.tmpl file to match
1.17.2's content.
Full changelog can be seen at:
https://github.com/go-gitea/gitea/blob/v1.17.2/CHANGELOG.md#1172---2022-09-06
Change-Id: I087f13beb64e2a3b607f1f60e2d3841567845543
Please carefully review the changelog:
https://github.com/go-gitea/gitea/blob/v1.17.1/CHANGELOG.md
and ensure that we've properly addressed the items listed there.
I have listed the breaking changes list here and any actions we've taken
or justification for why they don't affect us:
* Require go1.18 for Gitea 1.17 (#19918)
We were already using go 1.18.
* Make AppDataPath absolute against the AppWorkPath if it is not (#19815)
Path is already absolute:
playbooks/roles/gitea/templates/app.ini.j2:APP_DATA_PATH = /data/gitea
* Nuke the incorrect permission report on /api/v1/notifications (#19761)
This has to do with how that api endpoint returns permissions. We
don't use this anywhere as far as I can tell.
* Refactor git module, make Gitea use internal git config (#19732)
In the gitea container /data/git/.gitconfig is present but we don't
appear to manage this in system-config. I think that means this
change is a noop for us as gitea will move its managed .gitconfig
from /data/git/.gitconfig to /data/git/repositories/.gitconfig.
I expect the contents to be the same since gitea must be managing
the file old content today.
* Remove RequireHighlightJS field, update plantuml example. (#19615)
This was a flag that toggled syntax highlighting on and off as best
as I can tell. The default is to just have it turned on and we don't
check the flag in any of our templates.
* Increase minimal required git version to 2.0 (#19577)
Debian Bullseye ships with 2.30.2-1.
* Add a directory prefix gitea-src-VERSION to release-tar-file (#19396)
They were tarbombing people and their tarballs extracted into the
current dir. They now no longer do that. We build from git so this
doesn't affect us.
* Use "main" as default branch name (#19354)
We explicitly set the default branch name to master for both gitea and
gerrit. This should be a noop for us. Testing has been added to check
this.
https://opendev.org/opendev/system-config/src/branch/master/playbooks/roles/gitea-git-repos/library/gitea_create_repos.py#L129-L132https://opendev.org/opendev/jeepyb/src/branch/master/jeepyb/cmd/manage_projects.py#L488
* Make cron task no notice on success (#19221)
I'm not aware of us relying on any cron tasks or any cron task
notifications.
* Add pam account authorization check (#19040)
We don't integrate with pam so the change in behavior to check
authorization does not affect us.
* Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971)
This message shows up in CI because ROOT_URL is https://opendev.org
but we access gitea in testing via localhost. I don't think this
is worth fixing. Its a good reminder that the instance is a test
instance.
* Refactor mirror code & fix StartToMirror (#18904)
We don't mirror repos with gitea. Should be a noop for us.
* Remove deprecated SSH ciphers from default (#18697)
hmac-sha1-96, diffie-hellman-group1-sha1, and arcfour{128,256} are
removed. The only ssh user is gerrit's replication. MINA should
be able to support more modern ciphers and be fine.
* Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
Previously, logo.svg was used as the favicon.svg and gitea only fell
back to favicon.png if the browser couldn't so the .svg. But now they
want to support users having different logo.svg and favicon.svg. This
necessitates explicitly adding a favicon.svg. Something we already do.
Details at https://github.com/go-gitea/gitea/pull/18542
* Update reserved usernames list (#18438)
This shouldn't be a problem for us as we don't have regular users and
gerrit is not a reserved name.
* Support custom ACME provider (#18340)
We run ACME with LE out of band. This doesn't affect us.
* Change initial TrustModel to committer (#18335)
This changes the signed commits trust model from collaborator
to committer. THis won't affect us as we aren't maintaining trusted
keys. But basically this now shows if the signed commit by the
committer matches the committer's key.
* Update HTTP status codes (#18063)
This changed redirect HTTP codes from 302 to 307. Shouldn't
affect us.
* Upgrade Alpine from 3.13 to 3.15 (#18050)
We build on Debian and not alpine. The alpine nodejs version did
change from 14 to 16 in this change and we've updated to match.
* Restrict email address validation (#17688)
If we had real users this may pose a problem as they are limiting
the set of emails gitea would accept to a smaller set than they
accepted before. Also fewer than actually allowed by email. But
we don't have real users so this should be fine.
* Refactor Router Logger (#17308)
This streamlines and improves the log format of some of the gitea
logs. We aren't automatically processing these logs today so this
shouldn't have a major impact on us.
Additionally this release adds a new git.HOME_PATH setting to set the
location for writing out git configs and potential gnupg configs. We
should be fine to let gitea write this content out to the default path,
but there is potential for this to impact our ssh daemon.
Changes made include:
* Minimal updates to web templates to match 1.17
* Updating nodejs to v16 as v14 failed to build gitea
* Disabling the new enabled by default "packages" feature
* New test to check repos have a master branch by default instead of
Gitea's new default of main.
Change-Id: I88105eccd118e3daca72f0b86a6b351c35e37413
Gitea 1.16.4 is now available. Note that this update includes the
changes from 1.16.0-1.16.3 as well since we are upgrading from
1.15.x. The changelog can be found at:
https://github.com/go-gitea/gitea/blob/v1.16.4/CHANGELOG.md
In particular this calls out:
https://github.com/go-gitea/gitea/pull/17846
as a potentially breaking change that may impact our use of ssh. We
attempt to update our Dockerfile to use the correct gitea command script
to address this but we should likely test replication before landing
this update.
The changelog is quite large and I haven't been able to fully examine it
for impacts. Reviewers are encouraged to look it over and find items we
should address. Additionally once this is reliably building we should
hold a node and inspect it directly.
Change-Id: I0bf7400d43583a8e8b54581225c70cba53007876
We move robots.txt to custom/ instead of custom/public/ as
custom/public/ is now served at /assets/ via the gitea webserver and we
need robots.txt at the root. Related to this we update image urls to be
prefixed with AssetUrlPrefix in their paths so that if this path changes
against in the future we should automatically accomodate that.
Change-Id: I8ce5fe8ff342617ff156a401be8418d593fd35c4
This makes a number of changes and in depth testing is probably
warranted.
* Bump the golang version to 1.16 to match upstream's dockerfile
golang version.
* Bump the nodejs version to latest stable which is v16.x and
consume it from the buster repo since our image is based on buster.
* Bump the gitea version to 1.14.4.
* Rename all of the opendev-.*.png logo files to logo-.*.png as the
names of these files are no longer customizable. The reason for this
is the user settable json manifest has been removed.
* We keep opendev-sm.png because Gerrit apparently loads this?
* Update html templates to be in line with 1.14.4's templates.
* Use the gitea `admin user create` command instead of `admin
create-user`. While I can't find removal or deprecation notices for
the previous command the current docs note you should use the new
version and the old one is failing in CI.
Change-Id: I0a05ebb963cca5be88aeb2f859bfbeefa0f9c8e0
This bumps our golang image up to buster-1.15 from buster-1.14 as gitea
bumps their minimum to 1.13 and I figure we should keep up to date.
The templates are updated to accomodate the new gitea templates. Primary
changes here are removal of icon sizes when specified and using imported
templates to simplify bits of code we weren't changing anyway.
We install openssh-server from buster-backports on our gitea-ssh image.
The reason for this is we pull in gitea's sshd_config from gitea itself
and the updated gitea wants to set options that older openssh in buster
proper doesn't support. Accomodate this with the newer openssh found in
backports.
We add a new favicon.svg to override the new default gitea svg favicon
which is served otherwise.
One other thing to call out is that gitea 1.13.0 added support for
kanban and similar project management tooling. We have explicitly
disabled this along with the wiki, issues and pull requests via
app.ini's repository.DISABLE_REPO_UNITS setting. You can find out more
about this setting here:
https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository
Change-Id: I4c483f90c7495ee1f80eacd2c79c38836aa6f483
This improves the comments around why we've cleaned up some repo
functionality and also removes the activity button. The activity data
gitea is aware of is not a complete picture and is likely to be
misleading. Avoid misleading people by removing that button.
Change-Id: If7546f95421efdd897f2949e4f89a08d53289ce8
Gitea 1.12.0 brings much improved git repo performance. Specifically it
caches the most recent commits helping the web views render much more
quickly.
This bumps our golang base image to 1.14-buster as gitea has changed
their default golang verison to 1.14. We also add gnupg to the package
install list as the upstream images did this.
In the templates I've tried to comment out rather than remove content
that we don't want exposed. The reason for this is it makes resolving
future template updates simpler.
For v1.12.0 release notes see:
https://github.com/go-gitea/gitea/blob/v1.12.0/CHANGELOG.md
Change-Id: I8fd6587c8962554023d878266055a2bd9d2499f9
1.10 introduces a PASSWORD_COMPLEXITY setting with a default value
of lower,upper,digit,spec - which requires passwords to have an
upper, lower, digit and special character. Our example password does
not have this, so set the PASSWORD_COMPLEXITY setting. We could
alternately leave it at the default and ensure that our passwords
meet the spec.
The sshd_config file is templated now, so we can set the listen port
via env var.
Change-Id: I6e4b595eabb9c6885d78fff1109ea9f602e89ef7
I'm bad at Gitea templates, so the recently-introduced "proposed
changes" tab is active-selected (while it should never be) and the link
is missing the repository name.
This should fix it...
Change-Id: I02adc8ebd012adc233a37223480d14517c7f3c98
Gitea is quickly becoming the public face of Opendev, however it can
be difficult for visitors to understand how to propose changes (or
access already-proposed changes), and then assume everything on opendev
is read-only (which is the exact opposite of what we want to convey).
In the spirit of further integrating Opendev tooling, add a link to
on every repository to open proposed changes on Gerrit.
NB: the link is not I18n-ilized since there is no simple way to add a
new string there, and I did not want to use teh "Pull requests"
terminology.
Change-Id: I851a1e7d25556194947198a8f5534542d167c7f8
This is the latest release from upstream. We're not
currently running with any additional patches, although
we did submit one for the atomic updating of repo counts. That
patch will be in 1.10.
There is only one change to the templates we've customized
since the ref we're running from. That is included in the
repo/header.tmpl.
Change-Id: Id426ce6072e127a08810b9fbb109445d36bef2d9
This has a few emergency local patches while we wait for them to
appear in an upstream release.
This updates the modified templates to match the changes in 1.8.0
upstream.
This also disables the oauth2 service, which is new in 1.8.0.
Without disabling this, gitea tries to generate a JWT secret and
write it to the file, which in our case is read only. If we want
to enable it, we need to add a new JWT_SECRET setting.
Change-Id: I969682bce6ff25b7614ce9265097307ee9cbc6cb
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
We don't want to offer links to tarballs of git exports. For the
overwhelming majority of repos, this is a bogus tarball and people
already have the issue of mistakenly trying to use them on github.
In order to bring these back, we'd want to amend the release process
to either also upload tarballs to gitea (probably once we have gitea
back in k8s) - or maybe be able to create Release objects in gitea
that point to external release storage. We probably also want to
write an upstream patch to allow configuring a repo to never show
an autogenerated git export style release.
Change-Id: Idd02d5816b7d04c9a5dcd55fd1d527379d341b92
Story: 2004627
Task: 29848
We can't rewrite hashes with mod_rewrite, as they are client-side
and are not sent to the server. Instead, put in a javascript snippet
to rewrite them in the format that gitea is looking for.
We only need to handle single lines, as cgit doesn't handle ranges.
Change-Id: I6226e420838a88276a86e406c40f6707eb090310
This removes the activity link, which uselessly shows PR and Issue
activity, as well as the fork, start and watch buttons.
Change-Id: Id40eae211ec9b5165cfc0e38e668ce962cf98d9a
Clark Boylan