1.10 introduces a PASSWORD_COMPLEXITY setting with a default value
of lower,upper,digit,spec - which requires passwords to have an
upper, lower, digit and special character. Our example password does
not have this, so set the PASSWORD_COMPLEXITY setting. We could
alternately leave it at the default and ensure that our passwords
meet the spec.
The sshd_config file is templated now, so we can set the listen port
via env var.
Change-Id: I6e4b595eabb9c6885d78fff1109ea9f602e89ef7
We are seeing issues with hanging git connections discussed in [1].
It is suggested to upgrade to gitea 1.9.6; do that.
[1] https://github.com/go-gitea/gitea/issues/9006
Change-Id: Ibbbe73b5487d3d01a8d7ba23ecca16c2264973ca
The homepage mentions a lot of technologies that OpenDev use, but
doesn't link to any of the running instances. This commit
adds links to review.opendev.org, etherpad.openstack.org and
the configuration for the opendev homepage itself, so that
it's easier to find things and to experience the technologies
it refers to.
Change-Id: Ia041ebbc558539955238bb4fdb4da868bf6f1dd8
I'm bad at Gitea templates, so the recently-introduced "proposed
changes" tab is active-selected (while it should never be) and the link
is missing the repository name.
This should fix it...
Change-Id: I02adc8ebd012adc233a37223480d14517c7f3c98
Gitea is quickly becoming the public face of Opendev, however it can
be difficult for visitors to understand how to propose changes (or
access already-proposed changes), and then assume everything on opendev
is read-only (which is the exact opposite of what we want to convey).
In the spirit of further integrating Opendev tooling, add a link to
on every repository to open proposed changes on Gerrit.
NB: the link is not I18n-ilized since there is no simple way to add a
new string there, and I did not want to use teh "Pull requests"
terminology.
Change-Id: I851a1e7d25556194947198a8f5534542d167c7f8
Also Revert "Update gitea build to golang 1.13 on buster-slim"
1.9.4 has a bug where doing a get as an unauthenticated user
results in a 500:
http://paste.openstack.org/show/785534/
A pull request has been submitted upstream:
https://github.com/go-gitea/gitea/pull/8653
This reverts commit 1993d985d037a24f31c85026d8add2a8d23b4d9a.
This reverts commit cedb272a9bcbc044180b5caef81567673b0434ff.
Change-Id: I75c117d0dc851f7b3c389a19ad0c8e233886b250
buster is the new debian release, use it. And use the
slim image, rather than the full, because we can.
Upstream is now building with 1.13 - follow suit.
Update the FROM lines to use explicit paths to images.
Change-Id: I42f7cea1365b8bb0af56861f38107cbdffd130b0
This is the latest release from upstream. We're not
currently running with any additional patches, although
we did submit one for the atomic updating of repo counts. That
patch will be in 1.10.
There is only one change to the templates we've customized
since the ref we're running from. That is included in the
repo/header.tmpl.
Change-Id: Id426ce6072e127a08810b9fbb109445d36bef2d9
Currently we don't have any logs from our gitea sshd processes because
sshd logs to syslog by default and /dev/log isn't in our containers. You
can ask sshd nicely to log to stderr instead with the -e flag which
docker will pick up and store for us.
Update the sshd command to include -e then use testinfra to check we
collect logs and they are accssible from docker.
Change-Id: Ib7d6d405554c3c30be410bc08c6fee7d4363b096
This reverts commit fe1b3cee80982fa1ec9c084196dd3b19b3f27f44.
We suspect this may be the cause of some templates going all weird:
* times are showing up as "ago%!(EXTRA string=months%!(EXTRA int64=8))"
* many strings are now showing up as lower cased (eg "explore")
Also, the link to gerrit for nova is "project:openstack/" and is
missing the "nova" portion of the name.
Change-Id: I72a06efd118ad0eae231f5ddf1a9888cb8d35aba
The current gitea master has our change to avoid indexing extra
refs, so we can start replicating refs/changes and refs/notes to
it. It also fixes a bug we observed when viewing the index of
the starlingx/integ repo.
This also switches us back to the upstream repo, though since
we're using an intermediate commit, the version displayed in
the web ui will be "6eb53ac570ab9af51fc9cbd79f1db782edce57e0".
The docker entrypoint script has moved, so the Dockerfile is updated
to reflect that.
Change-Id: I47769fc1ca62a39122d96a1fc0c1bfc2caca6a4f
This has a few emergency local patches while we wait for them to
appear in an upstream release.
This updates the modified templates to match the changes in 1.8.0
upstream.
This also disables the oauth2 service, which is new in 1.8.0.
Without disabling this, gitea tries to generate a JWT secret and
write it to the file, which in our case is read only. If we want
to enable it, we need to add a new JWT_SECRET setting.
Change-Id: I969682bce6ff25b7614ce9265097307ee9cbc6cb
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
The stacked opendev logo is added to the home page as an svg.
A 120x120 ping is added as the gitea icon. It appears in several
places throughout gitea source code, and therefore it's easier to
just replace it using the same filename and format rather than
updating the templates with a new filename.
Change-Id: I888b8913c7b6a1045975f10240d744d09b9355b0
We don't want to offer links to tarballs of git exports. For the
overwhelming majority of repos, this is a bogus tarball and people
already have the issue of mistakenly trying to use them on github.
In order to bring these back, we'd want to amend the release process
to either also upload tarballs to gitea (probably once we have gitea
back in k8s) - or maybe be able to create Release objects in gitea
that point to external release storage. We probably also want to
write an upstream patch to allow configuring a repo to never show
an autogenerated git export style release.
Change-Id: Idd02d5816b7d04c9a5dcd55fd1d527379d341b92
Story: 2004627
Task: 29848
We can't rewrite hashes with mod_rewrite, as they are client-side
and are not sent to the server. Instead, put in a javascript snippet
to rewrite them in the format that gitea is looking for.
We only need to handle single lines, as cgit doesn't handle ranges.
Change-Id: I6226e420838a88276a86e406c40f6707eb090310
This removes the activity link, which uselessly shows PR and Issue
activity, as well as the fork, start and watch buttons.
Change-Id: Id40eae211ec9b5165cfc0e38e668ce962cf98d9a
Add jobs to build, upload, and promote a gitea image to Docker Hub.
This produces two images (gitea and openssh) from a single Dockerfile
via a multi-stage build.
Change-Id: I8e6136787f75cd69b881b7ac715418c86d356872
Whenever we promote an image, delete the change tag for that image
in Docker Hub, and also delete any change tags older than 24 hours
in order to keep the Docker Hub image registry tidy.
Change-Id: Id4654c893963bdb0a364b1132793fe4fb152bf27
This job has no nodes; the playbook needs to run on localhost.
The only tasks use the uri module without local files, so should
be safe.
Change-Id: Ic012426a66be3b85efe9af35089addf1316dfa63
The credentials secret needs to be associated with the playbook
that uses it.
Also, add build-image-jinja-init to check, this was accidentally
omitted earlier.
Change-Id: I527a26781a716f9307539e4a486d6b79b32f25fd
Upload an image to dockerhub with a change-specific tag in every
gate job, and then, if the change lands, re-tag the image in
dockerhub.
Change-Id: Ie57fc342cbe29d261d33845829b77a0c1bae5ff4
So that we can host this on opendev.org, we want the content to
be the content from the current website.
Change-Id: Ifaaef48a29210d76ae84709476754a231fa7be4a
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
This creates a jinja-init image based on
https://github.com/ObjectifLibre/jinja-init
We can use this image as an "init container" in k8s to template out
config files using configmaps and secrets.
It also adds a gitea-init Dockerfile, which will require the
jinja-init image to be published first.
Change-Id: I88e14c4f0d868f99aa0a0316e6b9e24c2a8fea68
