TakeV/forgejo
Archived
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-01-04. You can view files and clone it, but cannot push or open issues or pull requests.
forgejo/models
History
zeripath fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
..
fixtures Move migrating repository from frontend to backend (#6200) 2019-10-13 21:23:14 +08:00
migrations Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751) 2019-10-14 09:10:42 +03:00
access.go Recalculate repository access only for specific user (#8481) 2019-10-15 01:55:21 +01:00
access_test.go Fixed ineffectual assignments in tests (#7553) 2019-07-22 15:11:16 +08:00
action.go Move sync mirror actions to mirror service package (#8518) 2019-10-16 10:56:59 +01:00
action_list.go
action_test.go Rewrite reference processing code in preparation for opening/closing from comment references (#8261) 2019-10-13 23:29:10 +01:00
admin.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
admin_test.go
attachment.go Extract actions on deletereleasebyid from models to release service (#8219) 2019-10-01 00:10:00 +08:00
attachment_test.go
branches.go Allow users with explicit read access to give approvals (#8382) 2019-10-08 15:18:17 -04:00
branches_test.go
commit_status.go Refuse merge until all required status checks success (#7481) 2019-09-18 08:39:45 +03:00
commit_status_test.go api: fix multiple bugs with statuses endpoints (#7785) 2019-08-09 10:13:03 +08:00
consistency.go Fix error log when loading issues caused by a xorm bug (#7271) 2019-06-23 18:22:43 +03:00
context.go Move all mail related codes from models to services/mailer (#7200) 2019-09-24 13:02:49 +08:00
convert.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
error.go Transaction-aware retry create issue to cope with duplicate keys (#8307) 2019-10-03 00:28:30 +02:00
error_oauth2.go
external_login_user.go fix bug on FindExternalUsersByProvider (#8504) 2019-10-14 08:22:46 +01:00
gpg_key.go Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
gpg_key_test.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
graph.go Add pagination to commit graph page (#8360) 2019-10-14 22:38:35 +01:00
graph_test.go Add pagination to commit graph page (#8360) 2019-10-14 22:38:35 +01:00
helper.go
helper_directory.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
helper_environment.go Fix bug create/edit wiki pages when code master branch protected (#7580) 2019-07-25 22:50:20 +01:00
issue.go Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426) 2019-10-15 13:19:32 +01:00
issue_assignees.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
issue_assignees_test.go
issue_comment.go Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426) 2019-10-15 13:19:32 +01:00
issue_comment_list.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
issue_comment_test.go
issue_dependency.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_dependency_test.go
issue_label.go Fix label count (#8267) 2019-09-24 21:22:39 +08:00
issue_label_test.go Fix label count (#8267) 2019-09-24 21:22:39 +08:00
issue_list.go Fix error log when loading issues caused by a xorm bug (#7271) 2019-06-23 18:22:43 +03:00
issue_list_test.go
issue_lock.go Move change issue title from models to issue service package (#8456) 2019-10-11 14:44:43 +08:00
issue_milestone.go Update milestone issues numbers when save milestone and other code improvements (#8411) 2019-10-08 00:44:58 +03:00
issue_milestone_test.go Fix milestone num_issues (#8221) 2019-10-06 17:26:19 -04:00
issue_reaction.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_reaction_test.go
issue_stopwatch.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_stopwatch_test.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_test.go Move change issue title from models to issue service package (#8456) 2019-10-11 14:44:43 +08:00
issue_tracked_time.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_tracked_time_test.go
issue_user.go Move all mail related codes from models to services/mailer (#7200) 2019-09-24 13:02:49 +08:00
issue_user_test.go Move all mail related codes from models to services/mailer (#7200) 2019-09-24 13:02:49 +08:00
issue_watch.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_watch_test.go
issue_xref.go Rewrite reference processing code in preparation for opening/closing from comment references (#8261) 2019-10-13 23:29:10 +01:00
lfs.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
lfs_lock.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
log.go Fix error log when loading issues caused by a xorm bug (#7271) 2019-06-23 18:22:43 +03:00
login_source.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
main_test.go
migrate.go Fix milestone completness calculation when migrating (#7725) 2019-08-03 21:38:42 +03:00
models.go Move migrating repository from frontend to backend (#6200) 2019-10-13 21:23:14 +08:00
models_test.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
notification.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
notification_test.go
oauth2.go migrate gplus to google oauth2 provider (#7885) 2019-09-14 12:02:39 +02:00
oauth2_application.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
oauth2_application_test.go
org.go Add teams to repo on collaboration page. (#8045) 2019-09-23 23:08:03 +03:00
org_team.go Recalculate repository access only for specific user (#8481) 2019-10-15 01:55:21 +01:00
org_team_test.go Fix approvals counting (#7757) 2019-08-07 07:22:41 +03:00
org_test.go Add teams to repo on collaboration page. (#8045) 2019-09-23 23:08:03 +03:00
pull.go Move AddTestPullRequestTask to pull service package from models (#8324) 2019-10-15 04:28:40 +01:00
pull_test.go only return head: null if source branch was deleted (#6705) 2019-07-08 10:32:46 +03:00
release.go Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751) 2019-10-14 09:10:42 +03:00
repo.go Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
repo_activity.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
repo_branch.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
repo_collaboration.go Recalculate repository access only for specific user (#8481) 2019-10-15 01:55:21 +01:00
repo_collaboration_test.go Add teams to repo on collaboration page. (#8045) 2019-09-23 23:08:03 +03:00
repo_indexer.go Restore Graceful Restarting & Socket Activation (#7274) 2019-10-15 14:39:51 +01:00
repo_issue.go
repo_list.go Include description in repository search. (#7942) 2019-08-25 20:06:36 +03:00
repo_list_test.go Restrict repository indexing by glob match (#7767) 2019-09-11 20:26:28 +03:00
repo_mirror.go Move mirror to a standalone package from models (#7486) 2019-10-01 21:40:17 +08:00
repo_permission.go Removed unnecessary conversions (#7557) 2019-07-23 19:50:39 +01:00
repo_permission_test.go
repo_redirect.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
repo_redirect_test.go
repo_sign.go Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
repo_tag.go
repo_test.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
repo_unit.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
repo_watch.go
repo_watch_test.go
review.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
review_test.go
ssh_key.go Fixes #8369: Create .ssh dir as necessary (#8486) 2019-10-13 17:35:19 +03:00
ssh_key_test.go Make PKCS8, PEM and SSH2 keys work (#7600) 2019-07-25 20:33:38 +01:00
star.go
star_test.go
task.go Move migrating repository from frontend to backend (#6200) 2019-10-13 21:23:14 +08:00
test_fixtures.go
token.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
token_test.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
topic.go Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
topic_test.go Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
twofactor.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
u2f.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
u2f_test.go
unit.go
unit_tests.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
update.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
update_test.go
upload.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
user.go Revert "Fix issues/pr list broken when there are many repositories (#8409)" (#8427) 2019-10-08 20:55:16 +03:00
user_follow.go
user_follow_test.go
user_heatmap.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
user_heatmap_test.go
user_mail.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
user_mail_test.go
user_openid.go
user_openid_test.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
user_test.go Revert "Fix issues/pr list broken when there are many repositories (#8409)" (#8427) 2019-10-08 20:55:16 +03:00
userlist.go Add teams to repo on collaboration page. (#8045) 2019-09-23 23:08:03 +03:00
userlist_test.go org/members: display 2FA members states + optimize sql requests (#7621) 2019-08-02 12:06:27 -04:00
webhook.go Fix webhooks to use proxy from environment (#8116) 2019-09-10 00:21:07 +08:00
webhook_dingtalk.go
webhook_discord.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
webhook_msteams.go MS Teams webhook misses commit messages (#8209) 2019-09-17 15:56:29 -04:00
webhook_slack.go Fix Slack webhook fork message (#7774) 2019-08-06 19:27:10 -04:00
webhook_telegram.go
webhook_test.go Implement webhook branch filter (#7791) 2019-09-09 08:48:21 +03:00
wiki.go Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
wiki_test.go