Take back control of hooks (go-gitea#1006)

* git: delegate all server-side Git hooks (go-gitea#1623) * create hooks directories * take control hooks back * fix lint * bug fixed and minor changes * fix imports style * fix migration scripts
lunny · Feb 23, 2017 · 0e6b9ea · 0e6b9ea
1 parent 4f3880f
commit 0e6b9ea
Show file tree

Hide file tree

Showing 14 changed files with 279 additions and 41 deletions.
diff --git a/cmd/hook.go b/cmd/hook.go
@@ -0,0 +1,106 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+ "fmt"
+ "os"
+
+ "code.gitea.io/gitea/models"
+
+ "github.com/urfave/cli"
+)
+
+var (
+ // CmdHook represents the available hooks sub-command.
+ CmdHook = cli.Command{
+ Name: "hook",
+ Usage: "Delegate commands to corresponding Git hooks",
+ Description: "This should only be called by Git",
+ Flags: []cli.Flag{
+ cli.StringFlag{
+ Name: "config, c",
+ Value: "custom/conf/app.ini",
+ Usage: "Custom configuration file path",
+ },
+ },
+ Subcommands: []cli.Command{
+ subcmdHookPreReceive,
+ subcmdHookUpadte,
+ subcmdHookPostReceive,
+ },
+ }
+
+ subcmdHookPreReceive = cli.Command{
+ Name: "pre-receive",
+ Usage: "Delegate pre-receive Git hook",
+ Description: "This command should only be called by Git",
+ Action: runHookPreReceive,
+ }
+ subcmdHookUpadte = cli.Command{
+ Name: "update",
+ Usage: "Delegate update Git hook",
+ Description: "This command should only be called by Git",
+ Action: runHookUpdate,
+ }
+ subcmdHookPostReceive = cli.Command{
+ Name: "post-receive",
+ Usage: "Delegate post-receive Git hook",
+ Description: "This command should only be called by Git",
+ Action: runHookPostReceive,
+ }
+)
+
+func runHookPreReceive(c *cli.Context) error {
+ if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+ return nil
+ }
+ if err := setup("hooks/pre-receive.log"); err != nil {
+ fail("Hook pre-receive init failed", fmt.Sprintf("setup: %v", err))
+ }
+
+ return nil
+}
+
+func runHookUpdate(c *cli.Context) error {
+ if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+ return nil
+ }
+
+ if err := setup("hooks/update.log"); err != nil {
+ fail("Hook update init failed", fmt.Sprintf("setup: %v", err))
+ }
+
+ args := c.Args()
+ if len(args) != 3 {
+ fail("Arguments received are not equal to three", "Arguments received are not equal to three")
+ } else if len(args[0]) == 0 {
+ fail("First argument 'refName' is empty", "First argument 'refName' is empty")
+ }
+
+ uuid := os.Getenv(envUpdateTaskUUID)
+ if err := models.AddUpdateTask(&models.UpdateTask{
+ UUID: uuid,
+ RefName: args[0],
+ OldCommitID: args[1],
+ NewCommitID: args[2],
+ }); err != nil {
+ fail("Internal error", "Fail to add update task '%s': %v", uuid, err)
+ }
+
+ return nil
+}
+
+func runHookPostReceive(c *cli.Context) error {
+ if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+ return nil
+ }
+
+ if err := setup("hooks/post-receive.log"); err != nil {
+ fail("Hook post-receive init failed", fmt.Sprintf("setup: %v", err))
+ }
+
+ return nil
+}
diff --git a/cmd/serve.go → cmd/serv.go b/cmd/serve.go → cmd/serv.go
@@ -30,6 +30,7 @@ import (
 const (
  accessDenied = "Repository does not exist or you do not have access"
  lfsAuthenticateVerb = "git-lfs-authenticate"
+ envUpdateTaskUUID = "GITEA_UUID"
 )
 
 // CmdServ represents the available serv sub-command.
@@ -170,7 +171,6 @@ func runServ(c *cli.Context) error {
 
  var lfsVerb string
  if verb == lfsAuthenticateVerb {
-
  if !setting.LFS.StartServer {
  fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled")
  }
@@ -291,9 +291,7 @@ func runServ(c *cli.Context) error {
  }
 
  //LFS token authentication
-
  if verb == lfsAuthenticateVerb {
-
  url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, repoUser.Name, repo.Name)
 
  now := time.Now()
@@ -326,7 +324,7 @@ func runServ(c *cli.Context) error {
  }
 
  uuid := gouuid.NewV4().String()
- os.Setenv("GITEA_UUID", uuid)
+ os.Setenv(envUpdateTaskUUID, uuid)
  // Keep the old env variable name for backward compability
  os.Setenv("uuid", uuid)
 

diff --git a/main.go b/main.go
@@ -30,7 +30,7 @@ func main() {
  app.Commands = []cli.Command{
  cmd.CmdWeb,
  cmd.CmdServ,
- cmd.CmdUpdate,
+ cmd.CmdHook,
  cmd.CmdDump,
  cmd.CmdCert,
  cmd.CmdAdmin,

diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
@@ -86,6 +86,8 @@ var migrations = []Migration{
  NewMigration("set protect branches updated with created", setProtectedBranchUpdatedWithCreated),
  // v18 -> v19
  NewMigration("add external login user", addExternalLoginUser),
+ // v19 -> v20
+ NewMigration("generate and migrate Git hooks", generateAndMigrateGitHooks),
 }
 
 // Migrate database to current version

diff --git a/models/migrations/v18.go b/models/migrations/v18.go
@@ -13,8 +13,8 @@ import (
 // ExternalLoginUser makes the connecting between some existing user and additional external login sources
 type ExternalLoginUser struct {
  ExternalID string `xorm:"NOT NULL"`
- UserID int64 `xorm:"NOT NULL"`
- LoginSourceID int64 `xorm:"NOT NULL"`
+ UserID int64  `xorm:"NOT NULL"`
+ LoginSourceID int64  `xorm:"NOT NULL"`
 }
 
 func addExternalLoginUser(x *xorm.Engine) error {

diff --git a/models/migrations/v19.go b/models/migrations/v19.go
@@ -0,0 +1,85 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+ "fmt"
+ "io/ioutil"
+ "os"
+ "path/filepath"
+ "strings"
+
+ "code.gitea.io/gitea/modules/setting"
+
+ "github.com/Unknwon/com"
+ "github.com/go-xorm/xorm"
+)
+
+func generateAndMigrateGitHooks(x *xorm.Engine) (err error) {
+ type Repository struct {
+ ID int64
+ OwnerID int64
+ Name string
+ }
+ type User struct {
+ ID int64
+ Name string
+ }
+
+ var (
+ hookNames = []string{"pre-receive", "update", "post-receive"}
+ hookTpls = []string{
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/pre-receive.d\"`; do\n sh \"$SHELL_FOLDER/pre-receive.d/$i\"\ndone", setting.ScriptType),
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/update.d\"`; do\n sh \"$SHELL_FOLDER/update.d/$i\" $1 $2 $3\ndone", setting.ScriptType),
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/post-receive.d\"`; do\n sh \"$SHELL_FOLDER/post-receive.d/$i\"\ndone", setting.ScriptType),
+ }
+ giteaHookTpls = []string{
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' update $1 $2 $3\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' post-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ }
+ )
+
+ return x.Where("id > 0").Iterate(new(Repository),
+ func(idx int, bean interface{}) error {
+ repo := bean.(*Repository)
+ user := new(User)
+ has, err := x.Where("id = ?", repo.OwnerID).Get(user)
+ if err != nil {
+ return fmt.Errorf("query owner of repository [repo_id: %d, owner_id: %d]: %v", repo.ID, repo.OwnerID, err)
+ } else if !has {
+ return nil
+ }
+
+ repoPath := filepath.Join(setting.RepoRootPath, strings.ToLower(user.Name), strings.ToLower(repo.Name)) + ".git"
+ hookDir := filepath.Join(repoPath, "hooks")
+
+ for i, hookName := range hookNames {
+ oldHookPath := filepath.Join(hookDir, hookName)
+ newHookPath := filepath.Join(hookDir, hookName+".d", "gitea")
+
+ if err = os.MkdirAll(filepath.Join(hookDir, hookName+".d"), os.ModePerm); err != nil {
+ return fmt.Errorf("create hooks dir '%s': %v", filepath.Join(hookDir, hookName+".d"), err)
+ }
+
+ // WARNING: Old server-side hooks will be moved to sub directory with the same name
+ if hookName != "update" && com.IsExist(oldHookPath) {
+ newPlace := filepath.Join(hookDir, hookName+".d", hookName)
+ if err = os.Rename(oldHookPath, newPlace); err != nil {
+ return fmt.Errorf("Remove old hook file '%s' to '%s': %v", oldHookPath, newPlace, err)
+ }
+ }
+
+ if err = ioutil.WriteFile(oldHookPath, []byte(hookTpls[i]), 0777); err != nil {
+ return fmt.Errorf("write old hook file '%s': %v", oldHookPath, err)
+ }
+
+ if err = ioutil.WriteFile(newHookPath, []byte(giteaHookTpls[i]), 0777); err != nil {
+ return fmt.Errorf("write new hook file '%s': %v", oldHookPath, err)
+ }
+ }
+ return nil
+ })
+}
diff --git a/models/repo.go b/models/repo.go
@@ -831,20 +831,54 @@ func cleanUpMigrateGitConfig(configPath string) error {
  return nil
 }
 
-func createUpdateHook(repoPath string) error {
- return git.SetUpdateHook(repoPath,
- fmt.Sprintf(tplUpdateHook, setting.ScriptType, "\""+setting.AppPath+"\"", setting.CustomConf))
+// createDelegateHooks creates all the hooks scripts for the repo
+func createDelegateHooks(repoPath string) (err error) {
+ var (
+ hookNames = []string{"pre-receive", "update", "post-receive"}
+ hookTpls = []string{
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/pre-receive.d\"`; do\n sh \"$SHELL_FOLDER/pre-receive.d/$i\"\ndone", setting.ScriptType),
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/update.d\"`; do\n sh \"$SHELL_FOLDER/update.d/$i\" $1 $2 $3\ndone", setting.ScriptType),
+ fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/post-receive.d\"`; do\n sh \"$SHELL_FOLDER/post-receive.d/$i\"\ndone", setting.ScriptType),
+ }
+ giteaHookTpls = []string{
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' update $1 $2 $3\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' post-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+ }
+ )
+
+ hookDir := filepath.Join(repoPath, "hooks")
+
+ for i, hookName := range hookNames {
+ oldHookPath := filepath.Join(hookDir, hookName)
+ newHookPath := filepath.Join(hookDir, hookName+".d", "gitea")
+
+ if err := os.MkdirAll(filepath.Join(hookDir, hookName+".d"), os.ModePerm); err != nil {
+ return fmt.Errorf("create hooks dir '%s': %v", filepath.Join(hookDir, hookName+".d"), err)
+ }
+
+ // WARNING: This will override all old server-side hooks
+ if err = ioutil.WriteFile(oldHookPath, []byte(hookTpls[i]), 0777); err != nil {
+ return fmt.Errorf("write old hook file '%s': %v", oldHookPath, err)
+ }
+
+ if err = ioutil.WriteFile(newHookPath, []byte(giteaHookTpls[i]), 0777); err != nil {
+ return fmt.Errorf("write new hook file '%s': %v", newHookPath, err)
+ }
+ }
+
+ return nil
 }
 
 // CleanUpMigrateInfo finishes migrating repository and/or wiki with things that don't need to be done for mirrors.
 func CleanUpMigrateInfo(repo *Repository) (*Repository, error) {
  repoPath := repo.RepoPath()
- if err := createUpdateHook(repoPath); err != nil {
- return repo, fmt.Errorf("createUpdateHook: %v", err)
+ if err := createDelegateHooks(repoPath); err != nil {
+ return repo, fmt.Errorf("createDelegateHooks: %v", err)
  }
  if repo.HasWiki() {
- if err := createUpdateHook(repo.WikiPath()); err != nil {
- return repo, fmt.Errorf("createUpdateHook (wiki): %v", err)
+ if err := createDelegateHooks(repo.WikiPath()); err != nil {
+ return repo, fmt.Errorf("createDelegateHooks.(wiki): %v", err)
  }
  }
 
@@ -994,8 +1028,8 @@ func initRepository(e Engine, repoPath string, u *User, repo *Repository, opts C
  // Init bare new repository.
  if err = git.InitRepository(repoPath, true); err != nil {
  return fmt.Errorf("InitRepository: %v", err)
- } else if err = createUpdateHook(repoPath); err != nil {
- return fmt.Errorf("createUpdateHook: %v", err)
+ } else if err = createDelegateHooks(repoPath); err != nil {
+ return fmt.Errorf("createDelegateHooks: %v", err)
  }
 
  tmpDir := filepath.Join(os.TempDir(), "gitea-"+repo.Name+"-"+com.ToStr(time.Now().Nanosecond()))
@@ -2009,15 +2043,16 @@ func ReinitMissingRepositories() error {
  return nil
 }
 
-// RewriteRepositoryUpdateHook rewrites all repositories' update hook.
-func RewriteRepositoryUpdateHook() error {
- return x.
- Where("id > 0").
- Iterate(new(Repository),
- func(idx int, bean interface{}) error {
- repo := bean.(*Repository)
- return createUpdateHook(repo.RepoPath())
- })
+// SyncRepositoryHooks rewrites all repositories' pre-receive, update and post-receive hooks
+// to make sure the binary and custom conf path are up-to-date.
+func SyncRepositoryHooks() error {
+ return x.Where("id > 0").Iterate(new(Repository),
+ func(idx int, bean interface{}) error {
+ if err := createDelegateHooks(bean.(*Repository).RepoPath()); err != nil {
+ return fmt.Errorf("SyncRepositoryHook: %v", err)
+ }
+ return nil
+ })
 }
 
 // Prevent duplicate running tasks.
@@ -2345,8 +2380,8 @@ func ForkRepository(u *User, oldRepo *Repository, name, desc string) (_ *Reposit
  return nil, fmt.Errorf("git update-server-info: %v", stderr)
  }
 
- if err = createUpdateHook(repoPath); err != nil {
- return nil, fmt.Errorf("createUpdateHook: %v", err)
+ if err = createDelegateHooks(repoPath); err != nil {
+ return nil, fmt.Errorf("createDelegateHooks: %v", err)
  }
 
  //Commit repo to get Fork ID

diff --git a/models/wiki.go b/models/wiki.go
@@ -69,8 +69,8 @@ func (repo *Repository) InitWiki() error {
 
  if err := git.InitRepository(repo.WikiPath(), true); err != nil {
  return fmt.Errorf("InitRepository: %v", err)
- } else if err = createUpdateHook(repo.WikiPath()); err != nil {
- return fmt.Errorf("createUpdateHook: %v", err)
+ } else if err = createDelegateHooks(repo.WikiPath()); err != nil {
+ return fmt.Errorf("createDelegateHooks: %v", err)
  }
  return nil
 }

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
@@ -1003,8 +1003,8 @@ dashboard.git_gc_repos = Do garbage collection on repositories
 dashboard.git_gc_repos_success = All repositories have done garbage collection successfully.
 dashboard.resync_all_sshkeys = Rewrite '.ssh/authorized_keys' file (caution: non-Gitea keys will be lost)
 dashboard.resync_all_sshkeys_success = All public keys have been rewritten successfully.
-dashboard.resync_all_update_hooks = Rewrite all update hook of repositories (needed when custom config path is changed)
-dashboard.resync_all_update_hooks_success = All repositories' update hook have been rewritten successfully.
+dashboard.resync_all_hooks = Resync pre-receive, update and post-receive hooks of all repositories.
+dashboard.resync_all_hooks_success = All repositories' pre-receive, update and post-receive hooks have been resynced successfully.
 dashboard.reinit_missing_repos = Reinitialize all repository records that lost Git files
 dashboard.reinit_missing_repos_success = All repository records that lost Git files have been reinitialized successfully.
 

diff --git a/routers/admin/admin.go b/routers/admin/admin.go
@@ -152,8 +152,8 @@ func Dashboard(ctx *context.Context) {
  success = ctx.Tr("admin.dashboard.resync_all_sshkeys_success")
  err = models.RewriteAllPublicKeys()
  case syncRepositoryUpdateHook:
- success = ctx.Tr("admin.dashboard.resync_all_update_hooks_success")
- err = models.RewriteRepositoryUpdateHook()
+ success = ctx.Tr("admin.dashboard.resync_all_hooks_success")
+ err = models.SyncRepositoryHooks()
  case reinitMissingRepository:
  success = ctx.Tr("admin.dashboard.reinit_missing_repos_success")
  err = models.ReinitMissingRepositories()