Sync gitea app path for git hooks and authorized keys when starting (#17335)

Gitea writes its own AppPath into git hook scripts. If Gitea's AppPath changes, then the git push will fail. This PR: * Introduce an AppState module, it can persist app states into database * During GlobalInit, Gitea will check if the current AppPath is the same as last one. If they don't match, Gitea will sync git hooks. * Refactor some code to make them more clear. * Also, "Detect if gitea binary's name changed" #11341 is related, we call models.RewriteAllPublicKeys to update ssh authorized_keys file
2025-06-17 11:59:30 +00:00 · 2021-10-21 17:22:43 +08:00 · 2021-10-21 17:22:43 +08:00 · 83df0caf15
commit 83df0caf15
parent 053b2f4dce
11 changed files with 339 additions and 56 deletions
--- a/modules/appstate/appstate.go
+++ b/modules/appstate/appstate.go
@ -0,0 +1,25 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package appstate
+
+// StateStore is the interface to get/set app state items
+type StateStore interface {
+	Get(item StateItem) error
+	Set(item StateItem) error
+}
+
+// StateItem provides the name for a state item. the name will be used to generate filenames, etc
+type StateItem interface {
+	Name() string
+}
+
+// AppState contains the state items for the app
+var AppState StateStore
+
+// Init initialize AppState interface
+func Init() error {
+	AppState = &DBStore{}
+	return nil
+}
--- a/modules/appstate/appstate_test.go
+++ b/modules/appstate/appstate_test.go
@ -0,0 +1,64 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package appstate
+
+import (
+	"path/filepath"
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMain(m *testing.M) {
+	db.MainTest(m, filepath.Join("..", ".."), "")
+}
+
+type testItem1 struct {
+	Val1 string
+	Val2 int
+}
+
+func (*testItem1) Name() string {
+	return "test-item1"
+}
+
+type testItem2 struct {
+	K string
+}
+
+func (*testItem2) Name() string {
+	return "test-item2"
+}
+
+func TestAppStateDB(t *testing.T) {
+	assert.NoError(t, db.PrepareTestDatabase())
+
+	as := &DBStore{}
+
+	item1 := new(testItem1)
+	assert.NoError(t, as.Get(item1))
+	assert.Equal(t, "", item1.Val1)
+	assert.EqualValues(t, 0, item1.Val2)
+
+	item1 = new(testItem1)
+	item1.Val1 = "a"
+	item1.Val2 = 2
+	assert.NoError(t, as.Set(item1))
+
+	item2 := new(testItem2)
+	item2.K = "V"
+	assert.NoError(t, as.Set(item2))
+
+	item1 = new(testItem1)
+	assert.NoError(t, as.Get(item1))
+	assert.Equal(t, "a", item1.Val1)
+	assert.EqualValues(t, 2, item1.Val2)
+
+	item2 = new(testItem2)
+	assert.NoError(t, as.Get(item2))
+	assert.Equal(t, "V", item2.K)
+}
--- a/modules/appstate/db.go
+++ b/modules/appstate/db.go
@ -0,0 +1,37 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package appstate
+
+import (
+	"code.gitea.io/gitea/models/appstate"
+	"code.gitea.io/gitea/modules/json"
+
+	"github.com/yuin/goldmark/util"
+)
+
+// DBStore can be used to store app state items in local filesystem
+type DBStore struct {
+}
+
+// Get reads the state item
+func (f *DBStore) Get(item StateItem) error {
+	content, err := appstate.GetAppStateContent(item.Name())
+	if err != nil {
+		return err
+	}
+	if content == "" {
+		return nil
+	}
+	return json.Unmarshal(util.StringToReadOnlyBytes(content), item)
+}
+
+// Set saves the state item
+func (f *DBStore) Set(item StateItem) error {
+	b, err := json.Marshal(item)
+	if err != nil {
+		return err
+	}
+	return appstate.SaveAppStateContent(item.Name(), util.BytesToReadOnlyString(b))
+}
--- a/modules/appstate/item_runtime.go
+++ b/modules/appstate/item_runtime.go
@ -0,0 +1,15 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package appstate
+
+// RuntimeState contains app state for runtime, and we can save remote version for update checker here in future
+type RuntimeState struct {
+	LastAppPath string `json:"last_app_path"`
+}
+
+// Name returns the item name
+func (a RuntimeState) Name() string {
+	return "runtime-state"
+}
--- a/modules/repository/hooks.go
+++ b/modules/repository/hooks.go
@ -23,64 +23,90 @@ import (
 func getHookTemplates() (hookNames, hookTpls, giteaHookTpls []string) {
 	hookNames = []string{"pre-receive", "update", "post-receive"}
 	hookTpls = []string{
+		// for pre-receive
 		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
 data=$(cat)
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0)/..}

 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
-test -x "${hook}" && test -f "${hook}" || continue
-echo "${data}" | "${hook}"
-exitcodes="${exitcodes} $?"
+  test -x "${hook}" && test -f "${hook}" || continue
+  echo "${data}" | "${hook}"
+  exitcodes="${exitcodes} $?"
 done

 for i in ${exitcodes}; do
-[ ${i} -eq 0 ] || exit ${i}
+  [ ${i} -eq 0 ] || exit ${i}
 done
 `, setting.ScriptType),
+
+		// for update
 		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0/..)}

 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
-test -x "${hook}" && test -f "${hook}" || continue
-"${hook}" $1 $2 $3
-exitcodes="${exitcodes} $?"
+  test -x "${hook}" && test -f "${hook}" || continue
+  "${hook}" $1 $2 $3
+  exitcodes="${exitcodes} $?"
 done

 for i in ${exitcodes}; do
-[ ${i} -eq 0 ] || exit ${i}
+  [ ${i} -eq 0 ] || exit ${i}
 done
 `, setting.ScriptType),
+
+		// for post-receive
 		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
 data=$(cat)
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0)/..}

 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
-test -x "${hook}" && test -f "${hook}" || continue
-echo "${data}" | "${hook}"
-exitcodes="${exitcodes} $?"
+  test -x "${hook}" && test -f "${hook}" || continue
+  echo "${data}" | "${hook}"
+  exitcodes="${exitcodes} $?"
 done

 for i in ${exitcodes}; do
-[ ${i} -eq 0 ] || exit ${i}
+  [ ${i} -eq 0 ] || exit ${i}
 done
 `, setting.ScriptType),
 	}
+
 	giteaHookTpls = []string{
-		fmt.Sprintf("#!/usr/bin/env %s\n%s hook --config=%s pre-receive\n", setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
-		fmt.Sprintf("#!/usr/bin/env %s\n%s hook --config=%s update $1 $2 $3\n", setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
-		fmt.Sprintf("#!/usr/bin/env %s\n%s hook --config=%s post-receive\n", setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
+		// for pre-receive
+		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
+%s hook --config=%s pre-receive
+`, setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
+
+		// for update
+		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
+%s hook --config=%s update $1 $2 $3
+`, setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
+
+		// for post-receive
+		fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
+%s hook --config=%s post-receive
+`, setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)),
 	}

 	if git.SupportProcReceive {
 		hookNames = append(hookNames, "proc-receive")
 		hookTpls = append(hookTpls,
-			fmt.Sprintf("#!/usr/bin/env %s\n%s hook --config=%s proc-receive\n", setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)))
+			fmt.Sprintf(`#!/usr/bin/env %s
+# AUTO GENERATED BY GITEA, DO NOT MODIFY
+%s hook --config=%s proc-receive
+`, setting.ScriptType, util.ShellEscape(setting.AppPath), util.ShellEscape(setting.CustomConf)))
 		giteaHookTpls = append(giteaHookTpls, "")
 	}

--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -683,6 +683,18 @@ func NewContext() {
 	StaticRootPath = sec.Key("STATIC_ROOT_PATH").MustString(StaticRootPath)
 	StaticCacheTime = sec.Key("STATIC_CACHE_TIME").MustDuration(6 * time.Hour)
 	AppDataPath = sec.Key("APP_DATA_PATH").MustString(path.Join(AppWorkPath, "data"))
+	if _, err = os.Stat(AppDataPath); err != nil {
+		// FIXME: There are too many calls to MkdirAll in old code. It is incorrect.
+		// For example, if someDir=/mnt/vol1/gitea-home/data, if the mount point /mnt/vol1 is not mounted when Gitea runs,
+		// then gitea will make new empty directories in /mnt/vol1, all are stored in the root filesystem.
+		// The correct behavior should be: creating parent directories is end users' duty. We only create sub-directories in existing parent directories.
+		// For quickstart, the parent directories should be created automatically for first startup (eg: a flag or a check of INSTALL_LOCK).
+		// Now we can take the first step to do correctly (using Mkdir) in other packages, and prepare the AppDataPath here, then make a refactor in future.
+		err = os.MkdirAll(AppDataPath, os.ModePerm)
+		if err != nil {
+			log.Fatal("Failed to create the directory for app data path '%s'", AppDataPath)
+		}
+	}
 	EnableGzip = sec.Key("ENABLE_GZIP").MustBool()
 	EnablePprof = sec.Key("ENABLE_PPROF").MustBool(false)
 	PprofDataPath = sec.Key("PPROF_DATA_PATH").MustString(path.Join(AppWorkPath, "data/tmp/pprof"))