This change is a follow up on the effort to remove transactions and sync stores from the database layer, and move them in the application layer. It is addressing the repo + space store.
The following changes are included:
- Introduce PathStore storing resource paths (repo + space)
- Add foreign key from path.repo_id/space_id to repo.id/space.id
- Add foreign key from repo/space.parent_id to space.id
- Remove repo_sync and space_sync
- Move path creation logic to repo/space controller (for both creating primary paths for new repos/spaces, as well as creating alias spaces)
- Reimplement repo/space moving on controller layer
This change adds the following:
- Space UID + Custom harness validation (accountId for top level space, harness identifier for child spaces)
- Repo UID + Custom harness validation (harness identifier)
- Store Unique casing of space / repo path and add Path.ValueUnique (with Unique index) to allow for application layer controlling the case sensitivity (case insensitive standalone vs partially case sensitive harness)
- Token UID (unique index over ownertype + ownerID + tokenUID)
- Add DisplayName for principals (replaces Name to avoid confustion)
- Store Unique casing of principal UID and add Principal.ValueUnique (with unique index) to allow for application layer, per principal type control of case sensitivity (required in embedded mode)
- Generate serviceAccount UID (+Email) Randomly (sa-{space|repo}-{ID}-{random}) - Allows to have a unique UID across all principals while reducing likelyhood of overlaps with users + avoid overlap across spaces / repos.
- Sync casing of space names (accountId orgId projectId) when creating spaces on the fly (to ensure case sensitivity of - harness code) or use the existing space to update casing.
- Update serviceaccount client to match updated NG Manager API
- in embedded mode create spaces for harness resources owning the service account
This change is adding search capability to the following apis:
- child repositories
- child spaces
*NOTE* The search space is limited to direct child repos/spaces.
Adds the basic for harness embedded mode:
- Harness dedicated router with custom APIHandler
- Inline Space Creation
- Client for Account/Org/Project
- Bootstrap (Allows for automated creation of admin user and gitness service (used for all platform required ops))
- Inline harness service principal creation
- Ignore flag for ACL.
This change introduces the concept of a principal (abstraction of call identity), and adds a new service account type principal. Also adds support for different tokens (session, PAT, SAT, OAuth2) and adds auth.Session which is being used to capture information about the caller and call method.
This change is adding the concept of Paths.
A repository and space always have a Primary Path which always is represents the ancestry to the root space.
All access history / resource visibility / child listings / UI traversal / etc. is done via that path.
Additionally, repos and spaces can have Alias Paths, which as the name states are aliases. via the primary path.
They sole impact is that a space or repo can be reached via different paths from the UI / rest apis / git apis.
This fulfills two major purposes:
- Customers can rename or move projects and spaces without breaking any existing references from CI pipeliens / code bases / local repos / ...
- Customer can create shorter aliases for important repos when in harness embeded mode! (acc/org/proj/repo can be shortened to acc/repo, or acc/repo'
Apart from the path changes, this PR adds:
Improved User facing errors
Improved internal error handling and wrapping
update / rename operation for repo and space
path list / delete / create operation for repo and space
Marko Gaćeša
Atefeh Mohseni Ejiyeh
Johannes Batzill
Enver Bisevac