mirror of https://github.com/harness/drone.git
233 lines
6.4 KiB
Go
233 lines
6.4 KiB
Go
// Copyright 2022 Harness Inc. All rights reserved.
|
|
// Use of this source code is governed by the Polyform Free Trial License
|
|
// that can be found in the LICENSE.md file for this repository.
|
|
|
|
package repo
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/harness/gitness/gitrpc"
|
|
apiauth "github.com/harness/gitness/internal/api/auth"
|
|
"github.com/harness/gitness/internal/api/usererror"
|
|
"github.com/harness/gitness/internal/auth"
|
|
"github.com/harness/gitness/internal/bootstrap"
|
|
"github.com/harness/gitness/internal/paths"
|
|
"github.com/harness/gitness/internal/store/database/dbtx"
|
|
"github.com/harness/gitness/resources"
|
|
"github.com/harness/gitness/types"
|
|
"github.com/harness/gitness/types/check"
|
|
"github.com/harness/gitness/types/enum"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
var (
|
|
// errRepositoryRequiresParent if the user tries to create a repo without a parent space.
|
|
errRepositoryRequiresParent = usererror.BadRequest(
|
|
"Parent space required - standalone repositories are not supported.")
|
|
)
|
|
|
|
type CreateInput struct {
|
|
ParentID int64 `json:"parent_id"`
|
|
UID string `json:"uid"`
|
|
DefaultBranch string `json:"default_branch"`
|
|
Description string `json:"description"`
|
|
IsPublic bool `json:"is_public"`
|
|
ForkID int64 `json:"fork_id"`
|
|
Readme bool `json:"readme"`
|
|
License string `json:"license"`
|
|
GitIgnore string `json:"git_ignore"`
|
|
}
|
|
|
|
// Create creates a new repository.
|
|
func (c *Controller) Create(ctx context.Context, session *auth.Session, in *CreateInput) (*types.Repository, error) {
|
|
if err := c.checkAuthRepoCreation(ctx, session, in.ParentID); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := c.sanitizeCreateInput(in); err != nil {
|
|
return nil, fmt.Errorf("failed to sanitize input: %w", err)
|
|
}
|
|
|
|
gitRPCResp, err := c.createGitRPCRepository(ctx, session, in)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error creating repository on GitRPC: %w", err)
|
|
}
|
|
|
|
var repo *types.Repository
|
|
err = dbtx.New(c.db).WithTx(ctx, func(ctx context.Context) error {
|
|
// lock parent space path to ensure it doesn't get updated while we setup new repo
|
|
var spacePath *types.Path
|
|
spacePath, err = c.pathStore.FindPrimaryWithLock(ctx, enum.PathTargetTypeSpace, in.ParentID)
|
|
if err != nil {
|
|
return usererror.BadRequest("Parent not found'")
|
|
}
|
|
|
|
now := time.Now().UnixMilli()
|
|
repo = &types.Repository{
|
|
Version: 0,
|
|
ParentID: in.ParentID,
|
|
UID: in.UID,
|
|
GitUID: gitRPCResp.UID,
|
|
Path: paths.Concatinate(spacePath.Value, in.UID),
|
|
Description: in.Description,
|
|
IsPublic: in.IsPublic,
|
|
CreatedBy: session.Principal.ID,
|
|
Created: now,
|
|
Updated: now,
|
|
ForkID: in.ForkID,
|
|
DefaultBranch: in.DefaultBranch,
|
|
}
|
|
dberr := c.repoStore.Create(ctx, repo)
|
|
// cleanup git repo if we fail to create repo in db (best effort deletion)
|
|
defer func() {
|
|
if dberr != nil {
|
|
err := c.DeleteRepositoryRPC(ctx, session, repo)
|
|
if err != nil {
|
|
log.Ctx(ctx).Warn().Err(err).Msg("gitrpc failed to delete repo for cleanup")
|
|
}
|
|
}
|
|
}()
|
|
if dberr != nil {
|
|
return fmt.Errorf("faild to create repository in storage: %w", dberr)
|
|
}
|
|
|
|
path := &types.Path{
|
|
Version: 0,
|
|
Value: repo.Path,
|
|
IsPrimary: true,
|
|
TargetType: enum.PathTargetTypeRepo,
|
|
TargetID: repo.ID,
|
|
CreatedBy: repo.CreatedBy,
|
|
Created: repo.Created,
|
|
Updated: repo.Updated,
|
|
}
|
|
dberr = c.pathStore.Create(ctx, path)
|
|
if dberr != nil {
|
|
return fmt.Errorf("failed to create path: %w", dberr)
|
|
}
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// backfil GitURL
|
|
repo.GitURL = c.urlProvider.GenerateRepoCloneURL(repo.Path)
|
|
|
|
return repo, nil
|
|
}
|
|
|
|
func (c *Controller) checkAuthRepoCreation(ctx context.Context, session *auth.Session, parentID int64) error {
|
|
space, err := c.spaceStore.Find(ctx, parentID)
|
|
if err != nil {
|
|
return fmt.Errorf("parent space not found: %w", err)
|
|
}
|
|
|
|
// create is a special case - check permission without specific resource
|
|
scope := &types.Scope{SpacePath: space.Path}
|
|
resource := &types.Resource{
|
|
Type: enum.ResourceTypeRepo,
|
|
Name: "",
|
|
}
|
|
|
|
err = apiauth.Check(ctx, c.authorizer, session, scope, resource, enum.PermissionRepoEdit)
|
|
if err != nil {
|
|
return fmt.Errorf("auth check failed: %w", err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Controller) sanitizeCreateInput(in *CreateInput) error {
|
|
if in.ParentID <= 0 {
|
|
return errRepositoryRequiresParent
|
|
}
|
|
|
|
if err := c.uidCheck(in.UID, false); err != nil {
|
|
return err
|
|
}
|
|
|
|
in.Description = strings.TrimSpace(in.Description)
|
|
if err := check.Description(in.Description); err != nil {
|
|
return err
|
|
}
|
|
|
|
if in.DefaultBranch == "" {
|
|
in.DefaultBranch = c.defaultBranch
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Controller) createGitRPCRepository(ctx context.Context, session *auth.Session,
|
|
in *CreateInput) (*gitrpc.CreateRepositoryOutput, error) {
|
|
var (
|
|
err error
|
|
content []byte
|
|
)
|
|
files := make([]gitrpc.File, 0, 3) // readme, gitignore, licence
|
|
if in.Readme {
|
|
content = createReadme(in.UID, in.Description)
|
|
files = append(files, gitrpc.File{
|
|
Path: "README.md",
|
|
Content: content,
|
|
})
|
|
}
|
|
if in.License != "" && in.License != "none" {
|
|
content, err = resources.ReadLicense(in.License)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to read license '%s': %w", in.License, err)
|
|
}
|
|
files = append(files, gitrpc.File{
|
|
Path: "LICENSE",
|
|
Content: content,
|
|
})
|
|
}
|
|
if in.GitIgnore != "" {
|
|
content, err = resources.ReadGitIgnore(in.GitIgnore)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to read git ignore '%s': %w", in.GitIgnore, err)
|
|
}
|
|
files = append(files, gitrpc.File{
|
|
Path: ".gitignore",
|
|
Content: content,
|
|
})
|
|
}
|
|
|
|
actor := rpcIdentityFromPrincipal(session.Principal)
|
|
resp, err := c.gitRPCClient.CreateRepository(ctx, &gitrpc.CreateRepositoryParams{
|
|
DefaultBranch: in.DefaultBranch,
|
|
Files: files,
|
|
Actor: *actor,
|
|
Author: actor,
|
|
Committer: rpcIdentityFromPrincipal(bootstrap.NewSystemServiceSession().Principal),
|
|
})
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create repo on gitrpc: %w", err)
|
|
}
|
|
|
|
return resp, nil
|
|
}
|
|
|
|
func createReadme(name, description string) []byte {
|
|
content := bytes.Buffer{}
|
|
content.WriteString("# " + name + "\n")
|
|
if description != "" {
|
|
content.WriteString(description)
|
|
}
|
|
return content.Bytes()
|
|
}
|
|
|
|
func rpcIdentityFromPrincipal(p types.Principal) *gitrpc.Identity {
|
|
return &gitrpc.Identity{
|
|
Name: p.DisplayName,
|
|
Email: p.Email,
|
|
}
|
|
}
|