Take back control of hooks (#1006)

* git: delegate all server-side Git hooks (#1623)

* create hooks directories

* take control hooks back

* fix lint

* bug fixed and minor changes

* fix imports style

* fix migration scripts

cmd/hook.go

@@ -0,0 +1,106 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"code.gitea.io/gitea/models"
+
+	"github.com/urfave/cli"
+)
+
+var (
+	// CmdHook represents the available hooks sub-command.
+	CmdHook = cli.Command{
+		Name:        "hook",
+		Usage:       "Delegate commands to corresponding Git hooks",
+		Description: "This should only be called by Git",
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "config, c",
+				Value: "custom/conf/app.ini",
+				Usage: "Custom configuration file path",
+			},
+		},
+		Subcommands: []cli.Command{
+			subcmdHookPreReceive,
+			subcmdHookUpadte,
+			subcmdHookPostReceive,
+		},
+	}
+
+	subcmdHookPreReceive = cli.Command{
+		Name:        "pre-receive",
+		Usage:       "Delegate pre-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPreReceive,
+	}
+	subcmdHookUpadte = cli.Command{
+		Name:        "update",
+		Usage:       "Delegate update Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookUpdate,
+	}
+	subcmdHookPostReceive = cli.Command{
+		Name:        "post-receive",
+		Usage:       "Delegate post-receive Git hook",
+		Description: "This command should only be called by Git",
+		Action:      runHookPostReceive,
+	}
+)
+
+func runHookPreReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+	if err := setup("hooks/pre-receive.log"); err != nil {
+		fail("Hook pre-receive init failed", fmt.Sprintf("setup: %v", err))
+	}
+
+	return nil
+}
+
+func runHookUpdate(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+
+	if err := setup("hooks/update.log"); err != nil {
+		fail("Hook update init failed", fmt.Sprintf("setup: %v", err))
+	}
+
+	args := c.Args()
+	if len(args) != 3 {
+		fail("Arguments received are not equal to three", "Arguments received are not equal to three")
+	} else if len(args[0]) == 0 {
+		fail("First argument 'refName' is empty", "First argument 'refName' is empty")
+	}
+
+	uuid := os.Getenv(envUpdateTaskUUID)
+	if err := models.AddUpdateTask(&models.UpdateTask{
+		UUID:        uuid,
+		RefName:     args[0],
+		OldCommitID: args[1],
+		NewCommitID: args[2],
+	}); err != nil {
+		fail("Internal error", "Fail to add update task '%s': %v", uuid, err)
+	}
+
+	return nil
+}
+
+func runHookPostReceive(c *cli.Context) error {
+	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
+		return nil
+	}
+
+	if err := setup("hooks/post-receive.log"); err != nil {
+		fail("Hook post-receive init failed", fmt.Sprintf("setup: %v", err))
+	}
+
+	return nil
+}

cmd/serve.go → cmd/serv.go

@@ -30,6 +30,7 @@ import (
 const (
 	accessDenied        = "Repository does not exist or you do not have access"
 	lfsAuthenticateVerb = "git-lfs-authenticate"
+	envUpdateTaskUUID   = "GITEA_UUID"
 )
 
 // CmdServ represents the available serv sub-command.
@@ -170,7 +171,6 @@ func runServ(c *cli.Context) error {
 
 	var lfsVerb string
 	if verb == lfsAuthenticateVerb {
-
 		if !setting.LFS.StartServer {
 			fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled")
 		}
@@ -291,9 +291,7 @@ func runServ(c *cli.Context) error {
 	}
 
 	//LFS token authentication
-
 	if verb == lfsAuthenticateVerb {
-
 		url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, repoUser.Name, repo.Name)
 
 		now := time.Now()
@@ -326,7 +324,7 @@ func runServ(c *cli.Context) error {
 	}
 
 	uuid := gouuid.NewV4().String()
-	os.Setenv("GITEA_UUID", uuid)
+	os.Setenv(envUpdateTaskUUID, uuid)
 	// Keep the old env variable name for backward compability
 	os.Setenv("uuid", uuid)
 

main.go

@@ -30,7 +30,7 @@ func main() {
 	app.Commands = []cli.Command{
 		cmd.CmdWeb,
 		cmd.CmdServ,
-		cmd.CmdUpdate,
+		cmd.CmdHook,
 		cmd.CmdDump,
 		cmd.CmdCert,
 		cmd.CmdAdmin,

models/migrations/migrations.go

@@ -86,6 +86,8 @@ var migrations = []Migration{
 	NewMigration("set protect branches updated with created", setProtectedBranchUpdatedWithCreated),
 	// v18 -> v19
 	NewMigration("add external login user", addExternalLoginUser),
+	// v19 -> v20
+	NewMigration("generate and migrate Git hooks", generateAndMigrateGitHooks),
 }
 
 // Migrate database to current version

models/migrations/v18.go

@@ -13,8 +13,8 @@ import (
 // ExternalLoginUser makes the connecting between some existing user and additional external login sources
 type ExternalLoginUser struct {
 	ExternalID    string `xorm:"NOT NULL"`
-	UserID        int64 `xorm:"NOT NULL"`
-	LoginSourceID int64 `xorm:"NOT NULL"`
+	UserID        int64  `xorm:"NOT NULL"`
+	LoginSourceID int64  `xorm:"NOT NULL"`
 }
 
 func addExternalLoginUser(x *xorm.Engine) error {

models/migrations/v19.go

@@ -0,0 +1,85 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/Unknwon/com"
+	"github.com/go-xorm/xorm"
+)
+
+func generateAndMigrateGitHooks(x *xorm.Engine) (err error) {
+	type Repository struct {
+		ID      int64
+		OwnerID int64
+		Name    string
+	}
+	type User struct {
+		ID   int64
+		Name string
+	}
+
+	var (
+		hookNames = []string{"pre-receive", "update", "post-receive"}
+		hookTpls  = []string{
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/pre-receive.d\"`; do\n    sh \"$SHELL_FOLDER/pre-receive.d/$i\"\ndone", setting.ScriptType),
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/update.d\"`; do\n    sh \"$SHELL_FOLDER/update.d/$i\" $1 $2 $3\ndone", setting.ScriptType),
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/post-receive.d\"`; do\n    sh \"$SHELL_FOLDER/post-receive.d/$i\"\ndone", setting.ScriptType),
+		}
+		giteaHookTpls = []string{
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' update $1 $2 $3\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' post-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+		}
+	)
+
+	return x.Where("id > 0").Iterate(new(Repository),
+		func(idx int, bean interface{}) error {
+			repo := bean.(*Repository)
+			user := new(User)
+			has, err := x.Where("id = ?", repo.OwnerID).Get(user)
+			if err != nil {
+				return fmt.Errorf("query owner of repository [repo_id: %d, owner_id: %d]: %v", repo.ID, repo.OwnerID, err)
+			} else if !has {
+				return nil
+			}
+
+			repoPath := filepath.Join(setting.RepoRootPath, strings.ToLower(user.Name), strings.ToLower(repo.Name)) + ".git"
+			hookDir := filepath.Join(repoPath, "hooks")
+
+			for i, hookName := range hookNames {
+				oldHookPath := filepath.Join(hookDir, hookName)
+				newHookPath := filepath.Join(hookDir, hookName+".d", "gitea")
+
+				if err = os.MkdirAll(filepath.Join(hookDir, hookName+".d"), os.ModePerm); err != nil {
+					return fmt.Errorf("create hooks dir '%s': %v", filepath.Join(hookDir, hookName+".d"), err)
+				}
+
+				// WARNING: Old server-side hooks will be moved to sub directory with the same name
+				if hookName != "update" && com.IsExist(oldHookPath) {
+					newPlace := filepath.Join(hookDir, hookName+".d", hookName)
+					if err = os.Rename(oldHookPath, newPlace); err != nil {
+						return fmt.Errorf("Remove old hook file '%s' to '%s': %v", oldHookPath, newPlace, err)
+					}
+				}
+
+				if err = ioutil.WriteFile(oldHookPath, []byte(hookTpls[i]), 0777); err != nil {
+					return fmt.Errorf("write old hook file '%s': %v", oldHookPath, err)
+				}
+
+				if err = ioutil.WriteFile(newHookPath, []byte(giteaHookTpls[i]), 0777); err != nil {
+					return fmt.Errorf("write new hook file '%s': %v", oldHookPath, err)
+				}
+			}
+			return nil
+		})
+}

models/repo.go

@@ -831,20 +831,54 @@ func cleanUpMigrateGitConfig(configPath string) error {
 	return nil
 }
 
-func createUpdateHook(repoPath string) error {
-	return git.SetUpdateHook(repoPath,
-		fmt.Sprintf(tplUpdateHook, setting.ScriptType, "\""+setting.AppPath+"\"", setting.CustomConf))
+// createDelegateHooks creates all the hooks scripts for the repo
+func createDelegateHooks(repoPath string) (err error) {
+	var (
+		hookNames = []string{"pre-receive", "update", "post-receive"}
+		hookTpls  = []string{
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/pre-receive.d\"`; do\n    sh \"$SHELL_FOLDER/pre-receive.d/$i\"\ndone", setting.ScriptType),
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/update.d\"`; do\n    sh \"$SHELL_FOLDER/update.d/$i\" $1 $2 $3\ndone", setting.ScriptType),
+			fmt.Sprintf("#!/usr/bin/env %s\nORI_DIR=`pwd`\nSHELL_FOLDER=$(cd \"$(dirname \"$0\")\";pwd)\ncd \"$ORI_DIR\"\nfor i in `ls \"$SHELL_FOLDER/post-receive.d\"`; do\n    sh \"$SHELL_FOLDER/post-receive.d/$i\"\ndone", setting.ScriptType),
+		}
+		giteaHookTpls = []string{
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' pre-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' update $1 $2 $3\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+			fmt.Sprintf("#!/usr/bin/env %s\n\"%s\" hook --config='%s' post-receive\n", setting.ScriptType, setting.AppPath, setting.CustomConf),
+		}
+	)
+
+	hookDir := filepath.Join(repoPath, "hooks")
+
+	for i, hookName := range hookNames {
+		oldHookPath := filepath.Join(hookDir, hookName)
+		newHookPath := filepath.Join(hookDir, hookName+".d", "gitea")
+
+		if err := os.MkdirAll(filepath.Join(hookDir, hookName+".d"), os.ModePerm); err != nil {
+			return fmt.Errorf("create hooks dir '%s': %v", filepath.Join(hookDir, hookName+".d"), err)
+		}
+
+		// WARNING: This will override all old server-side hooks
+		if err = ioutil.WriteFile(oldHookPath, []byte(hookTpls[i]), 0777); err != nil {
+			return fmt.Errorf("write old hook file '%s': %v", oldHookPath, err)
+		}
+
+		if err = ioutil.WriteFile(newHookPath, []byte(giteaHookTpls[i]), 0777); err != nil {
+			return fmt.Errorf("write new hook file '%s': %v", newHookPath, err)
+		}
+	}
+
+	return nil
 }
 
 // CleanUpMigrateInfo finishes migrating repository and/or wiki with things that don't need to be done for mirrors.
 func CleanUpMigrateInfo(repo *Repository) (*Repository, error) {
 	repoPath := repo.RepoPath()
-	if err := createUpdateHook(repoPath); err != nil {
-		return repo, fmt.Errorf("createUpdateHook: %v", err)
+	if err := createDelegateHooks(repoPath); err != nil {
+		return repo, fmt.Errorf("createDelegateHooks: %v", err)
 	}
 	if repo.HasWiki() {
-		if err := createUpdateHook(repo.WikiPath()); err != nil {
-			return repo, fmt.Errorf("createUpdateHook (wiki): %v", err)
+		if err := createDelegateHooks(repo.WikiPath()); err != nil {
+			return repo, fmt.Errorf("createDelegateHooks.(wiki): %v", err)
 		}
 	}
 
@@ -994,8 +1028,8 @@ func initRepository(e Engine, repoPath string, u *User, repo *Repository, opts C
 	// Init bare new repository.
 	if err = git.InitRepository(repoPath, true); err != nil {
 		return fmt.Errorf("InitRepository: %v", err)
-	} else if err = createUpdateHook(repoPath); err != nil {
-		return fmt.Errorf("createUpdateHook: %v", err)
+	} else if err = createDelegateHooks(repoPath); err != nil {
+		return fmt.Errorf("createDelegateHooks: %v", err)
 	}
 
 	tmpDir := filepath.Join(os.TempDir(), "gitea-"+repo.Name+"-"+com.ToStr(time.Now().Nanosecond()))
@@ -2009,15 +2043,16 @@ func ReinitMissingRepositories() error {
 	return nil
 }
 
-// RewriteRepositoryUpdateHook rewrites all repositories' update hook.
-func RewriteRepositoryUpdateHook() error {
-	return x.
-		Where("id > 0").
-		Iterate(new(Repository),
-			func(idx int, bean interface{}) error {
-				repo := bean.(*Repository)
-				return createUpdateHook(repo.RepoPath())
-			})
+// SyncRepositoryHooks rewrites all repositories' pre-receive, update and post-receive hooks
+// to make sure the binary and custom conf path are up-to-date.
+func SyncRepositoryHooks() error {
+	return x.Where("id > 0").Iterate(new(Repository),
+		func(idx int, bean interface{}) error {
+			if err := createDelegateHooks(bean.(*Repository).RepoPath()); err != nil {
+				return fmt.Errorf("SyncRepositoryHook: %v", err)
+			}
+			return nil
+		})
 }
 
 // Prevent duplicate running tasks.
@@ -2345,8 +2380,8 @@ func ForkRepository(u *User, oldRepo *Repository, name, desc string) (_ *Reposit
 		return nil, fmt.Errorf("git update-server-info: %v", stderr)
 	}
 
-	if err = createUpdateHook(repoPath); err != nil {
-		return nil, fmt.Errorf("createUpdateHook: %v", err)
+	if err = createDelegateHooks(repoPath); err != nil {
+		return nil, fmt.Errorf("createDelegateHooks: %v", err)
 	}
 
 	//Commit repo to get Fork ID

models/wiki.go

@@ -69,8 +69,8 @@ func (repo *Repository) InitWiki() error {
 
 	if err := git.InitRepository(repo.WikiPath(), true); err != nil {
 		return fmt.Errorf("InitRepository: %v", err)
-	} else if err = createUpdateHook(repo.WikiPath()); err != nil {
-		return fmt.Errorf("createUpdateHook: %v", err)
+	} else if err = createDelegateHooks(repo.WikiPath()); err != nil {
+		return fmt.Errorf("createDelegateHooks: %v", err)
 	}
 	return nil
 }

options/locale/locale_en-US.ini

@@ -1003,8 +1003,8 @@ dashboard.git_gc_repos = Do garbage collection on repositories
 dashboard.git_gc_repos_success = All repositories have done garbage collection successfully.
 dashboard.resync_all_sshkeys = Rewrite '.ssh/authorized_keys' file (caution: non-Gitea keys will be lost)
 dashboard.resync_all_sshkeys_success = All public keys have been rewritten successfully.
-dashboard.resync_all_update_hooks = Rewrite all update hook of repositories (needed when custom config path is changed)
-dashboard.resync_all_update_hooks_success = All repositories' update hook have been rewritten successfully.
+dashboard.resync_all_hooks = Resync pre-receive, update and post-receive hooks of all repositories.
+dashboard.resync_all_hooks_success = All repositories' pre-receive, update and post-receive hooks have been resynced successfully.
 dashboard.reinit_missing_repos = Reinitialize all repository records that lost Git files
 dashboard.reinit_missing_repos_success = All repository records that lost Git files have been reinitialized successfully.
 

routers/admin/admin.go

@@ -152,8 +152,8 @@ func Dashboard(ctx *context.Context) {
 			success = ctx.Tr("admin.dashboard.resync_all_sshkeys_success")
 			err = models.RewriteAllPublicKeys()
 		case syncRepositoryUpdateHook:
-			success = ctx.Tr("admin.dashboard.resync_all_update_hooks_success")
-			err = models.RewriteRepositoryUpdateHook()
+			success = ctx.Tr("admin.dashboard.resync_all_hooks_success")
+			err = models.SyncRepositoryHooks()
 		case reinitMissingRepository:
 			success = ctx.Tr("admin.dashboard.reinit_missing_repos_success")
 			err = models.ReinitMissingRepositories()

templates/admin/dashboard.tmpl

@@ -40,7 +40,7 @@
 								<td><i class="fa fa-caret-square-o-right"></i> <a href="{{AppSubUrl}}/admin?op=5">{{.i18n.Tr "admin.dashboard.operation_run"}}</a></td>
 							</tr>
 							<tr>
-								<td>{{.i18n.Tr "admin.dashboard.resync_all_update_hooks"}}</td>
+								<td>{{.i18n.Tr "admin.dashboard.resync_all_hooks"}}</td>
 								<td><i class="fa fa-caret-square-o-right"></i> <a href="{{AppSubUrl}}/admin?op=6">{{.i18n.Tr "admin.dashboard.operation_run"}}</a></td>
 							</tr>
 							<tr>

vendor/code.gitea.io/git/hook.go

@@ -9,6 +9,7 @@ import (
 	"io/ioutil"
 	"os"
 	"path"
+	"path/filepath"
 	"strings"
 
 	"github.com/Unknwon/com"
@@ -17,7 +18,7 @@ import (
 // hookNames is a list of Git server hooks' name that are supported.
 var hookNames = []string{
 	"pre-receive",
-	// "update",
+	"update",
 	"post-receive",
 }
 
@@ -52,8 +53,9 @@ func GetHook(repoPath, name string) (*Hook, error) {
 	}
 	h := &Hook{
 		name: name,
-		path: path.Join(repoPath, "hooks", name),
+		path: path.Join(repoPath, "hooks", name+".d", name),
 	}
+	samplePath := filepath.Join(repoPath, "hooks", name+".sample")
 	if isFile(h.path) {
 		data, err := ioutil.ReadFile(h.path)
 		if err != nil {
@@ -61,8 +63,8 @@ func GetHook(repoPath, name string) (*Hook, error) {
 		}
 		h.IsActive = true
 		h.Content = string(data)
-	} else if isFile(h.path + ".sample") {
-		data, err := ioutil.ReadFile(h.path + ".sample")
+	} else if isFile(samplePath) {
+		data, err := ioutil.ReadFile(samplePath)
 		if err != nil {
 			return nil, err
 		}

vendor/code.gitea.io/git/repo_blame.go

@@ -0,0 +1,10 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package git
+
+// FileBlame return the Blame object of file
+func (repo *Repository) FileBlame(revision, path, file string) ([]byte, error) {
+	return NewCommand("blame", "--root", file).RunInDirBytes(path)
+}

vendor/vendor.json

@@ -3,10 +3,10 @@
 	"ignore": "test",
 	"package": [
 		{
-			"checksumSHA1": "km1AOUs34DCwgXT55fh6PrkPdiU=",
+			"checksumSHA1": "nt2y/SNJe3Rl0tzdaEyGQfCc4L4=",
 			"path": "code.gitea.io/git",
-			"revision": "dd951bf625ebf5c16ef403f681aaec6c34324bca",
-			"revisionTime": "2017-02-05T02:50:57Z"
+			"revision": "b4c06a53d0f619e84a99eb042184663d4ad8a32b",
+			"revisionTime": "2017-02-22T02:52:05Z"
 		},
 		{
 			"checksumSHA1": "BKj0haFTDebzdC2nACpoGzp3s8A=",