From 2d21d2af9ef907ed3407b07d6a0191c39a29ee54 Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Sat, 19 Mar 2022 14:16:38 +0000
Subject: [PATCH] Make migrations SKIP_TLS_VERIFY apply to git too (#19132)
Make SKIP_TLS_VERIFY apply to git data migrations too through adding the `-c http.sslVerify=false` option to the git clone command.
Fix #18998
Signed-off-by: Andrew Thornton <art27@cantab.net>
---
modules/git/repo.go | 22 +++++++++++++---------
modules/repository/repo.go | 16 +++++++++-------
services/migrations/dump.go | 17 ++++++++++-------
3 files changed, 32 insertions(+), 23 deletions(-)
diff --git a/modules/git/repo.go b/modules/git/repo.go
index 8217521b06..5ba39ac7e3 100644
--- a/modules/git/repo.go
+++ b/modules/git/repo.go
@@ -98,15 +98,16 @@ func (repo *Repository) IsEmpty() (bool, error) {
// CloneRepoOptions options when clone a repository
type CloneRepoOptions struct {
- Timeout time.Duration
- Mirror bool
- Bare bool
- Quiet bool
- Branch string
- Shared bool
- NoCheckout bool
- Depth int
- Filter string
+ Timeout time.Duration
+ Mirror bool
+ Bare bool
+ Quiet bool
+ Branch string
+ Shared bool
+ NoCheckout bool
+ Depth int
+ Filter string
+ SkipTLSVerify bool
}
// Clone clones original repository to target path.
@@ -124,6 +125,9 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo
}
cmd := NewCommandContextNoGlobals(ctx, args...).AddArguments("clone")
+ if opts.SkipTLSVerify {
+ cmd.AddArguments("-c", "http.sslVerify=false")
+ }
if opts.Mirror {
cmd.AddArguments("--mirror")
}
diff --git a/modules/repository/repo.go b/modules/repository/repo.go
index ed9ed508be..13710bd4ab 100644
--- a/modules/repository/repo.go
+++ b/modules/repository/repo.go
@@ -72,9 +72,10 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
}
if err = git.Clone(ctx, opts.CloneAddr, repoPath, git.CloneRepoOptions{
- Mirror: true,
- Quiet: true,
- Timeout: migrateTimeout,
+ Mirror: true,
+ Quiet: true,
+ Timeout: migrateTimeout,
+ SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil {
return repo, fmt.Errorf("Clone: %v", err)
}
@@ -88,10 +89,11 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
}
if err = git.Clone(ctx, wikiRemotePath, wikiPath, git.CloneRepoOptions{
- Mirror: true,
- Quiet: true,
- Timeout: migrateTimeout,
- Branch: "master",
+ Mirror: true,
+ Quiet: true,
+ Timeout: migrateTimeout,
+ Branch: "master",
+ SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil {
log.Warn("Clone wiki: %v", err)
if err := util.RemoveAll(wikiPath); err != nil {
diff --git a/services/migrations/dump.go b/services/migrations/dump.go
index 9a093ef298..594b78511a 100644
--- a/services/migrations/dump.go
+++ b/services/migrations/dump.go
@@ -22,6 +22,7 @@ import (
"code.gitea.io/gitea/modules/log"
base "code.gitea.io/gitea/modules/migration"
"code.gitea.io/gitea/modules/repository"
+ "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"gopkg.in/yaml.v2"
@@ -149,9 +150,10 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp
}
err = git.Clone(g.ctx, remoteAddr, repoPath, git.CloneRepoOptions{
- Mirror: true,
- Quiet: true,
- Timeout: migrateTimeout,
+ Mirror: true,
+ Quiet: true,
+ Timeout: migrateTimeout,
+ SkipTLSVerify: setting.Migrations.SkipTLSVerify,
})
if err != nil {
return fmt.Errorf("Clone: %v", err)
@@ -166,10 +168,11 @@ func (g *RepositoryDumper) CreateRepo(repo *base.Repository, opts base.MigrateOp
}
if err := git.Clone(g.ctx, wikiRemotePath, wikiPath, git.CloneRepoOptions{
- Mirror: true,
- Quiet: true,
- Timeout: migrateTimeout,
- Branch: "master",
+ Mirror: true,
+ Quiet: true,
+ Timeout: migrateTimeout,
+ Branch: "master",
+ SkipTLSVerify: setting.Migrations.SkipTLSVerify,
}); err != nil {
log.Warn("Clone wiki: %v", err)
if err := os.RemoveAll(wikiPath); err != nil {