From 0f441b26d1b595905a07dce8f2447dcf1897e7d0 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Tue, 30 Aug 2022 20:10:07 +0200 Subject: [PATCH 1/3] patch from dmaes --- docs/index.md | 2 +- docs/resources/git_hook.md | 47 +++++++++++++ gitea/provider.go | 1 + gitea/resource_gitea_git_hook.go | 115 +++++++++++++++++++++++++++++++ 4 files changed, 164 insertions(+), 1 deletion(-) create mode 100644 docs/resources/git_hook.md create mode 100644 gitea/resource_gitea_git_hook.go diff --git a/docs/index.md b/docs/index.md index e5e038b..f1cf291 100644 --- a/docs/index.md +++ b/docs/index.md @@ -17,7 +17,7 @@ terraform { required_providers { gitea = { source = "Lerentis/gitea" - version = "0.7.2" + version = "0.7.4" } } } diff --git a/docs/resources/git_hook.md b/docs/resources/git_hook.md new file mode 100644 index 0000000..a987155 --- /dev/null +++ b/docs/resources/git_hook.md @@ -0,0 +1,47 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "gitea_git_hook Resource - terraform-provider-gitea" +subcategory: "" +description: |- + gitea_git_hook manages git hooks on a repository. +--- + +# gitea_git_hook (Resource) + +`gitea_git_hook` manages git hooks on a repository. + +## Example Usage + +```terraform +resource "gitea_org" "test_org" { + name = "test-org" +} + +resource "gitea_repository" "org_repo" { + username = gitea_org.test_org.name + name = "org-test-repo" +} + +resource "gitea_git_hook" "org_repo_post-receive" { + name = "post-receive" + user = gitea_org.test_org.name + repo = gitea_repository.org_repo.name + content = file("${path.module}/post-receive.sh") +} +``` + + +## Schema + +### Required + +- `content` (String) Content of the git hook +- `name` (String) Name of the git hook to configure +- `repo` (String) The repository that this hook belongs too. +- `user` (String) The user (or organisation) owning the repo this hook belongs too + +### Read-Only + +- `id` (String) The ID of this resource. + + diff --git a/gitea/provider.go b/gitea/provider.go index aed1dae..6c5c806 100644 --- a/gitea/provider.go +++ b/gitea/provider.go @@ -80,6 +80,7 @@ func Provider() *schema.Provider { "gitea_repository": resourceGiteaRepository(), "gitea_public_key": resourceGiteaPublicKey(), "gitea_team": resourceGiteaTeam(), + "gitea_git_hook": resourceGiteaGitHook(), }, ConfigureFunc: providerConfigure, diff --git a/gitea/resource_gitea_git_hook.go b/gitea/resource_gitea_git_hook.go new file mode 100644 index 0000000..186482d --- /dev/null +++ b/gitea/resource_gitea_git_hook.go @@ -0,0 +1,115 @@ +package gitea + +import ( + "fmt" + + "code.gitea.io/sdk/gitea" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +const ( + GitHookUser string = "user" + GitHookRepo string = "repo" + GitHookName string = "name" + GitHookContent string = "content" +) + +func resourceGitHookRead(d *schema.ResourceData, meta interface{}) (err error) { + client := meta.(*gitea.Client) + + user := d.Get(GitHookUser).(string) + repo := d.Get(GitHookRepo).(string) + name := d.Get(GitHookName).(string) + + gitHook, _, err := client.GetRepoGitHook(user, repo, name) + + if err != nil { + return err + } + + err = setGitHookResourceData(user, repo, gitHook, d) + + return +} + +func resourceGitHookUpdate(d *schema.ResourceData, meta interface{}) (err error) { + client := meta.(*gitea.Client) + + user := d.Get(GitHookUser).(string) + repo := d.Get(GitHookRepo).(string) + name := d.Get(GitHookName).(string) + + opts := gitea.EditGitHookOption{ + Content: d.Get(GitHookContent).(string), + } + + _, err = client.EditRepoGitHook(user, repo, name, opts) + + if err != nil { + return err + } + + // Get gitHook ourselves, EditRepoGitHook does not return it + gitHook, _, err := client.GetRepoGitHook(user, repo, name) + + if err != nil { + return err + } + + err = setGitHookResourceData(user, repo, gitHook, d) + + return +} + +func resourceGitHookDelete(d *schema.ResourceData, meta interface{}) (err error) { + client := meta.(*gitea.Client) + + user := d.Get(GitHookUser).(string) + repo := d.Get(GitHookRepo).(string) + name := d.Get(GitHookName).(string) + + _, err = client.DeleteRepoGitHook(user, repo, name) + + return +} + +func setGitHookResourceData(user string, repo string, gitHook *gitea.GitHook, d *schema.ResourceData) (err error) { + d.SetId(fmt.Sprintf("%s/%s/%s", user, repo, gitHook.Name)) + d.Set(GitHookUser, user) + d.Set(GitHookRepo, repo) + d.Set(GitHookName, gitHook.Name) + d.Set(GitHookContent, gitHook.Content) + return +} + +func resourceGiteaGitHook() *schema.Resource { + return &schema.Resource{ + Read: resourceGitHookRead, + Create: resourceGitHookUpdate, // All hooks already exist, just empty and disabled + Update: resourceGitHookUpdate, + Delete: resourceGitHookDelete, + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + Description: "Name of the git hook to configure", + }, + "repo": { + Type: schema.TypeString, + Required: true, + Description: "The repository that this hook belongs too.", + }, + "user": { + Type: schema.TypeString, + Required: true, + Description: "The user (or organisation) owning the repo this hook belongs too", + }, + "content": { + Type: schema.TypeString, + Required: true, + Description: "Content of the git hook", + }, + }, + Description: "`gitea_git_hook` manages git hooks on a repository.", + } +} -- 2.45.2 From 3f67ba18957b2cecf920cfed5e3e55c1d56c7602 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Tue, 30 Aug 2022 20:19:08 +0200 Subject: [PATCH 2/3] minor cosmetic changes and prepare next release --- Makefile | 2 +- README.md | 2 +- docs/index.md | 2 +- examples/provider.tf | 2 +- examples/provider/provider.tf | 2 +- examples/resources/gitea_git_hook/resource.tf | 15 +++++++++++++++ scripts/docker-compose.yaml | 2 +- 7 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 examples/resources/gitea_git_hook/resource.tf diff --git a/Makefile b/Makefile index e97dee5..621ddb1 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor) GOFMT ?= gofmt -s -VERSION = 0.7.4 +VERSION = 0.8.0 test: fmt-check go test -i $(TEST) || exit 1 diff --git a/README.md b/README.md index 9777a48..610582a 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ terraform { required_providers { gitea = { source = "Lerentis/gitea" - version = "0.7.4" + version = "0.8.0" } } } diff --git a/docs/index.md b/docs/index.md index f1cf291..53c4509 100644 --- a/docs/index.md +++ b/docs/index.md @@ -17,7 +17,7 @@ terraform { required_providers { gitea = { source = "Lerentis/gitea" - version = "0.7.4" + version = "0.8.0" } } } diff --git a/examples/provider.tf b/examples/provider.tf index d578540..ec315cc 100644 --- a/examples/provider.tf +++ b/examples/provider.tf @@ -2,7 +2,7 @@ terraform { required_providers { gitea = { source = "terraform.local/lerentis/gitea" - version = "0.7.4" + version = "0.8.0" } } } diff --git a/examples/provider/provider.tf b/examples/provider/provider.tf index 45582f9..2f9e7ac 100644 --- a/examples/provider/provider.tf +++ b/examples/provider/provider.tf @@ -2,7 +2,7 @@ terraform { required_providers { gitea = { source = "Lerentis/gitea" - version = "0.7.4" + version = "0.8.0" } } } diff --git a/examples/resources/gitea_git_hook/resource.tf b/examples/resources/gitea_git_hook/resource.tf new file mode 100644 index 0000000..a11ee11 --- /dev/null +++ b/examples/resources/gitea_git_hook/resource.tf @@ -0,0 +1,15 @@ +resource "gitea_org" "test_org" { + name = "test-org" +} + +resource "gitea_repository" "org_repo" { + username = gitea_org.test_org.name + name = "org-test-repo" +} + +resource "gitea_git_hook" "org_repo_post-receive" { + name = "post-receive" + user = gitea_org.test_org.name + repo = gitea_repository.org_repo.name + content = file("${path.module}/post-receive.sh") +} \ No newline at end of file diff --git a/scripts/docker-compose.yaml b/scripts/docker-compose.yaml index aef83e2..c128cd3 100644 --- a/scripts/docker-compose.yaml +++ b/scripts/docker-compose.yaml @@ -6,7 +6,7 @@ networks: services: server: - image: gitea/gitea:1.16.8 + image: gitea/gitea:1.17.1 container_name: gitea environment: - USER_UID=1000 -- 2.45.2 From e7ad54b0a436e7463fb0d8d57b6aa0b7f16a6012 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Tue, 30 Aug 2022 21:02:06 +0200 Subject: [PATCH 3/3] warn about server side hooks --- docs/resources/git_hook.md | 10 +++++++++- examples/main.tf | 15 +++++++++++++++ examples/pre-receive.sh | 9 +++++++++ examples/resources/gitea_git_hook/post-receive.sh | 8 ++++++++ examples/resources/gitea_git_hook/resource.tf | 2 +- gitea/resource_gitea_git_hook.go | 7 ++++++- scripts/docker-compose.yaml | 1 + 7 files changed, 49 insertions(+), 3 deletions(-) create mode 100644 examples/pre-receive.sh create mode 100644 examples/resources/gitea_git_hook/post-receive.sh diff --git a/docs/resources/git_hook.md b/docs/resources/git_hook.md index a987155..ba12e1e 100644 --- a/docs/resources/git_hook.md +++ b/docs/resources/git_hook.md @@ -4,11 +4,19 @@ page_title: "gitea_git_hook Resource - terraform-provider-gitea" subcategory: "" description: |- gitea_git_hook manages git hooks on a repository. + import is currently not supported + WARNING: using this resource requires to enable server side hookswhich are known to cause security issues https://github.com/go-gitea/gitea/pull/13058! + if you want to procede, you need to enable server side hooks as stated here https://docs.gitea.io/en-us/config-cheat-sheet/#security-security --- # gitea_git_hook (Resource) `gitea_git_hook` manages git hooks on a repository. +import is currently not supported + +WARNING: using this resource requires to enable server side hookswhich are known to cause [security issues](https://github.com/go-gitea/gitea/pull/13058)! + +if you want to procede, you need to enable server side hooks as stated [here](https://docs.gitea.io/en-us/config-cheat-sheet/#security-security) ## Example Usage @@ -22,7 +30,7 @@ resource "gitea_repository" "org_repo" { name = "org-test-repo" } -resource "gitea_git_hook" "org_repo_post-receive" { +resource "gitea_git_hook" "org_repo_post_receive" { name = "post-receive" user = gitea_org.test_org.name repo = gitea_repository.org_repo.name diff --git a/examples/main.tf b/examples/main.tf index 05dd821..bf41f7e 100644 --- a/examples/main.tf +++ b/examples/main.tf @@ -56,3 +56,18 @@ resource "gitea_team" "test_team" { permission = "write" members = [gitea_user.test.username] } + +resource "gitea_team" "admin_team" { + name = "Admins" + organisation = gitea_org.test_org.name + description = "Admins of Test Org" + permission = "admin" + members = [data.gitea_user.me.username] +} + +resource "gitea_git_hook" "org_repo_pre_receive" { + name = "pre-receive" + user = gitea_org.test_org.name + repo = gitea_repository.org_repo.name + content = file("${path.module}/pre-receive.sh") +} diff --git a/examples/pre-receive.sh b/examples/pre-receive.sh new file mode 100644 index 0000000..a0638ed --- /dev/null +++ b/examples/pre-receive.sh @@ -0,0 +1,9 @@ +#!/bin/bash +while read oldrev newrev refname +do + branch=$(git rev-parse --symbolic --abbrev-ref $refname) + if [ "master" = "$branch" ]; then + echo "wrong branch" + exit 1 + fi +done \ No newline at end of file diff --git a/examples/resources/gitea_git_hook/post-receive.sh b/examples/resources/gitea_git_hook/post-receive.sh new file mode 100644 index 0000000..be7b0bb --- /dev/null +++ b/examples/resources/gitea_git_hook/post-receive.sh @@ -0,0 +1,8 @@ +#!/bin/bash +while read oldrev newrev refname +do + branch=$(git rev-parse --symbolic --abbrev-ref $refname) + if [ "master" = "$branch" ]; then + # Do something + fi +done \ No newline at end of file diff --git a/examples/resources/gitea_git_hook/resource.tf b/examples/resources/gitea_git_hook/resource.tf index a11ee11..8773dda 100644 --- a/examples/resources/gitea_git_hook/resource.tf +++ b/examples/resources/gitea_git_hook/resource.tf @@ -7,7 +7,7 @@ resource "gitea_repository" "org_repo" { name = "org-test-repo" } -resource "gitea_git_hook" "org_repo_post-receive" { +resource "gitea_git_hook" "org_repo_post_receive" { name = "post-receive" user = gitea_org.test_org.name repo = gitea_repository.org_repo.name diff --git a/gitea/resource_gitea_git_hook.go b/gitea/resource_gitea_git_hook.go index 186482d..8b7e8c1 100644 --- a/gitea/resource_gitea_git_hook.go +++ b/gitea/resource_gitea_git_hook.go @@ -110,6 +110,11 @@ func resourceGiteaGitHook() *schema.Resource { Description: "Content of the git hook", }, }, - Description: "`gitea_git_hook` manages git hooks on a repository.", + Description: "`gitea_git_hook` manages git hooks on a repository.\n" + + "import is currently not supported\n\n" + + "WARNING: using this resource requires to enable server side hooks" + + "which are known to cause [security issues](https://github.com/go-gitea/gitea/pull/13058)!\n\n" + + "if you want to procede, you need to enable server side hooks as stated" + + " [here](https://docs.gitea.io/en-us/config-cheat-sheet/#security-security)", } } diff --git a/scripts/docker-compose.yaml b/scripts/docker-compose.yaml index c128cd3..453bc52 100644 --- a/scripts/docker-compose.yaml +++ b/scripts/docker-compose.yaml @@ -11,6 +11,7 @@ services: environment: - USER_UID=1000 - USER_GID=1000 + - DISABLE_GIT_HOOKS=false restart: always networks: - gitea -- 2.45.2