search

go-gitea / gitea

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
https://gitea.com
MIT License
44.35k stars 5.43k forks source link

GPG Commit Signatures by Gitea not working anymore in dev builds #19964

Closed spirkaa closed 2 years ago

spirkaa commented 2 years ago

Description

Latest builds showing earlier merged signed commits as No known key found for this signature in database. New merged commits are unsigned. New initialized repositories are created unsigned with SIGNING_KEY = default and not created at all with error 500 when specifying KEYID instead of default and adding SIGNING_NAME, SIGNING_EMAIL as per docs.

2022/06/13 20:54:23 ...s/repository/init.go:349:initRepoCommit() [E] Failed to commit: [commit --author='Ilya Pavlov piv@devmem.ru' -m Initial commit -SB0292765]: Stdout: Error: exit status 128 - error: gpg failed to sign the data fatal: failed to write commit object

  • error: gpg failed to sign the data fatal: failed to write commit object 2022/06/13 20:54:23 ...ers/web/repo/repo.go:195:handleCreateError() [E] CreatePost: initRepository: initRepoCommit: git commit: exit status 128 - error: gpg failed to sign the data fatal: failed to write commit object
  • error: gpg failed to sign the data fatal: failed to write commit object

Server GPG key without expiry date not changed in last two years, git or gitea relevant config parameters either.

git config --global user.signingkey B0292765
git config --global commit.gpgsign true
[repository.signing]
SIGNING_KEY    = default
INITIAL_COMMIT = always
CRUD_ACTIONS   = pubkey, twofa, parentsigned
WIKI           = never
MERGES         = pubkey, twofa, basesigned, commitssigned

When i create manual test commits inside container they are signed.

Gitea Version

1.17.0+dev-709-gff82a1831

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

Docker image gitea/gitea:dev

Database

PostgreSQL

wxiaoguang commented 2 years ago

These ones:

wxiaoguang commented 2 years ago

The document will be updated by

spirkaa commented 2 years ago

Ok, thanks. I changed command to

git config --file /data/gitea/gitea-repositories/.gitconfig user.signingkey B0292765
git config --file /data/gitea/gitea-repositories/.gitconfig commit.gpgsign true

and now gitea-signed commits showing as "Signed with default key by: Gitea".

But creation of new signed commits (merge or new repo init) still failing with the same error in log.

In /data/gitea/gitea-repositories there .gnupg dir with only file pubring.kbx. When i copy .gnupg from current user's {UserHome} (/data/git in container) all started working as before. Is this intentional behavior?

wxiaoguang commented 2 years ago

I think it's the intentional behavior (which should be documented as well) because the Git's home directory is changed. And when Gitea runs as a server, it shouldn't use user's config.

spirkaa commented 2 years ago

Now when i create new unitialized repo in gitea ui and push to main or new branch, there error in git push log:

remote: 2022/06/14 08:00:48 modules/git/git.go:138:HomeDir() [E] [62a81600-4] Git's HomeDir is empty (RepoRootPath is empty), the git module is not initialized correctly, using a temp HomeDir (/tmp/gitea-temp-home) temporarily

but RepoRootPath set in app.ini

[repository]
ROOT = /data/gitea/gitea-repositories
wxiaoguang commented 2 years ago

It should be fixed by #19930

The problem is that the git command is called before git.Init in a post hook.

Fix a bug in runHookPostReceive, now setup(including git.Init) is called before git.NewCommand

wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented 2 years ago

And when Gitea runs as a server, it shouldn't use user's config.

it might have already been said, but I'd argue that when Gitea runs as a server it should pick up user's gitconfig.

I, for one, am running Gitea with a dedicated user, even the docs used to endorse that, if I recall well.

never mind, decisions have been made to change it, so be it, would a symlink in REPO_ROOT_PATH do fine, or do I have to copy the .gitconfig from user's home to REPO_ROOT_PATH?

wxiaoguang commented 2 years ago

The problem is that there will be more and more options be put in the gitconfig in the future, some may affect git's behavior, even security. I believe most developers themselves won't like their own ~/.gitconfig be polluted when developing Gitea. 😊

So, the gitconfig is isolated from the user's personal config file.

would a symlink in REPO_ROOT_PATH do fine, or do I have to copy the .gitconfig from user's home to REPO_ROOT_PATH?

Either of them should work.

wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented 2 years ago

turns out a .gitconfig has already been created in REPO_ROOT_PATH, looking like this:

[user]
[user]
>---email = gitea@fake.local
>---name = Gitea
[core]
>---quotePath = false
>---commitGraph = true
[receive]
>---advertisePushOptions = true
>---procReceiveRefs = refs/for
[gc]
>---writeCommitGraph = true

which is a little different after the changes I did to .gitconfig.. so I just copied those over.

further, I see a .ssh folder in REPO_ROOT_PATH but it's empty. are there plans to also move files such as authorized_keys to REPO_ROOT_PATH?

same applies to GPG (for commit/push signing): there is a new folder in REPO_ROOT_PATH:

nebula ~gitea #  l repos/.gnupg
total 12K
drwx------  2 gitea gitea 4.0K Jun 14 22:52 .
drwxr-x--- 45 gitea gitea 4.0K Jun 13 12:57 ..
-rw-------  1 gitea gitea   32 Jun 13 12:57 pubring.kbx
nebula ~gitea #  l .gnupg
total 24K
drwx------  3 gitea gitea 4.0K Jun 15 12:50 .
drwxr-xr-x 15 gitea gitea 4.0K Jun 15 01:30 ..
drwx------  2 gitea gitea 4.0K Aug  7  2020 private-keys-v1.d
-rw-r--r--  1 gitea gitea 1.9K Aug  7  2020 pubring.kbx
-rw-------  1 gitea gitea   32 Aug  7  2020 pubring.kbx~
-rw-------  1 gitea gitea 1.4K Oct 18  2020 trustdb.gpg

these changes could potentially break some deployments, I'm just saying.

in fact they already did.

(a couple of minutes into thinking about this and tinkering with my instance...)

actually I have to thank you for replying to me, because I have just "fixed" another issue I've been having with Gitea for upwards of a week (not the mirror stuff mentioned elsewhere - #19928): I could not merge in the webUI, I was receiving a bunch of 500s every time I attempted to merge via webUI, couldn't be bothered to closely look at the logs - that is, until now: it was a GPG signing issue thanks to recent changes to .gitconfig:

log of GPG signing issue thanks to recent changes to .gitconfig 
Jun 15 14:08:23 nebula gitea[3326830]: 2022/06/15 14:08:23 ...rvices/pull/merge.go:660:commitAndSignNoAuthor() [E] git commit [wanderer/another-test-repo:renovate/renovate-renovate-32.x -> wanderer/another-test-repo:development]: exit status 128
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         error: gpg failed to sign the data
Jun 15 14:08:23 nebula gitea[3326830]:         fatal: failed to write commit object
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/services/pull/merge.go:660 (0x1b94ece)
Jun 15 14:08:23 nebula gitea[3326830]:                 commitAndSignNoAuthor: log.Error("git commit [%s:%s -> %s:%s]: %v\n%s\n%s", pr.HeadRepo.FullName(), pr.HeadBranch, pr.BaseRepo.FullName(), pr.BaseBranch, err, outbuf.String(), errbuf.String())
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/services/pull/merge.go:402 (0x1b8c924)
Jun 15 14:08:23 nebula gitea[3326830]:                 rawMerge: if err := commitAndSignNoAuthor(ctx, pr, message, signArg, tmpBasePath, env); err != nil {
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/services/pull/merge.go:170 (0x1b894d5)
Jun 15 14:08:23 nebula gitea[3326830]:                 Merge: pr.MergedCommitID, err = rawMerge(mergeCtx, pr, doer, mergeStyle, expectedHeadCommitID, message)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/repo/pull.go:989 (0x202d6a7)
Jun 15 14:08:23 nebula gitea[3326830]:                 MergePullRequest: if err := pull_service.Merge(ctx, pr, ctx.Doer, ctx.Repo.GitRepo, repo_model.MergeStyle(form.Do), form.HeadCommitID, message);err != nil {
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap_convert.go:47 (0x1f42296)
Jun 15 14:08:23 nebula gitea[3326830]:                 convertHandler.func3: t(ctx)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:41 (0x1f404c9)
Jun 15 14:08:23 nebula gitea[3326830]:                 wrapInternal.func1: done, deferrable := handler(resp, req, others...)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/get_head.go:37 (0x1fa67c4)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/context/context.go:800 (0x1b1993a)
Jun 15 14:08:23 nebula gitea[3326830]:                 Contexter.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/base.go:173 (0x2178bb1)
Jun 15 14:08:23 nebula gitea[3326830]:                 Recovery.func1.1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/gitea.com/go-chi/session@v0.0.0-20211218221615-e3605d8b28b8/session.go:257 (0x152437d)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:110 (0x1f413e8)
Jun 15 14:08:23 nebula gitea[3326830]:                 WrapWithPrefix.func1.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:79 (0x1fabdc2)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func2.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/routing/logger_manager.go:123 (0x1f3c1ef)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*requestRecordsManager).handler.func1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/strip.go:30 (0x1fa9538)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/chi-middleware/proxy@v1.1.1/middleware.go:37 (0x1fa5e36)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:32 (0x1fabc12)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func1.1: next.ServeHTTP(context.NewResponse(resp), req.WithContext(ctx))
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:88 (0x17317e1)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/route.go:200 (0x1f3f90d)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*Route).ServeHTTP: r.R.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2916 (0x9428da)
Jun 15 14:08:23 nebula gitea[3326830]:                 serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:1966 (0x93dd96)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/runtime/asm_amd64.s:1571 (0x474260)
Jun 15 14:08:23 nebula gitea[3326830]:                 goexit: BYTE        $0x90        // NOP
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]: 2022/06/15 14:08:23 ...rvices/pull/merge.go:403:rawMerge() [E] Unable to make final commit: git commit [wanderer/another-test-repo:renovate/renovate-renovate-32.x -> wanderer/another-test-repo:development]: exit status 128
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         error: gpg failed to sign the data
Jun 15 14:08:23 nebula gitea[3326830]:         fatal: failed to write commit object
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/services/pull/merge.go:403 (0x1b8c93e)
Jun 15 14:08:23 nebula gitea[3326830]:                 rawMerge: log.Error("Unable to make final commit: %v", err)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/services/pull/merge.go:170 (0x1b894d5)
Jun 15 14:08:23 nebula gitea[3326830]:                 Merge: pr.MergedCommitID, err = rawMerge(mergeCtx, pr, doer, mergeStyle, expectedHeadCommitID, message)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/repo/pull.go:989 (0x202d6a7)
Jun 15 14:08:23 nebula gitea[3326830]:                 MergePullRequest: if err := pull_service.Merge(ctx, pr, ctx.Doer, ctx.Repo.GitRepo, repo_model.MergeStyle(form.Do), form.HeadCommitID, message);err != nil {
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap_convert.go:47 (0x1f42296)
Jun 15 14:08:23 nebula gitea[3326830]:                 convertHandler.func3: t(ctx)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:41 (0x1f404c9)
Jun 15 14:08:23 nebula gitea[3326830]:                 wrapInternal.func1: done, deferrable := handler(resp, req, others...)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/get_head.go:37 (0x1fa67c4)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/context/context.go:800 (0x1b1993a)
Jun 15 14:08:23 nebula gitea[3326830]:                 Contexter.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/base.go:173 (0x2178bb1)
Jun 15 14:08:23 nebula gitea[3326830]:                 Recovery.func1.1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/gitea.com/go-chi/session@v0.0.0-20211218221615-e3605d8b28b8/session.go:257 (0x152437d)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:110 (0x1f413e8)
Jun 15 14:08:23 nebula gitea[3326830]:                 WrapWithPrefix.func1.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:79 (0x1fabdc2)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func2.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/routing/logger_manager.go:123 (0x1f3c1ef)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*requestRecordsManager).handler.func1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/strip.go:30 (0x1fa9538)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/chi-middleware/proxy@v1.1.1/middleware.go:37 (0x1fa5e36)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:32 (0x1fabc12)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func1.1: next.ServeHTTP(context.NewResponse(resp), req.WithContext(ctx))
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:88 (0x17317e1)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/route.go:200 (0x1f3f90d)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*Route).ServeHTTP: r.R.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2916 (0x9428da)
Jun 15 14:08:23 nebula gitea[3326830]:                 serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:1966 (0x93dd96)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/runtime/asm_amd64.s:1571 (0x474260)
Jun 15 14:08:23 nebula gitea[3326830]:                 goexit: BYTE        $0x90        // NOP
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]: 2022/06/15 14:08:23 ...ers/web/repo/pull.go:1051:MergePullRequest() [E] Merge: git commit [wanderer/another-test-repo:renovate/renovate-renovate-32.x -> wanderer/another-test-repo:development]: exit status 128
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         error: gpg failed to sign the data
Jun 15 14:08:23 nebula gitea[3326830]:         fatal: failed to write commit object
Jun 15 14:08:23 nebula gitea[3326830]:
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/repo/pull.go:1051 (0x202dc55)
Jun 15 14:08:23 nebula gitea[3326830]:                 MergePullRequest: ctx.ServerError("Merge", err)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap_convert.go:47 (0x1f42296)
Jun 15 14:08:23 nebula gitea[3326830]:                 convertHandler.func3: t(ctx)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:41 (0x1f404c9)
Jun 15 14:08:23 nebula gitea[3326830]:                 wrapInternal.func1: done, deferrable := handler(resp, req, others...)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/get_head.go:37 (0x1fa67c4)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f4094f)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/context/context.go:800 (0x1b1993a)
Jun 15 14:08:23 nebula gitea[3326830]:                 Contexter.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/web/base.go:173 (0x2178bb1)
Jun 15 14:08:23 nebula gitea[3326830]:                 Recovery.func1.1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/gitea.com/go-chi/session@v0.0.0-20211218221615-e3605d8b28b8/session.go:257 (0x152437d)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/wrap.go:110 (0x1f413e8)
Jun 15 14:08:23 nebula gitea[3326830]:                 WrapWithPrefix.func1.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x173182c)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x17331db)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x17339f5)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:79 (0x1fabdc2)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func2.1: next.ServeHTTP(resp, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/routing/logger_manager.go:123 (0x1f3c1ef)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*requestRecordsManager).handler.func1: next.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/strip.go:30 (0x1fa9538)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/chi-middleware/proxy@v1.1.1/middleware.go:37 (0x1fa5e36)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/routers/common/middleware.go:32 (0x1fabc12)
Jun 15 14:08:23 nebula gitea[3326830]:                 Middlewares.func1.1: next.ServeHTTP(context.NewResponse(resp), req.WithContext(ctx))
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2084 (0x93f2ee)
Jun 15 14:08:23 nebula gitea[3326830]:                 HandlerFunc.ServeHTTP: f(w, r)
Jun 15 14:08:23 nebula gitea[3326830]:         /home/buildusr/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:88 (0x17317e1)
Jun 15 14:08:23 nebula gitea[3326830]:         /opt/gitea/gitea-src/modules/web/route.go:200 (0x1f3f90d)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*Route).ServeHTTP: r.R.ServeHTTP(w, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:2916 (0x9428da)
Jun 15 14:08:23 nebula gitea[3326830]:                 serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/net/http/server.go:1966 (0x93dd96)
Jun 15 14:08:23 nebula gitea[3326830]:                 (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
Jun 15 14:08:23 nebula gitea[3326830]:         /usr/lib/go/src/runtime/asm_amd64.s:1571 (0x474260)
Jun 15 14:08:23 nebula gitea[3326830]:                 goexit: BYTE        $0x90        // NOP

had the .gitconfig not been pulled and created completely anew elsewhere, this wouldn't have happened. at least I was able to "fix" it.

to document fully what I did to fix this:

wxiaoguang commented 2 years ago

I see a .ssh folder in REPO_ROOT_PATH but it's empty. are there plans to also move files such as authorized_keys to REPO_ROOT_PATH?

That .ssh directory at the moment doesn't take effect. The SSH home directory is another complex problem (and it seems more complex than git home directory which has been very complex). Maybe it will take more time to be improved.

these changes could potentially break some deployments, I'm just saying.

sadly ... yes, so the PR has been marked as breaking, there will be a eye-catching notice in the release notes when 1.17 is released.

wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented 2 years ago

That .ssh directory at the moment doesn't take effect. The SSH home directory is another complex problem (and it seems more complex than git home directory which has been very complex). Maybe it will take more time to be improved.

right, will be on the lookout for those changes :eagle:

sadly ... yes, so the issue has been marked as breaking, there will be a eye-catching notice in the release notes when 1.17 is released.

well, I am running master in prod so that's on me to deal with it as it happens. :see_no_evil:

perhaps a couple of additional points could be added to the release notes on how to resolve the situation, at least for other operators' sake.

wxiaoguang commented 2 years ago

Sorry for bothering, I'd like to announce a breaking change between 1.17rc1 and next release.

In 1.17rc1, the Git HOME was [repository].ROOT, which is not good and may cause problems.

So in next release, the PR #20114 introduced a new option [git].HOME_PATH, which is default to %(APP_DATA_PATH)/home.

After upgrading, ⚠️DO REMEMBER⚠️ to backup and remove the legacy .gitconfig, .ssh, .gnupg file/directories in the legacy [repository].ROOT path, and move the .gnupg to the new home, to avoid potential security problems.

Sorry for the inconvenience. 🙏

wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented 2 years ago

So in next release, the PR #20114 introduced a new option [git].HOME_PATH, which is default to %(APP_DATA_PATH)/home.

so to make sure I understand, .gitconfig et al. should be moved from [repository].ROOT (where it had to be moved recently) to %(APP_DATA_PATH)/home?

that is, from ~/.gitconfig et al. at first sitting plainly in Gitea user's home folder (e.g. /home/gitea/ or /var/lib/gitea) those now need to be moved into %(APP_DATA_PATH)/home, which for me would be data/home?

what would happen if I set the newly created [git].HOME_PATH to the gitea user's $HOME? would that help mimic the old-old behaviour or is it more hassle than it's worth?

just as an aside, how have we arrived at this particular (%(APP_DATA_PATH)/home) path? is there a tl;dr or do I have to sift through the chat logs (might be handy to archive key excerpts of conversations as part(s) of commit messages in case the chat service ever died...)?

I'll probably try my old trick - symlinking relevant files/folders in there, it worked last time. in case there are any arguments against that, I'd be glad to know.

wxiaoguang commented 2 years ago

So in next release, the PR #20114 introduced a new option [git].HOME_PATH, which is default to %(APP_DATA_PATH)/home.

so to make sure I understand, .gitconfig et al. should be moved from [repository].ROOT (where it had to be moved recently) to %(APP_DATA_PATH)/home? that is, from ~/.gitconfig et al. at first sitting plainly in Gitea user's home folder (e.g. /home/gitea/ or /var/lib/gitea) those now need to be moved into %(APP_DATA_PATH)/home, which for me would be data/home?

Yes

what would happen if I set the newly created [git].HOME_PATH to the gitea user's $HOME? would that help mimic the old-old behaviour or is it more hassle than it's worth?

That's fine, setting the git.HOME_PATH to the existing git home also works and then you need to do nothing more to upgrade from 1.16.x

just as an aside, how have we arrived at this particular (%(APP_DATA_PATH)/home) path? is there a tl;dr or do I have to sift through the chat logs (might be handy to archive key excerpts of conversations as part(s) of commit messages in case the chat service ever died...)?

I'll probably try my old trick - symlinking relevant files/folders in there, it worked last time. in case there are any arguments against that, I'd be glad to know.

symlinking is also fine.

the full story is pretty long:

  1. Gitea must have its own home directory for git, otherwise it conflicts with current user's gitconfig and may cause various problems. eg:
  2. In 1.17rc-1, using repository.ROOT is not ideal (indeed, it will be incorrect in the end)
  3. Then there must be a new home, that's how git.HOME_PATH comes
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf commented 2 years ago

thanks for the reply @wxiaoguang, that's a rather lengthy process.. still, I am glad it's configurable in the end.

for anyone interested, I just tried replicating the original way of doing things (now I sound old-manish) by simply setting [git].HOME_PATH to $HOME of user gitea (/var/lib/gitea in my case) and it worked (tried merging w/ signed commits in the webUI) perfectly the first time :rocket:

did't even need to symlink anything anywhere.

justusbunsi commented 2 years ago

thanks for the reply @wxiaoguang, that's a rather lengthy process.. still, I am glad it's configurable in the end.

for anyone interested, I just tried replicating the original way of doing things (now I sound old-manish) by simply setting [git].HOME_PATH to $HOME of user gitea (/var/lib/gitea in my case) and it worked (tried merging w/ signed commits in the webUI) perfectly the first time :rocket:

did't even need to symlink anything anywhere.

That was the plan. 👍

AstroGD commented 1 year ago

Hey there, I'm having the exact same issue described here and I tried everything mentioned here but Ijust can't get signing to work.

I have generated a gpg key (gpg --list-keys shows the key) I added the last 8 characters of the fingerprint to the git config which looks like this:

[user]
        name = Gitea key
        email = internal@git.example.org
        signingkey = 165E3BEA
[core]
        quotePath = false
        commitGraph = true
[receive]
        advertisePushOptions = true
        procReceiveRefs = refs/for
[gc]
        writeCommitGraph = true
[fetch]
        writeCommitGraph = true
[safe]
        directory = *
[commit]
        gpgsign = true

I added the respective config to app.ini:

[repository.signing]
DEFAULT_TRUST_MODEL = collaboratorcommitter
SIGNING_KEY = default
INITIAL_COMMIT = always
CRUD_ACTIONS = pubkey, twofa, parentsigned
WIKI = never
MERGES = pubkey, twofa, commitssigned

My [git].HOME_PATH is set to /data/gitea/home/ and contains both .gitconfig file and .gnupg folder My [repository].ROOT is set to /data/git/repositories and contains symlinks to both .gitconfig file and .gnupg folder I also symlinked both to /root so that git -l shows the correct config

I generated the pgp key using gpg --gen-key without a passphrase and the same name and email as set in config

Every time I try to sign something using the Web UI I get an error code 405 and the following error within logs:

2022/12/07 03:06:26 ...rvices/pull/merge.go:653:commitAndSignNoAuthor() [E] git commit [automation/deploy-docker:feature/init-files -> automation/deploy-docker:dev]: exit status 128
gitea     | 
gitea     |     error: gpg failed to sign the data
gitea     |     fatal: failed to write commit object
gitea     | 
gitea     | 2022/12/07 03:06:26 ...rvices/pull/merge.go:396:rawMerge() [E] Unable to make final commit: git commit [automation/deploy-docker:feature/init-files -> automation/deploy-docker:dev]: exit status 128
gitea     | 
gitea     |     error: gpg failed to sign the data
gitea     |     fatal: failed to write commit object
gitea     | 
gitea     | 2022/12/07 03:06:26 ...ers/web/repo/pull.go:1053:MergePullRequest() [E] Merge: git commit [automation/deploy-docker:feature/init-files -> automation/deploy-docker:dev]: exit status 128
gitea     | 
gitea     |     error: gpg failed to sign the data
gitea     |     fatal: failed to write commit object
gitea     | 
gitea     | 2022/12/07 03:06:26 router: completed POST /automation/deploy-docker/pulls/1/merge for 162.158.86.93:0, 500 Internal Server Error in 251.4ms @ repo/pull.go:891(repo.MergePullRequest)

I am running gitea using docker and docker-compose. This is my docker-compose.yml:

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:1
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database____DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=$DB_PASSWORD
    restart: always
    networks:
      - gitea
    volumes:
      - ./data/gitea:/data
      - ./data/root:/root
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - $PORT:3000
    depends_on:
      - db
  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=$DB_PASSWORD
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - ./data/postgres:/var/lib/postgresql/data

This is the only issue or mention I could find that somewhat mentions my problem. Is there something I'm missing or doing wrong?