diff options
| author | zeripath <art27@cantab.net> | 2020-01-15 08:32:57 +0000 |
|---|---|---|
| committer | Antoine GIRARD <sapk@users.noreply.github.com> | 2020-01-15 09:32:57 +0100 |
| commit | 66ee9b87f9aaabef836ec72bfaf8032b359b29c1 (patch) | |
| tree | b6d134fb5ccc83c4b7ddad6a0eb6206496cc8b76 /services/pull | |
| parent | 6b1fa1235904947187266789b204f19bc03872be (diff) | |
| download | gitea-66ee9b87f9aaabef836ec72bfaf8032b359b29c1.tar.gz gitea-66ee9b87f9aaabef836ec72bfaf8032b359b29c1.zip | |
Add require signed commit for protected branch (#9708)
* Add require signed commit for protected branch
* Fix fmt
* Make editor show if they will be signed
* bugfix
* Add basic merge check and better information for CRUD
* linting comment
* Add descriptors to merge signing
* Slight refactor
* Slight improvement to appearances
* Handle Merge API
* manage CRUD API
* Move error to error.go
* Remove fix to delete.go
* prep for merge
* need to tolerate \r\n in message
* check protected branch before trying to load it
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* fix commit-reader
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Diffstat (limited to 'services/pull')
| -rw-r--r-- | services/pull/merge.go | 17 | ||||
| -rw-r--r-- | services/pull/patch.go | 3 |
2 files changed, 18 insertions, 2 deletions
diff --git a/services/pull/merge.go b/services/pull/merge.go index e825c3fdd1..f6f0abe836 100644 --- a/services/pull/merge.go +++ b/services/pull/merge.go @@ -158,7 +158,7 @@ func Merge(pr *models.PullRequest, doer *models.User, baseGitRepo *git.Repositor // Determine if we should sign signArg := "" if version.Compare(binVersion, "1.7.9", ">=") { - sign, keyID := pr.SignMerge(doer, tmpBasePath, "HEAD", trackingBranch) + sign, keyID, _ := pr.SignMerge(doer, tmpBasePath, "HEAD", trackingBranch) if sign { signArg = "-S" + keyID } else if version.Compare(binVersion, "2.0.0", ">=") { @@ -470,6 +470,21 @@ func getDiffTree(repoPath, baseBranch, headBranch string) (string, error) { return out.String(), nil } +// IsSignedIfRequired check if merge will be signed if required +func IsSignedIfRequired(pr *models.PullRequest, doer *models.User) (bool, error) { + if err := pr.LoadProtectedBranch(); err != nil { + return false, err + } + + if pr.ProtectedBranch == nil || !pr.ProtectedBranch.RequireSignedCommits { + return true, nil + } + + sign, _, err := pr.SignMerge(doer, pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitRefName()) + + return sign, err +} + // IsUserAllowedToMerge check if user is allowed to merge PR with given permissions and branch protections func IsUserAllowedToMerge(pr *models.PullRequest, p models.Permission, user *models.User) (bool, error) { if p.IsAdmin() { diff --git a/services/pull/patch.go b/services/pull/patch.go index 1dbeb81c01..815263e898 100644 --- a/services/pull/patch.go +++ b/services/pull/patch.go @@ -162,7 +162,7 @@ func TestPatch(pr *models.PullRequest) error { RunInDirTimeoutEnvFullPipelineFunc( nil, -1, tmpBasePath, nil, stderrWriter, nil, - func(ctx context.Context, cancel context.CancelFunc) { + func(ctx context.Context, cancel context.CancelFunc) error { _ = stderrWriter.Close() const prefix = "error: patch failed:" const errorPrefix = "error: " @@ -199,6 +199,7 @@ func TestPatch(pr *models.PullRequest) error { } } _ = stderrReader.Close() + return nil }) if err != nil { |