Commit graph

94 commits

Author SHA1 Message Date
Earl Warren b1e78f0354 Merge pull request 'Update redis Docker tag to v7.2.5' (#3896) from renovate/redis-7.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3896
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-25 08:40:32 +00:00
Earl Warren 98be7826a3
chore(dependency): pin redis to 7.2 for testing
There is no need to pin a specific patch version for testing. The
worst that can happen in this context is that the CI fails and it can
be addressed in this context. It will not impact releases.
2024-05-25 08:25:51 +02:00
Renovate Bot 3b0501e69f Update code.forgejo.org/oci/alpine Docker tag to v3.20 2024-05-25 02:05:40 +00:00
Renovate Bot 237362ddd3 Update redis Docker tag to v7.2.5 2024-05-25 00:05:17 +00:00
Renovate Bot f5157085aa Update ghcr.io/visualon/renovate Docker tag to v37.374.3 2024-05-22 20:06:04 +00:00
Victoria Nadasdi df0d1a2134 feat: parse prefix from redis URI for queues (#3836)
For security reasons, scoping access to a redis server via ACL rules is
a good practice. Some parts of the codebase handles prefix like cache[^1]
and session[^2], but the queue module doesn't.

This patch adds this missing functionality to the queue module.

Note about relevant test:
I tried to keep the PR as small as possible (and reasonable), and not
change how the test runs. Updated the existing test to use the same
redis address and basically duplicated the test with the extra flag. It
does NOT test if the keys are correct, it ensures only it works as
expected. To make assertions about the keys, the whole test has to be
updated as the general wrapper doesn't allow the main test to check
anything provider (redis) specific property. That's not something I
wanted to take on now.

[^1]: e4c3c039be/modules/cache/cache_redis.go (L139-L150)
[^2]: e4c3c039be/modules/session/redis.go (L122-L129)

Signed-off-by: Victoria Nadasdi <victoria@efertone.me>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3836
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Victoria Nadasdi <victoria@efertone.me>
Co-committed-by: Victoria Nadasdi <victoria@efertone.me>
2024-05-20 14:10:54 +00:00
Earl Warren b88bae5c5a Merge pull request 'Enable renovate osv vulnerability alerts' (#2788) from viceice/forgejo:chore/renovate into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2788
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-14 12:01:47 +00:00
Renovate Bot 159474ff23 Update ghcr.io/visualon/renovate Docker tag to v37.359.0 2024-05-14 10:03:32 +00:00
Michael Kriese 06725504a3
Enable renovate osv vulnerability alerts 2024-05-14 09:42:22 +02:00
Renovate Bot 8e1a6d8e73 Update ghcr.io/visualon/renovate Docker tag to v37.351.2 2024-05-08 20:05:21 +00:00
Renovate Bot 73031f4b80 Update ghcr.io/visualon/renovate Docker tag to v37.340.9 2024-05-05 02:04:30 +00:00
Renovate Bot 15978d4d07 Update ghcr.io/visualon/renovate Docker tag to v37.330.1 2024-05-01 06:02:32 +00:00
Renovate Bot a3be70f0a5 Update ghcr.io/visualon/renovate Docker tag to v37.323.3 2024-04-26 04:02:40 +00:00
Earl Warren aa66d0a0eb
test(ldap): add LDAP tests 2024-04-24 22:06:32 +02:00
Renovate Bot 56831d345d Update ghcr.io/visualon/renovate Docker tag to v37.316.2 2024-04-22 12:03:00 +00:00
Earl Warren 9303f8e72d
ci(renovate): fix step names (take 2) 2024-04-18 20:08:27 +02:00
Earl Warren c7b8a434c3 Merge pull request 'ci(renovate): fix step names' (#3311) from viceice/forgejo:ci/renovate/fix-step-names into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3311
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-18 14:04:19 +00:00
Renovate Bot 0f078ba4c9 Update ghcr.io/visualon/renovate Docker tag to v37.305.0 2024-04-18 11:25:53 +00:00
Michael Kriese 1f4915692b
ci(renovate): fix step names 2024-04-18 13:22:51 +02:00
Renovate Bot ca2473e895 Update ghcr.io/visualon/renovate Docker tag to v37.303.2 2024-04-17 16:05:21 +00:00
Earl Warren 97189d41f3
fix(release): add missing ARG RELEASE_VERSION
The ARG RELEASE_VERSION set in the build-env image does not propagate
to the images that follow. As a result the value of the version label
is always empty.

This should have been caught by the test in the CI but although it
notified the problem in the output, it did not fail. Upgrade to the
forgejo-build-publish version that fixes this false positive.
2024-04-17 17:16:53 +02:00
Earl Warren 028d19c0fe
feat(release): add OCI labels to container images 2024-04-16 17:50:57 +02:00
Earl Warren 3d2fa4930d Merge pull request 'Update ghcr.io/visualon/renovate Docker tag to v37.296.0' (#3221) from renovate/ghcr.io-visualon-renovate-37.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3221
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-04-15 17:25:56 +00:00
Earl Warren bd431f64f6
[CI] configure backport to comment on the PR on failure 2024-04-15 18:23:57 +02:00
Renovate Bot 84b3136f26 Update ghcr.io/visualon/renovate Docker tag to v37.296.0 2024-04-15 16:07:18 +00:00
Renovate Bot 2059abd9c0 Update ghcr.io/visualon/renovate Docker tag to v37.290.1 2024-04-13 00:04:43 +00:00
Earl Warren 9ef05fec5d Merge pull request 'Update forgejo/forgejo-build-publish action to v5' (#3182) from renovate/forgejo-forgejo-build-publish-5.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3182
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-12 12:22:24 +00:00
Renovate Bot d7ae60ae91 Update forgejo/forgejo-build-publish action to v5 2024-04-12 10:19:15 +00:00
Earl Warren 0355f63a48
[CI] backport upgrade to git-backporting@v4.8.0
* no-auto-squash: true so it DTRT for merged & squashed PRs
* target-branch-pattern: replaces the ad-hoc logic to determine the
  target branch name

It also now supports backporting to multiple branches. This is not
going to be immediately useful but will greatly help in three months
when there are two releases receiving backports.
2024-04-11 10:15:38 +02:00
Renovate Bot 90b160dd34 Update ghcr.io/visualon/renovate Docker tag to v37.282.1 2024-04-11 00:04:53 +00:00
Renovate Bot 6b7aaad986 Update ghcr.io/visualon/renovate Docker tag to v37.280.0 2024-04-08 14:05:06 +00:00
Earl Warren b7303cd3b5 Merge pull request 'Run Renovate more often' (#3108) from viceice/forgejo:chore/renovate-settings into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3108
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-08 08:11:32 +00:00
Michael Kriese cca2141078
Run Renovate more often 2024-04-08 09:19:58 +02:00
Michael Kriese ad9af34f99
Fix renovate cache 2024-04-08 08:47:02 +02:00
Earl Warren dbdab1bc60 Merge pull request 'Update bitnami/minio Docker tag to v2024.3.30' (#2917) from renovate/bitnami-minio-2024.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2917
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-04-06 07:20:08 +00:00
Earl Warren 262533570f
Revert "[CI] pin go v1.22.2 version"
The golang action now knows about the latest Go version.

This reverts commit 3509242ee6.
2024-04-05 05:31:00 +02:00
Earl Warren 3509242ee6
[CI] pin go v1.22.2 version
Because setup-go fails to pick it up. It usually happens within 24h
and this commit can be reverted then.
2024-04-04 06:45:48 +02:00
Earl Warren 6c7179355e
[CI] backport auto-squash detection and -x
* Behaves as it should with merge & squashed pull requests
* Cherry-pick commits with -x for traceability

Refs: https://github.com/kiegroup/git-backporting/issues/113
2024-04-03 08:18:39 +02:00
Renovate Bot 59bb7c2bf0 Update ghcr.io/visualon/renovate Docker tag to v37.278.0 2024-04-03 02:06:10 +00:00
Earl Warren 21dda0d1f7
[CI] backport workaround to cherry-pick in order
Refs: https://github.com/kiegroup/git-backporting/issues/114
2024-04-01 17:48:39 +02:00
Earl Warren 9bd55ced76 Merge pull request '[CI] backport workaround to avoid duplicated job runs' (#2934) from earl-warren/forgejo:wip-backport-workaround into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2934
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-03-31 19:02:54 +00:00
Earl Warren d9b5df89e3
[CI] backport workaround to avoid duplicated job runs
Refs: https://codeberg.org/forgejo/forgejo/issues/2009
2024-03-31 17:34:21 +02:00
Earl Warren 7aa686d979
[CI] backport: show event information for debug purposes
It will help figure out why two runs of testing happen when a backport
PR is open.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2922
Refs: https://codeberg.org/forgejo/forgejo/issues/2009
2024-03-31 07:27:23 +02:00
Renovate Bot 7ec39aa756 Update bitnami/minio Docker tag to v2024.3.30 2024-03-31 02:07:27 +00:00
Earl Warren bbf612b3a8 Merge pull request '[CI] run renovate daily instead of every 30 minutes' (#2913) from earl-warren/forgejo:wip-renovate into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2913
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-30 16:49:20 +00:00
Earl Warren ae5e0c0ff6
[CI] run renovate daily instead of every 30 minutes
It was necessary in the debug period to help with a faster debug
loop. Now that it works reliably, there is no need for renovate
updates more than once a day.

It will still possible to force a run, should it be necessary, by
re-running the last scheduled job.
2024-03-30 17:48:08 +01:00
Earl Warren d8ab364889
[CI] allow backports to be launched on merged pull requests
The intention was good initially but the expression was wrong for two
reasons:

* When a pull_request event is received for a labeled action, the
  match should be github.event.action == 'label_updated' and not
  'labeled'
* The event does not have a github.event.label field and
  contains(github.event.label.name, 'backport/v') will always be
  false.

Since the expression is only evaluated in the context of a merged pull
request, either because it was just closed or because it was labeled
after the fact, the only verification that is needed is to assert that
there is at least one `backport/v*` label.
2024-03-30 13:35:56 +01:00
Earl Warren ffdba30a62
[CI] backport strategy must fail when it conflicts
strategy: ort

The strategy is changed from "recursive" to "ort", which is the
default for git >= 2.43.2 and claims to reduce the likelyhood of
conflicts according to man git-merge:

> This has been reported to result in fewer merge conflicts without
> causing mismerges...

strategy-option: find-renames

The default option are the same for both strategies and "theirs" will:

> This option forces conflicting hunks to be auto-resolved
> cleanly by favoring their version.

"their" being whatever is not in the commits being cherry-picked.

In the context of Forgejo backports, this is not what is desired:
whenever a conflict happens it needs to be manually resolved and
prefering whatever is in the stable branch will not lead to a sane
backport.

It is changed back to "find-renames" which is documented to be the
default:

> Turn on rename detection, optionally setting the similarity
> threshold. This is the default.

Fixes: https://codeberg.org/forgejo/forgejo/issues/2886
2024-03-30 10:34:23 +01:00
Renovate Bot e3570ec3e3 Update ghcr.io/visualon/renovate Docker tag to v37.272.0 2024-03-27 07:32:23 +00:00
Michael Kriese b561c02b56
Update renovate config 2024-03-25 14:52:42 +01:00