root
472 lines
12 KiB
Go
472 lines
12 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package rpm
|
|
|
|
import (
|
|
stdctx "context"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"strings"
|
|
"time"
|
|
|
|
"gitea.dev/models/db"
|
|
packages_model "gitea.dev/models/packages"
|
|
"gitea.dev/modules/json"
|
|
packages_module "gitea.dev/modules/packages"
|
|
rpm_module "gitea.dev/modules/packages/rpm"
|
|
"gitea.dev/modules/setting"
|
|
"gitea.dev/modules/util"
|
|
"gitea.dev/routers/api/packages/helper"
|
|
"gitea.dev/services/context"
|
|
notify_service "gitea.dev/services/notify"
|
|
packages_service "gitea.dev/services/packages"
|
|
rpm_service "gitea.dev/services/packages/rpm"
|
|
)
|
|
|
|
func apiError(ctx *context.Context, status int, obj any) {
|
|
message := helper.ProcessErrorForUser(ctx, status, obj)
|
|
ctx.PlainText(status, message)
|
|
}
|
|
|
|
// https://dnf.readthedocs.io/en/latest/conf_ref.html
|
|
func GetRepositoryConfig(ctx *context.Context) {
|
|
group := ctx.PathParam("group")
|
|
|
|
var groupParts []string
|
|
if group != "" {
|
|
groupParts = strings.Split(group, "/")
|
|
}
|
|
|
|
url := fmt.Sprintf("%sapi/packages/%s/rpm", setting.AppURL, ctx.Package.Owner.Name)
|
|
|
|
ctx.PlainText(http.StatusOK, `[gitea-`+strings.Join(append([]string{ctx.Package.Owner.LowerName}, groupParts...), "-")+`]
|
|
name=`+strings.Join(append([]string{ctx.Package.Owner.Name, setting.AppName}, groupParts...), " - ")+`
|
|
baseurl=`+strings.Join(append([]string{url}, groupParts...), "/")+`
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=`+url+`/repository.key`)
|
|
}
|
|
|
|
// Gets or creates the PGP public key used to sign repository metadata files
|
|
func GetRepositoryKey(ctx *context.Context) {
|
|
_, pub, err := rpm_service.GetOrCreateKeyPair(ctx, ctx.Package.Owner.ID)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
ctx.ServeContent(strings.NewReader(pub), context.ServeHeaderOptions{
|
|
ContentType: "application/pgp-keys",
|
|
Filename: "repository.key",
|
|
})
|
|
}
|
|
|
|
func CheckRepositoryFileExistence(ctx *context.Context) {
|
|
pv, err := rpm_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
pf, err := packages_model.GetFileForVersionByName(ctx, pv.ID, ctx.PathParam("filename"), ctx.PathParam("group"))
|
|
if err != nil {
|
|
if errors.Is(err, util.ErrNotExist) {
|
|
ctx.Status(http.StatusNotFound)
|
|
} else {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
ctx.SetServeHeaders(context.ServeHeaderOptions{
|
|
Filename: pf.Name,
|
|
LastModified: pf.CreatedUnix.AsLocalTime(),
|
|
})
|
|
ctx.Status(http.StatusOK)
|
|
}
|
|
|
|
// Gets a pre-generated repository metadata file
|
|
func GetRepositoryFile(ctx *context.Context) {
|
|
pv, err := rpm_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
|
|
ctx,
|
|
pv,
|
|
&packages_service.PackageFileInfo{
|
|
Filename: ctx.PathParam("filename"),
|
|
CompositeKey: ctx.PathParam("group"),
|
|
},
|
|
ctx.Req.Method,
|
|
)
|
|
if err != nil {
|
|
if errors.Is(err, util.ErrNotExist) {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
} else {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
helper.ServePackageFile(ctx, s, u, pf)
|
|
}
|
|
|
|
func UploadPackageFile(ctx *context.Context) {
|
|
upload, needToClose, err := ctx.UploadStream()
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
if needToClose {
|
|
defer upload.Close()
|
|
}
|
|
|
|
buf, err := packages_module.CreateHashedBufferFromReader(upload)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
defer buf.Close()
|
|
|
|
if setting.Packages.DefaultRPMSignEnabled || ctx.FormBool("sign") {
|
|
priv, _, err := rpm_service.GetOrCreateKeyPair(ctx, ctx.Package.Owner.ID)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
signedBuf, err := rpm_service.SignPackage(buf, priv)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusBadRequest, err)
|
|
return
|
|
}
|
|
defer signedBuf.Close()
|
|
|
|
buf = signedBuf
|
|
}
|
|
|
|
pck, err := rpm_module.ParsePackage(buf)
|
|
if err != nil {
|
|
if errors.Is(err, util.ErrInvalidArgument) {
|
|
apiError(ctx, http.StatusBadRequest, err)
|
|
} else {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
if _, err := buf.Seek(0, io.SeekStart); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
fileMetadataRaw, err := json.Marshal(pck.FileMetadata)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
group := ctx.PathParam("group")
|
|
_, _, err = packages_service.CreatePackageOrAddFileToExisting(
|
|
ctx,
|
|
&packages_service.PackageCreationInfo{
|
|
PackageInfo: packages_service.PackageInfo{
|
|
Owner: ctx.Package.Owner,
|
|
PackageType: packages_model.TypeRpm,
|
|
Name: pck.Name,
|
|
Version: pck.Version,
|
|
},
|
|
Creator: ctx.Doer,
|
|
Metadata: pck.VersionMetadata,
|
|
},
|
|
&packages_service.PackageFileCreationInfo{
|
|
PackageFileInfo: packages_service.PackageFileInfo{
|
|
Filename: fmt.Sprintf("%s-%s.%s.rpm", pck.Name, pck.Version, pck.FileMetadata.Architecture),
|
|
CompositeKey: group,
|
|
},
|
|
Creator: ctx.Doer,
|
|
Data: buf,
|
|
IsLead: true,
|
|
Properties: map[string]string{
|
|
rpm_module.PropertyGroup: group,
|
|
rpm_module.PropertyArchitecture: pck.FileMetadata.Architecture,
|
|
rpm_module.PropertyMetadata: string(fileMetadataRaw),
|
|
},
|
|
},
|
|
)
|
|
if err != nil {
|
|
switch err {
|
|
case packages_model.ErrDuplicatePackageVersion, packages_model.ErrDuplicatePackageFile:
|
|
apiError(ctx, http.StatusConflict, err)
|
|
case packages_service.ErrQuotaTotalCount, packages_service.ErrQuotaTypeSize, packages_service.ErrQuotaTotalSize:
|
|
apiError(ctx, http.StatusForbidden, err)
|
|
default:
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if err := rpm_service.BuildSpecificRepositoryFiles(ctx, ctx.Package.Owner.ID, group); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
ctx.Status(http.StatusCreated)
|
|
}
|
|
|
|
func DownloadPackageFile(ctx *context.Context) {
|
|
name := ctx.PathParam("name")
|
|
version := ctx.PathParam("version")
|
|
architecture := ctx.PathParam("architecture")
|
|
group := ctx.PathParam("group")
|
|
|
|
openForDownload := func(filename string) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
|
|
return packages_service.OpenFileForDownloadByPackageNameAndVersion(
|
|
ctx,
|
|
&packages_service.PackageInfo{
|
|
Owner: ctx.Package.Owner,
|
|
PackageType: packages_model.TypeRpm,
|
|
Name: name,
|
|
Version: version,
|
|
},
|
|
&packages_service.PackageFileInfo{
|
|
Filename: filename,
|
|
CompositeKey: group,
|
|
},
|
|
ctx.Req.Method,
|
|
)
|
|
}
|
|
|
|
s, u, pf, err := openForDownload(fmt.Sprintf("%s-%s.%s.rpm", name, version, architecture))
|
|
if errors.Is(err, util.ErrNotExist) && architecture != "noarch" {
|
|
s, u, pf, err = openForDownload(fmt.Sprintf("%s-%s.%s.rpm", name, version, "noarch"))
|
|
}
|
|
|
|
if errors.Is(err, util.ErrNotExist) {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
return
|
|
} else if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
helper.ServePackageFile(ctx, s, u, pf)
|
|
}
|
|
|
|
func DeletePackageFile(webctx *context.Context) {
|
|
group := webctx.PathParam("group")
|
|
name := webctx.PathParam("name")
|
|
version := webctx.PathParam("version")
|
|
architecture := webctx.PathParam("architecture")
|
|
|
|
var pd *packages_model.PackageDescriptor
|
|
|
|
err := db.WithTx(webctx, func(ctx stdctx.Context) error {
|
|
pv, err := packages_model.GetVersionByNameAndVersion(ctx,
|
|
webctx.Package.Owner.ID,
|
|
packages_model.TypeRpm,
|
|
name,
|
|
version,
|
|
)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
pf, err := packages_model.GetFileForVersionByName(
|
|
ctx,
|
|
pv.ID,
|
|
fmt.Sprintf("%s-%s.%s.rpm", name, version, architecture),
|
|
group,
|
|
)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := packages_service.DeletePackageFile(ctx, pf); err != nil {
|
|
return err
|
|
}
|
|
|
|
has, err := packages_model.HasVersionFileReferences(ctx, pv.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !has {
|
|
pd, err = packages_model.GetPackageDescriptor(ctx, pv)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
if errors.Is(err, util.ErrNotExist) {
|
|
apiError(webctx, http.StatusNotFound, err)
|
|
} else {
|
|
apiError(webctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if pd != nil {
|
|
notify_service.PackageDelete(webctx, webctx.Doer, pd)
|
|
}
|
|
|
|
if err := rpm_service.BuildSpecificRepositoryFiles(webctx, webctx.Package.Owner.ID, group); err != nil {
|
|
apiError(webctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
webctx.Status(http.StatusNoContent)
|
|
}
|
|
|
|
// UploadErrata handles uploading errata information for a package version
|
|
func UploadErrata(ctx *context.Context) {
|
|
name := ctx.PathParam("name")
|
|
version := ctx.PathParam("version")
|
|
group := ctx.PathParam("group")
|
|
|
|
var updates []*rpm_module.Update
|
|
if err := json.NewDecoder(ctx.Req.Body).Decode(&updates); err != nil {
|
|
apiError(ctx, http.StatusBadRequest, err)
|
|
return
|
|
}
|
|
|
|
pv, err := packages_model.GetVersionByNameAndVersion(ctx,
|
|
ctx.Package.Owner.ID,
|
|
packages_model.TypeRpm,
|
|
name,
|
|
version,
|
|
)
|
|
if err != nil {
|
|
if errors.Is(err, util.ErrNotExist) {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
} else {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
var vm *rpm_module.VersionMetadata
|
|
if pv.MetadataJSON != "" {
|
|
if err := json.Unmarshal([]byte(pv.MetadataJSON), &vm); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
} else {
|
|
vm = &rpm_module.VersionMetadata{}
|
|
}
|
|
|
|
now := time.Now().Format("2006-01-02 15:04:05")
|
|
for _, u := range updates {
|
|
if u == nil {
|
|
continue
|
|
}
|
|
|
|
// Sanitize to remove nil elements from JSON payload
|
|
var cleanPkgList []*rpm_module.Collection
|
|
for _, coll := range u.PkgList {
|
|
if coll == nil {
|
|
continue
|
|
}
|
|
var cleanPackages []*rpm_module.UpdatePackage
|
|
for _, pkg := range coll.Packages {
|
|
if pkg == nil {
|
|
continue
|
|
}
|
|
cleanPackages = append(cleanPackages, pkg)
|
|
}
|
|
coll.Packages = cleanPackages
|
|
cleanPkgList = append(cleanPkgList, coll)
|
|
}
|
|
u.PkgList = cleanPkgList
|
|
|
|
found := false
|
|
for i, existing := range vm.Updates {
|
|
if existing.ID == u.ID {
|
|
// Merge PkgList with deduplication
|
|
for _, newColl := range u.PkgList {
|
|
if newColl == nil {
|
|
continue
|
|
}
|
|
collFound := false
|
|
for j, existingColl := range existing.PkgList {
|
|
if existingColl.Short == newColl.Short {
|
|
// Merge packages
|
|
for _, newPkg := range newColl.Packages {
|
|
if newPkg == nil {
|
|
continue
|
|
}
|
|
pkgFound := false
|
|
for _, existingPkg := range existingColl.Packages {
|
|
if existingPkg.Name == newPkg.Name &&
|
|
existingPkg.Version == newPkg.Version &&
|
|
existingPkg.Release == newPkg.Release &&
|
|
existingPkg.Arch == newPkg.Arch {
|
|
pkgFound = true
|
|
break
|
|
}
|
|
}
|
|
if !pkgFound {
|
|
vm.Updates[i].PkgList[j].Packages = append(vm.Updates[i].PkgList[j].Packages, newPkg)
|
|
}
|
|
}
|
|
collFound = true
|
|
break
|
|
}
|
|
}
|
|
if !collFound {
|
|
vm.Updates[i].PkgList = append(vm.Updates[i].PkgList, newColl)
|
|
}
|
|
}
|
|
vm.Updates[i].From = u.From
|
|
vm.Updates[i].Status = u.Status
|
|
vm.Updates[i].Type = u.Type
|
|
vm.Updates[i].Version = u.Version
|
|
vm.Updates[i].Title = u.Title
|
|
vm.Updates[i].Severity = u.Severity
|
|
vm.Updates[i].Description = u.Description
|
|
vm.Updates[i].References = u.References
|
|
vm.Updates[i].Updated = &rpm_module.DateAttr{Date: now}
|
|
found = true
|
|
break
|
|
}
|
|
}
|
|
if !found {
|
|
if u.Issued == nil {
|
|
u.Issued = &rpm_module.DateAttr{Date: now}
|
|
}
|
|
if u.Updated == nil {
|
|
u.Updated = &rpm_module.DateAttr{Date: now}
|
|
}
|
|
vm.Updates = append(vm.Updates, u)
|
|
}
|
|
}
|
|
|
|
vmBytes, err := json.Marshal(vm)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
pv.MetadataJSON = string(vmBytes)
|
|
if err := packages_model.UpdateVersion(ctx, pv); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
if err := rpm_service.BuildSpecificRepositoryFiles(ctx, ctx.Package.Owner.ID, group); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
ctx.Status(http.StatusOK)
|
|
}
|