0
0
mirror of https://github.com/go-gitea/gitea.git synced 2025-01-18 04:54:18 +01:00
Go to file
zeripath fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
.github Display Github support button (#7343) 2019-07-02 12:06:25 +02:00
assets
cmd Restore Graceful Restarting & Socket Activation (#7274) 2019-10-15 14:39:51 +01:00
contrib Update the provided gitea.service to mention socket activation (#8531) 2019-10-16 08:29:50 +01:00
custom/conf Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
docker Fix #8453 by making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477) 2019-10-12 23:45:00 +08:00
docs Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
integrations Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
models Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
modules Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
options Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
public Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
routers Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
scripts
services Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
snap
templates Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
vendor upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501) 2019-10-15 22:24:16 +01:00
.changelog.yml
.drone.yml use go 1.13 (#8088) 2019-09-12 14:58:32 +03:00
.editorconfig
.eslintrc convert all js var to let/const (#7464) 2019-07-16 09:51:46 +08:00
.gitattributes
.gitignore Move migrating repository from frontend to backend (#6200) 2019-10-13 21:23:14 +08:00
.golangci.yml Update golangci to v1.20 (#8432) 2019-10-08 16:42:30 -04:00
.lgtm
.npmrc add 'npm' and 'npm-update' make targets and lockfile (#7246) 2019-06-18 22:59:47 -04:00
.revive.toml
.stylelintrc replace lesshint with stylelint (#7305) 2019-06-27 08:36:36 +02:00
BSDmakefile
CHANGELOG.md Changelog for 1.10.0-RC1 (#8510) 2019-10-14 20:34:21 +01:00
CONTRIBUTING.md Update CONTRIBUTING.md with information about DCO (#7397) 2019-07-17 16:03:16 -04:00
DCO
Dockerfile use go 1.13 (#8088) 2019-09-12 14:58:32 +03:00
go.mod upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501) 2019-10-15 22:24:16 +01:00
go.sum upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501) 2019-10-15 22:24:16 +01:00
LICENSE
main.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
MAINTAINERS add 6543 to maintainers (#8417) 2019-10-07 22:03:44 -04:00
Makefile Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) 2019-10-16 14:42:42 +01:00
package-lock.json Update JS dependencies (#8051) 2019-09-02 17:02:53 -04:00
package.json Update JS dependencies (#8051) 2019-09-02 17:02:53 -04:00
README_ZH.md add crowdin badge (#8447) 2019-10-09 22:16:58 -04:00
README.md add crowdin badge (#8447) 2019-10-09 22:16:58 -04:00
tools.go Use vendored go-swagger (#8087) 2019-09-04 22:53:54 +03:00

简体中文

Gitea - Git with a cup of tea

Build Status Join the Discord chat at https://discord.gg/NsatcWJ codecov Go Report Card GoDoc GitHub release Help Contribute to Open Source Become a backer/sponsor of gitea License: MIT Crowdin

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

TAGS="bindata" make generate all

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server, or forum!

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

FAQ

How do you pronounce Gitea?

Gitea is pronounced /ɡɪti:/ as in "gi-tea" with a hard g.

Why is this not hosted on a Gitea instance?

We're working on it.

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.

Screenshots

Looking for an overview of the interface? Check it out!

Dashboard Repository Commits History
Branches Issues Pull Request View
Releases Activity Wiki
Diff Organization Profile