rhodecode-enterprise-ce Commit - r5496:cab50adf

feat(configs): deprecared old hooks protocol and ssh wrapper....

super-admin -

r5496:cab50adf default

parent child

configs/development.ini

0 +2 -1

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn  --config gunicorn_conf.py --paste rhodecode.ini
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; #############
             ; DEBUG OPTIONS
             ; #############
             pyramid.reload_templates = true
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ; enable debug style page
             debug_style = true
             ; #################
             ; END DEBUG OPTIONS
             ; #################
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Redis url to acquire/check generation of archives locks
             archive_cache.locking.url = redis://redis:6379/1
             ; Storage backend, only 'filesystem' and 'objectstore' are available now
             archive_cache.backend.type = filesystem
             ; url for s3 compatible storage that allows to upload artifacts
             ; e.g http://minio:9000
             archive_cache.objectstore.url = http://s3-minio:9000
             ; key for s3 auth
             archive_cache.objectstore.key = key
             ; secret for s3 auth
             archive_cache.objectstore.secret = secret
             ;region for s3 storage
             archive_cache.objectstore.region = eu-central-1
             ; number of sharded buckets to create to distribute archives across
             ; default is 8 shards
             archive_cache.objectstore.bucket_shards = 8
             ; a top-level bucket to put all other shards in
             ; objects will be stored in rhodecode-archive-cache/shard-N based on the bucket_shards number
             archive_cache.objectstore.bucket = rhodecode-archive-cache
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.objectstore.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.objectstore.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.objectstore.retry_attempts = 10
             ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.filesystem.cache_size_gb = 1
             ; Eviction policy used to clear out after cache_size_gb limit is reached
             archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
             ; default is 8 shards
             archive_cache.filesystem.cache_shards = 8
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.filesystem.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.filesystem.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
-            vcs.hooks.protocol = http
+            #DEPRECATED:vcs.hooks.protocol = http
+            vcs.hooks.protocol.v2 = celery
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Redis connection settings for svn integrations logic
             ; This connection string needs to be the same on ce and vcsserver
             vcs.svn.redis_conn = redis://redis:6379/0
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             #DEPRECATED: ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ssh.wrapper_cmd.v2 = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter_sql
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

configs/production.ini

0 +2 -1

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = false
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn  --config gunicorn_conf.py --paste rhodecode.ini
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Redis url to acquire/check generation of archives locks
             archive_cache.locking.url = redis://redis:6379/1
             ; Storage backend, only 'filesystem' and 'objectstore' are available now
             archive_cache.backend.type = filesystem
             ; url for s3 compatible storage that allows to upload artifacts
             ; e.g http://minio:9000
             archive_cache.objectstore.url = http://s3-minio:9000
             ; key for s3 auth
             archive_cache.objectstore.key = key
             ; secret for s3 auth
             archive_cache.objectstore.secret = secret
             ;region for s3 storage
             archive_cache.objectstore.region = eu-central-1
             ; number of sharded buckets to create to distribute archives across
             ; default is 8 shards
             archive_cache.objectstore.bucket_shards = 8
             ; a top-level bucket to put all other shards in
             ; objects will be stored in rhodecode-archive-cache/shard-N based on the bucket_shards number
             archive_cache.objectstore.bucket = rhodecode-archive-cache
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.objectstore.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.objectstore.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.objectstore.retry_attempts = 10
             ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.filesystem.cache_size_gb = 40
             ; Eviction policy used to clear out after cache_size_gb limit is reached
             archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
             ; default is 8 shards
             archive_cache.filesystem.cache_shards = 8
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.filesystem.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.filesystem.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
-            vcs.hooks.protocol = http
+            #DEPRECATED:vcs.hooks.protocol = http
+            vcs.hooks.protocol.v2 = celery
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Redis connection settings for svn integrations logic
             ; This connection string needs to be the same on ce and vcsserver
             vcs.svn.redis_conn = redis://redis:6379/0
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             #DEPRECATED: ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ssh.wrapper_cmd.v2 = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

rhodecode/apps/ssh_support/lib/backends/base.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import logging
             from rhodecode.lib.hook_daemon.base import prepare_callback_daemon
             from rhodecode.lib.ext_json import sjson as json
             from rhodecode.lib.vcs.conf import settings as vcs_settings
             from rhodecode.lib.api_utils import call_service_api
             log = logging.getLogger(__name__)
             class SshVcsServer(object):
                 repo_user_agent = None  # set in child classes
                 _path = None  # set executable path for hg/git/svn binary
                 backend = None  # set in child classes
                 tunnel = None  # subprocess handling tunnel
                 settings = None  # parsed settings module
                 write_perms = ['repository.admin', 'repository.write']
                 read_perms = ['repository.read', 'repository.admin', 'repository.write']
                 def __init__(self, user, user_permissions, settings, env):
                     self.user = user
                     self.user_permissions = user_permissions
                     self.settings = settings
                     self.env = env
                     self.stdin = sys.stdin
                     self.repo_name = None
                     self.repo_mode = None
                     self.store = ''
                     self.ini_path = ''
                     self.hooks_protocol = None
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     # Todo: Leave only "celery" case after transition.
                     match self.hooks_protocol:
                         case 'http':
                             from rhodecode.model.scm import ScmModel
                             ScmModel().mark_for_invalidation(repo_name)
                         case 'celery':
                             call_service_api(self.settings, {
                                 "method": "service_mark_for_invalidation",
                                 "args": {"repo_name": repo_name}
                             })
                 def has_write_perm(self):
                     permission = self.user_permissions.get(self.repo_name)
                     if permission in ['repository.write', 'repository.admin']:
                         return True
                     return False
                 def _check_permissions(self, action):
                     permission = self.user_permissions.get(self.repo_name)
                     user_info = f'{self.user["user_id"]}:{self.user["username"]}'
                     log.debug('permission for %s on %s are: %s',
                               user_info, self.repo_name, permission)
                     if not permission:
                         log.error('user `%s` permissions to repo:%s are empty. Forbidding access.',
                                   user_info, self.repo_name)
                         return -2
                     if action == 'pull':
                         if permission in self.read_perms:
                             log.info(
                                 'READ Permissions for User "%s" detected to repo "%s"!',
                                 user_info, self.repo_name)
                             return 0
                     else:
                         if permission in self.write_perms:
                             log.info(
                                 'WRITE, or Higher Permissions for User "%s" detected to repo "%s"!',
                                 user_info, self.repo_name)
                             return 0
                     log.error('Cannot properly fetch or verify user `%s` permissions. '
                               'Permissions: %s, vcs action: %s',
                               user_info, permission, action)
                     return -2
                 def update_environment(self, action, extras=None):
                     scm_data = {
                         'ip': os.environ['SSH_CLIENT'].split()[0],
                         'username': self.user.username,
                         'user_id': self.user.user_id,
                         'action': action,
                         'repository': self.repo_name,
                         'scm': self.backend,
                         'config': self.ini_path,
                         'repo_store': self.store,
                         'make_lock': None,
                         'locked_by': [None, None],
                         'server_url': None,
                         'user_agent': f'{self.repo_user_agent}/ssh-user-agent',
                         'hooks': ['push', 'pull'],
                         'hooks_module': 'rhodecode.lib.hook_daemon.hook_module',
                         'is_shadow_repo': False,
                         'detect_force_push': False,
                         'check_branch_perms': False,
                         'SSH': True,
                         'SSH_PERMISSIONS': self.user_permissions.get(self.repo_name),
                     }
                     if extras:
                         scm_data.update(extras)
                     os.putenv("RC_SCM_DATA", json.dumps(scm_data))
                     return scm_data
                 def get_root_store(self):
                     root_store = self.store
                     if not root_store.endswith('/'):
                         # always append trailing slash
                         root_store = root_store + '/'
                     return root_store
                 def _handle_tunnel(self, extras):
                     # pre-auth
                     action = 'pull'
                     exit_code = self._check_permissions(action)
                     if exit_code:
                         return exit_code, False
                     req = self.env.get('request')
                     if req:
                         server_url = req.host_url + req.script_name
                         extras['server_url'] = server_url
                     log.debug('Using %s binaries from path %s', self.backend, self._path)
                     exit_code = self.tunnel.run(extras)
                     return exit_code, action == "push"
                 def run(self, tunnel_extras=None):
-                    self.hooks_protocol = self.settings['vcs.hooks.protocol']
+                    self.hooks_protocol = self.settings['vcs.hooks.protocol.v2']
                     tunnel_extras = tunnel_extras or {}
                     extras = {}
                     extras.update(tunnel_extras)
                     callback_daemon, extras = prepare_callback_daemon(
                         extras, protocol=self.hooks_protocol,
                         host=vcs_settings.HOOKS_HOST)
                     with callback_daemon:
                         try:
                             return self._handle_tunnel(extras)
                         finally:
                             log.debug('Running cleanup with cache invalidation')
                             if self.repo_name:
                                 self._invalidate_cache(self.repo_name)

rhodecode/apps/ssh_support/tests/test_server_git.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import mock
             import pytest
             from rhodecode.apps.ssh_support.lib.backends.git import GitServer
             from rhodecode.apps.ssh_support.tests.conftest import plain_dummy_env, plain_dummy_user
             from rhodecode.lib.ext_json import json
             class GitServerCreator(object):
                 root = '/tmp/repo/path/'
                 git_path = '/usr/local/bin/git'
                 config_data = {
                     'app:main': {
                         'ssh.executable.git': git_path,
-                        'vcs.hooks.protocol': 'http',
+                        'vcs.hooks.protocol.v2': 'celery',
                     }
                 }
                 repo_name = 'test_git'
                 repo_mode = 'receive-pack'
                 user = plain_dummy_user()
                 def __init__(self):
                     pass
                 def create(self, **kwargs):
                     parameters = {
                         'store': self.root,
                         'ini_path': '',
                         'user': self.user,
                         'repo_name': self.repo_name,
                         'repo_mode': self.repo_mode,
                         'user_permissions': {
                             self.repo_name: 'repository.admin'
                         },
                         'settings': self.config_data['app:main'],
                         'env': plain_dummy_env()
                     }
                     parameters.update(kwargs)
                     server = GitServer(**parameters)
                     return server
             @pytest.fixture()
             def git_server(app):
                 return GitServerCreator()
             class TestGitServer(object):
                 def test_command(self, git_server):
                     server = git_server.create()
                     expected_command = (
                         'cd {root}; {git_path} {repo_mode} \'{root}{repo_name}\''.format(
                             root=git_server.root, git_path=git_server.git_path,
                             repo_mode=git_server.repo_mode, repo_name=git_server.repo_name)
                     )
                     assert expected_command == server.tunnel.command()
                 @pytest.mark.parametrize('permissions, action, code', [
                     ({}, 'pull', -2),
                     ({'test_git': 'repository.read'}, 'pull', 0),
                     ({'test_git': 'repository.read'}, 'push', -2),
                     ({'test_git': 'repository.write'}, 'push', 0),
                     ({'test_git': 'repository.admin'}, 'push', 0),
                 ])
                 def test_permission_checks(self, git_server, permissions, action, code):
                     server = git_server.create(user_permissions=permissions)
                     result = server._check_permissions(action)
                     assert result is code
                 @pytest.mark.parametrize('permissions, value', [
                     ({}, False),
                     ({'test_git': 'repository.read'}, False),
                     ({'test_git': 'repository.write'}, True),
                     ({'test_git': 'repository.admin'}, True),
                 ])
                 def test_has_write_permissions(self, git_server, permissions, value):
                     server = git_server.create(user_permissions=permissions)
                     result = server.has_write_perm()
                     assert result is value
                 def test_run_returns_executes_command(self, git_server):
                     server = git_server.create()
                     from rhodecode.apps.ssh_support.lib.backends.git import GitTunnelWrapper
                     os.environ['SSH_CLIENT'] = '127.0.0.1'
                     with mock.patch.object(GitTunnelWrapper, 'create_hooks_env') as _patch:
                         _patch.return_value = 0
                         with mock.patch.object(GitTunnelWrapper, 'command', return_value='date'):
                             exit_code = server.run()
                     assert exit_code == (0, False)
                 @pytest.mark.parametrize(
                     'repo_mode, action', [
                         ['receive-pack', 'push'],
                         ['upload-pack', 'pull']
                     ])
                 def test_update_environment(self, git_server, repo_mode, action):
                     server = git_server.create(repo_mode=repo_mode)
                     store = server.store
                     with mock.patch('os.environ', {'SSH_CLIENT': '10.10.10.10 b'}):
                         with mock.patch('os.putenv') as putenv_mock:
                             server.update_environment(action)
                     expected_data = {
                         'username': git_server.user.username,
                         'user_id': git_server.user.user_id,
                         'scm': 'git',
                         'repository': git_server.repo_name,
                         'make_lock': None,
                         'action': action,
                         'ip': '10.10.10.10',
                         'locked_by': [None, None],
                         'config': '',
                         'repo_store': store,
                         'server_url': None,
                         'hooks': ['push', 'pull'],
                         'is_shadow_repo': False,
                         'hooks_module': 'rhodecode.lib.hook_daemon.hook_module',
                         'check_branch_perms': False,
                         'detect_force_push': False,
                         'user_agent': u'git/ssh-user-agent',
                         'SSH': True,
                         'SSH_PERMISSIONS': 'repository.admin',
                     }
                     args, kwargs = putenv_mock.call_args
                     assert json.loads(args[1]) == expected_data

rhodecode/apps/ssh_support/tests/test_server_hg.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import mock
             import pytest
             from rhodecode.apps.ssh_support.lib.backends.hg import MercurialServer
             from rhodecode.apps.ssh_support.tests.conftest import plain_dummy_env, plain_dummy_user
             class MercurialServerCreator(object):
                 root = '/tmp/repo/path/'
                 hg_path = '/usr/local/bin/hg'
                 config_data = {
                     'app:main': {
                         'ssh.executable.hg': hg_path,
-                        'vcs.hooks.protocol': 'http',
+                        'vcs.hooks.protocol.v2': 'celery',
                     }
                 }
                 repo_name = 'test_hg'
                 user = plain_dummy_user()
                 def __init__(self):
                     pass
                 def create(self, **kwargs):
                     parameters = {
                         'store': self.root,
                         'ini_path': '',
                         'user': self.user,
                         'repo_name': self.repo_name,
                         'user_permissions': {
                             'test_hg': 'repository.admin'
                         },
                         'settings': self.config_data['app:main'],
                         'env': plain_dummy_env()
                     }
                     parameters.update(kwargs)
                     server = MercurialServer(**parameters)
                     return server
             @pytest.fixture()
             def hg_server(app):
                 return MercurialServerCreator()
             class TestMercurialServer(object):
                 def test_command(self, hg_server, tmpdir):
                     server = hg_server.create()
                     custom_hgrc = os.path.join(str(tmpdir), 'hgrc')
                     expected_command = (
                         'cd {root}; HGRCPATH={custom_hgrc} {hg_path} -R {root}{repo_name} serve --stdio'.format(
                             root=hg_server.root, custom_hgrc=custom_hgrc, hg_path=hg_server.hg_path,
                             repo_name=hg_server.repo_name)
                     )
                     server_command = server.tunnel.command(custom_hgrc)
                     assert expected_command == server_command
                 @pytest.mark.parametrize('permissions, action, code', [
                     ({}, 'pull', -2),
                     ({'test_hg': 'repository.read'}, 'pull', 0),
                     ({'test_hg': 'repository.read'}, 'push', -2),
                     ({'test_hg': 'repository.write'}, 'push', 0),
                     ({'test_hg': 'repository.admin'}, 'push', 0),
                 ])
                 def test_permission_checks(self, hg_server, permissions, action, code):
                     server = hg_server.create(user_permissions=permissions)
                     result = server._check_permissions(action)
                     assert result is code
                 @pytest.mark.parametrize('permissions, value', [
                     ({}, False),
                     ({'test_hg': 'repository.read'}, False),
                     ({'test_hg': 'repository.write'}, True),
                     ({'test_hg': 'repository.admin'}, True),
                 ])
                 def test_has_write_permissions(self, hg_server, permissions, value):
                     server = hg_server.create(user_permissions=permissions)
                     result = server.has_write_perm()
                     assert result is value
                 def test_run_returns_executes_command(self, hg_server):
                     server = hg_server.create()
                     from rhodecode.apps.ssh_support.lib.backends.hg import MercurialTunnelWrapper
                     os.environ['SSH_CLIENT'] = '127.0.0.1'
                     with mock.patch.object(MercurialTunnelWrapper, 'create_hooks_env') as _patch:
                         _patch.return_value = 0
                         with mock.patch.object(MercurialTunnelWrapper, 'command', return_value='date'):
                             exit_code = server.run()
                     assert exit_code == (0, False)

rhodecode/apps/ssh_support/tests/test_server_svn.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import mock
             import pytest
             from rhodecode.apps.ssh_support.lib.backends.svn import SubversionServer
             from rhodecode.apps.ssh_support.tests.conftest import plain_dummy_env, plain_dummy_user
             class SubversionServerCreator(object):
                 root = '/tmp/repo/path/'
                 svn_path = '/usr/local/bin/svnserve'
                 config_data = {
                     'app:main': {
                         'ssh.executable.svn': svn_path,
-                        'vcs.hooks.protocol': 'http',
+                        'vcs.hooks.protocol.v2': 'celery',
                     }
                 }
                 repo_name = 'test-svn'
                 user = plain_dummy_user()
                 def __init__(self):
                     pass
                 def create(self, **kwargs):
                     parameters = {
                         'store': self.root,
                         'repo_name': self.repo_name,
                         'ini_path': '',
                         'user': self.user,
                         'user_permissions': {
                             self.repo_name: 'repository.admin'
                         },
                         'settings': self.config_data['app:main'],
                         'env': plain_dummy_env()
                     }
                     parameters.update(kwargs)
                     server = SubversionServer(**parameters)
                     return server
             @pytest.fixture()
             def svn_server(app):
                 return SubversionServerCreator()
             class TestSubversionServer(object):
                 def test_command(self, svn_server):
                     server = svn_server.create()
                     expected_command = [
                         svn_server.svn_path, '-t',
                         '--config-file', server.tunnel.svn_conf_path,
                         '--tunnel-user', svn_server.user.username,
                         '-r', svn_server.root
                     ]
                     assert expected_command == server.tunnel.command()
                 @pytest.mark.parametrize('permissions, action, code', [
                     ({}, 'pull', -2),
                     ({'test-svn': 'repository.read'}, 'pull', 0),
                     ({'test-svn': 'repository.read'}, 'push', -2),
                     ({'test-svn': 'repository.write'}, 'push', 0),
                     ({'test-svn': 'repository.admin'}, 'push', 0),
                 ])
                 def test_permission_checks(self, svn_server, permissions, action, code):
                     server = svn_server.create(user_permissions=permissions)
                     result = server._check_permissions(action)
                     assert result is code
                 @pytest.mark.parametrize('permissions, access_paths, expected_match', [
                     # not matched repository name
                     ({
                          'test-svn': ''
                      }, ['test-svn-1', 'test-svn-1/subpath'],
                      None),
                     # exact match
                     ({
                          'test-svn': ''
                      },
                      ['test-svn'],
                      'test-svn'),
                     # subdir commits
                     ({
                          'test-svn': ''
                      },
                      ['test-svn/foo',
                       'test-svn/foo/test-svn',
                       'test-svn/trunk/development.txt',
                       ],
                      'test-svn'),
                     # subgroups + similar patterns
                     ({
                          'test-svn': '',
                          'test-svn-1': '',
                          'test-svn-subgroup/test-svn': '',
                      },
                      ['test-svn-1',
                       'test-svn-1/foo/test-svn',
                       'test-svn-1/test-svn',
                       ],
                      'test-svn-1'),
                     # subgroups + similar patterns
                     ({
                          'test-svn-1': '',
                          'test-svn-10': '',
                          'test-svn-100': '',
                      },
                      ['test-svn-10',
                       'test-svn-10/foo/test-svn',
                       'test-svn-10/test-svn',
                       ],
                      'test-svn-10'),
                     # subgroups + similar patterns
                     ({
                          'name': '',
                          'nameContains': '',
                          'nameContainsThis': '',
                      },
                      ['nameContains',
                       'nameContains/This',
                       'nameContains/This/test-svn',
                       ],
                      'nameContains'),
                     # subgroups + similar patterns
                     ({
                          'test-svn': '',
                          'test-svn-1': '',
                          'test-svn-subgroup/test-svn': '',
                      },
                      ['test-svn-subgroup/test-svn',
                       'test-svn-subgroup/test-svn/foo/test-svn',
                       'test-svn-subgroup/test-svn/trunk/example.txt',
                       ],
                      'test-svn-subgroup/test-svn'),
                 ])
                 def test_repo_extraction_on_subdir(self, svn_server, permissions, access_paths, expected_match):
                     server = svn_server.create(user_permissions=permissions)
                     for path in access_paths:
                         repo_name = server.tunnel._match_repo_name(path)
                         assert repo_name == expected_match
                 def test_run_returns_executes_command(self, svn_server):
                     server = svn_server.create()
                     from rhodecode.apps.ssh_support.lib.backends.svn import SubversionTunnelWrapper
                     os.environ['SSH_CLIENT'] = '127.0.0.1'
                     with mock.patch.object(
                             SubversionTunnelWrapper, 'get_first_client_response',
                             return_value={'url': 'http://server/test-svn'}):
                         with mock.patch.object(
                                 SubversionTunnelWrapper, 'patch_first_client_response',
                                 return_value=0):
                             with mock.patch.object(
                                     SubversionTunnelWrapper, 'sync',
                                     return_value=0):
                                 with mock.patch.object(
                                         SubversionTunnelWrapper, 'command',
                                         return_value=['date']):
                                     exit_code = server.run()
                     # SVN has this differently configured, and we get in our mock env
                     # None as return code
                     assert exit_code == (None, False)
                 def test_run_returns_executes_command_that_cannot_extract_repo_name(self, svn_server):
                     server = svn_server.create()
                     from rhodecode.apps.ssh_support.lib.backends.svn import SubversionTunnelWrapper
                     with mock.patch.object(
                             SubversionTunnelWrapper, 'command',
                             return_value=['date']):
                         with mock.patch.object(
                                 SubversionTunnelWrapper, 'get_first_client_response',
                                 return_value=None):
                                 exit_code = server.run()
                     assert exit_code == (1, False)

rhodecode/config/config_maker.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import tempfile
             import logging
             from pyramid.settings import asbool
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config import utils as config_utils
             log = logging.getLogger(__name__)
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well-prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
                 logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.svn.redis_conn', 'redis://redis:6379/0')
                 settings_maker.make_setting('vcs.svn.proxy.enabled', True, parser='bool')
                 settings_maker.make_setting('vcs.svn.proxy.host', 'http://svn:8090', parser='string')
-                settings_maker.make_setting('vcs.hooks.protocol', 'http')
+                settings_maker.make_setting('vcs.hooks.protocol.v2', 'celery')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
                 # repo_store path
                 settings_maker.make_setting('repo_store.path', '/var/opt/rhodecode_repo_store')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 # celery
                 broker_url = settings_maker.make_setting('celery.broker_url', 'redis://redis:6379/8')
                 settings_maker.make_setting('celery.result_backend', broker_url)
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
                 settings_maker.make_setting('archive_cache.locking.url', 'redis://redis:6379/1')
                 settings_maker.make_setting('archive_cache.backend.type', 'filesystem')
                 settings_maker.make_setting('archive_cache.filesystem.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.filesystem.cache_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.filesystem.eviction_policy', 'least-recently-stored')
                 settings_maker.make_setting('archive_cache.filesystem.retry', False, parser='bool')
                 settings_maker.make_setting('archive_cache.filesystem.retry_backoff', 1, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.retry_attempts', 10, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.url', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.objectstore.key', '')
                 settings_maker.make_setting('archive_cache.objectstore.secret', '')
                 settings_maker.make_setting('archive_cache.objectstore.region', 'eu-central-1')
                 settings_maker.make_setting('archive_cache.objectstore.bucket', 'rhodecode-archive-cache', default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.objectstore.bucket_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.objectstore.eviction_policy', 'least-recently-stored')
                 settings_maker.make_setting('archive_cache.objectstore.retry', False, parser='bool')
                 settings_maker.make_setting('archive_cache.objectstore.retry_backoff', 1, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.retry_attempts', 10, parser='int')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/config/utils.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import platform
             DEFAULT_USER = 'default'
             def configure_vcs(config):
                 """
                 Patch VCS config with some RhodeCode specific stuff
                 """
                 from rhodecode.lib.vcs import conf
                 import rhodecode.lib.vcs.conf.settings
                 conf.settings.BACKENDS = {
                     'hg': 'rhodecode.lib.vcs.backends.hg.MercurialRepository',
                     'git': 'rhodecode.lib.vcs.backends.git.GitRepository',
                     'svn': 'rhodecode.lib.vcs.backends.svn.SubversionRepository',
                 }
-                conf.settings.HOOKS_PROTOCOL = config['vcs.hooks.protocol']
+                conf.settings.HOOKS_PROTOCOL = config['vcs.hooks.protocol.v2']
                 conf.settings.HOOKS_HOST = config['vcs.hooks.host']
                 conf.settings.DEFAULT_ENCODINGS = config['default_encoding']
                 conf.settings.ALIASES[:] = config['vcs.backends']
                 conf.settings.SVN_COMPATIBLE_VERSION = config['vcs.svn.compatible_version']
             def initialize_database(config):
                 from rhodecode.lib.utils2 import engine_from_config, get_encryption_key
                 from rhodecode.model import init_model
                 engine = engine_from_config(config, 'sqlalchemy.db1.')
                 init_model(engine, encryption_key=get_encryption_key(config))
             def initialize_test_environment(settings, test_env=None):
                 if test_env is None:
                     test_env = not int(os.environ.get('RC_NO_TMP_PATH', 0))
                 from rhodecode.lib.utils import (
                     create_test_directory, create_test_database, create_test_repositories,
                     create_test_index)
                 from rhodecode.tests import TESTS_TMP_PATH
                 from rhodecode.lib.vcs.backends.hg import largefiles_store
                 from rhodecode.lib.vcs.backends.git import lfs_store
                 # test repos
                 if test_env:
                     create_test_directory(TESTS_TMP_PATH)
                     # large object stores
                     create_test_directory(largefiles_store(TESTS_TMP_PATH))
                     create_test_directory(lfs_store(TESTS_TMP_PATH))
                     create_test_database(TESTS_TMP_PATH, settings)
                     create_test_repositories(TESTS_TMP_PATH, settings)
                     create_test_index(TESTS_TMP_PATH, settings)
             def get_vcs_server_protocol(config):
                 return config['vcs.server.protocol']
             def set_instance_id(config):
                 """
                 Sets a dynamic generated config['instance_id'] if missing or '*'
                 E.g instance_id = *cluster-1 or instance_id = *
                 """
                 config['instance_id'] = config.get('instance_id') or ''
                 instance_id = config['instance_id']
                 if instance_id.startswith('*') or not instance_id:
                     prefix = instance_id.lstrip('*')
                     _platform_id = platform.uname()[1] or 'instance'
                     config['instance_id'] = '{prefix}uname:{platform}-pid:{pid}'.format(
                         prefix=prefix,
                         platform=_platform_id,
                         pid=os.getpid())
             def get_default_user_id():
                 from sqlalchemy import text
                 from rhodecode.model import meta
                 engine = meta.get_engine()
                 with meta.SA_Session(engine) as session:
                     result = session.execute(text(
                         "SELECT user_id from users where username = :uname"
                     ), {'uname': DEFAULT_USER})
                     user = result.first()
                     if not user:
                         raise ValueError('Unable to retrieve default user data from DB')
                     user_id = user[0]
                 return user_id

rhodecode/tests/config/test_sanitize_settings.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.tests import no_newline_id_generator
             from rhodecode.config.middleware import sanitize_settings_and_apply_defaults
             from rhodecode.config.settings_maker import SettingsMaker
             class TestHelperFunctions(object):
                 @pytest.mark.parametrize('raw, expected', [
                     ('true', True), (u'true', True),
                     ('yes', True), (u'yes', True),
                     ('on', True), (u'on', True),
                     ('false', False), (u'false', False),
                     ('no', False), (u'no', False),
                     ('off', False), (u'off', False),
                     ('invalid-bool-value', False),
                     ('invalid-∫øø@-√å@¨€', False),
                     (u'invalid-∫øø@-√å@¨€', False),
                 ])
                 def test_bool_func_helper(self, raw, expected):
                     val = SettingsMaker._bool_func(raw)
                     assert val == expected
                 @pytest.mark.parametrize('raw, expected', [
                     ('', ''),
                     ('test-string', 'test-string'),
                     ('CaSe-TeSt', 'case-test'),
                     ('test-string-çƒ©€', 'test-string-çƒ©€'),
                     (u'test-string-çƒ©€', u'test-string-çƒ©€'),
                 ])
                 def test_string_func_helper(self, raw, expected):
                     val = SettingsMaker._string_func(raw)
                     assert val == expected
                 @pytest.mark.parametrize('raw, expected', [
                     ('', []),
                     ('test', ['test']),
                     ('CaSe-TeSt', ['CaSe-TeSt']),
                     ('test-string-çƒ©€', ['test-string-çƒ©€']),
                     (u'test-string-çƒ©€', [u'test-string-çƒ©€']),
                     ('hg,git,svn', ['hg', 'git', 'svn']),
                     ('hg, git, svn', ['hg', 'git', 'svn']),
                     (', hg , git , svn , ', ['', 'hg', 'git', 'svn', '']),
                     ('cheese,free node,other', ['cheese', 'free node', 'other']),
                 ], ids=no_newline_id_generator)
                 def test_list_setting_helper(self, raw, expected):
                     val = SettingsMaker._list_func(raw)
                     assert val == expected
                 @pytest.mark.parametrize('raw, expected', [
                     ('hg git svn', ['hg', 'git', 'svn']),
                 ], ids=no_newline_id_generator)
                 def test_list_setting_spaces_helper(self, raw, expected):
                     val = SettingsMaker._list_func(raw, sep=' ')
                     assert val == expected
                 @pytest.mark.parametrize('raw, expected', [
                     ('hg\ngit\nsvn', ['hg', 'git', 'svn']),
                     (' hg\n git\n svn ', ['hg', 'git', 'svn']),
                 ], ids=no_newline_id_generator)
                 def test_list_setting_newlines_helper(self, raw, expected):
                     val = SettingsMaker._list_func(raw, sep='\n')
                     assert val == expected
                 @pytest.mark.parametrize('raw, expected', [
                     ('0', 0),
                     ('-0', 0),
                     ('12345', 12345),
                     ('-12345', -12345),
                     (u'-12345', -12345),
                 ])
                 def test_int_setting_helper(self, raw, expected):
                     val = SettingsMaker._int_func(raw)
                     assert val == expected
                 @pytest.mark.parametrize('raw', [
                     ('0xff'),
                     (''),
                     ('invalid-int'),
                     ('invalid-⁄~†'),
                     (u'invalid-⁄~†'),
                 ])
                 def test_int_setting_helper_invalid_input(self, raw):
                     with pytest.raises(Exception):
                         SettingsMaker._int_func(raw)
             class TestSanitizeVcsSettings(object):
                 _bool_funcs = [
                     ('vcs.hooks.direct_calls', False),
                     ('vcs.server.enable', True),
                     ('vcs.start_server', False),
                     ('startup.import_repos', False),
                 ]
                 _string_funcs = [
                     ('vcs.svn.compatible_version', ''),
-                    ('vcs.hooks.protocol', 'http'),
+                    ('vcs.hooks.protocol.v2', 'celery'),
                     ('vcs.hooks.host', '*'),
                     ('vcs.scm_app_implementation', 'http'),
                     ('vcs.server', ''),
                     ('vcs.server.protocol', 'http'),
                 ]
                 _list_settings = [
                     ('vcs.backends', 'hg git'),
                 ]
                 # @pytest.mark.parametrize('key, default', _list_settings)
                 # def test_list_setting_spacesep_list(self, key, default):
                 #     test_list = ['test', 'list', 'values', 'for', key]
                 #     input_value = ' '.join(test_list)
                 #     settings = {key: input_value}
                 #     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                 #     assert settings[key] == test_list
                 #
                 # @pytest.mark.parametrize('key, default', _list_settings)
                 # def test_list_setting_newlinesep_list(self, key, default):
                 #     test_list = ['test', 'list', 'values', 'for', key]
                 #     input_value = '\n'.join(test_list)
                 #     settings = {key: input_value}
                 #     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                 #     assert settings[key] == test_list
                 @pytest.mark.parametrize('key, default', _list_settings)
                 def test_list_setting_commasep_list(self, key, default):
                     test_list = ['test', 'list', 'values', 'for', key]
                     input_value = ','.join(test_list)
                     settings = {key: input_value}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] == test_list
                 @pytest.mark.parametrize('key, default', _list_settings)
                 def test_list_setting_comma_and_space_sep_list(self, key, default):
                     test_list = ['test', 'list', 'values', 'for', key]
                     input_value = ', '.join(test_list)
                     settings = {key: input_value}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] == test_list
                 @pytest.mark.parametrize('key, default', _string_funcs)
                 def test_string_func_string(self, key, default):
                     test_value = 'test-string-for-{}'.format(key)
                     settings = {key: test_value}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] == test_value
                 @pytest.mark.parametrize('key, default', _string_funcs)
                 def test_string_func_default(self, key, default):
                     settings = {}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] == default
                 # @pytest.mark.parametrize('key, default', _string_funcs)
                 # def test_string_func_lowercase(self, key, default):
                 #     test_value = 'Test-String-For-{}'.format(key)
                 #     settings = {key: test_value}
                 #     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                 #     assert settings[key] == test_value.lower()
                 @pytest.mark.parametrize('key, default', _bool_funcs)
                 def test_bool_func_true(self, key, default):
                     settings = {key: 'true'}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] is True
                 @pytest.mark.parametrize('key, default', _bool_funcs)
                 def test_bool_func_false(self, key, default):
                     settings = {key: 'false'}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] is False
                 @pytest.mark.parametrize('key, default', _bool_funcs)
                 def test_bool_func_invalid_string(self, key, default):
                     settings = {key: 'no-bool-val-string'}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] is False
                 @pytest.mark.parametrize('key, default', _bool_funcs)
                 def test_bool_func_default(self, key, default):
                     settings = {}
                     sanitize_settings_and_apply_defaults({'__file__': ''}, settings)
                     assert settings[key] is default

rhodecode/tests/fixture_mods/fixture_pyramid.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.lib.config_utils import get_app_config
             from rhodecode.tests.fixture import TestINI
             from rhodecode.tests import TESTS_TMP_PATH
             from rhodecode.tests.server_utils import RcVCSServer
             @pytest.fixture(scope='session')
             def vcsserver(request, vcsserver_port, vcsserver_factory):
                 """
                 Session scope VCSServer.
                 Tests which need the VCSServer have to rely on this fixture in order
                 to ensure it will be running.
                 For specific needs, the fixture vcsserver_factory can be used. It allows to
                 adjust the configuration file for the test run.
                 Command line args:
                 --without-vcsserver: Allows to switch this fixture off. You have to
                 manually start the server.
                 --vcsserver-port: Will expect the VCSServer to listen on this port.
                 """
                 if not request.config.getoption('with_vcsserver'):
                     return None
                 return vcsserver_factory(
                     request, vcsserver_port=vcsserver_port)
             @pytest.fixture(scope='session')
             def vcsserver_factory(tmpdir_factory):
                 """
                 Use this if you need a running vcsserver with a special configuration.
                 """
                 def factory(request, overrides=(), vcsserver_port=None,
                             log_file=None, workers='3'):
                     if vcsserver_port is None:
                         vcsserver_port = get_available_port()
                     overrides = list(overrides)
                     overrides.append({'server:main': {'port': vcsserver_port}})
                     option_name = 'vcsserver_config_http'
                     override_option_name = 'vcsserver_config_override'
                     config_file = get_config(
                         request.config, option_name=option_name,
                         override_option_name=override_option_name, overrides=overrides,
                         basetemp=tmpdir_factory.getbasetemp().strpath,
                         prefix='test_vcs_')
                     server = RcVCSServer(config_file, log_file, workers)
                     server.start()
                     @request.addfinalizer
                     def cleanup():
                         server.shutdown()
                     server.wait_until_ready()
                     return server
                 return factory
             def _use_log_level(config):
                 level = config.getoption('test_loglevel') or 'critical'
                 return level.upper()
             @pytest.fixture(scope='session')
             def ini_config(request, tmpdir_factory, rcserver_port, vcsserver_port):
                 option_name = 'pyramid_config'
                 log_level = _use_log_level(request.config)
                 overrides = [
                     {'server:main': {'port': rcserver_port}},
                     {'app:main': {
                         'cache_dir': '%(here)s/rc-tests/rc_data',
                         'vcs.server': f'localhost:{vcsserver_port}',
                         # johbo: We will always start the VCSServer on our own based on the
                         # fixtures of the test cases. For the test run it must always be
                         # off in the INI file.
                         'vcs.start_server': 'false',
                         'vcs.server.protocol': 'http',
                         'vcs.scm_app_implementation': 'http',
                         'vcs.svn.proxy.enabled': 'true',
-                        'vcs.hooks.protocol': 'http',
+                        'vcs.hooks.protocol.v2': 'celery',
                         'vcs.hooks.host': '*',
                         'repo_store.path': TESTS_TMP_PATH,
                         'app.service_api.token': 'service_secret_token',
                     }},
                     {'handler_console': {
                         'class': 'StreamHandler',
                         'args': '(sys.stderr,)',
                         'level': log_level,
                     }},
                 ]
                 filename = get_config(
                     request.config, option_name=option_name,
                     override_option_name='{}_override'.format(option_name),
                     overrides=overrides,
                     basetemp=tmpdir_factory.getbasetemp().strpath,
                     prefix='test_rce_')
                 return filename
             @pytest.fixture(scope='session')
             def ini_settings(ini_config):
                 ini_path = ini_config
                 return get_app_config(ini_path)
             def get_available_port(min_port=40000, max_port=55555):
                 from rhodecode.lib.utils2 import get_available_port as _get_port
                 return _get_port(min_port, max_port)
             @pytest.fixture(scope='session')
             def rcserver_port(request):
                 port = get_available_port()
                 print(f'Using rhodecode port {port}')
                 return port
             @pytest.fixture(scope='session')
             def vcsserver_port(request):
                 port = request.config.getoption('--vcsserver-port')
                 if port is None:
                     port = get_available_port()
                     print(f'Using vcsserver port {port}')
                 return port
             @pytest.fixture(scope='session')
             def available_port_factory() -> get_available_port:
                 """
                 Returns a callable which returns free port numbers.
                 """
                 return get_available_port
             @pytest.fixture()
             def available_port(available_port_factory):
                 """
                 Gives you one free port for the current test.
                 Uses "available_port_factory" to retrieve the port.
                 """
                 return available_port_factory()
             @pytest.fixture(scope='session')
             def testini_factory(tmpdir_factory, ini_config):
                 """
                 Factory to create an INI file based on TestINI.
                 It will make sure to place the INI file in the correct directory.
                 """
                 basetemp = tmpdir_factory.getbasetemp().strpath
                 return TestIniFactory(basetemp, ini_config)
             class TestIniFactory(object):
                 def __init__(self, basetemp, template_ini):
                     self._basetemp = basetemp
                     self._template_ini = template_ini
                 def __call__(self, ini_params, new_file_prefix='test'):
                     ini_file = TestINI(
                         self._template_ini, ini_params=ini_params,
                         new_file_prefix=new_file_prefix, dir=self._basetemp)
                     result = ini_file.create()
                     return result
             def get_config(
                     config, option_name, override_option_name, overrides=None,
                     basetemp=None, prefix='test'):
                 """
                 Find a configuration file and apply overrides for the given `prefix`.
                 """
                 config_file = (
                     config.getoption(option_name) or config.getini(option_name))
                 if not config_file:
                     pytest.exit(
                         "Configuration error, could not extract {}.".format(option_name))
                 overrides = overrides or []
                 config_override = config.getoption(override_option_name)
                 if config_override:
                     overrides.append(config_override)
                 temp_ini_file = TestINI(
                     config_file, ini_params=overrides, new_file_prefix=prefix,
                     dir=basetemp)
                 return temp_ini_file.create()

rhodecode/tests/lib/middleware/test_simplevcs.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.lib.str_utils import base64_to_str
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.tests.utils import CustomTestApp
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.middleware import simplevcs
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.middleware.utils import scm_app_http
             from rhodecode.model.db import User, _hash_key
             from rhodecode.model.meta import Session, cache as db_cache
             from rhodecode.tests import (
                 HG_REPO, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
             from rhodecode.tests.lib.middleware import mock_scm_app
             class StubVCSController(simplevcs.SimpleVCS):
                 SCM = 'hg'
                 stub_response_body = tuple()
                 def __init__(self, *args, **kwargs):
                     super(StubVCSController, self).__init__(*args, **kwargs)
                     self._action = 'pull'
                     self._is_shadow_repo_dir = True
                     self._name = HG_REPO
                     self.set_repo_names(None)
                 @property
                 def is_shadow_repo_dir(self):
                     return self._is_shadow_repo_dir
                 def _get_repository_name(self, environ):
                     return self._name
                 def _get_action(self, environ):
                     return self._action
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     def fake_app(environ, start_response):
                         headers = [
                             ('Http-Accept', 'application/mercurial')
                         ]
                         start_response('200 OK', headers)
                         return self.stub_response_body
                     return fake_app
                 def _create_config(self, extras, repo_name, scheme='http'):
                     return None
             @pytest.fixture()
             def vcscontroller(baseapp, config_stub, request_stub):
                 from rhodecode.config.middleware import ce_auth_resources
                 config_stub.testing_securitypolicy()
                 config_stub.include('rhodecode.authentication')
                 for resource in ce_auth_resources:
                     config_stub.include(resource)
                 controller = StubVCSController(
                     baseapp.config.get_settings(), request_stub.registry)
                 app = HttpsFixup(controller, baseapp.config.get_settings())
                 app = CustomTestApp(app)
                 _remove_default_user_from_query_cache()
                 # Sanity checks that things are set up correctly
                 app.get('/' + HG_REPO, status=200)
                 app.controller = controller
                 return app
             def _remove_default_user_from_query_cache():
                 user = User.get_default_user(cache=True)
                 query = Session().query(User).filter(User.username == user.username)
                 query = query.options(
                     FromCache("sql_cache_short", f"get_user_{_hash_key(user.username)}"))
                 db_cache.invalidate(
                     query, {},
                     FromCache("sql_cache_short", f"get_user_{_hash_key(user.username)}"))
                 Session().expire(user)
             def test_handles_exceptions_during_permissions_checks(
                     vcscontroller, disable_anonymous_user, enable_auth_plugins, test_user_factory):
                 test_password = 'qweqwe'
                 test_user = test_user_factory(password=test_password, extern_type='headers', extern_name='headers')
                 test_username = test_user.username
                 enable_auth_plugins.enable([
                     'egg:rhodecode-enterprise-ce#headers',
                     'egg:rhodecode-enterprise-ce#token',
                     'egg:rhodecode-enterprise-ce#rhodecode'],
                     override={
                         'egg:rhodecode-enterprise-ce#headers': {'auth_headers_header': 'REMOTE_USER'}
                     })
                 user_and_pass = f'{test_username}:{test_password}'
                 auth_password = base64_to_str(user_and_pass)
                 extra_environ = {
                     'AUTH_TYPE': 'Basic',
                     'HTTP_AUTHORIZATION': f'Basic {auth_password}',
                     'REMOTE_USER': test_username,
                 }
                 # Verify that things are hooked up correctly, we pass user with headers bound auth, and headers filled in
                 vcscontroller.get('/', status=200, extra_environ=extra_environ)
                 # Simulate trouble during permission checks
                 with mock.patch('rhodecode.model.db.User.get_by_username',
                                 side_effect=Exception('permission_error_test')) as get_user:
                     # Verify that a correct 500 is returned and check that the expected
                     # code path was hit.
                     vcscontroller.get('/', status=500, extra_environ=extra_environ)
                     assert get_user.called
             class StubFailVCSController(simplevcs.SimpleVCS):
                 def _handle_request(self, environ, start_response):
                     raise Exception("BOOM")
             @pytest.fixture(scope='module')
             def fail_controller(baseapp):
                 controller = StubFailVCSController(
                     baseapp.config.get_settings(), baseapp.config)
                 controller = HttpsFixup(controller, baseapp.config.get_settings())
                 controller = CustomTestApp(controller)
                 return controller
             def test_handles_exceptions_as_internal_server_error(fail_controller):
                 fail_controller.get('/', status=500)
             def test_provides_traceback_for_appenlight(fail_controller):
                 response = fail_controller.get(
                     '/', status=500, extra_environ={'appenlight.client': 'fake'})
                 assert 'appenlight.__traceback' in response.request.environ
             def test_provides_utils_scm_app_as_scm_app_by_default(baseapp, request_stub):
                 controller = StubVCSController(baseapp.config.get_settings(), request_stub.registry)
                 assert controller.scm_app is scm_app_http
             def test_allows_to_override_scm_app_via_config(baseapp, request_stub):
                 config = baseapp.config.get_settings().copy()
                 config['vcs.scm_app_implementation'] = (
                     'rhodecode.tests.lib.middleware.mock_scm_app')
                 controller = StubVCSController(config, request_stub.registry)
                 assert controller.scm_app is mock_scm_app
             @pytest.mark.parametrize('query_string, expected', [
                 ('cmd=stub_command', True),
                 ('cmd=listkeys', False),
             ])
             def test_should_check_locking(query_string, expected):
                 result = simplevcs._should_check_locking(query_string)
                 assert result == expected
             class TestShadowRepoRegularExpression(object):
                 pr_segment = 'pull-request'
                 shadow_segment = 'repository'
                 @pytest.mark.parametrize('url, expected', [
                     # repo with/without groups
                     ('My-Repo/{pr_segment}/1/{shadow_segment}', True),
                     ('Group/My-Repo/{pr_segment}/2/{shadow_segment}', True),
                     ('Group/Sub-Group/My-Repo/{pr_segment}/3/{shadow_segment}', True),
                     ('Group/Sub-Group1/Sub-Group2/My-Repo/{pr_segment}/3/{shadow_segment}', True),
                     # pull request ID
                     ('MyRepo/{pr_segment}/1/{shadow_segment}', True),
                     ('MyRepo/{pr_segment}/1234567890/{shadow_segment}', True),
                     ('MyRepo/{pr_segment}/-1/{shadow_segment}', False),
                     ('MyRepo/{pr_segment}/invalid/{shadow_segment}', False),
                     # unicode
                     (u'Sp€çîál-Repö/{pr_segment}/1/{shadow_segment}', True),
                     (u'Sp€çîál-Gröüp/Sp€çîál-Repö/{pr_segment}/1/{shadow_segment}', True),
                     # trailing/leading slash
                     ('/My-Repo/{pr_segment}/1/{shadow_segment}', False),
                     ('My-Repo/{pr_segment}/1/{shadow_segment}/', False),
                     ('/My-Repo/{pr_segment}/1/{shadow_segment}/', False),
                     # misc
                     ('My-Repo/{pr_segment}/1/{shadow_segment}/extra', False),
                     ('My-Repo/{pr_segment}/1/{shadow_segment}extra', False),
                 ])
                 def test_shadow_repo_regular_expression(self, url, expected):
                     from rhodecode.lib.middleware.simplevcs import SimpleVCS
                     url = url.format(
                         pr_segment=self.pr_segment,
                         shadow_segment=self.shadow_segment)
                     match_obj = SimpleVCS.shadow_repo_re.match(url)
                     assert (match_obj is not None) == expected
             @pytest.mark.backends('git', 'hg')
             class TestShadowRepoExposure(object):
                 def test_pull_on_shadow_repo_propagates_to_wsgi_app(
                         self, baseapp, request_stub):
                     """
                     Check that a pull action to a shadow repo is propagated to the
                     underlying wsgi app.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'pull'
                     controller._is_shadow_repo_dir = True
                     controller.stub_response_body = (b'dummy body value',)
                     controller._get_default_cache_ttl = mock.Mock(
                         return_value=(False, 0))
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     # Assert that we got the response from the wsgi app.
                     assert response_body == b''.join(controller.stub_response_body)
                 def test_pull_on_shadow_repo_that_is_missing(self, baseapp, request_stub):
                     """
                     Check that a pull action to a shadow repo is propagated to the
                     underlying wsgi app.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'pull'
                     controller._is_shadow_repo_dir = False
                     controller.stub_response_body = (b'dummy body value',)
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     # Assert that we got the response from the wsgi app.
                     assert b'404 Not Found' in response_body
                 def test_push_on_shadow_repo_raises(self, baseapp, request_stub):
                     """
                     Check that a push action to a shadow repo is aborted.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'push'
                     controller.stub_response_body = (b'dummy body value',)
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     assert response_body != controller.stub_response_body
                     # Assert that a 406 error is returned.
                     assert b'406 Not Acceptable' in response_body
                 def test_set_repo_names_no_shadow(self, baseapp, request_stub):
                     """
                     Check that the set_repo_names method sets all names to the one returned
                     by the _get_repository_name method on a request to a non shadow repo.
                     """
                     environ_stub = {}
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = 'RepoGroup/MyRepo'
                     controller.set_repo_names(environ_stub)
                     assert not controller.is_shadow_repo
                     assert (controller.url_repo_name ==
                             controller.acl_repo_name ==
                             controller.vcs_repo_name ==
                             controller._get_repository_name(environ_stub))
                 def test_set_repo_names_with_shadow(
                         self, baseapp, pr_util, config_stub, request_stub):
                     """
                     Check that the set_repo_names method sets correct names on a request
                     to a shadow repo.
                     """
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = pr_util.create_pull_request()
                     shadow_url = '{target}/{pr_segment}/{pr_id}/{shadow_segment}'.format(
                         target=pull_request.target_repo.repo_name,
                         pr_id=pull_request.pull_request_id,
                         pr_segment=TestShadowRepoRegularExpression.pr_segment,
                         shadow_segment=TestShadowRepoRegularExpression.shadow_segment)
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = shadow_url
                     controller.set_repo_names({})
                     # Get file system path to shadow repo for assertions.
                     workspace_id = PullRequestModel()._workspace_id(pull_request)
                     vcs_repo_name = pull_request.target_repo.get_shadow_repository_path(workspace_id)
                     assert controller.vcs_repo_name == vcs_repo_name
                     assert controller.url_repo_name == shadow_url
                     assert controller.acl_repo_name == pull_request.target_repo.repo_name
                     assert controller.is_shadow_repo
                 def test_set_repo_names_with_shadow_but_missing_pr(
                         self, baseapp, pr_util, config_stub, request_stub):
                     """
                     Checks that the set_repo_names method enforces matching target repos
                     and pull request IDs.
                     """
                     pull_request = pr_util.create_pull_request()
                     shadow_url = '{target}/{pr_segment}/{pr_id}/{shadow_segment}'.format(
                         target=pull_request.target_repo.repo_name,
                         pr_id=999999999,
                         pr_segment=TestShadowRepoRegularExpression.pr_segment,
                         shadow_segment=TestShadowRepoRegularExpression.shadow_segment)
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = shadow_url
                     controller.set_repo_names({})
                     assert not controller.is_shadow_repo
                     assert (controller.url_repo_name ==
                             controller.acl_repo_name ==
                             controller.vcs_repo_name)
             @pytest.mark.usefixtures('baseapp')
             class TestGenerateVcsResponse(object):
                 def test_ensures_that_start_response_is_called_early_enough(self):
                     self.call_controller_with_response_body(iter(['a', 'b']))
                     assert self.start_response.called
                 def test_invalidates_cache_after_body_is_consumed(self):
                     result = self.call_controller_with_response_body(iter(['a', 'b']))
                     assert not self.was_cache_invalidated()
                     # Consume the result
                     list(result)
                     assert self.was_cache_invalidated()
                 def test_raises_unknown_exceptions(self):
                     result = self.call_controller_with_response_body(
                         self.raise_result_iter(vcs_kind='unknown'))
                     with pytest.raises(Exception):
                         list(result)
                 def call_controller_with_response_body(self, response_body):
                     settings = {
                         'base_path': 'fake_base_path',
-                        'vcs.hooks.protocol': 'http',
+                        'vcs.hooks.protocol.v2': 'celery',
                         'vcs.hooks.direct_calls': False,
                     }
                     registry = AttributeDict()
                     controller = StubVCSController(settings, registry)
                     controller._invalidate_cache = mock.Mock()
                     controller.stub_response_body = response_body
                     self.start_response = mock.Mock()
                     result = controller._generate_vcs_response(
                         environ={}, start_response=self.start_response,
                         repo_path='fake_repo_path',
                         extras={}, action='push')
                     self.controller = controller
                     return result
                 def raise_result_iter(self, vcs_kind='repo_locked'):
                     """
                     Simulates an exception due to a vcs raised exception if kind vcs_kind
                     """
                     raise self.vcs_exception(vcs_kind=vcs_kind)
                     yield "never_reached"
                 def vcs_exception(self, vcs_kind='repo_locked'):
                     locked_exception = Exception('TEST_MESSAGE')
                     locked_exception._vcs_kind = vcs_kind
                     return locked_exception
                 def was_cache_invalidated(self):
                     return self.controller._invalidate_cache.called
             class TestInitializeGenerator(object):
                 def test_drains_first_element(self):
                     gen = self.factory(['__init__', 1, 2])
                     result = list(gen)
                     assert result == [1, 2]
                 @pytest.mark.parametrize('values', [
                     [],
                     [1, 2],
                 ])
                 def test_raises_value_error(self, values):
                     with pytest.raises(ValueError):
                         self.factory(values)
                 @simplevcs.initialize_generator
                 def factory(self, iterable):
                     for elem in iterable:
                         yield elem

rhodecode/tests/models/test_pullrequest.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             import textwrap
             import rhodecode
             from rhodecode.lib.vcs.backends import get_backend
             from rhodecode.lib.vcs.backends.base import (
                 MergeResponse, MergeFailureReason, Reference)
             from rhodecode.lib.vcs.exceptions import RepositoryError
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.model.comment import CommentsModel
             from rhodecode.model.db import PullRequest, Session
             from rhodecode.model.pull_request import PullRequestModel
             from rhodecode.model.user import UserModel
             from rhodecode.tests import TEST_USER_ADMIN_LOGIN
             from rhodecode.lib.str_utils import safe_str
             pytestmark = [
                 pytest.mark.backends("git", "hg"),
             ]
             @pytest.mark.usefixtures('config_stub')
             class TestPullRequestModel(object):
                 @pytest.fixture()
                 def pull_request(self, request, backend, pr_util):
                     """
                     A pull request combined with multiples patches.
                     """
                     BackendClass = get_backend(backend.alias)
                     merge_resp = MergeResponse(
                         False, False, None, MergeFailureReason.UNKNOWN,
                         metadata={'exception': 'MockError'})
                     self.merge_patcher = mock.patch.object(
                         BackendClass, 'merge', return_value=merge_resp)
                     self.workspace_remove_patcher = mock.patch.object(
                         BackendClass, 'cleanup_merge_workspace')
                     self.workspace_remove_mock = self.workspace_remove_patcher.start()
                     self.merge_mock = self.merge_patcher.start()
                     self.comment_patcher = mock.patch(
                         'rhodecode.model.changeset_status.ChangesetStatusModel.set_status')
                     self.comment_patcher.start()
                     self.notification_patcher = mock.patch(
                         'rhodecode.model.notification.NotificationModel.create')
                     self.notification_patcher.start()
                     self.helper_patcher = mock.patch(
                         'rhodecode.lib.helpers.route_path')
                     self.helper_patcher.start()
                     self.hook_patcher = mock.patch.object(PullRequestModel,
                                                           'trigger_pull_request_hook')
                     self.hook_mock = self.hook_patcher.start()
                     self.invalidation_patcher = mock.patch(
                         'rhodecode.model.pull_request.ScmModel.mark_for_invalidation')
                     self.invalidation_mock = self.invalidation_patcher.start()
                     self.pull_request = pr_util.create_pull_request(
                         mergeable=True, name_suffix=u'ąć')
                     self.source_commit = self.pull_request.source_ref_parts.commit_id
                     self.target_commit = self.pull_request.target_ref_parts.commit_id
                     self.workspace_id = 'pr-%s' % self.pull_request.pull_request_id
                     self.repo_id = self.pull_request.target_repo.repo_id
                     @request.addfinalizer
                     def cleanup_pull_request():
                         calls = [mock.call(
                             self.pull_request, self.pull_request.author, 'create')]
                         self.hook_mock.assert_has_calls(calls)
                         self.workspace_remove_patcher.stop()
                         self.merge_patcher.stop()
                         self.comment_patcher.stop()
                         self.notification_patcher.stop()
                         self.helper_patcher.stop()
                         self.hook_patcher.stop()
                         self.invalidation_patcher.stop()
                     return self.pull_request
                 def test_get_all(self, pull_request):
                     prs = PullRequestModel().get_all(pull_request.target_repo)
                     assert isinstance(prs, list)
                     assert len(prs) == 1
                 def test_count_all(self, pull_request):
                     pr_count = PullRequestModel().count_all(pull_request.target_repo)
                     assert pr_count == 1
                 def test_get_awaiting_review(self, pull_request):
                     prs = PullRequestModel().get_awaiting_review(pull_request.target_repo)
                     assert isinstance(prs, list)
                     assert len(prs) == 1
                 def test_count_awaiting_review(self, pull_request):
                     pr_count = PullRequestModel().count_awaiting_review(
                         pull_request.target_repo)
                     assert pr_count == 1
                 def test_get_awaiting_my_review(self, pull_request):
                     PullRequestModel().update_reviewers(
                         pull_request, [(pull_request.author, ['author'], False, 'reviewer', [])],
                         pull_request.author)
                     Session().commit()
                     prs = PullRequestModel().get_awaiting_my_review(
                         pull_request.target_repo.repo_name, user_id=pull_request.author.user_id)
                     assert isinstance(prs, list)
                     assert len(prs) == 1
                 def test_count_awaiting_my_review(self, pull_request):
                     PullRequestModel().update_reviewers(
                         pull_request, [(pull_request.author, ['author'], False, 'reviewer', [])],
                         pull_request.author)
                     Session().commit()
                     pr_count = PullRequestModel().count_awaiting_my_review(
                         pull_request.target_repo.repo_name, user_id=pull_request.author.user_id)
                     assert pr_count == 1
                 def test_delete_calls_cleanup_merge(self, pull_request):
                     repo_id = pull_request.target_repo.repo_id
                     PullRequestModel().delete(pull_request, pull_request.author)
                     Session().commit()
                     self.workspace_remove_mock.assert_called_once_with(
                         repo_id, self.workspace_id)
                 def test_close_calls_cleanup_and_hook(self, pull_request):
                     PullRequestModel().close_pull_request(
                         pull_request, pull_request.author)
                     Session().commit()
                     repo_id = pull_request.target_repo.repo_id
                     self.workspace_remove_mock.assert_called_once_with(
                         repo_id, self.workspace_id)
                     self.hook_mock.assert_called_with(
                         self.pull_request, self.pull_request.author, 'close')
                 def test_merge_status(self, pull_request):
                     self.merge_mock.return_value = MergeResponse(
                         True, False, None, MergeFailureReason.NONE)
                     assert pull_request._last_merge_source_rev is None
                     assert pull_request._last_merge_target_rev is None
                     assert pull_request.last_merge_status is None
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is True
                     assert msg == 'This pull request can be automatically merged.'
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts, dry_run=True,
                         use_rebase=False, close_branch=False)
                     assert pull_request._last_merge_source_rev == self.source_commit
                     assert pull_request._last_merge_target_rev == self.target_commit
                     assert pull_request.last_merge_status is MergeFailureReason.NONE
                     self.merge_mock.reset_mock()
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is True
                     assert msg == 'This pull request can be automatically merged.'
                     assert self.merge_mock.called is False
                 def test_merge_status_known_failure(self, pull_request):
                     self.merge_mock.return_value = MergeResponse(
                         False, False, None, MergeFailureReason.MERGE_FAILED,
                         metadata={'unresolved_files': 'file1'})
                     assert pull_request._last_merge_source_rev is None
                     assert pull_request._last_merge_target_rev is None
                     assert pull_request.last_merge_status is None
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == 'This pull request cannot be merged because of merge conflicts. file1'
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts, dry_run=True,
                         use_rebase=False, close_branch=False)
                     assert pull_request._last_merge_source_rev == self.source_commit
                     assert pull_request._last_merge_target_rev == self.target_commit
                     assert pull_request.last_merge_status is MergeFailureReason.MERGE_FAILED
                     self.merge_mock.reset_mock()
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == 'This pull request cannot be merged because of merge conflicts. file1'
                     assert self.merge_mock.called is False
                 def test_merge_status_unknown_failure(self, pull_request):
                     self.merge_mock.return_value = MergeResponse(
                         False, False, None, MergeFailureReason.UNKNOWN,
                         metadata={'exception': 'MockError'})
                     assert pull_request._last_merge_source_rev is None
                     assert pull_request._last_merge_target_rev is None
                     assert pull_request.last_merge_status is None
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == (
                         'This pull request cannot be merged because of an unhandled exception. '
                         'MockError')
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts, dry_run=True,
                         use_rebase=False, close_branch=False)
                     assert pull_request._last_merge_source_rev is None
                     assert pull_request._last_merge_target_rev is None
                     assert pull_request.last_merge_status is None
                     self.merge_mock.reset_mock()
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == (
                         'This pull request cannot be merged because of an unhandled exception. '
                         'MockError')
                     assert self.merge_mock.called is True
                 def test_merge_status_when_target_is_locked(self, pull_request):
                     pull_request.target_repo.locked = [1, u'12345.50', 'lock_web']
                     merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == (
                         'This pull request cannot be merged because the target repository '
                         'is locked by user:1.')
                 def test_merge_status_requirements_check_target(self, pull_request):
                     def has_largefiles(self, repo):
                         return repo == pull_request.source_repo
                     patcher = mock.patch.object(PullRequestModel, '_has_largefiles', has_largefiles)
                     with patcher:
                         merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == 'Target repository large files support is disabled.'
                 def test_merge_status_requirements_check_source(self, pull_request):
                     def has_largefiles(self, repo):
                         return repo == pull_request.target_repo
                     patcher = mock.patch.object(PullRequestModel, '_has_largefiles', has_largefiles)
                     with patcher:
                         merge_response, status, msg = PullRequestModel().merge_status(pull_request)
                     assert status is False
                     assert msg == 'Source repository large files support is disabled.'
                 def test_merge(self, pull_request, merge_extras):
                     user = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN)
                     merge_ref = Reference(
                         'type', 'name', '6126b7bfcc82ad2d3deaee22af926b082ce54cc6')
                     self.merge_mock.return_value = MergeResponse(
                         True, True, merge_ref, MergeFailureReason.NONE)
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     PullRequestModel().merge_repo(
                         pull_request, pull_request.author, extras=merge_extras)
                     Session().commit()
                     message = (
                         u'Merge pull request !{pr_id} from {source_repo} {source_ref_name}'
                         u'\n\n {pr_title}'.format(
                             pr_id=pull_request.pull_request_id,
                             source_repo=safe_str(
                                 pull_request.source_repo.scm_instance().name),
                             source_ref_name=pull_request.source_ref_parts.name,
                             pr_title=safe_str(pull_request.title)
                         )
                     )
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts,
                         user_name=user.short_contact, user_email=user.email, message=message,
                         use_rebase=False, close_branch=False
                     )
                     self.invalidation_mock.assert_called_once_with(
                         pull_request.target_repo.repo_name)
                     self.hook_mock.assert_called_with(
                         self.pull_request, self.pull_request.author, 'merge')
                     pull_request = PullRequest.get(pull_request.pull_request_id)
                     assert pull_request.merge_rev == '6126b7bfcc82ad2d3deaee22af926b082ce54cc6'
                 def test_merge_with_status_lock(self, pull_request, merge_extras):
                     user = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN)
                     merge_ref = Reference(
                         'type', 'name', '6126b7bfcc82ad2d3deaee22af926b082ce54cc6')
                     self.merge_mock.return_value = MergeResponse(
                         True, True, merge_ref, MergeFailureReason.NONE)
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     with pull_request.set_state(PullRequest.STATE_UPDATING):
                         assert pull_request.pull_request_state == PullRequest.STATE_UPDATING
                         PullRequestModel().merge_repo(
                             pull_request, pull_request.author, extras=merge_extras)
                         Session().commit()
                     assert pull_request.pull_request_state == PullRequest.STATE_CREATED
                     message = (
                         u'Merge pull request !{pr_id} from {source_repo} {source_ref_name}'
                         u'\n\n {pr_title}'.format(
                             pr_id=pull_request.pull_request_id,
                             source_repo=safe_str(
                                 pull_request.source_repo.scm_instance().name),
                             source_ref_name=pull_request.source_ref_parts.name,
                             pr_title=safe_str(pull_request.title)
                         )
                     )
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts,
                         user_name=user.short_contact, user_email=user.email, message=message,
                         use_rebase=False, close_branch=False
                     )
                     self.invalidation_mock.assert_called_once_with(
                         pull_request.target_repo.repo_name)
                     self.hook_mock.assert_called_with(
                         self.pull_request, self.pull_request.author, 'merge')
                     pull_request = PullRequest.get(pull_request.pull_request_id)
                     assert pull_request.merge_rev == '6126b7bfcc82ad2d3deaee22af926b082ce54cc6'
                 def test_merge_failed(self, pull_request, merge_extras):
                     user = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN)
                     merge_ref = Reference(
                         'type', 'name', '6126b7bfcc82ad2d3deaee22af926b082ce54cc6')
                     self.merge_mock.return_value = MergeResponse(
                         False, False, merge_ref, MergeFailureReason.MERGE_FAILED)
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     PullRequestModel().merge_repo(
                         pull_request, pull_request.author, extras=merge_extras)
                     Session().commit()
                     message = (
                         u'Merge pull request !{pr_id} from {source_repo} {source_ref_name}'
                         u'\n\n {pr_title}'.format(
                             pr_id=pull_request.pull_request_id,
                             source_repo=safe_str(
                                 pull_request.source_repo.scm_instance().name),
                             source_ref_name=pull_request.source_ref_parts.name,
                             pr_title=safe_str(pull_request.title)
                         )
                     )
                     self.merge_mock.assert_called_with(
                         self.repo_id, self.workspace_id,
                         pull_request.target_ref_parts,
                         pull_request.source_repo.scm_instance(),
                         pull_request.source_ref_parts,
                         user_name=user.short_contact, user_email=user.email, message=message,
                         use_rebase=False, close_branch=False
                     )
                     pull_request = PullRequest.get(pull_request.pull_request_id)
                     assert self.invalidation_mock.called is False
                     assert pull_request.merge_rev is None
                 def test_get_commit_ids(self, pull_request):
                     # The PR has been not merged yet, so expect an exception
                     with pytest.raises(ValueError):
                         PullRequestModel()._get_commit_ids(pull_request)
                     # Merge revision is in the revisions list
                     pull_request.merge_rev = pull_request.revisions[0]
                     commit_ids = PullRequestModel()._get_commit_ids(pull_request)
                     assert commit_ids == pull_request.revisions
                     # Merge revision is not in the revisions list
                     pull_request.merge_rev = 'f000' * 10
                     commit_ids = PullRequestModel()._get_commit_ids(pull_request)
                     assert commit_ids == pull_request.revisions + [pull_request.merge_rev]
                 def test_get_diff_from_pr_version(self, pull_request):
                     source_repo = pull_request.source_repo
                     source_ref_id = pull_request.source_ref_parts.commit_id
                     target_ref_id = pull_request.target_ref_parts.commit_id
                     diff = PullRequestModel()._get_diff_from_pr_or_version(
                         source_repo, source_ref_id, target_ref_id,
                         hide_whitespace_changes=False, diff_context=6)
                     assert b'file_1' in diff.raw.tobytes()
                 def test_generate_title_returns_unicode(self):
                     title = PullRequestModel().generate_pullrequest_title(
                         source='source-dummy',
                         source_ref='source-ref-dummy',
                         target='target-dummy',
                     )
                     assert type(title) == str
                 @pytest.mark.parametrize('title, has_wip', [
                     ('hello', False),
                     ('hello wip', False),
                     ('hello wip: xxx', False),
                     ('[wip] hello', True),
                     ('[wip] hello', True),
                     ('wip: hello', True),
                     ('wip hello', True),
                 ])
                 def test_wip_title_marker(self, pull_request, title, has_wip):
                     pull_request.title = title
                     assert pull_request.work_in_progress == has_wip
             @pytest.mark.usefixtures('config_stub')
             class TestIntegrationMerge(object):
                 @pytest.mark.parametrize('extra_config', (
-                    {'vcs.hooks.protocol': 'http', 'vcs.hooks.direct_calls': False},
+                    {'vcs.hooks.protocol.v2': 'celery', 'vcs.hooks.direct_calls': False},
                 ))
                 def test_merge_triggers_push_hooks(
                         self, pr_util, user_admin, capture_rcextensions, merge_extras,
                         extra_config):
                     pull_request = pr_util.create_pull_request(
                         approved=True, mergeable=True)
                     # TODO: johbo: Needed for sqlite, try to find an automatic way for it
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     Session().commit()
                     with mock.patch.dict(rhodecode.CONFIG, extra_config, clear=False):
                         merge_state = PullRequestModel().merge_repo(
                             pull_request, user_admin, extras=merge_extras)
                         Session().commit()
                     assert merge_state.executed
                     assert '_pre_push_hook' in capture_rcextensions
                     assert '_push_hook' in capture_rcextensions
                 def test_merge_can_be_rejected_by_pre_push_hook(
                         self, pr_util, user_admin, capture_rcextensions, merge_extras):
                     pull_request = pr_util.create_pull_request(
                         approved=True, mergeable=True)
                     # TODO: johbo: Needed for sqlite, try to find an automatic way for it
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     Session().commit()
                     with mock.patch('rhodecode.EXTENSIONS.PRE_PUSH_HOOK') as pre_pull:
                         pre_pull.side_effect = RepositoryError("Disallow push!")
                         merge_status = PullRequestModel().merge_repo(
                             pull_request, user_admin, extras=merge_extras)
                         Session().commit()
                     assert not merge_status.executed
                     assert 'pre_push' not in capture_rcextensions
                     assert 'post_push' not in capture_rcextensions
                 def test_merge_fails_if_target_is_locked(
                         self, pr_util, user_regular, merge_extras):
                     pull_request = pr_util.create_pull_request(
                         approved=True, mergeable=True)
                     locked_by = [user_regular.user_id + 1, 12345.50, 'lock_web']
                     pull_request.target_repo.locked = locked_by
                     # TODO: johbo: Check if this can work based on the database, currently
                     # all data is pre-computed, that's why just updating the DB is not
                     # enough.
                     merge_extras['locked_by'] = locked_by
                     merge_extras['repository'] = pull_request.target_repo.repo_name
                     # TODO: johbo: Needed for sqlite, try to find an automatic way for it
                     Session().commit()
                     merge_status = PullRequestModel().merge_repo(
                         pull_request, user_regular, extras=merge_extras)
                     Session().commit()
                     assert not merge_status.executed
             @pytest.mark.parametrize('use_outdated, inlines_count, outdated_count', [
                 (False, 1, 0),
                 (True, 0, 1),
             ])
             def test_outdated_comments(
                     pr_util, use_outdated, inlines_count, outdated_count, config_stub):
                 pull_request = pr_util.create_pull_request()
                 pr_util.create_inline_comment(file_path='not_in_updated_diff')
                 with outdated_comments_patcher(use_outdated) as outdated_comment_mock:
                     pr_util.add_one_commit()
                     assert_inline_comments(
                         pull_request, visible=inlines_count, outdated=outdated_count)
                 outdated_comment_mock.assert_called_with(pull_request)
             @pytest.mark.parametrize('mr_type, expected_msg', [
                 (MergeFailureReason.NONE,
                  'This pull request can be automatically merged.'),
                 (MergeFailureReason.UNKNOWN,
                  'This pull request cannot be merged because of an unhandled exception. CRASH'),
                 (MergeFailureReason.MERGE_FAILED,
                  'This pull request cannot be merged because of merge conflicts. CONFLICT_FILE'),
                 (MergeFailureReason.PUSH_FAILED,
                  'This pull request could not be merged because push to target:`some-repo@merge_commit` failed.'),
                 (MergeFailureReason.TARGET_IS_NOT_HEAD,
                  'This pull request cannot be merged because the target `ref_name` is not a head.'),
                 (MergeFailureReason.HG_SOURCE_HAS_MORE_BRANCHES,
                  'This pull request cannot be merged because the source contains more branches than the target.'),
                 (MergeFailureReason.HG_TARGET_HAS_MULTIPLE_HEADS,
                  'This pull request cannot be merged because the target `ref_name` has multiple heads: `a,b,c`.'),
                 (MergeFailureReason.TARGET_IS_LOCKED,
                  'This pull request cannot be merged because the target repository is locked by user:123.'),
                 (MergeFailureReason.MISSING_TARGET_REF,
                  'This pull request cannot be merged because the target reference `ref_name` is missing.'),
                 (MergeFailureReason.MISSING_SOURCE_REF,
                  'This pull request cannot be merged because the source reference `ref_name` is missing.'),
                 (MergeFailureReason.SUBREPO_MERGE_FAILED,
                  'This pull request cannot be merged because of conflicts related to sub repositories.'),
             ])
             def test_merge_response_message(mr_type, expected_msg):
                 merge_ref = Reference('type', 'ref_name', '6126b7bfcc82ad2d3deaee22af926b082ce54cc6')
                 metadata = {
                     'unresolved_files': 'CONFLICT_FILE',
                     'exception': "CRASH",
                     'target': 'some-repo',
                     'merge_commit': 'merge_commit',
                     'target_ref': merge_ref,
                     'source_ref': merge_ref,
                     'heads': ','.join(['a', 'b', 'c']),
                     'locked_by': 'user:123'
                 }
                 merge_response = MergeResponse(True, True, merge_ref, mr_type, metadata=metadata)
                 assert merge_response.merge_status_message == expected_msg
             @pytest.fixture()
             def merge_extras(user_regular):
                 """
                 Context for the vcs operation when running a merge.
                 """
                 extras = {
                     'ip': '127.0.0.1',
                     'username': user_regular.username,
                     'user_id': user_regular.user_id,
                     'action': 'push',
                     'repository': 'fake_target_repo_name',
                     'scm': 'git',
                     'config': 'fake_config_ini_path',
                     'repo_store': '',
                     'make_lock': None,
                     'locked_by': [None, None, None],
                     'server_url': 'http://test.example.com:5000',
                     'hooks': ['push', 'pull'],
                     'is_shadow_repo': False,
                 }
                 return extras
             @pytest.mark.usefixtures('config_stub')
             class TestUpdateCommentHandling(object):
                 @pytest.fixture(autouse=True, scope='class')
                 def enable_outdated_comments(self, request, baseapp):
                     config_patch = mock.patch.dict(
                         'rhodecode.CONFIG', {'rhodecode_use_outdated_comments': True})
                     config_patch.start()
                     @request.addfinalizer
                     def cleanup():
                         config_patch.stop()
                 def test_comment_stays_unflagged_on_unchanged_diff(self, pr_util):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [FileNode(b'file_b', b'test_content\n')]},
                         {'message': 'c', 'added': [FileNode(b'file_c', b'test_content\n')]},
                     ]
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'])
                     pr_util.create_inline_comment(file_path='file_b')
                     pr_util.add_one_commit(head='c')
                     assert_inline_comments(pull_request, visible=1, outdated=0)
                 def test_comment_stays_unflagged_on_change_above(self, pr_util):
                     original_content = b''.join((b'line %d\n' % x for x in range(1, 11)))
                     updated_content = b'new_line_at_top\n' + original_content
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [FileNode(b'file_b', original_content)]},
                         {'message': 'c', 'changed': [FileNode(b'file_b', updated_content)]},
                     ]
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'])
                     with outdated_comments_patcher():
                         comment = pr_util.create_inline_comment(
                             line_no=u'n8', file_path='file_b')
                         pr_util.add_one_commit(head='c')
                     assert_inline_comments(pull_request, visible=1, outdated=0)
                     assert comment.line_no == u'n9'
                 def test_comment_stays_unflagged_on_change_below(self, pr_util):
                     original_content = b''.join([b'line %d\n' % x for x in range(10)])
                     updated_content = original_content + b'new_line_at_end\n'
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [FileNode(b'file_b', original_content)]},
                         {'message': 'c', 'changed': [FileNode(b'file_b', updated_content)]},
                     ]
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'])
                     pr_util.create_inline_comment(file_path='file_b')
                     pr_util.add_one_commit(head='c')
                     assert_inline_comments(pull_request, visible=1, outdated=0)
                 @pytest.mark.parametrize('line_no', ['n4', 'o4', 'n10', 'o9'])
                 def test_comment_flagged_on_change_around_context(self, pr_util, line_no):
                     base_lines = [b'line %d\n' % x for x in range(1, 13)]
                     change_lines = list(base_lines)
                     change_lines.insert(6, b'line 6a added\n')
                     # Changes on the last line of sight
                     update_lines = list(change_lines)
                     update_lines[0] = b'line 1 changed\n'
                     update_lines[-1] = b'line 12 changed\n'
                     def file_b(lines):
                         return FileNode(b'file_b', b''.join(lines))
                     commits = [
                         {'message': 'a', 'added': [file_b(base_lines)]},
                         {'message': 'b', 'changed': [file_b(change_lines)]},
                         {'message': 'c', 'changed': [file_b(update_lines)]},
                     ]
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'])
                     pr_util.create_inline_comment(line_no=line_no, file_path='file_b')
                     with outdated_comments_patcher():
                         pr_util.add_one_commit(head='c')
                         assert_inline_comments(pull_request, visible=0, outdated=1)
                 @pytest.mark.parametrize("change, content", [
                     ('changed', b'changed\n'),
                     ('removed', b''),
                 ], ids=['changed', b'removed'])
                 def test_comment_flagged_on_change(self, pr_util, change, content):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [FileNode(b'file_b', b'test_content\n')]},
                         {'message': 'c', change: [FileNode(b'file_b', content)]},
                     ]
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'])
                     pr_util.create_inline_comment(file_path='file_b')
                     with outdated_comments_patcher():
                         pr_util.add_one_commit(head='c')
                         assert_inline_comments(pull_request, visible=0, outdated=1)
             @pytest.mark.usefixtures('config_stub')
             class TestUpdateChangedFiles(object):
                 def test_no_changes_on_unchanged_diff(self, pr_util):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b',
                          'added': [FileNode(b'file_b', b'test_content b\n')]},
                         {'message': 'c',
                          'added': [FileNode(b'file_c', b'test_content c\n')]},
                     ]
                     # open a PR from a to b, adding file_b
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'],
                         name_suffix='per-file-review')
                     # modify PR adding new file file_c
                     pr_util.add_one_commit(head='c')
                     assert_pr_file_changes(
                         pull_request,
                         added=['file_c'],
                         modified=[],
                         removed=[])
                 def test_modify_and_undo_modification_diff(self, pr_util):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b',
                          'added': [FileNode(b'file_b', b'test_content b\n')]},
                         {'message': 'c',
                          'changed': [FileNode(b'file_b', b'test_content b modified\n')]},
                         {'message': 'd',
                          'changed': [FileNode(b'file_b', b'test_content b\n')]},
                     ]
                     # open a PR from a to b, adding file_b
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'],
                         name_suffix='per-file-review')
                     # modify PR modifying file file_b
                     pr_util.add_one_commit(head='c')
                     assert_pr_file_changes(
                         pull_request,
                         added=[],
                         modified=['file_b'],
                         removed=[])
                     # move the head again to d, which rollbacks change,
                     # meaning we should indicate no changes
                     pr_util.add_one_commit(head='d')
                     assert_pr_file_changes(
                         pull_request,
                         added=[],
                         modified=[],
                         removed=[])
                 def test_updated_all_files_in_pr(self, pr_util):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [
                             FileNode(b'file_a', b'test_content a\n'),
                             FileNode(b'file_b', b'test_content b\n'),
                             FileNode(b'file_c', b'test_content c\n')]},
                         {'message': 'c', 'changed': [
                             FileNode(b'file_a', b'test_content a changed\n'),
                             FileNode(b'file_b', b'test_content b changed\n'),
                             FileNode(b'file_c', b'test_content c changed\n')]},
                     ]
                     # open a PR from a to b, changing 3 files
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'],
                         name_suffix='per-file-review')
                     pr_util.add_one_commit(head='c')
                     assert_pr_file_changes(
                         pull_request,
                         added=[],
                         modified=['file_a', 'file_b', 'file_c'],
                         removed=[])
                 def test_updated_and_removed_all_files_in_pr(self, pr_util):
                     commits = [
                         {'message': 'a'},
                         {'message': 'b', 'added': [
                             FileNode(b'file_a', b'test_content a\n'),
                             FileNode(b'file_b', b'test_content b\n'),
                             FileNode(b'file_c', b'test_content c\n')]},
                         {'message': 'c', 'removed': [
                             FileNode(b'file_a', b'test_content a changed\n'),
                             FileNode(b'file_b', b'test_content b changed\n'),
                             FileNode(b'file_c', b'test_content c changed\n')]},
                     ]
                     # open a PR from a to b, removing 3 files
                     pull_request = pr_util.create_pull_request(
                         commits=commits, target_head='a', source_head='b', revisions=['b'],
                         name_suffix='per-file-review')
                     pr_util.add_one_commit(head='c')
                     assert_pr_file_changes(
                         pull_request,
                         added=[],
                         modified=[],
                         removed=['file_a', 'file_b', 'file_c'])
             def test_update_writes_snapshot_into_pull_request_version(pr_util, config_stub):
                 model = PullRequestModel()
                 pull_request = pr_util.create_pull_request()
                 pr_util.update_source_repository()
                 model.update_commits(pull_request, pull_request.author)
                 # Expect that it has a version entry now
                 assert len(model.get_versions(pull_request)) == 1
             def test_update_skips_new_version_if_unchanged(pr_util, config_stub):
                 pull_request = pr_util.create_pull_request()
                 model = PullRequestModel()
                 model.update_commits(pull_request, pull_request.author)
                 # Expect that it still has no versions
                 assert len(model.get_versions(pull_request)) == 0
             def test_update_assigns_comments_to_the_new_version(pr_util, config_stub):
                 model = PullRequestModel()
                 pull_request = pr_util.create_pull_request()
                 comment = pr_util.create_comment()
                 pr_util.update_source_repository()
                 model.update_commits(pull_request, pull_request.author)
                 # Expect that the comment is linked to the pr version now
                 assert comment.pull_request_version == model.get_versions(pull_request)[0]
             def test_update_adds_a_comment_to_the_pull_request_about_the_change(pr_util, config_stub):
                 model = PullRequestModel()
                 pull_request = pr_util.create_pull_request()
                 pr_util.update_source_repository()
                 pr_util.update_source_repository()
                 update_response = model.update_commits(pull_request, pull_request.author)
                 commit_id = update_response.common_ancestor_id
                 # Expect to find a new comment about the change
                 expected_message = textwrap.dedent(
                     """\
                     Pull request updated. Auto status change to |under_review|
                     .. role:: added
                     .. role:: removed
                     .. parsed-literal::
                       Changed commits:
                         * :added:`1 added`
                         * :removed:`0 removed`
                       Changed files:
                         * `A file_2 <#a_c-{}-92ed3b5f07b4>`_
                     .. |under_review| replace:: *"Under Review"*"""
                 ).format(commit_id[:12])
                 pull_request_comments = sorted(
                     pull_request.comments, key=lambda c: c.modified_at)
                 update_comment = pull_request_comments[-1]
                 assert update_comment.text == expected_message
             def test_create_version_from_snapshot_updates_attributes(pr_util, config_stub):
                 pull_request = pr_util.create_pull_request()
                 # Avoiding default values
                 pull_request.status = PullRequest.STATUS_CLOSED
                 pull_request._last_merge_source_rev = "0" * 40
                 pull_request._last_merge_target_rev = "1" * 40
                 pull_request.last_merge_status = 1
                 pull_request.merge_rev = "2" * 40
                 # Remember automatic values
                 created_on = pull_request.created_on
                 updated_on = pull_request.updated_on
                 # Create a new version of the pull request
                 version = PullRequestModel()._create_version_from_snapshot(pull_request)
                 # Check attributes
                 assert version.title == pr_util.create_parameters['title']
                 assert version.description == pr_util.create_parameters['description']
                 assert version.status == PullRequest.STATUS_CLOSED
                 # versions get updated created_on
                 assert version.created_on != created_on
                 assert version.updated_on == updated_on
                 assert version.user_id == pull_request.user_id
                 assert version.revisions == pr_util.create_parameters['revisions']
                 assert version.source_repo == pr_util.source_repository
                 assert version.source_ref == pr_util.create_parameters['source_ref']
                 assert version.target_repo == pr_util.target_repository
                 assert version.target_ref == pr_util.create_parameters['target_ref']
                 assert version._last_merge_source_rev == pull_request._last_merge_source_rev
                 assert version._last_merge_target_rev == pull_request._last_merge_target_rev
                 assert version.last_merge_status == pull_request.last_merge_status
                 assert version.merge_rev == pull_request.merge_rev
                 assert version.pull_request == pull_request
             def test_link_comments_to_version_only_updates_unlinked_comments(pr_util, config_stub):
                 version1 = pr_util.create_version_of_pull_request()
                 comment_linked = pr_util.create_comment(linked_to=version1)
                 comment_unlinked = pr_util.create_comment()
                 version2 = pr_util.create_version_of_pull_request()
                 PullRequestModel()._link_comments_to_version(version2)
                 Session().commit()
                 # Expect that only the new comment is linked to version2
                 assert (
                     comment_unlinked.pull_request_version_id ==
                     version2.pull_request_version_id)
                 assert (
                     comment_linked.pull_request_version_id ==
                     version1.pull_request_version_id)
                 assert (
                     comment_unlinked.pull_request_version_id !=
                     comment_linked.pull_request_version_id)
             def test_calculate_commits():
                 old_ids = [1, 2, 3]
                 new_ids = [1, 3, 4, 5]
                 change = PullRequestModel()._calculate_commit_id_changes(old_ids, new_ids)
                 assert change.added == [4, 5]
                 assert change.common == [1, 3]
                 assert change.removed == [2]
                 assert change.total == [1, 3, 4, 5]
             def assert_inline_comments(pull_request, visible=None, outdated=None):
                 if visible is not None:
                     inline_comments = CommentsModel().get_inline_comments(
                         pull_request.target_repo.repo_id, pull_request=pull_request)
                     inline_cnt = len(CommentsModel().get_inline_comments_as_list(
                         inline_comments))
                     assert inline_cnt == visible
                 if outdated is not None:
                     outdated_comments = CommentsModel().get_outdated_comments(
                         pull_request.target_repo.repo_id, pull_request)
                     assert len(outdated_comments) == outdated
             def assert_pr_file_changes(
                     pull_request, added=None, modified=None, removed=None):
                 pr_versions = PullRequestModel().get_versions(pull_request)
                 # always use first version, ie original PR to calculate changes
                 pull_request_version = pr_versions[0]
                 old_diff_data, new_diff_data = PullRequestModel()._generate_update_diffs(
                     pull_request, pull_request_version)
                 file_changes = PullRequestModel()._calculate_file_changes(
                     old_diff_data, new_diff_data)
                 assert added == file_changes.added, \
                     'expected added:%s vs value:%s' % (added, file_changes.added)
                 assert modified == file_changes.modified, \
                     'expected modified:%s vs value:%s' % (modified, file_changes.modified)
                 assert removed == file_changes.removed, \
                     'expected removed:%s vs value:%s' % (removed, file_changes.removed)
             def outdated_comments_patcher(use_outdated=True):
                 return mock.patch.object(
                     CommentsModel, 'use_outdated_comments',
                     return_value=use_outdated)

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages