rhodecode-enterprise-ce Commit - r5433:d96689c8

feat(archive-cache): implemented s3 based backend for filecaches

super-admin -

r5433:d96689c8 default

parent child

rhodecode/lib/archive_cache/backends/__init__.py

0 created 644 +17 0

@@ -0,0 +1,17 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/

rhodecode/lib/archive_cache/backends/base.py

0 created 644 +348 0

@@ -0,0 +1,348 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19	import os
	20	import functools
	21	import logging
	22	import typing
	23	import time
	24	import zlib
	25
	26	from ...ext_json import json
	27	from ..utils import StatsDB, NOT_GIVEN, ShardFileReader, EVICTION_POLICY, format_size
	28	from ..lock import GenerationLock
	29
	30	log = logging.getLogger(__name__)
	31
	32
	33	class BaseShard:
	34	storage_type: str = ''
	35	fs = None
	36
	37	@classmethod
	38	def hash(cls, key):
	39	"""Compute portable hash for `key`.
	40
	41	:param key: key to hash
	42	:return: hash value
	43
	44	"""
	45	mask = 0xFFFFFFFF
	46	return zlib.adler32(key.encode('utf-8')) & mask # noqa
	47
	48	def _write_file(self, full_path, read_iterator, mode):
	49	raise NotImplementedError
	50
	51	def _get_keyfile(self, key):
	52	raise NotImplementedError
	53
	54	def random_filename(self):
	55	raise NotImplementedError
	56
	57	def _store(self, key, value_reader, metadata, mode):
	58	(filename, # hash-name
	59	full_path # full-path/hash-name
	60	) = self.random_filename()
	61
	62	key_file, key_file_path = self._get_keyfile(key)
	63
	64	# STORE METADATA
	65	_metadata = {
	66	"version": "v1",
	67
	68	"key_file": key_file, # this is the .key.json file storing meta
	69	"key_file_path": key_file_path, # full path to key_file
	70	"archive_key": key, # original name we stored archive under, e.g my-archive.zip
	71	"archive_filename": filename, # the actual filename we stored that file under
	72	"archive_full_path": full_path,
	73
	74	"store_time": time.time(),
	75	"access_count": 0,
	76	"access_time": 0,
	77
	78	"size": 0
	79	}
	80	if metadata:
	81	_metadata.update(metadata)
	82
	83	read_iterator = iter(functools.partial(value_reader.read, 2**22), b'')
	84	size, sha256 = self._write_file(full_path, read_iterator, mode)
	85	_metadata['size'] = size
	86	_metadata['sha256'] = sha256
	87
	88	# after archive is finished, we create a key to save the presence of the binary file
	89	with self.fs.open(key_file_path, 'wb') as f:
	90	f.write(json.dumps(_metadata))
	91
	92	return key, filename, size, _metadata
	93
	94	def _fetch(self, key, retry, retry_attempts, retry_backoff):
	95	if retry is NOT_GIVEN:
	96	retry = False
	97	if retry_attempts is NOT_GIVEN:
	98	retry_attempts = 0
	99
	100	if retry and retry_attempts > 0:
	101	for attempt in range(1, retry_attempts + 1):
	102	if key in self:
	103	break
	104	# we didn't find the key, wait retry_backoff N seconds, and re-check
	105	time.sleep(retry_backoff)
	106
	107	if key not in self:
	108	log.exception(f'requested key={key} not found in {self} retry={retry}, attempts={retry_attempts}')
	109	raise KeyError(key)
	110
	111	key_file, key_file_path = self._get_keyfile(key)
	112	with self.fs.open(key_file_path, 'rb') as f:
	113	metadata = json.loads(f.read())
	114
	115	archive_path = metadata['archive_full_path']
	116
	117	try:
	118	return ShardFileReader(self.fs.open(archive_path, 'rb')), metadata
	119	finally:
	120	# update usage stats, count and accessed
	121	metadata["access_count"] = metadata.get("access_count", 0) + 1
	122	metadata["access_time"] = time.time()
	123	log.debug('Updated %s with access snapshot, access_count=%s access_time=%s',
	124	key_file, metadata['access_count'], metadata['access_time'])
	125	with self.fs.open(key_file_path, 'wb') as f:
	126	f.write(json.dumps(metadata))
	127
	128	def _remove(self, key):
	129	if key not in self:
	130	log.exception(f'requested key={key} not found in {self}')
	131	raise KeyError(key)
	132
	133	key_file, key_file_path = self._get_keyfile(key)
	134	with self.fs.open(key_file_path, 'rb') as f:
	135	metadata = json.loads(f.read())
	136
	137	archive_path = metadata['archive_full_path']
	138	self.fs.rm(archive_path)
	139	self.fs.rm(key_file_path)
	140	return 1
	141
	142	@property
	143	def storage_medium(self):
	144	return getattr(self, self.storage_type)
	145
	146	@property
	147	def key_suffix(self):
	148	return 'key.json'
	149
	150	def __contains__(self, key):
	151	"""Return `True` if `key` matching item is found in cache.
	152
	153	:param key: key matching item
	154	:return: True if key matching item
	155
	156	"""
	157	key_file, key_file_path = self._get_keyfile(key)
	158	return self.fs.exists(key_file_path)
	159
	160
	161	class BaseCache:
	162	_locking_url: str = ''
	163	_storage_path: str = ''
	164	_config = {}
	165	retry = False
	166	retry_attempts = 0
	167	retry_backoff = 1
	168	_shards = tuple()
	169
	170	def __contains__(self, key):
	171	"""Return `True` if `key` matching item is found in cache.
	172
	173	:param key: key matching item
	174	:return: True if key matching item
	175
	176	"""
	177	return self.has_key(key)
	178
	179	def __repr__(self):
	180	return f'<{self.__class__.__name__}(storage={self._storage_path})>'
	181
	182	@classmethod
	183	def gb_to_bytes(cls, gb):
	184	return gb * (1024 ** 3)
	185
	186	@property
	187	def storage_path(self):
	188	return self._storage_path
	189
	190	@classmethod
	191	def get_stats_db(cls):
	192	return StatsDB()
	193
	194	def get_conf(self, key, pop=False):
	195	if key not in self._config:
	196	raise ValueError(f"No configuration key '{key}', please make sure it exists in archive_cache config")
	197	val = self._config[key]
	198	if pop:
	199	del self._config[key]
	200	return val
	201
	202	def _get_shard(self, key):
	203	raise NotImplementedError
	204
	205	def _get_size(self, shard, archive_path):
	206	raise NotImplementedError
	207
	208	def store(self, key, value_reader, metadata=None):
	209	shard = self._get_shard(key)
	210	return shard.store(key, value_reader, metadata)
	211
	212	def fetch(self, key, retry=NOT_GIVEN, retry_attempts=NOT_GIVEN) -> tuple[typing.BinaryIO, dict]:
	213	"""
	214	Return file handle corresponding to `key` from specific shard cache.
	215	"""
	216	if retry is NOT_GIVEN:
	217	retry = self.retry
	218	if retry_attempts is NOT_GIVEN:
	219	retry_attempts = self.retry_attempts
	220	retry_backoff = self.retry_backoff
	221
	222	shard = self._get_shard(key)
	223	return shard.fetch(key, retry=retry, retry_attempts=retry_attempts, retry_backoff=retry_backoff)
	224
	225	def remove(self, key):
	226	shard = self._get_shard(key)
	227	return shard.remove(key)
	228
	229	def has_key(self, archive_key):
	230	"""Return `True` if `key` matching item is found in cache.
	231
	232	:param archive_key: key for item, this is a unique archive name we want to store data under. e.g my-archive-svn.zip
	233	:return: True if key is found
	234
	235	"""
	236	shard = self._get_shard(archive_key)
	237	return archive_key in shard
	238
	239	def iter_keys(self):
	240	for shard in self._shards:
	241	if shard.fs.exists(shard.storage_medium):
	242	for path, _dirs, _files in shard.fs.walk(shard.storage_medium):
	243	for key_file_path in _files:
	244	if key_file_path.endswith(shard.key_suffix):
	245	yield shard, key_file_path
	246
	247	def get_lock(self, lock_key):
	248	return GenerationLock(lock_key, self._locking_url)
	249
	250	def evict(self, policy=None, size_limit=None) -> int:
	251	"""
	252	Remove old items based on the conditions
	253
	254
	255	explanation of this algo:
	256	iterate over each shard, then for each shard iterate over the .key files
	257	read the key files metadata stored. This gives us a full list of keys, cached_archived, their size and
	258	access data, time creation, and access counts.
	259
	260	Store that into a memory DB so we can run different sorting strategies easily.
	261	Summing the size is a sum sql query.
	262
	263	Then we run a sorting strategy based on eviction policy.
	264	We iterate over sorted keys, and remove each checking if we hit the overall limit.
	265	"""
	266
	267	policy = policy or self._eviction_policy
	268	size_limit = size_limit or self._cache_size_limit
	269
	270	select_policy = EVICTION_POLICY[policy]['evict']
	271
	272	log.debug('Running eviction policy \'%s\', and checking for size limit: %s',
	273	policy, format_size(size_limit))
	274
	275	if select_policy is None:
	276	return 0
	277
	278	db = self.get_stats_db()
	279
	280	data = []
	281	cnt = 1
	282
	283	for shard, key_file in self.iter_keys():
	284	with shard.fs.open(os.path.join(shard.storage_medium, key_file), 'rb') as f:
	285	metadata = json.loads(f.read())
	286
	287	key_file_path = os.path.join(shard.storage_medium, key_file)
	288
	289	archive_key = metadata['archive_key']
	290	archive_path = metadata['archive_full_path']
	291
	292	size = metadata.get('size')
	293	if not size:
	294	# in case we don't have size re-calc it...
	295	size = self._get_size(shard, archive_path)
	296
	297	data.append([
	298	cnt,
	299	key_file,
	300	key_file_path,
	301	archive_key,
	302	archive_path,
	303	metadata.get('store_time', 0),
	304	metadata.get('access_time', 0),
	305	metadata.get('access_count', 0),
	306	size,
	307	])
	308	cnt += 1
	309
	310	# Insert bulk data using executemany
	311	db.bulk_insert(data)
	312
	313	total_size = db.get_total_size()
	314	log.debug('Analyzed %s keys, occupying: %s, running eviction to match %s',
	315	len(data), format_size(total_size), format_size(size_limit))
	316
	317	removed_items = 0
	318	removed_size = 0
	319	for key_file, archive_key, size in db.get_sorted_keys(select_policy):
	320	# simulate removal impact BEFORE removal
	321	total_size -= size
	322
	323	if total_size <= size_limit:
	324	# we obtained what we wanted...
	325	break
	326
	327	self.remove(archive_key)
	328	removed_items += 1
	329	removed_size += size
	330
	331	log.debug('Removed %s cache archives, and reduced size by: %s',
	332	removed_items, format_size(removed_size))
	333	return removed_items
	334
	335	def get_statistics(self):
	336	total_files = 0
	337	total_size = 0
	338	meta = {}
	339
	340	for shard, key_file in self.iter_keys():
	341	json_key = f"{shard.storage_medium}/{key_file}"
	342	with shard.fs.open(json_key, 'rb') as f:
	343	total_files += 1
	344	metadata = json.loads(f.read())
	345	total_size += metadata['size']
	346
	347	return total_files, total_size, meta
	348

rhodecode/lib/archive_cache/backends/objectstore_cache.py

0 created 644 +150 0

@@ -0,0 +1,150 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19	import codecs
	20	import hashlib
	21	import logging
	22	import os
	23
	24	import fsspec
	25
	26	from .base import BaseCache, BaseShard
	27	from ..utils import ShardFileReader, NOT_GIVEN
	28	from ...type_utils import str2bool
	29
	30	log = logging.getLogger(__name__)
	31
	32
	33	class S3Shard(BaseShard):
	34
	35	def __init__(self, index, bucket, **settings):
	36	self._index = index
	37	self._bucket = bucket
	38	self.storage_type = 'bucket'
	39
	40	endpoint_url = settings.pop('archive_cache.objectstore.url')
	41	key = settings.pop('archive_cache.objectstore.key')
	42	secret = settings.pop('archive_cache.objectstore.secret')
	43
	44	self.fs = fsspec.filesystem('s3', anon=False, endpoint_url=endpoint_url, key=key, secret=secret)
	45
	46	@property
	47	def bucket(self):
	48	"""Cache bucket."""
	49	return self._bucket
	50
	51	def _get_keyfile(self, archive_key) -> tuple[str, str]:
	52	key_file = f'{archive_key}-{self.key_suffix}'
	53	return key_file, os.path.join(self.bucket, key_file)
	54
	55	def _get_writer(self, path, mode):
	56	return self.fs.open(path, 'wb')
	57
	58	def _write_file(self, full_path, iterator, mode):
	59	# ensure bucket exists
	60	destination = self.bucket
	61	if not self.fs.exists(destination):
	62	self.fs.mkdir(destination, s3_additional_kwargs={})
	63
	64	writer = self._get_writer(full_path, mode)
	65
	66	digest = hashlib.sha256()
	67	with writer:
	68	size = 0
	69	for chunk in iterator:
	70	size += len(chunk)
	71	digest.update(chunk)
	72	writer.write(chunk)
	73
	74	sha256 = digest.hexdigest()
	75	log.debug('written new archive cache under %s, sha256: %s', full_path, sha256)
	76	return size, sha256
	77
	78	def store(self, key, value_reader, metadata: dict \| None = None):
	79	return self._store(key, value_reader, metadata, mode='wb')
	80
	81	def fetch(self, key, retry=NOT_GIVEN, retry_attempts=NOT_GIVEN, retry_backoff=1) -> tuple[ShardFileReader, dict]:
	82	return self._fetch(key, retry, retry_attempts, retry_backoff)
	83
	84	def remove(self, key):
	85	return self._remove(key)
	86
	87	def random_filename(self):
	88	"""Return filename and full-path tuple for file storage.
	89
	90	Filename will be a randomly generated 28 character hexadecimal string
	91	with ".archive_cache" suffixed. Two levels of sub-directories will be used to
	92	reduce the size of directories. On older filesystems, lookups in
	93	directories with many files may be slow.
	94	"""
	95
	96	hex_name = codecs.encode(os.urandom(16), 'hex').decode('utf-8')
	97
	98	archive_name = hex_name[4:] + '.archive_cache'
	99	filename = f"{hex_name[:2]}-{hex_name[2:4]}-{archive_name}"
	100
	101	full_path = os.path.join(self.bucket, filename)
	102	return archive_name, full_path
	103
	104	def __repr__(self):
	105	return f'{self.__class__.__name__}(index={self._index}, bucket={self.bucket})'
	106
	107
	108	class ObjectStoreCache(BaseCache):
	109
	110	def __init__(self, locking_url, **settings):
	111	"""
	112	Initialize objectstore cache instance.
	113
	114	:param str locking_url: redis url for a lock
	115	:param settings: settings dict
	116
	117	"""
	118	self._locking_url = locking_url
	119	self._config = settings
	120
	121	objectstore_url = self.get_conf('archive_cache.objectstore.url')
	122	self._storage_path = objectstore_url
	123
	124	self._count = int(self.get_conf('archive_cache.objectstore.bucket_shards', pop=True))
	125
	126	self._eviction_policy = self.get_conf('archive_cache.objectstore.eviction_policy', pop=True)
	127	self._cache_size_limit = self.gb_to_bytes(int(self.get_conf('archive_cache.objectstore.cache_size_gb')))
	128
	129	self.retry = str2bool(self.get_conf('archive_cache.objectstore.retry', pop=True))
	130	self.retry_attempts = int(self.get_conf('archive_cache.objectstore.retry_attempts', pop=True))
	131	self.retry_backoff = int(self.get_conf('archive_cache.objectstore.retry_backoff', pop=True))
	132
	133	log.debug('Initializing archival cache instance under %s', objectstore_url)
	134	self._shards = tuple(
	135	S3Shard(
	136	index=num,
	137	bucket='rhodecode-archivecache-%03d' % num,
	138	**settings,
	139	)
	140	for num in range(self._count)
	141	)
	142	self._hash = self._shards[0].hash
	143
	144	def _get_shard(self, key) -> S3Shard:
	145	index = self._hash(key) % self._count
	146	shard = self._shards[index]
	147	return shard
	148
	149	def _get_size(self, shard, archive_path):
	150	return shard.fs.info(archive_path)['size']

rhodecode/tests/lib/test_archive_caches.py

0 created 644 +105 0

@@ -0,0 +1,105 b''
	1	# Copyright (C) 2016-2023 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19	import time
	20	import pytest
	21	import rhodecode
	22	import os
	23	import shutil
	24	from tempfile import mkdtemp
	25
	26	from rhodecode.lib import archive_cache
	27
	28
	29	def file_reader(temp_store):
	30	with open(temp_store, 'w') as f:
	31	for cnt in range(10000):
	32	f.write(str(cnt))
	33	return open(temp_store, 'rb')
	34
	35
	36	@pytest.fixture()
	37	def d_cache_instance(ini_settings):
	38	config = ini_settings
	39	d_cache = archive_cache.get_archival_cache_store(config=config, always_init=True)
	40	return d_cache
	41
	42
	43	@pytest.mark.usefixtures('app')
	44	class TestArchiveCaches(object):
	45
	46	def test_archivecache_empty_stats(self, d_cache_instance):
	47	d_cache = d_cache_instance
	48	shutil.rmtree(d_cache._directory)
	49
	50	stats = d_cache.get_statistics()
	51	assert (0, 0, {}) == stats
	52
	53	def test_archivecache_store_keys(self, d_cache_instance, tmp_path):
	54	d_cache = d_cache_instance
	55	shutil.rmtree(d_cache._directory)
	56
	57	for n in range(100):
	58
	59	archive_name = f'my-archive-abc-{n}.zip'
	60	temp_archive_path = os.path.join(tmp_path, archive_name)
	61	d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
	62	reader, meta = d_cache.fetch(archive_name)
	63	content = reader.read()
	64	assert content == open(temp_archive_path, 'rb').read()
	65
	66	stats = d_cache.get_statistics()
	67	assert (100, 3889000, {}) == stats
	68
	69	def test_archivecache_remove_keys(self, d_cache_instance, tmp_path):
	70	d_cache = d_cache_instance
	71	shutil.rmtree(d_cache._directory)
	72
	73	n = 1
	74	archive_name = f'my-archive-abc-{n}.zip'
	75	temp_archive_path = os.path.join(tmp_path, archive_name)
	76
	77	d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
	78	stats = d_cache.get_statistics()
	79	assert (1, 38890, {}) == stats
	80
	81	assert 1 == d_cache.remove(archive_name)
	82
	83	stats = d_cache.get_statistics()
	84	assert (0, 0, {}) == stats
	85
	86	def test_archivecache_evict_keys(self, d_cache_instance, tmp_path):
	87	d_cache = d_cache_instance
	88	shutil.rmtree(d_cache._directory)
	89	tries = 500
	90	for n in range(tries):
	91
	92	archive_name = f'my-archive-abc-{n}.zip'
	93	temp_archive_path = os.path.join(tmp_path, archive_name)
	94	d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
	95
	96	stats = d_cache.get_statistics()
	97	assert (tries, 19445000, {}) == stats
	98	evict_to = 0.005 # around (5mb)
	99	evicted_items = d_cache.evict(size_limit=d_cache.gb_to_bytes(evict_to))
	100	evicted = 361
	101	assert evicted == evicted_items
	102
	103	stats = d_cache.get_statistics()
	104	assert (tries - evicted, 5405710, {}) == stats
	105

configs/development.ini

0 +41 -9

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; #############
             ; DEBUG OPTIONS
             ; #############
             pyramid.reload_templates = true
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ; enable debug style page
             debug_style = true
             ; #################
             ; END DEBUG OPTIONS
             ; #################
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
-            ; Uncomment and set this path to control settings for archive download cache.
+            ; Redis url to acquire/check generation of archives locks
+            archive_cache.locking.url = redis://redis:6379/1
+            ; Storage backend, only 'filesystem' and 'objectstore' are available now
+            archive_cache.backend.type = filesystem
+            ; url for s3 compatible storage that allows to upload artifacts
+            ; e.g http://minio:9000
+            archive_cache.objectstore.url = http://s3-minio:9000
+            ; key for s3 auth
+            archive_cache.objectstore.key = key
+            ; secret for s3 auth
+            archive_cache.objectstore.secret = secret
+            ; number of sharded buckets to create to distribute archives across
+            ; default is 8 shards
+            archive_cache.objectstore.bucket_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.objectstore.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.objectstore.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.objectstore.retry_attempts = 10
+            ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
-            ; Redis url to acquire/check generation of archives locks
-            archive_cache.locking.url = redis://redis:6379/1
-            ; Storage backend, only 'filesystem' is available now
-            archive_cache.backend.type = filesystem
-            ; Default is $cache_dir/archive_cache if not set
             archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.filesystem.cache_size_gb = 1
             ; Eviction policy used to clear out after cache_size_gb limit is reached
             archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
+            ; default is 8 shards
             archive_cache.filesystem.cache_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.filesystem.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.filesystem.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter_sql
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

configs/production.ini

0 +41 -9

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = false
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
-            ; Uncomment and set this path to control settings for archive download cache.
+            ; Redis url to acquire/check generation of archives locks
+            archive_cache.locking.url = redis://redis:6379/1
+            ; Storage backend, only 'filesystem' and 'objectstore' are available now
+            archive_cache.backend.type = filesystem
+            ; url for s3 compatible storage that allows to upload artifacts
+            ; e.g http://minio:9000
+            archive_cache.objectstore.url = http://s3-minio:9000
+            ; key for s3 auth
+            archive_cache.objectstore.key = key
+            ; secret for s3 auth
+            archive_cache.objectstore.secret = secret
+            ; number of sharded buckets to create to distribute archives across
+            ; default is 8 shards
+            archive_cache.objectstore.bucket_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.objectstore.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.objectstore.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.objectstore.retry_attempts = 10
+            ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
-            ; Redis url to acquire/check generation of archives locks
-            archive_cache.locking.url = redis://redis:6379/1
-            ; Storage backend, only 'filesystem' is available now
-            archive_cache.backend.type = filesystem
-            ; Default is $cache_dir/archive_cache if not set
             archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.filesystem.cache_size_gb = 40
             ; Eviction policy used to clear out after cache_size_gb limit is reached
             archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
+            ; default is 8 shards
             archive_cache.filesystem.cache_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.filesystem.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.filesystem.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

requirements.txt

0 +29 0

             # deps, generated via pipdeptree --exclude setuptools,wheel,pipdeptree,pip -f | tr '[:upper:]' '[:lower:]'
             alembic==1.13.1
               mako==1.2.4
                 markupsafe==2.1.2
               sqlalchemy==1.4.52
                 greenlet==3.0.3
               typing_extensions==4.9.0
             async-timeout==4.0.3
             babel==2.12.1
             beaker==1.12.1
             celery==5.3.6
               billiard==4.2.0
               click==8.1.3
               click-didyoumean==0.3.0
                 click==8.1.3
               click-plugins==1.1.1
                 click==8.1.3
               click-repl==0.2.0
                 click==8.1.3
                 prompt-toolkit==3.0.38
                   wcwidth==0.2.6
                 six==1.16.0
               kombu==5.3.5
                 amqp==5.2.0
                   vine==5.1.0
                 vine==5.1.0
               python-dateutil==2.8.2
                 six==1.16.0
               tzdata==2024.1
               vine==5.1.0
             channelstream==0.7.1
               gevent==24.2.1
                 greenlet==3.0.3
                 zope.event==5.0.0
                 zope.interface==6.3.0
               itsdangerous==1.1.0
               marshmallow==2.18.0
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               pyramid-apispec==0.3.3
                 apispec==1.3.3
               pyramid-jinja2==2.10
                 jinja2==3.1.2
                   markupsafe==2.1.2
                 markupsafe==2.1.2
                 pyramid==2.0.2
                   hupper==1.12
                   plaster==1.1.2
                   plaster-pastedeploy==1.0.1
                     pastedeploy==3.1.0
                     plaster==1.1.2
                   translationstring==1.4
                   venusian==3.0.0
                   webob==1.8.7
                   zope.deprecation==5.0.0
                   zope.interface==6.3.0
                 zope.deprecation==5.0.0
               python-dateutil==2.8.2
                 six==1.16.0
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
               ws4py==0.5.1
             deform==2.0.15
               chameleon==3.10.2
               colander==2.0
                 iso8601==1.1.0
                 translationstring==1.4
               iso8601==1.1.0
               peppercorn==0.6
               translationstring==1.4
               zope.deprecation==5.0.0
             docutils==0.19
             dogpile.cache==1.3.3
               decorator==5.1.1
               stevedore==5.1.0
                 pbr==5.11.1
             formencode==2.1.0
               six==1.16.0
+            fsspec==2024.6.0
             gunicorn==21.2.0
               packaging==24.0
             gevent==24.2.1
               greenlet==3.0.3
               zope.event==5.0.0
               zope.interface==6.3.0
             ipython==8.14.0
               backcall==0.2.0
               decorator==5.1.1
               jedi==0.19.0
                 parso==0.8.3
               matplotlib-inline==0.1.6
                 traitlets==5.9.0
               pexpect==4.8.0
                 ptyprocess==0.7.0
               pickleshare==0.7.5
               prompt-toolkit==3.0.38
                 wcwidth==0.2.6
               pygments==2.15.1
               stack-data==0.6.2
                 asttokens==2.2.1
                   six==1.16.0
                 executing==1.2.0
                 pure-eval==0.2.2
               traitlets==5.9.0
             markdown==3.4.3
             msgpack==1.0.8
             mysqlclient==2.1.1
             nbconvert==7.7.3
               beautifulsoup4==4.12.3
                 soupsieve==2.5
               bleach==6.1.0
                 six==1.16.0
                 webencodings==0.5.1
               defusedxml==0.7.1
               jinja2==3.1.2
                 markupsafe==2.1.2
               jupyter_core==5.3.1
                 platformdirs==3.10.0
                 traitlets==5.9.0
               jupyterlab-pygments==0.2.2
               markupsafe==2.1.2
               mistune==2.0.5
               nbclient==0.8.0
                 jupyter_client==8.3.0
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.9.0
                   python-dateutil==2.8.2
                     six==1.16.0
                   pyzmq==25.0.0
                   tornado==6.2
                   traitlets==5.9.0
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.9.0
                 nbformat==5.9.2
                   fastjsonschema==2.18.0
                   jsonschema==4.18.6
                     attrs==22.2.0
                     pyrsistent==0.19.3
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.9.0
                   traitlets==5.9.0
                 traitlets==5.9.0
               nbformat==5.9.2
                 fastjsonschema==2.18.0
                 jsonschema==4.18.6
                   attrs==22.2.0
                   pyrsistent==0.19.3
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.9.0
                 traitlets==5.9.0
               pandocfilters==1.5.0
               pygments==2.15.1
               tinycss2==1.2.1
                 webencodings==0.5.1
               traitlets==5.9.0
             orjson==3.10.3
             paste==3.10.1
             premailer==3.10.0
               cachetools==5.3.3
               cssselect==1.2.0
               cssutils==2.6.0
               lxml==4.9.3
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
             psutil==5.9.8
             psycopg2==2.9.9
             py-bcrypt==0.4
             pycmarkgfm==1.2.0
               cffi==1.16.0
                 pycparser==2.21
             pycryptodome==3.17
             pycurl==7.45.3
             pymysql==1.0.3
             pyotp==2.8.0
             pyparsing==3.1.1
             pyramid-debugtoolbar==4.12.1
               pygments==2.15.1
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               pyramid-mako==1.1.0
                 mako==1.2.4
                   markupsafe==2.1.2
                 pyramid==2.0.2
                   hupper==1.12
                   plaster==1.1.2
                   plaster-pastedeploy==1.0.1
                     pastedeploy==3.1.0
                     plaster==1.1.2
                   translationstring==1.4
                   venusian==3.0.0
                   webob==1.8.7
                   zope.deprecation==5.0.0
                   zope.interface==6.3.0
             pyramid-mailer==0.15.1
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               repoze.sendmail==4.4.1
                 transaction==3.1.0
                   zope.interface==6.3.0
                 zope.interface==6.3.0
               transaction==3.1.0
                 zope.interface==6.3.0
             python-ldap==3.4.3
               pyasn1==0.4.8
               pyasn1-modules==0.2.8
                 pyasn1==0.4.8
             python-memcached==1.59
               six==1.16.0
             python-pam==2.0.2
             python3-saml==1.15.0
               isodate==0.6.1
                 six==1.16.0
               lxml==4.9.3
               xmlsec==1.3.13
                 lxml==4.9.3
             pyyaml==6.0.1
             redis==5.0.4
               async-timeout==4.0.3
             regex==2022.10.31
             routes==2.5.1
               repoze.lru==0.7
               six==1.16.0
+            s3fs==2024.6.0
+              aiobotocore==2.13.0
+                aiohttp==3.9.5
+                  aiosignal==1.3.1
+                    frozenlist==1.4.1
+                  attrs==22.2.0
+                  frozenlist==1.4.1
+                  multidict==6.0.5
+                  yarl==1.9.4
+                    idna==3.4
+                    multidict==6.0.5
+                aioitertools==0.11.0
+                botocore==1.34.106
+                  jmespath==1.0.1
+                  python-dateutil==2.8.2
+                    six==1.16.0
+                  urllib3==1.26.14
+                wrapt==1.16.0
+              aiohttp==3.9.5
+                aiosignal==1.3.1
+                  frozenlist==1.4.1
+                attrs==22.2.0
+                frozenlist==1.4.1
+                multidict==6.0.5
+                yarl==1.9.4
+                  idna==3.4
+                  multidict==6.0.5
+              fsspec==2024.6.0
             simplejson==3.19.2
             sshpubkeys==3.3.1
               cryptography==40.0.2
                 cffi==1.16.0
                   pycparser==2.21
               ecdsa==0.18.0
                 six==1.16.0
             sqlalchemy==1.4.52
               greenlet==3.0.3
               typing_extensions==4.9.0
             supervisor==4.2.5
             tzlocal==4.3
               pytz-deprecation-shim==0.1.0.post0
                 tzdata==2024.1
             tempita==0.5.2
             unidecode==1.3.6
             urlobject==2.4.3
             waitress==3.0.0
             webhelpers2==2.1
               markupsafe==2.1.2
               six==1.16.0
             whoosh==2.7.4
             zope.cachedescriptors==5.0.0
             qrcode==7.4.2
             ## uncomment to add the debug libraries
             #-r requirements_debug.txt

rhodecode/apps/repository/views/repo_files.py

0 +1 -1

             # Copyright (C) 2011-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import itertools
             import logging
             import os
             import collections
             import urllib.request
             import urllib.parse
             import urllib.error
             import pathlib
             import time
             import random
             from pyramid.httpexceptions import HTTPNotFound, HTTPBadRequest, HTTPFound
             from pyramid.renderers import render
             from pyramid.response import Response
             import rhodecode
             from rhodecode.apps._base import RepoAppView
             from rhodecode.lib import diffs, helpers as h, rc_cache
             from rhodecode.lib import audit_logger
             from rhodecode.lib.hash_utils import sha1_safe
-            from rhodecode.lib.rc_cache.archive_cache import (
+            from rhodecode.lib.archive_cache import (
                 get_archival_cache_store, get_archival_config, ArchiveCacheGenerationLock, archive_iterator)
             from rhodecode.lib.str_utils import safe_bytes, convert_special_chars
             from rhodecode.lib.view_utils import parse_path_ref
             from rhodecode.lib.exceptions import NonRelativePathError
             from rhodecode.lib.codeblocks import (
                 filenode_as_lines_tokens, filenode_as_annotated_lines_tokens)
             from rhodecode.lib.utils2 import convert_line_endings, detect_mode
             from rhodecode.lib.type_utils import str2bool
             from rhodecode.lib.str_utils import safe_str, safe_int
             from rhodecode.lib.auth import (
                 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
             from rhodecode.lib.vcs import path as vcspath
             from rhodecode.lib.vcs.backends.base import EmptyCommit
             from rhodecode.lib.vcs.conf import settings
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.lib.vcs.exceptions import (
                 RepositoryError, CommitDoesNotExistError, EmptyRepositoryError,
                 ImproperArchiveTypeError, VCSError, NodeAlreadyExistsError,
                 NodeDoesNotExistError, CommitError, NodeError)
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.db import Repository
             log = logging.getLogger(__name__)
             def get_archive_name(db_repo_id, db_repo_name, commit_sha, ext, subrepos=False, path_sha='', with_hash=True):
                 # original backward compat name of archive
                 clean_name = safe_str(convert_special_chars(db_repo_name).replace('/', '_'))
                 # e.g vcsserver-id-abcd-sub-1-abcfdef-archive-all.zip
                 # vcsserver-id-abcd-sub-0-abcfdef-COMMIT_SHA-PATH_SHA.zip
                 id_sha = sha1_safe(str(db_repo_id))[:4]
                 sub_repo = 'sub-1' if subrepos else 'sub-0'
                 commit = commit_sha if with_hash else 'archive'
                 path_marker = (path_sha if with_hash else '') or 'all'
                 archive_name = f'{clean_name}-id-{id_sha}-{sub_repo}-{commit}-{path_marker}{ext}'
                 return archive_name
             def get_path_sha(at_path):
                 return safe_str(sha1_safe(at_path)[:8])
             def _get_archive_spec(fname):
                 log.debug('Detecting archive spec for: `%s`', fname)
                 fileformat = None
                 ext = None
                 content_type = None
                 for a_type, content_type, extension in settings.ARCHIVE_SPECS:
                     if fname.endswith(extension):
                         fileformat = a_type
                         log.debug('archive is of type: %s', fileformat)
                         ext = extension
                         break
                 if not fileformat:
                     raise ValueError()
                 # left over part of whole fname is the commit
                 commit_id = fname[:-len(ext)]
                 return commit_id, ext, fileformat, content_type
             class RepoFilesView(RepoAppView):
                 @staticmethod
                 def adjust_file_path_for_svn(f_path, repo):
                     """
                     Computes the relative path of `f_path`.
                     This is mainly based on prefix matching of the recognized tags and
                     branches in the underlying repository.
                     """
                     tags_and_branches = itertools.chain(
                         repo.branches.keys(),
                         repo.tags.keys())
                     tags_and_branches = sorted(tags_and_branches, key=len, reverse=True)
                     for name in tags_and_branches:
                         if f_path.startswith(f'{name}/'):
                             f_path = vcspath.relpath(f_path, name)
                             break
                     return f_path
                 def load_default_context(self):
                     c = self._get_local_tmpl_context(include_app_defaults=True)
                     c.rhodecode_repo = self.rhodecode_vcs_repo
                     c.enable_downloads = self.db_repo.enable_downloads
                     return c
                 def _ensure_not_locked(self, commit_id='tip'):
                     _ = self.request.translate
                     repo = self.db_repo
                     if repo.enable_locking and repo.locked[0]:
                         h.flash(_('This repository has been locked by %s on %s')
                                 % (h.person_by_id(repo.locked[0]),
                                 h.format_date(h.time_to_datetime(repo.locked[1]))),
                                 'warning')
                         files_url = h.route_path(
                             'repo_files:default_path',
                             repo_name=self.db_repo_name, commit_id=commit_id)
                         raise HTTPFound(files_url)
                 def forbid_non_head(self, is_head, f_path, commit_id='tip', json_mode=False):
                     _ = self.request.translate
                     if not is_head:
                         message = _('Cannot modify file. '
                                     'Given commit `{}` is not head of a branch.').format(commit_id)
                         h.flash(message, category='warning')
                         if json_mode:
                             return message
                         files_url = h.route_path(
                             'repo_files', repo_name=self.db_repo_name, commit_id=commit_id,
                             f_path=f_path)
                         raise HTTPFound(files_url)
                 def check_branch_permission(self, branch_name, commit_id='tip', json_mode=False):
                     _ = self.request.translate
                     rule, branch_perm = self._rhodecode_user.get_rule_and_branch_permission(
                         self.db_repo_name, branch_name)
                     if branch_perm and branch_perm not in ['branch.push', 'branch.push_force']:
                         message = _('Branch `{}` changes forbidden by rule {}.').format(
                             h.escape(branch_name), h.escape(rule))
                         h.flash(message, 'warning')
                         if json_mode:
                             return message
                         files_url = h.route_path(
                             'repo_files:default_path', repo_name=self.db_repo_name, commit_id=commit_id)
                         raise HTTPFound(files_url)
                 def _get_commit_and_path(self):
                     default_commit_id = self.db_repo.landing_ref_name
                     default_f_path = '/'
                     commit_id = self.request.matchdict.get(
                         'commit_id', default_commit_id)
                     f_path = self._get_f_path(self.request.matchdict, default_f_path)
                     return commit_id, f_path
                 def _get_default_encoding(self, c):
                     enc_list = getattr(c, 'default_encodings', [])
                     return enc_list[0] if enc_list else 'UTF-8'
                 def _get_commit_or_redirect(self, commit_id, redirect_after=True):
                     """
                     This is a safe way to get commit. If an error occurs it redirects to
                     tip with proper message
                     :param commit_id: id of commit to fetch
                     :param redirect_after: toggle redirection
                     """
                     _ = self.request.translate
                     try:
                         return self.rhodecode_vcs_repo.get_commit(commit_id)
                     except EmptyRepositoryError:
                         if not redirect_after:
                             return None
                         add_new = upload_new = ""
                         if h.HasRepoPermissionAny(
                                 'repository.write', 'repository.admin')(self.db_repo_name):
                             _url = h.route_path(
                                 'repo_files_add_file',
                                 repo_name=self.db_repo_name, commit_id=0, f_path='')
                             add_new = h.link_to(
                                 _('add a new file'), _url, class_="alert-link")
                             _url_upld = h.route_path(
                                 'repo_files_upload_file',
                                 repo_name=self.db_repo_name, commit_id=0, f_path='')
                             upload_new = h.link_to(
                                 _('upload a new file'), _url_upld, class_="alert-link")
                         h.flash(h.literal(
                             _('There are no files yet. Click here to %s or %s.') % (add_new, upload_new)), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_summary', repo_name=self.db_repo_name))
                     except (CommitDoesNotExistError, LookupError) as e:
                         msg = _('No such commit exists for this repository. Commit: {}').format(commit_id)
                         h.flash(msg, category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                 def _get_filenode_or_redirect(self, commit_obj, path, pre_load=None):
                     """
                     Returns file_node, if error occurs or given path is directory,
                     it'll redirect to top level path
                     """
                     _ = self.request.translate
                     try:
                         file_node = commit_obj.get_node(path, pre_load=pre_load)
                         if file_node.is_dir():
                             raise RepositoryError('The given path is a directory')
                     except CommitDoesNotExistError:
                         log.exception('No such commit exists for this repository')
                         h.flash(_('No such commit exists for this repository'), category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         log.warning('Repository error while fetching filenode `%s`. Err:%s', path, e)
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                     return file_node
                 def _is_valid_head(self, commit_id, repo, landing_ref):
                     branch_name = sha_commit_id = ''
                     is_head = False
                     log.debug('Checking if commit_id `%s` is a head for %s.', commit_id, repo)
                     for _branch_name, branch_commit_id in repo.branches.items():
                         # simple case we pass in branch name, it's a HEAD
                         if commit_id == _branch_name:
                             is_head = True
                             branch_name = _branch_name
                             sha_commit_id = branch_commit_id
                             break
                         # case when we pass in full sha commit_id, which is a head
                         elif commit_id == branch_commit_id:
                             is_head = True
                             branch_name = _branch_name
                             sha_commit_id = branch_commit_id
                             break
                     if h.is_svn(repo) and not repo.is_empty():
                         # Note: Subversion only has one head.
                         if commit_id == repo.get_commit(commit_idx=-1).raw_id:
                             is_head = True
                             return branch_name, sha_commit_id, is_head
                     # checked branches, means we only need to try to get the branch/commit_sha
                     if repo.is_empty():
                         is_head = True
                         branch_name = landing_ref
                         sha_commit_id = EmptyCommit().raw_id
                     else:
                         commit = repo.get_commit(commit_id=commit_id)
                         if commit:
                             branch_name = commit.branch
                             sha_commit_id = commit.raw_id
                     return branch_name, sha_commit_id, is_head
                 def _get_tree_at_commit(self, c, commit_id, f_path, full_load=False, at_rev=None):
                     repo_id = self.db_repo.repo_id
                     force_recache = self.get_recache_flag()
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = not force_recache and cache_seconds > 0
                     log.debug(
                         'Computing FILE TREE for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = f'repo.{rc_cache.FILE_TREE_CACHE_VER}.{repo_id}'
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, condition=cache_on)
                     def compute_file_tree(_name_hash, _repo_id, _commit_id, _f_path, _full_load, _at_rev):
                         log.debug('Generating cached file tree at for repo_id: %s, %s, %s',
                                   _repo_id, _commit_id, _f_path)
                         c.full_load = _full_load
                         return render(
                             'rhodecode:templates/files/files_browser_tree.mako',
                             self._get_template_context(c), self.request, _at_rev)
                     return compute_file_tree(
                         self.db_repo.repo_name_hash, self.db_repo.repo_id, commit_id, f_path, full_load, at_rev)
                 def create_pure_path(self, *parts):
                     # Split paths and sanitize them, removing any ../ etc
                     sanitized_path = [
                         x for x in pathlib.PurePath(*parts).parts
                         if x not in ['.', '..']]
                     pure_path = pathlib.PurePath(*sanitized_path)
                     return pure_path
                 def _is_lf_enabled(self, target_repo):
                     lf_enabled = False
                     lf_key_for_vcs_map = {
                         'hg': 'extensions_largefiles',
                         'git': 'vcs_git_lfs_enabled'
                     }
                     lf_key_for_vcs = lf_key_for_vcs_map.get(target_repo.repo_type)
                     if lf_key_for_vcs:
                         lf_enabled = self._get_repo_setting(target_repo, lf_key_for_vcs)
                     return lf_enabled
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_archivefile(self):
                     # archive cache config
                     from rhodecode import CONFIG
                     _ = self.request.translate
                     self.load_default_context()
                     default_at_path = '/'
                     fname = self.request.matchdict['fname']
                     subrepos = self.request.GET.get('subrepos') == 'true'
                     with_hash = str2bool(self.request.GET.get('with_hash', '1'))
                     at_path = self.request.GET.get('at_path') or default_at_path
                     if not self.db_repo.enable_downloads:
                         return Response(_('Downloads disabled'))
                     try:
                         commit_id, ext, fileformat, content_type = \
                             _get_archive_spec(fname)
                     except ValueError:
                         return Response(_('Unknown archive type for: `{}`').format(
                             h.escape(fname)))
                     try:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id)
                     except CommitDoesNotExistError:
                         return Response(_('Unknown commit_id {}').format(
                             h.escape(commit_id)))
                     except EmptyRepositoryError:
                         return Response(_('Empty repository'))
                     # we used a ref, or a shorter version, lets redirect client ot use explicit hash
                     if commit_id != commit.raw_id:
                         fname=f'{commit.raw_id}{ext}'
                         raise HTTPFound(self.request.current_route_path(fname=fname))
                     try:
                         at_path = commit.get_node(at_path).path or default_at_path
                     except Exception:
                         return Response(_('No node at path {} for this repository').format(h.escape(at_path)))
                     path_sha = get_path_sha(at_path)
                     # used for cache etc, consistent unique archive name
                     archive_name_key = get_archive_name(
                         self.db_repo.repo_id, self.db_repo_name, commit_sha=commit.short_id, ext=ext, subrepos=subrepos,
                         path_sha=path_sha, with_hash=True)
                     if not with_hash:
                         path_sha = ''
                     # what end client gets served
                     response_archive_name = get_archive_name(
                         self.db_repo.repo_id, self.db_repo_name, commit_sha=commit.short_id, ext=ext, subrepos=subrepos,
                         path_sha=path_sha, with_hash=with_hash)
                     # remove extension from our archive directory name
                     archive_dir_name = response_archive_name[:-len(ext)]
                     archive_cache_disable = self.request.GET.get('no_cache')
                     d_cache = get_archival_cache_store(config=CONFIG)
                     # NOTE: we get the config to pass to a call to lazy-init the SAME type of cache on vcsserver
                     d_cache_conf = get_archival_config(config=CONFIG)
                     # This is also a cache key, and lock key
                     reentrant_lock_key = archive_name_key + '.lock'
                     use_cached_archive = False
                     if not archive_cache_disable and archive_name_key in d_cache:
                         reader, metadata = d_cache.fetch(archive_name_key)
                         use_cached_archive = True
                         log.debug('Found cached archive as key=%s tag=%s, serving archive from cache reader=%s',
                                   archive_name_key, metadata, reader.name)
                     else:
                         reader = None
                         log.debug('Archive with key=%s is not yet cached, creating one now...', archive_name_key)
                     if not reader:
                         # generate new archive, as previous was not found in the cache
                         try:
                             with d_cache.get_lock(reentrant_lock_key):
                                 try:
                                     commit.archive_repo(archive_name_key, archive_dir_name=archive_dir_name,
                                                         kind=fileformat, subrepos=subrepos,
                                                         archive_at_path=at_path, cache_config=d_cache_conf)
                                 except ImproperArchiveTypeError:
                                     return _('Unknown archive type')
                         except ArchiveCacheGenerationLock:
                             retry_after = round(random.uniform(0.3, 3.0), 1)
                             time.sleep(retry_after)
                             location = self.request.url
                             response = Response(
                                 f"archive {archive_name_key} generation in progress, Retry-After={retry_after}, Location={location}"
                             )
                             response.headers["Retry-After"] = str(retry_after)
                             response.status_code = 307  # temporary redirect
                             response.location = location
                             return response
                         reader, metadata = d_cache.fetch(archive_name_key, retry=True, retry_attempts=30)
                     response = Response(app_iter=archive_iterator(reader))
                     response.content_disposition = f'attachment; filename={response_archive_name}'
                     response.content_type = str(content_type)
                     try:
                         return response
                     finally:
                         # store download action
                         audit_logger.store_web(
                             'repo.archive.download', action_data={
                                 'user_agent': self.request.user_agent,
                                 'archive_name': archive_name_key,
                                 'archive_spec': fname,
                                 'archive_cached': use_cached_archive},
                             user=self._rhodecode_user,
                             repo=self.db_repo,
                             commit=True
                         )
                 def _get_file_node(self, commit_id, f_path):
                     if commit_id not in ['', None, 'None', '0' * 12, '0' * 40]:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id=commit_id)
                         try:
                             node = commit.get_node(f_path)
                             if node.is_dir():
                                 raise NodeError(f'{node} path is a {type(node)} not a file')
                         except NodeDoesNotExistError:
                             commit = EmptyCommit(
                                 commit_id=commit_id,
                                 idx=commit.idx,
                                 repo=commit.repository,
                                 alias=commit.repository.alias,
                                 message=commit.message,
                                 author=commit.author,
                                 date=commit.date)
                             node = FileNode(safe_bytes(f_path), b'', commit=commit)
                     else:
                         commit = EmptyCommit(
                             repo=self.rhodecode_vcs_repo,
                             alias=self.rhodecode_vcs_repo.alias)
                         node = FileNode(safe_bytes(f_path), b'', commit=commit)
                     return node
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_diff(self):
                     c = self.load_default_context()
                     f_path = self._get_f_path(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     path1, diff1 = parse_path_ref(diff1, default_path=f_path)
                     ignore_whitespace = str2bool(self.request.GET.get('ignorews'))
                     line_context = self.request.GET.get('context', 3)
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     c.action = self.request.GET.get('diff')
                     if c.action not in ['download', 'raw']:
                         compare_url = h.route_path(
                             'repo_compare',
                             repo_name=self.db_repo_name,
                             source_ref_type='rev',
                             source_ref=diff1,
                             target_repo=self.db_repo_name,
                             target_ref_type='rev',
                             target_ref=diff2,
                             _query=dict(f_path=f_path))
                         # redirect to new view if we render diff
                         raise HTTPFound(compare_url)
                     try:
                         node1 = self._get_file_node(diff1, path1)
                         node2 = self._get_file_node(diff2, f_path)
                     except (RepositoryError, NodeError):
                         log.exception("Exception while trying to get node from repository")
                         raise HTTPFound(
                             h.route_path('repo_files', repo_name=self.db_repo_name,
                                          commit_id='tip', f_path=f_path))
                     if all(isinstance(node.commit, EmptyCommit)
                            for node in (node1, node2)):
                         raise HTTPNotFound()
                     c.commit_1 = node1.commit
                     c.commit_2 = node2.commit
                     if c.action == 'download':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         # NOTE: this was using diff_format='gitdiff'
                         diff = diffs.DiffProcessor(_diff, diff_format='newdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         response.content_disposition = (
                             f'attachment; filename={f_path}_{diff1}_vs_{diff2}.diff'
                         )
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     elif c.action == 'raw':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         # NOTE: this was using diff_format='gitdiff'
                         diff = diffs.DiffProcessor(_diff, diff_format='newdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     # in case we ever end up here
                     raise HTTPNotFound()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_diff_2way_redirect(self):
                     """
                     Kept only to make OLD links work
                     """
                     f_path = self._get_f_path_unchecked(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     compare_url = h.route_path(
                         'repo_compare',
                         repo_name=self.db_repo_name,
                         source_ref_type='rev',
                         source_ref=diff1,
                         target_ref_type='rev',
                         target_ref=diff2,
                         _query=dict(f_path=f_path, diffmode='sideside',
                                     target_repo=self.db_repo_name,))
                     raise HTTPFound(compare_url)
                 @LoginRequired()
                 def repo_files_default_commit_redirect(self):
                     """
                     Special page that redirects to the landing page of files based on the default
                     commit for repository
                     """
                     c = self.load_default_context()
                     ref_name = c.rhodecode_db_repo.landing_ref_name
                     landing_url = h.repo_files_by_ref_url(
                         c.rhodecode_db_repo.repo_name,
                         c.rhodecode_db_repo.repo_type,
                         f_path='',
                         ref_name=ref_name,
                         commit_id='tip',
                         query=dict(at=ref_name)
                     )
                     raise HTTPFound(landing_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files(self):
                     c = self.load_default_context()
                     view_name = getattr(self.request.matched_route, 'name', None)
                     c.annotate = view_name == 'repo_files:annotated'
                     # default is false, but .rst/.md files later are auto rendered, we can
                     # overwrite auto rendering by setting this GET flag
                     c.renderer = view_name == 'repo_files:rendered' or not self.request.GET.get('no-render', False)
                     commit_id, f_path = self._get_commit_and_path()
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.branch = self.request.GET.get('branch', None)
                     c.f_path = f_path
                     at_rev = self.request.GET.get('at')
                     # files or dirs
                     try:
                         c.file = c.commit.get_node(f_path, pre_load=['is_binary', 'size', 'data'])
                         c.file_author = True
                         c.file_tree = ''
                         # prev link
                         try:
                             prev_commit = c.commit.prev(c.branch)
                             c.prev_commit = prev_commit
                             c.url_prev = h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id=prev_commit.raw_id, f_path=f_path)
                             if c.branch:
                                 c.url_prev += '?branch=%s' % c.branch
                         except (CommitDoesNotExistError, VCSError):
                             c.url_prev = '#'
                             c.prev_commit = EmptyCommit()
                         # next link
                         try:
                             next_commit = c.commit.next(c.branch)
                             c.next_commit = next_commit
                             c.url_next = h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id=next_commit.raw_id, f_path=f_path)
                             if c.branch:
                                 c.url_next += '?branch=%s' % c.branch
                         except (CommitDoesNotExistError, VCSError):
                             c.url_next = '#'
                             c.next_commit = EmptyCommit()
                         # load file content
                         if c.file.is_file():
                             c.lf_node = {}
                             has_lf_enabled = self._is_lf_enabled(self.db_repo)
                             if has_lf_enabled:
                                 c.lf_node = c.file.get_largefile_node()
                             c.file_source_page = 'true'
                             c.file_last_commit = c.file.last_commit
                             c.file_size_too_big = c.file.size > c.visual.cut_off_limit_file
                             if not (c.file_size_too_big or c.file.is_binary):
                                 if c.annotate:  # annotation has precedence over renderer
                                     c.annotated_lines = filenode_as_annotated_lines_tokens(
                                         c.file
                                     )
                                 else:
                                     c.renderer = (
                                         c.renderer and h.renderer_from_filename(c.file.path)
                                     )
                                     if not c.renderer:
                                         c.lines = filenode_as_lines_tokens(c.file)
                             _branch_name, _sha_commit_id, is_head = \
                                 self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                     landing_ref=self.db_repo.landing_ref_name)
                             c.on_branch_head = is_head
                             branch = c.commit.branch if (
                                 c.commit.branch and '/' not in c.commit.branch) else None
                             c.branch_or_raw_id = branch or c.commit.raw_id
                             c.branch_name = c.commit.branch or h.short_id(c.commit.raw_id)
                             author = c.file_last_commit.author
                             c.authors = [[
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
                             ]]
                         else:  # load tree content at path
                             c.file_source_page = 'false'
                             c.authors = []
                             # this loads a simple tree without metadata to speed things up
                             # later via ajax we call repo_nodetree_full and fetch whole
                             c.file_tree = self._get_tree_at_commit(c, c.commit.raw_id, f_path, at_rev=at_rev)
                             c.readme_data, c.readme_file = \
                                 self._get_readme_data(self.db_repo, c.visual.default_renderer,
                                                       c.commit.raw_id, f_path)
                     except RepositoryError as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                     if self.request.environ.get('HTTP_X_PJAX'):
                         html = render('rhodecode:templates/files/files_pjax.mako',
                                       self._get_template_context(c), self.request)
                     else:
                         html = render('rhodecode:templates/files/files.mako',
                                       self._get_template_context(c), self.request)
                     return Response(html)
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_annotated_previous(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     prev_commit_id = commit.raw_id
                     line_anchor = self.request.GET.get('line_anchor')
                     is_file = False
                     try:
                         _file = commit.get_node(f_path)
                         is_file = _file.is_file()
                     except (NodeDoesNotExistError, CommitDoesNotExistError, VCSError):
                         pass
                     if is_file:
                         history = commit.get_path_history(f_path)
                         prev_commit_id = history[1].raw_id \
                             if len(history) > 1 else prev_commit_id
                     prev_url = h.route_path(
                         'repo_files:annotated', repo_name=self.db_repo_name,
                         commit_id=prev_commit_id, f_path=f_path,
                         _anchor=f'L{line_anchor}')
                     raise HTTPFound(prev_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_nodetree_full(self):
                     """
                     Returns rendered html of file tree that contains commit date,
                     author, commit_id for the specified combination of
                     repo, commit_id and file path
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     try:
                         dir_node = commit.get_node(f_path)
                     except RepositoryError as e:
                         return Response(f'error: {h.escape(safe_str(e))}')
                     if dir_node.is_file():
                         return Response('')
                     c.file = dir_node
                     c.commit = commit
                     at_rev = self.request.GET.get('at')
                     html = self._get_tree_at_commit(
                         c, commit.raw_id, dir_node.path, full_load=True, at_rev=at_rev)
                     return Response(html)
                 def _get_attachement_headers(self, f_path):
                     f_name = safe_str(f_path.split(Repository.NAME_SEP)[-1])
                     safe_path = f_name.replace('"', '\\"')
                     encoded_path = urllib.parse.quote(f_name)
                     headers = "attachment; " \
                               "filename=\"{}\"; " \
                               "filename*=UTF-8\'\'{}".format(safe_path, encoded_path)
                     return safe_bytes(headers).decode('latin-1', errors='replace')
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_raw(self):
                     """
                     Action for show as raw, some mimetypes are "rendered",
                     those include images, icons.
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     raw_mimetype_mapping = {
                         # map original mimetype to a mimetype used for "show as raw"
                         # you can also provide a content-disposition to override the
                         # default "attachment" disposition.
                         # orig_type: (new_type, new_dispo)
                         # show images inline:
                         # Do not re-add SVG: it is unsafe and permits XSS attacks. One can
                         # for example render an SVG with javascript inside or even render
                         # HTML.
                         'image/x-icon': ('image/x-icon', 'inline'),
                         'image/png': ('image/png', 'inline'),
                         'image/gif': ('image/gif', 'inline'),
                         'image/jpeg': ('image/jpeg', 'inline'),
                         'application/pdf': ('application/pdf', 'inline'),
                     }
                     mimetype = file_node.mimetype
                     try:
                         mimetype, disposition = raw_mimetype_mapping[mimetype]
                     except KeyError:
                         # we don't know anything special about this, handle it safely
                         if file_node.is_binary:
                             # do same as download raw for binary files
                             mimetype, disposition = 'application/octet-stream', 'attachment'
                         else:
                             # do not just use the original mimetype, but force text/plain,
                             # otherwise it would serve text/html and that might be unsafe.
                             # Note: underlying vcs library fakes text/plain mimetype if the
                             # mimetype can not be determined and it thinks it is not
                             # binary.This might lead to erroneous text display in some
                             # cases, but helps in other cases, like with text files
                             # without extension.
                             mimetype, disposition = 'text/plain', 'inline'
                     if disposition == 'attachment':
                         disposition = self._get_attachement_headers(f_path)
                     stream_content = file_node.stream_bytes()
                     response = Response(app_iter=stream_content)
                     response.content_disposition = disposition
                     response.content_type = mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_download(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if self.request.GET.get('lf'):
                         # only if lf get flag is passed, we download this file
                         # as LFS/Largefile
                         lf_node = file_node.get_largefile_node()
                         if lf_node:
                             # overwrite our pointer with the REAL large-file
                             file_node = lf_node
                     disposition = self._get_attachement_headers(f_path)
                     stream_content = file_node.stream_bytes()
                     response = Response(app_iter=stream_content)
                     response.content_disposition = disposition
                     response.content_type = file_node.mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 def _get_nodelist_at_commit(self, repo_name, repo_id, commit_id, f_path):
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = cache_seconds > 0
                     log.debug(
                         'Computing FILE SEARCH for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = f'repo.{repo_id}'
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, condition=cache_on)
                     def compute_file_search(_name_hash, _repo_id, _commit_id, _f_path):
                         log.debug('Generating cached nodelist for repo_id:%s, %s, %s',
                                   _repo_id, commit_id, f_path)
                         try:
                             _d, _f = ScmModel().get_quick_filter_nodes(repo_name, _commit_id, _f_path)
                         except (RepositoryError, CommitDoesNotExistError, Exception) as e:
                             log.exception(safe_str(e))
                             h.flash(h.escape(safe_str(e)), category='error')
                             raise HTTPFound(h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id='tip', f_path='/'))
                         return _d + _f
                     result = compute_file_search(self.db_repo.repo_name_hash, self.db_repo.repo_id,
                                                  commit_id, f_path)
                     return filter(lambda n: self.path_filter.path_access_allowed(n['name']), result)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_nodelist(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     metadata = self._get_nodelist_at_commit(
                         self.db_repo_name, self.db_repo.repo_id, commit.raw_id, f_path)
                     return {'nodes': [x for x in metadata]}
                 def _create_references(self, branches_or_tags, symbolic_reference, f_path, ref_type):
                     items = []
                     for name, commit_id in branches_or_tags.items():
                         sym_ref = symbolic_reference(commit_id, name, f_path, ref_type)
                         items.append((sym_ref, name, ref_type))
                     return items
                 def _symbolic_reference(self, commit_id, name, f_path, ref_type):
                     return commit_id
                 def _symbolic_reference_svn(self, commit_id, name, f_path, ref_type):
                     return commit_id
                     # NOTE(dan): old code we used in "diff" mode compare
                     new_f_path = vcspath.join(name, f_path)
                     return f'{new_f_path}@{commit_id}'
                 def _get_node_history(self, commit_obj, f_path, commits=None):
                     """
                     get commit history for given node
                     :param commit_obj: commit to calculate history
                     :param f_path: path for node to calculate history for
                     :param commits: if passed don't calculate history and take
                         commits defined in this list
                     """
                     _ = self.request.translate
                     # calculate history based on tip
                     tip = self.rhodecode_vcs_repo.get_commit()
                     if commits is None:
                         pre_load = ["author", "branch"]
                         try:
                             commits = tip.get_path_history(f_path, pre_load=pre_load)
                         except (NodeDoesNotExistError, CommitError):
                             # this node is not present at tip!
                             commits = commit_obj.get_path_history(f_path, pre_load=pre_load)
                     history = []
                     commits_group = ([], _("Changesets"))
                     for commit in commits:
                         branch = ' (%s)' % commit.branch if commit.branch else ''
                         n_desc = f'r{commit.idx}:{commit.short_id}{branch}'
                         commits_group[0].append((commit.raw_id, n_desc, 'sha'))
                     history.append(commits_group)
                     symbolic_reference = self._symbolic_reference
                     if self.rhodecode_vcs_repo.alias == 'svn':
                         adjusted_f_path = RepoFilesView.adjust_file_path_for_svn(
                             f_path, self.rhodecode_vcs_repo)
                         if adjusted_f_path != f_path:
                             log.debug(
                                 'Recognized svn tag or branch in file "%s", using svn '
                                 'specific symbolic references', f_path)
                             f_path = adjusted_f_path
                             symbolic_reference = self._symbolic_reference_svn
                     branches = self._create_references(
                         self.rhodecode_vcs_repo.branches, symbolic_reference, f_path, 'branch')
                     branches_group = (branches, _("Branches"))
                     tags = self._create_references(
                         self.rhodecode_vcs_repo.tags, symbolic_reference, f_path, 'tag')
                     tags_group = (tags, _("Tags"))
                     history.append(branches_group)
                     history.append(tags_group)
                     return history, commits
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_history(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if file_node.is_file():
                         file_history, _hist = self._get_node_history(commit, f_path)
                         res = []
                         for section_items, section in file_history:
                             items = []
                             for obj_id, obj_text, obj_type in section_items:
                                 at_rev = ''
                                 if obj_type in ['branch', 'bookmark', 'tag']:
                                     at_rev = obj_text
                                 entry = {
                                     'id': obj_id,
                                     'text': obj_text,
                                     'type': obj_type,
                                     'at_rev': at_rev
                                 }
                                 items.append(entry)
                             res.append({
                                 'text': section,
                                 'children': items
                             })
                         data = {
                             'more': False,
                             'results': res
                         }
                         return data
                     log.warning('Cannot fetch history for directory')
                     raise HTTPBadRequest()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_authors(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if not file_node.is_file():
                         raise HTTPBadRequest()
                     c.file_last_commit = file_node.last_commit
                     if self.request.GET.get('annotate') == '1':
                         # use _hist from annotation if annotation mode is on
                         commit_ids = {x[1] for x in file_node.annotate}
                         _hist = (
                             self.rhodecode_vcs_repo.get_commit(commit_id)
                             for commit_id in commit_ids)
                     else:
                         _f_history, _hist = self._get_node_history(commit, f_path)
                     c.file_author = False
                     unique = collections.OrderedDict()
                     for commit in _hist:
                         author = commit.author
                         if author not in unique:
                             unique[commit.author] = [
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
 # counter
                             ]
                         else:
                             # increase counter
                             unique[commit.author][2] += 1
                     c.authors = [val for val in unique.values()]
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_check_head(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     new_path = self.request.POST.get('path')
                     operation = self.request.POST.get('operation')
                     path_exist = ''
                     if new_path and operation in ['create', 'upload']:
                         new_f_path = os.path.join(f_path.lstrip('/'), new_path)
                         try:
                             commit_obj = self.rhodecode_vcs_repo.get_commit(commit_id)
                             # NOTE(dan): construct whole path without leading /
                             file_node = commit_obj.get_node(new_f_path)
                             if file_node is not None:
                                 path_exist = new_f_path
                         except EmptyRepositoryError:
                             pass
                         except Exception:
                             pass
                     return {
                         'branch': _branch_name,
                         'sha': _sha_commit_id,
                         'is_head': is_head,
                         'path_exists': path_exist
                     }
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_remove_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path)
                     self.check_branch_permission(_branch_name)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_delete_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path)
                     self.check_branch_permission(_branch_name)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     node_path = f_path
                     author = self._rhodecode_db_user.full_contact
                     message = self.request.POST.get('message') or c.default_message
                     try:
                         nodes = {
                             safe_bytes(node_path): {
                                 'content': b''
                             }
                         }
                         ScmModel().delete_nodes(
                             user=self._rhodecode_db_user.user_id, repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(
                             _('Successfully deleted file `{}`').format(
                                 h.escape(f_path)), category='success')
                     except Exception:
                         log.exception('Error during commit operation')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(
                         h.route_path('repo_commit', repo_name=self.db_repo_name,
                                      commit_id='tip'))
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_edit_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         files_url = h.route_path(
                             'repo_files',
                             repo_name=self.db_repo_name,
                             commit_id=c.commit.raw_id, f_path=f_path)
                         raise HTTPFound(files_url)
                     c.default_message = _('Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_update_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         raise HTTPFound(h.route_path('repo_files', repo_name=self.db_repo_name,
                                                      commit_id=c.commit.raw_id, f_path=f_path))
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = _('Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     old_content = c.file.str_content
                     sl = old_content.splitlines(1)
                     first_line = sl[0] if sl else ''
                     r_post = self.request.POST
                     # line endings:  0 - Unix, 1 - Mac, 2 - DOS
                     line_ending_mode = detect_mode(first_line, 0)
                     content = convert_line_endings(r_post.get('content', ''), line_ending_mode)
                     message = r_post.get('message') or c.default_message
                     org_node_path = c.file.str_path
                     filename = r_post['filename']
                     root_path = c.file.dir_path
                     pure_path = self.create_pure_path(root_path, filename)
                     node_path = pure_path.as_posix()
                     default_redirect_url = h.route_path('repo_commit', repo_name=self.db_repo_name,
                                                         commit_id=commit_id)
                     if content == old_content and node_path == org_node_path:
                         h.flash(_('No changes detected on {}').format(h.escape(org_node_path)),
                                 category='warning')
                         raise HTTPFound(default_redirect_url)
                     try:
                         mapping = {
                             c.file.bytes_path: {
                                 'org_filename': org_node_path,
                                 'filename': safe_bytes(node_path),
                                 'content': safe_bytes(content),
                                 'lexer': '',
                                 'op': 'mod',
                                 'mode': c.file.mode
                             }
                         }
                         commit = ScmModel().update_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=mapping,
                             parent_commit=c.commit,
                         )
                         h.flash(_('Successfully committed changes to file `{}`').format(
                                 h.escape(f_path)), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(default_redirect_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_add_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     # Check if we need to use this page to upload binary
                     upload_binary = str2bool(self.request.params.get('upload_binary', False))
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = (_('Added file via RhodeCode Enterprise')) \
                         if not upload_binary else (_('Edited file {} via RhodeCode Enterprise').format(f_path))
                     c.f_path = f_path.lstrip('/')  # ensure not relative path
                     c.replace_binary = upload_binary
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_create_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     # calculate redirect URL
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = r_post.get('message') or c.default_message
                     filename = r_post.get('filename')
                     unix_mode = 0
                     if not filename:
                         # If there's no commit, redirect to repo summary
                         if type(c.commit) is EmptyCommit:
                             redirect_url = h.route_path(
                                 'repo_summary', repo_name=self.db_repo_name)
                         else:
                             redirect_url = default_redirect_url
                         h.flash(_('No filename specified'), category='warning')
                         raise HTTPFound(redirect_url)
                     root_path = f_path
                     pure_path = self.create_pure_path(root_path, filename)
                     node_path = pure_path.as_posix().lstrip('/')
                     author = self._rhodecode_db_user.full_contact
                     content = convert_line_endings(r_post.get('content', ''), unix_mode)
                     nodes = {
                         safe_bytes(node_path): {
                             'content': safe_bytes(content)
                         }
                     }
                     try:
                         commit = ScmModel().create_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(_('Successfully committed new file `{}`').format(
                                 h.escape(node_path)), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except NonRelativePathError:
                         log.exception('Non Relative path found')
                         h.flash(_('The location specified must be a relative path and must not '
                                   'contain .. in the path'), category='warning')
                         raise HTTPFound(default_redirect_url)
                     except (NodeError, NodeAlreadyExistsError) as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(default_redirect_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_upload_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     # calculate redirect URL
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     error = self.forbid_non_head(is_head, f_path, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     error = self.check_branch_permission(_branch_name, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = c.default_message
                     user_message = r_post.getall('message')
                     if isinstance(user_message, list) and user_message:
                         # we take the first from duplicated results if it's not empty
                         message = user_message[0] if user_message[0] else message
                     nodes = {}
                     for file_obj in r_post.getall('files_upload') or []:
                         content = file_obj.file
                         filename = file_obj.filename
                         root_path = f_path
                         pure_path = self.create_pure_path(root_path, filename)
                         node_path = pure_path.as_posix().lstrip('/')
                         nodes[safe_bytes(node_path)] = {
                             'content': content
                         }
                     if not nodes:
                         error = 'missing files'
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     author = self._rhodecode_db_user.full_contact
                     try:
                         commit = ScmModel().create_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         if len(nodes) == 1:
                             flash_message = _('Successfully committed {} new files').format(len(nodes))
                         else:
                             flash_message = _('Successfully committed 1 new file')
                         h.flash(flash_message, category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except NonRelativePathError:
                         log.exception('Non Relative path found')
                         error = _('The location specified must be a relative path and must not '
                                   'contain .. in the path')
                         h.flash(error, category='warning')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except (NodeError, NodeAlreadyExistsError) as e:
                         error = h.escape(e)
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except Exception:
                         log.exception('Error occurred during commit')
                         error = _('Error occurred during commit')
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     return {
                         'error': None,
                         'redirect_url': default_redirect_url
                     }
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_replace_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     error = self.forbid_non_head(is_head, f_path, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     error = self.check_branch_permission(_branch_name, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     c.default_message = (_('Edited file {} via RhodeCode Enterprise').format(f_path))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = c.default_message
                     user_message = r_post.getall('message')
                     if isinstance(user_message, list) and user_message:
                         # we take the first from duplicated results if it's not empty
                         message = user_message[0] if user_message[0] else message
                     data_for_replacement = r_post.getall('files_upload') or []
                     if (objects_count := len(data_for_replacement)) > 1:
                         return {
                             'error': 'too many files for replacement',
                             'redirect_url': default_redirect_url
                         }
                     elif not objects_count:
                         return {
                             'error': 'missing files',
                             'redirect_url': default_redirect_url
                         }
                     content = data_for_replacement[0].file
                     retrieved_filename = data_for_replacement[0].filename
                     if retrieved_filename.split('.')[-1] != f_path.split('.')[-1]:
                         return {
                             'error': 'file extension of uploaded file doesn\'t match an original file\'s extension',
                             'redirect_url': default_redirect_url
                         }
                     author = self._rhodecode_db_user.full_contact
                     try:
                         commit = ScmModel().update_binary_node(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             node={
                                 'content': content,
                                 'file_path': f_path.encode(),
                             },
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(_('Successfully committed 1 new file'), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except (NodeError, NodeAlreadyExistsError) as e:
                         error = h.escape(e)
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except Exception:
                         log.exception('Error occurred during commit')
                         error = _('Error occurred during commit')
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     return {
                         'error': None,
                         'redirect_url': default_redirect_url
                     }

rhodecode/config/config_maker.py

0 +17 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import tempfile
             import logging
             from pyramid.settings import asbool
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config import utils as config_utils
             log = logging.getLogger(__name__)
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well-prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
                 logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.svn.proxy.enabled', True, parser='bool')
                 settings_maker.make_setting('vcs.svn.proxy.host', 'http://svn:8090', parser='string')
                 settings_maker.make_setting('vcs.hooks.protocol', 'http')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
                 # repo_store path
                 settings_maker.make_setting('repo_store.path', '/var/opt/rhodecode_repo_store')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
                 settings_maker.make_setting('archive_cache.locking.url', 'redis://redis:6379/1')
                 settings_maker.make_setting('archive_cache.backend.type', 'filesystem')
                 settings_maker.make_setting('archive_cache.filesystem.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
+                settings_maker.make_setting('archive_cache.filesystem.cache_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.cache_size_gb', 10, parser='float')
-                settings_maker.make_setting('archive_cache.filesystem.cache_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.eviction_policy', 'least-recently-stored')
+                settings_maker.make_setting('archive_cache.filesystem.retry', False, parser='bool')
+                settings_maker.make_setting('archive_cache.filesystem.retry_backoff', 1, parser='int')
+                settings_maker.make_setting('archive_cache.filesystem.retry_attempts', 10, parser='int')
+                settings_maker.make_setting('archive_cache.objectstore.url', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
+                settings_maker.make_setting('archive_cache.objectstore.key', '')
+                settings_maker.make_setting('archive_cache.objectstore.secret', '')
+                settings_maker.make_setting('archive_cache.objectstore.bucket_shards', 8, parser='int')
+                settings_maker.make_setting('archive_cache.objectstore.cache_size_gb', 10, parser='float')
+                settings_maker.make_setting('archive_cache.objectstore.eviction_policy', 'least-recently-stored')
+                settings_maker.make_setting('archive_cache.objectstore.retry', False, parser='bool')
+                settings_maker.make_setting('archive_cache.objectstore.retry_backoff', 1, parser='int')
+                settings_maker.make_setting('archive_cache.objectstore.retry_attempts', 10, parser='int')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/config/middleware.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import collections
             import time
             import logging.config
             from paste.gzipper import make_gzip_middleware
             import pyramid.events
             from pyramid.wsgi import wsgiapp
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
             from pyramid.renderers import render_to_response
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config.environment import load_pyramid_environment
             import rhodecode.events
             from rhodecode.config.config_maker import sanitize_settings_and_apply_defaults
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.request import Request
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.exc_tracking import store_exception, format_exc
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed, write_usage_data)
             from rhodecode.lib.statsd_client import StatsdClient
             log = logging.getLogger(__name__)
             def is_http_error(response):
                 # error which should have traceback
                 return response.status_code > 499
             def should_load_all():
                 """
                 Returns if all application components should be loaded. In some cases it's
                 desired to skip apps loading for faster shell script execution
                 """
                 ssh_cmd = os.environ.get('RC_CMD_SSH_WRAPPER')
                 if ssh_cmd:
                     return False
                 return True
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid.
                 Specials:
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 start_time = time.time()
                 log.info('Pyramid app config starting')
                 sanitize_settings_and_apply_defaults(global_config, settings)
                 # init and bootstrap StatsdClient
                 StatsdClient.setup(settings)
                 config = Configurator(settings=settings)
                 # Init our statsd at very start
                 config.registry.statsd = StatsdClient.statsd
                 # Apply compatibility patches
                 patches.inspect_getargspec()
                 load_pyramid_environment(global_config, settings)
                 # Static file view comes first
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 celery_settings = get_celery_config(settings)
                 config.configure_celery(celery_settings)
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 total_time = time.time() - start_time
                 log.info('Pyramid app created and configured in %.2fs', total_time)
                 return pyramid_app
             def get_celery_config(settings):
                 """
                 Converts basic ini configuration into celery 4.X options
                 """
                 def key_converter(key_name):
                     pref = 'celery.'
                     if key_name.startswith(pref):
                         return key_name[len(pref):].replace('.', '_').lower()
                 def type_converter(parsed_key, value):
                     # cast to int
                     if value.isdigit():
                         return int(value)
                     # cast to bool
                     if value.lower() in ['true', 'false', 'True', 'False']:
                         return value.lower() == 'true'
                     return value
                 celery_config = {}
                 for k, v in settings.items():
                     pref = 'celery.'
                     if k.startswith(pref):
                         celery_config[key_converter(k)] = type_converter(key_converter(k), v)
                 # TODO:rethink if we want to support celerybeat based file config, probably NOT
                 # beat_config = {}
                 # for section in parser.sections():
                 #     if section.startswith('celerybeat:'):
                 #         name = section.split(':', 1)[1]
                 #         beat_config[name] = get_beat_config(parser, section)
                 # final compose of settings
                 celery_settings = {}
                 if celery_config:
                     celery_settings.update(celery_config)
                 # if beat_config:
                 #     celery_settings.update({'beat_schedule': beat_config})
                 return celery_settings
             def not_found_view(request):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid.
                 """
                 if not getattr(request, 'vcs_call', None):
                     # handle like regular case with our error_handler
                     return error_handler(HTTPNotFound(), request)
                 # handle not found view as a vcs call
                 settings = request.registry.settings
                 ae_client = getattr(request, 'ae_client', None)
                 vcs_app = VCSMiddleware(
                     HTTPNotFound(), request.registry, settings,
                     appenlight_client=ae_client)
                 return wsgiapp(vcs_app)(None, request)
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 if is_http_error(base_response):
                     traceback_info = format_exc(request.exc_info)
                     log.error(
                         'error occurred handling this request for path: %s, \n%s',
                         request.path, traceback_info)
                 error_explanation = base_response.explanation or str(base_response)
                 if base_response.status_code == 404:
                     error_explanation += " Optionally you don't have permission to access this page."
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = error_explanation
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if is_http_error(base_response):
                     c.causes.append('Server is overloaded.')
                     c.causes.append('Server database connection is lost.')
                     c.causes.append('Server expected unhandled error.')
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages(request=request)
                 exc_info = sys.exc_info()
                 c.exception_id = id(exc_info)
                 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
                                       or base_response.status_code > 499
                 c.exception_id_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=c.exception_id)
                 debug_mode = rhodecode.ConfigGet().get_bool('debug')
                 if c.show_exception_id:
                     store_exception(c.exception_id, exc_info)
                 c.exception_debug = debug_mode
                 c.exception_config_ini = rhodecode.CONFIG.get('__file__')
                 if debug_mode:
                     try:
                         from rich.traceback import install
                         install(show_locals=True)
                         log.debug('Installing rich tracebacks...')
                     except ImportError:
                         pass
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 response.headers["X-RC-Exception-Id"] = str(c.exception_id)
                 statsd = request.registry.statsd
                 if statsd and base_response.status_code > 499:
                     exc_type = f"{exception.__class__.__module__}.{exception.__class__.__name__}"
                     statsd.incr('rhodecode_exception_total',
                                 tags=["exc_source:web",
                                       f"http_code:{base_response.status_code}",
                                       f"type:{exc_type}"])
                 return response
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             ce_auth_resources = [
                 'rhodecode.authentication.plugins.auth_crowd',
                 'rhodecode.authentication.plugins.auth_headers',
                 'rhodecode.authentication.plugins.auth_jasig_cas',
                 'rhodecode.authentication.plugins.auth_ldap',
                 'rhodecode.authentication.plugins.auth_pam',
                 'rhodecode.authentication.plugins.auth_rhodecode',
                 'rhodecode.authentication.plugins.auth_token',
             ]
             def includeme(config, auth_resources=None):
                 from rhodecode.lib.celerylib.loader import configure_celery
                 log.debug('Initializing main includeme from %s', os.path.basename(__file__))
                 settings = config.registry.settings
                 config.set_request_factory(Request)
                 # plugin information
                 config.registry.rhodecode_plugins = collections.OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 config.add_directive('configure_celery', configure_celery)
                 if settings.get('appenlight', False):
                     config.include('appenlight_client.ext.pyramid_tween')
                 load_all = should_load_all()
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
-                config.include('rhodecode.lib.rc_cache.archive_cache')
+                config.include('rhodecode.lib.archive_cache')
                 config.include('rhodecode.apps._base.navigation')
                 config.include('rhodecode.apps._base.subscribers')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.authentication')
                 if load_all:
                     # load CE authentication plugins
                     if auth_resources:
                         ce_auth_resources.extend(auth_resources)
                     for resource in ce_auth_resources:
                         config.include(resource)
                     # Auto discover authentication plugins and include their configuration.
                     if asbool(settings.get('auth_plugin.import_legacy_plugins', 'true')):
                         from rhodecode.authentication import discover_legacy_plugins
                         discover_legacy_plugins(config)
                 # apps
                 if load_all:
                     log.debug('Starting config.include() calls')
                     config.include('rhodecode.api.includeme')
                     config.include('rhodecode.apps._base.includeme')
                     config.include('rhodecode.apps._base.navigation.includeme')
                     config.include('rhodecode.apps._base.subscribers.includeme')
                     config.include('rhodecode.apps.hovercards.includeme')
                     config.include('rhodecode.apps.ops.includeme')
                     config.include('rhodecode.apps.channelstream.includeme')
                     config.include('rhodecode.apps.file_store.includeme')
                     config.include('rhodecode.apps.admin.includeme')
                     config.include('rhodecode.apps.login.includeme')
                     config.include('rhodecode.apps.home.includeme')
                     config.include('rhodecode.apps.journal.includeme')
                     config.include('rhodecode.apps.repository.includeme')
                     config.include('rhodecode.apps.repo_group.includeme')
                     config.include('rhodecode.apps.user_group.includeme')
                     config.include('rhodecode.apps.search.includeme')
                     config.include('rhodecode.apps.user_profile.includeme')
                     config.include('rhodecode.apps.user_group_profile.includeme')
                     config.include('rhodecode.apps.my_account.includeme')
                     config.include('rhodecode.apps.gist.includeme')
                     config.include('rhodecode.apps.svn_support.includeme')
                     config.include('rhodecode.apps.ssh_support.includeme')
                     config.include('rhodecode.apps.debug_style')
                 if load_all:
                     config.include('rhodecode.integrations.includeme')
                     config.include('rhodecode.integrations.routes.includeme')
                 config.add_route('rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 config.add_translation_dirs('rhodecode:i18n/')
                 # Add subscribers.
                 if load_all:
                     log.debug('Adding subscribers...')
                     config.add_subscriber(scan_repositories_if_enabled,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_metadata_if_needed,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_usage_data,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_js_routes_if_enabled,
                                           pyramid.events.ApplicationCreated)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 config.add_renderer(
                     name='string_html',
                     factory='rhodecode.lib.string_renderer.html')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 log.debug('processing rhodecode.includes data...')
                 for inc in includes:
                     config.include(inc)
                 # custom not found view, if our pyramid app doesn't know how to handle
                 # the request pass it to potential VCS handling ap
                 config.add_notfound_view(not_found_view)
                 if not settings.get('debugtoolbar.enabled', False):
                     # disabled debugtoolbar handle all exceptions via the error_handlers
                     config.add_view(error_handler, context=Exception)
                 # all errors including 403/404/50X
                 config.add_view(error_handler, context=HTTPError)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 """
                 registry = config.registry
                 settings = registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
                     pyramid_app, settings)
                 registry.ae_client = _ae_client
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     start = time.time()
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.get_engine().pool
                         log.debug('sa pool status: %s', pool.status())
                         total = time.time() - start
                         log.debug('Request processing finalized: %.4fs', total)
                 return pyramid_app_with_cleanup

rhodecode/lib/archive_cache/__init__.py ~~rhodecode/lib/rc_cache/archive_cache/__init__.py~~

0 renamed +53 -4

@@ -1,29 +1,78 b''
1	# Copyright (C) 2015-2024 RhodeCode GmbH	1	# Copyright (C) 2015-2024 RhodeCode GmbH
2	#	2	#
3	# This program is free software: you can redistribute it and/or modify	3	# This program is free software: you can redistribute it and/or modify
4	# it under the terms of the GNU Affero General Public License, version 3	4	# it under the terms of the GNU Affero General Public License, version 3
5	# (only), as published by the Free Software Foundation.	5	# (only), as published by the Free Software Foundation.
6	#	6	#
7	# This program is distributed in the hope that it will be useful,	7	# This program is distributed in the hope that it will be useful,
8	# but WITHOUT ANY WARRANTY; without even the implied warranty of	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	# GNU General Public License for more details.	10	# GNU General Public License for more details.
11	#	11	#
12	# You should have received a copy of the GNU Affero General Public License	12	# You should have received a copy of the GNU Affero General Public License
13	# along with this program. If not, see <http://www.gnu.org/licenses/>.	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
14	#	14	#
15	# This program is dual-licensed. If you wish to learn more about the	15	# This program is dual-licensed. If you wish to learn more about the
16	# RhodeCode Enterprise Edition, including its added features, Support services,	16	# RhodeCode Enterprise Edition, including its added features, Support services,
17	# and proprietary license terms, please see https://rhodecode.com/licenses/	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
18		18
19	from .fanout_cache import get_archival_cache_store	19	import logging
20	from .fanout_cache import get_archival_config	20
		21	from .backends.fanout_cache import FileSystemFanoutCache
		22	from .backends.objectstore_cache import ObjectStoreCache
21		23
22	from .utils import archive_iterator	24	from .utils import archive_iterator # noqa
23	from .~~utils~~ import ArchiveCacheGenerationLock	25	from .lock import ArchiveCacheGenerationLock # noqa
		26
		27	log = logging.getLogger(__name__)
		28
		29
		30	cache_meta = None
24		31
25		32
26	def includeme(config):	33	def includeme(config):
27	# init our cache at start	34	# init our cache at start
28	settings = config.get_settings()	35	settings = config.get_settings()
29	get_archival_cache_store(settings)	36	get_archival_cache_store(settings)
		37
		38
		39	def get_archival_config(config):
		40
		41	final_config = {
		42
		43	}
		44
		45	for k, v in config.items():
		46	if k.startswith('archive_cache'):
		47	final_config[k] = v
		48
		49	return final_config
		50
		51
		52	def get_archival_cache_store(config, always_init=False):
		53
		54	global cache_meta
		55	if cache_meta is not None and not always_init:
		56	return cache_meta
		57
		58	config = get_archival_config(config)
		59	backend = config['archive_cache.backend.type']
		60
		61	archive_cache_locking_url = config['archive_cache.locking.url']
		62
		63	match backend:
		64	case 'filesystem':
		65	d_cache = FileSystemFanoutCache(
		66	locking_url=archive_cache_locking_url,
		67	**config
		68	)
		69	case 'objectstore':
		70	d_cache = ObjectStoreCache(
		71	locking_url=archive_cache_locking_url,
		72	**config
		73	)
		74	case _:
		75	raise ValueError(f'archive_cache.backend.type only supports "filesystem" or "objectstore" got {backend} ')
		76
		77	cache_meta = d_cache
		78	return cache_meta

rhodecode/lib/archive_cache/backends/fanout_cache.py ~~rhodecode/lib/rc_cache/archive_cache/fanout_cache.py~~

0 renamed +74 -364

@@ -1,456 +1,166 b''
1	# Copyright (C) 2015-2024 RhodeCode GmbH	1	# Copyright (C) 2015-2024 RhodeCode GmbH
2	#	2	#
3	# This program is free software: you can redistribute it and/or modify	3	# This program is free software: you can redistribute it and/or modify
4	# it under the terms of the GNU Affero General Public License, version 3	4	# it under the terms of the GNU Affero General Public License, version 3
5	# (only), as published by the Free Software Foundation.	5	# (only), as published by the Free Software Foundation.
6	#	6	#
7	# This program is distributed in the hope that it will be useful,	7	# This program is distributed in the hope that it will be useful,
8	# but WITHOUT ANY WARRANTY; without even the implied warranty of	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	# GNU General Public License for more details.	10	# GNU General Public License for more details.
11	#	11	#
12	# You should have received a copy of the GNU Affero General Public License	12	# You should have received a copy of the GNU Affero General Public License
13	# along with this program. If not, see <http://www.gnu.org/licenses/>.	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
14	#	14	#
15	# This program is dual-licensed. If you wish to learn more about the	15	# This program is dual-licensed. If you wish to learn more about the
16	# RhodeCode Enterprise Edition, including its added features, Support services,	16	# RhodeCode Enterprise Edition, including its added features, Support services,
17	# and proprietary license terms, please see https://rhodecode.com/licenses/	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
18		18
19	import codecs	19	import codecs
20	import ~~context~~lib	20	import hashlib
21	import functools
22	import os
23	import logging	21	import logging
24	import ~~time~~	22	import os
25	import typing	23
26	import zlib	24	import fsspec
27	import sqlite3
28		25
29	from ...ext_json import json	26	from .base import BaseCache, BaseShard
30	from .lock import GenerationLock	27	from ..utils import ShardFileReader, NOT_GIVEN
31	from .utils import ~~format_size~~	28	from ...type_utils import str2bool
32		29
33	log = logging.getLogger(__name__)	30	log = logging.getLogger(__name__)
34		31
35	cache_meta = None
36		32
37	UNKNOWN = -241	33	class FileSystemShard(BaseShard):
38	NO_VAL = -917
39
40	MODE_BINARY = 'BINARY'
41
42
43	EVICTION_POLICY = {
44	'none': {
45	'evict': None,
46	},
47	'least-recently-stored': {
48	'evict': 'SELECT {fields} FROM archive_cache ORDER BY store_time',
49	},
50	'least-recently-used': {
51	'evict': 'SELECT {fields} FROM archive_cache ORDER BY access_time',
52	},
53	'least-frequently-used': {
54	'evict': 'SELECT {fields} FROM archive_cache ORDER BY access_count',
55	},
56	}
57
58
59	class DB:
60
61	def __init__(self):
62	self.connection = sqlite3.connect(':memory:')
63	self._init_db()
64
65	def _init_db(self):
66	qry = '''
67	CREATE TABLE IF NOT EXISTS archive_cache (
68	rowid INTEGER PRIMARY KEY,
69	key_file TEXT,
70	key_file_path TEXT,
71	filename TEXT,
72	full_path TEXT,
73	store_time REAL,
74	access_time REAL,
75	access_count INTEGER DEFAULT 0,
76	size INTEGER DEFAULT 0
77	)
78	'''
79
80	self.sql(qry)
81	self.connection.commit()
82
83	@property
84	def sql(self):
85	return self.connection.execute
86
87	def bulk_insert(self, rows):
88	qry = '''
89	INSERT INTO archive_cache (
90	rowid,
91	key_file,
92	key_file_path,
93	filename,
94	full_path,
95	store_time,
96	access_time,
97	access_count,
98	size
99	)
100	VALUES (
101	?, ?, ?, ?, ?, ?, ?, ?, ?
102	)
103	'''
104	cursor = self.connection.cursor()
105	cursor.executemany(qry, rows)
106	self.connection.commit()
107
108
109	class FileSystemCache:
110		34
111	def __init__(self, index, directory, **settings):	35	def __init__(self, index, directory, **settings):
112	self._index = index	36	self._index = index
113	self._directory = directory	37	self._directory = directory
		38	self.storage_type = 'directory'
		39	self.fs = fsspec.filesystem('file')
114		40
115	@property	41	@property
116	def directory(self):	42	def directory(self):
117	"""Cache directory."""	43	"""Cache directory."""
118	return self._directory	44	return self._directory
119		45
120	def _write_file(self, full_path, iterator, mode, encoding=None):	46	def _get_keyfile(self, archive_key) -> tuple[str, str]:
121	full_dir, _ = os.path.split(full_path)	47	key_file = f'{archive_key}.{self.key_suffix}'
		48	return key_file, os.path.join(self.directory, key_file)
122		49
		50	def _get_writer(self, path, mode):
123	for count in range(1, 11):	51	for count in range(1, 11):
124	with contextlib.suppress(OSError):
125	os.makedirs(full_dir)
126
127	try:	52	try:
128	# Another cache may have deleted the directory before	53	# Another cache may have deleted the directory before
129	# the file could be opened.	54	# the file could be opened.
130	writer = open(~~full_~~path, mode, ~~encoding~~=~~encoding~~)	55	return self.fs.open(path, mode)
131	except OSError:	56	except OSError:
132	if count == 10:	57	if count == 10:
133	# Give up after 10 tries to open the file.	58	# Give up after 10 tries to open the file.
134	raise	59	raise
135	continue	60	continue
136		61
137	with writer:	62	def _write_file(self, full_path, iterator, mode):
138	size = 0	63	# ensure dir exists
139	for chunk in iterator:	64	destination, _ = os.path.split(full_path)
140	size += len(chunk)	65	if not self.fs.exists(destination):
141	writer.write(chunk)	66	self.fs.makedirs(destination)
142	writer.flush()
143	# Get the file descriptor
144	fd = writer.fileno()
145
146	# Sync the file descriptor to disk, helps with NFS cases...
147	os.fsync(fd)
148	log.debug('written new archive cache under %s', full_path)
149	return size
150
151	def _get_keyfile(self, key):
152	return os.path.join(self._directory, f'{key}.key')
153		67
154	def store(self, key, value_reader, metadata):	68	writer = self._get_writer(full_path, mode)
155	filename, full_path = self.random_filename()
156	key_file = self._get_keyfile(key)
157
158	# STORE METADATA
159	_metadata = {
160	"version": "v1",
161	"filename": filename,
162	"full_path": full_path,
163	"key_file": key_file,
164	"store_time": time.time(),
165	"access_count": 1,
166	"access_time": 0,
167	"size": 0
168	}
169	if metadata:
170	_metadata.update(metadata)
171
172	reader = functools.partial(value_reader.read, 2**22)
173		69
174	iterator = iter(reader, b'')	70	digest = hashlib.sha256()
175	size = self._write_file(full_path, iterator, 'xb')	71	with writer:
176	metadata['size'] = size	72	size = 0
177		73	for chunk in iterator:
178	# after archive is finished, we create a key to save the presence of the binary file	74	size += len(chunk)
179	with open(key_file, 'wb') as f:	75	digest.update(chunk)
180	f.write(json.dumps(_metadata))	76	writer.write(chunk)
181		77	writer.flush()
182	return key, size, MODE_BINARY, filename, _metadata	78	# Get the file descriptor
183		79	fd = writer.fileno()
184	def fetch(self, key, retry=False, retry_attempts=10) -> tuple[typing.BinaryIO, dict]:
185
186	if retry:
187	for attempt in range(retry_attempts):
188	if key in self:
189	break
190	# we dind't find the key, wait 1s, and re-check
191	time.sleep(1)
192		80
193	if key not in self:	81	# Sync the file descriptor to disk, helps with NFS cases...
194	log.exception('requested {key} not found in {self}', key, self)	82	os.fsync(fd)
195	raise KeyError(key)	83	sha256 = digest.hexdigest()
196		84	log.debug('written new archive cache under %s, sha256: %s', full_path, sha256)
197	key_file = self._get_keyfile(key)	85	return size, sha256
198	with open(key_file, 'rb') as f:
199	metadata = json.loads(f.read())
200
201	filename = metadata['filename']
202		86
203	try:	87	def store(self, key, value_reader, metadata: dict \| None = None):
204	return open(os.path.join(self.directory, filename), 'rb'), metadata	88	return self._store(key, value_reader, metadata, mode='xb')
205	finally:
206	# update usage stats, count and accessed
207	metadata["access_count"] = metadata.get("access_count", 0) + 1
208	metadata["access_time"] = time.time()
209		89
210	with open(key_file, 'wb') as f:	90	def fetch(self, key, retry=NOT_GIVEN, retry_attempts=NOT_GIVEN, retry_backoff=1) -> tuple[ShardFileReader, dict]:
211	f.write(json.dumps(metadata))	91	return self._fetch(key, retry, retry_attempts, retry_backoff)
		92
		93	def remove(self, key):
		94	return self._remove(key)
212		95
213	def random_filename(self):	96	def random_filename(self):
214	"""Return filename and full-path tuple for file storage.	97	"""Return filename and full-path tuple for file storage.
215		98
216	Filename will be a randomly generated 28 character hexadecimal string	99	Filename will be a randomly generated 28 character hexadecimal string
217	with ".archive_cache" suffixed. Two levels of sub-directories will be used to	100	with ".archive_cache" suffixed. Two levels of sub-directories will be used to
218	reduce the size of directories. On older filesystems, lookups in	101	reduce the size of directories. On older filesystems, lookups in
219	directories with many files may be slow.	102	directories with many files may be slow.
220	"""	103	"""
221		104
222	hex_name = codecs.encode(os.urandom(16), 'hex').decode('utf-8')	105	hex_name = codecs.encode(os.urandom(16), 'hex').decode('utf-8')
223	sub_dir = os.path.join(hex_name[:2], hex_name[2:4])
224	name = hex_name[4:] + '.archive_cache'
225	filename = os.path.join(sub_dir, name)
226	full_path = os.path.join(self.directory, filename)
227	return filename, full_path
228
229	def hash(self, key):
230	"""Compute portable hash for `key`.
231
232	:param key: key to hash
233	:return: hash value
234		106
235	"""	107	archive_name = hex_name[4:] + '.archive_cache'
236	mask = 0xFFFFFFFF	108	filename = f"{hex_name[:2]}/{hex_name[2:4]}/{archive_name}"
237	return zlib.adler32(key.encode('utf-8')) & mask # noqa
238
239	def __contains__(self, key):
240	"""Return `True` if `key` matching item is found in cache.
241		109
242	:param key: key matching item	110	full_path = os.path.join(self.directory, filename)
243	:return: True if key matching item	111	return archive_name, full_path
244
245	"""
246	key_file = self._get_keyfile(key)
247	return os.path.exists(key_file)
248		112
249	def __repr__(self):	113	def __repr__(self):
250	return f'~~FileSystemCache~~(index={self._index}, dir={self.directory})'	114	return f'{self.__class__.__name__}(index={self._index}, dir={self.directory})'
251		115
252		116
253	class FanoutCache:	117	class FileSystemFanoutCache(BaseCache):
254	"""Cache that shards keys and values."""
255		118
256	def __init__(	119	def __init__(self, locking_url, **settings):
257	self, directory=None, **settings	120	"""
258	):	121	Initialize file system cache instance.
259	"""Initialize cache instance.
260		122
261	:param str directory: cache directory	123	:param str locking_url: redis url for a lock
262	:param settings: settings dict	124	:param settings: settings dict
263		125
264	"""	126	"""
265	if directory is None:	127	self._locking_url = locking_url
266	raise ValueError('directory cannot be None')	128	self._config = settings
267		129	cache_dir = self.get_conf('archive_cache.filesystem.store_dir')
268	directory = str(dir~~ectory~~)	130	directory = str(cache_dir)
269	directory = os.path.expanduser(directory)	131	directory = os.path.expanduser(directory)
270	directory = os.path.expandvars(directory)	132	directory = os.path.expandvars(directory)
271	self._directory = directory	133	self._directory = directory
		134	self._storage_path = directory
272		135
273	self._count = settings.pop('cache_shards')	136	# check if it's ok to write, and re-create the archive cache
274	self._locking_url = settings.pop('locking_url')	137	if not os.path.isdir(self._directory):
		138	os.makedirs(self._directory, exist_ok=True)
		139
		140	self._count = int(self.get_conf('archive_cache.filesystem.cache_shards', pop=True))
275		141
276	self._eviction_policy = se~~ttings~~['~~cache_~~eviction_policy']	142	self._eviction_policy = self.get_conf('archive_cache.filesystem.eviction_policy', pop=True)
277	self._cache_size_limit = se~~ttings~~['cache_size_~~limit~~']	143	self._cache_size_limit = self.gb_to_bytes(int(self.get_conf('archive_cache.filesystem.cache_size_gb')))
278		144
		145	self.retry = str2bool(self.get_conf('archive_cache.filesystem.retry', pop=True))
		146	self.retry_attempts = int(self.get_conf('archive_cache.filesystem.retry_attempts', pop=True))
		147	self.retry_backoff = int(self.get_conf('archive_cache.filesystem.retry_backoff', pop=True))
		148
		149	log.debug('Initializing archival cache instance under %s', self._directory)
279	self._shards = tuple(	150	self._shards = tuple(
280	FileSystem~~Cache~~(	151	FileSystemShard(
281	index=num,	152	index=num,
282	directory=os.path.join(directory, 'shard_%03d' % num),	153	directory=os.path.join(directory, 'shard_%03d' % num),
283	**settings,	154	**settings,
284	)	155	)
285	for num in range(self._count)	156	for num in range(self._count)
286	)	157	)
287	self._hash = self._shards[0].hash	158	self._hash = self._shards[0].hash
288		159
289	@property	160	def _get_shard(self, key) -> FileSystemShard:
290	def directory(self):
291	"""Cache directory."""
292	return self._directory
293
294	def get_lock(self, lock_key):
295	return GenerationLock(lock_key, self._locking_url)
296
297	def _get_shard(self, key) -> FileSystemCache:
298	index = self._hash(key) % self._count	161	index = self._hash(key) % self._count
299	shard = self._shards[index]	162	shard = self._shards[index]
300	return shard	163	return shard
301		164
302	def store(self, key, value_reader, metadata=None):	165	def _get_size(self, shard, archive_path):
303	shard = self._get_shard(key)	166	return os.stat(archive_path).st_size
304	return shard.store(key, value_reader, metadata)
305
306	def fetch(self, key, retry=False, retry_attempts=10):
307	"""Return file handle corresponding to `key` from cache.
308	"""
309	shard = self._get_shard(key)
310	return shard.fetch(key, retry=retry, retry_attempts=retry_attempts)
311
312	def has_key(self, key):
313	"""Return `True` if `key` matching item is found in cache.
314
315	:param key: key for item
316	:return: True if key is found
317
318	"""
319	shard = self._get_shard(key)
320	return key in shard
321
322	def __contains__(self, item):
323	return self.has_key(item)
324
325	def evict(self, policy=None, size_limit=None):
326	"""
327	Remove old items based on the conditions
328
329
330	explanation of this algo:
331	iterate over each shard, then for each shard iterate over the .key files
332	read the key files metadata stored. This gives us a full list of keys, cached_archived, their size and
333	access data, time creation, and access counts.
334
335	Store that into a memory DB so we can run different sorting strategies easily.
336	Summing the size is a sum sql query.
337
338	Then we run a sorting strategy based on eviction policy.
339	We iterate over sorted keys, and remove each checking if we hit the overall limit.
340	"""
341
342	policy = policy or self._eviction_policy
343	size_limit = size_limit or self._cache_size_limit
344
345	select_policy = EVICTION_POLICY[policy]['evict']
346
347	log.debug('Running eviction policy \'%s\', and checking for size limit: %s',
348	policy, format_size(size_limit))
349
350	if select_policy is None:
351	return 0
352
353	db = DB()
354
355	data = []
356	cnt = 1
357	for shard in self._shards:
358	for key_file in os.listdir(shard.directory):
359	if key_file.endswith('.key'):
360	key_file_path = os.path.join(shard.directory, key_file)
361	with open(key_file_path, 'rb') as f:
362	metadata = json.loads(f.read())
363
364	size = metadata.get('size')
365	filename = metadata.get('filename')
366	full_path = metadata.get('full_path')
367
368	if not size:
369	# in case we don't have size re-calc it...
370	size = os.stat(full_path).st_size
371
372	data.append([
373	cnt,
374	key_file,
375	key_file_path,
376	filename,
377	full_path,
378	metadata.get('store_time', 0),
379	metadata.get('access_time', 0),
380	metadata.get('access_count', 0),
381	size,
382	])
383	cnt += 1
384
385	# Insert bulk data using executemany
386	db.bulk_insert(data)
387
388	((total_size,),) = db.sql('SELECT COALESCE(SUM(size), 0) FROM archive_cache').fetchall()
389	log.debug('Analyzed %s keys, occupied: %s', len(data), format_size(total_size))
390	select_policy_qry = select_policy.format(fields='key_file_path, full_path, size')
391	sorted_keys = db.sql(select_policy_qry).fetchall()
392
393	removed_items = 0
394	removed_size = 0
395	for key, cached_file, size in sorted_keys:
396	# simulate removal impact BEFORE removal
397	total_size -= size
398
399	if total_size <= size_limit:
400	# we obtained what we wanted...
401	break
402
403	os.remove(cached_file)
404	os.remove(key)
405	removed_items += 1
406	removed_size += size
407
408	log.debug('Removed %s cache archives, and reduced size: %s', removed_items, format_size(removed_size))
409	return removed_items
410
411
412	def get_archival_config(config):
413
414	final_config = {
415
416	}
417
418	for k, v in config.items():
419	if k.startswith('archive_cache'):
420	final_config[k] = v
421
422	return final_config
423
424
425	def get_archival_cache_store(config):
426
427	global cache_meta
428	if cache_meta is not None:
429	return cache_meta
430
431	config = get_archival_config(config)
432	backend = config['archive_cache.backend.type']
433	if backend != 'filesystem':
434	raise ValueError('archive_cache.backend.type only supports "filesystem"')
435
436	archive_cache_locking_url = config['archive_cache.locking.url']
437	archive_cache_dir = config['archive_cache.filesystem.store_dir']
438	archive_cache_size_gb = config['archive_cache.filesystem.cache_size_gb']
439	archive_cache_shards = config['archive_cache.filesystem.cache_shards']
440	archive_cache_eviction_policy = config['archive_cache.filesystem.eviction_policy']
441
442	log.debug('Initializing archival cache instance under %s', archive_cache_dir)
443
444	# check if it's ok to write, and re-create the archive cache
445	if not os.path.isdir(archive_cache_dir):
446	os.makedirs(archive_cache_dir, exist_ok=True)
447
448	d_cache = FanoutCache(
449	archive_cache_dir,
450	locking_url=archive_cache_locking_url,
451	cache_shards=archive_cache_shards,
452	cache_size_limit=archive_cache_size_gb * 1024 * 1024 * 1024,
453	cache_eviction_policy=archive_cache_eviction_policy
454	)
455	cache_meta = d_cache
456	return cache_meta

rhodecode/lib/archive_cache/lock.py ~~rhodecode/lib/rc_cache/archive_cache/lock.py~~

0 renamed +5 -2

             # Copyright (C) 2015-2024 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import redis
-            from ..._vendor import redis_lock
+            from .._vendor import redis_lock
-            from .utils import ArchiveCacheGenerationLock
+            class ArchiveCacheGenerationLock(Exception):
+                pass
             class GenerationLock:
                 """
                 Locking mechanism that detects if a lock is acquired
                 with GenerationLock(lock_key):
                     compute_archive()
                 """
                 lock_timeout = 7200
                 def __init__(self, lock_key, url):
                     self.lock_key = lock_key
                     self._create_client(url)
                     self.lock = self.get_lock()
                 def _create_client(self, url):
                     connection_pool = redis.ConnectionPool.from_url(url)
                     self.writer_client = redis.StrictRedis(
                         connection_pool=connection_pool
                     )
                     self.reader_client = self.writer_client
                 def get_lock(self):
                     return redis_lock.Lock(
                         redis_client=self.writer_client,
                         name=self.lock_key,
                         expire=self.lock_timeout,
                         strict=True
                     )
                 def __enter__(self):
                     acquired = self.lock.acquire(blocking=False)
                     if not acquired:
                         raise ArchiveCacheGenerationLock('Failed to create a lock')
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     self.lock.release()

rhodecode/lib/archive_cache/utils.py ~~rhodecode/lib/rc_cache/archive_cache/utils.py~~

0 renamed +97 -35

@@ -1,72 +1,134 b''
1	# Copyright (C) 2015-2024 RhodeCode GmbH	1	# Copyright (C) 2015-2024 RhodeCode GmbH
2	#	2	#
3	# This program is free software: you can redistribute it and/or modify	3	# This program is free software: you can redistribute it and/or modify
4	# it under the terms of the GNU Affero General Public License, version 3	4	# it under the terms of the GNU Affero General Public License, version 3
5	# (only), as published by the Free Software Foundation.	5	# (only), as published by the Free Software Foundation.
6	#	6	#
7	# This program is distributed in the hope that it will be useful,	7	# This program is distributed in the hope that it will be useful,
8	# but WITHOUT ANY WARRANTY; without even the implied warranty of	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	# GNU General Public License for more details.	10	# GNU General Public License for more details.
11	#	11	#
12	# You should have received a copy of the GNU Affero General Public License	12	# You should have received a copy of the GNU Affero General Public License
13	# along with this program. If not, see <http://www.gnu.org/licenses/>.	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
14	#	14	#
15	# This program is dual-licensed. If you wish to learn more about the	15	# This program is dual-licensed. If you wish to learn more about the
16	# RhodeCode Enterprise Edition, including its added features, Support services,	16	# RhodeCode Enterprise Edition, including its added features, Support services,
17	# and proprietary license terms, please see https://rhodecode.com/licenses/	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
18		18
19	import os	19	import sqlite3
		20	import s3fs.core
		21
		22	NOT_GIVEN = -917
20		23
21		24
22	class ArchiveCacheGenerationLock(Exception):	25	EVICTION_POLICY = {
23	pass	26	'none': {
		27	'evict': None,
		28	},
		29	'least-recently-stored': {
		30	'evict': 'SELECT {fields} FROM archive_cache ORDER BY store_time',
		31	},
		32	'least-recently-used': {
		33	'evict': 'SELECT {fields} FROM archive_cache ORDER BY access_time',
		34	},
		35	'least-frequently-used': {
		36	'evict': 'SELECT {fields} FROM archive_cache ORDER BY access_count',
		37	},
		38	}
24		39
25		40
26	def archive_iterator(_reader, block_size: int = 4096 * 512):	41	def archive_iterator(_reader, block_size: int = 4096 * 512):
27	# 4096 * 64 = 64KB	42	# 4096 * 64 = 64KB
28	while 1:	43	while 1:
29	data = _reader.read(block_size)	44	data = _reader.read(block_size)
30	if not data:	45	if not data:
31	break	46	break
32	yield data	47	yield data
33		48
34		49
35	def get_directory_statistics(start_path):
36	"""
37	total_files, total_size, directory_stats = get_directory_statistics(start_path)
38
39	print(f"Directory statistics for: {start_path}\n")
40	print(f"Total files: {total_files}")
41	print(f"Total size: {format_size(total_size)}\n")
42
43	:param start_path:
44	:return:
45	"""
46
47	total_files = 0
48	total_size = 0
49	directory_stats = {}
50
51	for dir_path, dir_names, file_names in os.walk(start_path):
52	dir_size = 0
53	file_count = len(file_names)
54
55	for file in file_names:
56	filepath = os.path.join(dir_path, file)
57	file_size = os.path.getsize(filepath)
58	dir_size += file_size
59
60	directory_stats[dir_path] = {'file_count': file_count, 'size': dir_size}
61	total_files += file_count
62	total_size += dir_size
63
64	return total_files, total_size, directory_stats
65
66
67	def format_size(size):	50	def format_size(size):
68	# Convert size in bytes to a human-readable format (e.g., KB, MB, GB)	51	# Convert size in bytes to a human-readable format (e.g., KB, MB, GB)
69	for unit in ['B', 'KB', 'MB', 'GB', 'TB']:	52	for unit in ['B', 'KB', 'MB', 'GB', 'TB']:
70	if size < 1024:	53	if size < 1024:
71	return f"{size:.2f} {unit}"	54	return f"{size:.2f} {unit}"
72	size /= 1024	55	size /= 1024
		56
		57
		58	class StatsDB:
		59
		60	def __init__(self):
		61	self.connection = sqlite3.connect(':memory:')
		62	self._init_db()
		63
		64	def _init_db(self):
		65	qry = '''
		66	CREATE TABLE IF NOT EXISTS archive_cache (
		67	rowid INTEGER PRIMARY KEY,
		68	key_file TEXT,
		69	key_file_path TEXT,
		70	archive_key TEXT,
		71	archive_path TEXT,
		72	store_time REAL,
		73	access_time REAL,
		74	access_count INTEGER DEFAULT 0,
		75	size INTEGER DEFAULT 0
		76	)
		77	'''
		78
		79	self.sql(qry)
		80	self.connection.commit()
		81
		82	@property
		83	def sql(self):
		84	return self.connection.execute
		85
		86	def bulk_insert(self, rows):
		87	qry = '''
		88	INSERT INTO archive_cache (
		89	rowid,
		90	key_file,
		91	key_file_path,
		92	archive_key,
		93	archive_path,
		94	store_time,
		95	access_time,
		96	access_count,
		97	size
		98	)
		99	VALUES (
		100	?, ?, ?, ?, ?, ?, ?, ?, ?
		101	)
		102	'''
		103	cursor = self.connection.cursor()
		104	cursor.executemany(qry, rows)
		105	self.connection.commit()
		106
		107	def get_total_size(self):
		108	qry = 'SELECT COALESCE(SUM(size), 0) FROM archive_cache'
		109	((total_size,),) = self.sql(qry).fetchall()
		110	return total_size
		111
		112	def get_sorted_keys(self, select_policy):
		113	select_policy_qry = select_policy.format(fields='key_file, archive_key, size')
		114	return self.sql(select_policy_qry).fetchall()
		115
		116
		117	class ShardFileReader:
		118
		119	def __init__(self, file_like_reader):
		120	self._file_like_reader = file_like_reader
		121
		122	def __getattr__(self, item):
		123	if isinstance(self._file_like_reader, s3fs.core.S3File):
		124	match item:
		125	case 'name':
		126	# S3 FileWrapper doesn't support name attribute, and we use it
		127	return self._file_like_reader.full_name
		128	case _:
		129	return getattr(self._file_like_reader, item)
		130	else:
		131	return getattr(self._file_like_reader, item)
		132
		133	def __repr__(self):
		134	return f'<{self.__class__.__name__}={self._file_like_reader}>'

rhodecode/lib/base.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import base64
             import markupsafe
             import ipaddress
             import paste.httpheaders
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (password_changed, get_enabled_hook_classes)
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.str_utils import ascii_bytes, safe_int, safe_str
             from rhodecode.lib.type_utils import aslist, str2bool
             from rhodecode.lib.hash_utils import sha1
             from rhodecode.model.db import Repository, User, ChangesetComment, UserBookmark
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(safe_str(ip_addr))
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 def ip_filters(ip_):
                     return _filter_port(_filter_proxy(ip_))
                 ip = environ.get(proxy_key)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return ip_filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_user_agent(environ):
                 return environ.get('HTTP_USER_AGENT')
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False, check_branch_perms=False, detect_force_push=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 user = User.get_by_username(username)
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 user_id = user.user_id
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 # NOTE(marcink): This should be also in sync with
                 # rhodecode/apps/ssh_support/lib/backends/base.py:update_environment scm_data
                 store = [x for x in ui_settings if x.key == '/']
                 repo_store = ''
                 if store:
                     repo_store = store[0].value
                 scm_data = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'user_id': user_id,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'repo_store': repo_store,
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'user_agent': get_user_agent(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                     'detect_force_push': detect_force_push,
                     'check_branch_perms': check_branch_perms,
                 }
                 return scm_data
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
                              initial_call_detection=False, acl_repo_name=None, rc_realm=''):
                     super().__init__(realm=realm, authfunc=authfunc)
                     self.realm = realm
                     self.rc_realm = rc_realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
                     self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code, fallback):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response class for code %s, using fallback: %s', http_code, fallback)
                         return fallback
                 def get_rc_realm(self):
                     return safe_str(self.rc_realm)
                 def build_authentication(self):
                     header = [('WWW-Authenticate', f'Basic realm="{self.realm}"')]
                     # NOTE: the initial_Call detection seems to be not working/not needed witg latest Mercurial
                     # investigate if we still need it.
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(self._rc_auth_http_code, fallback=HTTPUnauthorized)
                         log.debug('Using custom response class: %s', custom_response_klass)
                         return custom_response_klass(headers=header)
                     return HTTPUnauthorized(headers=header)
                 def authenticate(self, environ):
                     authorization = paste.httpheaders.AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (auth_meth, auth_creds_b64) = authorization.split(' ', 1)
                     if 'basic' != auth_meth.lower():
                         return self.build_authentication()
                     credentials = safe_str(base64.b64decode(auth_creds_b64.strip()))
                     _parts = credentials.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         auth_data = self.authfunc(
                                 username, password, environ, VCS_TYPE,
                                 registry=self.registry, acl_repo_name=self.acl_repo_name)
                         if auth_data:
                             return {'username': username, 'auth_data': auth_data}
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def calculate_version_hash(config):
                 return sha1(
                     config.get(b'beaker.session.secret', b'') + ascii_bytes(rhodecode.__version__)
                 )[:8]
             def get_current_lang(request):
                 return getattr(request, '_LOCALE_', request.locale_name)
             def attach_context_attributes(context, request, user_id=None, is_api=None):
                 """
                 Attach variables into template context called `c`.
                 """
                 config = request.registry.settings
                 rc_config = SettingsModel().get_all_settings(cache=True, from_request=False)
                 context.rc_config = rc_config
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 context.rhodecode_edition_id = config.get('rhodecode.edition_id')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = calculate_version_hash(config)
                 # Default language set for the incoming request
                 context.language = get_current_lang(request)
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.show_revision_number = str2bool(
                     rc_config.get('rhodecode_show_revision_number', True))
                 context.visual.show_sha_length = safe_int(
                     rc_config.get('rhodecode_show_sha_length', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or h.route_url('rhodecode_support')
                 context.visual.affected_files_cut_off = 60
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 context.clone_uri_id_tmpl = rc_config.get('rhodecode_clone_uri_id_tmpl')
                 context.clone_uri_ssh_tmpl = rc_config.get('rhodecode_clone_uri_ssh_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.ssh_enabled = str2bool(
                     config.get('ssh.generate_authorized_keyfile', 'false'))
                 context.ssh_key_generator_enabled = str2bool(
                     config.get('ssh.enable_ui_key_generator', 'true'))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 context.visual.cut_off_limit_diff = safe_int(
                     config.get('cut_off_limit_diff'), default=0)
                 context.visual.cut_off_limit_file = safe_int(
                     config.get('cut_off_limit_file'), default=0)
                 context.license = AttributeDict({})
                 context.license.hide_license_info = str2bool(
                     config.get('license.hide_license_info', False))
                 # AppEnlight
                 context.appenlight_enabled = config.get('appenlight', False)
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 diffmode = {
                     "unified": "unified",
                     "sideside": "sideside"
                 }.get(request.GET.get('diffmode'))
                 if is_api is not None:
                     is_api = hasattr(request, 'rpc_user')
                 session_attrs = {
                     # defaults
                     "clone_url_format": "http",
                     "diffmode": "sideside",
                     "license_fingerprint": request.session.get('license_fingerprint')
                 }
                 if not is_api:
                     # don't access pyramid session for API calls
                     if diffmode and diffmode != request.session.get('rc_user_session_attr.diffmode'):
                         request.session['rc_user_session_attr.diffmode'] = diffmode
                     # session settings per user
                     for k, v in list(request.session.items()):
                         pref = 'rc_user_session_attr.'
                         if k and k.startswith(pref):
                             k = k[len(pref):]
                             session_attrs[k] = v
                 context.user_session_attrs = session_attrs
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'session_attrs': session_attrs,
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 if is_api:
                     csrf_token = None
                 else:
                     csrf_token = auth.get_csrf_token(session=request.session)
                 context.csrf_token = csrf_token
                 context.backends = list(rhodecode.BACKENDS.keys())
                 unread_count = 0
                 user_bookmark_list = []
                 if user_id:
                     unread_count = NotificationModel().get_unread_cnt_for_user(user_id)
                     user_bookmark_list = UserBookmark.get_bookmarks_for_user(user_id)
                 context.unread_notifications = unread_count
                 context.bookmark_items = user_bookmark_list
                 # web case
                 if hasattr(request, 'user'):
                     context.auth_user = request.user
                     context.rhodecode_user = request.user
                 # api case
                 if hasattr(request, 'rpc_user'):
                     context.auth_user = request.rpc_user
                     context.rhodecode_user = request.rpc_user
                 # attach the whole call context to the request
                 request.set_call_context(context)
             def get_auth_user(request):
                 environ = request.environ
                 session = request.session
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (
                         # ?auth_token=XXX
                         request.GET.get('auth_token', '')
                         # ?api_key=XXX !LEGACY
                         or request.GET.get('api_key', '')
                         # or headers....
                         or request.headers.get('X-Rc-Auth-Token', '')
                 )
                 if not _auth_token and request.matchdict:
                     url_auth_token = request.matchdict.get('_auth_token')
                     _auth_token = url_auth_token
                     if _auth_token:
                         log.debug('Using URL extracted auth token `...%s`', _auth_token[-4:])
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     # in case someone changes a password for user it triggers session
                     # flush and forces a re-login
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user, _auth_token
             def h_filter(s):
                 """
                 Custom filter for Mako templates. Mako by standard uses `markupsafe.escape`
                 we wrap this with additional functionality that converts None to empty
                 strings
                 """
                 if s is None:
                     return markupsafe.Markup()
                 return markupsafe.escape(s)
             def add_events_routes(config):
                 """
                 Adds routing that can be used in events. Because some events are triggered
                 outside of pyramid context, we need to bootstrap request with some
                 routing registered
                 """
                 from rhodecode.apps._base import ADMIN_PREFIX
                 config.add_route(name='home', pattern='/')
                 config.add_route(name='main_page_repos_data', pattern='/_home_repos')
                 config.add_route(name='main_page_repo_groups_data', pattern='/_home_repo_groups')
                 config.add_route(name='login', pattern=ADMIN_PREFIX + '/login')
                 config.add_route(name='logout', pattern=ADMIN_PREFIX + '/logout')
                 config.add_route(name='repo_summary', pattern='/{repo_name}')
                 config.add_route(name='repo_summary_explicit', pattern='/{repo_name}/summary')
                 config.add_route(name='repo_group_home', pattern='/{repo_group_name}')
                 config.add_route(name='pullrequest_show',
                                  pattern='/{repo_name}/pull-request/{pull_request_id}')
                 config.add_route(name='pull_requests_global',
                                  pattern='/pull-request/{pull_request_id}')
                 config.add_route(name='repo_commit',
                                  pattern='/{repo_name}/changeset/{commit_id}')
                 config.add_route(name='repo_files',
                                  pattern='/{repo_name}/files/{commit_id}/{f_path}')
                 config.add_route(name='hovercard_user',
                                  pattern='/_hovercard/user/{user_id}')
                 config.add_route(name='hovercard_user_group',
                                  pattern='/_hovercard/user_group/{user_group_id}')
                 config.add_route(name='hovercard_pull_request',
                                  pattern='/_hovercard/pull_request/{pull_request_id}')
                 config.add_route(name='hovercard_repo_commit',
                                  pattern='/_hovercard/commit/{repo_name}/{commit_id}')
             def bootstrap_config(request, registry_name='RcTestRegistry'):
                 from rhodecode.config.config_maker import sanitize_settings_and_apply_defaults
                 import pyramid.testing
                 registry = pyramid.testing.Registry(registry_name)
                 global_config = {'__file__': ''}
                 config = pyramid.testing.setUp(registry=registry, request=request)
                 sanitize_settings_and_apply_defaults(global_config, config.registry.settings)
                 # allow pyramid lookup in testing
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
-                config.include('rhodecode.lib.rc_cache.archive_cache')
+                config.include('rhodecode.lib.archive_cache')
                 add_events_routes(config)
                 return config
             def bootstrap_request(**kwargs):
                 """
                 Returns a thin version of Request Object that is used in non-web context like testing/celery
                 """
                 import pyramid.testing
                 from rhodecode.lib.request import ThinRequest as _ThinRequest
                 class ThinRequest(_ThinRequest):
                     application_url = kwargs.pop('application_url', 'http://example.com')
                     host = kwargs.pop('host', 'example.com:80')
                     domain = kwargs.pop('domain', 'example.com')
                 class ThinSession(pyramid.testing.DummySession):
                     def save(*arg, **kw):
                         pass
                 request = ThinRequest(**kwargs)
                 request.session = ThinSession()
                 return request

rhodecode/lib/helpers.py

0 +32 0

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Helper functions
             Consists of functions to typically be used within templates, but also
             available to Controllers. This module is available to both as 'h'.
             """
             import base64
             import collections
             import os
             import random
             import hashlib
             import io
             import textwrap
             import urllib.request
             import urllib.parse
             import urllib.error
             import math
             import logging
             import re
             import time
             import string
             import regex
             from collections import OrderedDict
             import pygments
             import itertools
             import fnmatch
             from datetime import datetime
             from functools import partial
             from pygments.formatters.html import HtmlFormatter
             from pygments.lexers import (
                 get_lexer_by_name, get_lexer_for_filename, get_lexer_for_mimetype)
             from pyramid.threadlocal import get_current_request
             from tempita import looper
             from webhelpers2.html import literal, HTML, escape
             from webhelpers2.html._autolink import _auto_link_urls
             from webhelpers2.html.tools import (
                 button_to, highlight, js_obfuscate, strip_links, strip_tags)
             from webhelpers2.text import (
                 chop_at, collapse, convert_accented_entities,
                 convert_misc_entities, lchop, plural, rchop, remove_formatting,
                 replace_whitespace, urlify, truncate, wrap_paragraphs)
             from webhelpers2.date import time_ago_in_words
             from webhelpers2.html.tags import (
                 _input, NotGiven, _make_safe_id_component as safeid,
                 form as insecure_form,
                 auto_discovery_link, checkbox, end_form, file,
                 hidden, image, javascript_link, link_to, link_to_if, link_to_unless, ol,
                 stylesheet_link, submit, text, password, textarea,
                 ul, radio, Options)
             from webhelpers2.number import format_byte_size
             # python3.11 backport fixes for webhelpers2
             from rhodecode import ConfigGet
             from rhodecode.lib._vendor.webhelpers_backports import raw_select
             from rhodecode.lib.action_parser import action_parser
             from rhodecode.lib.html_filters import sanitize_html
             from rhodecode.lib.pagination import Page, RepoPage, SqlPage
             from rhodecode.lib import ext_json
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.str_utils import safe_bytes, convert_special_chars, base64_to_str
             from rhodecode.lib.utils import repo_name_slug, get_custom_lexer
             from rhodecode.lib.str_utils import safe_str
             from rhodecode.lib.utils2 import (
                 str2bool,
                 get_commit_safe, datetime_to_time, time_to_datetime, time_to_utcdatetime,
                 AttributeDict, safe_int, md5, md5_safe, get_host_info)
             from rhodecode.lib.markup_renderer import MarkupRenderer, relative_links
             from rhodecode.lib.vcs.exceptions import CommitDoesNotExistError
             from rhodecode.lib.vcs.backends.base import BaseChangeset, EmptyCommit
             from rhodecode.lib.vcs.conf.settings import ARCHIVE_SPECS
             from rhodecode.lib.index.search_utils import get_matching_line_offsets
             from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT
             from rhodecode.model.changeset_status import ChangesetStatusModel
             from rhodecode.model.db import Permission, User, Repository, UserApiKeys, FileStore
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import IssueTrackerSettingsModel
             log = logging.getLogger(__name__)
             DEFAULT_USER = User.DEFAULT_USER
             DEFAULT_USER_EMAIL = User.DEFAULT_USER_EMAIL
             def asset(path, ver=None, **kwargs):
                 """
                 Helper to generate a static asset file path for rhodecode assets
                 eg. h.asset('images/image.png', ver='3923')
                 :param path: path of asset
                 :param ver: optional version query param to append as ?ver=
                 """
                 request = get_current_request()
                 query = {}
                 query.update(kwargs)
                 if ver:
                     query = {'ver': ver}
                 return request.static_path(
                     f'rhodecode:public/{path}', _query=query)
             default_html_escape_table = {
                 ord('&'): '&amp;',
                 ord('<'): '&lt;',
                 ord('>'): '&gt;',
                 ord('"'): '&quot;',
                 ord("'"): '&#39;',
             }
             def html_escape(text, html_escape_table=default_html_escape_table):
                 """Produce entities within text."""
                 return text.translate(html_escape_table)
             def str_json(*args, **kwargs):
                 return ext_json.str_json(*args, **kwargs)
             def formatted_str_json(*args, **kwargs):
                 return ext_json.formatted_str_json(*args, **kwargs)
             def chop_at_smart(s, sub, inclusive=False, suffix_if_chopped=None):
                 """
                 Truncate string ``s`` at the first occurrence of ``sub``.
                 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
                 """
                 suffix_if_chopped = suffix_if_chopped or ''
                 pos = s.find(sub)
                 if pos == -1:
                     return s
                 if inclusive:
                     pos += len(sub)
                 chopped = s[:pos]
                 left = s[pos:].strip()
                 if left and suffix_if_chopped:
                     chopped += suffix_if_chopped
                 return chopped
             def shorter(text, size=20, prefix=False):
                 postfix = '...'
                 if len(text) > size:
                     if prefix:
                         # shorten in front
                         return postfix + text[-(size - len(postfix)):]
                     else:
                         return text[:size - len(postfix)] + postfix
                 return text
             def reset(name, value=None, id=NotGiven, type="reset", **attrs):
                 """
                 Reset button
                 """
                 return _input(type, name, value, id, attrs)
             def select(name, selected_values, options, id=NotGiven, **attrs):
                 if isinstance(options, (list, tuple)):
                     options_iter = options
                     # Handle old value,label lists ... where value also can be value,label lists
                     options = Options()
                     for opt in options_iter:
                         if isinstance(opt, tuple) and len(opt) == 2:
                             value, label = opt
                         elif isinstance(opt, str):
                             value = label = opt
                         else:
                             raise ValueError('invalid select option type %r' % type(opt))
                         if isinstance(value, (list, tuple)):
                             option_group = options.add_optgroup(label)
                             for opt2 in value:
                                 if isinstance(opt2, tuple) and len(opt2) == 2:
                                     group_value, group_label = opt2
                                 elif isinstance(opt2, str):
                                     group_value = group_label = opt2
                                 else:
                                     raise ValueError('invalid select option type %r' % type(opt2))
                                 option_group.add_option(group_label, group_value)
                         else:
                             options.add_option(label, value)
                 return raw_select(name, selected_values, options, id=id, **attrs)
             def branding(name, length=40):
                 return truncate(name, length, indicator="")
             def FID(raw_id, path):
                 """
                 Creates a unique ID for filenode based on it's hash of path and commit
                 it's safe to use in urls
                 :param raw_id:
                 :param path:
                 """
                 return 'c-%s-%s' % (short_id(raw_id), md5_safe(path)[:12])
             class _GetError(object):
                 """Get error from form_errors, and represent it as span wrapped error
                 message
                 :param field_name: field to fetch errors for
                 :param form_errors: form errors dict
                 """
                 def __call__(self, field_name, form_errors):
                     tmpl = """<span class="error_msg">%s</span>"""
                     if form_errors and field_name in form_errors:
                         return literal(tmpl % form_errors.get(field_name))
             get_error = _GetError()
             class _ToolTip(object):
                 def __call__(self, tooltip_title, trim_at=50):
                     """
                     Special function just to wrap our text into nice formatted
                     autowrapped text
                     :param tooltip_title:
                     """
                     tooltip_title = escape(tooltip_title)
                     tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')
                     return tooltip_title
             tooltip = _ToolTip()
             files_icon = '<i class="file-breadcrumb-copy tooltip icon-clipboard clipboard-action" data-clipboard-text="{}" title="Copy file path"></i>'
             def files_breadcrumbs(repo_name, repo_type, commit_id, file_path, landing_ref_name=None, at_ref=None,
                                   limit_items=False, linkify_last_item=False, hide_last_item=False,
                                   copy_path_icon=True):
                 if at_ref:
                     route_qry = {'at': at_ref}
                     default_landing_ref = at_ref or landing_ref_name or commit_id
                 else:
                     route_qry = None
                     default_landing_ref = commit_id
                 # first segment is a `HOME` link to repo files root location
                 root_name = literal('<i class="icon-home"></i>')
                 url_segments = [
                     link_to(
                         root_name,
                         repo_files_by_ref_url(
                             repo_name,
                             repo_type,
                             f_path=None,  # None here is a special case for SVN repos,
                                           # that won't prefix with a ref
                             ref_name=default_landing_ref,
                             commit_id=commit_id,
                             query=route_qry
                         )
                     )]
                 path_segments = file_path.split('/')
                 last_cnt = len(path_segments) - 1
                 for cnt, segment in enumerate(path_segments):
                     if not segment:
                         continue
                     segment_html = escape(segment)
                     last_item = cnt == last_cnt
                     if last_item and hide_last_item:
                         # iterate over and hide last element
                         continue
                     if last_item and linkify_last_item is False:
                         # plain version
                         url_segments.append(segment_html)
                     else:
                         url_segments.append(
                             link_to(
                                 segment_html,
                                 repo_files_by_ref_url(
                                     repo_name,
                                     repo_type,
                                     f_path='/'.join(path_segments[:cnt + 1]),
                                     ref_name=default_landing_ref,
                                     commit_id=commit_id,
                                     query=route_qry
                                 ),
                             ))
                 limited_url_segments = url_segments[:1] + ['...'] + url_segments[-5:]
                 if limit_items and len(limited_url_segments) < len(url_segments):
                     url_segments = limited_url_segments
                 full_path = file_path
                 if copy_path_icon:
                     icon = files_icon.format(escape(full_path))
                 else:
                     icon = ''
                 if file_path == '':
                     return root_name
                 else:
                     return literal(' / '.join(url_segments) + icon)
             def files_url_data(request):
                 matchdict = request.matchdict
                 if 'f_path' not in matchdict:
                     matchdict['f_path'] = ''
                 else:
                     matchdict['f_path'] = urllib.parse.quote(safe_str(matchdict['f_path']))
                 if 'commit_id' not in matchdict:
                     matchdict['commit_id'] = 'tip'
                 return ext_json.str_json(matchdict)
             def repo_files_by_ref_url(db_repo_name, db_repo_type, f_path, ref_name, commit_id, query=None, ):
                 _is_svn = is_svn(db_repo_type)
                 final_f_path = f_path
                 if _is_svn:
                     """
                     For SVN the ref_name cannot be used as a commit_id, it needs to be prefixed with
                     actually commit_id followed by the ref_name. This should be done only in case
                     This is a initial landing url, without additional paths.
                     like: /1000/tags/1.0.0/?at=tags/1.0.0
                     """
                     if ref_name and ref_name != 'tip':
                         # NOTE(marcink): for svn the ref_name is actually the stored path, so we prefix it
                         # for SVN we only do this magic prefix if it's root, .eg landing revision
                         # of files link. If we are in the tree we don't need this since we traverse the url
                         # that has everything stored
                         if f_path in ['', '/']:
                             final_f_path = '/'.join([ref_name, f_path])
                     # SVN always needs a commit_id explicitly, without a named REF
                     default_commit_id = commit_id
                 else:
                     """
                     For git and mercurial we construct a new URL using the names instead of commit_id
                     like: /master/some_path?at=master
                     """
                     # We currently do not support branches with slashes
                     if '/' in ref_name:
                         default_commit_id = commit_id
                     else:
                         default_commit_id = ref_name
                 # sometimes we pass f_path as None, to indicate explicit no prefix,
                 # we translate it to string to not have None
                 final_f_path = final_f_path or ''
                 files_url = route_path(
                     'repo_files',
                     repo_name=db_repo_name,
                     commit_id=default_commit_id,
                     f_path=final_f_path,
                     _query=query
                 )
                 return files_url
             def code_highlight(code, lexer, formatter, use_hl_filter=False):
                 """
                 Lex ``code`` with ``lexer`` and format it with the formatter ``formatter``.
                 If ``outfile`` is given and a valid file object (an object
                 with a ``write`` method), the result will be written to it, otherwise
                 it is returned as a string.
                 """
                 if use_hl_filter:
                     # add HL filter
                     from rhodecode.lib.index import search_utils
                     lexer.add_filter(search_utils.ElasticSearchHLFilter())
                 return pygments.format(pygments.lex(code, lexer), formatter)
             class CodeHtmlFormatter(HtmlFormatter):
                 """
                 My code Html Formatter for source codes
                 """
                 def wrap(self, source):
                     return self._wrap_div(self._wrap_pre(self._wrap_code(source)))
                 def _wrap_code(self, source):
                     for cnt, it in enumerate(source):
                         i, t = it
                         t = f'<div id="L{cnt+1}">{t}</div>'
                         yield i, t
                 def _wrap_tablelinenos(self, inner):
                     dummyoutfile = io.StringIO()
                     lncount = 0
                     for t, line in inner:
                         if t:
                             lncount += 1
                         dummyoutfile.write(line)
                     fl = self.linenostart
                     mw = len(str(lncount + fl - 1))
                     sp = self.linenospecial
                     st = self.linenostep
                     la = self.lineanchors
                     aln = self.anchorlinenos
                     nocls = self.noclasses
                     if sp:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if i % sp == 0:
                                     if aln:
                                         lines.append('<a href="#%s%d" class="special">%*d</a>' %
                                                      (la, i, mw, i))
                                     else:
                                         lines.append('<span class="special">%*d</span>' % (mw, i))
                                 else:
                                     if aln:
                                         lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                     else:
                                         lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     else:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if aln:
                                     lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                 else:
                                     lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     # in case you wonder about the seemingly redundant <div> here: since the
                     # content in the other cell also is wrapped in a div, some browsers in
                     # some configurations seem to mess up the formatting...
                     if nocls:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td><div class="linenodiv" '
                                   'style="background-color: #f0f0f0; padding-right: 10px">'
                                   '<pre style="line-height: 125%">' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     else:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td class="linenos"><div class="linenodiv"><pre>' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     yield 0, dummyoutfile.getvalue()
                     yield 0, '</td></tr></table>'
             class SearchContentCodeHtmlFormatter(CodeHtmlFormatter):
                 def __init__(self, **kw):
                     # only show these line numbers if set
                     self.only_lines = kw.pop('only_line_numbers', [])
                     self.query_terms = kw.pop('query_terms', [])
                     self.max_lines = kw.pop('max_lines', 5)
                     self.line_context = kw.pop('line_context', 3)
                     self.url = kw.pop('url', None)
                     super(CodeHtmlFormatter, self).__init__(**kw)
                 def _wrap_code(self, source):
                     for cnt, it in enumerate(source):
                         i, t = it
                         t = '<pre>%s</pre>' % t
                         yield i, t
                 def _wrap_tablelinenos(self, inner):
                     yield 0, '<table class="code-highlight %stable">' % self.cssclass
                     last_shown_line_number = 0
                     current_line_number = 1
                     for t, line in inner:
                         if not t:
                             yield t, line
                             continue
                         if current_line_number in self.only_lines:
                             if last_shown_line_number + 1 != current_line_number:
                                 yield 0, '<tr>'
                                 yield 0, '<td class="line">...</td>'
                                 yield 0, '<td id="hlcode" class="code"></td>'
                                 yield 0, '</tr>'
                             yield 0, '<tr>'
                             if self.url:
                                 yield 0, '<td class="line"><a href="%s#L%i">%i</a></td>' % (
                                     self.url, current_line_number, current_line_number)
                             else:
                                 yield 0, '<td class="line"><a href="">%i</a></td>' % (
                                     current_line_number)
                             yield 0, '<td id="hlcode" class="code">' + line + '</td>'
                             yield 0, '</tr>'
                             last_shown_line_number = current_line_number
                         current_line_number += 1
                     yield 0, '</table>'
             def hsv_to_rgb(h, s, v):
                 """ Convert hsv color values to rgb """
                 if s == 0.0:
                     return v, v, v
                 i = int(h * 6.0)  # XXX assume int() truncates!
                 f = (h * 6.0) - i
                 p = v * (1.0 - s)
                 q = v * (1.0 - s * f)
                 t = v * (1.0 - s * (1.0 - f))
                 i = i % 6
                 if i == 0:
                     return v, t, p
                 if i == 1:
                     return q, v, p
                 if i == 2:
                     return p, v, t
                 if i == 3:
                     return p, q, v
                 if i == 4:
                     return t, p, v
                 if i == 5:
                     return v, p, q
             def unique_color_generator(n=10000, saturation=0.10, lightness=0.95):
                 """
                 Generator for getting n of evenly distributed colors using
                 hsv color and golden ratio. It always return same order of colors
                 :param n: number of colors to generate
                 :param saturation: saturation of returned colors
                 :param lightness: lightness of returned colors
                 :returns: RGB tuple
                 """
                 golden_ratio = 0.618033988749895
                 h = 0.22717784590367374
                 for _ in range(n):
                     h += golden_ratio
                     h %= 1
                     HSV_tuple = [h, saturation, lightness]
                     RGB_tuple = hsv_to_rgb(*HSV_tuple)
                     yield [str(int(x * 256)) for x in RGB_tuple]
             def color_hasher(n=10000, saturation=0.10, lightness=0.95):
                 """
                 Returns a function which when called with an argument returns a unique
                 color for that argument, eg.
                 :param n: number of colors to generate
                 :param saturation: saturation of returned colors
                 :param lightness: lightness of returned colors
                 :returns: css RGB string
                 >>> color_hash = color_hasher()
                 >>> color_hash('hello')
                 'rgb(34, 12, 59)'
                 >>> color_hash('hello')
                 'rgb(34, 12, 59)'
                 >>> color_hash('other')
                 'rgb(90, 224, 159)'
                 """
                 color_dict = {}
                 cgenerator = unique_color_generator(
                     saturation=saturation, lightness=lightness)
                 def get_color_string(thing):
                     if thing in color_dict:
                         col = color_dict[thing]
                     else:
                         col = color_dict[thing] = next(cgenerator)
                     return "rgb(%s)" % (', '.join(col))
                 return get_color_string
             def get_lexer_safe(mimetype=None, filepath=None):
                 """
                 Tries to return a relevant pygments lexer using mimetype/filepath name,
                 defaulting to plain text if none could be found
                 """
                 lexer = None
                 try:
                     if mimetype:
                         lexer = get_lexer_for_mimetype(mimetype)
                     if not lexer:
                         lexer = get_lexer_for_filename(filepath)
                 except pygments.util.ClassNotFound:
                     pass
                 if not lexer:
                     lexer = get_lexer_by_name('text')
                 return lexer
             def get_lexer_for_filenode(filenode):
                 lexer = get_custom_lexer(filenode.extension) or filenode.lexer
                 return lexer
             def pygmentize(filenode, **kwargs):
                 """
                 pygmentize function using pygments
                 :param filenode:
                 """
                 lexer = get_lexer_for_filenode(filenode)
                 return literal(code_highlight(filenode.content, lexer,
                                               CodeHtmlFormatter(**kwargs)))
             def is_following_repo(repo_name, user_id):
                 from rhodecode.model.scm import ScmModel
                 return ScmModel().is_following_repo(repo_name, user_id)
             class _Message(object):
                 """A message returned by ``Flash.pop_messages()``.
                 Converting the message to a string returns the message text. Instances
                 also have the following attributes:
                 * ``message``: the message text.
                 * ``category``: the category specified when the message was created.
                 """
                 def __init__(self, category, message, sub_data=None):
                     self.category = category
                     self.message = message
                     self.sub_data = sub_data or {}
                 def __str__(self):
                     return self.message
                 __unicode__ = __str__
                 def __html__(self):
                     return escape(safe_str(self.message))
             class Flash(object):
                 # List of allowed categories.  If None, allow any category.
                 categories = ["warning", "notice", "error", "success"]
                 # Default category if none is specified.
                 default_category = "notice"
                 def __init__(self, session_key="flash", categories=None,
                              default_category=None):
                     """
                     Instantiate a ``Flash`` object.
                     ``session_key`` is the key to save the messages under in the user's
                     session.
                     ``categories`` is an optional list which overrides the default list
                     of categories.
                     ``default_category`` overrides the default category used for messages
                     when none is specified.
                     """
                     self.session_key = session_key
                     if categories is not None:
                         self.categories = categories
                     if default_category is not None:
                         self.default_category = default_category
                     if self.categories and self.default_category not in self.categories:
                         raise ValueError(
                             "unrecognized default category %r" % (self.default_category,))
                 def pop_messages(self, session=None, request=None):
                     """
                     Return all accumulated messages and delete them from the session.
                     The return value is a list of ``Message`` objects.
                     """
                     messages = []
                     if not session:
                         if not request:
                             request = get_current_request()
                         session = request.session
                     # Pop the 'old' pylons flash messages. They are tuples of the form
                     # (category, message)
                     for cat, msg in session.pop(self.session_key, []):
                         messages.append(_Message(cat, msg))
                     # Pop the 'new' pyramid flash messages for each category as list
                     # of strings.
                     for cat in self.categories:
                         for msg in session.pop_flash(queue=cat):
                             sub_data = {}
                             if hasattr(msg, 'rsplit'):
                                 flash_data = msg.rsplit('|DELIM|', 1)
                                 org_message = flash_data[0]
                                 if len(flash_data) > 1:
                                     sub_data = json.loads(flash_data[1])
                             else:
                                 org_message = msg
                             messages.append(_Message(cat, org_message, sub_data=sub_data))
                     # Map messages from the default queue to the 'notice' category.
                     for msg in session.pop_flash():
                         messages.append(_Message('notice', msg))
                     session.save()
                     return messages
                 def json_alerts(self, session=None, request=None):
                     payloads = []
                     messages = flash.pop_messages(session=session, request=request) or []
                     for message in messages:
                         payloads.append({
                             'message': {
                                 'message': '{}'.format(message.message),
                                 'level': message.category,
                                 'force': True,
                                 'subdata': message.sub_data
                             }
                         })
                     return safe_str(json.dumps(payloads))
                 def __call__(self, message, category=None, ignore_duplicate=True,
                              session=None, request=None):
                     if not session:
                         if not request:
                             request = get_current_request()
                         session = request.session
                     session.flash(
                         message, queue=category, allow_duplicate=not ignore_duplicate)
             flash = Flash()
             #==============================================================================
             # SCM FILTERS available via h.
             #==============================================================================
             from rhodecode.lib.vcs.utils import author_name, author_email
             from rhodecode.lib.utils2 import age, age_from_seconds
             from rhodecode.model.db import User, ChangesetStatus
             email = author_email
             def capitalize(raw_text):
                 return raw_text.capitalize()
             def short_id(long_id):
                 return long_id[:12]
             def hide_credentials(url):
                 from rhodecode.lib.utils2 import credentials_filter
                 return credentials_filter(url)
             import zoneinfo
             import tzlocal
             local_timezone = tzlocal.get_localzone()
             def get_timezone(datetime_iso, time_is_local=False):
                 tzinfo = '+00:00'
                 # detect if we have a timezone info, otherwise, add it
                 if time_is_local and isinstance(datetime_iso, datetime) and not datetime_iso.tzinfo:
                     force_timezone = os.environ.get('RC_TIMEZONE', '')
                     if force_timezone:
                         force_timezone = zoneinfo.ZoneInfo(force_timezone)
                     timezone = force_timezone or local_timezone
                     offset = datetime_iso.replace(tzinfo=timezone).strftime('%z')
                     tzinfo = '{}:{}'.format(offset[:-2], offset[-2:])
                 return tzinfo
             def age_component(datetime_iso, value=None, time_is_local=False, tooltip=True):
                 title = value or format_date(datetime_iso)
                 tzinfo = get_timezone(datetime_iso, time_is_local=time_is_local)
                 return literal(
                     '<time class="timeago {cls}" title="{tt_title}" datetime="{dt}{tzinfo}">{title}</time>'.format(
                         cls='tooltip' if tooltip else '',
                         tt_title=('{title}{tzinfo}'.format(title=title, tzinfo=tzinfo)) if tooltip else '',
                         title=title, dt=datetime_iso, tzinfo=tzinfo
                     ))
             def _shorten_commit_id(commit_id, commit_len=None):
                 if commit_len is None:
                     request = get_current_request()
                     commit_len = request.call_context.visual.show_sha_length
                 return commit_id[:commit_len]
             def show_id(commit, show_idx=None, commit_len=None):
                 """
                 Configurable function that shows ID
                 by default it's r123:fffeeefffeee
                 :param commit: commit instance
                 """
                 if show_idx is None:
                     request = get_current_request()
                     show_idx = request.call_context.visual.show_revision_number
                 raw_id = _shorten_commit_id(commit.raw_id, commit_len=commit_len)
                 if show_idx:
                     return 'r%s:%s' % (commit.idx, raw_id)
                 else:
                     return '%s' % (raw_id, )
             def format_date(date):
                 """
                 use a standardized formatting for dates used in RhodeCode
                 :param date: date/datetime object
                 :return: formatted date
                 """
                 if date:
                     _fmt = "%a, %d %b %Y %H:%M:%S"
                     return safe_str(date.strftime(_fmt))
                 return ""
             class _RepoChecker(object):
                 def __init__(self, backend_alias):
                     self._backend_alias = backend_alias
                 def __call__(self, repository):
                     if hasattr(repository, 'alias'):
                         _type = repository.alias
                     elif hasattr(repository, 'repo_type'):
                         _type = repository.repo_type
                     else:
                         _type = repository
                     return _type == self._backend_alias
             is_git = _RepoChecker('git')
             is_hg = _RepoChecker('hg')
             is_svn = _RepoChecker('svn')
             def get_repo_type_by_name(repo_name):
                 repo = Repository.get_by_repo_name(repo_name)
                 if repo:
                     return repo.repo_type
             def is_svn_without_proxy(repository):
                 if is_svn(repository):
                     return not ConfigGet().get_bool('vcs.svn.proxy.enabled')
                 return False
             def discover_user(author):
                 """
                 Tries to discover RhodeCode User based on the author string. Author string
                 is typically `FirstName LastName <email@address.com>`
                 """
                 # if author is already an instance use it for extraction
                 if isinstance(author, User):
                     return author
                 # Valid email in the attribute passed, see if they're in the system
                 _email = author_email(author)
                 if _email != '':
                     user = User.get_by_email(_email, case_insensitive=True, cache=True)
                     if user is not None:
                         return user
                 # Maybe it's a username, we try to extract it and fetch by username ?
                 _author = author_name(author)
                 user = User.get_by_username(_author, case_insensitive=True, cache=True)
                 if user is not None:
                     return user
                 return None
             def email_or_none(author):
                 # extract email from the commit string
                 _email = author_email(author)
                 # If we have an email, use it, otherwise
                 # see if it contains a username we can get an email from
                 if _email != '':
                     return _email
                 else:
                     user = User.get_by_username(
                         author_name(author), case_insensitive=True, cache=True)
                 if user is not None:
                         return user.email
                 # No valid email, not a valid user in the system, none!
                 return None
             def link_to_user(author, length=0, **kwargs):
                 user = discover_user(author)
                 # user can be None, but if we have it already it means we can re-use it
                 # in the person() function, so we save 1 intensive-query
                 if user:
                     author = user
                 display_person = person(author, 'username_or_name_or_email')
                 if length:
                     display_person = shorter(display_person, length)
                 if user and user.username != user.DEFAULT_USER:
                     return link_to(
                         escape(display_person),
                         route_path('user_profile', username=user.username),
                         **kwargs)
                 else:
                     return escape(display_person)
             def link_to_group(users_group_name, **kwargs):
                 return link_to(
                     escape(users_group_name),
                     route_path('user_group_profile', user_group_name=users_group_name),
                     **kwargs)
             def person(author, show_attr="username_and_name"):
                 user = discover_user(author)
                 if user:
                     return getattr(user, show_attr)
                 else:
                     _author = author_name(author)
                     _email = email(author)
                     return _author or _email
             def author_string(email):
                 if email:
                     user = User.get_by_email(email, case_insensitive=True, cache=True)
                     if user:
                         if user.first_name or user.last_name:
                             return '%s %s &lt;%s&gt;' % (
                                 user.first_name, user.last_name, email)
                         else:
                             return email
                     else:
                         return email
                 else:
                     return None
             def person_by_id(id_, show_attr="username_and_name"):
                 # attr to return from fetched user
                 def person_getter(usr):
                     return getattr(usr, show_attr)
                 #maybe it's an ID ?
                 if str(id_).isdigit() or isinstance(id_, int):
                     id_ = int(id_)
                     user = User.get(id_)
                     if user is not None:
                         return person_getter(user)
                 return id_
             def gravatar_with_user(request, author, show_disabled=False, tooltip=False):
                 _render = request.get_partial_renderer('rhodecode:templates/base/base.mako')
                 return _render('gravatar_with_user', author, show_disabled=show_disabled, tooltip=tooltip)
             tags_patterns = OrderedDict(
                 (
                     (
                         "lang",
                         (
                             re.compile(r"\[(lang|language)\ \=\&gt;\ *([a-zA-Z\-\/\#\+\.]*)\]"),
                             '<div class="metatag" tag="lang">\\2</div>',
                         ),
                     ),
                     (
                         "see",
                         (
                             re.compile(r"\[see\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]"),
                             '<div class="metatag" tag="see">see: \\1 </div>',
                         ),
                     ),
                     (
                         "url",
                         (
                             re.compile(
                                 r"\[url\ \=\&gt;\ \[([a-zA-Z0-9\ \.\-\_]+)\]\((http://|https://|/)(.*?)\)\]"
                             ),
                             '<div class="metatag" tag="url"> <a href="\\2\\3">\\1</a> </div>',
                         ),
                     ),
                     (
                         "license",
                         (
                             re.compile(
                                 r"\[license\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]"
                             ),
                             # don't make it a raw string here...
                             '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>',
                         ),
                     ),
                     (
                         "ref",
                         (
                             re.compile(
                                 r"\[(requires|recommends|conflicts|base)\ \=\&gt;\ *([a-zA-Z0-9\-\/]*)\]"
                             ),
                             '<div class="metatag" tag="ref \\1">\\1: <a href="/\\2">\\2</a></div>',
                         ),
                     ),
                     (
                         "state",
                         (
                             re.compile(r"\[(stable|featured|stale|dead|dev|deprecated)\]"),
                             '<div class="metatag" tag="state \\1">\\1</div>',
                         ),
                     ),
                     # label in grey
                     (
                         "label",
                         (re.compile(r"\[([a-z]+)\]"), '<div class="metatag" tag="label">\\1</div>'),
                     ),
                     # generic catch all in grey
                     (
                         "generic",
                         (
                             re.compile(r"\[([a-zA-Z0-9\.\-\_]+)\]"),
                             '<div class="metatag" tag="generic">\\1</div>',
                         ),
                     ),
                 )
             )
             def extract_metatags(value):
                 """
                 Extract supported meta-tags from given text value
                 """
                 tags = []
                 if not value:
                     return tags, ''
                 for key, val in list(tags_patterns.items()):
                     pat, replace_html = val
                     tags.extend([(key, x.group()) for x in pat.finditer(value)])
                     value = pat.sub('', value)
                 return tags, value
             def style_metatag(tag_type, value):
                 """
                 converts tags from value into html equivalent
                 """
                 if not value:
                     return ''
                 html_value = value
                 tag_data = tags_patterns.get(tag_type)
                 if tag_data:
                     pat, replace_html = tag_data
                     # convert to plain `str` instead of a markup tag to be used in
                     # regex expressions. safe_str doesn't work here
                     html_value = pat.sub(replace_html, value)
                 return html_value
             def bool2icon(value, show_at_false=True):
                 """
                 Returns boolean value of a given value, represented as html element with
                 classes that will represent icons
                 :param value: given value to convert to html node
                 """
                 if value:  # does bool conversion
                     return HTML.tag('i', class_="icon-true", title='True')
                 else:  # not true as bool
                     if show_at_false:
                         return HTML.tag('i', class_="icon-false", title='False')
                     return HTML.tag('i')
             def b64(inp):
                 return base64.b64encode(safe_bytes(inp))
             #==============================================================================
             # PERMS
             #==============================================================================
             from rhodecode.lib.auth import (
                 HasPermissionAny, HasPermissionAll,
                 HasRepoPermissionAny, HasRepoPermissionAll, HasRepoGroupPermissionAll,
                 HasRepoGroupPermissionAny, HasRepoPermissionAnyApi, get_csrf_token,
                 csrf_token_key, AuthUser)
             #==============================================================================
             # GRAVATAR URL
             #==============================================================================
             class InitialsGravatar(object):
                 def __init__(self, email_address, first_name, last_name, size=30,
                              background=None, text_color='#fff'):
                     self.size = size
                     self.first_name = first_name
                     self.last_name = last_name
                     self.email_address = email_address
                     self.background = background or self.str2color(email_address)
                     self.text_color = text_color
                 def get_color_bank(self):
                     """
                     returns a predefined list of colors that gravatars can use.
                     Those are randomized distinct colors that guarantee readability and
                     uniqueness.
                     generated with: http://phrogz.net/css/distinct-colors.html
                     """
                     return [
                         '#bf3030', '#a67f53', '#00ff00', '#5989b3', '#392040', '#d90000',
                         '#402910', '#204020', '#79baf2', '#a700b3', '#bf6060', '#7f5320',
                         '#008000', '#003059', '#ee00ff', '#ff0000', '#8c4b00', '#007300',
                         '#005fb3', '#de73e6', '#ff4040', '#ffaa00', '#3df255', '#203140',
                         '#47004d', '#591616', '#664400', '#59b365', '#0d2133', '#83008c',
                         '#592d2d', '#bf9f60', '#73e682', '#1d3f73', '#73006b', '#402020',
                         '#b2862d', '#397341', '#597db3', '#e600d6', '#a60000', '#736039',
                         '#00b318', '#79aaf2', '#330d30', '#ff8080', '#403010', '#16591f',
                         '#002459', '#8c4688', '#e50000', '#ffbf40', '#00732e', '#102340',
                         '#bf60ac', '#8c4646', '#cc8800', '#00a642', '#1d3473', '#b32d98',
                         '#660e00', '#ffd580', '#80ffb2', '#7391e6', '#733967', '#d97b6c',
                         '#8c5e00', '#59b389', '#3967e6', '#590047', '#73281d', '#665200',
                         '#00e67a', '#2d50b3', '#8c2377', '#734139', '#b2982d', '#16593a',
                         '#001859', '#ff00aa', '#a65e53', '#ffcc00', '#0d3321', '#2d3959',
                         '#731d56', '#401610', '#4c3d00', '#468c6c', '#002ca6', '#d936a3',
                         '#d94c36', '#403920', '#36d9a3', '#0d1733', '#592d4a', '#993626',
                         '#cca300', '#00734d', '#46598c', '#8c005e', '#7f1100', '#8c7000',
                         '#00a66f', '#7382e6', '#b32d74', '#d9896c', '#ffe680', '#1d7362',
                         '#364cd9', '#73003d', '#d93a00', '#998a4d', '#59b3a1', '#5965b3',
                         '#e5007a', '#73341d', '#665f00', '#00b38f', '#0018b3', '#59163a',
                         '#b2502d', '#bfb960', '#00ffcc', '#23318c', '#a6537f', '#734939',
                         '#b2a700', '#104036', '#3d3df2', '#402031', '#e56739', '#736f39',
                         '#79f2ea', '#000059', '#401029', '#4c1400', '#ffee00', '#005953',
                         '#101040', '#990052', '#402820', '#403d10', '#00ffee', '#0000d9',
                         '#ff80c4', '#a66953', '#eeff00', '#00ccbe', '#8080ff', '#e673a1',
                         '#a62c00', '#474d00', '#1a3331', '#46468c', '#733950', '#662900',
                         '#858c23', '#238c85', '#0f0073', '#b20047', '#d9986c', '#becc00',
                         '#396f73', '#281d73', '#ff0066', '#ff6600', '#dee673', '#59adb3',
                         '#6559b3', '#590024', '#b2622d', '#98b32d', '#36ced9', '#332d59',
                         '#40001a', '#733f1d', '#526600', '#005359', '#242040', '#bf6079',
                         '#735039', '#cef23d', '#007780', '#5630bf', '#66001b', '#b24700',
                         '#acbf60', '#1d6273', '#25008c', '#731d34', '#a67453', '#50592d',
                         '#00ccff', '#6600ff', '#ff0044', '#4c1f00', '#8a994d', '#79daf2',
                         '#a173e6', '#d93662', '#402310', '#aaff00', '#2d98b3', '#8c40ff',
                         '#592d39', '#ff8c40', '#354020', '#103640', '#1a0040', '#331a20',
                         '#331400', '#334d00', '#1d5673', '#583973', '#7f0022', '#4c3626',
                         '#88cc00', '#36a3d9', '#3d0073', '#d9364c', '#33241a', '#698c23',
                         '#5995b3', '#300059', '#e57382', '#7f3300', '#366600', '#00aaff',
                         '#3a1659', '#733941', '#663600', '#74b32d', '#003c59', '#7f53a6',
                         '#73000f', '#ff8800', '#baf279', '#79caf2', '#291040', '#a6293a',
                         '#b2742d', '#587339', '#0077b3', '#632699', '#400009', '#d9a66c',
                         '#294010', '#2d4a59', '#aa00ff', '#4c131b', '#b25f00', '#5ce600',
                         '#267399', '#a336d9', '#990014', '#664e33', '#86bf60', '#0088ff',
                         '#7700b3', '#593a16', '#073300', '#1d4b73', '#ac60bf', '#e59539',
                         '#4f8c46', '#368dd9', '#5c0073'
                     ]
                 def rgb_to_hex_color(self, rgb_tuple):
                     """
                     Converts an rgb_tuple passed to an hex color.
                     :param rgb_tuple: tuple with 3 ints represents rgb color space
                     """
                     return '#' + ("".join(map(chr, rgb_tuple)).encode('hex'))
                 def email_to_int_list(self, email_str):
                     """
                     Get every byte of the hex digest value of email and turn it to integer.
                     It's going to be always between 0-255
                     """
                     digest = md5_safe(email_str.lower())
                     return [int(digest[i * 2:i * 2 + 2], 16) for i in range(16)]
                 def pick_color_bank_index(self, email_str, color_bank):
                     return self.email_to_int_list(email_str)[0] % len(color_bank)
                 def str2color(self, email_str):
                     """
                     Tries to map in a stable algorithm an email to color
                     :param email_str:
                     """
                     color_bank = self.get_color_bank()
                     # pick position (module it's length so we always find it in the
                     # bank even if it's smaller than 256 values
                     pos = self.pick_color_bank_index(email_str, color_bank)
                     return color_bank[pos]
                 def normalize_email(self, email_address):
                     # default host used to fill in the fake/missing email
                     default_host = 'localhost'
                     if not email_address:
                         email_address = f'{User.DEFAULT_USER}@{default_host}'
                     email_address = safe_str(email_address)
                     if '@' not in email_address:
                         email_address = f'{email_address}@{default_host}'
                     if email_address.endswith('@'):
                         email_address = f'{email_address}{default_host}'
                     email_address = convert_special_chars(email_address)
                     return email_address
                 def get_initials(self):
                     """
                     Returns 2 letter initials calculated based on the input.
                     The algorithm picks first given email address, and takes first letter
                     of part before @, and then the first letter of server name. In case
                     the part before @ is in a format of `somestring.somestring2` it replaces
                     the server letter with first letter of somestring2
                     In case function was initialized with both first and lastname, this
                     overrides the extraction from email by first letter of the first and
                     last name. We add special logic to that functionality, In case Full name
                     is compound, like Guido Von Rossum, we use last part of the last name
                     (Von Rossum) picking `R`.
                     Function also normalizes the non-ascii characters to they ascii
                     representation, eg Ą => A
                     """
                     # replace non-ascii to ascii
                     first_name = convert_special_chars(self.first_name)
                     last_name = convert_special_chars(self.last_name)
                     # multi word last names, Guido Von Rossum, we take the last part only
                     last_name = last_name.split(' ', 1)[-1]
                     # do NFKD encoding, and also make sure email has proper format
                     email_address = self.normalize_email(self.email_address)
                     # first push the email initials
                     prefix, server = email_address.split('@', 1)
                     # check if prefix is maybe a 'first_name.last_name' syntax
                     _dot_split = prefix.rsplit('.', 1)
                     if len(_dot_split) == 2 and _dot_split[1]:
                         initials = [_dot_split[0][0], _dot_split[1][0]]
                     else:
                         initials = [prefix[0], server[0]]
                     # get first letter of first and last names to create initials
                     fn_letter = (first_name or " ")[0].strip()
                     ln_letter = (last_name or " ")[0].strip()
                     if fn_letter:
                         initials[0] = fn_letter
                     if ln_letter:
                         initials[1] = ln_letter
                     return ''.join(initials).upper()
                 def get_img_data_by_type(self, font_family, img_type):
                     default_user = """
                     <svg xmlns="http://www.w3.org/2000/svg"
                     version="1.1" x="0px" y="0px" width="{size}" height="{size}"
                     viewBox="-15 -10 439.165 429.164"
                     xml:space="preserve"
                     font-family="{font_family}"
                     style="background:{background};" >
                     <path d="M204.583,216.671c50.664,0,91.74-48.075,
 .74-107.378c0-82.237-41.074-107.377-91.74-107.377
                              c-50.668,0-91.74,25.14-91.74,107.377C112.844,
 .596,153.916,216.671,
 .583,216.671z" fill="{text_color}"/>
                     <path d="M407.164,374.717L360.88,
 .454c-2.117-4.771-5.836-8.728-10.465-11.138l-71.83-37.392
                              c-1.584-0.823-3.502-0.663-4.926,0.415c-20.316,
 .366-44.203,23.488-69.076,23.488c-24.877,
 -48.762-8.122-69.078-23.488
                              c-1.428-1.078-3.346-1.238-4.93-0.415L58.75,
 .316c-4.631,2.41-8.346,6.365-10.465,11.138L2.001,374.717
                              c-3.191,7.188-2.537,15.412,1.75,22.005c4.285,
 .592,11.537,10.526,19.4,10.526h362.861c7.863,0,15.117-3.936,
 .402-10.527 C409.699,390.129,
 .355,381.902,407.164,374.717z" fill="{text_color}"/>
                     </svg>""".format(
                         size=self.size,
                         background='#979797',  # @grey4
                         text_color=self.text_color,
                         font_family=font_family)
                     return {
                         "default_user": default_user
                     }[img_type]
                 def get_img_data(self, svg_type=None):
                     """
                     generates the svg metadata for image
                     """
                     fonts = [
                         '-apple-system',
                          'BlinkMacSystemFont',
                          'Segoe UI',
                          'Roboto',
                          'Oxygen-Sans',
                          'Ubuntu',
                          'Cantarell',
                          'Helvetica Neue',
                          'sans-serif'
                     ]
                     font_family = ','.join(fonts)
                     if svg_type:
                         return self.get_img_data_by_type(font_family, svg_type)
                     initials = self.get_initials()
                     img_data = """
                     <svg xmlns="http://www.w3.org/2000/svg" pointer-events="none"
                          width="{size}" height="{size}"
                          style="width: 100%; height: 100%; background-color: {background}"
                          viewBox="0 0 {size} {size}">
                         <text text-anchor="middle" y="50%" x="50%" dy="0.35em"
                               pointer-events="auto" fill="{text_color}"
                               font-family="{font_family}"
                               style="font-weight: 400; font-size: {f_size}px;">{text}
                         </text>
                     </svg>""".format(
                         size=self.size,
                         f_size=self.size/2.05,  # scale the text inside the box nicely
                         background=self.background,
                         text_color=self.text_color,
                         text=initials.upper(),
                         font_family=font_family)
                     return img_data
                 def generate_svg(self, svg_type=None):
                     img_data = base64_to_str(self.get_img_data(svg_type))
                     return "data:image/svg+xml;base64,{}".format(img_data)
             def initials_gravatar(request, email_address, first_name, last_name, size=30, store_on_disk=False):
                 svg_type = None
                 if email_address == User.DEFAULT_USER_EMAIL:
                     svg_type = 'default_user'
                 klass = InitialsGravatar(email_address, first_name, last_name, size)
                 if store_on_disk:
                     from rhodecode.apps.file_store import utils as store_utils
                     from rhodecode.apps.file_store.exceptions import FileNotAllowedException, \
                         FileOverSizeException
                     from rhodecode.model.db import Session
                     image_key = md5_safe(email_address.lower()
                                          + first_name.lower() + last_name.lower())
                     storage = store_utils.get_file_storage(request.registry.settings)
                     filename = '{}.svg'.format(image_key)
                     subdir = 'gravatars'
                     # since final name has a counter, we apply the 0
                     uid = storage.apply_counter(0, store_utils.uid_filename(filename, randomized=False))
                     store_uid = os.path.join(subdir, uid)
                     db_entry = FileStore.get_by_store_uid(store_uid)
                     if db_entry:
                         return request.route_path('download_file', fid=store_uid)
                     img_data = klass.get_img_data(svg_type=svg_type)
                     img_file = store_utils.bytes_to_file_obj(img_data)
                     try:
                         store_uid, metadata = storage.save_file(
                             img_file, filename, directory=subdir,
                             extensions=['.svg'], randomized_name=False)
                     except (FileNotAllowedException, FileOverSizeException):
                         raise
                     try:
                         entry = FileStore.create(
                             file_uid=store_uid, filename=metadata["filename"],
                             file_hash=metadata["sha256"], file_size=metadata["size"],
                             file_display_name=filename,
                             file_description=f'user gravatar `{safe_str(filename)}`',
                             hidden=True, check_acl=False, user_id=1
                         )
                         Session().add(entry)
                         Session().commit()
                         log.debug('Stored upload in DB as %s', entry)
                     except Exception:
                         raise
                     return request.route_path('download_file', fid=store_uid)
                 else:
                     return klass.generate_svg(svg_type=svg_type)
             def gravatar_external(request, gravatar_url_tmpl, email_address, size=30):
                 return safe_str(gravatar_url_tmpl)\
                     .replace('{email}', email_address) \
                     .replace('{md5email}', md5_safe(email_address.lower())) \
                     .replace('{netloc}', request.host) \
                     .replace('{scheme}', request.scheme) \
                     .replace('{size}', safe_str(size))
             def gravatar_url(email_address, size=30, request=None):
                 request = request or get_current_request()
                 _use_gravatar = request.call_context.visual.use_gravatar
                 email_address = email_address or User.DEFAULT_USER_EMAIL
                 if isinstance(email_address, str):
                     # hashlib crashes on unicode items
                     email_address = safe_str(email_address)
                 # empty email or default user
                 if not email_address or email_address == User.DEFAULT_USER_EMAIL:
                     return initials_gravatar(request, User.DEFAULT_USER_EMAIL, '', '', size=size)
                 if _use_gravatar:
                     gravatar_url_tmpl = request.call_context.visual.gravatar_url \
                                         or User.DEFAULT_GRAVATAR_URL
                     return gravatar_external(request, gravatar_url_tmpl, email_address, size=size)
                 else:
                     return initials_gravatar(request, email_address, '', '', size=size)
             def breadcrumb_repo_link(repo):
                 """
                 Makes a breadcrumbs path link to repo
                 ex::
                     group >> subgroup >> repo
                 :param repo: a Repository instance
                 """
                 path = [
                     link_to(group.name, route_path('repo_group_home', repo_group_name=group.group_name),
                             title='last change:{}'.format(format_date(group.last_commit_change)))
                     for group in repo.groups_with_parents
                 ] + [
                     link_to(repo.just_name, route_path('repo_summary', repo_name=repo.repo_name),
                             title='last change:{}'.format(format_date(repo.last_commit_change)))
                 ]
                 return literal(' &raquo; '.join(path))
             def breadcrumb_repo_group_link(repo_group):
                 """
                 Makes a breadcrumbs path link to repo
                 ex::
                     group >> subgroup
                 :param repo_group: a Repository Group instance
                 """
                 path = [
                     link_to(group.name,
                             route_path('repo_group_home', repo_group_name=group.group_name),
                             title='last change:{}'.format(format_date(group.last_commit_change)))
                     for group in repo_group.parents
                 ] + [
                     link_to(repo_group.name,
                             route_path('repo_group_home', repo_group_name=repo_group.group_name),
                             title='last change:{}'.format(format_date(repo_group.last_commit_change)))
                 ]
                 return literal(' &raquo; '.join(path))
             def format_byte_size_binary(file_size):
                 """
                 Formats file/folder sizes to standard.
                 """
                 if file_size is None:
                     file_size = 0
                 formatted_size = format_byte_size(file_size, binary=True)
                 return formatted_size
             def urlify_text(text_, safe=True, **href_attrs):
                 """
                 Extract urls from text and make html links out of them
                 """
                 url_pat = re.compile(r'''(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@#.&+]'''
                                      r'''|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)''')
                 def url_func(match_obj):
                     url_full = match_obj.groups()[0]
                     a_options = dict(href_attrs)
                     a_options['href'] = url_full
                     a_text = url_full
                     return HTML.tag("a", a_text, **a_options)
                 _new_text = url_pat.sub(url_func, text_)
                 if safe:
                     return literal(_new_text)
                 return _new_text
             def urlify_commits(text_, repo_name):
                 """
                 Extract commit ids from text and make link from them
                 :param text_:
                 :param repo_name: repo name to build the URL with
                 """
                 url_pat = re.compile(r'(^|\s)([0-9a-fA-F]{12,40})($|\s)')
                 def url_func(match_obj):
                     commit_id = match_obj.groups()[1]
                     pref = match_obj.groups()[0]
                     suf = match_obj.groups()[2]
                     tmpl = (
                         '%(pref)s<a class="tooltip-hovercard %(cls)s" href="%(url)s" data-hovercard-alt="%(hovercard_alt)s" data-hovercard-url="%(hovercard_url)s">'
                         '%(commit_id)s</a>%(suf)s'
                     )
                     return tmpl % {
                         'pref': pref,
                         'cls': 'revision-link',
                         'url': route_url(
                             'repo_commit', repo_name=repo_name, commit_id=commit_id),
                         'commit_id': commit_id,
                         'suf': suf,
                         'hovercard_alt': 'Commit: {}'.format(commit_id),
                         'hovercard_url': route_url(
                             'hovercard_repo_commit', repo_name=repo_name, commit_id=commit_id)
                     }
                 new_text = url_pat.sub(url_func, text_)
                 return new_text
             def _process_url_func(match_obj, repo_name, uid, entry,
                                   return_raw_data=False, link_format='html'):
                 pref = ''
                 if match_obj.group().startswith(' '):
                     pref = ' '
                 issue_id = ''.join(match_obj.groups())
                 if link_format == 'html':
                     tmpl = (
                         '%(pref)s<a class="tooltip %(cls)s" href="%(url)s" title="%(title)s">'
                         '%(issue-prefix)s%(id-repr)s'
                         '</a>')
                 elif link_format == 'html+hovercard':
                     tmpl = (
                         '%(pref)s<a class="tooltip-hovercard %(cls)s" href="%(url)s" data-hovercard-url="%(hovercard_url)s">'
                         '%(issue-prefix)s%(id-repr)s'
                         '</a>')
                 elif link_format in ['rst', 'rst+hovercard']:
                     tmpl = '`%(issue-prefix)s%(id-repr)s <%(url)s>`_'
                 elif link_format in ['markdown', 'markdown+hovercard']:
                     tmpl = '[%(pref)s%(issue-prefix)s%(id-repr)s](%(url)s)'
                 else:
                     raise ValueError('Bad link_format:{}'.format(link_format))
                 (repo_name_cleaned,
                  parent_group_name) = RepoGroupModel()._get_group_name_and_parent(repo_name)
                 # variables replacement
                 named_vars = {
                     'id': issue_id,
                     'repo': repo_name,
                     'repo_name': repo_name_cleaned,
                     'group_name': parent_group_name,
                     # set dummy keys so we always have them
                     'hostname': '',
                     'netloc': '',
                     'scheme': ''
                 }
                 request = get_current_request()
                 if request:
                     # exposes, hostname, netloc, scheme
                     host_data = get_host_info(request)
                     named_vars.update(host_data)
                 # named regex variables
                 named_vars.update(match_obj.groupdict())
                 _url = string.Template(entry['url']).safe_substitute(**named_vars)
                 desc = string.Template(escape(entry['desc'])).safe_substitute(**named_vars)
                 hovercard_url = string.Template(entry.get('hovercard_url', '')).safe_substitute(**named_vars)
                 def quote_cleaner(input_str):
                     """Remove quotes as it's HTML"""
                     return input_str.replace('"', '')
                 data = {
                     'pref': pref,
                     'cls': quote_cleaner('issue-tracker-link'),
                     'url': quote_cleaner(_url),
                     'id-repr': issue_id,
                     'issue-prefix': entry['pref'],
                     'serv': entry['url'],
                     'title': sanitize_html(desc, strip=True),
                     'hovercard_url': hovercard_url
                 }
                 if return_raw_data:
                     return {
                         'id': issue_id,
                         'url': _url
                     }
                 return tmpl % data
             def get_active_pattern_entries(repo_name):
                 repo = None
                 if repo_name:
                     # Retrieving repo_name to avoid invalid repo_name to explode on
                     # IssueTrackerSettingsModel but still passing invalid name further down
                     repo = Repository.get_by_repo_name(repo_name, cache=True)
                 settings_model = IssueTrackerSettingsModel(repo=repo)
                 active_entries = settings_model.get_settings(cache=True)
                 return active_entries
             pr_pattern_re = regex.compile(r'(?:(?:^!)|(?: !))(\d+)')
             allowed_link_formats = [
                 'html', 'rst', 'markdown', 'html+hovercard', 'rst+hovercard', 'markdown+hovercard']
             compile_cache = {
             }
             def process_patterns(text_string, repo_name, link_format='html', active_entries=None):
                 if link_format not in allowed_link_formats:
                     raise ValueError('Link format can be only one of:{} got {}'.format(
                                      allowed_link_formats, link_format))
                 issues_data = []
                 errors = []
                 new_text = text_string
                 if active_entries is None:
                     log.debug('Fetch active issue tracker patterns for repo: %s', repo_name)
                     active_entries = get_active_pattern_entries(repo_name)
                 log.debug('Got %s pattern entries to process', len(active_entries))
                 for uid, entry in list(active_entries.items()):
                     if not (entry['pat'] and entry['url']):
                         log.debug('skipping due to missing data')
                         continue
                     log.debug('issue tracker entry: uid: `%s` PAT:%s URL:%s PREFIX:%s',
                               uid, entry['pat'], entry['url'], entry['pref'])
                     if entry.get('pat_compiled'):
                         pattern = entry['pat_compiled']
                     elif entry['pat'] in compile_cache:
                         pattern = compile_cache[entry['pat']]
                     else:
                         try:
                             pattern = regex.compile(r'%s' % entry['pat'])
                         except regex.error as e:
                             regex_err = ValueError('{}:{}'.format(entry['pat'], e))
                             log.exception('issue tracker pattern: `%s` failed to compile', regex_err)
                             errors.append(regex_err)
                             continue
                         compile_cache[entry['pat']] = pattern
                     data_func = partial(
                         _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
                         return_raw_data=True)
                     for match_obj in pattern.finditer(text_string):
                         issues_data.append(data_func(match_obj))
                     url_func = partial(
                         _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
                         link_format=link_format)
                     new_text = pattern.sub(url_func, new_text)
                     log.debug('processed prefix:uid `%s`', uid)
                 # finally use global replace, eg !123 -> pr-link, those will not catch
                 # if already similar pattern exists
                 server_url = '${scheme}://${netloc}'
                 pr_entry = {
                     'pref': '!',
                     'url': server_url + '/_admin/pull-requests/${id}',
                     'desc': 'Pull Request !${id}',
                     'hovercard_url': server_url + '/_hovercard/pull_request/${id}'
                 }
                 pr_url_func = partial(
                     _process_url_func, repo_name=repo_name, entry=pr_entry, uid=None,
                     link_format=link_format+'+hovercard')
                 new_text = pr_pattern_re.sub(pr_url_func, new_text)
                 log.debug('processed !pr pattern')
                 return new_text, issues_data, errors
             def urlify_commit_message(commit_text, repository=None, active_pattern_entries=None,
                                       issues_container_callback=None, error_container=None):
                 """
                 Parses given text message and makes proper links.
                 issues are linked to given issue-server, and rest is a commit link
                 """
                 def escaper(_text):
                     return _text.replace('<', '&lt;').replace('>', '&gt;')
                 new_text = escaper(commit_text)
                 # extract http/https links and make them real urls
                 new_text = urlify_text(new_text, safe=False)
                 # urlify commits - extract commit ids and make link out of them, if we have
                 # the scope of repository present.
                 if repository:
                     new_text = urlify_commits(new_text, repository)
                 # process issue tracker patterns
                 new_text, issues, errors = process_patterns(
                     new_text, repository or '', active_entries=active_pattern_entries)
                 if issues_container_callback is not None:
                     for issue in issues:
                         issues_container_callback(issue)
                 if error_container is not None:
                     error_container.extend(errors)
                 return literal(new_text)
             def render_binary(repo_name, file_obj):
                 """
                 Choose how to render a binary file
                 """
                 # unicode
                 filename = file_obj.name
                 # images
                 for ext in ['*.png', '*.jpeg', '*.jpg', '*.ico', '*.gif']:
                     if fnmatch.fnmatch(filename, pat=ext):
                         src = route_path(
                             'repo_file_raw', repo_name=repo_name,
                             commit_id=file_obj.commit.raw_id,
                             f_path=file_obj.path)
                         return literal(
                             '<img class="rendered-binary" alt="rendered-image" src="{}">'.format(src))
             def renderer_from_filename(filename, exclude=None):
                 """
                 choose a renderer based on filename, this works only for text based files
                 """
                 # ipython
                 for ext in ['*.ipynb']:
                     if fnmatch.fnmatch(filename, pat=ext):
                         return 'jupyter'
                 is_markup = MarkupRenderer.renderer_from_filename(filename, exclude=exclude)
                 if is_markup:
                     return is_markup
                 return None
             def render(source, renderer='rst', mentions=False, relative_urls=None,
                        repo_name=None, active_pattern_entries=None, issues_container_callback=None):
                 def maybe_convert_relative_links(html_source):
                     if relative_urls:
                         return relative_links(html_source, relative_urls)
                     return html_source
                 if renderer == 'plain':
                     return literal(
                         MarkupRenderer.plain(source, leading_newline=False))
                 elif renderer == 'rst':
                     if repo_name:
                         # process patterns on comments if we pass in repo name
                         source, issues, errors = process_patterns(
                             source, repo_name, link_format='rst',
                             active_entries=active_pattern_entries)
                         if issues_container_callback is not None:
                             for issue in issues:
                                 issues_container_callback(issue)
                     rendered_block = maybe_convert_relative_links(
                             MarkupRenderer.rst(source, mentions=mentions))
                     return literal(f'<div class="rst-block">{rendered_block}</div>')
                 elif renderer == 'markdown':
                     if repo_name:
                         # process patterns on comments if we pass in repo name
                         source, issues, errors = process_patterns(
                             source, repo_name, link_format='markdown',
                             active_entries=active_pattern_entries)
                         if issues_container_callback is not None:
                             for issue in issues:
                                 issues_container_callback(issue)
                     rendered_block = maybe_convert_relative_links(
                         MarkupRenderer.markdown(source, flavored=True, mentions=mentions))
                     return literal(f'<div class="markdown-block">{rendered_block}</div>')
                 elif renderer == 'jupyter':
                     rendered_block = maybe_convert_relative_links(
                         MarkupRenderer.jupyter(source))
                     return literal(f'<div class="ipynb">{rendered_block}</div>')
                 # None means just show the file-source
                 return None
             def commit_status(repo, commit_id):
                 return ChangesetStatusModel().get_status(repo, commit_id)
             def commit_status_lbl(commit_status):
                 return dict(ChangesetStatus.STATUSES).get(commit_status)
             def commit_time(repo_name, commit_id):
                 repo = Repository.get_by_repo_name(repo_name)
                 commit = repo.get_commit(commit_id=commit_id)
                 return commit.date
             def get_permission_name(key):
                 return dict(Permission.PERMS).get(key)
             def journal_filter_help(request):
                 _ = request.translate
                 from rhodecode.lib.audit_logger import ACTIONS
                 actions = '\n'.join(textwrap.wrap(', '.join(sorted(ACTIONS.keys())), 80))
                 return _(
                     'Example filter terms:\n' +
                     '     repository:vcs\n' +
                     '     username:marcin\n' +
                     '     username:(NOT marcin)\n' +
                     '     action:*push*\n' +
                     '     ip:127.0.0.1\n' +
                     '     date:20120101\n' +
                     '     date:[20120101100000 TO 20120102]\n' +
                     '\n' +
                     'Actions: {actions}\n' +
                     '\n' +
                     'Generate wildcards using \'*\' character:\n' +
                     '     "repository:vcs*" - search everything starting with \'vcs\'\n' +
                     '     "repository:*vcs*" - search for repository containing \'vcs\'\n' +
                     '\n' +
                     'Optional AND / OR operators in queries\n' +
                     '     "repository:vcs OR repository:test"\n' +
                     '     "username:test AND repository:test*"\n'
                 ).format(actions=actions)
             def not_mapped_error(repo_name):
                 from rhodecode.translation import _
                 flash(_('%s repository is not mapped to db perhaps'
                         ' it was created or renamed from the filesystem'
                         ' please run the application again'
                         ' in order to rescan repositories') % repo_name, category='error')
             def ip_range(ip_addr):
                 from rhodecode.model.db import UserIpMap
                 s, e = UserIpMap._get_ip_range(ip_addr)
                 return '%s - %s' % (s, e)
             def form(url, method='post', needs_csrf_token=True, **attrs):
                 """Wrapper around webhelpers.tags.form to prevent CSRF attacks."""
                 if method.lower() != 'get' and needs_csrf_token:
                     raise Exception(
                         'Forms to POST/PUT/DELETE endpoints should have (in general) a ' +
                         'CSRF token. If the endpoint does not require such token you can ' +
                         'explicitly set the parameter needs_csrf_token to false.')
                 return insecure_form(url, method=method, **attrs)
             def secure_form(form_url, method="POST", multipart=False, **attrs):
                 """Start a form tag that points the action to an url. This
                 form tag will also include the hidden field containing
                 the auth token.
                 The url options should be given either as a string, or as a
                 ``url()`` function. The method for the form defaults to POST.
                 Options:
                 ``multipart``
                     If set to True, the enctype is set to "multipart/form-data".
                 ``method``
                     The method to use when submitting the form, usually either
                     "GET" or "POST". If "PUT", "DELETE", or another verb is used, a
                     hidden input with name _method is added to simulate the verb
                     over POST.
                 """
                 if 'request' in attrs:
                     session = attrs['request'].session
                     del attrs['request']
                 else:
                     raise ValueError(
                         'Calling this form requires request= to be passed as argument')
                 _form = insecure_form(form_url, method, multipart, **attrs)
                 token = literal(
                     '<input type="hidden" name="{}" value="{}">'.format(
                         csrf_token_key, get_csrf_token(session)))
                 return literal("%s\n%s" % (_form, token))
             def dropdownmenu(name, selected, options, enable_filter=False, **attrs):
                 select_html = select(name, selected, options, **attrs)
                 select2 = """
                     <script>
                         $(document).ready(function() {
                               $('#%s').select2({
                                   containerCssClass: 'drop-menu %s',
                                   dropdownCssClass: 'drop-menu-dropdown',
                                   dropdownAutoWidth: true%s
                               });
                         });
                     </script>
                 """
                 filter_option = """,
                                     minimumResultsForSearch: -1
                 """
                 input_id = attrs.get('id') or name
                 extra_classes = ' '.join(attrs.pop('extra_classes', []))
                 filter_enabled = "" if enable_filter else filter_option
                 select_script = literal(select2 % (input_id, extra_classes, filter_enabled))
                 return literal(select_html+select_script)
             def get_visual_attr(tmpl_context_var, attr_name):
                 """
                 A safe way to get a variable from visual variable of template context
                 :param tmpl_context_var: instance of tmpl_context, usually present as `c`
                 :param attr_name: name of the attribute we fetch from the c.visual
                 """
                 visual = getattr(tmpl_context_var, 'visual', None)
                 if not visual:
                     return
                 else:
                     return getattr(visual, attr_name, None)
             def get_last_path_part(file_node):
                 if not file_node.path:
                     return '/'
                 path = safe_str(file_node.path.split('/')[-1])
                 return '../' + path
             def route_url(*args, **kwargs):
                 """
                 Wrapper around pyramids `route_url` (fully qualified url) function.
                 """
                 req = get_current_request()
                 return req.route_url(*args, **kwargs)
             def route_path(*args, **kwargs):
                 """
                 Wrapper around pyramids `route_path` function.
                 """
                 req = get_current_request()
                 return req.route_path(*args, **kwargs)
             def route_path_or_none(*args, **kwargs):
                 try:
                     return route_path(*args, **kwargs)
                 except KeyError:
                     return None
             def current_route_path(request, **kw):
                 new_args = request.GET.mixed()
                 new_args.update(kw)
                 return request.current_route_path(_query=new_args)
             def curl_api_example(method, args):
                 args_json = json.dumps(OrderedDict([
                     ('id', 1),
                     ('auth_token', 'SECRET'),
                     ('method', method),
                     ('args', args)
                 ]))
                 return "curl {api_url} -X POST -H 'content-type:text/plain' --data-binary '{args_json}'".format(
                     api_url=route_url('apiv2'),
                     args_json=args_json
                 )
             def api_call_example(method, args):
                 """
                 Generates an API call example via CURL
                 """
                 curl_call = curl_api_example(method, args)
                 return literal(
                     curl_call +
                     "<br/><br/>SECRET can be found in <a href=\"{token_url}\">auth-tokens</a> page, "
                     "and needs to be of `api calls` role."
                     .format(token_url=route_url('my_account_auth_tokens')))
             def notification_description(notification, request):
                 """
                 Generate notification human readable description based on notification type
                 """
                 from rhodecode.model.notification import NotificationModel
                 return NotificationModel().make_description(
                     notification, translate=request.translate)
             def go_import_header(request, db_repo=None):
                 """
                 Creates a header for go-import functionality in Go Lang
                 """
                 if not db_repo:
                     return
                 if 'go-get' not in request.GET:
                     return
                 clone_url = db_repo.clone_url()
                 prefix = re.split(r'^https?:\/\/', clone_url)[-1]
                 # we have a repo and go-get flag,
                 return literal('<meta name="go-import" content="{} {} {}">'.format(
                     prefix, db_repo.repo_type, clone_url))
             def reviewer_as_json(*args, **kwargs):
                 from rhodecode.apps.repository.utils import reviewer_as_json as _reviewer_as_json
                 return _reviewer_as_json(*args, **kwargs)
             def get_repo_view_type(request):
                 route_name = request.matched_route.name
                 route_to_view_type = {
                     'repo_changelog': 'commits',
                     'repo_commits': 'commits',
                     'repo_files': 'files',
                     'repo_summary': 'summary',
                     'repo_commit': 'commit'
                 }
                 return route_to_view_type.get(route_name)
             def is_active(menu_entry, selected):
                 """
                 Returns active class for selecting menus in templates
                 <li class=${h.is_active('settings', current_active)}></li>
                 """
                 if not isinstance(menu_entry, list):
                     menu_entry = [menu_entry]
                 if selected in menu_entry:
                     return "active"
             class IssuesRegistry(object):
                 """
                 issue_registry = IssuesRegistry()
                 some_func(issues_callback=issues_registry(...))
                 """
                 def __init__(self):
                     self.issues = []
                     self.unique_issues = collections.defaultdict(lambda: [])
                 def __call__(self, commit_dict=None):
                     def callback(issue):
                         if commit_dict and issue:
                             issue['commit'] = commit_dict
                         self.issues.append(issue)
                         self.unique_issues[issue['id']].append(issue)
                     return callback
                 def get_issues(self):
                     return self.issues
                 @property
                 def issues_unique_count(self):
                     return len(set(i['id'] for i in self.issues))
+            def get_directory_statistics(start_path):
+                """
+                total_files, total_size, directory_stats = get_directory_statistics(start_path)
+                print(f"Directory statistics for: {start_path}\n")
+                print(f"Total files: {total_files}")
+                print(f"Total size: {format_size(total_size)}\n")
+                :param start_path:
+                :return:
+                """
+                total_files = 0
+                total_size = 0
+                directory_stats = {}
+                for dir_path, dir_names, file_names in os.walk(start_path):
+                    dir_size = 0
+                    file_count = len(file_names)
+                    for fname in file_names:
+                        filepath = os.path.join(dir_path, fname)
+                        file_size = os.path.getsize(filepath)
+                        dir_size += file_size
+                    directory_stats[dir_path] = {'file_count': file_count, 'size': dir_size}
+                    total_files += file_count
+                    total_size += dir_size
+                return total_files, total_size, directory_stats

rhodecode/lib/system_info.py

0 +7 -14

             # Copyright (C) 2017-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import time
             import platform
             import collections
             import psutil
             from functools import wraps
             import pkg_resources
             import logging
             import resource
             import configparser
             from rc_license.models import LicenseModel
             from rhodecode.lib.str_utils import safe_str
             log = logging.getLogger(__name__)
             _NA = 'NOT AVAILABLE'
             _NA_FLOAT = 0.0
             STATE_OK = 'ok'
             STATE_ERR = 'error'
             STATE_WARN = 'warning'
             STATE_OK_DEFAULT = {'message': '', 'type': STATE_OK}
             registered_helpers = {}
             def register_sysinfo(func):
                 """
                 @register_helper
                 def db_check():
                     pass
                 db_check == registered_helpers['db_check']
                 """
                 global registered_helpers
                 registered_helpers[func.__name__] = func
                 @wraps(func)
                 def _wrapper(*args, **kwargs):
                     return func(*args, **kwargs)
                 return _wrapper
             # HELPERS
             def percentage(part: (int, float), whole: (int, float)):
                 whole = float(whole)
                 if whole > 0:
                     return round(100 * float(part) / whole, 1)
                 return 0.0
             def get_storage_size(storage_path):
                 sizes = []
                 for file_ in os.listdir(storage_path):
                     storage_file = os.path.join(storage_path, file_)
                     if os.path.isfile(storage_file):
                         try:
                             sizes.append(os.path.getsize(storage_file))
                         except OSError:
                             log.exception('Failed to get size of storage file %s', storage_file)
                             pass
                 return sum(sizes)
             def get_resource(resource_type):
                 try:
                     return resource.getrlimit(resource_type)
                 except Exception:
                     return 'NOT_SUPPORTED'
             def get_cert_path(ini_path):
                 default = '/etc/ssl/certs/ca-certificates.crt'
                 control_ca_bundle = os.path.join(
                     os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(ini_path)))),
                     '/etc/ssl/certs/ca-certificates.crt')
                 if os.path.isfile(control_ca_bundle):
                     default = control_ca_bundle
                 return default
             class SysInfoRes(object):
                 def __init__(self, value, state=None, human_value=None):
                     self.value = value
                     self.state = state or STATE_OK_DEFAULT
                     self.human_value = human_value or value
                 def __json__(self):
                     return {
                         'value': self.value,
                         'state': self.state,
                         'human_value': self.human_value,
                     }
                 def get_value(self):
                     return self.__json__()
                 def __str__(self):
                     return f'<SysInfoRes({self.__json__()})>'
             class SysInfo(object):
                 def __init__(self, func_name, **kwargs):
                     self.function_name = func_name
                     self.value = _NA
                     self.state = None
                     self.kwargs = kwargs or {}
                 def __call__(self):
                     computed = self.compute(**self.kwargs)
                     if not isinstance(computed, SysInfoRes):
                         raise ValueError(
                             'computed value for {} is not instance of '
                             '{}, got {} instead'.format(
                                 self.function_name, SysInfoRes, type(computed)))
                     return computed.__json__()
                 def __str__(self):
                     return f'<SysInfo({self.function_name})>'
                 def compute(self, **kwargs):
                     return self.function_name(**kwargs)
             # SysInfo functions
             @register_sysinfo
             def python_info():
                 value = dict(version=f'{platform.python_version()}:{platform.python_implementation()}',
                              executable=sys.executable)
                 return SysInfoRes(value=value)
             @register_sysinfo
             def py_modules():
                 mods = dict([(p.project_name, {'version': p.version, 'location': p.location})
                              for p in pkg_resources.working_set])
                 value = sorted(mods.items(), key=lambda k: k[0].lower())
                 return SysInfoRes(value=value)
             @register_sysinfo
             def platform_type():
                 from rhodecode.lib.utils import generate_platform_uuid
                 value = dict(
                     name=safe_str(platform.platform()),
                     uuid=generate_platform_uuid()
                 )
                 return SysInfoRes(value=value)
             @register_sysinfo
             def locale_info():
                 import locale
                 def safe_get_locale(locale_name):
                     try:
                         locale.getlocale(locale_name)
                     except TypeError:
                         return f'FAILED_LOCALE_GET:{locale_name}'
                 value = dict(
                     locale_default=locale.getlocale(),
                     locale_lc_all=safe_get_locale(locale.LC_ALL),
                     locale_lc_ctype=safe_get_locale(locale.LC_CTYPE),
                     lang_env=os.environ.get('LANG'),
                     lc_all_env=os.environ.get('LC_ALL'),
                     local_archive_env=os.environ.get('LOCALE_ARCHIVE'),
                 )
                 human_value = \
                     f"LANG: {value['lang_env']}, \
                       locale LC_ALL: {value['locale_lc_all']},  \
                       locale LC_CTYPE: {value['locale_lc_ctype']},  \
                       Default locales: {value['locale_default']}"
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def ulimit_info():
                 data = collections.OrderedDict([
                     ('cpu time (seconds)', get_resource(resource.RLIMIT_CPU)),
                     ('file size', get_resource(resource.RLIMIT_FSIZE)),
                     ('stack size', get_resource(resource.RLIMIT_STACK)),
                     ('core file size', get_resource(resource.RLIMIT_CORE)),
                     ('address space size', get_resource(resource.RLIMIT_AS)),
                     ('locked in mem size', get_resource(resource.RLIMIT_MEMLOCK)),
                     ('heap size', get_resource(resource.RLIMIT_DATA)),
                     ('rss size', get_resource(resource.RLIMIT_RSS)),
                     ('number of processes', get_resource(resource.RLIMIT_NPROC)),
                     ('open files', get_resource(resource.RLIMIT_NOFILE)),
                 ])
                 text = ', '.join(f'{k}:{v}' for k, v in data.items())
                 value = {
                     'limits': data,
                     'text': text,
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def uptime():
                 from rhodecode.lib.helpers import age, time_to_datetime
                 from rhodecode.translation import TranslationString
                 value = dict(boot_time=0, uptime=0, text='')
                 state = STATE_OK_DEFAULT
                 boot_time = psutil.boot_time()
                 value['boot_time'] = boot_time
                 value['uptime'] = time.time() - boot_time
                 date_or_age = age(time_to_datetime(boot_time))
                 if isinstance(date_or_age, TranslationString):
                     date_or_age = date_or_age.interpolate()
                 human_value = value.copy()
                 human_value['boot_time'] = time_to_datetime(boot_time)
                 human_value['uptime'] = age(time_to_datetime(boot_time), show_suffix=False)
                 human_value['text'] = f'Server started {date_or_age}'
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def memory():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 value = dict(available=0, used=0, used_real=0, cached=0, percent=0,
                              percent_used=0, free=0, inactive=0, active=0, shared=0,
                              total=0, buffers=0, text='')
                 state = STATE_OK_DEFAULT
                 value.update(dict(psutil.virtual_memory()._asdict()))
                 value['used_real'] = value['total'] - value['available']
                 value['percent_used'] = psutil._common.usage_percent(value['used_real'], value['total'], 1)
                 human_value = value.copy()
                 human_value['text'] = '{}/{}, {}% used'.format(
                     format_byte_size_binary(value['used_real']),
                     format_byte_size_binary(value['total']),
                     value['percent_used'])
                 keys = list(value.keys())[::]
                 keys.pop(keys.index('percent'))
                 keys.pop(keys.index('percent_used'))
                 keys.pop(keys.index('text'))
                 for k in keys:
                     human_value[k] = format_byte_size_binary(value[k])
                 if state['type'] == STATE_OK and value['percent_used'] > 90:
                     msg = 'Critical: your available RAM memory is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent_used'] > 70:
                     msg = 'Warning: your available RAM memory is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def machine_load():
                 value = {'1_min': _NA_FLOAT, '5_min': _NA_FLOAT, '15_min': _NA_FLOAT, 'text': ''}
                 state = STATE_OK_DEFAULT
                 # load averages
                 if hasattr(psutil.os, 'getloadavg'):
                     value.update(dict(
                         list(zip(['1_min', '5_min', '15_min'], psutil.os.getloadavg()))
                     ))
                 human_value = value.copy()
                 human_value['text'] = '1min: {}, 5min: {}, 15min: {}'.format(
                     value['1_min'], value['5_min'], value['15_min'])
                 if state['type'] == STATE_OK and value['15_min'] > 5.0:
                     msg = 'Warning: your machine load is very high.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def cpu():
                 value = {'cpu': 0, 'cpu_count': 0, 'cpu_usage': []}
                 state = STATE_OK_DEFAULT
                 value['cpu'] = psutil.cpu_percent(0.5)
                 value['cpu_usage'] = psutil.cpu_percent(0.5, percpu=True)
                 value['cpu_count'] = psutil.cpu_count()
                 human_value = value.copy()
                 human_value['text'] = f'{value["cpu_count"]} cores at {value["cpu"]} %'
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 from rhodecode.lib.utils import get_rhodecode_repo_store_path
                 path = get_rhodecode_repo_store_path()
                 value = dict(percent=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch disk info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk space is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk space is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_inodes():
                 from rhodecode.lib.utils import get_rhodecode_repo_store_path
                 path = get_rhodecode_repo_store_path()
                 value = dict(percent=0.0, free=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     i_stat = os.statvfs(path)
                     value['free'] = i_stat.f_ffree
                     value['used'] = i_stat.f_files-i_stat.f_favail
                     value['total'] = i_stat.f_files
                     value['percent'] = percentage(value['used'], value['total'])
                 except Exception as e:
                     log.exception('Failed to fetch disk inodes info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = "{}/{}, {}% used".format(
                     value['used'], value['total'], value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk free inodes are very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk free inodes are running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_archives():
                 import rhodecode
                 from rhodecode.lib.helpers import format_byte_size_binary
-                from rhodecode.lib.rc_cache.archive_cache.utils import get_directory_statistics
+                from rhodecode.lib.archive_cache import get_archival_cache_store
                 storage_type = rhodecode.ConfigGet().get_str('archive_cache.backend.type')
-                storage_key = 'archive_cache.filesystem.store_dir'
-                default_msg = 'Archive cache storage is controlled by '\
+                value = dict(percent=0, used=0, total=0, items=0, path='', text='', type=storage_type)
-                              f'{storage_key}=/path/to/cache option in the .ini file'
-                path = rhodecode.ConfigGet().get_str(storage_key, missing=default_msg)
-                value = dict(percent=0, used=0, total=0, items=0, path=path, text='', type=storage_type)
                 state = STATE_OK_DEFAULT
                 try:
-                    if storage_type != 'filesystem':
+                    d_cache = get_archival_cache_store(config=rhodecode.CONFIG)
-                        # raise Exc to stop reporting on different type
-                        raise ValueError('Storage type must be "filesystem"')
-                    total_files, total_size, _directory_stats = get_directory_statistics(path)
+                    total_files, total_size, _directory_stats = d_cache.get_statistics()
                     value.update({
                         'percent': 100,
                         'used': total_size,
                         'total': total_size,
-                        'items': total_files
+                        'items': total_files,
+                        'path': d_cache.storage_path
                     })
                 except Exception as e:
                     log.exception('failed to fetch archive cache storage')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_gist():
                 from rhodecode.model.gist import GIST_STORE_LOC
                 from rhodecode.lib.utils import safe_str, get_rhodecode_repo_store_path
-                from rhodecode.lib.helpers import format_byte_size_binary
+                from rhodecode.lib.helpers import format_byte_size_binary, get_directory_statistics
-                from rhodecode.lib.rc_cache.archive_cache.utils import get_directory_statistics
                 path = safe_str(os.path.join(
                     get_rhodecode_repo_store_path(), GIST_STORE_LOC))
                 # gist storage
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     total_files, total_size, _directory_stats = get_directory_statistics(path)
                     value.update({
                         'percent': 100,
                         'used': total_size,
                         'total': total_size,
                         'items': total_files
                     })
                 except Exception as e:
                     log.exception('failed to fetch gist storage items')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_temp():
                 import tempfile
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = tempfile.gettempdir()
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 if not psutil:
                     return SysInfoRes(value=value, state=state)
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch temp dir info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def search_info():
                 import rhodecode
                 from rhodecode.lib.index import searcher_from_config
                 backend = rhodecode.CONFIG.get('search.module', '')
                 location = rhodecode.CONFIG.get('search.location', '')
                 try:
                     searcher = searcher_from_config(rhodecode.CONFIG)
                     searcher = searcher.__class__.__name__
                 except Exception:
                     searcher = None
                 value = dict(
                     backend=backend, searcher=searcher, location=location, text='')
                 state = STATE_OK_DEFAULT
                 human_value = value.copy()
                 human_value['text'] = "backend:`{}`".format(human_value['backend'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def git_info():
                 from rhodecode.lib.vcs.backends import git
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = git.discover_git_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def hg_info():
                 from rhodecode.lib.vcs.backends import hg
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = hg.discover_hg_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def svn_info():
                 from rhodecode.lib.vcs.backends import svn
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = svn.discover_svn_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_backends():
                 import rhodecode
                 value = rhodecode.CONFIG.get('vcs.backends')
                 human_value = 'Enabled backends in order: {}'.format(','.join(value))
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def vcs_server():
                 import rhodecode
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 server_url = rhodecode.CONFIG.get('vcs.server')
                 enabled = rhodecode.CONFIG.get('vcs.server.enable')
                 protocol = rhodecode.CONFIG.get('vcs.server.protocol') or 'http'
                 state = STATE_OK_DEFAULT
                 version = None
                 workers = 0
                 try:
                     data = get_vcsserver_service_data()
                     if data and 'version' in data:
                         version = data['version']
                     if data and 'config' in data:
                         conf = data['config']
                         workers = conf.get('workers', 'NOT AVAILABLE')
                     connection = 'connected'
                 except Exception as e:
                     connection = 'failed'
                     state = {'message': str(e), 'type': STATE_ERR}
                 value = dict(
                     url=server_url,
                     enabled=enabled,
                     protocol=protocol,
                     connection=connection,
                     version=version,
                     text='',
                 )
                 human_value = value.copy()
                 human_value['text'] = \
                     '{url}@ver:{ver} via {mode} mode[workers:{workers}], connection:{conn}'.format(
                         url=server_url, ver=version, workers=workers, mode=protocol,
                         conn=connection)
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_server_config():
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 state = STATE_OK_DEFAULT
                 value = {}
                 try:
                     data = get_vcsserver_service_data()
                     value = data['app_config']
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = 'VCS Server config'
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def rhodecode_app_info():
                 import rhodecode
                 edition = rhodecode.CONFIG.get('rhodecode.edition')
                 value = dict(
                     rhodecode_version=rhodecode.__version__,
                     rhodecode_lib_path=os.path.abspath(rhodecode.__file__),
                     text=''
                 )
                 human_value = value.copy()
                 human_value['text'] = 'RhodeCode {edition}, version {ver}'.format(
                     edition=edition, ver=value['rhodecode_version']
                 )
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def rhodecode_config():
                 import rhodecode
                 path = rhodecode.CONFIG.get('__file__')
                 rhodecode_ini_safe = rhodecode.CONFIG.copy()
                 cert_path = get_cert_path(path)
                 try:
                     config = configparser.ConfigParser()
                     config.read(path)
                     parsed_ini = config
                     if parsed_ini.has_section('server:main'):
                         parsed_ini = dict(parsed_ini.items('server:main'))
                 except Exception:
                     log.exception('Failed to read .ini file for display')
                     parsed_ini = {}
                 rhodecode_ini_safe['server:main'] = parsed_ini
                 blacklist = [
                     f'rhodecode_{LicenseModel.LICENSE_DB_KEY}',
                     'routes.map',
                     'sqlalchemy.db1.url',
                     'channelstream.secret',
                     'beaker.session.secret',
                     'rhodecode.encrypted_values.secret',
                     'rhodecode_auth_github_consumer_key',
                     'rhodecode_auth_github_consumer_secret',
                     'rhodecode_auth_google_consumer_key',
                     'rhodecode_auth_google_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_key',
                     'rhodecode_auth_twitter_consumer_secret',
                     'rhodecode_auth_twitter_consumer_key',
                     'rhodecode_auth_twitter_secret',
                     'rhodecode_auth_github_secret',
                     'rhodecode_auth_google_secret',
                     'rhodecode_auth_bitbucket_secret',
                     'appenlight.api_key',
                     ('app_conf', 'sqlalchemy.db1.url')
                 ]
                 for k in blacklist:
                     if isinstance(k, tuple):
                         section, key = k
                         if section in rhodecode_ini_safe:
                             rhodecode_ini_safe[section] = '**OBFUSCATED**'
                     else:
                         rhodecode_ini_safe.pop(k, None)
                 # TODO: maybe put some CONFIG checks here ?
                 return SysInfoRes(value={'config': rhodecode_ini_safe,
                                          'path': path, 'cert_path': cert_path})
             @register_sysinfo
             def database_info():
                 import rhodecode
                 from sqlalchemy.engine import url as engine_url
                 from rhodecode.model import meta
                 from rhodecode.model.meta import Session
                 from rhodecode.model.db import DbMigrateVersion
                 state = STATE_OK_DEFAULT
                 db_migrate = DbMigrateVersion.query().filter(
                     DbMigrateVersion.repository_id == 'rhodecode_db_migrations').one()
                 db_url_obj = engine_url.make_url(rhodecode.CONFIG['sqlalchemy.db1.url'])
                 try:
                     engine = meta.get_engine()
                     db_server_info = engine.dialect._get_server_version_info(
                         Session.connection(bind=engine))
                     db_version = '.'.join(map(str, db_server_info))
                 except Exception:
                     log.exception('failed to fetch db version')
                     db_version = 'UNKNOWN'
                 db_info = dict(
                     migrate_version=db_migrate.version,
                     type=db_url_obj.get_backend_name(),
                     version=db_version,
                     url=repr(db_url_obj)
                 )
                 current_version = db_migrate.version
                 expected_version = rhodecode.__dbversion__
                 if state['type'] == STATE_OK and current_version != expected_version:
                     msg = 'Critical: database schema mismatch, ' \
                           'expected version {}, got {}. ' \
                           'Please run migrations on your database.'.format(
                         expected_version, current_version)
                     state = {'message': msg, 'type': STATE_ERR}
                 human_value = db_info.copy()
                 human_value['url'] = "{} @ migration version: {}".format(
                     db_info['url'], db_info['migrate_version'])
                 human_value['version'] = "{} {}".format(db_info['type'], db_info['version'])
                 return SysInfoRes(value=db_info, state=state, human_value=human_value)
             @register_sysinfo
             def server_info(environ):
                 import rhodecode
                 from rhodecode.lib.base import get_server_ip_addr, get_server_port
                 value = {
                     'server_ip': '{}:{}'.format(
                         get_server_ip_addr(environ, log_errors=False),
                         get_server_port(environ)
                     ),
                     'server_id': rhodecode.CONFIG.get('instance_id'),
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def usage_info():
                 from rhodecode.model.db import User, Repository, true
                 value = {
                     'users': User.query().count(),
                     'users_active': User.query().filter(User.active == true()).count(),
                     'repositories': Repository.query().count(),
                     'repository_types': {
                         'hg': Repository.query().filter(
                             Repository.repo_type == 'hg').count(),
                         'git': Repository.query().filter(
                             Repository.repo_type == 'git').count(),
                         'svn': Repository.query().filter(
                             Repository.repo_type == 'svn').count(),
                     },
                 }
                 return SysInfoRes(value=value)
             def get_system_info(environ):
                 environ = environ or {}
                 return {
                     'rhodecode_app': SysInfo(rhodecode_app_info)(),
                     'rhodecode_config': SysInfo(rhodecode_config)(),
                     'rhodecode_usage': SysInfo(usage_info)(),
                     'python': SysInfo(python_info)(),
                     'py_modules': SysInfo(py_modules)(),
                     'platform': SysInfo(platform_type)(),
                     'locale': SysInfo(locale_info)(),
                     'server': SysInfo(server_info, environ=environ)(),
                     'database': SysInfo(database_info)(),
                     'ulimit': SysInfo(ulimit_info)(),
                     'storage': SysInfo(storage)(),
                     'storage_inodes': SysInfo(storage_inodes)(),
                     'storage_archive': SysInfo(storage_archives)(),
                     'storage_gist': SysInfo(storage_gist)(),
                     'storage_temp': SysInfo(storage_temp)(),
                     'search': SysInfo(search_info)(),
                     'uptime': SysInfo(uptime)(),
                     'load': SysInfo(machine_load)(),
                     'cpu': SysInfo(cpu)(),
                     'memory': SysInfo(memory)(),
                     'vcs_backends': SysInfo(vcs_backends)(),
                     'vcs_server': SysInfo(vcs_server)(),
                     'vcs_server_config': SysInfo(vcs_server_config)(),
                     'git': SysInfo(git_info)(),
                     'hg': SysInfo(hg_info)(),
                     'svn': SysInfo(svn_info)(),
                 }
             def load_system_info(key):
                 """
                 get_sys_info('vcs_server')
                 get_sys_info('database')
                 """
                 return SysInfo(registered_helpers[key])()

rhodecode/tests/fixture_mods/fixture_pyramid.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.lib.config_utils import get_app_config
             from rhodecode.tests.fixture import TestINI
             from rhodecode.tests import TESTS_TMP_PATH
             from rhodecode.tests.server_utils import RcVCSServer
             @pytest.fixture(scope='session')
             def vcsserver(request, vcsserver_port, vcsserver_factory):
                 """
                 Session scope VCSServer.
                 Tests which need the VCSServer have to rely on this fixture in order
                 to ensure it will be running.
                 For specific needs, the fixture vcsserver_factory can be used. It allows to
                 adjust the configuration file for the test run.
                 Command line args:
                 --without-vcsserver: Allows to switch this fixture off. You have to
                 manually start the server.
                 --vcsserver-port: Will expect the VCSServer to listen on this port.
                 """
                 if not request.config.getoption('with_vcsserver'):
                     return None
                 return vcsserver_factory(
                     request, vcsserver_port=vcsserver_port)
             @pytest.fixture(scope='session')
             def vcsserver_factory(tmpdir_factory):
                 """
                 Use this if you need a running vcsserver with a special configuration.
                 """
                 def factory(request, overrides=(), vcsserver_port=None,
                             log_file=None, workers='2'):
                     if vcsserver_port is None:
                         vcsserver_port = get_available_port()
                     overrides = list(overrides)
                     overrides.append({'server:main': {'port': vcsserver_port}})
                     option_name = 'vcsserver_config_http'
                     override_option_name = 'vcsserver_config_override'
                     config_file = get_config(
                         request.config, option_name=option_name,
                         override_option_name=override_option_name, overrides=overrides,
                         basetemp=tmpdir_factory.getbasetemp().strpath,
                         prefix='test_vcs_')
                     server = RcVCSServer(config_file, log_file, workers)
                     server.start()
                     @request.addfinalizer
                     def cleanup():
                         server.shutdown()
                     server.wait_until_ready()
                     return server
                 return factory
             def _use_log_level(config):
                 level = config.getoption('test_loglevel') or 'critical'
                 return level.upper()
             @pytest.fixture(scope='session')
             def ini_config(request, tmpdir_factory, rcserver_port, vcsserver_port):
                 option_name = 'pyramid_config'
                 log_level = _use_log_level(request.config)
                 overrides = [
                     {'server:main': {'port': rcserver_port}},
                     {'app:main': {
-                        'cache_dir': '%(here)s/rc_data',
+                        'cache_dir': '%(here)s/rc-tests/rc_data',
                         'vcs.server': f'localhost:{vcsserver_port}',
                         # johbo: We will always start the VCSServer on our own based on the
                         # fixtures of the test cases. For the test run it must always be
                         # off in the INI file.
                         'vcs.start_server': 'false',
                         'vcs.server.protocol': 'http',
                         'vcs.scm_app_implementation': 'http',
                         'vcs.svn.proxy.enabled': 'true',
                         'vcs.hooks.protocol': 'http',
                         'vcs.hooks.host': '*',
                         'repo_store.path': TESTS_TMP_PATH,
                         'app.service_api.token': 'service_secret_token',
                     }},
                     {'handler_console': {
                         'class': 'StreamHandler',
                         'args': '(sys.stderr,)',
                         'level': log_level,
                     }},
                 ]
                 filename = get_config(
                     request.config, option_name=option_name,
                     override_option_name='{}_override'.format(option_name),
                     overrides=overrides,
                     basetemp=tmpdir_factory.getbasetemp().strpath,
                     prefix='test_rce_')
                 return filename
             @pytest.fixture(scope='session')
             def ini_settings(ini_config):
                 ini_path = ini_config
                 return get_app_config(ini_path)
             def get_available_port(min_port=40000, max_port=55555):
                 from rhodecode.lib.utils2 import get_available_port as _get_port
                 return _get_port(min_port, max_port)
             @pytest.fixture(scope='session')
             def rcserver_port(request):
                 port = get_available_port()
                 print(f'Using rhodecode port {port}')
                 return port
             @pytest.fixture(scope='session')
             def vcsserver_port(request):
                 port = request.config.getoption('--vcsserver-port')
                 if port is None:
                     port = get_available_port()
                     print(f'Using vcsserver port {port}')
                 return port
             @pytest.fixture(scope='session')
             def available_port_factory():
                 """
                 Returns a callable which returns free port numbers.
                 """
                 return get_available_port
             @pytest.fixture()
             def available_port(available_port_factory):
                 """
                 Gives you one free port for the current test.
                 Uses "available_port_factory" to retrieve the port.
                 """
                 return available_port_factory()
             @pytest.fixture(scope='session')
             def testini_factory(tmpdir_factory, ini_config):
                 """
                 Factory to create an INI file based on TestINI.
                 It will make sure to place the INI file in the correct directory.
                 """
                 basetemp = tmpdir_factory.getbasetemp().strpath
                 return TestIniFactory(basetemp, ini_config)
             class TestIniFactory(object):
                 def __init__(self, basetemp, template_ini):
                     self._basetemp = basetemp
                     self._template_ini = template_ini
                 def __call__(self, ini_params, new_file_prefix='test'):
                     ini_file = TestINI(
                         self._template_ini, ini_params=ini_params,
                         new_file_prefix=new_file_prefix, dir=self._basetemp)
                     result = ini_file.create()
                     return result
             def get_config(
                     config, option_name, override_option_name, overrides=None,
                     basetemp=None, prefix='test'):
                 """
                 Find a configuration file and apply overrides for the given `prefix`.
                 """
                 config_file = (
                     config.getoption(option_name) or config.getini(option_name))
                 if not config_file:
                     pytest.exit(
                         "Configuration error, could not extract {}.".format(option_name))
                 overrides = overrides or []
                 config_override = config.getoption(override_option_name)
                 if config_override:
                     overrides.append(config_override)
                 temp_ini_file = TestINI(
                     config_file, ini_params=overrides, new_file_prefix=prefix,
                     dir=basetemp)
                 return temp_ini_file.create()

rhodecode/tests/rhodecode.ini

0 +57 -15

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = true
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 1024000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 256000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = false
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token = abra-cada-bra1-rce3
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
-            ; Uncomment and set this path to control settings for archive download cache.
+            ; Redis url to acquire/check generation of archives locks
+            archive_cache.locking.url = redis://redis:6379/1
+            ; Storage backend, only 'filesystem' and 'objectstore' are available now
+            archive_cache.backend.type = filesystem
+            ; url for s3 compatible storage that allows to upload artifacts
+            ; e.g http://minio:9000
+            archive_cache.objectstore.url = http://s3-minio:9000
+            ; key for s3 auth
+            archive_cache.objectstore.key = key
+            ; secret for s3 auth
+            archive_cache.objectstore.secret = secret
+            ; number of sharded buckets to create to distribute archives across
+            ; default is 8 shards
+            archive_cache.objectstore.bucket_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.objectstore.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.objectstore.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.objectstore.retry_attempts = 10
+            ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
+            archive_cache.filesystem.store_dir = %(here)s/rc-tests/archive_cache
-            ; Default is $cache_dir/archive_cache if not set
-            archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
-            archive_cache.cache_size_gb = 10
+            archive_cache.filesystem.cache_size_gb = 2
+            ; Eviction policy used to clear out after cache_size_gb limit is reached
+            archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
-            archive_cache.cache_shards = 10
+            ; default is 8 shards
+            archive_cache.filesystem.cache_shards = 8
+            ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
+            archive_cache.filesystem.retry = false
+            ; number of seconds to wait for next try using retry
+            archive_cache.filesystem.retry_backoff = 1
+            ; how many tries do do a retry fetch from this backend
+            archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = true
             celery.task_store_eager_result = true
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 0
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
-            rc_cache.cache_general.arguments.filename = %(here)s/cache-backend/cache_general_db
+            rc_cache.cache_general.arguments.filename = %(here)s/rc-tests/cache-backend/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 0
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
-            rc_cache.cache_perms.arguments.filename = %(here)s/cache-backend/cache_perms_db
+            rc_cache.cache_perms.arguments.filename = %(here)s/rc-tests/cache-backend/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
-            rc_cache.cache_repo.arguments.filename = %(here)s/cache-backend/cache_repo_db
+            rc_cache.cache_repo.arguments.filename = %(here)s/rc-tests/cache-backend/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/rc-tests/data/sessions
             ; Redis based sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = test-rc-uytcxaz
-            beaker.session.lock_dir = %(here)s/data/sessions/lock
+            beaker.session.lock_dir = %(here)s/rc-tests/data/sessions/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
-            search.location = %(here)s/data/index
+            search.location = %(here)s/rc-tests/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = false
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
-            channelstream.history.location = %(here)s/channelstream_history
+            channelstream.history.location = %(here)s/rc-tests/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
-            sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
+            sqlalchemy.db1.url = sqlite:///%(here)s/rc-tests/rhodecode_test.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = false
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
-            svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
+            svn.proxy.config_file_path = %(here)s/rc-tests/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
-            ssh.authorized_keys_file_path = %(here)s/rc/authorized_keys_rhodecode
+            ssh.authorized_keys_file_path = %(here)s/rc-tests/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             logging.autoconfigure = false
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_routes]
             level = DEBUG
             handlers =
             qualname = routes.middleware
             ## "level = DEBUG" logs the route matched and routing variables.
             propagate = 1
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_dogpile]
             level = INFO
             handlers = console
             qualname = dogpile
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

rhodecode/tests/vcs/test_archives.py

0 +1 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import datetime
             import os
             import shutil
             import tarfile
             import zipfile
             import io
             import mock
             import pytest
             import rhodecode
-            from rhodecode.lib.rc_cache.archive_cache import get_archival_config
+            from rhodecode.lib.archive_cache import get_archival_config
             from rhodecode.lib.str_utils import ascii_bytes
             from rhodecode.lib.vcs.backends import base
             from rhodecode.lib.vcs.exceptions import ImproperArchiveTypeError, VCSError
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.tests.vcs.conftest import BackendTestMixin
             @pytest.fixture()
             def d_cache_config():
                 return get_archival_config(config=rhodecode.CONFIG)
             @pytest.mark.usefixtures("vcs_repository_support")
             class TestArchives(BackendTestMixin):
                 @classmethod
                 def _get_commits(cls):
                     start_date = datetime.datetime(2010, 1, 1, 20)
                     yield {
                         'message': 'Initial Commit',
                         'author': 'Joe Doe <joe.doe@example.com>',
                         'date': start_date + datetime.timedelta(hours=12),
                         'added': [
                             FileNode(b'executable_0o100755', b'mode_755', mode=0o100755),
                             FileNode(b'executable_0o100500', b'mode_500', mode=0o100500),
                             FileNode(b'not_executable', b'mode_644', mode=0o100644),
                         ],
                     }
                     for x in range(5):
                         yield {
                             'message': 'Commit %d' % x,
                             'author': 'Joe Doe <joe.doe@example.com>',
                             'date': start_date + datetime.timedelta(hours=12 * x),
                             'added': [
                                 FileNode(b'%d/file_%d.txt' % (x, x), content=b'Foobar %d' % x),
                             ],
                         }
                 @pytest.mark.parametrize('compressor', ['gz', 'bz2'])
                 def test_archive_tar(self, compressor, tmpdir, tmp_path, d_cache_config):
                     archive_node = tmp_path / 'archive-node'
                     archive_node.touch()
                     archive_lnk = self.tip.archive_repo(
                         str(archive_node), kind=f't{compressor}', archive_dir_name='repo', cache_config=d_cache_config)
                     out_dir = tmpdir
                     out_file = tarfile.open(str(archive_lnk), f'r|{compressor}')
                     out_file.extractall(out_dir)
                     out_file.close()
                     for x in range(5):
                         node_path = '%d/file_%d.txt' % (x, x)
                         with open(os.path.join(out_dir, 'repo/' + node_path), 'rb') as f:
                             file_content = f.read()
                         assert file_content == self.tip.get_node(node_path).content
                     shutil.rmtree(out_dir)
                 @pytest.mark.parametrize('compressor', ['gz', 'bz2'])
                 def test_archive_tar_symlink(self, compressor):
                     pytest.skip('Not supported')
                 @pytest.mark.parametrize('compressor', ['gz', 'bz2'])
                 def test_archive_tar_file_modes(self, compressor, tmpdir, tmp_path, d_cache_config):
                     archive_node = tmp_path / 'archive-node'
                     archive_node.touch()
                     archive_lnk = self.tip.archive_repo(
                         str(archive_node), kind='t{}'.format(compressor), archive_dir_name='repo', cache_config=d_cache_config)
                     out_dir = tmpdir
                     out_file = tarfile.open(str(archive_lnk), 'r|{}'.format(compressor))
                     out_file.extractall(out_dir)
                     out_file.close()
                     def dest(inp):
                         return os.path.join(out_dir, "repo/" + inp)
                     assert oct(os.stat(dest('not_executable')).st_mode) == '0o100644'
                 def test_archive_zip(self, tmp_path, d_cache_config):
                     archive_node = tmp_path / 'archive-node'
                     archive_node.touch()
                     archive_lnk = self.tip.archive_repo(str(archive_node), kind='zip',
                                                         archive_dir_name='repo', cache_config=d_cache_config)
                     zip_file = zipfile.ZipFile(str(archive_lnk))
                     for x in range(5):
                         node_path = '%d/file_%d.txt' % (x, x)
                         data = zip_file.read(f'repo/{node_path}')
                         decompressed = io.BytesIO()
                         decompressed.write(data)
                         assert decompressed.getvalue() == \
                             self.tip.get_node(node_path).content
                         decompressed.close()
                 def test_archive_zip_with_metadata(self, tmp_path, d_cache_config):
                     archive_node = tmp_path / 'archive-node'
                     archive_node.touch()
                     archive_lnk = self.tip.archive_repo(
                         str(archive_node), kind='zip',
                         archive_dir_name='repo', write_metadata=True, cache_config=d_cache_config)
                     zip_file = zipfile.ZipFile(str(archive_lnk))
                     metafile = zip_file.read('repo/.archival.txt')
                     raw_id = ascii_bytes(self.tip.raw_id)
                     assert b'commit_id:%b' % raw_id in metafile
                     for x in range(5):
                         node_path = '%d/file_%d.txt' % (x, x)
                         data = zip_file.read(f'repo/{node_path}')
                         decompressed = io.BytesIO()
                         decompressed.write(data)
                         assert decompressed.getvalue() == \
                             self.tip.get_node(node_path).content
                         decompressed.close()
                 def test_archive_wrong_kind(self, tmp_path, d_cache_config):
                     archive_node = tmp_path / 'archive-node'
                     archive_node.touch()
                     with pytest.raises(ImproperArchiveTypeError):
                         self.tip.archive_repo(str(archive_node), kind='wrong kind', cache_config=d_cache_config)
             @pytest.fixture()
             def base_commit():
                 """
                 Prepare a `base.BaseCommit` just enough for `_validate_archive_prefix`.
                 """
                 commit = base.BaseCommit()
                 commit.repository = mock.Mock()
                 commit.repository.name = 'fake_repo'
                 commit.short_id = 'fake_id'
                 return commit
             def test_validate_archive_prefix_enforces_non_ascii_as_prefix(base_commit):
                 with pytest.raises(VCSError):
                     base_commit._validate_archive_prefix("Ünïcödë")
             def test_validate_archive_prefix_empty_prefix(base_commit):
                 # TODO: johbo: Should raise a ValueError here.
                 with pytest.raises(VCSError):
                     base_commit._validate_archive_prefix('')
             def test_validate_archive_prefix_with_leading_slash(base_commit):
                 # TODO: johbo: Should raise a ValueError here.
                 with pytest.raises(VCSError):
                     base_commit._validate_archive_prefix('/any')
             def test_validate_archive_prefix_falls_back_to_repository_name(base_commit):
                 prefix = base_commit._validate_archive_prefix(None)
                 expected_prefix = base_commit._ARCHIVE_PREFIX_TEMPLATE.format(
                     repo_name='fake_repo',
                     short_id='fake_id')
                 assert isinstance(prefix, str)
                 assert prefix == expected_prefix

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages