fcb535c5c3
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
103 lines
4.8 KiB
Cheetah
103 lines
4.8 KiB
Cheetah
<h4 class="ui top attached header">
|
|
<div class="ui stackable grid">
|
|
<div class="five wide column">
|
|
{{if or .PageIsCommits (gt .CommitCount 0)}}
|
|
{{.CommitCount}} {{.i18n.Tr "repo.commits.commits"}} {{if .Branch}}({{.Branch}}){{end}}
|
|
{{else}}
|
|
{{.i18n.Tr "repo.commits.no_commits" $.BaseBranch $.HeadBranch }} {{if .Branch}}({{.Branch}}){{end}}
|
|
{{end}}
|
|
</div>
|
|
<div class="eleven wide right aligned column">
|
|
{{if .PageIsCommits}}
|
|
<form class="ignore-dirty" action="{{.RepoLink}}/commits/{{.BranchNameSubURL | EscapePound}}/search">
|
|
<div class="ui tiny search input">
|
|
<input name="q" placeholder="{{.i18n.Tr "repo.commits.search"}}" value="{{.Keyword}}" autofocus>
|
|
</div>
|
|
|
|
<div class="ui checkbox">
|
|
<input type="checkbox" name="all" id="all" value="true" {{.All}}>
|
|
<label for="all">{{.i18n.Tr "repo.commits.search_all"}} </label>
|
|
</div>
|
|
<button class="ui black tiny button" data-panel="#add-deploy-key-panel" data-tooltip={{.i18n.Tr "repo.commits.search.tooltip"}}>{{.i18n.Tr "repo.commits.find"}}</button>
|
|
</form>
|
|
{{else if .IsDiffCompare}}
|
|
<a href="{{$.CommitRepoLink}}/commit/{{.BeforeCommitID}}" class="ui green sha label">{{if not .BaseIsCommit}}{{if .BaseIsBranch}}<i class="octicon octicon-git-branch"></i>{{else if .BaseIsTag}}<i class="octicon octicon-tag"></i>{{end}}{{.BaseBranch}}{{else}}{{ShortSha .BaseBranch}}{{end}}</a>
|
|
...
|
|
<a href="{{$.CommitRepoLink}}/commit/{{.AfterCommitID}}" class="ui green sha label">{{if not .HeadIsCommit}}{{if .HeadIsBranch}}<i class="octicon octicon-git-branch"></i>{{else if .HeadIsTag}}<i class="octicon octicon-tag"></i>{{end}}{{.HeadBranch}}{{else}}{{ShortSha .HeadBranch}}{{end}}</a>
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
</h4>
|
|
|
|
{{if and .Commits (gt .CommitCount 0)}}
|
|
<div class="ui attached table segment">
|
|
<table class="ui very basic striped fixed table single line" id="commits-table">
|
|
<thead>
|
|
<tr>
|
|
<th class="four wide">{{.i18n.Tr "repo.commits.author"}}</th>
|
|
<th class="two wide sha">SHA1</th>
|
|
<th class="seven wide message">{{.i18n.Tr "repo.commits.message"}}</th>
|
|
<th class="three wide right aligned">{{.i18n.Tr "repo.commits.date"}}</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody class="commit-list">
|
|
{{ $r:= List .Commits}}
|
|
{{range $r}}
|
|
<tr>
|
|
<td class="author">
|
|
{{if .User}}
|
|
{{if .User.FullName}}
|
|
<img class="ui avatar image" src="{{.User.RelAvatarLink}}" alt=""/> <a href="{{AppSubUrl}}/{{.User.Name}}">{{.User.FullName}}</a>
|
|
{{else}}
|
|
<img class="ui avatar image" src="{{.User.RelAvatarLink}}" alt=""/> <a href="{{AppSubUrl}}/{{.User.Name}}">{{.Author.Name}}</a>
|
|
{{end}}
|
|
{{else}}
|
|
<img class="ui avatar image" src="{{AvatarLink .Author.Email}}" alt=""/> {{.Author.Name}}
|
|
{{end}}
|
|
</td>
|
|
<td class="sha">
|
|
<a rel="nofollow" class="ui sha label {{if .Signature}} isSigned {{if .Verification.Verified }} isVerified {{else if .Verification.Warning}} isWarning {{end}}{{end}}" href="{{AppSubUrl}}/{{$.Username}}/{{$.Reponame}}/commit/{{.ID}}">
|
|
{{ShortSha .ID.String}}
|
|
{{if .Signature}}
|
|
<div class="ui detail icon button">
|
|
{{if .Verification.Verified}}
|
|
{{if ne .Verification.SigningUser.ID 0}}
|
|
<i title="{{.Verification.Reason}}" class="lock green icon"></i>
|
|
{{else}}
|
|
<i title="{{.Verification.Reason}}" class="icons">
|
|
<i class="green lock icon"></i>
|
|
<i class="tiny inverted cog icon centerlock"></i>
|
|
</i>
|
|
{{end}}
|
|
{{else if .Verification.Warning}}
|
|
<i title="{{$.i18n.Tr .Verification.Reason}}" class="red unlock icon"></i>
|
|
{{else}}
|
|
<i title="{{$.i18n.Tr .Verification.Reason}}" class="unlock icon"></i>
|
|
{{end}}
|
|
</div>
|
|
{{end}}
|
|
</a>
|
|
</td>
|
|
<td class="message">
|
|
<span class="message-wrapper">
|
|
{{ $commitLink:= printf "%s/%s/%s/commit/%s" AppSubUrl $.Username $.Reponame .ID }}
|
|
<span class="commit-summary has-emoji{{if gt .ParentCount 1}} grey text{{end}}" title="{{.Summary}}">{{RenderCommitMessageLinkSubject .Message $.RepoLink $commitLink $.Repository.ComposeMetas}}</span>
|
|
</span>
|
|
{{if IsMultilineCommitMessage .Message}}
|
|
<button class="basic compact mini ui icon button commit-button"><i class="ellipsis horizontal icon"></i></button>
|
|
{{end}}
|
|
{{template "repo/commit_status" .Status}}
|
|
{{if IsMultilineCommitMessage .Message}}
|
|
<pre class="commit-body" style="display: none;">{{RenderCommitBody .Message $.RepoLink $.Repository.ComposeMetas}}</pre>
|
|
{{end}}
|
|
</td>
|
|
<td class="grey text right aligned">{{TimeSince .Author.When $.Lang}}</td>
|
|
</tr>
|
|
{{end}}
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
{{end}}
|
|
|
|
{{template "base/paginate" .}}
|