1package sqlite
2
3import (
4 "bytes"
5 "context"
6 "fmt"
7 "os"
8 "path/filepath"
9 "strings"
10 "text/template"
11
12 "github.com/charmbracelet/log"
13 "github.com/charmbracelet/soft-serve/git"
14 "github.com/charmbracelet/soft-serve/server/backend"
15 "github.com/charmbracelet/soft-serve/server/config"
16 "github.com/charmbracelet/soft-serve/server/utils"
17 "github.com/jmoiron/sqlx"
18 _ "modernc.org/sqlite"
19)
20
21var (
22 logger = log.WithPrefix("backend.sqlite")
23)
24
25// SqliteBackend is a backend that uses a SQLite database as a Soft Serve
26// backend.
27type SqliteBackend struct {
28 cfg *config.Config
29 ctx context.Context
30 dp string
31 db *sqlx.DB
32}
33
34var _ backend.Backend = (*SqliteBackend)(nil)
35
36func (d *SqliteBackend) reposPath() string {
37 return filepath.Join(d.dp, "repos")
38}
39
40// NewSqliteBackend creates a new SqliteBackend.
41func NewSqliteBackend(ctx context.Context, cfg *config.Config) (*SqliteBackend, error) {
42 dataPath := cfg.DataPath
43 if err := os.MkdirAll(dataPath, os.ModePerm); err != nil {
44 return nil, err
45 }
46
47 db, err := sqlx.Connect("sqlite", filepath.Join(dataPath, "soft-serve.db"+
48 "?_pragma=busy_timeout(5000)&_pragma=foreign_keys(1)"))
49 if err != nil {
50 return nil, err
51 }
52
53 d := &SqliteBackend{
54 cfg: cfg,
55 ctx: ctx,
56 dp: dataPath,
57 db: db,
58 }
59
60 if err := d.init(); err != nil {
61 return nil, err
62 }
63
64 if err := d.db.Ping(); err != nil {
65 return nil, err
66 }
67
68 return d, d.initRepos()
69}
70
71// AllowKeyless returns whether or not keyless access is allowed.
72//
73// It implements backend.Backend.
74func (d *SqliteBackend) AllowKeyless() bool {
75 var allow bool
76 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
77 return tx.Get(&allow, "SELECT value FROM settings WHERE key = ?;", "allow_keyless")
78 }); err != nil {
79 return false
80 }
81
82 return allow
83}
84
85// AnonAccess returns the level of anonymous access.
86//
87// It implements backend.Backend.
88func (d *SqliteBackend) AnonAccess() backend.AccessLevel {
89 var level string
90 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
91 return tx.Get(&level, "SELECT value FROM settings WHERE key = ?;", "anon_access")
92 }); err != nil {
93 return backend.NoAccess
94 }
95
96 return backend.ParseAccessLevel(level)
97}
98
99// SetAllowKeyless sets whether or not keyless access is allowed.
100//
101// It implements backend.Backend.
102func (d *SqliteBackend) SetAllowKeyless(allow bool) error {
103 return wrapDbErr(
104 wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
105 _, err := tx.Exec("UPDATE settings SET value = ?, updated_at = CURRENT_TIMESTAMP WHERE key = ?;", allow, "allow_keyless")
106 return err
107 }),
108 )
109}
110
111// SetAnonAccess sets the level of anonymous access.
112//
113// It implements backend.Backend.
114func (d *SqliteBackend) SetAnonAccess(level backend.AccessLevel) error {
115 return wrapDbErr(
116 wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
117 _, err := tx.Exec("UPDATE settings SET value = ?, updated_at = CURRENT_TIMESTAMP WHERE key = ?;", level.String(), "anon_access")
118 return err
119 }),
120 )
121}
122
123// CreateRepository creates a new repository.
124//
125// It implements backend.Backend.
126func (d *SqliteBackend) CreateRepository(name string, opts backend.RepositoryOptions) (backend.Repository, error) {
127 name = utils.SanitizeRepo(name)
128 if err := utils.ValidateRepo(name); err != nil {
129 return nil, err
130 }
131
132 repo := name + ".git"
133 rp := filepath.Join(d.reposPath(), repo)
134
135 cleanup := func() error {
136 return os.RemoveAll(rp)
137 }
138
139 rr, err := git.Init(rp, true)
140 if err != nil {
141 logger.Debug("failed to create repository", "err", err)
142 cleanup() // nolint: errcheck
143 return nil, err
144 }
145
146 if err := rr.UpdateServerInfo(); err != nil {
147 logger.Debug("failed to update server info", "err", err)
148 cleanup() // nolint: errcheck
149 return nil, err
150 }
151
152 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
153 _, err := tx.Exec(`INSERT INTO repo (name, project_name, description, private, mirror, hidden, updated_at)
154 VALUES (?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP);`,
155 name, opts.ProjectName, opts.Description, opts.Private, opts.Mirror, opts.Hidden)
156 return err
157 }); err != nil {
158 logger.Debug("failed to create repository in database", "err", err)
159 return nil, wrapDbErr(err)
160 }
161
162 r := &Repo{
163 name: name,
164 path: rp,
165 db: d.db,
166 }
167
168 return r, d.InitializeHooks(name)
169}
170
171// ImportRepository imports a repository from remote.
172func (d *SqliteBackend) ImportRepository(name string, remote string, opts backend.RepositoryOptions) (backend.Repository, error) {
173 name = utils.SanitizeRepo(name)
174 if err := utils.ValidateRepo(name); err != nil {
175 return nil, err
176 }
177
178 repo := name + ".git"
179 rp := filepath.Join(d.reposPath(), repo)
180
181 copts := git.CloneOptions{
182 Bare: true,
183 Mirror: opts.Mirror,
184 Quiet: true,
185 CommandOptions: git.CommandOptions{
186 Envs: []string{
187 fmt.Sprintf(`GIT_SSH_COMMAND=ssh -o UserKnownHostsFile="%s" -o StrictHostKeyChecking=no -i "%s"`,
188 filepath.Join(d.cfg.DataPath, "ssh", "known_hosts"),
189 d.cfg.Internal.ClientKeyPath,
190 ),
191 },
192 },
193 }
194
195 if err := git.Clone(remote, rp, copts); err != nil {
196 logger.Error("failed to clone repository", "err", err, "mirror", opts.Mirror, "remote", remote, "path", rp)
197 return nil, err
198 }
199
200 return d.CreateRepository(name, opts)
201}
202
203// DeleteRepository deletes a repository.
204//
205// It implements backend.Backend.
206func (d *SqliteBackend) DeleteRepository(name string) error {
207 name = utils.SanitizeRepo(name)
208 repo := name + ".git"
209 rp := filepath.Join(d.reposPath(), repo)
210 if _, err := os.Stat(rp); err != nil {
211 return os.ErrNotExist
212 }
213
214 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
215 _, err := tx.Exec("DELETE FROM repo WHERE name = ?;", name)
216 return err
217 }); err != nil {
218 return wrapDbErr(err)
219 }
220
221 return os.RemoveAll(rp)
222}
223
224// RenameRepository renames a repository.
225//
226// It implements backend.Backend.
227func (d *SqliteBackend) RenameRepository(oldName string, newName string) error {
228 oldName = utils.SanitizeRepo(oldName)
229 if err := utils.ValidateRepo(oldName); err != nil {
230 return err
231 }
232
233 newName = utils.SanitizeRepo(newName)
234 if err := utils.ValidateRepo(newName); err != nil {
235 return err
236 }
237 oldRepo := oldName + ".git"
238 newRepo := newName + ".git"
239 op := filepath.Join(d.reposPath(), oldRepo)
240 np := filepath.Join(d.reposPath(), newRepo)
241 if _, err := os.Stat(op); err != nil {
242 return fmt.Errorf("repository %s does not exist", oldName)
243 }
244
245 if _, err := os.Stat(np); err == nil {
246 return fmt.Errorf("repository %s already exists", newName)
247 }
248
249 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
250 _, err := tx.Exec("UPDATE repo SET name = ?, updated_at = CURRENT_TIMESTAMP WHERE name = ?;", newName, oldName)
251 return err
252 }); err != nil {
253 return wrapDbErr(err)
254 }
255
256 // Make sure the new repository parent directory exists.
257 if err := os.MkdirAll(filepath.Dir(np), os.ModePerm); err != nil {
258 return err
259 }
260
261 return os.Rename(op, np)
262}
263
264// Repositories returns a list of all repositories.
265//
266// It implements backend.Backend.
267func (d *SqliteBackend) Repositories() ([]backend.Repository, error) {
268 repos := make([]backend.Repository, 0)
269 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
270 rows, err := tx.Query("SELECT name FROM repo")
271 if err != nil {
272 return err
273 }
274
275 defer rows.Close() // nolint: errcheck
276 for rows.Next() {
277 var name string
278 if err := rows.Scan(&name); err != nil {
279 return err
280 }
281
282 repos = append(repos, &Repo{
283 name: name,
284 path: filepath.Join(d.reposPath(), name+".git"),
285 db: d.db,
286 })
287 }
288
289 return nil
290 }); err != nil {
291 return nil, wrapDbErr(err)
292 }
293
294 return repos, nil
295}
296
297// Repository returns a repository by name.
298//
299// It implements backend.Backend.
300func (d *SqliteBackend) Repository(repo string) (backend.Repository, error) {
301 repo = utils.SanitizeRepo(repo)
302 rp := filepath.Join(d.reposPath(), repo+".git")
303 if _, err := os.Stat(rp); err != nil {
304 return nil, os.ErrNotExist
305 }
306
307 var count int
308 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
309 return tx.Get(&count, "SELECT COUNT(*) FROM repo WHERE name = ?", repo)
310 }); err != nil {
311 return nil, wrapDbErr(err)
312 }
313
314 if count == 0 {
315 logger.Warn("repository exists but not found in database", "repo", repo)
316 return nil, ErrRepoNotExist
317 }
318
319 return &Repo{
320 name: repo,
321 path: rp,
322 db: d.db,
323 }, nil
324}
325
326// Description returns the description of a repository.
327//
328// It implements backend.Backend.
329func (d *SqliteBackend) Description(repo string) (string, error) {
330 repo = utils.SanitizeRepo(repo)
331 var desc string
332 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
333 row := tx.QueryRow("SELECT description FROM repo WHERE name = ?", repo)
334 return row.Scan(&desc)
335 }); err != nil {
336 return "", wrapDbErr(err)
337 }
338
339 return desc, nil
340}
341
342// IsMirror returns true if the repository is a mirror.
343//
344// It implements backend.Backend.
345func (d *SqliteBackend) IsMirror(repo string) (bool, error) {
346 repo = utils.SanitizeRepo(repo)
347 var mirror bool
348 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
349 return tx.Get(&mirror, "SELECT mirror FROM repo WHERE name = ?", repo)
350 }); err != nil {
351 return false, wrapDbErr(err)
352 }
353
354 return mirror, nil
355}
356
357// IsPrivate returns true if the repository is private.
358//
359// It implements backend.Backend.
360func (d *SqliteBackend) IsPrivate(repo string) (bool, error) {
361 repo = utils.SanitizeRepo(repo)
362 var private bool
363 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
364 row := tx.QueryRow("SELECT private FROM repo WHERE name = ?", repo)
365 return row.Scan(&private)
366 }); err != nil {
367 return false, wrapDbErr(err)
368 }
369
370 return private, nil
371}
372
373// IsHidden returns true if the repository is hidden.
374//
375// It implements backend.Backend.
376func (d *SqliteBackend) IsHidden(repo string) (bool, error) {
377 repo = utils.SanitizeRepo(repo)
378 var hidden bool
379 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
380 row := tx.QueryRow("SELECT hidden FROM repo WHERE name = ?", repo)
381 return row.Scan(&hidden)
382 }); err != nil {
383 return false, wrapDbErr(err)
384 }
385
386 return hidden, nil
387}
388
389// SetHidden sets the hidden flag of a repository.
390//
391// It implements backend.Backend.
392func (d *SqliteBackend) SetHidden(repo string, hidden bool) error {
393 repo = utils.SanitizeRepo(repo)
394 return wrapDbErr(wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
395 var count int
396 if err := tx.Get(&count, "SELECT COUNT(*) FROM repo WHERE name = ?", repo); err != nil {
397 return err
398 }
399 if count == 0 {
400 return ErrRepoNotExist
401 }
402 _, err := tx.Exec("UPDATE repo SET hidden = ?, updated_at = CURRENT_TIMESTAMP WHERE name = ?;", hidden, repo)
403 return err
404 }))
405}
406
407// ProjectName returns the project name of a repository.
408//
409// It implements backend.Backend.
410func (d *SqliteBackend) ProjectName(repo string) (string, error) {
411 repo = utils.SanitizeRepo(repo)
412 var name string
413 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
414 row := tx.QueryRow("SELECT project_name FROM repo WHERE name = ?", repo)
415 return row.Scan(&name)
416 }); err != nil {
417 return "", wrapDbErr(err)
418 }
419
420 return name, nil
421}
422
423// SetDescription sets the description of a repository.
424//
425// It implements backend.Backend.
426func (d *SqliteBackend) SetDescription(repo string, desc string) error {
427 repo = utils.SanitizeRepo(repo)
428 return wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
429 var count int
430 if err := tx.Get(&count, "SELECT COUNT(*) FROM repo WHERE name = ?", repo); err != nil {
431 return err
432 }
433 if count == 0 {
434 return ErrRepoNotExist
435 }
436 _, err := tx.Exec("UPDATE repo SET description = ? WHERE name = ?", desc, repo)
437 return err
438 })
439}
440
441// SetPrivate sets the private flag of a repository.
442//
443// It implements backend.Backend.
444func (d *SqliteBackend) SetPrivate(repo string, private bool) error {
445 repo = utils.SanitizeRepo(repo)
446 return wrapDbErr(
447 wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
448 var count int
449 if err := tx.Get(&count, "SELECT COUNT(*) FROM repo WHERE name = ?", repo); err != nil {
450 return err
451 }
452 if count == 0 {
453 return ErrRepoNotExist
454 }
455 _, err := tx.Exec("UPDATE repo SET private = ? WHERE name = ?", private, repo)
456 return err
457 }),
458 )
459}
460
461// SetProjectName sets the project name of a repository.
462//
463// It implements backend.Backend.
464func (d *SqliteBackend) SetProjectName(repo string, name string) error {
465 repo = utils.SanitizeRepo(repo)
466 return wrapDbErr(
467 wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
468 var count int
469 if err := tx.Get(&count, "SELECT COUNT(*) FROM repo WHERE name = ?", repo); err != nil {
470 return err
471 }
472 if count == 0 {
473 return ErrRepoNotExist
474 }
475 _, err := tx.Exec("UPDATE repo SET project_name = ? WHERE name = ?", name, repo)
476 return err
477 }),
478 )
479}
480
481// AddCollaborator adds a collaborator to a repository.
482//
483// It implements backend.Backend.
484func (d *SqliteBackend) AddCollaborator(repo string, username string) error {
485 username = strings.ToLower(username)
486 if err := utils.ValidateUsername(username); err != nil {
487 return err
488 }
489
490 repo = utils.SanitizeRepo(repo)
491 return wrapDbErr(wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
492 _, err := tx.Exec(`INSERT INTO collab (user_id, repo_id, updated_at)
493 VALUES (
494 (SELECT id FROM user WHERE username = ?),
495 (SELECT id FROM repo WHERE name = ?),
496 CURRENT_TIMESTAMP
497 );`, username, repo)
498 return err
499 }),
500 )
501}
502
503// Collaborators returns a list of collaborators for a repository.
504//
505// It implements backend.Backend.
506func (d *SqliteBackend) Collaborators(repo string) ([]string, error) {
507 repo = utils.SanitizeRepo(repo)
508 var users []string
509 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
510 return tx.Select(&users, `SELECT user.username FROM user
511 INNER JOIN collab ON user.id = collab.user_id
512 INNER JOIN repo ON repo.id = collab.repo_id
513 WHERE repo.name = ?`, repo)
514 }); err != nil {
515 return nil, wrapDbErr(err)
516 }
517
518 return users, nil
519}
520
521// IsCollaborator returns true if the user is a collaborator of the repository.
522//
523// It implements backend.Backend.
524func (d *SqliteBackend) IsCollaborator(repo string, username string) (bool, error) {
525 repo = utils.SanitizeRepo(repo)
526 var count int
527 if err := wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
528 return tx.Get(&count, `SELECT COUNT(*) FROM user
529 INNER JOIN collab ON user.id = collab.user_id
530 INNER JOIN repo ON repo.id = collab.repo_id
531 WHERE repo.name = ? AND user.username = ?`, repo, username)
532 }); err != nil {
533 return false, wrapDbErr(err)
534 }
535
536 return count > 0, nil
537}
538
539// RemoveCollaborator removes a collaborator from a repository.
540//
541// It implements backend.Backend.
542func (d *SqliteBackend) RemoveCollaborator(repo string, username string) error {
543 repo = utils.SanitizeRepo(repo)
544 return wrapDbErr(
545 wrapTx(d.db, d.ctx, func(tx *sqlx.Tx) error {
546 _, err := tx.Exec(`DELETE FROM collab
547 WHERE user_id = (SELECT id FROM user WHERE username = ?)
548 AND repo_id = (SELECT id FROM repo WHERE name = ?)`, username, repo)
549 return err
550 }),
551 )
552}
553
554var (
555 hookNames = []string{"pre-receive", "update", "post-update", "post-receive"}
556 hookTpls = []string{
557 // for pre-receive
558 `#!/usr/bin/env bash
559# AUTO GENERATED BY SOFT SERVE, DO NOT MODIFY
560data=$(cat)
561exitcodes=""
562hookname=$(basename $0)
563GIT_DIR=${GIT_DIR:-$(dirname $0)/..}
564for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
565 test -x "${hook}" && test -f "${hook}" || continue
566 echo "${data}" | "${hook}"
567 exitcodes="${exitcodes} $?"
568done
569for i in ${exitcodes}; do
570 [ ${i} -eq 0 ] || exit ${i}
571done
572`,
573
574 // for update
575 `#!/usr/bin/env bash
576# AUTO GENERATED BY SOFT SERVE, DO NOT MODIFY
577exitcodes=""
578hookname=$(basename $0)
579GIT_DIR=${GIT_DIR:-$(dirname $0/..)}
580for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
581 test -x "${hook}" && test -f "${hook}" || continue
582 "${hook}" $1 $2 $3
583 exitcodes="${exitcodes} $?"
584done
585for i in ${exitcodes}; do
586 [ ${i} -eq 0 ] || exit ${i}
587done
588`,
589
590 // for post-update
591 `#!/usr/bin/env bash
592# AUTO GENERATED BY SOFT SERVE, DO NOT MODIFY
593data=$(cat)
594exitcodes=""
595hookname=$(basename $0)
596GIT_DIR=${GIT_DIR:-$(dirname $0)/..}
597for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
598 test -x "${hook}" && test -f "${hook}" || continue
599 "${hook}" $@
600 exitcodes="${exitcodes} $?"
601done
602for i in ${exitcodes}; do
603 [ ${i} -eq 0 ] || exit ${i}
604done
605`,
606
607 // for post-receive
608 `#!/usr/bin/env bash
609# AUTO GENERATED BY SOFT SERVE, DO NOT MODIFY
610data=$(cat)
611exitcodes=""
612hookname=$(basename $0)
613GIT_DIR=${GIT_DIR:-$(dirname $0)/..}
614for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
615 test -x "${hook}" && test -f "${hook}" || continue
616 echo "${data}" | "${hook}"
617 exitcodes="${exitcodes} $?"
618done
619for i in ${exitcodes}; do
620 [ ${i} -eq 0 ] || exit ${i}
621done
622`,
623 }
624)
625
626// InitializeHooks updates the hooks for the given repository.
627//
628// It implements backend.Backend.
629func (d *SqliteBackend) InitializeHooks(repo string) error {
630 hookTmpl, err := template.New("hook").Parse(`#!/usr/bin/env bash
631# AUTO GENERATED BY SOFT SERVE, DO NOT MODIFY
632{{ range $_, $env := .Envs }}
633{{ $env }} \{{ end }}
634{{ .Executable }} hook --config "{{ .Config }}" {{ .Hook }} {{ .Args }}
635`)
636 if err != nil {
637 return err
638 }
639
640 repo = utils.SanitizeRepo(repo) + ".git"
641 hooksPath := filepath.Join(d.reposPath(), repo, "hooks")
642 if err := os.MkdirAll(hooksPath, os.ModePerm); err != nil {
643 return err
644 }
645
646 ex, err := os.Executable()
647 if err != nil {
648 return err
649 }
650
651 dp, err := filepath.Abs(d.dp)
652 if err != nil {
653 return fmt.Errorf("failed to get absolute path for data path: %w", err)
654 }
655
656 cp := filepath.Join(dp, "config.yaml")
657 envs := []string{}
658 for i, hook := range hookNames {
659 var data bytes.Buffer
660 var args string
661 hp := filepath.Join(hooksPath, hook)
662 if err := os.WriteFile(hp, []byte(hookTpls[i]), os.ModePerm); err != nil {
663 return err
664 }
665
666 // Create hook.d directory.
667 hp += ".d"
668 if err := os.MkdirAll(hp, os.ModePerm); err != nil {
669 return err
670 }
671
672 if hook == "update" {
673 args = "$1 $2 $3"
674 } else if hook == "post-update" {
675 args = "$@"
676 }
677
678 err = hookTmpl.Execute(&data, struct {
679 Executable string
680 Hook string
681 Args string
682 Envs []string
683 Config string
684 }{
685 Executable: ex,
686 Hook: hook,
687 Args: args,
688 Envs: envs,
689 Config: cp,
690 })
691 if err != nil {
692 logger.Error("failed to execute hook template", "err", err)
693 continue
694 }
695
696 hp = filepath.Join(hp, "soft-serve")
697 err = os.WriteFile(hp, data.Bytes(), os.ModePerm) //nolint:gosec
698 if err != nil {
699 logger.Error("failed to write hook", "err", err)
700 continue
701 }
702 }
703
704 return nil
705}
706
707func (d *SqliteBackend) initRepos() error {
708 repos, err := d.Repositories()
709 if err != nil {
710 return err
711 }
712
713 for _, repo := range repos {
714 if err := d.InitializeHooks(repo.Name()); err != nil {
715 return err
716 }
717 }
718
719 return nil
720}