Version 1.23.12

luckily, sshd does not error if the interface has no IPv6 address

CHANGELOG

@@ -217,3 +217,745 @@
   * Fix undeleted content when deleting user (#5429) (#5509)
   * Fix empty wiki (#5504) (#5508)
 
+[1.8.3]
+* Update Gitea to 1.6.3
+* SECURITY: Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BUGFIX: Fix wrong text getting saved on editing second comment on an issue (#5608)
+
+[1.8.4]
+* Update Gitea to 1.6.4
+* Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
+* When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
+* Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
+
+[1.9.0]
+* Update Gitea to 1.7.0
+
+[1.9.1]
+* Update Gitea to 1.7.1
+* [Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.7.1)
+* Disable redirect for i18n (#5910) (#5916)
+* Only allow local login if password is non-empty (#5906) (#5908)
+* Fix go-get URL generation (#5905) (#5907)
+* Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
+* Request for public keys only if LDAP attribute is set (#5816) (#5819)
+* Fix delete correct temp directory (#5840) (#5839)
+* Fix an error while adding a dependency via UI (#5862) (#5876)
+* Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
+* When creating new repository fsck option should be enabled (#5817) (#5885)
+* Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
+* Fix bug when read public repo lfs file (#5913) (#5912)
+* Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
+* Fix compare button on upstream repo leading to 404 (#5877) (#5914)
+
+[1.9.2]
+* Update Gitea to 1.7.2
+* Remove all CommitStatus when a repo is deleted (#5940) (#5941)
+* Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
+* Silence console logger in gitea serv (#5887) (#5943)
+* Handle milestone webhook events for issues and PR (#5947) (#5955)
+* Show user who created the repository instead of the organization in action feed (#5948) (#5956)
+* Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
+* Fix bug when deleting a linked account will removed all (#5989) (#5990)
+* Fix empty ssh key importing in ldap (#5984) (#6009)
+* Fix metrics auth token detection (#6006) (#6017)
+* Create repository on organisation by default on its dashboard (#6026) (#6048)
+* Make sure labels are actually returned in API (#6053) (#6059)
+* Switch to more recent build of xgo (#6070) (#6072)
+* In basic auth check for tokens before call UserSignIn (#5725) (#6083)
+
+[1.9.3]
+* Update Gitea to 1.7.3
+* Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
+* Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
+* Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
+* Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
+* Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
+* Fix prohibit login check on authorization (#6106) (#6115)
+* Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
+* Fix deadlock in webhook PullRequest (#6102) (#6104)
+* Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
+* Fix compare button regression (#5929) (#6098)
+* Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)
+
+[1.9.4]
+* Update Gitea to 1.7.4
+* Fix potential XSS vulnerability in repository description. (#6306) (#6308)
+* Fix wrong release commit id (#6224) (#6300)
+* Fix panic on empty signed commits (#6292) (#6300)
+* Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
+* Fix displaying dashboard even if required to change password (#6214) (#6215)
+
+[1.9.5]
+* Update Gitea to 1.7.5
+* unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
+* ParsePatch function to work with quoted diff --git strings (#6323) (#6332)
+
+[1.9.6]
+* Update Gitea to 1.7.6
+* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
+* Allow resend of confirmation email when logged in (#6482) (#6487)
+
+[1.10.0]
+* Update Gitea to 1.8.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.8.0)
+* Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
+* Resolve 2FA bypass on API (#6676) (#6674)
+* Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
+* Expose issue stopwatch toggling via API (#5970)
+* Pull request conflict files detection (#5951)
+* Implement "conversation lock" for issue comments (#5073)
+* Feature: Archive repos (#5009)
+* Allow to set organization visibility (public, internal, private) (#1763)
+* Added URL mapping for Release attachments like on github.com (#1707)
+
+[1.10.1]
+* Update Gitea to 1.8.1
+
+[1.10.2]
+* Update Gitea to 1.8.2
+
+[1.11.0]
+* better custom app.ini integration
+* optional sso support
+
+[1.12.0]
+* Update Gitea to 1.8.3
+* Update manifest to v2
+
+[1.13.0]
+* Update Gitea to 1.9.0
+
+[1.13.1]
+* Update Gitea to 1.9.1
+
+[1.13.2]
+* Make sessions persist restarts
+
+[1.13.3]
+* Update Gitea to 1.9.2
+* Fix wrong sender when send slack webhook (#7918) (#7924)
+* Upload support text/plain; charset=utf8 (#7899)
+* Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
+* Fix non existent milestone with 500 error (#7867) (#7873)
+* SECURITY
+  * Fix No PGP signature on 1.9.1 tag (#7874)
+  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
+* ENHANCEMENT
+  * Fix pull creation with empty changes (#7920) (#7926)
+* BUILD
+  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)
+
+[1.13.4]
+* Update Gitea to 1.9.3
+* Fix go get from a private repository with Go 1.13 (#8100)
+* Strict name matching for Repository.GetTagID() (#8082)
+* Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
+* Add change title notification for issues (#8064)
+* Run CORS handler first for /api routes (#7967) (#8053)
+* Evaluate emojis in commit messages in list view (#8044)
+* Fix failed to synchronize tags to releases for repository (#7990) (#7994)
+* Fix adding default Telegram webhook (#7972) (#7992)
+* Abort synchronization from LDAP source if there is some error (#7965)
+* Fix deformed emoji in commit message (#8071)
+* Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)
+
+[1.13.5]
+* Update Gitea to 1.9.4
+* Highlight issue references (#8101) (#8404)
+* Fix bug when migrating a private repository #7917 (#8403)
+* Change general form binding to gogs form (#8334) (#8402)
+* Fix editor commit to new branch if PR disabled (#8375) (#8401)
+* Fix milestone num_issues (#8221) (#8400)
+* Allow users with explicit read access to give approvals (#8398)
+* Fix commit status in PR #8316 and PR #8321 (#8339)
+* Fix API for edit and delete release attachment (#8290)
+* Fix assets on release webhook (#8283)
+* Fix release API URL generation (#8239)
+* Allow registration when button is hidden (#8238)
+* MS Teams webhook misses commit messages (backport v1.9) (#8225)
+
+[1.13.6]
+* Update Gitea to 1.9.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.9.5)
+* Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
+* Fix milestone close timestamp (#8728) (#8731)
+* Fix deadline on update issue or PR via API (#8699)
+* Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
+* Fix 500 when getting user as unauthenticated user (#8653) (#8662)
+* Use AppSubUrl for more redirections (#8647) (#8652)
+* Add SubURL to redirect path (#8632) (#8634) (#8640)
+* Fix #8582 by handling empty repos (#8587) (#8593)
+* Fix bug on pull requests when transfer head repository (#8571)
+* Add missed close in ServeBlobLFS (#8527) (#8543)
+* Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
+* Create .ssh dir as necessary (#8369) (#8486) (#8489)
+* Restore functionality for early gits (#7775) (#8476)
+* Add check for empty set when dropping indexes during migration (#8475)
+* Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
+* Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
+* Ignore mentions for users with no access (#8395) (#8484)
+
+[1.14.0]
+* Update Gitea to 1.10.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.10.0)
+
+[1.14.1]
+* Update Gitea to 1.10.1
+* Fix max length check and limit in multiple repo forms (#9148) (#9204)
+* Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
+* Upgrade levelqueue to 0.1.0 (#9192) (#9199)
+* Fix panic when diff (#9187) (#9193)
+* Smtp logger configuration sendTos should be an array (#9154) (#9157)
+* Always Show Password Field on Link Account Sign-in Page (#9150)
+* Create PR on Current Repository by Default (#8670) (#9141)
+* Fix race on indexer (#9136) (#9139)
+* Fix reCAPTCHA URL (#9119)
+* Hide migrated credentials (#9098)
+* Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
+* Fix password checks on admin create/edit user (#9076) (#9081)
+* Fix add search as a reserved username (#9063) (#9065)
+* Fix permission checks for close/reopen from commit (#8875) (#9033)
+* Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
+* Fix broken link to branch from issue list (#9003) (#9021)
+* Fix wrong system notice when repository is empty (#9020)
+* Shadow password correctly for session config (#8984) (#9002)
+
+[1.14.2]
+* Update Gitea to 1.10.2
+* Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
+* Add ErrReactionAlreadyExist error (#9550) (#9564)
+* Fix bug when migrate from API (#8631) (#9563)
+* Use default avatar for ghost user (#9536) (#9537)
+* Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
+* Fix deleted branch not removed when push the branch again (#9516) (#9524)
+* Fix missing repository status when migrating repository via API (#9511)
+* Trigger webhook when deleting a branch after merging a PR (#9510)
+* Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
+* Fix NewCommitStatus (#9434) (#9435)
+* Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
+* Fix Slack webhook payload title generation to work with Mattermost (#9404)
+* DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
+* Fix issue indexer not triggered when migrating a repository (#9333)
+* Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
+* Fix migration releases (#9319) (#9326) (#9328)
+* Fix File Edit: Author/Committer interchanged (#9297) (#9300)
+
+[1.14.3]
+* Update Gitea to 1.10.3
+* Hide credentials when submitting migration (#9102) (#9704)
+* Never allow an empty password to validate (#9682) (#9684)
+* Prevent redirect to Host (#9678) (#9680)
+* Hide public repos owned by private orgs (#9609) (#9616)
+* Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
+* Fix download file wrong content-type (#9825) (#9835)
+* Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
+* Fix dump non-exist log directory (#9818) (#9820)
+* Fix compare (#9808) (#9815)
+* Fix missing msteam webhook on organization (#9781) (#9795)
+* Fix add team on collaborator page when same name as organization (#9783)
+* Fix cache problem on dashboard (#9358) (#9703)
+* Send tag create and push webhook when release created on UI (#8671) (#9702)
+* Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)
+
+[1.15.0]
+* Update Gitea to 1.11.0
+
+[1.15.1]
+* Update Gitea to 1.11.1
+* Repo name added to automatically generated commit message when merging (#9997) (#10285)
+* Fix Workerpool deadlock (#10283) (#10284)
+* Divide GetIssueStats query in smaller chunks (#10176) (#10282)
+* Fix reply on code review (#10257)
+* Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
+* Fix filter label emoji width (#10241) (#10244)
+* Fix issue sidebar menus having an infinite height (#10239) (#10240)
+* Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
+* Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
+* Blacklist manifest.json & milestones user (#10292) (#10293)
+
+[1.15.2]
+* Update Gitea to 1.11.2
+
+[1.15.3]
+* Update Gitea to 1.11.3
+
+[1.15.4]
+* Update Gitea to 1.11.4
+
+[1.16.0]
+* Update Gitea to [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5)
+* Update base image to 2.0.0
+
+[1.16.1]
+* Update Gitea to 1.11.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.11.6)
+* Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
+* Use session for retrieving org teams (#11438) (#11439)
+* Return json on 500 error from API (#11574) (#11660)
+* Fix wrong milestone in webhook message (#11596) (#11612)
+* Prevent (caught) panic on login (#11590) (#11598)
+* Fix commit page js error (#11527)
+
+[1.17.0]
+* Update Gitea to 1.12.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.0)
+
+[1.18.0]
+* Add forumUrl and update tags and screenshots
+
+[1.18.1]
+* Update Gitea to 1.12.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.2)
+
+[1.18.2]
+* Update Gitea to 1.12.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.3)
+* Don't change creation date when updating Release (#12343) (#12351)
+* Show 404 page when release not found (#12328) (#12332)
+* Fix emoji detection in certain cases (#12320) (#12327)
+* Reduce emoji size (#12317) (#12327)
+* Fix double-indirection bug in logging IDs (#12294) (#12308)
+* Link to pull list page on sidebar when view pr (#12256) (#12263)
+* Extend Notifications API and return pinned notifications by default (#12164) (#12232)
+
+[1.18.3]
+* Update Gitea to 1.12.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.4)
+* Escape provider name in oauth2 provider redirect (#12648) (#12650)
+* Escape Email on password reset page (#12610) (#12612)
+* When reading expired sessions - expire them (#12686) (#12690)
+* StaticRootPath configurable at compile time (#12371) (#12652)
+* Fix to show an issue that is related to a deleted issue (#12651) (#12692)
+* Expire time acknowledged for cache (#12605) (#12611)
+* Fix diff path unquoting (#12554) (#12575)
+* Improve HTML escaping helper (#12562)
+* models: break out of loop (#12386) (#12561)
+* Default empty merger list to those with write permissions (#12535) (#12560)
+* Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
+* Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
+* Remove hardcoded ES indexername (#12521) (#12526)
+* Fix bug preventing transfer to private organization (#12497) (#12501)
+* Keys should not verify revoked email addresses (#12486) (#12495)
+* Do not add prefix on http/https submodule links (#12477) (#12479)
+* Fix ignored login on compare (#12476) (#12478)
+* Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
+* Upgrade google/go-github to v32.1.0 (#12361) (#12390)
+* Render emoji's of Commit message on feed-page (#12373)
+* Fix handling of diff on unrelated branches when Git 2.28 used (#12370)
+
+[1.18.4]
+* Update Gitea to 1.12.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.5)
+* Allow U2F with default settings for gitea in subpath (#12990) (#13001)
+* Prevent empty div when editing comment (#12404) (#12991)
+* On mirror update also update address in DB (#12964) (#12967)
+* Allow extended config on cron settings (#12939) (#12943)
+* Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940)
+* Fix internal server error from ListUserOrgs API (#12910) (#12915)
+* Update only the repository columns that need updating (#12900) (#12912)
+* Fix panic when adding long comment (#12892) (#12894)
+* Add size limit for content of comment on action ui (#12881) (#12890)
+* Convert User expose ID each time (#12855) (#12883)
+* Support slashes in release tags (#12864) (#12882)
+* Add missing information to CreateRepo API endpoint (#12848) (#12867)
+* On Migration respect old DefaultBranch (#12843) (#12858)
+* Fix notifications page links (#12838) (#12853)
+* Stop cloning unnecessarily on PR update (#12839) (#12852)
+* Escape more things that are passed through str2html (#12622) (#12850)
+* Remove double escape on labels addition in comments (#12809) (#12810)
+* Fix "only mail on mention" bug (#12775) (#12789)
+* Fix yet another bug with diff file names (#12771) (#12776)
+* RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
+* Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
+
+[1.18.5]
+* Update Gitea to 1.12.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.12.6)
+* Prevent git operations for inactive users (#13527) (#13537)
+* Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525)
+* API should only return Json (#13511) (#13564)
+* Fix before and since query arguments at API (#13559) (#13560)
+* Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492)
+* Fix link detection in repository description with tailing '_' (#13407) (#13408)
+* Remove obsolete change of email on profile page (#13341) (#13348)
+* Fix permission check on get Reactions API endpoints (#13344) (#13346)
+* Add migrated pulls to pull request task queue (#13331) (#13335)
+* API deny wrong pull creation options (#13308) (#13327)
+* Fix initial commit page & binary munching problem (#13249) (#13259)
+* Fix diff parsing (#13157) (#13136) (#13139)
+* Return error 404 not 500 from API if team does not exist (#13118) (#13119)
+* Prohibit automatic downgrades (#13108) (#13111)
+* Fix GitLab Migration Option AuthToken (#13101)
+* GitLab Label Color Normalizer (#12793) (#13100)
+* Log the underlying panic in runMigrateTask (#13096) (#13098)
+* Fix attachments list in edit comment (#13036) (#13097)
+* Fix deadlock when deleting team user (#13093)
+* Fix error create comment on outdated file (#13041) (#13042)
+* Fix repository create/delete event webhooks (#13008) (#13027)
+* Fix internal server error on README in submodule (#13006) (#13016)
+
+[1.19.0]
+* Update Gitea to 1.13.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.0)
+
+[1.19.1]
+* Update Gitea to 1.13.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.13.1)
+* Security: Hide private participation in Orgs (#13994) (#14031)
+* Security: Fix escaping issue in diff (#14153) (#14154)
+
+[1.19.2]
+* Update Gitea to 1.13.2
+* Prevent panic on fuzzer provided string (#14405) (#14409)
+* Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
+* If release publisher is deleted use ghost user (#14375)
+* Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
+* Set the name Mapper in migrations (#14526) (#14529)
+* Fix wiki preview (#14515)
+* Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
+* ChangeUserName: rename user files back on DB issue (#14447)
+* Fix lfs preview bug (#14428) (#14433)
+* Ensure timeout error is shown on u2f timeout (#14417) (#14431)
+* Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
+* Use path not filepath in routers/editor (#14390) (#14396)
+* Check if label template exist first (#14384) (#14389)
+* Fix migration v141 (#14387) (#14388)
+* Use Request.URL.RequestURI() for fcgi (#14347)
+* Use ServerError provided by Context (#14333) (#14345)
+* Fix edit-label form init (#14337)
+* Fix mailIssueCommentBatch for pull request (#14252) (#14296)
+* Render links for commit hashes followed by comma (#14224) (#14227)
+* Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
+* Fix avatar bugs (#14217) (#14220)
+* Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
+* Fix dashboard issues labels filter bug (#14210) (#14214)
+* When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
+* Fix branch selector on new issue page (#14194) (#14207)
+* Check for notExist on profile repository page (#14197) (#14203)
+
+[1.20.0]
+* Use base image v3
+
+[1.20.1]
+* Update Gitea to 1.13.3
+* Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
+* Fix paging of file commit logs (#14831) (#14879)
+* Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
+* Fix display since time round (#14226) (#14873)
+* When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
+* Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
+* Fix a couple of CommentAsPatch issues. (#14804) (#14820)
+* Disable broken OAuth2 providers at startup (#14802) (#14811)
+* Repo Transfer permission checks (#14792) (#14794)
+* Fix double alert in oauth2 application edit view (#14764) (#14768)
+* Fix broken spans in diffs (#14678) (#14683)
+* Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
+* HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
+* Do not assume all 40 char strings are SHA1s (#14624) (#14648)
+* Allow org labels to be set with issue templates (#14593) (#14647)
+* Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
+* Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
+* Fix GPG key deletion during account deletion (#14561) (#14569)
+
+[1.20.2]
+* Update Gitea to 1.13.4
+* Fix issue popups (#14898) (#14899)
+* Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
+* Fix a couple of issues with a feeds (#14897) (#14903)
+* When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
+* Fix race in local storage (#14888) (#14901)
+* Fix 500 on pull view page if user is not loged in (#14885) (#14886)
+
+[1.20.3]
+* Update Gitea to 1.13.5
+* Update to goldmark 1.3.3 (#15059) (#15061)
+* Another clusterfuzz spotted issue (#15032) (#15034)
+* Fix set milestone on PR creation (#14981) (#15001)
+* Prevent panic when editing forked repos by API (#14960) (#14963)
+* Fix bug when upload on web (#15042) (#15055)
+* Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
+* Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
+* Fix several render issues (#14986) (#15013)
+* Make sure sibling images get a link too (#14979) (#14995)
+* Fix Anchor jumping with escaped query components (#14969) (#14977)
+* Fix release mail html template (#14976)
+* Fix excluding more than two labels on issues list (#14962) (#14973)
+* Don't mark each comment poster as OP (#14971) (#14972)
+* Add "captcha" to list of reserved usernames (#14930)
+* Re-enable import local paths after reversion from #13610 (#14925) (#14927)
+
+[1.20.4]
+* Update Gitea to 1.13.6
+* Fix bug on avatar middleware (#15124) (#15125)
+* Fix another clusterfuzz identified issue (#15096) (#15114)
+* Fix nil exeption for get pull reviews API #15104 (#15106)
+* Fix markdown rendering in milestone content (#15056) (#15092)
+
+[1.20.5]
+* Update Gitea to 1.13.7
+* Update to bluemonday-1.0.6 (#15294) (#15298)
+* Clusterfuzz found another way (#15160) (#15169)
+* Fix wrong user returned in API (#15139) (#15150)
+* Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
+* Speed up enry.IsVendor (#15213) (#15246)
+* Response 404 for diff/patch of a commit that not exist (#15221) (#15238)
+* Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201)
+* Add size to Save function (#15264) (#15271)
+
+[1.21.0]
+* Update Gitea to 1.14.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.0)
+
+[1.21.1]
+* Update Gitea to 1.14.1
+* Fix bug clone wiki (#15499) (#15502)
+* Github Migration ignore rate limit, if not enabled (#15490) (#15495)
+* Use subdir for URL (#15446) (#15493)
+* Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
+* Ensure review dismissal only dismisses the correct review (#15477) (#15489)
+* Use index of the supported tags to choose user lang (#15452) (#15488)
+* Fix wrong file link in code search page (#15466) (#15486)
+* Quick template fix for built-in SSH server in admin config (#15464) (#15481)
+* Prevent superfluous response.WriteHeader (#15456) (#15476)
+* Fix ambiguous argument error on tags (#15432) (#15474)
+* Add created_unix instead of expiry to migration (#15458) (#15463)
+* Fix repository search (#15428) (#15442)
+* Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
+* Fix wiki clone urls (#15430) (#15431)
+* Fix dingtalk icon url at webhook (#15417) (#15426)
+* Standardise icon on projects PR page (#15387) (#15408)
+* Add option to skip LFS/attachment files for dump (#15407) (#15492)
+* Clone panel fixes (#15436)
+* Use semantic dropdown for code search query type (#15276) (#15364)
+
+[1.21.2]
+* Update Gitea to 1.14.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.2)
+* Display conflict-free merge messages for pull requests (#15773) (#15796)
+* Exponential Backoff for ByteFIFO (#15724) (#15793)
+* Issue list alignment tweaks (#15483) (#15766)
+* Implement delete release attachments and update release attachments' name (#14130) (#15666)
+* Add placeholder text to deploy key textarea (#15575) (#15576)
+* Project board improvements (#15429) (#15560)
+* Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
+
+[1.21.3]
+* Update Gitea to 1.14.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.3)
+* Encrypt migration credentials at rest (#15895) (#16187)
+* Only check access tokens if they are likely to be tokens (#16164) (#16171)
+* Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
+* Fix setting of SameSite on cookies (#15989) (#15991)
+
+[1.21.4]
+* Update Gitea to 1.14.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.4)
+* Fix relative links in postprocessed images (#16334) (#16340)
+* Fix list_options GetStartEnd (#16303) (#16305)
+* Fix API to use author for commits instead of committer (#16276) (#16277)
+* Handle misencoding of login_source cfg in mssql (#16268) (#16275)
+* Fixed issues not updated by commits (#16254) (#16261)
+* Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
+* Use html.Parse rather than html.ParseFragment (#16223) (#16225)
+* Fix milestone counters on new issue (#16183) (#16224)
+* reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
+
+[1.21.5]
+* Update Gitea to 1.14.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.5)
+* Hide mirror passwords on repo settings page (#16022) (#16355)
+* Update bluemonday to v1.0.15 (#16379) (#16380)
+* Retry rename on lock induced failures (#16435) (#16439)
+* Validate issue index before querying DB (#16406) (#16410)
+* Fix crash following ldap authentication update (#16447) (#16449)
+* Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
+
+[1.21.6]
+* Update Gitea to 1.14.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.6)
+* SECURITY
+  * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
+  * Switch to maintained JWT lib (#16532) (#16535)
+  * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
+
+[1.22.0]
+* Update Gitea to 1.15.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.0)
+
+[1.22.1]
+* Update Gitea to 1.15.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.1)
+
+[1.22.2]
+* Update Gitea to 1.15.2
+* Add unique constraint back into issue_index (#16938)
+* Close storage objects before cleaning (#16934) (#16942)
+
+[1.22.3]
+* Update Gitea to 1.15.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.3)
+* Add fluid to ui container class to remove margin (#16396) (#16976)
+* Add caller to cat-file batch calls (#17082) (#17089)
+* Many bug fixes
+
+[1.22.4]
+* Update Gitea to 1.15.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.4)
+* Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
+* Don't allow merged PRs to be reopened (#17192) (#17271)
+* Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
+* Fix unwanted team review request deletion (#17257) (#17264)
+* Fix broken Activities link in team dashboard (#17255) (#17258)
+* API pull's head/base have correct permission(#17214) (#17245)
+* Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
+* Upgrade xorm to v1.2.5 (#17177) (#17188)
+* Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
+* Fix bug of get context user (#17169) (#17172)
+* Nicely handle missing user in collaborations (#17049) (#17166)
+* Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
+* Fix wrong i18n keys (#17150) (#17153)
+* Fix Archive Creation: correct transaction ending (#17151)
+* Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
+* Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
+
+[1.22.5]
+* Update Gitea to 1.15.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.5)
+* Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
+* Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
+* Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
+* Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
+* Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
+* Ensure popup text is aligned left (backport for 1.15) (#17343)
+* Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
+* Disable core.protectNTFS (#17300) (#17302)
+* Use pointer for wrappedConn methods (#17295) (#17296)
+* AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
+* Handle duplicate keys on GPG key ring (#17242) (#17284)
+* Fix SVG side by side comparison link (#17375) (#17391)
+
+[1.22.6]
+* Update Gitea to 1.15.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.6)
+* Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
+* Fix CSV render error (#17406) (#17431)
+* Read expected buffer size (#17409) (#17430)
+* Ensure that restricted users can access repos for which they are members (#17460) (#17464)
+* Make commit-statuses popup show correctly (#17447) (#17466)
+
+[1.23.0]
+* Update Gitea to 1.15.7
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.7)
+* Enable rendering of jupyter notebooks, rst, asciidoc by default
+* Only allow webhook to send requests to allowed hosts (#17482) (#17510)
+* Fix login redirection links (#17451) (#17473)
+
+[1.23.1]
+* Update Gitea to 1.15.8
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.8)
+* Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
+* Fix delete u2f keys bug (#18040) (#18042)
+* Reset Session ID on login (#18018) (#18041)
+* Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
+* Stop printing 03d after escaped characters in logs (#18030) (#18034)
+
+[1.23.2]
+* Update Gitea to 1.15.9
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.9)
+* Fix wrong redirect on org labels (#18128) (#18134)
+* Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
+* Revert "Fix delete u2f keys bug (#18042)" (#18107)
+* Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
+* Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
+* Reset locale on login (#17734) (#18100)
+* Correctly handle failed migrations (#17575) (#18099)
+* Instead of using routerCtx just escape the url before routing (#18086) (#18098)
+* Quote references to the user table in consistency checks (#18072) (#18073)
+* Add NotFound handler (#18062) (#18067)
+* Ensure that git repository is closed before transfer (#18049) (#18057)
+* Use common sessioner for API and web routes (#18114)
+
+[1.23.3]
+* Update Gitea to 1.15.10
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.10)
+* Fix inconsistent PR comment counts (#18260) (#18261)
+* Fix release link broken (#18252) (#18253)
+* Fix update user from site administration page bug (#18250) (#18251)
+* Set HeadCommit when creating tags (#18116) (#18173)
+* Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
+* Fix purple color in suggested label colors (#18241) (#18242)
+* Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
+
+[1.23.4]
+* Update Gitea to 1.16.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.0)
+
+[1.23.5]
+* Update Gitea to 1.16.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.1)
+* Update JS dependencies, fix lint (#18389) (#18540)
+* Add dropdown icon to label set template dropdown (#18564) (#18571)
+* Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
+* Stop logging an error when notes are not found (#18626) (#18635)
+* Ensure that blob-excerpt links work for wiki (#18587) (#18624)
+* Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
+
+[1.23.6]
+* Update Gitea to 1.16.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.2)
+* Show fullname on issue edits and gpg/ssh signing info (#18828)
+* Immediately Hammer if second kill is sent (#18823) (#18826)
+* Allow mermaid render error to wrap (#18791)
+
+[1.23.7]
+* Update Gitea to 1.16.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.3)
+
+[1.23.8]
+* Update Gitea to 1.16.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.4)
+* Restrict email address validation (#17688) (#19085)
+* Fix lfs bug (#19072) (#19080)
+
+[1.23.9]
+* Update Gitea to 1.16.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.5)
+* Prevent redirect to Host (2) (#19175) (#19186)
+* Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
+* Clean paths when looking in Storage (#19124) (#19179)
+* Do not send notification emails to inactive users (#19131) (#19139)
+* Do not send activation email if manual confirm is set (#19119) (#19122)
+
+[1.23.10]
+* Update Gitea to 1.16.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.6)
+
+[1.23.11]
+* Update Gitea to 1.16.7
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.7)
+* Escape git fetch remote (#19487) (#19490)
+* On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
+* Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
+* Don't error when branch's commit doesn't exist (#19547) (#19548)
+* Support hostname:port to pass host matcher's check (#19543) (#19544)
+* Prevent dangling archiver goroutine (#19516) (#19526)
+* Fix migrate release from github (#19510) (#19523)
+* When view _Siderbar or _Footer, just display once (#19501) (#19522)
+* Fix blame page select range error and some typos (#19503)
+* Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
+* User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
+* Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
+* RepoAssignment ensure to close before overwrite (#19449) (#19460)
+* Set correct PR status on 3way on conflict checking (#19457) (#19458)
+* Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
+
+[1.23.12]
+* Update Gitea to 1.16.8
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.8)
+* Add doctor check/fix for bogus action rows (#19656) (#19669)
+* Make .cs highlighting legible on dark themes (#19604) (#19605)
+* Delete user related oauth stuff on user deletion too (#19677) (#19680)
+* Fix new release from tags list UI (#19670) (#19673)
+* Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
+

CloudronManifest.json

@@ -4,9 +4,11 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.8.2",
-  "healthCheckPath": "/healthcheck",
+  "version": "1.23.12",
+  "upstreamVersion": "1.16.8",
+  "healthCheckPath": "/explore",
   "httpPort": 3000,
+  "memoryLimit": 536870912,
   "addons": {
     "mysql": { },
     "sendmail": { },
@@ -20,20 +22,22 @@
       "defaultValue": 29418
     }
   },
-  "manifestVersion": 1,
+  "manifestVersion": 2,
   "website": "https://gitea.io",
   "contactEmail": "apps@cloudron.io",
   "icon": "file://logo.png",
+  "optionalSso": true,
   "mediaLinks": [
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/1.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/2.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/3.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/4.png",
-    "https://s3.amazonaws.com/cloudron-app-screenshots/io.gitea.cloudronapp/f89a2ab8d49094c80589f69a2d60bef63b2dbb62/5.png"
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/1.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/2.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/3.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/4.png",
+    "https://screenshots.cloudron.io/io.gitea.cloudronapp/5.png"
   ],
-  "tags": [ "version control", "git", "code hosting", "development" ],
+  "tags": [ "version control", "git", "code hosting", "development", "github", "bitbucket", "gitlab" ],
   "changelog": "file://CHANGELOG",
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "1.10.0",
-  "documentationUrl": "https://cloudron.io/documentation/apps/gitea/"
+  "minBoxVersion": "7.1.2",
+  "forumUrl": "https://forum.cloudron.io/category/19/gitea",
+  "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
 }

DESCRIPTION.md

@@ -1,5 +1,3 @@
-This app packages Gitea <upstream>1.6.2</upstream>
-
 Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 
 ### Purpose

Dockerfile

@@ -1,9 +1,10 @@
-FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
 
 RUN apt-get update && \
-    apt-get install -y openssh-server git && \
+    apt-get install -y openssh-server git asciidoctor pandoc && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
+RUN pip3 install jupyter
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
@@ -13,7 +14,11 @@ RUN adduser --disabled-login --gecos 'Gitea' git
 RUN passwd -d git
 
 RUN mkdir -p /home/git/gitea
-RUN curl -L https://dl.gitea.io/gitea/1.6.2/gitea-1.6.2-linux-amd64 -o /home/git/gitea/gitea \
+WORKDIR /home/git
+
+ARG VERSION=1.16.8
+
+RUN curl -L https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 
 # setup config paths

POSTINSTALL.md

@@ -1,12 +1,8 @@
-This app integrates with the Cloudron SSO. Admins on Cloudron automatically
-become admins on Gitea.
+This app is pre-setup with an admin account (use the `Local` authentication source for logging in as admin).
+The initial credentials are:
 
-If you want to disable Cloudron SSO, do the following:
+**Username**: root<br/>
+**Password**: changeme<br/>
 
-* Admin Panel -> Authentication -> 'cloudron' -> Uncheck 'This authentication is activated'
-* Admin Panel -> Users -> Change Authentication Source to 'Local' and also give a password
-
-You can edit `/app/data/app.ini` and add any custom configuration. See the 
-[configuration cheat sheet](https://docs.gitea.io/en-us/config-cheat-sheet)
-for more information.
+Please change the admin password immediately.
 

app.ini.template

@@ -95,3 +95,32 @@ PATH =
 [indexer]
 ; this setting is protected and can't be modified
 ISSUE_INDEXER_PATH = /app/data/appdata/indexers/issues.bleve
+
+[session]
+PROVIDER = file
+PROVIDER_CONFIG = /run/gitea/sessions
+COOKIE_SECURE = true
+COOKIE_NAME = cloudron_gitea
+GC_INTERVAL_TIME = 2592000
+
+[markup.asciidoc]
+ENABLED = true
+FILE_EXTENSIONS = .adoc,.asciidoc
+RENDER_COMMAND = "asciidoctor -s -a showtitle --out-file=- -"
+; Input is not a standard input but a file
+IS_INPUT_FILE = false
+
+[markup.restructuredtext]
+ENABLED = true
+FILE_EXTENSIONS = .rst
+RENDER_COMMAND = "timeout 30s pandoc +RTS -M512M -RTS -f rst"
+IS_INPUT_FILE = false
+
+[markup.jupyter]
+ENABLED = true
+FILE_EXTENSIONS = .ipynb
+RENDER_COMMAND = "jupyter nbconvert --stdin --stdout --to html --template basic"
+IS_INPUT_FILE = false
+
+[markup.sanitizer.jupyter.img]
+ALLOW_DATA_URI_IMAGES = true

sshd_config

@@ -5,6 +5,7 @@
 Port 29418
 # Use these options to restrict which interfaces/protocols sshd will bind to
 ListenAddress 0.0.0.0
+ListenAddress ::
 Protocol 2
 # HostKeys for protocol version 2
 HostKey /app/data/sshd/ssh_host_rsa_key

start.sh

@@ -2,32 +2,63 @@
 
 set -eu -o pipefail
 
-mkdir -p /run/gitea/tmp/uploads /run/sshd
+mkdir -p /run/gitea/tmp/uploads /run/sshd /run/gitea/sessions
 
 setup_ldap_source() {
     set -eu
 
-    # Wait for gitea to finish db setup, before we insert ldap source in db
-    while ! curl --fail http://localhost:3000/healthcheck; do
-        echo "Waiting for gitea to come up"
-        sleep 1
-    done
+    echo "==> Setup LDAP source"
+
+    # Get the existing LDAP source status. This allows the user to disable LDAP
+    # Note that this method is deprecated since this app now supports optionalSso
+    ldap_status=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "select is_active from login_source WHERE name='cloudron';")
+    [[ -z "${ldap_status}" ]] && ldap_status="1"
 
     now=$(date +%s)
 
-    # Get the existing LDAP source status. This allows the user to disable LDAP
-    ldap_status=$(mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" -N -B -e "select is_actived from login_source WHERE name='cloudron';")
-    [[ -z "${ldap_status}" ]] && ldap_status="1"
-
-    if mysql -u"${MYSQL_USERNAME}" -p"${MYSQL_PASSWORD}" -h mysql --database="${MYSQL_DATABASE}" \
-        -e "REPLACE INTO login_source (id, type, name, is_actived, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${LDAP_SERVER}\",\"Port\":${LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${LDAP_BIND_DN}\",\"BindPassword\":\"${LDAP_BIND_PASSWORD}\",\"UserBase\":\"${LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\",\"AdminFilter\":\"(memberof=cn=admins,${LDAP_GROUPS_BASE_DN})\"}','${now}','${now}');"; then
-        echo "LDAP Authentication was setup with status ${ldap_status}"
+    if mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" \
+        -e "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${CLOUDRON_LDAP_SERVER}\",\"Port\":${CLOUDRON_LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${CLOUDRON_LDAP_BIND_DN}\",\"BindPassword\":\"${CLOUDRON_LDAP_BIND_PASSWORD}\",\"UserBase\":\"${CLOUDRON_LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\"}','${now}','${now}');"; then
+        echo "==> LDAP Authentication was setup with activation status ${ldap_status}"
     else
-        echo "Failed to setup LDAP authentication"
+        echo "==> Failed to setup LDAP authentication"
         exit 1
     fi
 }
 
+setup_root_user() {
+    set -eu
+
+    if sudo -H -u git /home/git/gitea/gitea admin user create --username root --password changeme --email test@cloudron.io --admin -c /run/gitea/app.ini; then
+        echo "==> root user added"
+    else
+        echo "==> Failed to add root user"
+        exit 1
+    fi
+}
+
+setup_auth() {
+    set -eu
+
+    # Wait for gitea to finish db setup, before we do any db operations
+    while ! curl --fail http://localhost:3000/explore; do
+        echo "==> Waiting for gitea to come up"
+        sleep 1
+    done
+
+    echo "==> Gitea is up, setting up auth"
+
+    if [[ -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
+        setup_ldap_source
+    fi
+
+    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user;")
+    # be careful, not to create root user for existing LDAP based installs
+    if [[ "${user_count}" == "0" ]]; then
+        echo "==> Setting up root user for first run"
+        setup_root_user
+    fi
+}
+
 # SSH_PORT can be unset to disable SSH
 disable_ssh="false"
 if [[ -z "${SSH_PORT:-}" ]]; then
@@ -52,30 +83,26 @@ chmod 0644 /app/data/sshd/*.pub
 
 sed -e "s/^Port .*/Port ${SSH_PORT}/" /etc/ssh/sshd_config > /run/gitea/sshd_config
 
-cp /home/git/app.ini.template "/run/gitea/app.ini"
+if [[ ! -f /app/data/app.ini ]]; then
+    echo -e "; Add customizations here - https://docs.gitea.io/en-us/config-cheat-sheet/" > /app/data/app.ini
 
-# create default user config file
-if ! [ -f /app/data/app.ini ]; then
-    cp /home/git/app.ini.template /app/data/app.ini
-fi
-
-if [ "$(crudini --get /app/data/app.ini security SECRET_KEY)" == "##SECRET_KEY" ]; then
-    echo "Generating new SECRET_KEY"
+    echo "==> Generating new SECRET_KEY"
     crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
 fi
 
 # merge user config file
+cp /home/git/app.ini.template "/run/gitea/app.ini"
 crudini --merge "/run/gitea/app.ini" < "/app/data/app.ini"
 
 # override important values
 crudini --set "/run/gitea/app.ini" database DB_TYPE mysql
-crudini --set "/run/gitea/app.ini" database HOST "${MYSQL_HOST}:${MYSQL_PORT}"
-crudini --set "/run/gitea/app.ini" database NAME "${MYSQL_DATABASE}"
-crudini --set "/run/gitea/app.ini" database USER "${MYSQL_USERNAME}"
-crudini --set "/run/gitea/app.ini" database PASSWD "${MYSQL_PASSWORD}"
+crudini --set "/run/gitea/app.ini" database HOST "${CLOUDRON_MYSQL_HOST}:${CLOUDRON_MYSQL_PORT}"
+crudini --set "/run/gitea/app.ini" database NAME "${CLOUDRON_MYSQL_DATABASE}"
+crudini --set "/run/gitea/app.ini" database USER "${CLOUDRON_MYSQL_USERNAME}"
+crudini --set "/run/gitea/app.ini" database PASSWD "${CLOUDRON_MYSQL_PASSWORD}"
 crudini --set "/run/gitea/app.ini" database SSL_MODE "disable"
 crudini --set "/run/gitea/app.ini" server PROTOCOL "http"
-crudini --set "/run/gitea/app.ini" server DOMAIN "${APP_DOMAIN}"
+crudini --set "/run/gitea/app.ini" server DOMAIN "${CLOUDRON_APP_DOMAIN}"
 crudini --set "/run/gitea/app.ini" server ROOT_URL "https://%(DOMAIN)s/"
 crudini --set "/run/gitea/app.ini" server HTTP_ADDR ""
 crudini --set "/run/gitea/app.ini" server HTTP_PORT "3000"
@@ -84,21 +111,22 @@ crudini --set "/run/gitea/app.ini" server SSH_PORT "${SSH_PORT}"
 crudini --set "/run/gitea/app.ini" server APP_DATA_PATH "/app/data/appdata"
 crudini --set "/run/gitea/app.ini" repository ROOT "/app/data/repository"
 crudini --set "/run/gitea/app.ini" repository.upload TEMP_PATH "/run/gitea/tmp/uploads"
-crudini --set "/run/gitea/app.ini" mailer HOST "${MAIL_SMTP_SERVER}:${MAIL_SMTPS_PORT}"
-crudini --set "/run/gitea/app.ini" mailer USER "${MAIL_SMTP_USERNAME}"
-crudini --set "/run/gitea/app.ini" mailer PASSWD "${MAIL_SMTP_PASSWORD}"
-crudini --set "/run/gitea/app.ini" mailer FROM "${MAIL_FROM}"
+crudini --set "/run/gitea/app.ini" mailer HOST "${CLOUDRON_MAIL_SMTP_SERVER}:${CLOUDRON_MAIL_SMTPS_PORT}"
+crudini --set "/run/gitea/app.ini" mailer USER "${CLOUDRON_MAIL_SMTP_USERNAME}"
+crudini --set "/run/gitea/app.ini" mailer PASSWD "${CLOUDRON_MAIL_SMTP_PASSWORD}"
+crudini --set "/run/gitea/app.ini" mailer FROM "${CLOUDRON_MAIL_FROM}"
 crudini --set "/run/gitea/app.ini" mailer SKIP_VERIFY "true"
 crudini --set "/run/gitea/app.ini" security INSTALL_LOCK "true"
 crudini --set "/run/gitea/app.ini" log MODE "console"
 crudini --set "/run/gitea/app.ini" log ROOT_PATH "/run/gitea"
 crudini --set "/run/gitea/app.ini" indexer ISSUE_INDEXER_PATH "/app/data/appdata/indexers/issues.bleve"
 
+echo "==> Creating dirs and changing permissions"
 mkdir -p /app/data/repository /app/data/ssh /app/data/custom
-
 chown -R git:git /app/data /run/gitea
 
-( setup_ldap_source ) &
+# this expects app.ini to be available
+( setup_auth ) &
 
 exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gitea
 

test/package.json

@@ -8,18 +8,12 @@
   },
   "author": "",
   "license": "ISC",
-  "devDependencies": {
-    "ejs": "^2.3.4",
-    "expect.js": "^0.3.1",
-    "mkdirp": "^0.5.1",
-    "mocha": "^2.3.4",
-    "rimraf": "^2.4.4",
-    "superagent": "^1.4.0"
-  },
   "dependencies": {
-    "chromedriver": "^2.38.2",
-    "selenium-server-standalone-jar": "^3.3.1",
-    "selenium-webdriver": "^3.3.0",
-    "superagent": "^1.8.5"
+    "chromedriver": "^101.0.0",
+    "expect.js": "^0.3.1",
+    "mocha": "^10.0.0",
+    "rimraf": "^3.0.2",
+    "selenium-webdriver": "^4.1.2",
+    "superagent": "^7.1.3"
   }
 }

test/test.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 
-/* jslint node:true */
+/* jshint esversion: 8 */
 /* global it:false */
 /* global xit:false */
 /* global describe:false */
@@ -11,307 +11,179 @@
 
 require('chromedriver');
 
-var execSync = require('child_process').execSync,
-    ejs = require('ejs'),
+const execSync = require('child_process').execSync,
     expect = require('expect.js'),
     fs = require('fs'),
-    mkdirp = require('mkdirp'),
     path = require('path'),
-    rimraf = require('rimraf'),
     superagent = require('superagent'),
-    webdriver = require('selenium-webdriver');
+    { Builder, By, until } = require('selenium-webdriver'),
+    { Options } = require('selenium-webdriver/chrome');
 
-var by = require('selenium-webdriver').By,
-    until = require('selenium-webdriver').until,
-    Builder = require('selenium-webdriver').Builder;
-
-process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
+if (!process.env.USERNAME || !process.env.PASSWORD || !process.env.EMAIL) {
+    console.log('USERNAME, PASSWORD and EMAIL env vars need to be set');
+    process.exit(1);
+}
 
 describe('Application life cycle test', function () {
     this.timeout(0);
-    var server, browser = new Builder().forBrowser('chrome').build();
+
+    var TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
+    var EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
     var LOCATION = 'test';
     var SSH_PORT = 29420;
+
+    var app;
+    var browser;
+
     var repodir = '/tmp/testrepo';
-    var app, reponame = 'testrepo';
+    var reponame = 'testrepo';
+
     var username = process.env.USERNAME;
     var password = process.env.PASSWORD;
-    var TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
-    var email, token;
+    var email = process.env.EMAIL;
 
-    before(function (done) {
-        if (!process.env.USERNAME) return done(new Error('USERNAME env var not set'));
-        if (!process.env.PASSWORD) return done(new Error('PASSWORD env var not set'));
-
-        var seleniumJar= require('selenium-server-standalone-jar');
-        var SeleniumServer = require('selenium-webdriver/remote').SeleniumServer;
-        server = new SeleniumServer(seleniumJar.path, { port: 4444 });
-        server.start();
-
-        done();
+    before(function () {
+        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
     });
 
-    after(function (done) {
+    after(function () {
         browser.quit();
-        server.stop();
-        rimraf.sync(repodir);
-        done();
+        fs.rmSync(repodir, { recursive: true, force: true });
     });
 
-    function waitForUrl(url, done) {
-        browser.wait(function () {
-            return browser.getCurrentUrl().then(function (currentUrl) {
-                return currentUrl === url;
-            });
-        }, TIMEOUT).then(function () { done(); });
-    }
-
     function getAppInfo() {
         var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
         expect(app).to.be.an('object');
     }
 
-    function setAvatarOld(done) {
-        browser.get('https://' + app.fqdn + '/user/settings/avatar').then(function () {
-            return browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Update Avatar Setting")]')).click();
-        }).then(function () {
-            if (app.manifest.version === '1.0.3') {
-                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"updated successfully")]')), TIMEOUT);
-            } else {
-                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"Your avatar setting has been updated.")]')), TIMEOUT);
-            }
-        }).then(function () {
-            done();
-        });
+    function sleep(millis) {
+        return new Promise(resolve => setTimeout(resolve, millis));
     }
 
-    function setAvatar(done) {
-        if (app.manifest.version === '1.5.4') return setAvatarOld(done);
+    async function setAvatar() {
+        await browser.get('https://' + app.fqdn + '/user/settings');
 
-        browser.get('https://' + app.fqdn + '/user/settings').then(function () {
-            var button = browser.findElement(by.xpath('//label[contains(text(), "Use Custom Avatar")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        }).then(function () {
-            return browser.findElement(by.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
-        }).then(function () {
-            return browser.findElement(by.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Update Avatar")]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+        var button = await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
+        await browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
+        await browser.findElement(By.xpath('//button[contains(text(), "Update Avatar")]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
     }
 
-    function checkAvatar(done) {
-return done();
-        superagent.get('https://' + app.fqdn + '/avatars/a3e6f3316fc1738e29d621e6a26e93d3').end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.statusCode).to.be(200);
-            done();
-        });
+    async function checkAvatar() {
+        await browser.get(`https://${app.fqdn}/${username}`);
+
+        var avatarSrc = await browser.findElement(By.xpath('//a[@id="profile-avatar"]/img')).getAttribute('src');
+
+        var avatar = await superagent.get(avatarSrc);
+        expect(avatar.statusCode).to.equal(200);
     }
 
-    function editFile(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame + '/_edit/master/newfile').then(function () {
-            var cm = browser.findElement(by.xpath('//div[contains(@class,"CodeMirror")]'));
-            var text = 'yo';
-            return browser.executeScript('arguments[0].CodeMirror.setValue("' + text + '");', cm);
-        }).then(function () {
-            return browser.findElement(by.xpath('//input[@name="commit_summary"]')).sendKeys('Dummy edit');
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Commit Changes")]')).click();
-        }).then(function () {
-            waitForUrl('https://' + app.fqdn + '/' + username + '/' + reponame + '/src/branch/master/newfile', done);
-        });
+    async function login(username, password) {
+        await browser.get('https://' + app.fqdn + '/user/login');
+
+        await browser.findElement(By.id('user_name')).sendKeys(username);
+        await browser.findElement(By.id('password')).sendKeys(password);
+        await browser.findElement(By.xpath('//form[@action="/user/login"]//button')).click();
+        await browser.wait(until.elementLocated(By.xpath('//img[contains(@class, "avatar")]')), TIMEOUT);
     }
 
-    function login(done) {
-        browser.get('https://' + app.fqdn + '/user/login').then(function () {
-            return browser.findElement(by.id('user_name')).sendKeys(username);
-        }).then(function () {
-            return browser.findElement(by.id('password')).sendKeys(password);
-        }).then(function () {
-            return browser.findElement(by.tagName('form')).submit();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.linkText('Dashboard')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function adminLogin() {
+        await login('root', 'changeme');
     }
 
-    function addPublicKey(done) {
+    async function logout() {
+        await browser.get('https://' + app.fqdn);
+
+        await browser.findElement(By.xpath('//img[contains(@class, "avatar")]')).click();
+        await sleep(2000);
+        await browser.findElement(By.xpath('//a[@data-url="/user/logout"]')).click();
+        await sleep(2000);
+    }
+
+    async function addPublicKey() {
         var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
 
         const sshPage = 'https://' + app.fqdn + '/user/settings/keys';
 
-        browser.get(sshPage).then(function () {
-            return browser.findElement(by.xpath('//div[text()="Add Key"]')).click();
-        }).then(function () {
-            return browser.findElement(by.id('ssh-key-title')).sendKeys('testkey');
-        }).then(function () {
-            return browser.findElement(by.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
-        }).then(function () {
-            var button = browser.findElement(by.xpath('//button[contains(text(), "Add Key")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Add Key")]')).click();
-        }).then(function () {
-            if (app.manifest.version === '1.0.3') {
-                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "added successfully!")]')), TIMEOUT);
-            } else {
-                return browser.wait(until.elementLocated(by.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
-            }
-        }).then(function () {
-            done();
-        });
+        await browser.get(sshPage);
+
+        await browser.wait(until.elementLocated(By.id('add-ssh-button')), TIMEOUT);
+        await browser.findElement(By.id('add-ssh-button')).click();
+        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
+        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//button[contains(text(), "Add Key")]')).click();
+
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
     }
 
-    function createRepo(done) {
-        var getRepoPage;
-        if (app.manifest.version === '1.0.3') {
-            getRepoPage = browser.get('https://' + app.fqdn).then(function () {
-                return browser.findElement(by.linkText('New Repository')).click();
-            }).then(function () {
-                return browser.wait(until.elementLocated(by.xpath('//*[contains(text(), "New Repository")]')), TIMEOUT);
+    async function createRepo() {
+        var getRepoPage = await browser.get('https://' + app.fqdn + '/repo/create');
+
+        await browser.findElement(By.id('repo_name')).sendKeys(reponame);
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.id('auto-init')).click();
+        await browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]')).click();
+
+        await browser.wait(function () {
+            return browser.getCurrentUrl().then(function (url) {
+                return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
             });
-        } else {
-            getRepoPage = browser.get('https://' + app.fqdn + '/repo/create');
-        }
-
-        getRepoPage.then(function () {
-            return browser.findElement(by.id('repo_name')).sendKeys(reponame);
-        }).then(function () {
-            var button = browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        }).then(function () {
-            return browser.findElement(by.id('auto-init')).click();
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[contains(text(), "Create Repository")]')).click();
-        }).then(function () {
-            browser.wait(function () {
-                return browser.getCurrentUrl().then(function (url) {
-                    return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
-                });
-            }, TIMEOUT);
-        }).then(function () {
-            done();
-        });
+        }, TIMEOUT);
     }
 
-    function checkCloneUrl(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame).then(function () {
-            return browser.findElement(by.id('repo-clone-ssh')).click();
-        }).then(function () {
-            return browser.findElement(by.id('repo-clone-url')).getAttribute('value');
-        }).then(function (cloneUrl) {
-            expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
-            done();
-        });
+    async function checkCloneUrl() {
+        await browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
+        await browser.findElement(By.id('repo-clone-ssh')).click();
+
+        var cloneUrl = await browser.findElement(By.id('repo-clone-url')).getAttribute('value');
+        expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
     }
 
-    function cloneRepo(done) {
-        rimraf.sync(repodir);
+    function cloneRepo() {
+        fs.rmSync(repodir, { recursive: true, force: true });
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
         execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
-        done();
     }
 
-    function pushFile(done) {
+    function pushFile() {
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
         execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} master`,
                  { env: env, cwd: repodir });
-        rimraf.sync('/tmp/testrepo');
-        done();
-    }
-
-    function addCustomFile(done) {
-        fs.writeFileSync('/tmp/customfile.txt', 'GOGS TEST', 'utf8');
-        execSync(`cloudron exec --app ${app.id} -- mkdir -p /app/data/custom/public`);
-        execSync(`cloudron push --app ${app.id} /tmp/customfile.txt /app/data/custom/public/customfile.txt`);
-        fs.unlinkSync('/tmp/customfile.txt');
-        done();
-    }
-
-    function checkCustomFile(done) {
-        superagent.get('https://' + app.fqdn + '/customfile.txt').end(function (error, result) {
-            if (error) return done(error);
-
-            expect(result.text).to.contain('GOGS TEST');
-            done();
-        });
+        fs.rmSync(repodir, { recursive: true, force: true });
     }
 
     function fileExists() {
         expect(fs.existsSync(repodir + '/newfile')).to.be(true);
     }
 
-    function sendMail(done) {
-        browser.get(`https://${app.fqdn}/admin/config`).then(function () {
-            var button = browser.findElement(by.xpath('//button[@id="test-mail-btn"]'));
-            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        }).then(function () {
-            return browser.findElement(by.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
-        }).then(function () {
-            return browser.findElement(by.xpath('//button[@id="test-mail-btn"]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function sendMail() {
+        await browser.get(`https://${app.fqdn}/admin/config`);
+
+        var button = await browser.findElement(By.xpath('//button[@id="test-mail-btn"]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
+        await browser.findElement(By.xpath('//button[@id="test-mail-btn"]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
     }
 
-    xit('build app', function () {
-        execSync('cloudron build', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-
-    it('can login', function (done) {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        superagent.post(`https://${inspect.apiEndpoint}/api/v1/developer/login`).send({
-            username: username,
-            password: password
-        }).end(function (error, result) {
-            if (error) return done(error);
-            if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
-
-            token = result.body.accessToken;
-
-            superagent.get(`https://${inspect.apiEndpoint}/api/v1/profile`)
-                .query({ access_token: token }).end(function (error, result) {
-                if (error) return done(error);
-                if (result.statusCode !== 200) return done(new Error('Get profile failed with status ' + result.statusCode));
-
-                email = result.body.email;
-                done();
-            });
-        });
-    });
-
-    it('install app', function () {
-        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
+    it('install app', function () { execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
-    it('can get the main page', function (done) {
-        superagent.get('https://' + app.fqdn).end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.status).to.eql(200);
 
-            done();
-        });
-    });
-
-    it('can login', login);
+    it('can admin login', adminLogin);
     it('can send mail', sendMail);
+    it('can logout', logout);
+
+    it('can login', login.bind(null, username, password));
     it('can set avatar', setAvatar);
     it('can get avatar', checkAvatar);
 
@@ -324,87 +196,60 @@ return done();
     it('can clone the url', cloneRepo);
 
     it('can add and push a file', pushFile);
-    it('can edit file', editFile);
 
-    it('can add custom file', addCustomFile);
-    it('can check custom file', checkCustomFile);
+    it('can restart app', function () { execSync('cloudron restart  --app ' + app.id); });
 
-    it('can restart app', function (done) {
-        execSync('cloudron restart --wait --app ' + app.id);
-        done();
-    });
-
-    it('can login', login);
+    xit('can login', login.bind(null, username, password)); // no need to relogin since session persists
     it('displays correct clone url', checkCloneUrl);
     it('can clone the url', cloneRepo);
     it('file exists in repo', fileExists);
 
-    it('backup app', function () {
-        execSync('cloudron backup create --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
+    it('restore app', function () { execSync('cloudron restore --app ' + app.id, EXEC_ARGS); });
 
-    it('restore app', function () {
-        execSync('cloudron restore --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-
-    it('can login', login);
+    it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
     it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('move to different location', function (done) {
+    it('move to different location', async function () {
         //browser.manage().deleteAllCookies(); // commented because of error "'Network.deleteCookie' wasn't found"
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron configure --wait --location ' + LOCATION + '2 --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-            var inspect = JSON.parse(execSync('cloudron inspect'));
-            app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-            expect(app).to.be.an('object');
+        await browser.get('about:blank');
 
-            done();
-        });
+        execSync('cloudron configure --location ' + LOCATION + '2 --app ' + app.id, EXEC_ARGS);
     });
+    it('can get app information', getAppInfo);
 
-    it('can login', login);
+    it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
     it('displays correct clone url', checkCloneUrl);
     it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('uninstall app', function (done) {
+    it('uninstall app', async function () {
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-            done();
-        });
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 
-    // check if the _first_ login via email succeeds
-    it('can login via email', function (done) {
-        execSync(`cloudron install --new --wait --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
+    // No SSO
+    it('install app (no sso)', function () { execSync(`cloudron install --no-sso --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        expect(app).to.be.an('object');
+    it('can get app information', getAppInfo);
+    it('can admin login (no sso)', adminLogin);
+    it('can logout', logout);
 
-        login(function (error) {
-            if (error) return done(error);
-
-            // ensure we don't hit NXDOMAIN in the mean time
-            browser.get('about:blank').then(function () {
-                execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-                done();
-            });
-        });
+    it('uninstall app (no sso)', async function () {
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 
     // test update
-    it('can install app', function () {
-        execSync(`cloudron install --new --wait --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('can install app', function () { execSync(`cloudron install --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
-    it('can login', login);
+    it('can login', login.bind(null, username, password));
     it('can set avatar', setAvatar);
     it('can get avatar', checkAvatar);
     it('can add public key', addPublicKey);
@@ -412,21 +257,20 @@ return done();
     it('can clone the url', cloneRepo);
     it('can add and push a file', pushFile);
 
-    it('can update', function () {
-        execSync('cloudron install --wait --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('can update', function () { execSync('cloudron update --app ' + app.id, EXEC_ARGS); });
 
-    it('can login', login);
-    it('can send mail', sendMail);
+    xit('can admin login', adminLogin);
+    xit('can send mail', sendMail);
+    xit('can logout', logout);
+
+    it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
     it('can clone the url', cloneRepo);
     it('file exists in cloned repo', fileExists);
 
-    it('uninstall app', function (done) {
+    it('uninstall app', async function () {
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-            done();
-        });
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 });