as per review

Signed-off-by: Andrew Thornton <art27@cantab.net>

Author: zeripath

modules/migration/release.go

@@ -26,8 +26,8 @@ type ReleaseAsset struct {
 
 // Release represents a release
 type Release struct {
-	TagName         string `yaml:"tag_name"`         // SECURITY: This must pass git.IsValidGitReference
-	TargetCommitish string `yaml:"target_commitish"` // SECURITY: This must pass git.IsValidGitReference
+	TagName         string `yaml:"tag_name"`         // SECURITY: This must pass git.IsValidRefPattern
+	TargetCommitish string `yaml:"target_commitish"` // SECURITY: This must pass git.IsValidRefPattern
 	Name            string
 	Body            string
 	Draft           bool

routers/api/v1/repo/commits.go

@@ -52,7 +52,7 @@ func GetSingleCommit(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	sha := ctx.Params(":sha")
-	if !git.IsValidRefPattern(sha) && !git.IsValidSHAPattern(sha) {
+	if !git.IsValidRefPattern(sha) {
 		ctx.Error(http.StatusUnprocessableEntity, "no valid ref or sha", fmt.Sprintf("no valid ref or sha: %s", sha))
 		return
 	}

routers/api/v1/repo/notes.go

@@ -46,7 +46,7 @@ func GetNote(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	sha := ctx.Params(":sha")
-	if !git.IsValidRefPattern(sha) && !git.IsValidSHAPattern(sha) {
+	if !git.IsValidRefPattern(sha) {
 		ctx.Error(http.StatusUnprocessableEntity, "no valid ref or sha", fmt.Sprintf("no valid ref or sha: %s", sha))
 		return
 	}

services/migrations/codebase.go

@@ -107,9 +107,24 @@ func NewCodebaseDownloader(ctx context.Context, projectURL *url.URL, project, re
 		commitMap: make(map[string]string),
 	}
 
+	log.Trace("Create Codebase downloader. BaseURL: %s Project: %s RepoName: %s", baseURL, project, repoName)
 	return downloader
 }
 
+// String implements Stringer
+func (g *CodebaseDownloader) String() string {
+	return fmt.Sprintf("migration from codebase server %s %s/%s", g.baseURL, g.project, g.repoName)
+}
+
+// ColorFormat provides a basic color format for a GogsDownloader
+func (g *CodebaseDownloader) ColorFormat(s fmt.State) {
+	if g == nil {
+		log.ColorFprintf(s, "<nil: CodebaseDownloader>")
+		return
+	}
+	log.ColorFprintf(s, "migration from codebase server %s %s/%s", g.baseURL, g.project, g.repoName)
+}
+
 // FormatCloneURL add authentication into remote URLs
 func (d *CodebaseDownloader) FormatCloneURL(opts base.MigrateOptions, remoteAddr string) (string, error) {
 	return opts.CloneAddr, nil

services/migrations/common.go

@@ -29,7 +29,7 @@ func hasBaseURL(toCheck, baseURL string) bool {
 	return strings.HasPrefix(toCheck, baseURL)
 }
 
-// CheckAndEnsureSafePR will check that a give PR is safe
+// CheckAndEnsureSafePR will check that a given PR is safe to download
 func CheckAndEnsureSafePR(pr *base.PullRequest, commonCloneBaseURL string, g base.Downloader) bool {
 	valid := true
 	// SECURITY: the patchURL must be checked to have the same baseURL as the current to prevent open redirect

services/migrations/dump.go

@@ -388,28 +388,29 @@ func (g *RepositoryDumper) createItems(dir string, itemFiles map[int64]*os.File,
 	}
 
 	for number, items := range itemsMap {
-		var err error
-		itemFile := itemFiles[number]
-		if itemFile == nil {
-			itemFile, err = os.Create(filepath.Join(dir, fmt.Sprintf("%d.yml", number)))
-			if err != nil {
-				return err
-			}
-			itemFiles[number] = itemFile
-		}
-
-		encoder := yaml.NewEncoder(itemFile)
-		if err := encoder.Encode(items); err != nil {
-			_ = encoder.Close()
+		if err := g.encodeItems(number, items, dir, itemFiles); err != nil {
 			return err
 		}
+	}
+
+	return nil
+}
 
-		if err := encoder.Close(); err != nil {
+func (g *RepositoryDumper) encodeItems(number int64, items []interface{}, dir string, itemFiles map[int64]*os.File) error {
+	itemFile := itemFiles[number]
+	if itemFile == nil {
+		var err error
+		itemFile, err = os.Create(filepath.Join(dir, fmt.Sprintf("%d.yml", number)))
+		if err != nil {
 			return err
 		}
+		itemFiles[number] = itemFile
 	}
 
-	return nil
+	encoder := yaml.NewEncoder(itemFile)
+	defer encoder.Close()
+
+	return encoder.Encode(items)
 }
 
 // CreateComments creates comments of issues
@@ -445,7 +446,7 @@ func (g *RepositoryDumper) handlePullRequest(pr *base.PullRequest) error {
 
 		// SECURITY: We will assume that the pr.PatchURL has been checked
 		// pr.PatchURL maybe a local file - but note EnsureSafe should be asserting that this safe
-		resp, err := http.Get(u)
+		resp, err := http.Get(u) // TODO: This probably needs to use the downloader as there may be rate limiting issues here
 		if err != nil {
 			return err
 		}
@@ -559,8 +560,12 @@ func (g *RepositoryDumper) handlePullRequest(pr *base.PullRequest) error {
 		_, _, err = git.NewCommand(g.ctx, "fetch", "--no-tags", "--", remote, fetchArg).RunStdString(&git.RunOpts{Dir: g.gitPath()})
 		if err != nil {
 			log.Error("Fetch branch from %s failed: %v", pr.Head.CloneURL, err)
+			// We need to continue here so that the Head.Ref is reset and we attempt to set the gitref for the PR
+			// (This last step will likely fail but we should try to do as much as we can.)
+		} else {
+			// Cache the localRef as the Head.Ref - if we've failed we can always try again.
+			g.prHeadCache[pr.Head.CloneURL+":"+pr.Head.Ref] = localRef
 		}
-		g.prHeadCache[pr.Head.CloneURL+":"+pr.Head.Ref] = localRef
 	}
 
 	// Set the pr.Head.Ref to the localRef
@@ -575,9 +580,11 @@ func (g *RepositoryDumper) handlePullRequest(pr *base.PullRequest) error {
 		}
 		pr.Head.SHA = headSha
 	}
-	_, _, err = git.NewCommand(g.ctx, "update-ref", "--no-deref", pr.GetGitRefName(), pr.Head.SHA).RunStdString(&git.RunOpts{Dir: g.gitPath()})
-	if err != nil {
-		log.Error("unable to set %s as the local head for PR #%d from %s in %s/%s. Error: %v", pr.Head.SHA, pr.Number, pr.Head.Ref, g.repoOwner, g.repoName, err)
+	if pr.Head.SHA != "" {
+		_, _, err = git.NewCommand(g.ctx, "update-ref", "--no-deref", pr.GetGitRefName(), pr.Head.SHA).RunStdString(&git.RunOpts{Dir: g.gitPath()})
+		if err != nil {
+			log.Error("unable to set %s as the local head for PR #%d from %s in %s/%s. Error: %v", pr.Head.SHA, pr.Number, pr.Head.Ref, g.repoOwner, g.repoName, err)
+		}
 	}
 
 	return nil

services/migrations/gitbucket.go

@@ -39,6 +39,7 @@ func (f *GitBucketDownloaderFactory) New(ctx context.Context, opts base.MigrateO
 	oldOwner := fields[1]
 	oldName := strings.TrimSuffix(fields[2], ".git")
 
+	log.Trace("Create GitBucket downloader. BaseURL: %s RepoOwner: %s RepoName: %s", baseURL, oldOwner, oldName)
 	return NewGitBucketDownloader(ctx, baseURL, opts.AuthUsername, opts.AuthPassword, opts.AuthToken, oldOwner, oldName), nil
 }
 
@@ -55,7 +56,7 @@ type GitBucketDownloader struct {
 
 // String implements Stringer
 func (g *GitBucketDownloader) String() string {
-	return fmt.Sprintf("migration from gitbucket server as %s/%s", g.repoOwner, g.repoName)
+	return fmt.Sprintf("migration from gitbucket server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // ColorFormat provides a basic color format for a GitBucketDownloader
@@ -64,7 +65,7 @@ func (g *GitBucketDownloader) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: GitBucketDownloader>")
 		return
 	}
-	log.ColorFprintf(s, "migration from gitbucket server as %s/%s", g.repoOwner, g.repoName)
+	log.ColorFprintf(s, "migration from gitbucket server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // NewGitBucketDownloader creates a GitBucket downloader

services/migrations/gitea_downloader.go

@@ -132,7 +132,7 @@ func (g *GiteaDownloader) SetContext(ctx context.Context) {
 
 // String implements Stringer
 func (g *GiteaDownloader) String() string {
-	return fmt.Sprintf("migration from gitea server as %s/%s", g.repoOwner, g.repoName)
+	return fmt.Sprintf("migration from gitea server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // ColorFormat provides a basic color format for a GiteaDownloader
@@ -141,7 +141,7 @@ func (g *GiteaDownloader) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: GiteaDownloader>")
 		return
 	}
-	log.ColorFprintf(s, "migration from gitea server as %s/%s", g.repoOwner, g.repoName)
+	log.ColorFprintf(s, "migration from gitea server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // GetRepoInfo returns a repository information

services/migrations/gitea_uploader.go

@@ -700,7 +700,7 @@ func (g *GiteaLocalUploader) newPullRequest(pr *base.PullRequest) (*issues_model
 				log.Error("Cannot determine the merge base for PR #%d in %s/%s. Error: %v", pr.Number, g.repoOwner, g.repoName, err)
 			}
 		} else {
-			log.Error("Cannot determine the merge base for PR #%d in %s/%s. Not enough information", pr.Number, g.repoOwner, g.repoName, err)
+			log.Error("Cannot determine the merge base for PR #%d in %s/%s. Not enough information", pr.Number, g.repoOwner, g.repoName)
 		}
 	}
 

services/migrations/github.go

@@ -51,7 +51,7 @@ func (f *GithubDownloaderV3Factory) New(ctx context.Context, opts base.MigrateOp
 	oldOwner := fields[1]
 	oldName := strings.TrimSuffix(fields[2], ".git")
 
-	log.Trace("Create github downloader: %s/%s", oldOwner, oldName)
+	log.Trace("Create github downloader BaseURL: %s %s/%s", baseURL, oldOwner, oldName)
 
 	return NewGithubDownloaderV3(ctx, baseURL, opts.AuthUsername, opts.AuthPassword, opts.AuthToken, oldOwner, oldName), nil
 }
@@ -122,7 +122,7 @@ func NewGithubDownloaderV3(ctx context.Context, baseURL, userName, password, tok
 
 // String implements Stringer
 func (g *GithubDownloaderV3) String() string {
-	return fmt.Sprintf("migration from github server as %s/%s", g.repoOwner, g.repoName)
+	return fmt.Sprintf("migration from github server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // ColorFormat provides a basic color format for a GithubDownloader
@@ -131,7 +131,7 @@ func (g *GithubDownloaderV3) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: GithubDownloaderV3>")
 		return
 	}
-	log.ColorFprintf(s, "migration from github server as %s/%s", g.repoOwner, g.repoName)
+	log.ColorFprintf(s, "migration from github server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 func (g *GithubDownloaderV3) addClient(client *http.Client, baseURL string) {
@@ -370,7 +370,7 @@ func (g *GithubDownloaderV3) convertGithubRelease(rel *github.RepositoryRelease)
 				resp, err := httpClient.Do(req)
 				err1 := g.RefreshRate()
 				if err1 != nil {
-					log.Error("g.getClient().RateLimits: %s", err1)
+					log.Error("g.RefreshRate(): %s", err1)
 				}
 				if err != nil {
 					return nil, err

services/migrations/gitlab.go

@@ -135,7 +135,7 @@ func NewGitlabDownloader(ctx context.Context, baseURL, repoPath, username, passw
 
 // String implements Stringer
 func (g *GitlabDownloader) String() string {
-	return fmt.Sprintf("migration from gitlab server as [%d]/%s", g.repoID, g.repoName)
+	return fmt.Sprintf("migration from gitlab server %s [%d]/%s", g.baseURL, g.repoID, g.repoName)
 }
 
 // ColorFormat provides a basic color format for a GitlabDownloader
@@ -144,7 +144,7 @@ func (g *GitlabDownloader) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: GitlabDownloader>")
 		return
 	}
-	log.ColorFprintf(s, "migration from gitlab server as [%d]/%s", g.repoID, g.repoName)
+	log.ColorFprintf(s, "migration from gitlab server %s [%d]/%s", g.baseURL, g.repoID, g.repoName)
 }
 
 // SetContext set context

services/migrations/gogs.go

@@ -75,7 +75,7 @@ type GogsDownloader struct {
 
 // String implements Stringer
 func (g *GogsDownloader) String() string {
-	return fmt.Sprintf("migration from gogs server as %s/%s", g.repoOwner, g.repoName)
+	return fmt.Sprintf("migration from gogs server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // ColorFormat provides a basic color format for a GogsDownloader
@@ -84,7 +84,7 @@ func (g *GogsDownloader) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: GogsDownloader>")
 		return
 	}
-	log.ColorFprintf(s, "migration from gogs server as %s/%s", g.repoOwner, g.repoName)
+	log.ColorFprintf(s, "migration from gogs server %s %s/%s", g.baseURL, g.repoOwner, g.repoName)
 }
 
 // SetContext set context

services/migrations/onedev.go

@@ -112,7 +112,7 @@ func NewOneDevDownloader(ctx context.Context, baseURL *url.URL, username, passwo
 
 // String implements Stringer
 func (d *OneDevDownloader) String() string {
-	return fmt.Sprintf("migration from oneDev server as [%d]/%s", d.repoID, d.repoName)
+	return fmt.Sprintf("migration from oneDev server %s [%d]/%s", d.baseURL, d.repoID, d.repoName)
 }
 
 // ColorFormat provides a basic color format for a OneDevDownloader
@@ -121,7 +121,7 @@ func (d *OneDevDownloader) ColorFormat(s fmt.State) {
 		log.ColorFprintf(s, "<nil: OneDevDownloader>")
 		return
 	}
-	log.ColorFprintf(s, "migration from oneDev server as [%d]/%s", d.repoID, d.repoName)
+	log.ColorFprintf(s, "migration from oneDev server %s [%d]/%s", d.baseURL, d.repoID, d.repoName)
 }
 
 func (d *OneDevDownloader) callAPI(endpoint string, parameter map[string]string, result interface{}) error {