feat: HTTPS deploy keys#37306
Conversation
GiteaBot
added
the
lgtm/need 2
silverwind
added
the
type/feature
There was a problem hiding this comment.
Pull request overview
This PR adds “HTTPS deploy keys” (per-repository bearer tokens usable as the Basic Auth password) to enable Git clone/push over HTTPS without SSH keys, addressing #2051.
Changes:
- Adds a new
HTTPSDeployKeymodel + DB migration and fixtures. - Implements creation/deletion UI and routes in repo settings, with flash-based one-time token display.
- Extends Basic auth + git HTTP handling to authenticate and authorize Git operations using these tokens, plus adds integration/model/router tests.
Reviewed changes
Copilot reviewed 17 out of 17 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/integration/https_deploy_key_test.go | End-to-end git HTTP auth behavior tests for read/write/cross-repo/invalid token cases |
| templates/repo/settings/deploy_keys.tmpl | Adds HTTPS deploy keys section to repo settings UI |
| services/forms/repo_form.go | Adds form binding/validation for creating HTTPS deploy keys |
| services/auth/basic.go | Adds HTTPS deploy token verification to Basic auth flow |
| routers/web/web.go | Wires new settings routes for create/delete HTTPS deploy keys |
| routers/web/repo/setting/settings_test.go | Tests create/delete flow from settings handlers |
| routers/web/repo/setting/deploy_key.go | Loads HTTPS keys for display and implements create/delete handlers |
| routers/web/repo/githttp.go | Enforces repo binding + mode restrictions for deploy-token-authenticated git HTTP requests |
| options/locale/locale_en-US.json | Adds English UI strings for HTTPS deploy keys |
| models/migrations/v1_26/v331.go / v331_test.go | Adds + tests migration creating https_deploy_key table |
| models/migrations/migrations.go | Registers migration 331 |
| models/fixtures/https_deploy_key.yml | Adds empty fixture placeholder for HTTPS deploy keys |
| models/asymkey/main_test.go | Includes new fixture in asymkey test suite |
| models/asymkey/https_deploy_key.go / _test.go | Implements token generation/storage/verification + unit tests |
| models/asymkey/error.go | Adds HTTPS deploy key error types |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Make sure to "Resolve" all addressed Copilot comments, ideally with a comment. |
seems like it is a bot so I don't think we will ever have a discussion here |
I do not intend to hide the nature of the code, but this is a feature I think many people, including myself, would like to see implemented, for an issue that is almost 9 years old. I am open to human discussions. |
|
Would be interesting what @wxiaoguang says |
ToastyTheBot
force-pushed
the
feat/https-deploy-keys
branch
from
7becad6 to
527a6ef
Compare
|
Please have a look at contributing |
This PR is still a draft. |
Fixes #2051