git-eca-rest-api
NOTE
This project was migrated to Eclipse Gitlab on October 14, 2021.
This project uses Quarkus, the Supersonic Subatomic Java Framework.
If you want to learn more about Quarkus, please visit its website: https://quarkus.io/ .
About validation
What is a valid commit?
To be considered a valid commit, the following set of rules are checked against all commits that are submitted to this service. If any fail and the commit is related to a project, the service returns a message indicating the commit is not suitable for submission along with messages as hints.
- All users that commit or author changes within a project within the Eclipse space must have a signed ECA, and therefore, Eclipse accounts.
- The one exception to this rule is registered bot users, as they cannot sign an ECA.
- Users covered by an MCCA are also covered, as it is considered an equivalent document in the eyes of contribution access.
- Requests made to non-project repositories by default will be allowed to pass with warnings to enable ECA validation to be run across a system with projects or repositories not directly managed by the Eclipse Foundation, such as forks or supporting projects (#26).
- Within the API, a request can be made under 'strict mode' to enforce contribution guidelines within repositories not covered by an active project (#43).
While these rules apply to all project repositories, any non-project repositories will also be checked. The messages indicate the failures as warnings to the consuming service (like Gitlab or Gerrit) unless 'strict mode' is enabled for the service. Whether or not a repository is tracked (or if it is a project repository) is determined by its presence as a repository directly linked to an active project within the PMI, as reported by the Projects API.
Submitting applications for existing bots
To submit requests for existing bots to be registered within our API (such as dependabot), please see the Project Bots API repository and create an issue.
Enabling commit hook in GitLab
To enable the Git hook that makes use of this service, a running GitLab instance will be needed with shell access. This instruction set assumes that the running GitLab instance runs using the Omnibus set up rather than the source. For the differences in process, please see the GitLab custom hook administration instructions. Once obtained, the following steps can be used to start or update the hook.
-
Access the GitLab server shell, and create a folder at
/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/
if it doesn't already exist. This folder will contain all of the servers global Git hooks for pre-receive events. These hooks trigger when a user attempts to push information to the server. -
In the host machine, copy the ECA script to the newly created folder. If using a docker container, this can be done with a call similar to the following:
docker cp src/main/rb/eca.rb gitlab.eca_web_1:/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive.d/
-
In the GitLab shell once again, ensure that the newly copied script matches the folders ownership, and that the file permissions are
755
. This allows the server to properly run the hook when needed.
Application setup and operation
Setting up the application for local use
Pre-requisites:
- Make
- Maven
- Java 11 >
- Eclipse Account API credentials
- Running MariaDB instance
- In MariaDB instance, create a new database called
git-eca
as that is what is configured out of the box. The table definitions for the database can be found under./config/mariadb/init.sql
. - Run
make pre-setup
. This command will setup a basic .env file, using some basic variables used in Eclipse development to accelerate the generation of secret files. - Inside the .env file, update the
GIT_ECA_MARIADB_*
properties to reflect the connection settings for the MariaDB instance and the credentials needed to access the DB created in step 1. - Set the Eclipse Account API credentials into the
GIT_ECA_OAUTH_*
settings. This will be used to enable searching and retrieval of EF accounts by email addresses, as well as be able to read those normally hidden values. - Run
make setup
to finish the setup process for this API, generating the secret file under./config/application/secret.properties
. This file can be moved, so long as theCONFIG_SECRET_PATH
in the.env
file is updated. - Run
make compile-start
to build and start the server.
Running the application in dev mode
You can run your application in dev mode that enables live coding using:
make dev-start
Packaging and running the application
The application is packageable using ./mvnw package
.
It produces the executable git-eca-rest-api-0.0.1-runner.jar
file in /target
directory.
Be aware that it’s not an über-jar as the dependencies are copied into the target/lib
directory.
The application is now runnable using java -jar target/git-eca-rest-api-0.0.1-runner.jar
.