[v12.0/forgejo] fix: add .forgejo/CODEOWNERS support (#8746) (#8790)

**Backport:** https://codeberg.org/forgejo/forgejo/pulls/8773 Currently, the docs mention that a CODEOWNERS file can be located in .forgejo for code owner PR review assignment, but this does not work. Add support for this location. This fixes #8746. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.  ## Release notes  - Bug fixes - [PR](https://codeberg.org/forgejo/forgejo/pulls/8790): fix: add .forgejo/CODEOWNERS support (#8746)  Co-authored-by: John Moon <john.moon@vts-i.com> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8790 Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
2025-08-29 21:53:53 +00:00 · 2025-08-07 14:29:03 +02:00 · 2025-08-07 14:29:03 +02:00 · 2d3f44d03b
commit 2d3f44d03b
parent f77d499545
3 changed files with 159 additions and 142 deletions
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@ -438,7 +438,7 @@ func renderFile(ctx *context.Context, entry *git.TreeEntry) {
 		if workFlowErr != nil {
 			ctx.Data["FileError"] = ctx.Locale.Tr("actions.runs.invalid_workflow_helper", workFlowErr.Error())
 		}
-	} else if slices.Contains([]string{"CODEOWNERS", "docs/CODEOWNERS", ".gitea/CODEOWNERS"}, ctx.Repo.TreePath) {
+	} else if slices.Contains([]string{"CODEOWNERS", "docs/CODEOWNERS", ".gitea/CODEOWNERS", ".forgejo/CODEOWNERS"}, ctx.Repo.TreePath) {
 		if rc, size, err := blob.NewTruncatedReader(setting.UI.MaxDisplayFileSize); err == nil {
 			_, warnings := issue_model.GetCodeOwnersFromReader(ctx, rc, size > setting.UI.MaxDisplayFileSize)
 			if len(warnings) > 0 {
--- a/services/issue/pull.go
+++ b/services/issue/pull.go
@ -71,7 +71,7 @@ func PullRequestCodeOwnersReview(ctx context.Context, issue *issues_model.Issue,
 	}
 	var rules []*issues_model.CodeOwnerRule
-	for _, file := range []string{"CODEOWNERS", "docs/CODEOWNERS", ".gitea/CODEOWNERS"} {
+	for _, file := range []string{"CODEOWNERS", "docs/CODEOWNERS", ".gitea/CODEOWNERS", ".forgejo/CODEOWNERS"} {
 		if blob, err := commit.GetBlobByPath(file); err == nil {
 			rc, size, err := blob.NewTruncatedReader(setting.UI.MaxDisplayFileSize)
 			if err == nil {
--- a/tests/integration/codeowner_test.go
+++ b/tests/integration/codeowner_test.go
@ -26,175 +26,192 @@ import (
 	"github.com/stretchr/testify/require"
 )
-func TestCodeOwner(t *testing.T) {
+func CodeOwnerTestCommon(t *testing.T, u *url.URL, codeownerTest CodeownerTest) {
-	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-		// Create the repo.
+	// Create the repo.
-		repo, _, f := tests.CreateDeclarativeRepo(t, user2, "",
+	repo, _, f := tests.CreateDeclarativeRepo(t, user2, codeownerTest.Name,
-			[]unit_model.Type{unit_model.TypePullRequests}, nil,
+		[]unit_model.Type{unit_model.TypePullRequests}, nil,
-			[]*files_service.ChangeRepoFile{
+		[]*files_service.ChangeRepoFile{
-				{
+			{
-					Operation:     "create",
+				Operation:     "create",
-					TreePath:      "CODEOWNERS",
+				TreePath:      codeownerTest.Path,
-					ContentReader: strings.NewReader("README.md @user5\ntest-file @user4"),
+				ContentReader: strings.NewReader("README.md @user5\ntest-file @user4"),
 				},
 			},
-		)
+		},
-		defer f()
+	)
 	defer f()
-		dstPath := t.TempDir()
+	dstPath := t.TempDir()
-		r := fmt.Sprintf("%suser2/%s.git", u.String(), repo.Name)
+	r := fmt.Sprintf("%suser2/%s.git", u.String(), repo.Name)
-		cloneURL, _ := url.Parse(r)
+	cloneURL, _ := url.Parse(r)
-		cloneURL.User = url.UserPassword("user2", userPassword)
+	cloneURL.User = url.UserPassword("user2", userPassword)
-		require.NoError(t, git.CloneWithArgs(t.Context(), nil, cloneURL.String(), dstPath, git.CloneRepoOptions{}))
+	require.NoError(t, git.CloneWithArgs(t.Context(), nil, cloneURL.String(), dstPath, git.CloneRepoOptions{}))
-		t.Run("Normal", func(t *testing.T) {
+	t.Run("Normal", func(t *testing.T) {
-			defer tests.PrintCurrentTest(t)()
+		defer tests.PrintCurrentTest(t)()
-			err := os.WriteFile(path.Join(dstPath, "README.md"), []byte("## test content"), 0o666)
+		err := os.WriteFile(path.Join(dstPath, "README.md"), []byte("## test content"), 0o666)
-			require.NoError(t, err)
+		require.NoError(t, err)
-			err = git.AddChanges(dstPath, true)
+		err = git.AddChanges(dstPath, true)
-			require.NoError(t, err)
+		require.NoError(t, err)
-			err = git.CommitChanges(dstPath, git.CommitChangesOptions{
+		err = git.CommitChanges(dstPath, git.CommitChangesOptions{
-				Committer: &git.Signature{
+			Committer: &git.Signature{
-					Email: "user2@example.com",
+				Email: "user2@example.com",
-					Name:  "user2",
+				Name:  "user2",
-					When:  time.Now(),
+				When:  time.Now(),
-				},
+			},
-				Author: &git.Signature{
+			Author: &git.Signature{
-					Email: "user2@example.com",
+				Email: "user2@example.com",
-					Name:  "user2",
+				Name:  "user2",
-					When:  time.Now(),
+				When:  time.Now(),
-				},
+			},
-				Message: "Add README.",
+			Message: "Add README.",
 			})
 			require.NoError(t, err)
 			err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-normal").Run(&git.RunOpts{Dir: dstPath})
 			require.NoError(t, err)
 			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-normal"})
 			unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 		})
 		require.NoError(t, err)
-		t.Run("Forked repository", func(t *testing.T) {
+		err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-normal").Run(&git.RunOpts{Dir: dstPath})
-			defer tests.PrintCurrentTest(t)()
+		require.NoError(t, err)
-			session := loginUser(t, "user1")
+		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-normal"})
-			testRepoFork(t, session, user2.Name, repo.Name, "user1", "repo1")
+		unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 	})
-			repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user1", Name: "repo1"})
+	t.Run("Forked repository", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
-			r := fmt.Sprintf("%suser1/repo1.git", u.String())
+		session := loginUser(t, "user1")
-			remoteURL, _ := url.Parse(r)
+		testRepoFork(t, session, user2.Name, repo.Name, "user1", codeownerTest.Name)
 			remoteURL.User = url.UserPassword("user2", userPassword)
 			doGitAddRemote(dstPath, "forked", remoteURL)(t)
-			err := git.NewCommand(git.DefaultContext, "push", "forked", "HEAD:refs/for/main", "-o", "topic=codeowner-forked").Run(&git.RunOpts{Dir: dstPath})
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user1", Name: codeownerTest.Name})
 			require.NoError(t, err)
-			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-forked"})
+		r := fmt.Sprintf("%suser1/%s.git", u.String(), codeownerTest.Name)
-			unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
+		remoteURL, _ := url.Parse(r)
 		remoteURL.User = url.UserPassword("user2", userPassword)
 		doGitAddRemote(dstPath, "forked", remoteURL)(t)
 		err := git.NewCommand(git.DefaultContext, "push", "forked", "HEAD:refs/for/main", "-o", "topic=codeowner-forked").Run(&git.RunOpts{Dir: dstPath})
 		require.NoError(t, err)
 		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-forked"})
 		unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 	})
 	t.Run("Out of date", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 		// Push the changes made from the previous subtest.
 		require.NoError(t, git.NewCommand(git.DefaultContext, "push", "origin").Run(&git.RunOpts{Dir: dstPath}))
 		// Reset the tree to the previous commit.
 		require.NoError(t, git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath}))
 		err := os.WriteFile(path.Join(dstPath, "test-file"), []byte("## test content"), 0o666)
 		require.NoError(t, err)
 		err = git.AddChanges(dstPath, true)
 		require.NoError(t, err)
 		err = git.CommitChanges(dstPath, git.CommitChangesOptions{
 			Committer: &git.Signature{
 				Email: "user2@example.com",
 				Name:  "user2",
 				When:  time.Now(),
 			},
 			Author: &git.Signature{
 				Email: "user2@example.com",
 				Name:  "user2",
 				When:  time.Now(),
 			},
 			Message: "Add test-file.",
 		})
 		require.NoError(t, err)
-		t.Run("Out of date", func(t *testing.T) {
+		err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-out-of-date").Run(&git.RunOpts{Dir: dstPath})
-			defer tests.PrintCurrentTest(t)()
+		require.NoError(t, err)
-			// Push the changes made from the previous subtest.
+		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-out-of-date"})
-			require.NoError(t, git.NewCommand(git.DefaultContext, "push", "origin").Run(&git.RunOpts{Dir: dstPath}))
+		unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 4})
 		unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 	})
 	t.Run("From a forked repository", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
-			// Reset the tree to the previous commit.
+		session := loginUser(t, "user1")
 			require.NoError(t, git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath}))
-			err := os.WriteFile(path.Join(dstPath, "test-file"), []byte("## test content"), 0o666)
+		r := fmt.Sprintf("%suser1/%s.git", u.String(), codeownerTest.Name)
-			require.NoError(t, err)
+		remoteURL, _ := url.Parse(r)
 		remoteURL.User = url.UserPassword("user1", userPassword)
 		doGitAddRemote(dstPath, "forked-2", remoteURL)(t)
-			err = git.AddChanges(dstPath, true)
+		err := git.NewCommand(git.DefaultContext, "push", "forked-2", "HEAD:branch").Run(&git.RunOpts{Dir: dstPath})
-			require.NoError(t, err)
+		require.NoError(t, err)
-			err = git.CommitChanges(dstPath, git.CommitChangesOptions{
+		req := NewRequestWithValues(t, "POST", repo.FullName()+"/compare/main...user1/"+codeownerTest.Name+":branch", map[string]string{
-				Committer: &git.Signature{
+			"_csrf": GetCSRF(t, session, repo.FullName()+"/compare/main...user1/"+codeownerTest.Name+":branch"),
-					Email: "user2@example.com",
+			"title": "pull request",
 					Name:  "user2",
 					When:  time.Now(),
 				},
 				Author: &git.Signature{
 					Email: "user2@example.com",
 					Name:  "user2",
 					When:  time.Now(),
 				},
 				Message: "Add test-file.",
 			})
 			require.NoError(t, err)
 			err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-out-of-date").Run(&git.RunOpts{Dir: dstPath})
 			require.NoError(t, err)
 			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-out-of-date"})
 			unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 4})
 			unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 		})
-		t.Run("From a forked repository", func(t *testing.T) {
+		session.MakeRequest(t, req, http.StatusOK)
 			defer tests.PrintCurrentTest(t)()
-			session := loginUser(t, "user1")
+		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "branch"})
 		unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 4})
 	})
-			r := fmt.Sprintf("%suser1/repo1.git", u.String())
+	t.Run("Codeowner user with no permission", func(t *testing.T) {
-			remoteURL, _ := url.Parse(r)
+		defer tests.PrintCurrentTest(t)()
 			remoteURL.User = url.UserPassword("user1", userPassword)
 			doGitAddRemote(dstPath, "forked-2", remoteURL)(t)
-			err := git.NewCommand(git.DefaultContext, "push", "forked-2", "HEAD:branch").Run(&git.RunOpts{Dir: dstPath})
+		// Make repository private, only user2 (owner of repository) has now access to this repository.
-			require.NoError(t, err)
+		repo.IsPrivate = true
 		_, err := db.GetEngine(db.DefaultContext).Cols("is_private").Update(repo)
 		require.NoError(t, err)
-			req := NewRequestWithValues(t, "POST", repo.FullName()+"/compare/main...user1/repo1:branch", map[string]string{
+		err = os.WriteFile(path.Join(dstPath, "README.md"), []byte("## very sensitive info"), 0o666)
-				"_csrf": GetCSRF(t, session, repo.FullName()+"/compare/main...user1/repo1:branch"),
+		require.NoError(t, err)
 				"title": "pull request",
 			})
 			session.MakeRequest(t, req, http.StatusOK)
-			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "branch"})
+		err = git.AddChanges(dstPath, true)
-			unittest.AssertExistsIf(t, true, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 4})
+		require.NoError(t, err)
 		err = git.CommitChanges(dstPath, git.CommitChangesOptions{
 			Committer: &git.Signature{
 				Email: "user2@example.com",
 				Name:  "user2",
 				When:  time.Now(),
 			},
 			Author: &git.Signature{
 				Email: "user2@example.com",
 				Name:  "user2",
 				When:  time.Now(),
 			},
 			Message: "Add secrets to the README.",
 		})
 		require.NoError(t, err)
-		t.Run("Codeowner user with no permission", func(t *testing.T) {
+		err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-private").Run(&git.RunOpts{Dir: dstPath})
-			defer tests.PrintCurrentTest(t)()
+		require.NoError(t, err)
-			// Make repository private, only user2 (owner of repository) has now access to this repository.
+		// In CODEOWNERS file the codeowner for README.md is user5, but does not have access to this private repository.
-			repo.IsPrivate = true
+		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-private"})
-			_, err := db.GetEngine(db.DefaultContext).Cols("is_private").Update(repo)
+		unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
-			require.NoError(t, err)
+	})
-
+}
-			err = os.WriteFile(path.Join(dstPath, "README.md"), []byte("## very sensitive info"), 0o666)
+
-			require.NoError(t, err)
+type CodeownerTest struct {
-
+	Name string
-			err = git.AddChanges(dstPath, true)
+	Path string
-			require.NoError(t, err)
+}
-
+
-			err = git.CommitChanges(dstPath, git.CommitChangesOptions{
+func TestCodeOwner(t *testing.T) {
-				Committer: &git.Signature{
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
-					Email: "user2@example.com",
+		tests := []CodeownerTest{
-					Name:  "user2",
+			{Name: "root", Path: "CODEOWNERS"},
-					When:  time.Now(),
+			{Name: "docs", Path: "docs/CODEOWNERS"},
-				},
+			{Name: "gitea", Path: ".gitea/CODEOWNERS"},
-				Author: &git.Signature{
+			{Name: "forgejo", Path: ".forgejo/CODEOWNERS"},
-					Email: "user2@example.com",
+		}
-					Name:  "user2",
+		for _, test := range tests {
-					When:  time.Now(),
+			CodeOwnerTestCommon(t, u, test)
-				},
+		}
 				Message: "Add secrets to the README.",
 			})
 			require.NoError(t, err)
 			err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/main", "-o", "topic=codeowner-private").Run(&git.RunOpts{Dir: dstPath})
 			require.NoError(t, err)
 			// In CODEOWNERS file the codeowner for README.md is user5, but does not have access to this private repository.
 			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "user2/codeowner-private"})
 			unittest.AssertExistsIf(t, false, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 		})
 	})
 }