Forgejo was awarded grant from https://nlnet.nl/ which will allow Codeberg e.V. and community members to get funding for improving the Forgejo release process and develop additional features, starting June 2023. It complements the on-going grant dedicated to federation: the features it will provide can only be deployed if releases are published and tested to work in a secure environment.
The Codeberg moderation team is facing daily challenges that are a heavy burden. A new feature was implemented to allow users to block someone in the repositories they own, allowing them to mitigate some of the most common problems. This not only helps relieve the pressure on the moderation team of any public Forgejo instance, it also is an essential building block for federation because it creates more opportunities for unwanted attention.
Forgejo depends on Gitea and over a hundred other Go packages. But Gitea is not provided or designed as a package and that creates unique challenges when upgrading, which is done on a weekly basis. Forgejo developed workflows since its inception to reduce the workload.
Every automated test reduces the scrutiny required from Forgejo contributors when upgrading Gitea. This is specially challenging when dealing with the authentication system because it has almost no test coverage. A mechanism to allow for dependency injection in integration tests was added as well as a simple OAuth2 test to demonstrate how to use it.
When upgrading Forgejo, database migrations are applied using a set of files and a sequential numbering to ensure their consistency. Forgejo specific database modifications cannot conveniently be inserted in that sequence. Instead, a separate migration directory was created and manages a set of tables prefixed with
forgejo_. It was used in the implementation of the user blocking feature.
Moderation features now have their dedicated feature branch. It will contain tools that fall in two categories: self-service to help users in the simpler cases and helpers for a dedicated moderation team with admin privileges who take care of the entire Forgejo instance.
A CI configuration for Forgejo was created based on Forgejo Actions. Although it has been tested to work, the Woodpecker CI is still used to validate pull requests. It will be run in parallel as soon as Codeberg enables Forgejo Actions.
Forgejo extensively uses LXC in the Forgejo runner. A set of shell scripts named lxc-helpers were developed, tested (with Forgejo Actions) and documented in a separate repository. They are now used in various other contexts (the setup-forgejo action or the Ansible playbooks used to deploy Forgejo hardware).
The release process was revisited, taking the opportunity of the brand new Forgejo runner to do so. In a nutshell it is a set of Forgejo Actions workflows that behave differently depending on the variables/secrets that are available. The repository is automatically mirrored in different organizations (experimental, integration, release) that have different variables/secrets to perform their expected role.
Here is how it goes for the Forgejo runner:
- when in the
forgejo-integrationorganization, build the release
- when in the
forgejo-releaseorganization, safely hosted behind a VPN, use the GPG release key & secrets to sign and copy the release that was created in the
forgejo-integrationorganization to publish the binary release and the container image
The devops team completed the deployment of the new hardware at
octopuce.forgejo.org. It is now in production and part of the new release process that was used to produce the latest releases of the Forgejo runner. It provides a VPN for the release team to secure the last step which involves a workflow to sign the binaries.
The NLnet grant application focused on producing quality Forgejo releases that are essential for federation to happen was granted. It will provide funding to Codeberg e.V., https://codeberg.org/oliverpool, https://codeberg.org/crystal and https://codeberg.org/earl-warren for their work starting in June 2023. It complements the on-going grant that provides funding for developing moderation features.
The general assembly of Codeberg e.V. renewed its support to Forgejo and decided to allocate funding in 2023 to further Forgejo.
firstname.lastname@example.org bot entered the Forgejo chatrooms and started operating. Some Forgejo community members did not approve and asked the moderation team to ban it. A discussion began and will be concluded by a decision to accept or reject this bot.
A few months ago a chatroom was created and is dedicated to the reconciliation of Forgejo community members. Making peace after a dispute is not easy but it happened and sets an example that will hopefully inspire more reconciliations. Until that happens the moderation team offers to act as a buffer between community members so they can contribute to Forgejo, working side by side without being forced into stressful interactions.
Following the decision that Forgejo will accept copylefted contributions, a blog post was published to explain the reasoning. The next step is an agreement to accept contributions compatible with GPLv3-or-later.
Forgejo is a community of people who contribute in an inclusive environment. We forge on an equal footing, by reporting a bug, voicing an idea in the chatroom or implementing a new feature. The following list of contributors is meant to reflect this diversity and acknowledge all contributions since the last monthly report was published. If you are missing, please ask for an update.
A minority of Forgejo contributors earn a living by implementing the roadmap co-created by the Forgejo community, see the sustainability repository for the details.