forgejo/services
Andreas Shimokawa 3c9b3ddf5c Do not rewrite ssh keys files when deleting a user without one (#6097)
### Problem

Big instances can have huge authorized_keys files when using OpenSSH instead of the internal ssh server. Forgejo always re-generates the contents of that file when a user is deleted, even if he does not even have a public key uploaded. In case of codeberg.org, a 15MB file gets rewritten. If we batch delete 100 Spam users without ssh keys, we rewrite 1.5GB, this takes time and wears the SSD. In addition, there is a high chance of hitting a race contidion bug, when deleting users in parallel.

### Solution / Mitigation

This patch prevents rewriting authorized_keys files, when not necessary. It greatly speeds up deleting malicious users, saves IO bandwidth and SSD wear. It also greatly reduces the chance of hitting a race condition bug. Fixing the race condition is not the scope of this patch though.

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [x] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [x] I do not want this change to show in the release notes.
- [ ] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6097
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Andreas Shimokawa <shimokawa@fsfe.org>
Co-committed-by: Andreas Shimokawa <shimokawa@fsfe.org>
2024-12-05 21:32:09 +00:00
..
actions fix: clean up log files that no longer exist 2024-12-03 05:09:47 +01:00
agit fix(agit): run full pr checks on force-push 2024-08-12 09:00:41 +02:00
asymkey tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
attachment tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
auth allow the actions user to login via the jwt token (#32527) 2024-11-24 10:41:56 +00:00
automerge Add branch auto deletion for scheduled PRs 2024-10-31 03:49:15 +01:00
context Merge branch 'forgejo' into forgejo 2024-11-28 22:53:34 +00:00
contexttest [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
convert tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
cron Clear up old Actions logs (#31735) 2024-08-04 18:24:10 +02:00
doctor fix: dbconsistency check adding missing quotes 2024-12-02 16:05:51 +00:00
externalaccount allow synchronizing user status from OAuth2 login providers (#31572) 2024-07-22 15:44:13 +02:00
f3 feat: upgrade F3 to v3.7.0 2024-08-18 19:39:20 +02:00
federation feat: access ActivityPub client through interfaces to facilitate mocking in unit tests (#4853) 2024-08-07 05:45:24 +00:00
feed tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forgejo tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forms Validate OAuth Redirect URIs (#32643) 2024-12-03 10:19:22 +01:00
gitdiff improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
indexer Update issue indexer after merging a PR (#30715) 2024-05-12 20:03:10 +02:00
issue fix: check read permissions for code owner review requests 2024-11-17 20:12:59 +01:00
lfs Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
mailer Improve usage of HMAC output for mailer tokens 2024-11-15 10:59:36 +01:00
markup Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
migrations Merge pull request 'test: enable gitea migration tests' (#5817) from viceice/test/migrations/gitea into forgejo 2024-11-05 10:55:30 +00:00
mirror [PORT] Fix git error handling (gitea#32401) 2024-11-03 16:47:44 +01:00
notify Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
org Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
packages Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
pull tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
release Trim title before insert/update to database to match the size requirements of database (#32498) 2024-11-17 12:18:56 +01:00
remote Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
repository Merge pull request '[gitea] week 2024-49 cherry pick (gitea/main -> forgejo)' (#6110) from earl-warren/wcp/2024-49 into forgejo 2024-12-03 15:06:55 +00:00
secrets
shared/automerge create "shared" package to workaround import loop issues 2024-10-31 03:49:14 +01:00
task feat(quota): Quota enforcement 2024-08-02 11:10:34 +02:00
uinotification
user Do not rewrite ssh keys files when deleting a user without one (#6097) 2024-12-05 21:32:09 +00:00
webhook Escaping specific markdown in commit messages on Discord-type embeds #3664 (#5811) 2024-11-18 21:47:11 +00:00
wiki Show page titles in wiki search results (#6048) 2024-11-24 15:55:34 +01:00