HomeLab/ForgeBucket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
28 Commits 4 Branches 1 Tag
f211cfc7dbb9f5cc1dc0f57cbb53dbdc6be58687
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
erangel1 f211cfc7db Branch restrictions — fully enforced: 
CRUD rules with pattern (exact or glob like release/*), requirePR, blockForcePush, bypass user list
Enforcement via pkt-line parsing inside the git HTTP handler — before any data reaches git http-backend, each ref update is extracted and checked against stored rules
Direct push to main with requirePR: true → 403 with message; push to unprotected branches still works
Inline checkboxes in the UI update rules immediately
Branching model — stored config:

GET/PUT per repo, defaults to feature/bugfix/release/hotfix prefixes
Toggle enabled/disabled, custom prefix per type with live preview
No enforcement (naming guide only, as Bitbucket does)
Merge strategies — enforced in PR merge endpoint:

GET/PUT per repo, defaults all three allowed
Merge handler now accepts strategy: "merge"|"squash"|"rebase" in request body, checks against stored policy
Disallowed strategy → 409 with clear error; allowed strategy → merges and fires pull_request webhook
Must have at least one strategy enabled (validated server-side)
Webhooks — full delivery with HMAC:

CRUD with title, URL, secret (optional), events (push/pull_request/issue), active toggle
Test button sends live HTTP POST to the configured URL and shows status code in UI
FireWebhooks() fires asynchronously from PR merge and can be called from any handler
X-ForgeBucket-Signature-256: sha256=<hmac> header when secret is set
Last delivery status and timestamp stored on webhook record and shown in list
2026-05-07 15:27:48 +02:00
.repos
security sections are fully functional
2026-05-07 15:06:45 +02:00
cmd
phase 2 initial test
2026-05-06 23:39:04 +02:00
frontend
Branch restrictions — fully enforced:
2026-05-07 15:27:48 +02:00
internal
Branch restrictions — fully enforced:
2026-05-07 15:27:48 +02:00
web
idk
2026-05-06 23:21:43 +02:00
.env
phase 2 testing complete
2026-05-07 00:09:50 +02:00
.env.example
first round of files
2026-05-06 23:13:06 +02:00
CLAUDE.md
idk
2026-05-06 23:21:43 +02:00
docker-compose.prod.yml
phase 2 initial test
2026-05-06 23:39:04 +02:00
docker-compose.yml
phase 3 bug repositories fixes
2026-05-07 01:15:32 +02:00
Dockerfile
phase 2 initial test
2026-05-06 23:39:04 +02:00
go.mod
phase 2 testing complete
2026-05-07 00:09:50 +02:00
go.sum
phase 2 testing complete
2026-05-07 00:09:50 +02:00
LICENSE
readme and license file
2026-05-06 22:56:39 +02:00
Makefile
phase 3 bug fixing
2026-05-07 00:55:46 +02:00
README.md
Rename READEME.md
2026-05-06 20:57:42 +00:00

README.md

ForgeBucket 🛡️🪣

Sovereign Federation meets Enterprise Design.

ForgeBucket is a production-ready, federated git collaboration platform. It combines the high-performance, lightweight Go engine of Forgejo with the sophisticated, high-density UI/UX of Bitbucket, optimized for a "Responsive-First, Access Anywhere" experience.

🚀 The Vision

ForgeBucket aims to provide developers with a world-class code review and project management experience without sacrificing data sovereignty. It bridges the gap between community-driven open-source software and enterprise-grade usability.

  • Engine: Built on the Forgejo/Gitea ecosystem.
  • Interface: Powered by Atlassian Design System (ADS) principles.
  • Connectivity: Full ActivityPub (ForgeFed) integration for a decentralized git world.

🛠️ Tech Stack

Backend & Core

  • Language: Go (Golang) 1.21+
  • Database: PostgreSQL with XORM
  • Git Engine: Native System Git Binary execution
  • CI/CD: Forgejo Actions (gRPC protocol)

Frontend & UX

  • Framework: React 18+ (Embedded in Go binary)
  • Styling: Tailwind CSS + Atlassian Design Tokens
  • Components: Custom implementation of Atlaskit primitives
  • Real-time: WebSockets for live logs and notifications

Key Features

  • Responsive Navigation: A triple-state sidebar (Expanded, Collapsed, Mobile Bottom-Bar) that adheres to an 8px grid system.
  • Advanced Diff Viewer: Side-by-side and unified views with "Bottom Sheet" comment overlays for mobile code reviews.
  • Federated Pull Requests: Interaction across different ForgeBucket/Forgejo instances via ActivityPub.
  • AGit "Quick Edit": Web-based file editing with automatic refs/for/ branch creation for instant PRs.
  • Skeleton Loading: Optimized "Perceived Performance" using pulsate loading states for metadata.

🔒 Security & Compliance

  • OWASP Top 10 Compliance: Strict protection against XSS, CSRF, and SQLi.
  • Command Sanitization: Hardened wrapper for all Git binary executions.
  • Identity: OIDC and OAuth2 support with Row-Level Security (RLS) mentalities.
  • Auditability: Full logging of all administrative and git-over-HTTP actions.

🏁 Getting Started

Prerequisites

  • Go 1.21 or higher
  • Node.js 18+ (for frontend development)
  • PostgreSQL 14+
  • System Git 2.20+

Installation

  1. Clone the repository:
   git clone [https://github.com/your-repo/forgebucket.git](https://github.com/your-repo/forgebucket.git)
   cd forgebucket
  1. Setup Frontend:
cd frontend
npm install
npm run build
  1. Build the Binary:
cd ..
go build -o forgebucket main.go
  1. Run:
./forgebucket web

🤝 Contributing

We follow the "Responsive-First" contribution model. Please ensure all UI changes are tested on both Desktop (1440px) and Mobile (375px) breakpoints.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details. Portions of the code are derived from Forgejo (GPLv3).

Reference in New Issue View Git Blame Copy Permalink
S
Description
Self-developed git platform.
Readme AGPL-3.0 98 MiB
Languages
JavaScript 36.5%
TypeScript 34.3%
Go 28.7%
CSS 0.3%
Makefile 0.1%