repo: normalize `private` column from the `metadata`
Created by: unknwon
This PR normalizes a repo.private column from the repo.metadata to be used later when checking permissions. It is currently NOT used.
Outline:
- DB migrations to extract value from JSON metadata to
privatecolumn for GitHub, GitLab, Bitbucket Server and Bitbucket Cloud code hosts. - Update visibility every time repo-updater lists repositories from code hosts.
Manually tested and added unit tests for (*T).makeRepo methods for both GitHub and GitLab sources.
Part of #8492.
I thought about using public to be more strict on security, but didn't approach because:
-
publicis a keyword in Postgres. - Semantically, what we want to identify is that "is this a private repository" given our default visibility is public (e.g. when no authz provider is configured). Which is similar to GitHub in terms of whether a user is allowed to see a repository, and they also use
is_private.