Update clowm clients and add return to original path after login

#89

.gitlab-ci.yml

@@ -36,7 +36,7 @@ build:
 build-publish-dev-docker-container-job:
   stage: deploy
   image:
-    name: gcr.io/kaniko-project/executor:v1.17.0-debug
+    name: gcr.io/kaniko-project/executor:v1.20.0-debug
     entrypoint: [""]
   only:
     refs:
@@ -47,13 +47,13 @@ build-publish-dev-docker-container-job:
     - /kaniko/executor
       --context "${CI_PROJECT_DIR}"
       --dockerfile "${CI_PROJECT_DIR}/Dockerfile"
-      --destination "${CI_REGISTRY_IMAGE}:dev-${CI_COMMIT_SHA}"
-      --destination "${CI_REGISTRY_IMAGE}:dev-latest"
+      --destination "${CI_REGISTRY_IMAGE}:main-${CI_COMMIT_SHA}"
+      --destination "${CI_REGISTRY_IMAGE}:main-latest"
 
 build-publish-docker-container-job:
   stage: deploy
   image:
-    name: gcr.io/kaniko-project/executor:v1.17.0-debug
+    name: gcr.io/kaniko-project/executor:v1.20.0-debug
     entrypoint: [""]
   only:
     - tags

src/App.vue

@@ -3,7 +3,7 @@ import NavbarTop from "@/components/NavbarTop.vue";
 import { onBeforeMount } from "vue";
 import { useCookies } from "vue3-cookies";
 import { useAuthStore } from "@/stores/users";
-import { useRouter } from "vue-router";
+import { useRoute, useRouter } from "vue-router";
 import { OpenAPI as S3ProxyOpenAPI } from "@/client/s3proxy";
 import { OpenAPI as AuthOpenAPI } from "@/client/auth";
 import { OpenAPI as WorkflowOpenAPI } from "@/client/workflow";
@@ -16,6 +16,7 @@ import { useNameStore } from "@/stores/names";
 const { cookies } = useCookies();
 const store = useAuthStore();
 const router = useRouter();
+const route = useRoute();
 const nameRepository = useNameStore();
 
 onBeforeMount(() => {
@@ -37,6 +38,7 @@ onBeforeMount(() => {
           query: {
             login_error:
               err.response.status === 400 ? "token_invalid" : "token_expired",
+            return_path: encodeURI(route.path),
           },
         });
       }
@@ -52,7 +54,7 @@ onBeforeMount(() => {
       to.name !== "login"
     ) {
       // redirect the user to the login page and preserve query params for login error message
-      return { name: "login", query: to.query };
+      return { name: "login", query: { ...to.query, return_path: encodeURI(to.path) } };
     } else if (
       to.meta.requiresDeveloperRole &&
       !(store.workflowDev || store.admin)
@@ -70,6 +72,9 @@ onBeforeMount(() => {
       return { name: "dashboard" };
     } else if (to.meta.adminRole && !store.admin) {
       return { name: "dashboard" };
+    } else if (to.name !== "login" && to.query.return_path) {
+      // return to original path after login
+      return { path: decodeURI(to.query.return_path as string) };
     }
   });
   nameRepository.loadNameMapping();

src/client/auth/index.ts

@@ -9,6 +9,7 @@ export type { OpenAPIConfig } from './core/OpenAPI';
 
 export type { ErrorDetail } from './models/ErrorDetail';
 export type { HTTPValidationError } from './models/HTTPValidationError';
+export type { OIDCProvider } from './models/OIDCProvider';
 export { RoleEnum } from './models/RoleEnum';
 export type { User } from './models/User';
 export type { ValidationError } from './models/ValidationError';

src/client/auth/models/OIDCProvider.ts

+/* generated using openapi-typescript-codegen -- do no edit */
+/* istanbul ignore file */
+/* tslint:disable */
+/* eslint-disable */
+export type OIDCProvider = string;

src/client/auth/services/AuthService.ts

@@ -2,6 +2,7 @@
 /* istanbul ignore file */
 /* tslint:disable */
 /* eslint-disable */
+import type { OIDCProvider } from '../models/OIDCProvider';
 import type { CancelablePromise } from '../core/CancelablePromise';
 import { OpenAPI } from '../core/OpenAPI';
 import { request as __request } from '../core/request';
@@ -9,15 +10,25 @@ export class AuthService {
     /**
      * Redirect to LifeScience OIDC Login
      * Redirect route to OIDC provider to kickstart the login process.
+     * @param provider The OIDC provider to use for login
+     * @param returnPath Will be appended to redirect response in the callback route as URL query parameter `return_path`
      * @returns void
      * @throws ApiError
      */
-    public static authLogin(): CancelablePromise<void> {
+    public static authLogin(
+        provider?: OIDCProvider,
+        returnPath?: string,
+    ): CancelablePromise<void> {
         return __request(OpenAPI, {
             method: 'GET',
             url: '/auth/login',
+            query: {
+                'provider': provider,
+                'return_path': returnPath,
+            },
             errors: {
                 302: `Successful Response`,
+                422: `Validation Error`,
             },
         });
     }
@@ -33,15 +44,22 @@ export class AuthService {
      * If the user is new, he will be created and then a JWT token is issued.
      *
      * This JWT has to be sent to all authorized endpoints via the HTTPBearer scheme.
+     * @param provider
      * @returns void
      * @throws ApiError
      */
-    public static authLoginCallback(): CancelablePromise<void> {
+    public static authLoginCallback(
+        provider: OIDCProvider,
+    ): CancelablePromise<void> {
         return __request(OpenAPI, {
             method: 'GET',
-            url: '/auth/callback',
+            url: '/auth/callback/{provider}',
+            path: {
+                'provider': provider,
+            },
             errors: {
                 302: `Successful Response`,
+                422: `Validation Error`,
             },
         });
     }

src/client/resource/models/Status.ts

@@ -8,10 +8,16 @@
 export enum Status {
     RESOURCE_REQUESTED = 'RESOURCE_REQUESTED',
     SYNC_REQUESTED = 'SYNC_REQUESTED',
+    DENIED = 'DENIED',
     SYNCHRONIZING = 'SYNCHRONIZING',
+    SYNC_ERROR = 'SYNC_ERROR',
     SYNCHRONIZED = 'SYNCHRONIZED',
+    SETTING_LATEST = 'SETTING_LATEST',
     LATEST = 'LATEST',
-    DENIED = 'DENIED',
+    CLUSTER_DELETING = 'CLUSTER_DELETING',
+    CLUSTER_DELETE_ERROR = 'CLUSTER_DELETE_ERROR',
     CLUSTER_DELETED = 'CLUSTER_DELETED',
+    S3_DELETING = 'S3_DELETING',
+    S3_DELETE_ERROR = 'S3_DELETE_ERROR',
     S3_DELETED = 'S3_DELETED',
 }

src/client/resource/services/ResourceService.ts

@@ -15,7 +15,7 @@ export class ResourceService {
      *
      * Permission `resource:list` required.
      * @param maintainerId Filter for resource by maintainer. If current user is the same as maintainer ID, permission `resource:list` required, otherwise `resource:list_filter`.
-     * @param versionStatus Which versions of the resource to include in the response. Permission `resource:list_filter` required, unless `maintainer_id` is provided and current user is maintainer, then only permission `resource:list` required. Default `LATEST` and `SYNCHRONIZED`.
+     * @param versionStatus Which versions of the resource to include in the response. Permission `resource:list_filter` required, unless `maintainer_id` is provided and current user is maintainer, then only permission `resource:list` required. Default `LATEST`, `SYNCHRONIZED` and `SETTING_LATEST`.
      * @param nameSubstring
      * @returns ResourceOut Successful Response
      * @throws ApiError

src/client/resource/services/ResourceVersionService.ts

@@ -15,7 +15,7 @@ export class ResourceVersionService {
      *
      * Permission 'resource:read' required.
      * @param rid
-     * @param versionStatus Which versions to include in the response. Permission `resource:read_any` required, current user is the maintainer, then only permission `resource:read` required. Default `LATEST` and `SYNCHRONIZED`.
+     * @param versionStatus Which versions to include in the response. Permission `resource:read_any` required, current user is the maintainer, then only permission `resource:read` required. Default `LATEST`, `SYNCHRONIZED` and `SETTING_LATEST`.
      * @returns ResourceVersionOut Successful Response
      * @throws ApiError
      */

src/client/s3proxy/models/BucketOut.ts

@@ -22,7 +22,7 @@ export type BucketOut = {
     /**
      * UID of the owner
      */
-    owner: string;
+    owner_id: string;
     /**
      * Number of Objects in this bucket
      */

src/client/s3proxy/models/BucketPermissionOut.ts

@@ -31,9 +31,5 @@ export type BucketPermissionOut = {
      * Name of Bucket
      */
     bucket_name: string;
-    /**
-     * Display Name of the grantee
-     */
-    grantee_display_name: string;
 };
 

src/client/s3proxy/models/S3Key.ts

@@ -9,7 +9,7 @@ export type S3Key = {
     /**
      * UID of the user of that access key
      */
-    user: string;
+    uid: string;
     /**
      * ID of the S3 access key
      */

src/client/s3proxy/services/BucketPermissionService.ts

@@ -12,28 +12,25 @@ import { OpenAPI } from '../core/OpenAPI';
 import { request as __request } from '../core/request';
 export class BucketPermissionService {
     /**
-     * Get permission for bucket and user combination.
-     * Get the bucket permissions for the specific combination of bucket and user.
+     * Get all permissions.
+     * List all the bucket permissions in the system.
      *
-     * The owner of the bucket and the grantee of the permission can view it.
-     *
-     * Permission "bucket_permission:read" required if current user is the target or owner of the bucket permission,
-     * otherwise "bucket_permission:read_any" required.
-     * @param bucketName Name of bucket
-     * @param uid UID of a user
+     * Permission `bucket_permission:list_all` required.
+     * @param permissionTypes Type of Bucket Permissions to fetch
+     * @param permissionStatus Status of Bucket Permissions to fetch
      * @returns BucketPermissionOut Successful Response
      * @throws ApiError
      */
-    public static bucketPermissionGetPermissionForBucket(
-        bucketName: string,
-        uid: string,
-    ): CancelablePromise<BucketPermissionOut> {
+    public static bucketPermissionListPermissions(
+        permissionTypes?: Array<Permission>,
+        permissionStatus?: PermissionStatus,
+    ): CancelablePromise<Array<BucketPermissionOut>> {
         return __request(OpenAPI, {
             method: 'GET',
-            url: '/permissions/bucket/{bucket_name}/user/{uid}',
-            path: {
-                'bucket_name': bucketName,
-                'uid': uid,
+            url: '/permissions',
+            query: {
+                'permission_types': permissionTypes,
+                'permission_status': permissionStatus,
             },
             errors: {
                 400: `Error decoding JWT Token`,
@@ -44,29 +41,22 @@ export class BucketPermissionService {
         });
     }
     /**
-     * Delete a bucket permission
-     * Delete the bucket permissions for the specific combination of bucket and user.
-     *
-     * The owner of the bucket and the grantee of the permission can delete it.
+     * Create a permission.
+     * Create a permission for a bucket and user.
      *
-     * Permission "bucket_permission:delete" required if current user is the target or owner of the bucket permission,
-     * otherwise "bucket_permission:delete_any" required.
-     * @param bucketName Name of bucket
-     * @param uid UID of a user
-     * @returns void
+     * Permission `bucket_permission:create` required.
+     * @param requestBody
+     * @returns BucketPermissionOut Successful Response
      * @throws ApiError
      */
-    public static bucketPermissionDeletePermission(
-        bucketName: string,
-        uid: string,
-    ): CancelablePromise<void> {
+    public static bucketPermissionCreatePermission(
+        requestBody: BucketPermissionIn,
+    ): CancelablePromise<BucketPermissionOut> {
         return __request(OpenAPI, {
-            method: 'DELETE',
-            url: '/permissions/bucket/{bucket_name}/user/{uid}',
-            path: {
-                'bucket_name': bucketName,
-                'uid': uid,
-            },
+            method: 'POST',
+            url: '/permissions',
+            body: requestBody,
+            mediaType: 'application/json',
             errors: {
                 400: `Error decoding JWT Token`,
                 403: `Not authenticated`,
@@ -76,31 +66,32 @@ export class BucketPermissionService {
         });
     }
     /**
-     * Update a bucket permission
-     * Update a permission for a bucket and user.
+     * Get all permissions for a user.
+     * List all the bucket permissions for the given user.
      *
-     * Permission "bucket_permission:read" required if current user is the target the bucket permission,
-     * otherwise "bucket_permission:update" required.
-     * @param bucketName Name of bucket
+     * Permission `bucket_permission:list_user` required if current user is the target the bucket permission,
+     * otherwise `bucket_permission:list_all` required.
      * @param uid UID of a user
-     * @param requestBody
+     * @param permissionTypes Type of Bucket Permissions to fetch
+     * @param permissionStatus Status of Bucket Permissions to fetch
      * @returns BucketPermissionOut Successful Response
      * @throws ApiError
      */
-    public static bucketPermissionUpdatePermission(
-        bucketName: string,
+    public static bucketPermissionListPermissionsPerUser(
         uid: string,
-        requestBody: BucketPermissionParameters,
-    ): CancelablePromise<BucketPermissionOut> {
+        permissionTypes?: Array<Permission>,
+        permissionStatus?: PermissionStatus,
+    ): CancelablePromise<Array<BucketPermissionOut>> {
         return __request(OpenAPI, {
-            method: 'PUT',
-            url: '/permissions/bucket/{bucket_name}/user/{uid}',
+            method: 'GET',
+            url: '/permissions/user/{uid}',
             path: {
-                'bucket_name': bucketName,
                 'uid': uid,
             },
-            body: requestBody,
-            mediaType: 'application/json',
+            query: {
+                'permission_types': permissionTypes,
+                'permission_status': permissionStatus,
+            },
             errors: {
                 400: `Error decoding JWT Token`,
                 403: `Not authenticated`,
@@ -113,8 +104,8 @@ export class BucketPermissionService {
      * Get all permissions for a bucket.
      * List all the bucket permissions for the given bucket.
      *
-     * Permission "bucket_permission:read" required if current user is owner of the bucket,
-     * otherwise "bucket_permission:read_any" required.
+     * Permission `bucket_permission:list_bucket` required if current user is owner of the bucket,
+     * otherwise `bucket_permission:list_all` required.
      * @param bucketName Name of bucket
      * @param permissionTypes Type of Bucket Permissions to fetch
      * @param permissionStatus Status of Bucket Permissions to fetch
@@ -123,8 +114,8 @@ export class BucketPermissionService {
      */
     public static bucketPermissionListPermissionsPerBucket(
         bucketName: string,
-        permissionTypes?: (Array<Permission> | null),
-        permissionStatus?: (PermissionStatus | null),
+        permissionTypes?: Array<Permission>,
+        permissionStatus?: PermissionStatus,
     ): CancelablePromise<Array<BucketPermissionOut>> {
         return __request(OpenAPI, {
             method: 'GET',
@@ -145,31 +136,60 @@ export class BucketPermissionService {
         });
     }
     /**
-     * Get all permissions for a user.
-     * List all the bucket permissions for the given user.
+     * Get permission for bucket and user combination.
+     * Get the bucket permissions for the specific combination of bucket and user.
+     *
+     * The owner of the bucket and the grantee of the permission can view it.
      *
-     * Permission "bucket_permission:read" required if current user is the target the bucket permission,
-     * otherwise "bucket_permission:read_any" required.
+     * Permission `bucket_permission:read` required if current user is the target or owner of the bucket permission,
+     * otherwise `bucket_permission:read_any` required.
+     * @param bucketName Name of bucket
      * @param uid UID of a user
-     * @param permissionTypes Type of Bucket Permissions to fetch
-     * @param permissionStatus Status of Bucket Permissions to fetch
      * @returns BucketPermissionOut Successful Response
      * @throws ApiError
      */
-    public static bucketPermissionListPermissionsPerUser(
+    public static bucketPermissionGetPermissionForBucket(
+        bucketName: string,
         uid: string,
-        permissionTypes?: (Array<Permission> | null),
-        permissionStatus?: (PermissionStatus | null),
-    ): CancelablePromise<Array<BucketPermissionOut>> {
+    ): CancelablePromise<BucketPermissionOut> {
         return __request(OpenAPI, {
             method: 'GET',
-            url: '/permissions/user/{uid}',
+            url: '/permissions/bucket/{bucket_name}/user/{uid}',
             path: {
+                'bucket_name': bucketName,
                 'uid': uid,
             },
-            query: {
-                'permission_types': permissionTypes,
-                'permission_status': permissionStatus,
+            errors: {
+                400: `Error decoding JWT Token`,
+                403: `Not authenticated`,
+                404: `Entity not Found`,
+                422: `Validation Error`,
+            },
+        });
+    }
+    /**
+     * Delete a bucket permission
+     * Delete the bucket permissions for the specific combination of bucket and user.
+     *
+     * The owner of the bucket and the grantee of the permission can delete it.
+     *
+     * Permission `bucket_permission:delete` required if current user is the target or owner of the bucket permission,
+     * otherwise `bucket_permission:delete_any` required.
+     * @param bucketName Name of bucket
+     * @param uid UID of a user
+     * @returns void
+     * @throws ApiError
+     */
+    public static bucketPermissionDeletePermission(
+        bucketName: string,
+        uid: string,
+    ): CancelablePromise<void> {
+        return __request(OpenAPI, {
+            method: 'DELETE',
+            url: '/permissions/bucket/{bucket_name}/user/{uid}',
+            path: {
+                'bucket_name': bucketName,
+                'uid': uid,
             },
             errors: {
                 400: `Error decoding JWT Token`,
@@ -180,20 +200,28 @@ export class BucketPermissionService {
         });
     }
     /**
-     * Create a permission.
-     * Create a permission for a bucket and user.
+     * Update a bucket permission
+     * Update a permission for a bucket and user.
      *
-     * Permission "bucket_permission:create" required.
+     * Permission `bucket_permission:update` required.
+     * @param bucketName Name of bucket
+     * @param uid UID of a user
      * @param requestBody
      * @returns BucketPermissionOut Successful Response
      * @throws ApiError
      */
-    public static bucketPermissionCreatePermission(
-        requestBody: BucketPermissionIn,
+    public static bucketPermissionUpdatePermission(
+        bucketName: string,
+        uid: string,
+        requestBody: BucketPermissionParameters,
     ): CancelablePromise<BucketPermissionOut> {
         return __request(OpenAPI, {
-            method: 'POST',
-            url: '/permissions',
+            method: 'PUT',
+            url: '/permissions/bucket/{bucket_name}/user/{uid}',
+            path: {
+                'bucket_name': bucketName,
+                'uid': uid,
+            },
             body: requestBody,
             mediaType: 'application/json',
             errors: {

src/client/s3proxy/services/BucketService.ts

@@ -13,21 +13,22 @@ export class BucketService {
      * List buckets of user
      * List all the buckets in the system or of the desired user where the user has READ permissions for.
      *
-     * Permission "bucket:read" required.
-     * @param user UID of the user for whom to fetch the buckets for. Permission 'bucket:read_any' required if current user is not the target.
+     * Permission `bucket:list` required if the current user is the owner of the bucket,
+     * otherwise `bucket:list_all` required.
+     * @param ownerId UID of the user for whom to fetch the buckets for. Permission 'bucket:read_any' required if current user is not the target.
      * @param bucketType Type of the bucket to get. Ignored when `user` parameter not set
      * @returns BucketOut Successful Response
      * @throws ApiError
      */
     public static bucketListBuckets(
-        user?: (string | null),
+        ownerId?: string,
         bucketType?: BucketType,
     ): CancelablePromise<Array<BucketOut>> {
         return __request(OpenAPI, {
             method: 'GET',
             url: '/buckets',
             query: {
-                'user': user,
+                'owner_id': ownerId,
                 'bucket_type': bucketType,
             },
             errors: {
@@ -46,7 +47,7 @@ export class BucketService {
      * For more information see the
      * [Ceph documentation](https://docs.ceph.com/en/quincy/radosgw/s3/bucketops/#constraints)
      *
-     * Permission "bucket:create" required.
+     * Permission `bucket:create` required.
      * @param requestBody
      * @returns BucketOut Successful Response
      * @throws ApiError
@@ -71,8 +72,8 @@ export class BucketService {
      * Get a bucket by its name
      * Get a bucket by its name if the current user has READ permissions for the bucket.
      *
-     * Permission "bucket:read" required if the current user is the owner of the bucket,
-     * otherwise "bucket:read_any" required.
+     * Permission `bucket:read` required if the current user is the owner of the bucket,
+     * otherwise `bucket:read_any` required.
      * @param bucketName Name of bucket
      * @returns BucketOut Successful Response
      * @throws ApiError
@@ -98,8 +99,8 @@ export class BucketService {
      * Delete a bucket
      * Delete a bucket by its name. Only the owner of the bucket can delete the bucket.
      *
-     * Permission "bucket:delete" required if the current user is the owner of the bucket,
-     * otherwise "bucket:delete_any" required.
+     * Permission `bucket:delete` required if the current user is the owner of the bucket,
+     * otherwise `bucket:delete_any` required.
      * @param bucketName Name of bucket
      * @param forceDelete Delete even non-empty bucket
      * @returns void

src/client/s3proxy/services/S3KeyService.ts

@@ -11,7 +11,7 @@ export class S3KeyService {
      * Get the S3 Access keys from a user
      * Get all the S3 Access keys for a specific user.
      *
-     * Permission "s3_key:list" required.
+     * Permission `s3_key:list` required.
      * @param uid UID of a user
      * @returns S3Key Successful Response
      * @throws ApiError
@@ -37,7 +37,7 @@ export class S3KeyService {
      * Create a Access key for a user
      * Create a S3 Access key for a specific user.
      *
-     * Permission "s3_key:create" required.
+     * Permission `s3_key:create` required.
      * @param uid UID of a user
      * @returns S3Key Successful Response
      * @throws ApiError
@@ -63,7 +63,7 @@ export class S3KeyService {
      * Get a specific S3 Access key from a user
      * Get a specific S3 Access Key for a specific user.
      *
-     * Permission "s3_key:read" required.
+     * Permission `s3_key:read` required.
      * @param accessId ID of the S3 access key
      * @param uid UID of a user
      * @returns S3Key Successful Response
@@ -92,7 +92,7 @@ export class S3KeyService {
      * Delete a specific S3 Access key from a user
      * Delete a specific S3 Access key for a specific user.
      *
-     * Permission "s3_key:delete" required if the current user is the target, otherwise "s3_key:delete_any" required.
+     * Permission `s3_key:delete` required if the current user is the target, otherwise `s3_key:delete_any` required.
      * @param accessId ID of the S3 access key
      * @param uid UID of a user
      * @returns void

src/client/workflow/models/AnonymizedWorkflowExecution.ts

@@ -15,11 +15,11 @@ export type AnonymizedWorkflowExecution = {
     /**
      * ID of the workflow mode this workflow execution ran in
      */
-    workflow_mode_id?: (string | null);
+    workflow_mode_id?: string;
     /**
      * Hash of the git commit
      */
-    git_commit_hash: string;
+    workflow_version_id: string;
     /**
      * Day of the workflow execution
      */

src/client/workflow/models/Body_Workflow_Version_upload_workflow_version_icon.ts

@@ -4,7 +4,7 @@
 /* eslint-disable */
 export type Body_Workflow_Version_upload_workflow_version_icon = {
     /**
-     * Optional Icon for the Workflow.
+     * Icon for the Workflow.
      */
     icon: Blob;
 };

src/client/workflow/models/WorkflowExecutionIn.ts

@@ -30,6 +30,6 @@ export type WorkflowExecutionIn = {
     /**
      * ID of the workflow mode this workflow execution runs in
      */
-    mode?: (string | null);
+    mode_id?: (string | null);
 };
 

src/client/workflow/models/WorkflowExecutionOut.ts

@@ -15,7 +15,7 @@ export type WorkflowExecutionOut = {
     /**
      * ID of the workflow mode this workflow execution runs in
      */
-    mode?: (string | null);
+    mode_id?: string;
     /**
      * ID of the workflow execution
      */
@@ -23,7 +23,7 @@ export type WorkflowExecutionOut = {
     /**
      * UID of user who started the workflow
      */
-    user_id: string;
+    executor_id: string;
     /**
      * Start time of the workflow execution as UNIX timestamp
      */
@@ -39,7 +39,7 @@ export type WorkflowExecutionOut = {
     /**
      * Id of the workflow
      */
-    workflow_id?: (string | null);
+    workflow_id?: string;
     /**
      * S3 Path where logs and reports are saved.
      */

src/client/workflow/models/WorkflowOut.ts

@@ -27,7 +27,7 @@ export type WorkflowOut = {
     /**
      * ID of developer of the workflow
      */
-    developer_id: string;
+    developer_id?: string;
     /**
      * Flag if the workflow is hosted in a private git repository
      */