Explicitly disable Git credential helper

[michaelkuhn]

If the user running Gitea has configured a credential helper, Git credentials might leak out of Gitea.

There are two problems with credential helpers when combined with Gitea:

1. Credentials entered by a user when doing a migration or setting up a mirror will end up in the credential store. In the worst case, this is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and mirrors by all users. For example, if user A sets up a mirror, their credentials will be stored. If user B later sets up a mirror from the same host and does not enter any credentials, user A's credentials will be used.

This PR prepends -c credential.helper= to all Git commands to clear the list of helpers. This requires at least Git version 2.9, as previous versions will try to load an empty helper instead. For more details, see git/git@2432137

(Related to #3966)

[codecov-io]

Codecov Report

Merging #5367 into master will decrease coverage by <.01%.
The diff coverage is 60%.

@@            Coverage Diff             @@
##           master    #5367      +/-   ##
==========================================
- Coverage   37.57%   37.57%   -0.01%     
==========================================
  Files         313      313              
  Lines       46617    46611       -6     
==========================================
- Hits        17515    17512       -3     
+ Misses      26607    26605       -2     
+ Partials     2495     2494       -1

Impacted Files	Coverage Δ
modules/setting/setting.go	48.42% <60%> (+0.36%)	⬆️
modules/process/manager.go	76.81% <0%> (-4.35%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 08bf443...6f15705. Read the comment docs.

[lafriks]

Tests seem to be failing after this changes

[michaelkuhn]

Tests seem to be failing after this changes

I am not sure why this is happening. With my initial PR, the tests ran fine but after rebasing, test-{sqlite,mysql,pgsql} keep failing randomly (sometimes they pass, sometimes they do not).

Moreover, the most recent failure in test-pgsql shows this:

[...ules/context/repo.go:364 func1()] [E] GetTags: exit status 129 - error: unknown option `sort=-v:refname'
usage: git show-ref [-q | --quiet] [--verify] [--head] [-d | --dereference] [-s | --hash[=<n>]] [--abbrev[=<n>]] [--tags] [--heads] [--] [<pattern>...]

but --sort=-v:refname is an option to be passed to tag -l, not to show-ref (see git/repo_tag.go:GetTags and git/repo_tag.go:GetTag).

[michaelkuhn]

Sorry for the force-push spam, I had to play around a bit since I cannot reproduce the problem locally. I still have not been able to fix it, so any help is welcome.

[lunny]

CI failed.

[michaelkuhn]

Seems I finally managed to fix the problem: It is a bug in the git module, which I have reported here: go-gitea/git#135

[techknowlogick]

@michaelkuhn thank you for taking the time to trace this problem. It is much appreciated 😄

[michaelkuhn]

Now that go-gitea/git#135 has been merged (thanks!), I have rebased the PR to current master and included a commit to update the git module.

[lafriks]

Great, thanks :)