feat: add Forgejo module (#3556)

* feat: add Forgejo module

Add a new testcontainers module for Forgejo, a self-hosted Git forge.

The module provides:
- Container startup with SQLite and INSTALL_LOCK pre-configured
- Automatic admin user creation via PostReadies lifecycle hook
- ConnectionString() and SSHConnectionString() helper methods
- WithAdminCredentials() option for custom admin setup
- WithConfig() option for arbitrary Forgejo configuration via
  FORGEJO__section__key environment variables
- Health check via /api/healthz endpoint

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address review feedback on Forgejo module

- Extract extractAdminCredentials helper to deduplicate env parsing
- Use closure variables in PostReadies hook to avoid redundant Inspect call
- Add nil-map guards in WithAdminCredentials and WithConfig
- Use http.NewRequestWithContext instead of http.Get in tests
- Assert SSH connection string format in TestForgejoSSHEndpoint
- Add language specifier to markdown code block (MD040)

* fix: add input validation to WithAdminCredentials and WithConfig

- Validate that username, password, and email are non-empty in
  WithAdminCredentials to fail fast before container startup
- Validate that section and key don't contain "__" in WithConfig to
  prevent ambiguous env var names that break Forgejo's config parsing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: make Forgejo container credential fields private

Make AdminUsername and AdminPassword private with getter methods,
matching the convention used by other modules (postgres, mysql, mssql).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: validate non-empty section and key in WithConfig

Reject empty section or key before constructing the env var name,
preventing malformed keys like FORGEJO____key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: use defaultHTTPPort constant in wait strategy

Replace hardcoded "3000" with defaultHTTPPort to stay consistent
with the exposed ports declaration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: bump Go version

* fix: lint

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: mdelapenya <mdelapenya@gmail.com>

Author: 3 people

.github/dependabot.yml

@@ -35,6 +35,7 @@ updates:
         - /modules/dynamodb
         - /modules/elasticsearch
         - /modules/etcd
+        - /modules/forgejo
         - /modules/gcloud
         - /modules/grafana-lgtm
         - /modules/inbucket

.vscode/.testcontainers-go.code-workspace

@@ -89,6 +89,10 @@
             "name": "module / etcd",
             "path": "../modules/etcd"
         },
+        {
+            "name": "module / forgejo",
+            "path": "../modules/forgejo"
+        },
         {
             "name": "module / gcloud",
             "path": "../modules/gcloud"

docs/modules/forgejo.md

@@ -0,0 +1,76 @@
+# Forgejo
+
+Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+## Introduction
+
+The Testcontainers module for [Forgejo](https://forgejo.org/), a self-hosted Git forge. Forgejo is a community-driven fork of Gitea, providing a lightweight code hosting solution.
+
+## Adding this module to your project dependencies
+
+Please run the following command to add the Forgejo module to your Go dependencies:
+
+```sh
+go get github.com/testcontainers/testcontainers-go/modules/forgejo
+```
+
+## Usage example
+
+<!--codeinclude-->
+[Creating a Forgejo container](../../modules/forgejo/examples_test.go) inside_block:runForgejoContainer
+<!--/codeinclude-->
+
+## Module Reference
+
+### Run function
+
+- Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+The Forgejo module exposes one entrypoint function to create the Forgejo container, and this function receives three parameters:
+
+```golang
+func Run(ctx context.Context, img string, opts ...testcontainers.ContainerCustomizer) (*Container, error)
+```
+
+- `context.Context`, the Go context.
+- `string`, the Docker image to use.
+- `testcontainers.ContainerCustomizer`, a variadic argument for passing options.
+
+#### Image
+
+Use the second argument in the `Run` function to set a valid Docker image.
+In example: `Run(context.Background(), "codeberg.org/forgejo/forgejo:11")`.
+
+### Container Options
+
+When starting the Forgejo container, you can pass options in a variadic way to configure it.
+
+#### Admin Credentials
+
+- Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+Use `WithAdminCredentials(username, password, email)` to set the admin user credentials. An admin user is automatically created when the container starts. Default credentials are `forgejo-admin` / `forgejo-admin`.
+
+#### Configuration via Environment
+
+- Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+Use `WithConfig(section, key, value)` to set Forgejo configuration values using the `FORGEJO__section__key` environment variable format. See the [Forgejo Configuration Cheat Sheet](https://forgejo.org/docs/latest/admin/config-cheat-sheet/) for available options.
+
+{% include "../features/common_functional_options_list.md" %}
+
+### Container Methods
+
+The Forgejo container exposes the following methods:
+
+#### ConnectionString
+
+- Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+The `ConnectionString` method returns the HTTP URL for the Forgejo instance (e.g. `http://localhost:12345`).
+
+#### SSHConnectionString
+
+- Not available until the next release <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+The `SSHConnectionString` method returns the SSH endpoint for Git operations.

mkdocs.yml

@@ -92,6 +92,7 @@ nav:
         - modules/dynamodb.md
         - modules/elasticsearch.md
         - modules/etcd.md
+        - modules/forgejo.md
         - modules/gcloud.md
         - modules/grafana-lgtm.md
         - modules/inbucket.md

modules/forgejo/Makefile

@@ -0,0 +1,5 @@
+include ../../commons-test.mk
+
+.PHONY: test
+test:
+	$(MAKE) test-forgejo

modules/forgejo/examples_test.go

@@ -0,0 +1,38 @@
+package forgejo_test
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"github.com/testcontainers/testcontainers-go"
+	"github.com/testcontainers/testcontainers-go/modules/forgejo"
+)
+
+func ExampleRun() {
+	// runForgejoContainer {
+	ctx := context.Background()
+
+	forgejoContainer, err := forgejo.Run(ctx, "codeberg.org/forgejo/forgejo:11")
+	defer func() {
+		if err := testcontainers.TerminateContainer(forgejoContainer); err != nil {
+			log.Printf("failed to terminate container: %s", err)
+		}
+	}()
+	if err != nil {
+		log.Printf("failed to start container: %s", err)
+		return
+	}
+	// }
+
+	state, err := forgejoContainer.State(ctx)
+	if err != nil {
+		log.Printf("failed to get container state: %s", err)
+		return
+	}
+
+	fmt.Println(state.Running)
+
+	// Output:
+	// true
+}

modules/forgejo/forgejo.go

@@ -0,0 +1,186 @@
+package forgejo
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+
+	"github.com/testcontainers/testcontainers-go"
+	"github.com/testcontainers/testcontainers-go/exec"
+	"github.com/testcontainers/testcontainers-go/wait"
+)
+
+const (
+	defaultHTTPPort = "3000/tcp"
+	defaultSSHPort  = "22/tcp"
+	defaultUser     = "forgejo-admin"
+	defaultPassword = "forgejo-admin"
+	defaultEmail    = "admin@forgejo.local"
+)
+
+// Container represents the Forgejo container type used in the module
+type Container struct {
+	testcontainers.Container
+	adminUsername string
+	adminPassword string
+}
+
+// AdminUsername returns the admin username for the Forgejo instance.
+func (c *Container) AdminUsername() string {
+	return c.adminUsername
+}
+
+// AdminPassword returns the admin password for the Forgejo instance.
+func (c *Container) AdminPassword() string {
+	return c.adminPassword
+}
+
+// extractAdminCredentials parses FORGEJO_ADMIN_* env vars from the container
+// environment, falling back to the default values for any that are not set.
+func extractAdminCredentials(env []string) (username, password, email string) {
+	username, password, email = defaultUser, defaultPassword, defaultEmail
+	for _, e := range env {
+		if v, ok := strings.CutPrefix(e, "FORGEJO_ADMIN_USERNAME="); ok {
+			username = v
+		}
+		if v, ok := strings.CutPrefix(e, "FORGEJO_ADMIN_PASSWORD="); ok {
+			password = v
+		}
+		if v, ok := strings.CutPrefix(e, "FORGEJO_ADMIN_EMAIL="); ok {
+			email = v
+		}
+	}
+	return
+}
+
+// Run creates an instance of the Forgejo container type
+func Run(ctx context.Context, img string, opts ...testcontainers.ContainerCustomizer) (*Container, error) {
+	// Closure variables populated by the PostReadies hook so we can avoid
+	// a second container.Inspect call after Run returns.
+	var adminUser, adminPass string
+
+	moduleOpts := make([]testcontainers.ContainerCustomizer, 0, 4+len(opts))
+	moduleOpts = append(moduleOpts,
+		testcontainers.WithExposedPorts(defaultHTTPPort, defaultSSHPort),
+		testcontainers.WithWaitStrategy(
+			wait.ForHTTP("/api/healthz").WithPort(defaultHTTPPort),
+		),
+		// Use SQLite for simplicity in tests (no external DB needed).
+		// INSTALL_LOCK skips the install wizard so the instance is ready to use.
+		testcontainers.WithEnv(map[string]string{
+			"FORGEJO__database__DB_TYPE":      "sqlite3",
+			"FORGEJO__security__INSTALL_LOCK": "true",
+			"FORGEJO_ADMIN_USERNAME":          defaultUser,
+			"FORGEJO_ADMIN_PASSWORD":          defaultPassword,
+			"FORGEJO_ADMIN_EMAIL":             defaultEmail,
+		}),
+	)
+
+	moduleOpts = append(moduleOpts, opts...)
+
+	// Add lifecycle hook to create admin user after container is ready.
+	// The hook reads credentials from container env vars so that user-provided
+	// options (which override the defaults above) are respected.
+	// The command runs as the "git" user because Forgejo refuses to run CLI
+	// commands as root.
+	adminHook := testcontainers.ContainerLifecycleHooks{
+		PostReadies: []testcontainers.ContainerHook{
+			func(ctx context.Context, container testcontainers.Container) error {
+				inspect, err := container.Inspect(ctx)
+				if err != nil {
+					return fmt.Errorf("inspect forgejo: %w", err)
+				}
+
+				username, password, email := extractAdminCredentials(inspect.Config.Env)
+
+				// Store credentials in closure for Run to use later.
+				adminUser = username
+				adminPass = password
+
+				code, output, err := container.Exec(ctx, []string{
+					"forgejo", "admin", "user", "create",
+					"--username", username,
+					"--password", password,
+					"--email", email,
+					"--admin",
+					"--must-change-password=false",
+				}, exec.WithUser("git"))
+				if err != nil {
+					return fmt.Errorf("create admin user: %w", err)
+				}
+				if code != 0 {
+					data, _ := io.ReadAll(output)
+					return fmt.Errorf("create admin user: exit code %d: %s", code, string(data))
+				}
+				return nil
+			},
+		},
+	}
+
+	moduleOpts = append(moduleOpts, testcontainers.WithAdditionalLifecycleHooks(adminHook))
+
+	ctr, err := testcontainers.Run(ctx, img, moduleOpts...)
+	var c *Container
+	if ctr != nil {
+		c = &Container{Container: ctr}
+	}
+
+	if err != nil {
+		return c, fmt.Errorf("run forgejo: %w", err)
+	}
+
+	// Credentials were populated by the PostReadies hook above.
+	c.adminUsername = adminUser
+	c.adminPassword = adminPass
+
+	return c, nil
+}
+
+// ConnectionString returns the HTTP URL for the Forgejo instance
+func (c *Container) ConnectionString(ctx context.Context) (string, error) {
+	return c.PortEndpoint(ctx, defaultHTTPPort, "http")
+}
+
+// SSHConnectionString returns the SSH endpoint for Git operations
+func (c *Container) SSHConnectionString(ctx context.Context) (string, error) {
+	return c.PortEndpoint(ctx, defaultSSHPort, "")
+}
+
+// WithAdminCredentials sets the admin username, password, and email for the Forgejo instance.
+// These credentials are used to create an admin user after the container is ready.
+func WithAdminCredentials(username, password, email string) testcontainers.CustomizeRequestOption {
+	return func(req *testcontainers.GenericContainerRequest) error {
+		if username == "" || password == "" || email == "" {
+			return errors.New("WithAdminCredentials: username, password, and email must not be empty")
+		}
+		if req.Env == nil {
+			req.Env = make(map[string]string)
+		}
+		req.Env["FORGEJO_ADMIN_USERNAME"] = username
+		req.Env["FORGEJO_ADMIN_PASSWORD"] = password
+		req.Env["FORGEJO_ADMIN_EMAIL"] = email
+		return nil
+	}
+}
+
+// WithConfig sets a Forgejo configuration value using the FORGEJO__section__key
+// environment variable format.
+// See https://forgejo.org/docs/latest/admin/config-cheat-sheet/ for available options.
+func WithConfig(section, key, value string) testcontainers.CustomizeRequestOption {
+	return func(req *testcontainers.GenericContainerRequest) error {
+		if section == "" || key == "" {
+			return fmt.Errorf("WithConfig: section and key must not be empty (got section=%q, key=%q)", section, key)
+		}
+		if strings.Contains(section, "__") || strings.Contains(key, "__") {
+			return fmt.Errorf("WithConfig: section and key must not contain \"__\" (got section=%q, key=%q)", section, key)
+		}
+		if req.Env == nil {
+			req.Env = make(map[string]string)
+		}
+		envKey := fmt.Sprintf("FORGEJO__%s__%s", section, key)
+		req.Env[envKey] = value
+		return nil
+	}
+}