Re: FBR: Switch Pagure over to aclchecker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+1

-re

On 10/11/2018 02:22 PM, Patrick マルタインアンドレアス Uiterwijk wrote:
> Hi,
>
> This is the next step of preparing pagure.io for repoSpanner: switch the entry command to aclchecker, which is a small script that calls either repoBridge for repos on repoSpanner (none at this moment) or gitolite for all others.
> This adds some configuration for repobridge, but that won't be used yet.
> This can be reverted by switching the SSH config back to no longer calling keyhelper.
>
> Patrick
>
>
> commit 6d313b60b05b022c1ae04dc81f9956cff33fb5b5 (HEAD -> master)
> Author: Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
> Date:   Thu Oct 11 20:19:11 2018 +0200
>
>     Switch Pagure.io over to aclchecker
>     
>     This will make it possible to migrate repositories to repoSpanner.
>     
>     Signed-off-by: Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
>
> diff --git a/roles/pagure/frontend/templates/pagure.cfg b/roles/pagure/frontend/templates/pagure.cfg
> index 4fddd17e7..54e28930b 100644
> --- a/roles/pagure/frontend/templates/pagure.cfg
> +++ b/roles/pagure/frontend/templates/pagure.cfg
> @@ -313,4 +313,21 @@ THEME = 'pagureio'
>  MIRROR_SSHKEYS_FOLDER='/srv/mirror/ssh'
>  
>  SSH_KEYS_USERNAME_EXPECT = "git"
> -SSH_KEYS_OPTIONS = 'command="/usr/share/gitolite3/gitolite-shell %(username)s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty'
> +SSH_KEYS_OPTIONS = 'restrict,command="/usr/libexec/pagure/aclchecker.py %(username)s"'
> +
> +SSH_COMMAND_REPOSPANNER = ([
> +    "/usr/libexec/repobridge",
> +    "--extra", "username", "%(username)s",
> +    "--extra", "repotype", "%(repotype)s",
> +    "--extra", "project_name", "%(project_name)s",
> +    "--extra", "project_user", "%(project_user)s",
> +    "--extra", "project_namespace", "%(project_namespace)s",
> +    "%(cmd)s",
> +    "'pagure/%(repotype)s/%(reponame)s'",
> +], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"})
> +SSH_COMMAND_NON_REPOSPANNER = ([
> +    "/usr/share/gitolite3/gitolite-shell",
> +    "%(username)s",
> +    "%(cmd)s",
> +    "%(reponame)s",
> +], {})
> _______________________________________________
> infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux