+1
-re
On 10/11/2018 02:22 PM, Patrick マルタインアンドレアス Uiterwijk wrote:
> Hi,
>
> This is the next step of preparing pagure.io for repoSpanner: switch the entry command to aclchecker, which is a small script that calls either repoBridge for repos on repoSpanner (none at this moment) or gitolite for all others.
> This adds some configuration for repobridge, but that won't be used yet.
> This can be reverted by switching the SSH config back to no longer calling keyhelper.
>
> Patrick
>
>
> commit 6d313b60b05b022c1ae04dc81f9956cff33fb5b5 (HEAD -> master)
> Author: Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
> Date: Thu Oct 11 20:19:11 2018 +0200
>
> Switch Pagure.io over to aclchecker
>
> This will make it possible to migrate repositories to repoSpanner.
>
> Signed-off-by: Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
>
> diff --git a/roles/pagure/frontend/templates/pagure.cfg b/roles/pagure/frontend/templates/pagure.cfg
> index 4fddd17e7..54e28930b 100644
> --- a/roles/pagure/frontend/templates/pagure.cfg
> +++ b/roles/pagure/frontend/templates/pagure.cfg
> @@ -313,4 +313,21 @@ THEME = 'pagureio'
> MIRROR_SSHKEYS_FOLDER='/srv/mirror/ssh'
>
> SSH_KEYS_USERNAME_EXPECT = "git"
> -SSH_KEYS_OPTIONS = 'command="/usr/share/gitolite3/gitolite-shell %(username)s",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty'
> +SSH_KEYS_OPTIONS = 'restrict,command="/usr/libexec/pagure/aclchecker.py %(username)s"'
> +
> +SSH_COMMAND_REPOSPANNER = ([
> + "/usr/libexec/repobridge",
> + "--extra", "username", "%(username)s",
> + "--extra", "repotype", "%(repotype)s",
> + "--extra", "project_name", "%(project_name)s",
> + "--extra", "project_user", "%(project_user)s",
> + "--extra", "project_namespace", "%(project_namespace)s",
> + "%(cmd)s",
> + "'pagure/%(repotype)s/%(reponame)s'",
> +], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"})
> +SSH_COMMAND_NON_REPOSPANNER = ([
> + "/usr/share/gitolite3/gitolite-shell",
> + "%(username)s",
> + "%(cmd)s",
> + "%(reponame)s",
> +], {})
> _______________________________________________
> infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
