powerel7
/
web
2
0
Fork 0
Code Issues Pull Requests Releases Activity

gitolite3 version update 

Signed-off-by: webbuilder_pel7ppc64lebuilder0 <webbuilder@powerel.org>
master
webbuilder_pel7ppc64lebuilder0 2021-02-08 23:17:32 +01:00
parent 71638fc122
commit cfe6e862c2
3 changed files with 469 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
SOURCES/compile-1 Normal file
View File

@ -0,0 +1,139 @@
#!/usr/bin/perl -s
use strict;
use warnings;

# DESCRIPTION:

# This program is meant to re-compile the access rules (and 'config' or
# 'option' lines) of exactly ONE actual repo (i.e., not a repo group or a
# repo pattern).

# MOTIVATION:

# Fedora has a huge number of repos, as well as lot of churn in permissions.
# The combination of having a large conf *and* frequent compiles were not
# working out, hence this solution. Not sure if any others have such a
# situation, so it's a standalone program, separate from "core" gitolite,
# shipped in "contrib" instead of "src".

# SETUP:

# It expects to run as a gitolite sub-command, which means you will need to
# copy it from contrib to src/commands, or the equivalent location inside
# LOCAL_CODE; see non-core.html in the docs for details.

# INVOCATION:

# It takes one argument: the name of a file that contains the new ruleset
# you want to use. (This cannot be STDIN or "-" or something).

# example:
#
# gitolite compile-1 <file-containing-rules-for-exactly-one-repo>

# WARNING:

# If the main gitolite.conf changes significantly (specifically, if the
# number of effective rules in it increase quite a bit), you may have to run
# this command on ALL repos to update their individual gl-conf files.
#
# (TBD: explain this in more concrete terms)

# ----------------------------------------------------------------------
# THERE IS NO ERROR CHECKING ON THE WARNING ABOVE, NOR ON THE ASSUMPTIONS AND
# REQUIREMENTS BELOW. PLEASE USE CAREFULLY!
# ----------------------------------------------------------------------

# ASSUMPTIONS/REQUIREMENTS:

# The file given must contain exactly one 'repo' line, with exactly one repo
# name, followed by the rules, configs, and options for that repo in the
# normal gitolite.conf syntax.

# The file must not have any group definitions, though it may use group
# definitions already setup in the main gitolite.conf file.

# Rules for this repo need not be already defined in the main gitolite.conf.
# If they are, they will cease to have any effect once you run this command
# - only the rules you supply in the file passed to this command will apply,
# and they will be considered to be placed at the end of gitolite.conf.

# If the repo does not exist, it must be first created using:
#
# GL_USER=admin gitolite create <reponame>
#
# where <reponame> is the gitolite-style name (i.e., "foo", not "foo.git" or
# "~/repositories/foo" or "~/repositories/foo.git")
#
# This, of course, requires the main gitolite.conf to have the following
# lines at the top:
#
# repo [A-Za-z].*
# C = admin

# Any change to the main gitolite.conf is followed by a full 'gitolite
# compile'; i.e., ~/.gitolite/conf/gitolite.conf-compiled.pm, the main
# "compiled" conf file, is consistent with the latest gitolite.conf.

use 5.10.0;
use Data::Dumper;

use lib $ENV{GL_LIBDIR};
use Gitolite::Rc;
use Gitolite::Common;
use Gitolite::Conf;
use Gitolite::Conf::Store;
use Gitolite::Conf::Sugar;

my ($cf, $repo) = args(); # conffile from @ARGV, repo from first line of conffile
my $startseq = getseq(); # get the starting sequence number by looking in the (common) compiled conf file
parse_and_store($cf, $repo); # parse the ruleset and write out just the gl-conf file
# (this is the only part that uses core gitolite functions)
update_seq($repo, $startseq); # update gl-conf with adjusted sequence numbers

exit 0;

# ----------------------------------------------------------------------

sub args {
my $cf = shift @ARGV or _die "need conffile";
$cf = $ENV{PWD} . "/" . $cf unless $cf =~ m(^/);

my $t = slurp($cf);
_die "bad conf file" unless $t =~ /^\s*repo\s+(\S+)\s*$/m;
my $repo = $1;

return ($cf, $repo);
}

sub getseq {
my @main_cc = slurp "$rc{GL_ADMIN_BASE}/conf/gitolite.conf-compiled.pm";
my $max = 0;
for (@main_cc) {
$max = $1 if m/^ +(\d+),$/ and $max < $1;
}

return $max;
}

sub parse_and_store {
my ($cf, $repo) = @_;

parse(sugar($cf));
_chdir( $rc{GL_REPO_BASE} );
Gitolite::Conf::Store::store_1($repo);
}

sub update_seq {
my ($repo, $startseq) = @_;

_chdir("$rc{GL_REPO_BASE}/$repo.git");
my $text = slurp("gl-conf");

$startseq+=1000;
# just for safety, in case someone adds a few rules to the main conf later, but neglects to update repo confs

$text =~ s/^( +)(\d+),$/"$1" . ($2+$startseq) . ","/gme;

_print("gl-conf", $text);
}

69
SOURCES/gitolite3-README-fedora Normal file
View File

@ -0,0 +1,69 @@
Setting up
----------

Setting up gitolite after rpm-install can be done as follows.

On the server:

0) copy your admin user's ssh public key to /tmp/foo.pub
(change foo to your username)

1) run "su - gitolite3" to get a login shell on the gitolite user

2) run "cp /tmp/foo.pub ." (change foo to your username)

3) run "gitolite setup -pk ~/foo.pub"

4) all done, exit the gitolite3 user shelll (CTRL+D).

On whatever machine your key came from (maybe your
workstation or another account on the same server):

5) run "git clone gitolite3@<name.or.ip>:gitolite-admin" to
start adding users and repos.

To upgrade from a pre 3.0 release, read:

https://github.com/sitaramc/gitolite/blob/master/doc/g2incompat.mkd
https://github.com/sitaramc/gitolite/blob/master/doc/g2migr.mkd
https://github.com/sitaramc/gitolite/blob/master/doc/g2migr-example.mkd
https://github.com/sitaramc/gitolite/blob/master/doc/install.mkd

Your setup might be more complex than mine was and thus require more care
and customization, backup everything before you start!

The process I followed on my installation was as follows:

1. su - gitolite
2. git clone repositories/gitolite-admin.git
3. su to root
4. yum remove gitolite : this will preserve your old .ssh/authorized keys.
5. su - gitolite
6. mv .gitolite.rc .gitolite.rc-old
7. rm -rf repositories/gitolite-admin.git
8. Checked documentation to make sure I didn't need to preset the new .rc.
I didn't, I have a very simple configuration.
9. su to root
10. yum install gitolite3
11. su - gitolite3
12. gitolite setup -a admin
13. cd to your gitolite admin
14. gitolite push -f

At this point, everything worked as expected.

Quick Notes for admin operations
--------------------------------

To administer gitolite, make changes to the config file
(conf/gitolite.conf) and/or the pubkeys (in subdirectory
'keydir') in any gitolite-admin clone, then git add, git commit, and git
push.

ADDING REPOS: Do NOT add repos manually on the server. Edit
the config file to give *some* user access to the repo.
When you push, an empty repo will be created on the server.

ADDING USERS: copy their pubkey as keydir/<username>.pub,
add it, commit and push.

261
SPECS/gitolite3.spec Normal file
View File

@ -0,0 +1,261 @@
%global perl_vendorlib %(eval $(perl -V:vendorlib); echo $vendorlib)
%global gitolite_homedir /var/lib/%{name}
Name: gitolite3
Epoch: 1
Version: 3.6.12
Release: 1%{?dist}
Summary: Highly flexible server for git directory version tracker
License: GPLv2 and CC-BY-SA
URL: http://github.com/sitaramc/gitolite
Source0: https://github.com/sitaramc/gitolite/archive/v%{version}.tar.gz
Source1: gitolite3-README-fedora
# Upstream: https://github.com/sitaramc/gitolite/commit/c656af01b73a5cc4f80512
Source2: compile-1
BuildArch: noarch
Provides: perl(%{name}) = %{version}-%{release}
Requires: git
Requires: openssh-clients
Requires: perl(:MODULE_COMPAT_%(eval $(%{__perl} -V:version); echo $version))
Requires(pre): shadow-utils
Requires: subversion


%description
Gitolite allows a server to host many git repositories and provide access
to many developers, without having to give them real userids on the server.
The essential magic in doing this is ssh's pubkey access and the authorized
keys file, and the inspiration was an older program called gitosis.
Gitolite can restrict who can read from (clone/fetch) or write to (push) a
repository. It can also restrict who can push to what branch or tag, which
is very important in a corporate environment. Gitolite can be installed
without requiring root permissions, and with no additional software than git
itself and perl. It also has several other neat features described below and
elsewhere in the doc/ directory.


%prep
%setup -qn gitolite-%{version}
cp %{SOURCE1} .


%build
#This page intentionally left blank.


%install
rm -rf $RPM_BUILD_ROOT
# Directory structure
install -d $RPM_BUILD_ROOT%{gitolite_homedir}
install -d $RPM_BUILD_ROOT%{gitolite_homedir}/.ssh
install -d $RPM_BUILD_ROOT%{_bindir}
install -d $RPM_BUILD_ROOT%{perl_vendorlib}
install -d $RPM_BUILD_ROOT%{_datadir}/%{name}
# Code
cp -pr src/lib/Gitolite $RPM_BUILD_ROOT%{perl_vendorlib}
echo "%{version}-%{release}" >src/VERSION
cp -a src/* $RPM_BUILD_ROOT%{_datadir}/%{name}
cp %{SOURCE2} $RPM_BUILD_ROOT%{_datadir}/%{name}/commands/
ln -s %{_datadir}/%{name}/gitolite $RPM_BUILD_ROOT%{_bindir}/gitolite
# empty authorized_keys file
touch $RPM_BUILD_ROOT%{gitolite_homedir}/.ssh/authorized_keys


%pre
# Add "gitolite" user per https://fedoraproject.org/wiki/Packaging:UsersAndGroups
getent group %{name} >/dev/null || groupadd -r %{name}
getent passwd %{name} >/dev/null || \
useradd -r -g %{name} -d %{gitolite_homedir} -s /bin/sh \
-c "git repository hosting" %{name}
exit 0


%files
%{_bindir}/*
%{perl_vendorlib}/*
%{_datadir}/%{name}
# make homedir non world readable
%attr(750,%{name},%{name}) %dir %{gitolite_homedir}
%attr(750,%{name},%{name}) %dir %{gitolite_homedir}/.ssh
%config(noreplace) %attr(640,%{name},%{name}) %{gitolite_homedir}/.ssh/authorized_keys
%doc gitolite3-README-fedora COPYING README.markdown CHANGELOG


%changelog
* Tue Aug 04 2020 Gwyn Ciesla <gwync@protonmail.com> - 1:3.6.12-1
- 3.6.12

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.11-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Fri Jun 26 2020 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.11-7
- Perl 5.32 re-rebuild of bootstrapped packages

* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.11-6
- Perl 5.32 rebuild

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.11-3
- Perl 5.30 rebuild

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Tue Jan 08 2019 Gwyn Ciesla <limburgher@gmail.com> - 1:3.6.11-1
- 3.6.11.

* Thu Oct 04 2018 Gwyn Ciesla <limburgher@gmail.com> - 1:3.6.10-1
- 3.6.10.

* Tue Sep 11 2018 Gwyn Ciesla <limburgher@gmail.com> - 1:3.6.9-1
- Latest upstream.

* Tue Jul 17 2018 Gwyn Ciesla <limburgher@gmail.com> - 1:3.6.8-1
- Latest upstream.

* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.7-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.7-6
- Perl 5.28 rebuild

* Tue Apr 24 2018 Pierre-Yves Chibon <pingou@pingoured.fr> - 1:3.6.7-5
- Back upstream patch making gitolite respect the ALLOW_ORPHAN_GL_CONF
configuration variabe
- Include the compile-1 command upstream brought in Fedora in:
https://github.com/sitaramc/gitolite/commit/afb8afa14a892895dc48664c6526351cb

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Wed Aug 23 2017 Pierre-Yves Chibon <pingou@pingoured.fr> - 1:3.6.7-3
- Backport upstream patch for dist-git
Upstream: https://github.com/sitaramc/gitolite/commit/41b7885b77cfe992ad3c96d0b021ece51ce1b3e3

* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Mon Jul 03 2017 Gwyn Ciesla <limburgher@gmail.com> - 1:3.6.7-1
- Latest upstream.

* Sun Jun 04 2017 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.6-3
- Perl 5.26 rebuild

* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Fri Sep 09 2016 Jon Ciesla <limburgher@gmail.com> - 1:3.6.6-1
- Latest upstream.

* Sun May 15 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.5-3
- Perl 5.24 rebuild

* Mon Feb 22 2016 Jon Ciesla <limburgher@gmail.com> - 1:3.6.5-1
- Latest upstream.

* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1:3.6.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Tue Nov 03 2015 Jon Ciesla <limburgher@gmail.com> - 1:3.6.4-1
- Latest upstream.

* Thu Oct 8 2015 François Cami <fcami@fedoraproject.org> - 1:3.6.3-4
- Fix instructions in README.fedora:
- gitolite user => gitolite3 user
- switch setup from -a to -pk (ssh keys)

* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:3.6.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Wed Jun 03 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.3-2
- Perl 5.22 rebuild

* Sun Apr 26 2015 Jon Ciesla <limburgher@gmail.com> - 1:3.6.3-1
- Latest upstream.

* Mon Nov 10 2014 Jon Ciesla <limburgher@gmail.com> - 1:3.6.2-1
- Latest upstream.

* Tue Aug 26 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1:3.6.1-2
- Perl 5.20 rebuild

* Mon Jun 23 2014 Jon Ciesla <limburgher@gmail.com> - 1:3.6.1-1
- Latest upstream.

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:3.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Mon May 12 2014 Jon Ciesla <limburgher@gmail.com> - 1:3.6-1
- Latest upstream.

* Wed Oct 23 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.5.3.1-1
- Latest upstream.

* Wed Oct 16 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.5.3-1
- Latest upstream.

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:3.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 1:3.5.2-2
- Perl 5.18 rebuild

* Wed Jul 10 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.5.2-1
- Latest upstream.

* Thu Mar 28 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.5.1-1
- Latest upstream.

* Mon Mar 25 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.5-1
- Latest upstream.

* Tue Mar 05 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.4-1
- Latest upstream.

* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Thu Jan 03 2013 Jon Ciesla <limburgher@gmail.com> - 1:3.3-1
- Latest upstream.

* Mon Nov 19 2012 Jon Ciesla <limburgher@gmail.com> - 1:3.2-1
- Latest upstream.

* Wed Oct 10 2012 Jon Ciesla <limburgher@gmail.com> - 1:3.1-1
- 3.1, rewuiring Epoch bump.

* Tue Oct 09 2012 Jon Ciesla <limburgher@gmail.com> - 3.04-4
- Patch for directory traversal bug.

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.04-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Thu Jun 28 2012 Petr Pisar <ppisar@redhat.com> - 3.04-2
- Perl 5.16 rebuild

* Wed Jun 27 2012 Jon Ciesla <limburgher@gmail.com> - 3.04-1
- Latest upstream, docs now includable.

* Thu Jun 07 2012 Petr Pisar <ppisar@redhat.com> - 3.03-3
- Perl 5.16 rebuild

* Thu Jun 07 2012 Petr Pisar <ppisar@redhat.com> - 3.03-2
- Perl 5.16 rebuild

* Wed May 23 2012 Jon Ciesla <limburgher@gmail.com> - 3.03-1
- Latest upstream.

* Mon May 21 2012 Jon Ciesla <limburgher@gmail.com> - 3.02-1
- Latest upstream.

* Tue May 15 2012 Jon Ciesla <limburgher@gmail.com> - 3.01-2
- Added license file, fixed duplicate files, dropped defattr.
- Dropped clean and buildroot.
- Added script to generate tarball in comments.

* Thu May 03 2012 Jon Ciesla <limburgher@gmail.com> - 3.01-1
- Initial packaging based on gitolite 2.3-2.