dist-git proof of concept phase 2 ready for testing
Hans Ulrich Niedermann
hun at n-dimensional.de
Sun Dec 20 09:28:16 UTC 2009
On Sat, 19 Dec 2009 10:56:57 -0800
Jesse Keating <jkeating at redhat.com> wrote:
> We definitely want to allow topic branches pushed to the main repo. I
> think we'll have to agree on a namespace to use for these, perhaps
> following the dist-cvs example and call them private-*
private/* would have the advantage of allowing easier branch name
wildcards in git ("git push origin 'private/*'").
OTOH, branch or tag names with slashes in them have the potential
to confuse tools and people.
> The way the ACL system works is that it matches on the refs you're
> pushing up, so for packages that have per-branch ACLs only the refs
> that match the branch have ACLs on them, and the assumption is that
> without an ACL you have no rights to it. That's likely why your push
> failed, but I'd like to see the message to confirm. It shouldn't be
> too hard to tweak the ACL creation script to add W access to anybody
> who has W access already to the private-* namespace.
Currently, it appears that I can push arbitrarily named branches, at
least if the package does not have per branch ACLs:
$ git push origin moo private/moo private-moo
Counting objects: 11, done.
Delta compression using 2 threads.
Compressing objects: 100% (9/9), done.
Writing objects: 100% (9/9), 759 bytes, done.
Total 9 (delta 8), reused 0 (delta 0)
To ssh://ndim@pkgs.stg.fedoraproject.org/cstream
* [new branch] moo -> moo
* [new branch] private/moo -> private/moo
* [new branch] private-moo -> private-moo
$
And the same happens with (non-signed, non-annotated) tags:
$ git push origin meh private/meh private-meh
Total 0 (delta 0), reused 0 (delta 0)
To ssh://ndim@pkgs.stg.fedoraproject.org/cstream
* [new tag] meh -> meh
* [new tag] private/meh -> private/meh
* [new tag] private-meh -> private-meh
$
I guess even without per branch ACLs, the ACL system should take a look
at what I am actually pushing and verify its tag/branch names match some
kind of wildcard whitelist. For tags, it might also check their type
(annotated, signed).
--
Hans Ulrich Niedermann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091220/c13409a5/attachment.sig>
More information about the fedora-devel-list
mailing list