From 8b58776e9c2ad8ee5f7fd553a4650ca921e69579 Mon Sep 17 00:00:00 2001 From: sefidel Date: Sun, 5 Feb 2023 13:10:48 +0900 Subject: feat(colmena/services): add 'rename' & enable symbolic-ref + move raw scripts to separate directory --- colmena/cobalt/services/gitolite-noncore/fix-refs | 9 ++++ colmena/cobalt/services/gitolite-noncore/rename | 60 +++++++++++++++++++++++ colmena/cobalt/services/gitolite.nix | 11 ++++- 3 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 colmena/cobalt/services/gitolite-noncore/fix-refs create mode 100644 colmena/cobalt/services/gitolite-noncore/rename (limited to 'colmena/cobalt/services') diff --git a/colmena/cobalt/services/gitolite-noncore/fix-refs b/colmena/cobalt/services/gitolite-noncore/fix-refs new file mode 100644 index 0000000..8ffec9e --- /dev/null +++ b/colmena/cobalt/services/gitolite-noncore/fix-refs @@ -0,0 +1,9 @@ +[[ $4 == W ]] || exit 0 + +cd $GL_REPO_BASE/$2.git + +head=`git symbolic-ref HEAD` +[[ -f $head ]] || { + set -- refs/heads/* + git symbolic-ref HEAD $1 +} diff --git a/colmena/cobalt/services/gitolite-noncore/rename b/colmena/cobalt/services/gitolite-noncore/rename new file mode 100644 index 0000000..091de82 --- /dev/null +++ b/colmena/cobalt/services/gitolite-noncore/rename @@ -0,0 +1,60 @@ + +# Usage: ssh git@host rename [-c] +# +# Renames repo1 to repo2. You must be the creator of repo1, and have +# create ("C") permissions for repo2, which of course must not exist. +# Alternatively you must be an account admin, that is, you must have +# write access to the gitolite-admin repository. If you have "C" +# permissions for repo2 then you can use the -c option to take over +# as creator of the repository. + +die() { echo "$@" >&2; exit 1; } +usage() { perl -lne 'print substr($_, 2) if /^# Usage/../^$/' < $0; exit 1; } +[ -z "$1" ] && usage +[ "$1" = "-h" ] && usage +[ -z "$GL_USER" ] && die GL_USER not set + +# ---------------------------------------------------------------------- + +if [ "$1" = "-c" ] +then shift + takeover=true +else takeover=false +fi + +from="$1"; shift +to="$1"; shift +[ -z "$to" ] && usage + +topath=$GL_REPO_BASE/$to.git + +checkto() { + gitolite access -q "$to" $GL_USER ^C any || + die "'$to' already exists or you are not allowed to create it" +} + +if gitolite access -q gitolite-admin $GL_USER +then + # the user is an admin so we can avoid most permission checks + if $takeover + then checkto + elif [ -e $topath ] + then die "'$to' already exists" + fi +else + # the user isn't an admin, so do all the checks + checkto + gitolite creator "$from" $GL_USER || + die "'$from' does not exist or you are not allowed to delete it" +fi + +# ---------------------------------------------------------------------- + +mv $GL_REPO_BASE/$from.git $topath +[ $? -ne 0 ] && exit 1 + +$takeover && echo $GL_USER > $topath/gl-creator + +echo "$from renamed to $to" >&2 + +exit diff --git a/colmena/cobalt/services/gitolite.nix b/colmena/cobalt/services/gitolite.nix index af4c88a..94c7ac9 100644 --- a/colmena/cobalt/services/gitolite.nix +++ b/colmena/cobalt/services/gitolite.nix @@ -30,6 +30,8 @@ in # $RC{LOCAL_CODE} = '$ENV{HOME}/local'; $RC{LOCAL_CODE} = '/var/lib/gitolite/local'; push(@{$RC{ENABLE}}, 'D'); + push(@{$RC{ENABLE}}, 'symbolic-ref'); + push(@{$RC{ENABLE}}, 'rename'); push(@{$RC{POST_GIT}}, 'fix-refs'); # push(@{$RC{ENABLE}}, 'set-default-roles'); # push(@{$RC{ENABLE}}, 'create'); @@ -42,8 +44,15 @@ in "/var/lib/gitolite" ]; + system.activationScripts.gitolite-create-local = '' + mkdir -p /var/lib/gitolite/local/triggers + mkdir -p /var/lib/gitolite/local/commands + chown -R git:git /var/lib/gitolite/local + ''; + systemd.tmpfiles.rules = [ - "C /var/lib/gitolite/local/triggers/fix-refs 755 git git - ${fixRefsTrigger}" + "C /var/lib/gitolite/local/triggers/fix-refs 755 - - - ${./gitolite-noncore/fix-refs}" + "C /var/lib/gitolite/local/commands/rename 755 - - - ${./gitolite-noncore/rename}" ]; -- cgit 1.4.1