diff options
author | Eric S. Raymond <esr@thyrsus.com> | 2011-10-01 20:55:21 -0400 |
---|---|---|
committer | Eric S. Raymond <esr@thyrsus.com> | 2011-10-01 20:55:21 -0400 |
commit | 28eaf064676361f2bae77f0925549f93f21d1e7e (patch) | |
tree | 2aa6d4f99b07024971abc586d146cda83a63a097 /repo | |
parent | 770c4e4629ee2c16421916239ac3a1be6a9ad176 (diff) | |
download | gpsd-28eaf064676361f2bae77f0925549f93f21d1e7e.tar.gz |
Banish still more Berlios URLs.
Diffstat (limited to 'repo')
-rw-r--r-- | repo/README | 17 | ||||
-rw-r--r-- | repo/config | 19 | ||||
-rwxr-xr-x | repo/hooks/acl.sh | 135 | ||||
-rwxr-xr-x | repo/hooks/ciabot.py | 239 | ||||
-rwxr-xr-x | repo/hooks/update | 150 | ||||
-rwxr-xr-x | repo/hooks/update-custom | 14 | ||||
-rwxr-xr-x | repo/upload | 12 |
7 files changed, 33 insertions, 553 deletions
diff --git a/repo/README b/repo/README index c7319d55..d75bc9dc 100644 --- a/repo/README +++ b/repo/README @@ -1,5 +1,5 @@ -The repo directory contains the git configuration files and hooks as -used at berlios. Here follows a short description of the files and +The repo directory contains git configuration files and hooks as +used at Berlios. Here follows a short description of the files and what they do: description: Description of the project as displayed by gitweb/cgit. @@ -7,10 +7,6 @@ description: Description of the project as displayed by gitweb/cgit. config: Repository configuration, including config details for the hooks. -hooks/acl.sh: see hooks/update - -hooks/ciabot.py: see hooks/update - hooks/post-receive: This script is run after receive-pack has accepted a pack and the repository has been updated. Currently passes stdin to post-receive-email.sh @@ -26,13 +22,8 @@ hooks/post-update: Runs after the update hook. Executes to update the auxiliary info file to help dumb servers (needed to clone via http) -hooks/update: This script does some sanity checks on the pushed commits - before accepting them, see the description on top of the - file for details. It also runs hooks/acl.sh, which is a - berlios specific script to set/update acls on the - repository - usually such a script should not be - necessary at all. In case all checks were passed, - hooks/ciabot.sh is called to show all commits in #gpsd. +hooks/update-custom: Append to the standard update hook script. Calls + ciabot.py, which you must also install. The executable script "upload" can be used to update the repo copies with files from this directory. Give it arguments to upload specified filenames, diff --git a/repo/config b/repo/config index 840ff61b..20a219cb 100644 --- a/repo/config +++ b/repo/config @@ -1,15 +1,13 @@ -[core] - repositoryformatversion = 0 - filemode = true - bare = true - logallrefupdates = true - sharedrepository = group +# Extra attributes to add to git config if the hosting site allows hacking it. +# When the project was hosted on Berlios, this was what it used. +# Replace MAILHOST with the mailing list host. + [gitweb] - owner = esr dbrashear remco nelsonrn garyemiller ckuethe wkazubski marr jfrancis mick_durkin bzed gdt mledford + owner = esr [hooks] - mailinglist = gpsd-commit-watch@lists.berlios.de - announcelist = gpsd-announce@lists.berlios.de - envelopesender = gpsd-dev@lists.berlios.de + mailinglist = gpsd-commit-watch@MAILHOST + announcelist = gpsd-announce@MAILHOST + envelopesender = gpsd-dev@MAILHOST emailprefix = "" allowunannotated = true allowdeletebranch = true @@ -19,5 +17,4 @@ showrev = "git show -C %s; echo" [ciabot] project = GPSD - # Berlios blocks outbound mail. xmlrpc = true diff --git a/repo/hooks/acl.sh b/repo/hooks/acl.sh deleted file mode 100755 index 859e5e2c..00000000 --- a/repo/hooks/acl.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/bash - -umask 002 - -# If you are having trouble with this access control hook script -# you can try setting this to true. It will tell you exactly -# why a user is being allowed/denied access. - -verbose=true - -# Default shell globbing messes things up downstream -GLOBIGNORE=* - -function grant { - $verbose && echo >&2 "-Grant- $1" - echo grant - exit 0 -} - -function deny { - $verbose && echo >&2 "-Deny- $1" - echo deny - exit 1 -} - -function info { - $verbose && echo >&2 "-Info- $1" -} - -# Implement generic branch and tag policies. -# - Tags should not be updated once created. -# - Branches should only be fast-forwarded unless their pattern starts with '+' -case "$1" in - refs/tags/*) - git rev-parse --verify -q "$1" && - deny >/dev/null "You can't overwrite an existing tag" - ;; - refs/heads/*) - # No rebasing or rewinding - if expr "$2" : '0*$' >/dev/null; then - info "The branch '$1' is new..." - else - # updating -- make sure it is a fast forward - mb=$(git-merge-base "$2" "$3") - case "$mb,$2" in - "$2,$mb") info "Update is fast-forward" ;; - *) noff=y; info "This is not a fast-forward update.";; - esac - fi - ;; - *) - deny >/dev/null \ - "Branch is not under refs/heads or refs/tags. What are you trying to do?" - ;; -esac - -# Implement per-branch controls based on username -allowed_users_file=$GIT_DIR/info/allowed-users -username=$(id -u -n) -info "The user is: '$username'" - -if test -f "$allowed_users_file" -then - rc=$(cat $allowed_users_file | grep -v '^#' | grep -v '^$' | - while read heads user_patterns - do - # does this rule apply to us? - head_pattern=${heads#+} - matchlen=$(expr "$1" : "${head_pattern#+}") - test "$matchlen" = ${#1} || continue - - # if non-ff, $heads must be with the '+' prefix - test -n "$noff" && - test "$head_pattern" = "$heads" && continue - - info "Found matching head pattern: '$head_pattern'" - for user_pattern in $user_patterns; do - info "Checking user: '$username' against pattern: '$user_pattern'" - matchlen=$(expr "$username" : "$user_pattern") - if test "$matchlen" = "${#username}" - then - grant "Allowing user: '$username' with pattern: '$user_pattern'" - fi - done - deny "The user is not in the access list for this branch" - done - ) - case "$rc" in - grant) grant >/dev/null "Granting access based on $allowed_users_file" ;; - deny) deny >/dev/null "Denying access based on $allowed_users_file" ;; - *) ;; - esac -fi - -allowed_groups_file=$GIT_DIR/info/allowed-groups -groups=$(id -G -n) -info "The user belongs to the following groups:" -info "'$groups'" - -if test -f "$allowed_groups_file" -then - rc=$(cat $allowed_groups_file | grep -v '^#' | grep -v '^$' | - while read heads group_patterns - do - # does this rule apply to us? - head_pattern=${heads#+} - matchlen=$(expr "$1" : "${head_pattern#+}") - test "$matchlen" = ${#1} || continue - - # if non-ff, $heads must be with the '+' prefix - test -n "$noff" && - test "$head_pattern" = "$heads" && continue - - info "Found matching head pattern: '$head_pattern'" - for group_pattern in $group_patterns; do - for groupname in $groups; do - info "Checking group: '$groupname' against pattern: '$group_pattern'" - matchlen=$(expr "$groupname" : "$group_pattern") - if test "$matchlen" = "${#groupname}" - then - grant "Allowing group: '$groupname' with pattern: '$group_pattern'" - fi - done - done - deny "None of the user's groups are in the access list for this branch" - done - ) - case "$rc" in - grant) grant >/dev/null "Granting access based on $allowed_groups_file" ;; - deny) deny >/dev/null "Denying access based on $allowed_groups_file" ;; - *) ;; - esac -fi - -deny >/dev/null "There are no more rules to check. Denying access" diff --git a/repo/hooks/ciabot.py b/repo/hooks/ciabot.py deleted file mode 100755 index 8ac06fb1..00000000 --- a/repo/hooks/ciabot.py +++ /dev/null @@ -1,239 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2010 Eric S. Raymond <esr@thyrsus.com> -# Distributed under BSD terms. -# -# This script contains porcelain and porcelain byproducts. -# It's Python because the Python standard libraries avoid portability/security -# issues raised by callouts in the ancestral Perl and sh scripts. It should -# be compatible back to Python 2.1.5 -# -# usage: ciabot.py [-V] [-n] [-p projectname] [refname [commits...]] -# -# This script is meant to be run either in a post-commit hook or in an -# update hook. If there's nothing unusual about your hosting setup, -# you can specify the project name and repo with config variables and -# avoid having to modify this script. Try it with -n to see the -# notification mail dumped to stdout and verify that it looks -# sane. With -V it dumps its version and exits. -# -# In post-commit, run it without arguments. It will query for -# current HEAD and the latest commit ID to get the information it -# needs. -# -# In update, call it with a refname followed by a list of commits: -# You want to reverse the order git rev-list emits becxause it lists -# from most recent to oldest. -# -# /path/to/ciabot.py ${refname} $(git rev-list ${oldhead}..${newhead} | tac) -# -# Configuration variables affecting this script: -# ciabot.project = name of the project (required) -# ciabot.repo = name of the project repo for gitweb/cgit purposes -# ciabot.xmlrpc = if true, ship notifications via XML-RPC -# ciabot.revformat = format in which the revision is shown -# -# The ciabot.repo value defaults to ciabot.project lowercased. -# -# The revformat variable may have the following values -# raw -> full hex ID of commit -# short -> first 12 chars of hex ID -# describe = -> describe relative to last tag, falling back to short -# The default is 'describe'. -# -# Note: the shell ancestors of this script used mail, not XML-RPC, in -# order to avoid stalling until timeout when the CIA XML-RPC server is -# down. It is unknown whether this is still an issue in 2010, but we -# default to mail just in case. (Using XML-RPC guarantees that multiple -# notifications shipped from a commit hook will arrive in order.) -# - -import os, sys, commands, socket, urllib -from xml.sax.saxutils import escape - -# Changeset URL prefix for your repo: when the commit ID is appended -# to this, it should point at a CGI that will display the commit -# through gitweb or something similar. The defaults will probably -# work if you have a typical gitweb/cgit setup. -# -#urlprefix="http://%(host)s/cgi-bin/gitweb.cgi?p=%(repo)s;a=commit;h=" -urlprefix="http://%(host)s/cgi-bin/cgit.cgi/%(repo)s/commit/?id=" - -# The service used to turn your gitwebbish URL into a tinyurl so it -# will take up less space on the IRC notification line. -tinyifier = "http://tinyurl.com/api-create.php?url=" - -# The template used to generate the XML messages to CIA. You can make -# visible changes to the IRC-bot notification lines by hacking this. -# The default will produce a notfication line that looks like this: -# -# ${project}: ${author} ${repo}:${branch} * ${rev} ${files}: ${logmsg} ${url} -# -# By omitting $files you can collapse the files part to a single slash. -xml = '''\ -<message> - <generator> - <name>CIA Python client for Git</name> - <version>%(version)s</version> - <url>%(generator)s</url> - </generator> - <source> - <project>%(project)s</project> - <branch>%(repo)s:%(branch)s</branch> - </source> - <timestamp>%(ts)s</timestamp> - <body> - <commit> - <author>%(author)s</author> - <revision>%(rev)s</revision> - <files> - %(files)s - </files> - <log>%(logmsg)s %(url)s</log> - <url>%(url)s</url> - </commit> - </body> -</message> -''' - -# -# No user-serviceable parts below this line: -# - -# Where to ship e-mail notifications. -toaddr = "cia@cia.navi.cx" - -# Identify the generator script. -# Should only change when the script itself gets a new home and maintainer. -generator = "http://www.catb.org/~esr/ciabot.py" -version = "3.5" - -def do(command): - return commands.getstatusoutput(command)[1] - -def report(refname, merged, xmlrpc=False): - "Generate a commit notification to be reported to CIA" - - # Try to tinyfy a reference to a web view for this commit. - try: - url = open(urllib.urlretrieve(tinyifier + urlprefix + merged)[0]).read() - except: - url = urlprefix + merged - - branch = os.path.basename(refname) - - # Compute a description for the revision - if revformat == 'raw': - rev = merged - elif revformat == 'short': - rev = '' - else: # rev == 'describe' - rev = do("git describe %s 2>/dev/null" % merged) - if not rev: - rev = merged[:12] - - # Extract the meta-information for the commit - files=do("git diff-tree -r --name-only '"+ merged +"' | sed -e '1d' -e 's-.*-<file>&</file>-'") - metainfo = do("git log -1 '--pretty=format:%an <%ae>%n%at%n%s' " + merged) - (author, ts, logmsg) = metainfo.split("\n") - logmsg = escape(logmsg) - author = escape(author) - - # This discards the part of the author's address after @. - # Might be be nice to ship the full email address, if not - # for spammers' address harvesters - getting this wrong - # would make the freenode #commits channel into harvester heaven. - author = author.replace("<", "").split("@")[0].split()[-1] - - # This ignores the timezone. Not clear what to do with it... - ts = ts.strip().split()[0] - - context = locals() - context.update(globals()) - - out = xml % context - mail = '''\ -Message-ID: <%(merged)s.%(author)s@%(project)s> -From: %(fromaddr)s -To: %(toaddr)s -Content-type: text/xml -Subject: DeliverXML - -%(out)s''' % locals() - - if xmlrpc: - return out - else: - return mail - -if __name__ == "__main__": - import getopt - - # Get all config variables - revformat = do("git config --get ciabot.revformat") - project = do("git config --get ciabot.project") - repo = do("git config --get ciabot.repo") - xmlrpc = do("git config --get xmlrpc") - xmlrpc = xmlrpc and xmlrpc != "false" - - host = socket.getfqdn() - fromaddr = "CIABOT-NOREPLY@" + host - - try: - (options, arguments) = getopt.getopt(sys.argv[1:], "np:xV") - except getopt.GetoptError, msg: - print "ciabot.py: " + str(msg) - raise SystemExit, 1 - - notify = True - for (switch, val) in options: - if switch == '-p': - project = val - elif switch == '-n': - notify = False - elif switch == '-x': - xmlrpc = True - elif switch == '-V': - print "ciabot.py: version", version - sys.exit(0) - - # Cough and die if user has not specified a project - if not project: - sys.stderr.write("ciabot.py: no project specified, bailing out.\n") - sys.exit(1) - - if not repo: - repo = project.lower() - - urlprefix = urlprefix % globals() - - # The script wants a reference to head followed by the list of - # commit ID to report about. - if len(arguments) == 0: - refname = do("git symbolic-ref HEAD 2>/dev/null") - merges = [do("git rev-parse HEAD")] - else: - refname = arguments[0] - merges = arguments[1:] - - if notify: - if xmlrpc: - import xmlrpclib - server = xmlrpclib.Server('http://cia.navi.cx/RPC2'); - else: - import smtplib - server = smtplib.SMTP('localhost') - - for merged in merges: - message = report(refname, merged, xmlrpc) - if not notify: - print message - elif xmlrpc: - server.hub.deliver(message) - else: - server.sendmail(fromaddr, [toaddr], message) - - if notify: - if not xmlrpc: - server.quit() - -#End diff --git a/repo/hooks/update b/repo/hooks/update deleted file mode 100755 index bb0078f9..00000000 --- a/repo/hooks/update +++ /dev/null @@ -1,150 +0,0 @@ -#!/bin/sh -# -# An example hook script to blocks unannotated tags from entering. -# Called by git-receive-pack with arguments: refname sha1-old sha1-new -# -# Has some local customizations at the end. -# -# Config -# ------ -# hooks.allowunannotated -# This boolean sets whether unannotated tags will be allowed into the -# repository. By default they won't be. -# hooks.allowdeletetag -# This boolean sets whether deleting tags will be allowed in the -# repository. By default they won't be. -# hooks.allowmodifytag -# This boolean sets whether a tag may be modified after creation. By default -# it won't be. -# hooks.allowdeletebranch -# This boolean sets whether deleting branches will be allowed in the -# repository. By default they won't be. -# hooks.denycreatebranch -# This boolean sets whether remotely creating branches will be denied -# in the repository. By default this is allowed. -# - - - -if ! /gitroot/gpsd/hooks/acl.sh "$1" "$2" "$3"; then - exit 1 -fi - - -# --- Command line -refname="$1" -oldrev="$2" -newrev="$3" - - -# --- Safety check -if [ -z "$GIT_DIR" ]; then - echo "Don't run this script from the command line." >&2 - echo " (if you want, you could supply GIT_DIR then run" >&2 - echo " $0 <ref> <oldrev> <newrev>)" >&2 - exit 1 -fi - -if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then - echo "Usage: $0 <ref> <oldrev> <newrev>" >&2 - exit 1 -fi - -# --- Config -allowunannotated=$(git config --bool hooks.allowunannotated) -allowdeletebranch=$(git config --bool hooks.allowdeletebranch) -denycreatebranch=$(git config --bool hooks.denycreatebranch) -allowdeletetag=$(git config --bool hooks.allowdeletetag) -allowmodifytag=$(git config --bool hooks.allowmodifytag) - -# check for no description -projectdesc=$(sed -e '1q' "$GIT_DIR/description") -case "$projectdesc" in -"Unnamed repository"* | "") - echo "*** Project description file hasn't been set" >&2 - exit 1 - ;; -esac - -# --- Check types -# if $newrev is 0000...0000, it's a commit to delete a ref. -zero="0000000000000000000000000000000000000000" -if [ "$newrev" = "$zero" ]; then - newrev_type=delete -else - newrev_type=$(git-cat-file -t $newrev) -fi - -case "$refname","$newrev_type" in - refs/tags/*,commit) - # un-annotated tag - short_refname=${refname##refs/tags/} - if [ "$allowunannotated" != "true" ]; then - echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2 - echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2 - exit 1 - fi - ;; - refs/tags/*,delete) - # delete tag - if [ "$allowdeletetag" != "true" ]; then - echo "*** Deleting a tag is not allowed in this repository" >&2 - exit 1 - fi - ;; - refs/tags/*,tag) - # annotated tag - if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1 - then - echo "*** Tag '$refname' already exists." >&2 - echo "*** Modifying a tag is not allowed in this repository." >&2 - exit 1 - fi - ;; - refs/heads/*,commit) - # branch - if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then - echo "*** Creating a branch is not allowed in this repository" >&2 - exit 1 - fi - ;; - refs/heads/*,delete) - # delete branch - if [ "$allowdeletebranch" != "true" ]; then - echo "*** Deleting a branch is not allowed in this repository" >&2 - exit 1 - fi - ;; - refs/remotes/*,commit) - # tracking branch - ;; - refs/remotes/*,delete) - # delete tracking branch - if [ "$allowdeletebranch" != "true" ]; then - echo "*** Deleting a tracking branch is not allowed in this repository" >&2 - exit 1 - fi - ;; - *) - # Anything else (is there anything else?) - echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2 - exit 1 - ;; -esac - -# -# Local customizations begin here. -# - -/gitroot/gpsd/hooks/ciabot.py ${refname} $(git rev-list ${oldrev}..${newrev} | tac) - -cdto=$(git rev-parse --show-cdup) -echo "Path to base directory: $cdto" -echo "Files modified:" -for filename in `git diff --name-only ${oldrev} ${newrev}` -do - echo "Source path: $filename" -done - -# --- Finished -exit 0 diff --git a/repo/hooks/update-custom b/repo/hooks/update-custom new file mode 100755 index 00000000..b7875e4b --- /dev/null +++ b/repo/hooks/update-custom @@ -0,0 +1,14 @@ +# +# Local customizations for git update hook begin here. +# We'll need a valid absolute path before ciabot.py. +# + +ciabot.py ${refname} $(git rev-list ${oldrev}..${newrev} | tac) + +cdto=$(git rev-parse --show-cdup) +echo "Path to base directory: $cdto" +echo "Files modified:" +for filename in `git diff --name-only ${oldrev} ${newrev}` +do + echo "Source path: $filename" +done diff --git a/repo/upload b/repo/upload index 2271c374..b51d694c 100755 --- a/repo/upload +++ b/repo/upload @@ -3,15 +3,17 @@ # Upload git configuration from here to the repo # Please do not introduce bashisms into this script. # -confdir=git.berlios.de:/gitroot/gpsd/ +# Note: This script does not curently work. It used to, on Berlios. +# We leave it here because light modifications will probably work +# on may forges. -# Get around the ssh lockout on git.berlios.de by copying up to -# shell.berlios.de and doing a local move. Written so the last +# Get around the usual ssh lockout on a repo host by copying up to +# the shell host and doing a local move. Written so the last # move is atomic. copy() { - scp $1 $LOGNAME@shell.berlios.de:STAGE - ssh $LOGNAME@git.berlios.de "cp -f STAGE /gitroot/gpsd && mv /gitroot/gpsd/STAGE /gitroot/gpsd/$1" + scp $1 $LOGNAME@shell.xyzzy.foo:STAGE + ssh $LOGNAME@git.xyzzy.foo "cp -f STAGE /gitroot/gpsd && mv /gitroot/gpsd/STAGE /gitroot/gpsd/$1" } if [ $1 ] |