rc: get rid of GL_GITCONFIG_WILD
was only for efficiency even when it was relevant, and now it's just in the way, making useless noises.
This commit is contained in:
Sitaram Chamarty
parent
056459aeda
commit
e970327cc1
|
|
@ -45,7 +45,6 @@ $GL_NO_DAEMON_NO_GITWEB = 0;
|
||||||
# $GL_ALL_READ_ALL = 0;
|
# $GL_ALL_READ_ALL = 0;
|
||||||
$GIT_PATH="";
|
$GIT_PATH="";
|
||||||
$GL_GITCONFIG_KEYS = "";
|
$GL_GITCONFIG_KEYS = "";
|
||||||
# $GL_GITCONFIG_WILD = 0;
|
|
||||||
$GL_NO_CREATE_REPOS = 0;
|
$GL_NO_CREATE_REPOS = 0;
|
||||||
$GL_NO_SETUP_AUTHKEYS = 0;
|
$GL_NO_SETUP_AUTHKEYS = 0;
|
||||||
# $GL_WILDREPOS_DEFPERMS = 'R @all';
|
# $GL_WILDREPOS_DEFPERMS = 'R @all';
|
||||||
|
|
|
||||||
|
|
@ -154,12 +154,6 @@ on feedback from my users to find or fix issues.
|
||||||
`\\.` (two backslashes and a dot). So this is how you'd allow any keys in
|
`\\.` (two backslashes and a dot). So this is how you'd allow any keys in
|
||||||
the "foo" category: `$GL_GITCONFIG_KEYS = "foo\\..*";`
|
the "foo" category: `$GL_GITCONFIG_KEYS = "foo\\..*";`
|
||||||
|
|
||||||
* `$GL_GITCONFIG_WILD`, boolean, default 0
|
|
||||||
|
|
||||||
This setting allows gitconfig keys even for wild repos. This is an
|
|
||||||
efficiency issue more than a security issue, since this requires trawling
|
|
||||||
through all of `$REPO_BASE` looking for stuff :)
|
|
||||||
|
|
||||||
* `$GL_NO_CREATE_REPOS`, boolean, default 0
|
* `$GL_NO_CREATE_REPOS`, boolean, default 0
|
||||||
|
|
||||||
DO NOT CHANGE THIS unless you have other means to create repos and
|
DO NOT CHANGE THIS unless you have other means to create repos and
|
||||||
|
|
|
||||||
|
|
@ -643,8 +643,8 @@ Then write a cron job that looks like this (untested).
|
||||||
If you're paranoid enough to use mirrors, you should be paranoid enough to
|
If you're paranoid enough to use mirrors, you should be paranoid enough to
|
||||||
use the `receive.fsckObjects` setting. However, informal tests indicate a
|
use the `receive.fsckObjects` setting. However, informal tests indicate a
|
||||||
40-50% CPU overhead from this. If you're ok with that, make the appropriate
|
40-50% CPU overhead from this. If you're ok with that, make the appropriate
|
||||||
adjustments to `GL_GITCONFIG_KEYS` and possibly `GL_GITCONFIG_WILD` in the rc
|
adjustments to `GL_GITCONFIG_KEYS` in the rc file, then add this to your
|
||||||
file, then add this to your gitolite.conf file:
|
gitolite.conf file:
|
||||||
|
|
||||||
repo @all
|
repo @all
|
||||||
config receive.fsckObjects = "true"
|
config receive.fsckObjects = "true"
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,7 @@ use Exporter 'import';
|
||||||
$ADMIN_POST_UPDATE_CHAINS_TO $ENV $GITOLITE_BASE $GITOLITE_PATH $GIT_PATH
|
$ADMIN_POST_UPDATE_CHAINS_TO $ENV $GITOLITE_BASE $GITOLITE_PATH $GIT_PATH
|
||||||
$GL_ADC_PATH $GL_ADMINDIR $GL_ALL_INCLUDES_SPECIAL $GL_ALL_READ_ALL
|
$GL_ADC_PATH $GL_ADMINDIR $GL_ALL_INCLUDES_SPECIAL $GL_ALL_READ_ALL
|
||||||
$GL_BIG_CONFIG $GL_CONF $GL_CONF_COMPILED $GL_GET_MEMBERSHIPS_PGM
|
$GL_BIG_CONFIG $GL_CONF $GL_CONF_COMPILED $GL_GET_MEMBERSHIPS_PGM
|
||||||
$GL_GITCONFIG_KEYS $GL_GITCONFIG_WILD $GL_KEYDIR $GL_LOGT $GL_NICE_VALUE
|
$GL_GITCONFIG_KEYS $GL_KEYDIR $GL_LOGT $GL_NICE_VALUE
|
||||||
$GL_NO_CREATE_REPOS $GL_NO_DAEMON_NO_GITWEB $GL_NO_SETUP_AUTHKEYS
|
$GL_NO_CREATE_REPOS $GL_NO_DAEMON_NO_GITWEB $GL_NO_SETUP_AUTHKEYS
|
||||||
$GL_PACKAGE_CONF $GL_PACKAGE_HOOKS $GL_PERFLOGT $GL_SITE_INFO
|
$GL_PACKAGE_CONF $GL_PACKAGE_HOOKS $GL_PERFLOGT $GL_SITE_INFO
|
||||||
$GL_SLAVE_MODE $GL_WILDREPOS $GL_WILDREPOS_DEFPERMS
|
$GL_SLAVE_MODE $GL_WILDREPOS $GL_WILDREPOS_DEFPERMS
|
||||||
|
|
|
||||||
|
|
@ -250,16 +250,6 @@ sub parse_conf_line
|
||||||
# force entry in %repos. Without this, a repo para with just a
|
# force entry in %repos. Without this, a repo para with just a
|
||||||
# config line and no ACLs gets ignored in the output
|
# config line and no ACLs gets ignored in the output
|
||||||
$repos{$repo}{HAS_CONFIG} = 1;
|
$repos{$repo}{HAS_CONFIG} = 1;
|
||||||
|
|
||||||
# no problem if it's a plain repo (non-pattern, non-groupname)
|
|
||||||
# OR wild configs are allowed
|
|
||||||
unless ( ($repo =~ $REPONAME_PATT and $repo !~ /^@/) or $GL_GITCONFIG_WILD) {
|
|
||||||
my @r = ($repo); # single wildpatt
|
|
||||||
@r = sort keys %{ $groups{$repo} } if $groups{$repo}; # or a group; get its members
|
|
||||||
do {
|
|
||||||
warn "$WARN git config set for $_ but \$GL_GITCONFIG_WILD not set\n" unless $_ =~ $REPONAME_PATT
|
|
||||||
} for @r;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# include
|
# include
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
# vim: syn=sh:
|
# vim: syn=sh:
|
||||||
for bc in 0 1
|
for bc in 0 1
|
||||||
do
|
do
|
||||||
for gcw in 0 1
|
for gcw in 0
|
||||||
do
|
do
|
||||||
cd $TESTDIR
|
cd $TESTDIR
|
||||||
$TESTDIR/rollback || die "rollback failed"
|
$TESTDIR/rollback || die "rollback failed"
|
||||||
|
|
@ -9,7 +9,6 @@ do
|
||||||
name INTERNAL
|
name INTERNAL
|
||||||
editrc GL_WILDREPOS 1
|
editrc GL_WILDREPOS 1
|
||||||
editrc GL_BIG_CONFIG $bc
|
editrc GL_BIG_CONFIG $bc
|
||||||
echo "\$GL_GITCONFIG_WILD = $gcw;" | addrc
|
|
||||||
|
|
||||||
# ----------
|
# ----------
|
||||||
|
|
||||||
|
|
@ -47,8 +46,6 @@ do
|
||||||
RW = @leads
|
RW = @leads
|
||||||
config foo.bar = baz
|
config foo.bar = baz
|
||||||
" | ugc -r
|
" | ugc -r
|
||||||
[ "$gcw" = "0" ] && expect "remote: git config set for bar/..\* but \$GL_GITCONFIG_WILD not set"
|
|
||||||
[ "$gcw" = "1" ] && notexpect "remote: git config set for bar/..\* but \$GL_GITCONFIG_WILD not set"
|
|
||||||
notexpect "git config.*not allowed"
|
notexpect "git config.*not allowed"
|
||||||
expect_push_ok "master -> master"
|
expect_push_ok "master -> master"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,11 @@
|
||||||
# vim: syn=sh:
|
# vim: syn=sh:
|
||||||
for gcw in 0 1
|
for gcw in 0
|
||||||
do
|
do
|
||||||
cd $TESTDIR
|
cd $TESTDIR
|
||||||
$TESTDIR/rollback || die "rollback failed"
|
$TESTDIR/rollback || die "rollback failed"
|
||||||
|
|
||||||
name INTERNAL
|
name INTERNAL
|
||||||
editrc GL_WILDREPOS 1
|
editrc GL_WILDREPOS 1
|
||||||
echo "\$GL_GITCONFIG_WILD = $gcw;" | addrc
|
|
||||||
|
|
||||||
# ----------
|
# ----------
|
||||||
|
|
||||||
|
|
@ -42,8 +41,6 @@ do
|
||||||
RW = @leads
|
RW = @leads
|
||||||
config foo.bar = baz
|
config foo.bar = baz
|
||||||
" | ugc -r
|
" | ugc -r
|
||||||
[ "$gcw" = "0" ] && expect "remote: git config set for bar/\$creator/..\* but \$GL_GITCONFIG_WILD not set"
|
|
||||||
[ "$gcw" = "1" ] && notexpect "remote: git config set for bar/\$creator/..\* but \$GL_GITCONFIG_WILD not set"
|
|
||||||
notexpect "git config.*not allowed"
|
notexpect "git config.*not allowed"
|
||||||
expect_push_ok "master -> master"
|
expect_push_ok "master -> master"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -117,7 +117,9 @@ expect_filesame() {
|
||||||
die() {
|
die() {
|
||||||
echo '***** AAAAARRRGGH! *****' >&2
|
echo '***** AAAAARRRGGH! *****' >&2
|
||||||
echo ${BASH_LINENO[1]} ${BASH_SOURCE[2]} >&2
|
echo ${BASH_LINENO[1]} ${BASH_SOURCE[2]} >&2
|
||||||
echo "vim +${BASH_LINENO[1]} \'+r !head ~/1 ~/2 /dev/null\' ${BASH_SOURCE[2]}" >&2
|
cd $TESTDIR
|
||||||
|
vim +${BASH_LINENO[1]} '+r !head ~/1 ~/2 /dev/null' ${BASH_SOURCE[2]}
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -126,6 +128,7 @@ expect() {
|
||||||
then
|
then
|
||||||
ok
|
ok
|
||||||
else
|
else
|
||||||
|
die foo
|
||||||
notok "expecting: $1, got:"
|
notok "expecting: $1, got:"
|
||||||
cat ~/1 ~/2|sed -e 's/^/# /'
|
cat ~/1 ~/2|sed -e 's/^/# /'
|
||||||
fi
|
fi
|
||||||
|
|
@ -134,6 +137,7 @@ expect() {
|
||||||
notexpect() {
|
notexpect() {
|
||||||
if cat ~/1 ~/2 | grep "$1" >/dev/null
|
if cat ~/1 ~/2 | grep "$1" >/dev/null
|
||||||
then
|
then
|
||||||
|
die foo
|
||||||
notok "NOT expecting: $1, got:"
|
notok "NOT expecting: $1, got:"
|
||||||
cat ~/1 ~/2|sed -e 's/^/# /'
|
cat ~/1 ~/2|sed -e 's/^/# /'
|
||||||
else
|
else
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue