[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: dist-git proof of concept phase 2 ready for testing



On Sat, 19 Dec 2009 10:56:57 -0800
Jesse Keating <jkeating redhat com> wrote:

> We definitely want to allow topic branches pushed to the main repo.  I
> think we'll have to agree on a namespace to use for these, perhaps
> following the dist-cvs example and call them private-*

private/* would have the advantage of allowing easier branch name
wildcards in git ("git push origin 'private/*'").

OTOH, branch or tag names with slashes in them have the potential
to confuse tools and people.

> The way the ACL system works is that it matches on the refs you're
> pushing up, so for packages that have per-branch ACLs only the refs
> that match the branch have ACLs on them, and the assumption is that
> without an ACL you have no rights to it.  That's likely why your push
> failed, but I'd like to see the message to confirm.  It shouldn't be
> too hard to tweak the ACL creation script to add W access to anybody
> who has W access already to the private-* namespace.

Currently, it appears that I can push arbitrarily named branches, at
least if the package does not have per branch ACLs:

$ git push origin moo private/moo private-moo
Counting objects: 11, done.
Delta compression using 2 threads.
Compressing objects: 100% (9/9), done.
Writing objects: 100% (9/9), 759 bytes, done.
Total 9 (delta 8), reused 0 (delta 0)
To ssh://ndim pkgs stg fedoraproject org/cstream
 * [new branch]      moo -> moo
 * [new branch]      private/moo -> private/moo
 * [new branch]      private-moo -> private-moo
$

And the same happens with (non-signed, non-annotated) tags:

$ git push origin meh private/meh private-meh
Total 0 (delta 0), reused 0 (delta 0)
To ssh://ndim pkgs stg fedoraproject org/cstream
 * [new tag]         meh -> meh
 * [new tag]         private/meh -> private/meh
 * [new tag]         private-meh -> private-meh
$

I guess even without per branch ACLs, the ACL system should take a look
at what I am actually pushing and verify its tag/branch names match some
kind of wildcard whitelist. For tags, it might also check their type
(annotated, signed).

-- 
Hans Ulrich Niedermann

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]