Gitolite repository for PLD packages

I decided to check whether it would be feasible to host our own git repositories under control of gitolite.

In comparison with github option, it would give us full control over our repository. Also github does provide only post-receive hooks. Therefore some tasks are difficult. For example restricting who can delete auto-xxx tags is problematic.

To enable for other developers to test how the PLD repository would look like after migration to git, I have created a mock setup on carme. It contains all packages present in PLD and should be quite up to date. The path to access the repository is: draenog@carme.pld-linux.org. All packages are in packages directory. For example to obtain glibc:

git clone draenog@carme.pld-linux.org:packages/glibc

Authentication is based on ssh keys. People whose keys are in SSH-keys in PLD repository should have access.

Manage your keys

Changes to developer can be seen from cvs2git page.

• only <dist> builders can write auto-<dist> tags
• builders cannot write to any other refs
• master branch cannot be rewound
• every user can write/rewrite all other refs

@admins = draenog

@th-builders = builderth
@ac-builders = builderac
@builders = @th-builders @ac-builders

repo    gitolite-admin
        RW+     =   @admins

repo    testing
        RW+     =   @all

repo   packages/..*
        C = @all
        RW refs/tags/auto-th = @th-builders
        RW refs/tags/auto-ac = @ac-builders
        - refs/tags/auto- = @all
        - = @builders
        RW master$ = @all
        -  master$ = @all
        RW+ = @all

In upstream version of gitolite, new package is created by cloning of no existing repo (if the access rules allow for it). However I think that it is too error prone. So gitolite was forked and an option to disable creation of wildcard repositories was added. Instead an admin defined command was created for this task:

ssh draenog@carme.pld-linux.org create <new_repo>

People with write access to gitolite-admin repository can use admin defined command to move obsoleted packages to attic space:

ssh draenog@carme.pld-linux.org  trash <repo>

It is possible to prevent the commits of large files or archives. Currently every file must pass the following tests:

• its size is smaller then 200kb or it is a text file smaller then 2Mb or its name matches one of patterns: *.spec, *.patch, *.diff
• it is not a zip or compressed file
• it is not a tar archive

Post-receive hook can be used to send email notifications about any changes in repositories. The example script can be found in git repository.

The example email:

Subject: packages/amanda branch master updated. 29fa1ceae8ca943f79d842b8229d713556a22342

The branch, master has been updated
       via  29fa1ceae8ca943f79d842b8229d713556a22342 (commit)
      from  a1d49d8d532329dad9e246d0671c5367d620561c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 29fa1ceae8ca943f79d842b8229d713556a22342
Author: Arkadiusz MiĹ\233kiewicz <arekm@pld-linux.org>
Date:   Fri Mar 30 15:28:53 2012 +0000

    - release 3

    Changed files:
        amanda.spec -> 1.221

diff --git a/amanda.spec b/amanda.spec
index a27eb99..a98e6e6 100644
--- a/amanda.spec
+++ b/amanda.spec
@@ -10,7 +10,7 @@ Summary:      A network-capable tape backup solution
 Summary(pl.UTF-8):     Sieciowo zorientowany system tworzenia kopii zapasowych
 Name:          amanda
 Version:       3.2.3
-Release:       2
+Release:       3
 License:       BSD
 Group:         Networking/Utilities
 Source0:       http://downloads.sourceforge.net/amanda/%{name}-%{version}.tar.gz

-----------------------------------------------------------------------

Summary of changes:
 amanda.spec |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


hooks/post-receive
--
packages/amanda

Git daemon provides an anonymous, read-only access to repositories. For example:

git clone git://carme.pld-linux.org/packages/glibc

A web interface for browsing git repositories can be provided by gitweb. You can see trial setup here.

At http://github.com/draenog/rpm-build-tools is a modified builder script. On gitolite branch there is a version that works with the gitolite repo on carme. To download it:

git clone -b gitolite git://github.com/draenog/PLDbuilder

To reduce the amount of downloaded data it is possible to make a shallow copy of repository with truncated history:

git clone --depth <n> draenog@carme.pld-linux.org:packages/kernel

or

builder.sh --depth <n>  -g kernel

Slug.py facilitates creating, cloning and updating packages. Its sources can be found at git://github.com/draenog/slug.git, or alternatively it can be build from PLD CVS as git-core-slug package.

slug.py init name

slug.py clone pattern

slug.py update -n pattern

If pattern is omitted, it fetches all repositories known to the upstream

slug.py update pattern

You can also use 'git pld' prefix to call the commands. For example:

git pld clone

Description of more advanced options can be obtained by:

slug.py <command> --help

Only source builder needs to be modified. The changes are minimal so it would be possible to adapt the existing builder with small effort. The modified version of PLD builder automation can be found at https://github.com/draenog/pld-builder.new

In case of any problem, please contact draenog@pld-linux.org