diff options
| author |   Christian Ruppert <idl0r@gentoo.org> | 2010-10-26 21:12:00 +0200 |
|---|---|---|
| committer | Christian Ruppert <idl0r@gentoo.org> | 2010-10-26 21:12:00 +0200 |
| commit | c5b231d33bf8bda5506543695eb239b2996b099c (patch) | |
| tree | 24d0aa8a10cd868fe135f3503abe8478d592f673 | |
| parent | Merge branch 't/ssh-key-options' (diff) | |
| parent | Fix pubkey handling of multiple keys. (diff) | |
| download | gitolite-gentoo-c5b231d33bf8bda5506543695eb239b2996b099c.tar.gz gitolite-gentoo-c5b231d33bf8bda5506543695eb239b2996b099c.tar.bz2 gitolite-gentoo-c5b231d33bf8bda5506543695eb239b2996b099c.zip | |
Merge branch 't/export-key-metadata'
| -rw-r--r-- | .topdeps | 3 | ||||
| -rw-r--r-- | .topmsg | 8 | ||||
| -rw-r--r-- | conf/example.gitolite.rc | 7 | ||||
| -rw-r--r-- | src/gitolite.pm | 26 | ||||
| -rwxr-xr-x | src/gl-auth-command | 12 |
5 files changed, 48 insertions, 8 deletions
@@ -1,2 +1,3 @@ upstream -t/find_pubkeys-function +t/export_key_metadata-function +t/ssh-key-options @@ -1,9 +1,7 @@ From: Christian Ruppert <idl0r@gentoo.org> -Subject: [PATCH] t/export_key_metadata-function +Subject: [PATCH] t/export-key-metadata -The export_key_metadata will parse the metadata variables, specified in -@GL_METADATA (gitolite.rc) and export all those variables into the current -gitolite env. This is useful if you use e.g. cia.vc. -You can use those variables in your hooks. +Add @GL_METADATA array to the example gitolite.rc. +Export the metadata into the current gitolite env and log it as well. Signed-off-by: Christian Ruppert <idl0r@gentoo.org> diff --git a/conf/example.gitolite.rc b/conf/example.gitolite.rc index c563e81..cf18e00 100644 --- a/conf/example.gitolite.rc +++ b/conf/example.gitolite.rc @@ -127,6 +127,13 @@ $GL_NO_SETUP_AUTHKEYS = 0; # ---------------------------------------------------------------------- +# Define which metadata variables shall be exported to the gitolite environment. +# Those variables can be used in hooks, e.g. for cia.vc +# A pubkey file might contain one or more of those variable. +# They can be defined by e.g:"# git-username: idl0r" +# Each '-' (dash) will be replaced by an '_' (underscore). +@GL_METADATA = ( "git-username", "git-email", "git-realname", "git-realname-ascii", "cia-vc-username" ); +@GL_METADATA_REQUIRED = ( "git-username", "git-email", "git-realname" ); # -------------------------------------- # ALLOW REPO ADMIN TO SET GITCONFIG KEYS diff --git a/src/gitolite.pm b/src/gitolite.pm index f23d0e0..b579823 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -43,7 +43,7 @@ our $REPOPATT_PATT=qr(^\@?[0-9a-zA-Z[][\\^.$|()[\]*+?{}0-9a-zA-Z._\@/-]*$); our $ADC_CMD_ARGS_PATT=qr(^[0-9a-zA-Z._\@/+-]*$); # these come from the RC file -our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT, $PROJECTS_LIST, $GL_ALL_INCLUDES_SPECIAL, $GL_SITE_INFO, $GL_GET_MEMBERSHIPS_PGM, $GL_KEYDIR, @GL_METADATA); +our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT, $PROJECTS_LIST, $GL_ALL_INCLUDES_SPECIAL, $GL_SITE_INFO, $GL_GET_MEMBERSHIPS_PGM, $GL_KEYDIR, @GL_METADATA, @GL_METADATA_REQUIRED); our %repos; our %groups; our %repo_config; @@ -817,6 +817,30 @@ sub setup_authkeys push @not_in_config, "$user($pubkey)" if %$user_list_p and not $user_list_p->{$user}; $user_list_p->{$user} = 'has pubkey' if %$user_list_p; + # lint check 3 -- Ensure that all required metadata variables are + # defined. + my @not_meet = @GL_METADATA_REQUIRED; + open(PUBKEY, '<', $pubkey); + while(defined(my $line = <PUBKEY>)) { + chomp($line); + next if $line !~ m/^\s*#/; + $line =~ s/^\s*#\s*//; + + my ($variable, $value) = split(/:\s*/, $line, 2); + + if(grep(/^\Q${variable}\E$/, @GL_METADATA_REQUIRED)) { + if(length($value) > 0) { + @not_meet = grep(!/^\Q${variable}\E$/, @not_meet); + } + } + } + close(PUBKEY); + if( $#not_meet ne -1 ) { + print STDERR "$WARN Skipping '${pubkey}' due to missed required variables:\n"; + print STDERR join(", ", sort @not_meet), "\n"; + next; + } + # Parse the pubkey including all options etc... # Use strict mode to abort on faulty files. my $akf = Net::SSH::AuthorizedKeysFile->new( strict => 1, ); diff --git a/src/gl-auth-command b/src/gl-auth-command index 0ef6ceb..a7b3ddc 100755 --- a/src/gl-auth-command +++ b/src/gl-auth-command @@ -32,7 +32,7 @@ use warnings; # ---------------------------------------------------------------------------- # these are set by the "rc" file -our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_WILDREPOS_DEFPERMS, $GL_ADC_PATH, $SVNSERVE, $PROJECTS_LIST, $GL_SLAVE_MODE, $GL_PERFLOGT); +our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_WILDREPOS_DEFPERMS, $GL_ADC_PATH, $SVNSERVE, $PROJECTS_LIST, $GL_SLAVE_MODE, $GL_PERFLOGT, @GL_METADATA); # and these are set by gitolite.pm our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT, $ADC_CMD_ARGS_PATT); our %repos; @@ -249,6 +249,16 @@ die "$aa access for $repo DENIED to $user # over to git now # ---------------------------------------------------------------------------- +my $metaenv = "Metadata ENV:"; +export_key_metadata($user); +foreach my $metadata (@GL_METADATA) { + $metadata =~ s/-/_/g; + if(defined($ENV{$metadata})) { + $metaenv = join(" ", $metaenv, "${metadata}=\"$ENV{$metadata}\""); + } +} +log_it("${metaenv}\n"); + if ($ENV{REQUEST_URI}) { &log_it($ENV{REQUEST_URI}); exec $ENV{GIT_HTTP_BACKEND}; |