[PATCH] gnu: Add gitolite.

[PATCH] gnu: Add gitolite.

[David Thompson]

[-- Attachment #1: Type: text/plain, Size: 399 bytes --]

Gitolite is a lightweight tool for managing access control to Git
repositories.  We use it at the FSF and it works pretty well.

AFAICT, I've managed to avoid propogating Perl, but I have to propagate
OpenSSH and Git for now.  They are referenced in too many scripts in too
many ways for a regexp substitution to do a good job.  Fixing this
requires working with the upstream maintainers, I think.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-Add-gitolite.patch --]
[-- Type: text/x-diff, Size: 5791 bytes --]

From 12a8ab427800a004059c847742fa40bf35de1bb2 Mon Sep 17 00:00:00 2001
From: David Thompson <davet@gnu.org>
Date: Thu, 16 Apr 2015 03:23:52 -0400
Subject: [PATCH] gnu: Add gitolite.

* gnu/packages/version-control.scm (gitolite): New variable.
* gnu/packages/patches/gitolite-openssh-6.8-compat.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
---
 gnu-system.am                                      |  1 +
 .../patches/gitolite-openssh-6.8-compat.patch      | 25 ++++++++++
 gnu/packages/version-control.scm                   | 58 ++++++++++++++++++++++
 3 files changed, 84 insertions(+)
 create mode 100644 gnu/packages/patches/gitolite-openssh-6.8-compat.patch

diff --git a/gnu-system.am b/gnu-system.am
index c581d79..967033b 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -414,6 +414,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/flex-bison-tests.patch			\
   gnu/packages/patches/gawk-shell.patch				\
   gnu/packages/patches/gcc-cross-environment-variables.patch	\
+  gnu/packages/patches/gitolite-openssh-6.8-compat.patch	\
   gnu/packages/patches/glib-tests-desktop.patch			\
   gnu/packages/patches/glib-tests-homedir.patch			\
   gnu/packages/patches/glib-tests-prlimit.patch			\
diff --git a/gnu/packages/patches/gitolite-openssh-6.8-compat.patch b/gnu/packages/patches/gitolite-openssh-6.8-compat.patch
new file mode 100644
index 0000000..d9dbc87
--- /dev/null
+++ b/gnu/packages/patches/gitolite-openssh-6.8-compat.patch
@@ -0,0 +1,25 @@
+From ed807a40c6683960e357bc995b3acf721ec088b4 Mon Sep 17 00:00:00 2001
+From: Sitaram Chamarty <sitaram@atc.tcs.com>
+Date: Thu, 19 Mar 2015 05:17:59 +0530
+Subject: [PATCH] openssh 6.8 compat
+
+---
+ src/triggers/post-compile/ssh-authkeys | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/triggers/post-compile/ssh-authkeys b/src/triggers/post-compile/ssh-authkeys
+index 84dda73..d5f5d8b 100755
+--- a/src/triggers/post-compile/ssh-authkeys
++++ b/src/triggers/post-compile/ssh-authkeys
+@@ -115,7 +115,7 @@ sub fp_file {
+     my $f  = shift;
+     my $fp = `ssh-keygen -l -f '$f'`;
+     chomp($fp);
+-    _die "fingerprinting failed for '$f'" unless $fp =~ /([0-9a-f][0-9a-f](:[0-9a-f][0-9a-f])+)/;
++    _die "fingerprinting failed for '$f'" unless $fp =~ /([0-9a-f][0-9a-f](:[0-9a-f][0-9a-f])+)/ or $fp =~ m(SHA256:([A-ZA-z0-9+/]+));
+     $fp = $1;
+     return $fp;
+ }
+-- 
+2.2.1
+
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 48e16a1..c22950b 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -48,6 +48,7 @@
   #:use-module (gnu packages nano)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages openssl)
+  #:use-module (gnu packages ssh)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
@@ -401,6 +402,63 @@ linear.  It will test every change between two points in the DAG.  It will
 also walk each side of a merge and test those changes individually.")
       (license (x11-style "file://LICENSE")))))
 
+(define-public gitolite
+  (package
+    (name "gitolite")
+    (version "3.6.2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://github.com/sitaramc/gitolite/archive/v"
+                    version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              ;; Commit ed807a4 upstream
+              (patches (list (search-patch "gitolite-openssh-6.8-compat.patch")))
+              (sha256
+               (base32
+                "1gsgzi9ayb4rablki3mqr11b0h8db4xg43df660marfpacmkfb01"))))
+    (build-system gnu-build-system)
+    (arguments
+     '(#:tests? #f ; no tests
+       #:phases (modify-phases %standard-phases
+                  (delete configure)
+                  (delete build)
+                  (add-before install patch-scripts
+                    (lambda* (#:key inputs #:allow-other-keys)
+                      (let ((perl (string-append (assoc-ref inputs "perl")
+                                                 "/bin/perl")))
+                        ;; This seems to take care of every shell script that
+                        ;; calls Perl.
+                        (substitute* (find-files "." ".*")
+                          ((" perl -")
+                           (string-append " " perl " -"))))))
+                  (replace install
+                    (lambda* (#:key outputs #:allow-other-keys)
+                      (let* ((output (assoc-ref outputs "out"))
+                             (sharedir (string-append output "/share/gitolite"))
+                             (bindir (string-append output "/bin")))
+                        (mkdir-p sharedir)
+                        (mkdir-p bindir)
+                        (system* "./install" "-to" sharedir)
+                        (for-each (lambda (script)
+                                    (symlink (string-append sharedir "/" script)
+                                             (string-append bindir "/" script)))
+                                  '("gitolite" "gitolite-shell"))
+                        #t))))))
+    (inputs
+     `(("perl" ,perl)))
+    ;; Propagated because trying to patch the source via regexp matching is
+    ;; too brittle and prone to false positives.  Upstream work required.
+    (propagated-inputs
+     `(("git" ,git)
+       ("openssh" ,openssh)))
+    (home-page "http://gitolite.com")
+    (synopsis "Git access control layer")
+    (description
+     "Gitolite is an access control layer on top of Git, providing fine access
+control to Git repositories.")
+    (license gpl2)))
+
 (define-public mercurial
   (package
     (name "mercurial")
-- 
2.2.1


[-- Attachment #3: Type: text/plain, Size: 136 bytes --]


-- 
David Thompson
Web Developer - Free Software Foundation - http://fsf.org
GPG Key: 0FF1D807
Support the FSF: https://fsf.org/donate

Re: [PATCH] gnu: Add gitolite.

[David Thompson]

David Thompson <dthompson2@worcester.edu> writes:

> Gitolite is a lightweight tool for managing access control to Git
> repositories.  We use it at the FSF and it works pretty well.
>
> AFAICT, I've managed to avoid propogating Perl, but I have to propagate
> OpenSSH and Git for now.  They are referenced in too many scripts in too
> many ways for a regexp substitution to do a good job.  Fixing this
> requires working with the upstream maintainers, I think.
>
> From 12a8ab427800a004059c847742fa40bf35de1bb2 Mon Sep 17 00:00:00 2001
> From: David Thompson <davet@gnu.org>
> Date: Thu, 16 Apr 2015 03:23:52 -0400
> Subject: [PATCH] gnu: Add gitolite.

I would like to push this soon if there are no objections.

-- 
David Thompson
Web Developer - Free Software Foundation - http://fsf.org
GPG Key: 0FF1D807
Support the FSF: https://fsf.org/donate

Re: [PATCH] gnu: Add gitolite.

[Ricardo Wurmus]

David Thompson writes:

> David Thompson <dthompson2@worcester.edu> writes:
>
>> Gitolite is a lightweight tool for managing access control to Git
>> repositories.  We use it at the FSF and it works pretty well.
>>
>> AFAICT, I've managed to avoid propogating Perl, but I have to propagate
>> OpenSSH and Git for now.  They are referenced in too many scripts in too
>> many ways for a regexp substitution to do a good job.  Fixing this
>> requires working with the upstream maintainers, I think.
>>
>> From 12a8ab427800a004059c847742fa40bf35de1bb2 Mon Sep 17 00:00:00 2001
>> From: David Thompson <davet@gnu.org>
>> Date: Thu, 16 Apr 2015 03:23:52 -0400
>> Subject: [PATCH] gnu: Add gitolite.
>
> I would like to push this soon if there are no objections.

I just went over the patch set and it looks good to me.

Pity about OpenSSH and Git being propagated, but I agree that this
should be a task for upstream (e.g. allowing to pass paths to both tools
with configure flags or so).

~~ Ricardo

Re: [PATCH] gnu: Add gitolite.

[David Thompson]

Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:

> David Thompson writes:
>
>> David Thompson <dthompson2@worcester.edu> writes:
>>
>>> Gitolite is a lightweight tool for managing access control to Git
>>> repositories.  We use it at the FSF and it works pretty well.
>>>
>>> AFAICT, I've managed to avoid propogating Perl, but I have to propagate
>>> OpenSSH and Git for now.  They are referenced in too many scripts in too
>>> many ways for a regexp substitution to do a good job.  Fixing this
>>> requires working with the upstream maintainers, I think.
>>>
>>> From 12a8ab427800a004059c847742fa40bf35de1bb2 Mon Sep 17 00:00:00 2001
>>> From: David Thompson <davet@gnu.org>
>>> Date: Thu, 16 Apr 2015 03:23:52 -0400
>>> Subject: [PATCH] gnu: Add gitolite.
>>
>> I would like to push this soon if there are no objections.
>
> I just went over the patch set and it looks good to me.
>
> Pity about OpenSSH and Git being propagated, but I agree that this
> should be a task for upstream (e.g. allowing to pass paths to both tools
> with configure flags or so).

Thanks for taking a look.  I cleaned the patch up a bit, added a couple
more comments, and pushed.

-- 
David Thompson
Web Developer - Free Software Foundation - http://fsf.org
GPG Key: 0FF1D807
Support the FSF: https://fsf.org/donate