From: "Clément Lassieur" <clement@lassieur.org>
To: Christopher Baines <mail@cbaines.net>
Cc: 30809@debbugs.gnu.org
Subject: [bug#30809] [PATCH 2/2] services: Add Gitolite.
Date: Mon, 23 Jul 2018 00:30:01 +0200 [thread overview]
Message-ID: <87va96q4ye.fsf@lassieur.org> (raw)
In-Reply-To: <20180714062855.18705-2-mail@cbaines.net>
Christopher Baines <mail@cbaines.net> writes:
> * gnu/services/version-control.scm (<gitolite-configuration>,
> <gitolite-rc-file>): New record types.
> (gitolite-accounts, gitolite-setup, gitolite-activation): New procedures.
> (gitolite-service-type): New variables.
> * gnu/tests/version-control.scm (%gitolite-test-admin-keypair, %gitolite-os,
> %test-gitolite): New variables.
> (run-gitolite-test): New procedure.
> * doc/guix.texi (Version Control): Document the gitolite service.
> ---
> doc/guix.texi | 90 ++++++++++++++++
> gnu/services/version-control.scm | 169 ++++++++++++++++++++++++++++++-
> gnu/tests/version-control.scm | 103 ++++++++++++++++++-
> 3 files changed, 360 insertions(+), 2 deletions(-)
Great :-)
[...]
> +@item @code{admin-pubkey} (default: @var{#f})
> +A ``file-like'' object (@pxref{G-Expressions, file-like objects}) used to
> +setup Gitolite. This can be omitted once Gitolite has successfully been
> +setup.
It looks like almost everything else can be ommited once Gitolite has
successfully been setup :-), I put another comment about it below.
[...]
> +(define-record-type* <gitolite-configuration>
> + gitolite-configuration make-gitolite-configuration
> + gitolite-configuration?
> + (package gitolite-configuration-package
> + (default gitolite))
> + (user gitolite-configuration-user
> + (default "git"))
> + (rc-file gitolite-configuration-rc-file
> + (default (gitolite-rc-file)))
> + (admin-pubkey gitolite-configuration-admin-pubkey
> + (default #f)))
> +
> +(define (gitolite-accounts config)
> + (let ((user (gitolite-configuration-user config)))
> + ;; User group and account to run Gitolite.
> + (list (user-group (name user) (system? #t))
> + (user-account
> + (name user)
> + (group user)
It would be great to make the group and home directory configurable
too. I personally use other settings for them.
> + (system? #t)
> + (comment "Gitolite user")
> + (home-directory "/var/lib/gitolite")))))
> +
> +(define gitolite-setup
> + (match-lambda
> + (($ <gitolite-configuration> package user rc-file admin-pubkey)
> + #~(begin
> + (use-modules (ice-9 match)
> + (guix build utils))
> + (if (not (file-exists? "/var/lib/gitolite/.gitolite"))
'unless', instead of 'if not'.
Also, is there a way to update the config once .gitolite exists? If the
users update their config, they'd expect the new config to be applied I
guess. Maybe we could override the symlink in that case. Would that be
safe? WDYT?
> + (let ((user-info (getpwnam #$user)))
> + (simple-format #t "guix: gitolite: installing ~A\n"
> + #$rc-file)
> + (symlink #$rc-file "/var/lib/gitolite/.gitolite.rc")
> +
> + ;; The key must be writable, so copy it from the store
> + (copy-file #$admin-pubkey "/var/lib/gitolite/id_rsa.pub")
> +
> + (chmod "/var/lib/gitolite/id_rsa.pub" #o500)
> + (chown "/var/lib/gitolite/id_rsa.pub"
> + (passwd:uid user-info)
> + (passwd:gid user-info))
> +
> + ;; Set the git configuration, to avoid gitolite trying to use
> + ;; the hostname command, as the network might not be up yet
> + (with-output-to-file "/var/lib/gitolite/.gitconfig"
> + (lambda ()
> + (display "[user]
> + name = GNU Guix
> + email = guix@localhost
> +")))
> +
> + (match (primitive-fork)
> + (0
> + ;; Exit with a non-zero status code if an exception is thrown.
> + (dynamic-wind
> + (const #t)
> + (lambda ()
> + (setenv "HOME" (passwd:dir user-info))
> + (setenv "USER" #$user)
> + (setgid (passwd:gid user-info))
> + (setuid (passwd:uid user-info))
> + (primitive-exit
> + (system* #$(file-append package "/bin/gitolite")
> + "setup"
> + "-pk" "/var/lib/gitolite/id_rsa.pub")))
> + (lambda ()
> + (primitive-exit 1))))
> + (pid (waitpid pid)))
> +
> + (delete-file "/var/lib/gitolite/id_rsa.pub")))))))
[...]
> diff --git a/gnu/tests/version-control.scm b/gnu/tests/version-control.scm
Could you add your copyright header for this file?
> index 3b935a1b4..e4cd3fc3f 100644
> --- a/gnu/tests/version-control.scm
> +++ b/gnu/tests/version-control.scm
> @@ -27,14 +27,17 @@
> #:use-module (gnu services)
> #:use-module (gnu services version-control)
> #:use-module (gnu services cgit)
> + #:use-module (gnu services ssh)
> #:use-module (gnu services web)
> #:use-module (gnu services networking)
> #:use-module (gnu packages version-control)
> + #:use-module (gnu packages ssh)
> #:use-module (guix gexp)
> #:use-module (guix store)
> #:use-module (guix modules)
> #:export (%test-cgit
> - %test-git-http))
> + %test-git-http
> + %test-gitolite))
>
> (define README-contents
> "Hello! This is what goes inside the 'README' file.")
> @@ -300,3 +303,101 @@ HTTP-PORT."
> (name "git-http")
> (description "Connect to a running Git HTTP server.")
> (value (run-git-http-test))))
> +
> +\f
> +;;;
> +;;; Gitolite.
> +;;;
> +
> +(define %gitolite-test-admin-keypair
> + (computed-file
> + "gitolite-test-admin-keypair"
> + (with-imported-modules (source-module-closure
> + '((guix build utils)))
^
Here indentation is not correct ;-)
> + #~(begin
> + (use-modules (ice-9 match) (srfi srfi-26)
> + (guix build utils))
> +
> + (mkdir #$output)
> + (invoke #$(file-append openssh "/bin/ssh-keygen")
> + "-f" (string-append #$output "/id_rsa")
> + "-t" "rsa"
> + "-q"
> + "-N" "")))))
[...]
> + (define test
> + (with-imported-modules '((gnu build marionette)
> + (guix build utils))
> + #~(begin
> + (use-modules (srfi srfi-64)
> + (rnrs io ports)
> + (gnu build marionette)
> + (guix build utils))
> +
> + (define marionette
> + (make-marionette (list #$vm)))
> +
> + (mkdir #$output)
> + (chdir #$output)
> +
> + (test-begin "gitolite")
> +
> + ;; Wait for sshd to be up and running.
> + (test-eq "service running"
> + 'running!
> + (marionette-eval
> + '(begin
> + (use-modules (gnu services herd))
> + (start-service 'ssh-daemon)
> + 'running!)
> + marionette))
Here the test produces a false positive because the return value of
'start-service' isn't used. It should be
(test-assert ... (start-service ...))
instead.
> + (display #$%gitolite-test-admin-keypair)
> +
> + (setenv "GIT_SSH_VARIANT" "ssh")
> + (setenv "GIT_SSH_COMMAND"
> + (string-join
> + '(#$(file-append openssh "/bin/ssh")
> + "-i" #$(file-append %gitolite-test-admin-keypair "/id_rsa")
> + "-o" "UserKnownHostsFile=/dev/null"
> + "-o" "StrictHostKeyChecking=no")))
> +
> + ;; Make sure we can clone the repo from the host.
> + (test-eq "clone"
> + #t
> + (invoke #$(file-append git "/bin/git")
> + "clone" "-v"
> + "ssh://git@localhost:2222/gitolite-admin"
> + "/tmp/clone"))
> +
> + (test-end)
> + (exit (= (test-runner-fail-count (test-runner-current)) 0)))))
> +
> + (gexp->derivation "gitolite" test))
> +
> +(define %test-gitolite
> + (system-test
> + (name "gitolite")
> + (description "Clone the Gitolite admin repository.")
> + (value (run-gitolite-test))))
Also, did you encounter bugs https://bugs.gnu.org/25957 and
https://bugs.gnu.org/30401? Do you know if they are still here?
Thank you very much!
Clément
next prev parent reply other threads:[~2018-07-22 22:31 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-13 21:35 [bug#30809] [PATCH] Gitolite service Christopher Baines
2018-03-13 21:39 ` [bug#30809] [PATCH 1/2] services: Add gitolite Christopher Baines
2018-03-13 21:39 ` [bug#30809] [PATCH 2/2] WIP: gitolite package changes to make the service work Christopher Baines
2018-07-13 19:41 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Christopher Baines
2018-07-13 19:41 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
2018-07-13 23:15 ` Oleg Pykhalov
2018-07-14 6:31 ` Christopher Baines
2018-07-13 20:01 ` [bug#30809] Fwd: " Christopher Baines
2018-07-14 6:28 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Christopher Baines
2018-07-14 6:28 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
2018-07-22 22:30 ` Clément Lassieur [this message]
2018-07-23 22:06 ` Christopher Baines
2018-07-22 22:26 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Clément Lassieur
2018-07-23 22:10 ` Christopher Baines
2018-07-23 21:43 ` Christopher Baines
2018-07-23 21:43 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
2018-07-24 9:23 ` Clément Lassieur
2018-07-29 20:45 ` Christopher Baines
2018-07-30 18:26 ` Clément Lassieur
2018-07-29 20:18 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Christopher Baines
2018-07-29 20:18 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
2018-07-30 23:39 ` Clément Lassieur
2018-07-31 21:40 ` Christopher Baines
2018-08-12 20:07 ` Clément Lassieur
2018-08-19 16:12 ` Christopher Baines
2018-09-25 18:01 ` Nils Gillmann
2018-09-28 20:28 ` bug#30809: " Christopher Baines
2018-09-22 16:03 ` [bug#30809] " Christopher Baines
2018-07-31 21:39 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Christopher Baines
2018-07-31 21:39 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
2018-09-22 15:14 ` [bug#30809] [PATCH 1/2] gnu: Modify the gitolite package to support the Guix service Christopher Baines
2018-09-22 15:14 ` [bug#30809] [PATCH 2/2] services: Add Gitolite Christopher Baines
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87va96q4ye.fsf@lassieur.org \
--to=clement@lassieur.org \
--cc=30809@debbugs.gnu.org \
--cc=mail@cbaines.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.