On Fri, Sep 02, 2022 at 07:11:54AM -0400, Thompson, David wrote:
> On Fri, Sep 2, 2022 at 3:00 AM Efraim Flashner <efraim@flashner.co.il> wrote:
> >
> > I took a look at the gitolite service finally and I hadn't realized
> > there wasn't a running daemon to containerize. I assumed we could do
> > something like:
> >
> > (start $~(make-forkexec-constructor/container
> >             (list ...)
> >             #:environment-variables
> >             '("PATH=...")
> >             #:mappings ...))
> >
> > Given that's not the case then I'd need to look at gitolite itself to
> > see how it calls the other binaries it expects to be available, and if
> > wrapping it would be enough or if we would need to just propagate the
> > other packages for functionality.
> 
> Gitolite simply expects tools like git to be on $PATH.  It's a pretty
> naive system, there's nothing like a configure script that is
> determining the absolute file name of these tools and substituting
> those names into the built files.
> 
> The executable is already wrapped so that coreutils, findutils, and
> git are on $PATH, but notably not openssh:
> 
> (add-after 'install 'wrap-scripts
>                     (lambda* (#:key inputs outputs #:allow-other-keys)
>                       (let ((out (assoc-ref outputs "out"))
>                             (coreutils (assoc-ref inputs "coreutils"))
>                             (findutils (assoc-ref inputs "findutils"))
>                             (git (assoc-ref inputs "git")))
>                         (wrap-program (string-append out "/bin/gitolite")
>                           `("PATH" ":" prefix
>                             ,(map (lambda (dir)
>                                     (string-append dir "/bin"))
>                                   (list out coreutils findutils git)))))))
> 
> However, git and openssh are still propagated inputs. I'm going to
> move the propagated inputs to regular inputs, potentially add openssh
> to the wrapper once I remind myself what gitolite does with those
> tools, and test it all out on my server using the gitolite service.
> If that all works, we have a good starting point for adding extension
> support in the service.

I like it. Let us know how it goes.

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted