======Gitolite repository for PLD packages======

I decided to check whether it would be feasible to host our own git
repositories under control of gitolite. 


===== Motivation=====

In comparison with [[pld-github|github option]], it would
give us full control over our repository. Also github does provide only [[http://support.github.com/discussions/repos/899-pre-receive-hooks|post-receive hooks]]. Therefore some tasks are difficult. For example restricting who can delete ''auto-xxx'' tags is problematic.

=====Repository setup=====
To enable for other developers to test how the PLD repository would look like after migration to git, I have created a mock setup on carme. It contains all packages present in PLD and should be quite up to date. The path to access the repository is: ''draenog@carme.pld-linux.org''.
All packages are in packages directory. For example to obtain glibc:
  git clone draenog@carme.pld-linux.org:packages/glibc

===== Authentication=====
Authentication is based on ssh keys. People whose keys are in SSH-keys in PLD repository should have access.

[[howto-git#rw_access_ussing_ssh_public_keys|Manage your keys]]
===== Changes to Developer =====

Changes to developer can be seen from [[cvs2git]] page.
===== Access control=====
==== Assumptions: ====

    * only ''<dist>'' builders can write ''auto-<dist>'' tags
    * builders cannot write to any other refs
    * master branch cannot be rewound
    * every user can write/rewrite all other refs

==== The gitolite configuration: ====
<file>
@admins = draenog

@th-builders = builderth
@ac-builders = builderac
@builders = @th-builders @ac-builders

repo    gitolite-admin
        RW+     =   @admins

repo    testing
        RW+     =   @all

repo   packages/..*
        C = @all
        RW refs/tags/auto-th = @th-builders
        RW refs/tags/auto-ac = @ac-builders
        - refs/tags/auto- = @all
        - = @builders
        RW master$ = @all
        -  master$ = @all
        RW+ = @all
</file>

===== New package creation =====
In upstream version of gitolite, new package is created by cloning of no existing repo (if the access rules allow for it). However I think that it is too error prone. So [[https://github.com/draenog/gitolite|gitolite was forked]] and an option to disable creation of wildcard repositories was added. Instead an [[http://sitaramc.github.com/gitolite/ADCs.html|admin defined command]] was created for this task:
  ssh draenog@carme.pld-linux.org create <new_repo>

=====Package deletion=====
People with write access to gitolite-admin repository can use [[http://sitaramc.github.com/gitolite/ADCs.html|admin defined command]] to move obsoleted packages to attic space:
  ssh draenog@carme.pld-linux.org  trash <repo>
  
=====Restrictions on committed files====
It is possible to prevent the commits of large files or archives. Currently every file must pass the following tests:
  * its size is smaller then 200kb or it is a text file smaller then 2Mb or its name matches one of patterns: *.spec, *.patch, *.diff
  * it is not a zip or compressed file
  * it is not a tar archive
=====Email notifications=====
Post-receive hook can be used to send email notifications about any changes in repositories. The [[http://repo.or.cz/w/git.git/blob/HEAD:/contrib/hooks/post-receive-email|example script]] can be found in git repository.

The example email:
<file>
Subject: packages/amanda branch master updated. 29fa1ceae8ca943f79d842b8229d713556a22342

The branch, master has been updated
       via  29fa1ceae8ca943f79d842b8229d713556a22342 (commit)
      from  a1d49d8d532329dad9e246d0671c5367d620561c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 29fa1ceae8ca943f79d842b8229d713556a22342
Author: Arkadiusz MiĹ\233kiewicz <arekm@pld-linux.org>
Date:   Fri Mar 30 15:28:53 2012 +0000

    - release 3

    Changed files:
        amanda.spec -> 1.221

diff --git a/amanda.spec b/amanda.spec
index a27eb99..a98e6e6 100644
--- a/amanda.spec
+++ b/amanda.spec
@@ -10,7 +10,7 @@ Summary:      A network-capable tape backup solution
 Summary(pl.UTF-8):     Sieciowo zorientowany system tworzenia kopii zapasowych
 Name:          amanda
 Version:       3.2.3
-Release:       2
+Release:       3
 License:       BSD
 Group:         Networking/Utilities
 Source0:       http://downloads.sourceforge.net/amanda/%{name}-%{version}.tar.gz

-----------------------------------------------------------------------

Summary of changes:
 amanda.spec |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


hooks/post-receive
--
packages/amanda
</file>

=====Anonymous access=====
Git daemon provides an anonymous, read-only access to repositories. For example:
  git clone git://carme.pld-linux.org/packages/glibc

=====Web interface=====
A web interface for browsing git repositories can be provided by gitweb. You can see trial setup
[[http://carme.pld-linux.org:1234|here]].
=====User tools=====
==== Modified builder script ====
At  http://github.com/draenog/rpm-build-tools is a modified builder script. On ''gitolite'' branch there is a version that works with the gitolite repo on carme. To download it:
  git clone -b gitolite git://github.com/draenog/PLDbuilder

=== Useful options===
To reduce the amount of downloaded data it is possible to make a shallow copy of repository with truncated history:

  git clone --depth <n> draenog@carme.pld-linux.org:packages/kernel
  
or
  builder.sh --depth <n>  -g kernel

==== slug.py =====

Slug.py facilitates creating, cloning and updating packages. Its sources can be found at [[https://github.com/draenog/slug|git://github.com/draenog/slug.git]], or alternatively it can be build from PLD CVS as [[http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/git-core-slug/|git-core-slug]] package.

===Basic usage====

==Create new repository==
  slug.py init name
  
==Clone new repositories==
  slug.py clone pattern
  
==Fetch/update packages including new ones==
  slug.py update -n pattern
  
If pattern is omitted, it fetches all repositories known to the upstream
  
==Update packages that were downloaded earlier, but do not fetch new ones==
  slug.py update pattern
  
==Alternative syntax==
You can also use 'git pld' prefix to call the commands. For example: 
  git pld clone

=== ===
Description of more advanced options can be obtained by:
  slug.py <command> --help
=====PLD builder infrastructure===== 
Only source builder needs to be modified. The changes are minimal so it would be possible to adapt the existing builder with small effort. The modified version of PLD builder automation can be found at https://github.com/draenog/pld-builder.new

=====Contact=====
In case of any problem, please contact <draenog@pld-linux.org>