What I am trying to achieve is, that #dev group can make their own repos, do whatever on their dev/ branches, but can only push to their own repo master branch, and read only others developers master branches.
I have setup my rules like this in gitolite.conf:
#projects = projects/..*
repo #projects
C = #devs
- master$ = #devs
RW+ master$ = CREATOR
RW+ = #admin TRUSTED
RW+ dev/ = #devs
RW = #devs
When I check for access for a particular dev, that I would like him to be able to READ master, result is DENIED?
gitolite access -s projects/a1 [dev-member] R master
legend:
d => skipped deny rule due to ref unknown or 'any',
r => skipped due to refex not matching,
p => skipped due to perm (W, +, etc) not matching,
D => explicitly denied,
A => explicitly allowed,
F => denied due to fallthru (no rules matched)
p gitolite.conf:37 C = #devs
D gitolite.conf:39 - master$ = #devs
R refs/heads/master projects/a1 [dev-member] DENIED by refs/heads/master$
Same happens for me as the CREATOR of this repo, so I am not able even to READ my own master branch. How would I resolve this?
Even more confusing is the following case:
Given the fact that branquito is in #admin group.
gitolite access -s projects/a1 branquito W master
legend:
...
p gitolite.conf:37 C = #devs
D gitolite.conf:38 - master$ = #devs
W refs/heads/master projects/a1 branquito DENIED by refs/heads/master$
but:
gitolite access -s projects/a1 #admin W master
legend:
...
A gitolite.conf:40 RW+ = #admin TRUSTED
refs/.*
Related
I am trying to create a bare git repo, git clone into another directory, and do the git add . & git commit & git push. However, I could not successfully complete git add . After I did git add ., I checked by git status , the target file hasn't been added.
The code I tried as follows:
let mut index = repo.index().unwrap();
&index.add_all(&["."], git2::IndexAddOption::DEFAULT, None)?;
let oid = index.write_tree()?;
let signature = git2::Signature::now("secure-crates","abc#gmail.com")?;
let tree = repo.find_tree(oid)?;
let msg :&str = "Inital Commit";
repo.commit(Some("HEAD"), &signature, &signature, &msg, &tree, &[])?;
let mut remote = repo.find_remote("origin")?;
remote.push::<&'static str>(&[], None)?;
Is anybody know how to do git add operation for a bare repo?
I would like to print a git commit and the tag in my Python code.
How can I do this using git package?
When I am going to my Bitbucket I see
tag: 73-2-g46b9856
commit checksum: 46b9856
How can I retrieve this info from git package?
I have done the following:
import git
repo = git.Repo(search_parent_directories=True)
sha = repo.head.object.hexsha
So I assume you already have the checksum you want in the sha variable.
At this point, there's a post for how to get the tags and looking for a specific tag associated with that sha in this link: Get tags of a commit
# Example code for clarity
import git
repo = git.Repo(search_parent_directories=True)
sha = repo.head.object.hexsha
tagmap = {}
for t in repo.tags:
tagmap.setdefault(repo.commit(t), []).append(t)
tags = tagmap[repo.commit(sha)] # Warning: Your latest commit might not have a tag associated with it so this will throw an error right now.
print(tags)
Here is what solved my issue:
repo = git.Repo(search_parent_directories = True)
sha = repo.head.object.hexsha
commit_chksum = repo.git.rev_parse(sha, short = 7)
tag = subprocess.check_output(["git", "describe", "--always"]).strip().decode()
I'd need to walk on entire repo's branches commits. I have tried this but with no success. :
for branch_name in list(repo.branches.remote):
try:
branch = repo.lookup_branch(branch_name)
ref = repo.lookup_reference(branch.name)
repo.checkout(ref)
for commit in repo.walk(branch.target, pygit2.GIT_SORT_TIME):
print(commit.id.hex)
Any help would be appreciated, thanks.
This is what I have:
def iterate_repository(dir: str) -> None:
repo = pygit2.Repository(dir)
for branch_name in list(repo.branches.remote):
branch = repo.branches.get(branch_name)
latest_commit_id = branch.target
latest_commit = repo.revparse_single(latest_commit_id.hex)
for commit in repo.walk(latest_commit.id, pygit2.GIT_SORT_TIME):
print(commit.id.hex)
Expanding from that should be relatively easy. What I do is gather statistics from files included in a commit.
I have specified certain aliases in the .gitconfig file located in /home/myUser/.gitconfig as below (I am pasting the entire file settings):
[user]
name = myName
email = myEmail#email.com
[core]
autocrlf = true
safecrlf = true
[push]
default = simple
[alias]
co = checkout
ci = commit
st = status
br = branch
hist = log --pretty=format:'%h %ad | %s%d [%an]' --graph --date=short
type = cat-file -t
dump = cat-file -p
I am having a problem specifically with that hist alias. Sometimes I get the desired output when y execute de git hist (I mean the format specified in the .gitconfig for the hist alias); and some other times it is not recognized. I tried restarting the terminal an the same happens: sometimes it works and some other times don't.
Would appreciate any help, thanks a lot!
I'm trying to set up global user / group access to all my svn repositories on Linux. Since I am very new to svn / linux stuff can someone take a look at what I have set up. I still get a "Invalid authz configuration". Here is how I proceed :
Svn installed / properly working. Serving path home/svn/repos/.
"my_project" created, works using simple auth. Path is home/svn/repos/my_project/.
My "global" user / password + groups file /home/svn/passwd
[groups]
team_a = tom, sim
team_b = jake, roy
prod = frank
[users]
tom = j9uems
sim = 90uifs
jake = fd9j8p
roy = 8ujwek
frank = 8jfjel
My configuration file home/svn/repos/my_project/conf/svnserve.conf
[general]
anon-access = none
auth-access = write
password-db = /home/svn/passwd
authz-db = authz
My authorization file home/svn/repos/my_project/conf/authz
[/]
# this project is a team_a project. But jake can have a read acces to it
#team_a = rw
#team_b =
jake = r
#prod = r
Ok I Found out a better way to set up a global authentifications / access. If that info could help...
To remove or create a new user, I used a a global "passwd" file (no groups!) /home/svn/passwd
[users]
tom = j9uems
sim = 90uifs
jake = fd9j8p
roy = 8ujwek
frank = 8jfjel
To manage groups and global access to repositories on the server, I used a global "authz" file /home/svn/authz
[groups]
team_a = tom, sim
team_b = jake, roy
prod = frank
[my_project:/]
# access denied for everyone
* =
#team_a = rw
jake = r
#prod = r
All repositories must have the same svnserve.conf home/svn/repos/my_project/conf/svnserve.conf
[general]
anon-access = none
auth-access = write
password-db = /home/svn/passwd
authz-db = /home/svn/authz
Note that access may be granted to any groups / users to any path of any repos. For example if "prod" group needs to have full access to "production" folder of that project, that is possible :
[my_project:/production]
#prod = rw