From 841f05f295b8024901097bbea662d5f93409db9e Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Thu, 21 Nov 2024 13:51:59 -0600 Subject: [PATCH 1/5] feat(#528): allow `roundup` group users to interact with git repos Closes #528 --- salt/bugs/init.sls | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/salt/bugs/init.sls b/salt/bugs/init.sls index a7dd6ebe..aaa55393 100644 --- a/salt/bugs/init.sls +++ b/salt/bugs/init.sls @@ -233,7 +233,9 @@ tracker-{{ tracker }}-clone: tracker-{{ tracker }}-clone-permissions: file.directory: - name: /srv/roundup/trackers/{{ tracker }} - - mode: "0750" + - user: roundup + - group: roundup + - mode: "0770" tracker-{{ tracker }}-config: file.managed: From ac2f2ac723a08b61d44e3c90ec8f198f9b8bef4e Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Wed, 4 Dec 2024 13:23:46 -0600 Subject: [PATCH 2/5] feat: add global gitconfig for all users --- salt/bugs/init.sls | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/salt/bugs/init.sls b/salt/bugs/init.sls index aaa55393..04c070ab 100644 --- a/salt/bugs/init.sls +++ b/salt/bugs/init.sls @@ -233,9 +233,19 @@ tracker-{{ tracker }}-clone: tracker-{{ tracker }}-clone-permissions: file.directory: - name: /srv/roundup/trackers/{{ tracker }} - - user: roundup - - group: roundup - - mode: "0770" + - mode: "0750" + +tracker-{{ tracker }}-gitconfig: + file.blockreplace: + - name: /etc/gitconfig + - marker_start: "# TRACKER-{{ tracker }}-START" + - marker_end: "# TRACKER-{{ tracker }}-END" + - content: | + [safe] + directory = /srv/roundup/trackers/{{ tracker }} + - append_if_not_found: True + - require: + - file: tracker-{{ tracker }}-clone-permissions tracker-{{ tracker }}-config: file.managed: From f3577948846e31336a862b04eb779099bd03cf6c Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Wed, 4 Dec 2024 13:28:21 -0600 Subject: [PATCH 3/5] chore: make it not suck --- salt/bugs/init.sls | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/salt/bugs/init.sls b/salt/bugs/init.sls index 04c070ab..435f1985 100644 --- a/salt/bugs/init.sls +++ b/salt/bugs/init.sls @@ -235,18 +235,14 @@ tracker-{{ tracker }}-clone-permissions: - name: /srv/roundup/trackers/{{ tracker }} - mode: "0750" -tracker-{{ tracker }}-gitconfig: - file.blockreplace: - - name: /etc/gitconfig - - marker_start: "# TRACKER-{{ tracker }}-START" - - marker_end: "# TRACKER-{{ tracker }}-END" - - content: | - [safe] - directory = /srv/roundup/trackers/{{ tracker }} - - append_if_not_found: True +tracker-{{ tracker }}-add-safe-directory: + cmd.run: + - name: git config --system --add safe.directory "/srv/roundup/trackers/{{ tracker }}" + - unless: git config --system --get-all safe.directory | grep -q "^/srv/roundup/trackers/{{ tracker }}$" - require: - file: tracker-{{ tracker }}-clone-permissions + tracker-{{ tracker }}-config: file.managed: - name: /srv/roundup/trackers/{{ tracker }}/config.ini From 707ab8cb33dfcb063eae19aae21cb5587d77064e Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Wed, 4 Dec 2024 13:41:59 -0600 Subject: [PATCH 4/5] fix: update perms --- salt/bugs/init.sls | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/salt/bugs/init.sls b/salt/bugs/init.sls index 435f1985..7a8afb87 100644 --- a/salt/bugs/init.sls +++ b/salt/bugs/init.sls @@ -3,6 +3,13 @@ include: - bugs.postgresql - nginx +ensure-gitconfig-permissions: + file.managed: + - name: /etc/gitconfig + - user: root + - group: root + - mode: 644 + roundup-deps: pkg.installed: - pkgs: @@ -241,7 +248,7 @@ tracker-{{ tracker }}-add-safe-directory: - unless: git config --system --get-all safe.directory | grep -q "^/srv/roundup/trackers/{{ tracker }}$" - require: - file: tracker-{{ tracker }}-clone-permissions - + - file: ensure-gitconfig-permissions tracker-{{ tracker }}-config: file.managed: From 4fc842dea7bfa28dd86edcd4ceee62ef6d1372b9 Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Thu, 5 Dec 2024 12:41:12 -0600 Subject: [PATCH 5/5] chore: linting --- salt/bugs/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/bugs/init.sls b/salt/bugs/init.sls index 7a8afb87..96b4e46a 100644 --- a/salt/bugs/init.sls +++ b/salt/bugs/init.sls @@ -8,7 +8,7 @@ ensure-gitconfig-permissions: - name: /etc/gitconfig - user: root - group: root - - mode: 644 + - mode: "0644" roundup-deps: pkg.installed: