Bug 670485 - fedpkg git clone should be anon by default + git pushurl
Summary: fedpkg git clone should be anon by default + git pushurl
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: fedpkg
Version: rawhide
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: ---
Assignee: cqi
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 1188634
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-01-18 12:58 UTC by Frank Ch. Eigler
Modified: 2019-05-10 16:25 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-05-10 16:25:27 UTC
Type: ---


Attachments (Terms of Use)

Description Frank Ch. Eigler 2011-01-18 12:58:58 UTC
fedpkg clone should default to -a (anonymous) checkouts,
which use the efficient git:// protocol.  With modern
enough git (incl. f13 and onward), it should set the
"pushurl" .git/config field to point to the ssh:// URL.

This change may have no downsides at all.

Comment 1 Jesse Keating 2011-01-19 01:16:38 UTC
that would force use of a different port that clients might not be expecting.  I'm not sure I want to enable this by default.

Comment 2 Frank Ch. Eigler 2011-01-19 01:35:30 UTC
Do you mean that some people might be on a network that doesn't allow
outgoing connections to the standard git port?  So that even if they
used fedpkg clone -a, it wouldn't work for them?

Wouldn't fedpkg be able to check for this unlikely situation by
trying the git: url first, and the ssh: one second if necessary?

For comparison, this change would save on the order of 1-10 seconds
per each git clone / pull operation, representing the ssh connection
setup overheads.  (The configuration of pkg.fedoraproject.org appears
to preclude ssh "control master" type persistent connections.)

Comment 3 Jesse Keating 2011-01-20 01:43:25 UTC
I'm just saying that it might be a un-expected behavior.  That doesn't mean I don't want to do it, I just mean that it could have some side effects.

Yes there are places that the standard git port isn't allowed out, same with ssh.  I've been looking at making our git system work with ACLs over http for these use cases, but it is low priority.

Also, I do believe you can use control master type persistent connections, so long as the first connection you make doesn't actually try to execute anything, using ssh -N

Comment 4 Bug Zapper 2011-05-30 11:50:15 UTC
This message is a reminder that Fedora 13 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 13.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '13'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 13's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 13 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 6 Sergio Basto 2013-02-24 02:47:58 UTC
I got message "Could not read Fedora cert, falling back to default
method"  
Default method should be anonymous and not try use $USER and finishing in a error of no pubkey .
With this new behavior I could advise any people to use fedpkg clone and build a package from sources adapted to their needs [¹]. 
Otherwise people will think that don't have access or to have needs a rsa/dsa key


[¹]  
cd fedora-scm/
fedpkg clone xorg-x11-drv-synaptics
cd xorg-x11-drv-synaptics/
fedpkg mockbuild --root fedora-18-x86_64

Comment 7 Fedora End Of Life 2013-04-03 18:32:08 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19

Comment 8 Sergio Basto 2013-10-12 18:16:58 UTC
Just review commands ,
we could advise any people to use fedpkg clone and build a package from sources adapted to their needs like this :

fedpkg clone mailman -a
cd mailman/
fedpkg switch-branch f19
vi mailman.spec
fedpkg srpm
mock -r fedora-19-i386 --rebuild ./mailman-2.1.15-13.sb.fc19.src.rpm 
rpm -Uvh /var/lib/mock/fedora-19-i386/result/mailman-2.1.15-13.sb.fc19.i686.rpm (as root)

Comment 9 Fedora End Of Life 2015-01-09 16:31:03 UTC
This message is a notice that Fedora 19 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 19. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained. Approximately 4 (four) weeks from now this bug will
be closed as EOL if it remains open with a Fedora 'version' of '19'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 19 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 10 Florian Weimer 2015-02-03 13:00:42 UTC
Using git:// will lose transport layer security, so this change is not recommend at this time.  I will file a separate bug to enable HTTPS support, so that even anonymous clones will have transport layer security.

Comment 11 Jan Kurik 2015-07-15 15:17:33 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 23 development cycle.
Changing version to '23'.

(As we did not run this process for some time, it could affect also pre-Fedora 23 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 23 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora23

Comment 12 Rex Dieter 2016-03-20 01:48:45 UTC
marking futurefeature

Comment 13 Fedora Admin XMLRPC Client 2017-02-21 16:41:23 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 14 Fedora Admin XMLRPC Client 2017-02-28 08:31:10 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 15 Ondřej Nosek 2019-04-03 17:16:42 UTC
This issue has been unresolved for more than a year, and is going to be closed within a week if no further action is taken. If you feel this is in error, please contact me.
This is a cleaning process suggested by Jay Greguske. Copy of this ticket was already closed in JIRA tracker.

Comment 16 Sergio Basto 2019-04-03 17:37:32 UTC
OK


Note You need to log in before you can comment on or make changes to this bug.