Bug 821838 - Review Request: gitolite3 - Highly flexible server for git directory version tracker
Review Request: gitolite3 - Highly flexible server for git directory version ...
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Simone Caronni
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-15 10:48 EDT by Gwyn Ciesla
Modified: 2012-08-15 08:28 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-01 13:03:25 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
negativo17: fedora‑review+
limburgher: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Gwyn Ciesla 2012-05-15 10:48:52 EDT
Description:

Gitolite allows a server to host many git repositories and provide access
to many developers, without having to give them real userids on the server.
The essential magic in doing this is ssh's pubkey access and the authorized
keys file, and the inspiration was an older program called gitosis.

Gitolite can restrict who can read from (clone/fetch) or write to (push) a  
repository. It can also restrict who can push to what branch or tag, which
is very important in a corporate environment. Gitolite can be installed
without requiring root permissions, and with no additional software than git
itself and perl. It also has several other neat features described below and
elsewhere in the doc/ directory.

SPEC: http://fedorapeople.org/~limb/review/gitolite3/gitolite3.spec
SRPM: http://fedorapeople.org/~limb/review/gitolite3/gitolite3-3.01-1.fc16.src.rpm

Does not Obsolete gitolite because gitolite 2.x will be maintained for some time, and this facilitates careful migration to 3.x.
Comment 1 Gwyn Ciesla 2012-05-15 10:50:44 EDT
CCing gitolite maintainer.
Comment 2 Simone Caronni 2012-05-15 12:19:47 EDT
I will review this package
Comment 3 Paulo Andrade 2012-05-15 12:56:08 EDT
I suggest using

%attr(750,%{name},%{name}) %dir %{gitolite_homedir}
%attr(750,%{name},%{name}) %dir %{gitolite_homedir}/.ssh

instead of

%attr(750,%{name},%{name}) %{gitolite_homedir}
%attr(750,%{name},%{name}) %{gitolite_homedir}/.ssh

to avoid files listed multiple times.
Comment 4 Simone Caronni 2012-05-15 13:00:15 EDT
Key:
- = N/A
x = Pass
! = Fail
? = Not evaluated

==== Generic ====
[x]: MUST Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: MUST Package successfully compiles and builds into binary rpms on at
     least one supported primary architecture.
[-]: MUST %build honors applicable compiler flags or justifies otherwise.
[x]: MUST All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[!]: MUST Buildroot is not present
     Note: Buildroot is not needed unless packager plans to package for EPEL5
[x]: MUST Package contains no bundled libraries.
[x]: MUST Changelog in prescribed format.
[!]: MUST Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
     Note: Clean is needed only if supporting EPEL
[x]: MUST Sources contain only permissible code or content.
[x]: MUST %config files are marked noreplace or the reason is justified.
[!]: MUST Each %files section contains %defattr if rpm < 4.4
     Note: defattr(....) present in %files section. This is OK if packaging
     for EPEL5. Otherwise not needed
[-]: MUST Macros in Summary, %description expandable at SRPM build time.
[x]: MUST Package requires other packages for directories it uses.
[x]: MUST Package uses nothing in %doc for runtime.
[x]: MUST Package is not known to require ExcludeArch.
[x]: MUST Permissions on files are set properly.
[x]: MUST Package does not contain duplicates in %files.
[x]: MUST Spec file lacks Packager, Vendor, PreReq tags.
[!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf is only needed if supporting EPEL5
[-]: MUST Large documentation files are in a -doc subpackage, if required.
[!]: MUST If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %doc.
[x]: MUST License field in the package spec file matches the actual license.
[x]: MUST Package consistently uses macros (instead of hard-coded directory
     names).
[x]: MUST Package is named according to the Package Naming Guidelines.
[x]: MUST No %config files under /usr.
[x]: MUST Package does not generate any conflict.
[x]: MUST Package obeys FHS, except libexecdir and /usr/target.
[x]: MUST Package must own all directories that it creates.
[x]: MUST Package does not own files or directories owned by other packages.
[x]: MUST Package installs properly.
[x]: MUST Requires correct, justified where necessary.
[!]: MUST Rpmlint output is silent.
[!]: MUST Sources used to build the package match the upstream source, as
     provided in the spec URL.
Package has no sources or they are generated by developer
[x]: MUST Spec file is legible and written in American English.
[x]: MUST Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[-]: MUST Package contains a SysV-style init script if in need of one.
[x]: MUST File names are valid UTF-8.
[-]: MUST Useful -debuginfo package or justification otherwise.
[x]: SHOULD Reviewer should test that the package builds in mock.
[x]: SHOULD If the source package does not include license text(s) as a
     separate file from upstream, the packager SHOULD query upstream to
     include it.
[x]: SHOULD Dist tag is present.
[x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin,
     /usr/sbin.
[x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q
     --requires).
[x]: SHOULD Package functions as described.
[x]: SHOULD Latest version is packaged.
[x]: SHOULD Package does not include license text files separate from
     upstream.
[-]: SHOULD Scriptlets must be sane, if used.
[x]: SHOULD SourceX is a working URL.
[-]: SHOULD Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: SHOULD Package should compile and build into binary rpms on all supported
     architectures.
[-]: SHOULD %check is present and all tests pass.
[x]: SHOULD Packages should try to preserve timestamps of original installed
     files.
[x]: SHOULD Spec use %global instead of %define.
Comment 5 Simone Caronni 2012-05-15 13:01:08 EDT
EPEL 5: Looking at the spec file I assume that the package will not be built for EPEL 5.

[!]: MUST If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %doc.
     
The archive includes the "COPYING" file but that's not included in the %doc section.

[!]: MUST Rpmlint output is silent.

gitolite3.noarch: W: spelling-error %description -l en_US userids -> use rids, use-rids, user ids
gitolite3.noarch: W: spelling-error %description -l en_US ssh's -> ash's, sash's
gitolite3.noarch: W: spelling-error %description -l en_US pubkey -> pub key, pub-key, puberty
gitolite3.noarch: W: spelling-error %description -l en_US gitosis -> mitosis, halitosis
gitolite3.src: W: spelling-error %description -l en_US Gitolite -> Impolite
gitolite3.src: W: spelling-error %description -l en_US userids -> use rids, use-rids, user ids
gitolite3.src: W: spelling-error %description -l en_US ssh's -> ash's, sash's
gitolite3.src: W: spelling-error %description -l en_US pubkey -> pub key, pub-key, puberty
gitolite3.src: W: spelling-error %description -l en_US gitosis -> mitosis, halitosis
gitolite3.src: W: spelling-error %description -l en_US perl -> Perl, peel, perk

Dictionary errors, can be ignored (halitosis?).


gitolite3.noarch: E: script-without-shebang /usr/share/perl5/vendor_perl/Gitolite/Triggers/CpuTime.pm
gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/lib/Gitolite/Triggers/CpuTime.pm

No interpreter for perl modules, can be ignored.


gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/continuation-lines
gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/keysubdirs-as-groups

Do these need an interpreter at the top?


gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3/.ssh/authorized_keys gitolite3
gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3/.ssh/authorized_keys gitolite3
gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3 gitolite3
gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3 gitolite3
gitolite3.noarch: E: non-standard-dir-perm /var/lib/gitolite3 0750L
gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3/.ssh gitolite3
gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3/.ssh gitolite3
gitolite3.noarch: W: hidden-file-or-dir /var/lib/gitolite3/.ssh

I suppose these can be ignored as per the package structure and the way the user is confined.


gitolite3.noarch: E: non-standard-dir-perm /var/lib/gitolite3/.ssh 0750L
gitolite3.noarch: W: hidden-file-or-dir /var/lib/gitolite3/.ssh
gitolite3.noarch: E: non-readable /var/lib/gitolite3/.ssh/authorized_keys 0640L
gitolite3.noarch: E: zero-length /var/lib/gitolite3/.ssh/authorized_keys

Maybe (I'm not sure) this line can be removed from the spec file:
%attr(750,%{name},%{name}) %{gitolite_homedir}/.ssh
and a %ghost could be added to the authorized_keys file. Or another option can be like pcpa stated in Comment #3


gitolite3.noarch: W: no-manual-page-for-binary gitolite

Can be ignored.


gitolite3.noarch: E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L /usr/bin/perl

I think this is wrong, all the other scripts in /usr/share/gitolite3/VREF/ are executable.


gitolite3.src: W: invalid-url Source0: sitaramc-gitolite-v3.01-0-g88b4c86-nodocs.tar.gz

Missing script to generate tarball in the SRPM.


2 packages and 0 specfiles checked; 9 errors, 20 warnings.


[!]: MUST Sources used to build the package match the upstream source, as
     provided in the spec URL.
Package has no sources or they are generated by developer

Script to generate the sources tarball from the git repository with the declared components excluded is missing:

http://fedoraproject.org/wiki/Packaging:SourceURL#When_Upstream_uses_Prohibited_Code
Comment 6 Gwyn Ciesla 2012-05-15 13:25:29 EDT
- Added license file, fixed duplicate files, dropped defattr.
- Dropped clean and buildroot.
- Added script to generate tarball in comments.

Right, I'll be building F-17, F-16, and EL-6 only.

SPEC: http://fedorapeople.org/~limb/review/gitolite3/gitolite3.spec
SRPM:
http://fedorapeople.org/~limb/review/gitolite3/gitolite3-3.01-2.fc16.src.rpm
Comment 7 Simone Caronni 2012-05-15 14:27:54 EDT
Are these the intended behaviour in the latest revision you posted?

E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/continuation-lines
E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/keysubdirs-as-groups

E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L /usr/bin/perl

--Simone
Comment 8 Gwyn Ciesla 2012-05-15 14:46:51 EDT
I believe so.
Comment 9 Simone Caronni 2012-05-16 03:18:51 EDT
If the above points for you are all expected behaviour, especially:

E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L
/usr/bin/perl

then for me the package is approved.
Comment 10 Gwyn Ciesla 2012-05-16 08:04:38 EDT
It's indicated to be demo code, and isn't AFAICT called elsewhere.

Thanks!  Adding Lubo as co-maintainer, please remove yourself if not interested.

New Package SCM Request
=======================
Package Name: gitolite3
Short Description: Highly flexible server for git directory version tracker
Owners: limb lkundrak
Branches: f16 f17 el6
InitialCC:
Comment 11 Gwyn Ciesla 2012-05-16 08:58:45 EDT
Git done (by process-git-requests).
Comment 12 Fedora Update System 2012-05-16 10:20:04 EDT
gitolite3-3.01-2.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/gitolite3-3.01-2.fc16
Comment 13 Fedora Update System 2012-05-16 10:20:15 EDT
gitolite3-3.01-2.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/gitolite3-3.01-2.fc17
Comment 14 Fedora Update System 2012-05-16 10:20:46 EDT
gitolite3-3.01-2.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/gitolite3-3.01-2.el6
Comment 15 Fedora Update System 2012-05-16 14:57:51 EDT
gitolite3-3.01-2.el6 has been pushed to the Fedora EPEL 6 testing repository.
Comment 16 Fedora Update System 2012-05-21 09:28:50 EDT
gitolite3-3.02-1.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/gitolite3-3.02-1.fc16
Comment 17 Fedora Update System 2012-05-21 09:29:04 EDT
gitolite3-3.02-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/gitolite3-3.02-1.fc17
Comment 18 Fedora Update System 2012-05-21 09:29:19 EDT
gitolite3-3.02-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/gitolite3-3.02-1.el6
Comment 19 Fedora Update System 2012-05-23 10:17:28 EDT
gitolite3-3.03-1.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/gitolite3-3.03-1.fc16
Comment 20 Fedora Update System 2012-05-23 10:17:57 EDT
gitolite3-3.03-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/gitolite3-3.03-1.fc17
Comment 21 Fedora Update System 2012-05-23 10:18:24 EDT
gitolite3-3.03-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/gitolite3-3.03-1.el6
Comment 22 Fedora Update System 2012-06-01 13:03:25 EDT
gitolite3-3.03-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 23 Fedora Update System 2012-06-01 23:55:07 EDT
gitolite3-3.03-1.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 24 Fedora Update System 2012-06-08 15:31:31 EDT
gitolite3-3.03-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.