[Cryptech Core] git, again

Leif Johansson leifj at sunet.se
Sun Jan 12 23:42:09 UTC 2014


On 2014-01-13 00:31, Rob Austein wrote:
> We're getting to the point where people want version control.
>
> I'm taking it as read from the discussion in Stockholm that we'll be
> using git.  If anybody really wants to revisit that discussion, say
> so, but otherwise I consider it a closed issue, git won.
>
> At this point I know how to set up git repositories to which people
> will be pushing via HTTPS, but I gather that this is not what cool
> kids do in the git world.
>
> So we're probably talking about ssh, as git users would expect.  OK.
ok
>
> Lightweight solutions appear to be gitosis and gitolite.  I would have
> preferred gitosis, as very simple, but the hive mind seems to have
> declared gitosis to be orphanware.  So, gitolite.  OK.
ok
> It turns out that Gerrit (the code review system Peter mentioned) has
> similar abilities.  Gerrit is not a light weight solution to anything,
> it's a huge Java package with its own internal http and ssh servers.
> We may want to use it in the long run anyway, but it's a bit big and
> scary to rush into production use.
stick with gitolite - good enough
> So I'm currently leaning towards gitolite, probably with Trac, gitweb,
> or both as web browsing solutions.  Plain HTTP(S) is probably
> sufficient for read-only repository access at the moment, we can think
> about running git daemon when there's enough traffic to justify it.
good choices
> The one big unknown in all this is signed commits.  Peter was
> proposing a policy in which all commits would be gpg-signed.  There's
> a long document discussing this at:
>
>   http://mikegerwitz.com/papers/git-horror-story.html
a very good read
> The basic mechanism seems straightforward enough, although I'm not yet
> sure about all the details of enforcing such a policy (manual
> enforcement?  attempt to automate via commit hooks?  how does this
ft has some experience with this. we're using signed tags (pre 1.7) for
most of our cfg mgmt repos over here and I think (ft?) we use commit
hooks for enforcing some part of that but I'll let ft speak to that
> integrate with code review tools?  ...).  We don't necessarily have to
> do this from day one (may have already missed the boat on that, as I
> gather that Joachim has been busy...), but for it to make sense we
> probably do have to pick a flag day and decree that all commits from
> that day forward (or, rather, children of that commit) must be signed.
>
> Proposal, just to have something concrete here:
>
> - Start out with gitolite, maybe add gerrit later.
>
> - Sign all commits from day one in these repositories; suggestions
>   welcome on how to handle existing unsigned commits, if any.
>
> - Don't attempt to automate enforcement of the signed commit policy,
>   but perhaps some kind of cron job that periodically checks for
>   unsigned commits would be useful.
good enough for a start
>
> Comments?  Serious disagreement on anything?  Suggestions?
> _______________________________________________
> Core mailing list
> Core at cryptech.is
> https://cryptech.is/mailman/listinfo/core





More information about the Core mailing list