[Cryptech Core] Two proposed changes to gitolite configuration

[Linus Nordberg]

Rob Austein <sra at hactrn.net> wrote
Wed, 05 Nov 2014 18:22:04 -0500:

| 1) We've talked about having a user/ tree.  While we can do that
|    already with the current configuration, the Principle of Least
|    Astonishment suggests that, by default, nobody but user foo should
|    be allowed to create or push to user/foo/bar.  In theory this is a
|    four line addition to the config file (it's even documented).

+1


| 2) I've come to the conclusion that, at least for our purposes,
|    gitolite's default behavior of creating an empty repository when
|    one clones a repository that doesn't exist is probably a mistake.
|    I've been through several cycles of cleaning up empty repositories
|    created this way, no big deal, but also pretty clearly not what
|    users expect when they type the wrong URI for a repository they
|    want to clone.  There are two possible fixes for this:
| 
|    2a) Disable create-on-clone but continue to allow create-on-push.
| 
|    2b) Disable automatic creation entirely, so creating a new
|        repository would require an explicit command:
| 
|        $ ssh git at git.cryptech.is create foo/bar
| 
|    For those masochistic enough to follow along in the gitolite
|    documentation, these options refer to the .gitolite.rc options
|    "no-create-on-read" and "no-auto-create", respectively.
| 
|    Absent strong opinions, I'll go with (2a), as my guess is that
|    this group is reasonably careful when pushing stuff to a new
|    repository for the first time; the mess to date has pretty clearly
|    just been accidental create-on-clone.

+1

Thanks.