Per a conversation in #-infra with robbat2, I'd like to request that several hooks be added. Firstly, I'd like to have the gentoo-mirror hook to mirror from proj/gentoo-mate to github.com/gentoo/gentoo-mate. Provided that the GPG signatures don't need to be on file, I'd like to have required-signed-push. (the reason why I stipulate the on file part is that a prospective developer and repo contributor, mudler, doen't have a GPG key on file, AFAIK) The original email that robbat2 mentioned a potential future hook require-signed-commit. Assuming that this hook has been authored, and that it doesn't require that the key be on file, I'd like to request that as well. Hopefully that was clear, but if not, please don't hesitate to ask for clarification. Thanks in advance for looking into the situation.
After having looked over the hooks themselves, gentoo-mirror hook from proj/gentoo-mate to github.com/gentoo/gentoo-mate required-signed-push as is, with U) ;; # TODO: deny this later left as is. Thanks!
+ config gentoo.mirror.url = git@github.com:gentoo/gentoo-mate.git + option hook.pre-receive = require-signed-push + option hook.post-receive = save-push-signatures gentoo-mirror
(In reply to Michał Górny from comment #2) > + config gentoo.mirror.url = git@github.com:gentoo/gentoo-mate.git > + option hook.pre-receive = require-signed-push > + option hook.post-receive = save-push-signatures gentoo-mirror Thanks!
commit 9109aedd47a63d5aa23b52da7cf1f328e47946ac Author: Michał Górny <mgorny@gentoo.org> Date: Fri Oct 28 18:35:46 2016 proj/devmanual: Attempt to replace signed push with signed commit hook diff --git a/conf/proj.conf b/conf/proj.conf index 52a6dea..4f03d04 100644 --- a/conf/proj.conf +++ b/conf/proj.conf @@ -282,12 +282,12 @@ repo proj/desktop-effects repo proj/devmanual RW+ = @devs gokturk@binghamton.edu R = @all daemon gitweb + - VREF/proj-gentoo-02-gpg = @all category = proj owner = "Gentoo Devmanual team <devmanual@gentoo.org>" desc = "Gentoo devmanual source" config gentoo.mirror.url = git@github.com:gentoo/devmanual.gentoo.org.git - option hook.pre-receive = require-signed-push - option hook.post-receive = save-push-signatures gentoo-mirror + option hook.post-receive = gentoo-mirror
Sorry, wrong bug. Here, I wanted to ask you if you want me to deploy the signed commit solution, and if you want to keep signed pushes or replace them with the latter.