Closed Bug 1383487 Opened 8 years ago Closed 1 year ago

Provide access level via public API

Categories

(Developer Services :: Mercurial: hg.mozilla.org, enhancement)

Product:
Developer Services
Component:
Mercurial: hg.mozilla.org
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1234556

People

(Reporter: dustin, Unassigned)

Details

I'd like to write a little automation to verify that https://hg.mozilla.org/build/tools/raw-file/default/buildfarm/maintenance/production-branches.json's notion of the access level for a repo matches the actual repo configuration, but currently that requires an SSH key. Can I get that information made available via an HTTP call of some sort? Given that, I can in fact drop the access-level information from production-branches.json.
The thing making this complicated is that permissions are gated on group ownership of directories on the ssh server. The HTTP servers have independent copies of the repos and all repos are owned by the same user/group. So to implement this we need a way for the hgweb/HTTP machines to know about the group owner from the hgssh/SSH machine. That likely requires some custom wire protocol hackery so it is downloaded as part of `hg pull`. We have some mechanisms in place for e.g. replicating the clonebundles.manifest file. We can piggyback on that. Alternatively, we could stuff something into hgrc, rely on existing replication of that file's content, and expose the value on hgweb. But the hgrc file can get stale and not reflect reality. Another related feature request is the ability to know which hooks are enabled for a repo. There's a very old bug on file for that.
Maybe there's something that compares hgrc to the group ownership periodically?
Status: NEW → RESOLVED
Closed: 1 year ago
Duplicate of bug: 1234556
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.