rpm/pagure
SHA256
1
0
Fork 0
forked from pool/pagure
Code Pull Requests Activity

Add pagure-pygit2.patch to repair service startup on Leap 15.6 and Tumbleweed

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/pagure?expand=0&rev=64
This commit is contained in:
Dirk Mueller 2024-08-21 11:33:39 +00:00 committed by Git OBS Bridge
commit df2d40deb1
10 changed files with 2206 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

44
5486.patch Normal file
View File

@ -0,0 +1,44 @@
From 7abc9608afe37e28221d12afb5c2078518febf9f Mon Sep 17 00:00:00 2001
From: Dominik Wombacher <dominik@wombacher.cc>
Date: May 27 2024 18:52:55 +0000
Subject: [PATCH 1/2] fix(oidc): Edge case, avoid 'KeyError' after pagure update if a cached session is used
---
diff --git a/pagure/ui/oidc_login.py b/pagure/ui/oidc_login.py
index 2495387..225646b 100644
--- a/pagure/ui/oidc_login.py
+++ b/pagure/ui/oidc_login.py
@@ -34,6 +34,8 @@ _log = logging.getLogger(__name__)
def fas_user_from_oidc():
if "oidc_cached_userdata" in flask.session:
flask.g.fas_user = munch.Munch(**flask.session["oidc_cached_userdata"])
+ # Edge case, avoid 'KeyError' after pagure update if a cached session is used
+ flask.g.fas_user.can_create = flask.g.fas_user.get("can_create", False)
elif oidc.user_loggedin and "oidc_logintime" in flask.session:
email_key, fulln_key, usern_key, ssh_key, groups_key = [
pagure_config["OIDC_PAGURE_EMAIL"],
From 6ff9732cb86b305ebcc32cdb0e7ff578171f4dd1 Mon Sep 17 00:00:00 2001
From: Dominik Wombacher <dominik@wombacher.cc>
Date: May 27 2024 18:54:54 +0000
Subject: [PATCH 2/2] fix(5.14.x): Use '==' instead of 'is' in template if condition because of old Jinja2 version on EL8
---
diff --git a/pagure/templates/master.html b/pagure/templates/master.html
index 4e2bc55..fa23194 100644
--- a/pagure/templates/master.html
+++ b/pagure/templates/master.html
@@ -40,7 +40,7 @@
{% if (config.get('ENABLE_NEW_PROJECTS', True) and config.get('ENABLE_UI_NEW_PROJECTS', True))
or config.get('ENABLE_GROUP_MNGT', False) %}
{#can_create is only defined if using OIDC so assume we cancreate #}
- {% if (g.fas_user.can_create is not defined) or (g.fas_user.can_create is true)%}
+ {% if (g.fas_user.can_create is not defined) or (g.fas_user.can_create == true)%}
<li class="nav-item dropdown ml-3">
<a class="nav-link dropdown-toggle font-weight-bold"
data-toggle="dropdown"

349
flask_fas_openid.py Normal file
View File

@ -0,0 +1,349 @@
# -*- coding: utf-8 -*-
# Flask-FAS-OpenID - A Flask extension for authorizing users with FAS-OpenID
#
# Primary maintainer: Patrick Uiterwijk <puiterwijk@fedoraproject.org>
#
# Copyright (c) 2013, Patrick Uiterwijk
# This file is part of python-fedora
#
# python-fedora is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# python-fedora is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with python-fedora; if not, see <http://www.gnu.org/licenses/>
'''
FAS-OpenID authentication plugin for the flask web framework
.. moduleauthor:: Patrick Uiterwijk <puiterwijk@fedoraproject.org>
..versionadded:: 0.3.33
'''
from functools import wraps
import logging
import time
from munch import Munch
import flask
try:
from flask import _app_ctx_stack as stack
except ImportError:
from flask import _request_ctx_stack as stack
from openid.consumer import consumer
from openid.fetchers import setDefaultFetcher, Urllib2Fetcher
from openid.extensions import pape, sreg, ax
from openid_cla import cla
from openid_teams import teams
import six
log = logging.getLogger(__name__)
# http://flask.pocoo.org/snippets/45/
def request_wants_json():
''' Return wether the user requested the data in JSON or not. '''
best = flask.request.accept_mimetypes \
.best_match(['application/json', 'text/html'])
return best == 'application/json' and \
flask.request.accept_mimetypes[best] > \
flask.request.accept_mimetypes['text/html']
class FASJSONEncoder(flask.json.JSONEncoder):
""" Dedicated JSON encoder for the FAS openid information. """
def default(self, o):
"""Implement this method in a subclass such that it returns a
serializable object for ``o``, or calls the base implementation (to
raise a ``TypeError``).
For example, to support arbitrary iterators, you could implement
default like this::
def default(self, o):
try:
iterable = iter(o)
except TypeError:
pass
else:
return list(iterable)
return JSONEncoder.default(self, o)
"""
if isinstance(o, (set, frozenset)):
return list(o)
return flask.json.JSONEncoder.default(self, o)
class FAS(object):
""" The Flask plugin. """
def __init__(self, app=None):
self.postlogin_func = None
self.app = app
if self.app is not None:
self.init_app(app)
def init_app(self, app):
""" Constructor for the Flask application. """
self.app = app
app.config.setdefault('FAS_OPENID_ENDPOINT',
'https://id.fedoraproject.org/openid/')
app.config.setdefault('FAS_OPENID_CHECK_CERT', True)
if not self.app.config['FAS_OPENID_CHECK_CERT']:
setDefaultFetcher(Urllib2Fetcher())
# json_encoder is only available from flask 0.10
version = flask.__version__.split('.')
assume_recent = False
try:
major = int(version[0])
minor = int(version[1])
except ValueError:
# We'll assume we're using a recent enough flask as the packages
# of old versions used sane version numbers.
assume_recent = True
if assume_recent or (major > 0 or minor >= 10):
self.app.json_encoder = FASJSONEncoder
@app.route('/_flask_fas_openid_handler/', methods=['GET', 'POST'])
def flask_fas_openid_handler():
""" Endpoint for OpenID results. """
return self._handle_openid_request()
app.before_request(self._check_session)
def postlogin(self, f):
"""Marks a function as post login handler. This decorator calls your
function after the login has been performed.
"""
self.postlogin_func = f
return f
def _handle_openid_request(self):
return_url = flask.session.get('FLASK_FAS_OPENID_RETURN_URL', None)
cancel_url = flask.session.get('FLASK_FAS_OPENID_CANCEL_URL', None)
base_url = self.normalize_url(flask.request.base_url)
oidconsumer = consumer.Consumer(flask.session, None)
info = oidconsumer.complete(flask.request.values, base_url)
display_identifier = info.getDisplayIdentifier()
if info.status == consumer.FAILURE and display_identifier:
return 'FAILURE. display_identifier: %s' % display_identifier
elif info.status == consumer.CANCEL:
if cancel_url:
return flask.redirect(cancel_url)
return 'OpenID request was cancelled'
elif info.status == consumer.SUCCESS:
if info.endpoint.server_url != \
self.app.config['FAS_OPENID_ENDPOINT']:
log.warn('Claim received from invalid issuer: %s',
info.endpoint.server_url)
return 'Invalid provider issued claim!'
sreg_resp = sreg.SRegResponse.fromSuccessResponse(info)
teams_resp = teams.TeamsResponse.fromSuccessResponse(info)
cla_resp = cla.CLAResponse.fromSuccessResponse(info)
ax_resp = ax.FetchResponse.fromSuccessResponse(info)
user = {'fullname': '', 'username': '', 'email': '',
'timezone': '', 'cla_done': False, 'groups': []}
if not sreg_resp:
# If we have no basic info, be gone with them!
return flask.redirect(cancel_url)
user['username'] = sreg_resp.get('nickname')
user['fullname'] = sreg_resp.get('fullname')
user['email'] = sreg_resp.get('email')
user['timezone'] = sreg_resp.get('timezone')
user['login_time'] = time.time()
if cla_resp:
user['cla_done'] = cla.CLA_URI_FEDORA_DONE in cla_resp.clas
if teams_resp:
# The groups do not contain the cla_ groups
user['groups'] = frozenset(teams_resp.teams)
if ax_resp:
ssh_keys = ax_resp.get(
'http://fedoauth.org/openid/schema/SSH/key')
if isinstance(ssh_keys, (list, tuple)):
ssh_keys = '\n'.join(
ssh_key
for ssh_key in ssh_keys
if ssh_key.strip()
)
if ssh_keys:
user['ssh_key'] = ssh_keys
user['gpg_keyid'] = ax_resp.get(
'http://fedoauth.org/openid/schema/GPG/keyid')
flask.session['FLASK_FAS_OPENID_USER'] = user
flask.session.modified = True
if self.postlogin_func is not None:
self._check_session()
return self.postlogin_func(return_url)
else:
return flask.redirect(return_url)
else:
return 'Strange state: %s' % info.status
def _check_session(self):
if 'FLASK_FAS_OPENID_USER' not in flask.session \
or flask.session['FLASK_FAS_OPENID_USER'] is None:
flask.g.fas_user = None
else:
user = flask.session['FLASK_FAS_OPENID_USER']
# Add approved_memberships to provide backwards compatibility
# New applications should only use g.fas_user.groups
user['approved_memberships'] = []
for group in user['groups']:
membership = dict()
membership['name'] = group
user['approved_memberships'].append(Munch.fromDict(membership))
flask.g.fas_user = Munch.fromDict(user)
flask.g.fas_user.groups = frozenset(flask.g.fas_user.groups)
flask.g.fas_session_id = 0
def _check_safe_root(self, url):
if url is None:
return None
if url.startswith(flask.request.url_root) or url.startswith('/'):
# A URL inside the same app is deemed to always be safe
return url
return None
def login(self, username=None, password=None, return_url=None,
cancel_url=None, groups=['_FAS_ALL_GROUPS_']):
"""Tries to log in a user.
Sets the user information on :attr:`flask.g.fas_user`.
Will set 0 to :attr:`flask.g.fas_session_id, for compatibility
with flask_fas.
:kwarg username: Not used, but accepted for compatibility with the
flask_fas module
:kwarg password: Not used, but accepted for compatibility with the
flask_fas module
:kwarg return_url: The URL to forward the user to after login
:kwarg groups: A string or a list of group the user should belong
to to be authentified.
:returns: True if the user was succesfully authenticated.
:raises: Might raise an redirect to the OpenID endpoint
"""
if return_url is None:
if 'next' in flask.request.args.values():
return_url = flask.request.args.values['next']
else:
return_url = flask.request.url_root
# This makes sure that we only allow stuff where
# ?next= value is in a safe root (the application
# root)
return_url = (self._check_safe_root(return_url) or
flask.request.url_root)
session = {}
oidconsumer = consumer.Consumer(session, None)
try:
request = oidconsumer.begin(self.app.config['FAS_OPENID_ENDPOINT'])
except consumer.DiscoveryFailure as exc:
# VERY strange, as this means it could not discover an OpenID
# endpoint at FAS_OPENID_ENDPOINT
log.warn(exc)
return 'discoveryfailure'
if request is None:
# Also very strange, as this means the discovered OpenID
# endpoint is no OpenID endpoint
return 'no-request'
if isinstance(groups, six.string_types):
groups = [groups]
request.addExtension(sreg.SRegRequest(
required=['nickname', 'fullname', 'email', 'timezone']))
request.addExtension(pape.Request([]))
request.addExtension(teams.TeamsRequest(requested=groups))
request.addExtension(cla.CLARequest(
requested=[cla.CLA_URI_FEDORA_DONE]))
ax_req = ax.FetchRequest()
ax_req.add(ax.AttrInfo(
type_uri='http://fedoauth.org/openid/schema/GPG/keyid'))
ax_req.add(ax.AttrInfo(
type_uri='http://fedoauth.org/openid/schema/SSH/key',
count='unlimited'))
request.addExtension(ax_req)
trust_root = self.normalize_url(flask.request.url_root)
return_to = trust_root + '_flask_fas_openid_handler/'
flask.session['FLASK_FAS_OPENID_RETURN_URL'] = return_url
flask.session['FLASK_FAS_OPENID_CANCEL_URL'] = cancel_url
if request_wants_json():
output = request.getMessage(trust_root,
return_to=return_to).toPostArgs()
output['server_url'] = request.endpoint.server_url
return flask.jsonify(output)
elif request.shouldSendRedirect():
redirect_url = request.redirectURL(trust_root, return_to, False)
return flask.redirect(redirect_url)
else:
return request.htmlMarkup(
trust_root, return_to,
form_tag_attrs={'id': 'openid_message'}, immediate=False)
def logout(self):
'''Logout the user associated with this session
'''
flask.session['FLASK_FAS_OPENID_USER'] = None
flask.g.fas_session_id = None
flask.g.fas_user = None
flask.session.modified = True
def normalize_url(self, url):
''' Replace the scheme prefix of a url with our preferred scheme.
'''
scheme = self.app.config['PREFERRED_URL_SCHEME']
scheme_index = url.index('://')
return scheme + url[scheme_index:]
# This is a decorator we can use with any HTTP method (except login, obviously)
# to require a login.
# If the user is not logged in, it will redirect them to the login form.
# http://flask.pocoo.org/docs/patterns/viewdecorators/#login-required-decorator
def fas_login_required(function):
""" Flask decorator to ensure that the user is logged in against FAS.
To use this decorator you need to have a function named 'auth_login'.
Without that function the redirect if the user is not logged in will not
work.
"""
@wraps(function)
def decorated_function(*args, **kwargs):
if flask.g.fas_user is None:
return flask.redirect(flask.url_for('auth_login',
next=flask.request.url))
return function(*args, **kwargs)
return decorated_function
def cla_plus_one_required(function):
""" Flask decorator to retrict access to CLA+1.
To use this decorator you need to have a function named 'auth_login'.
Without that function the redirect if the user is not logged in will not
work.
"""
@wraps(function)
def decorated_function(*args, **kwargs):
if flask.g.fas_user is None or not flask.g.fas_user.cla_done \
or len(flask.g.fas_user.groups) < 1:
# FAS-OpenID does not return cla_ groups
return flask.redirect(flask.url_for('auth_login',
next=flask.request.url))
else:
return function(*args, **kwargs)
return decorated_function

197
pagure-5.0-default-example-cfg.patch Normal file
View File

@ -0,0 +1,197 @@
diff -rup pagure/files/gitolite3.rc pagure.cfg-defs/files/gitolite3.rc
--- pagure/files/gitolite3.rc 2020-06-21 09:19:34.924187087 -0400
+++ pagure.cfg-defs/files/gitolite3.rc 2020-06-21 09:20:06.922455887 -0400
@@ -16,7 +16,7 @@
# ------------------------------------------------------------------
- GL_REPO_BASE => '/path/to/git/repositories',
+ GL_REPO_BASE => '/srv/gitolite/repositories',
# default umask gives you perms of '0700'; see the rc file docs for
# how/why you might change this
diff -rup pagure/files/pagure-apache-httpd.conf pagure.cfg-defs/files/pagure-apache-httpd.conf
--- pagure/files/pagure-apache-httpd.conf 2020-06-21 09:19:34.926187104 -0400
+++ pagure.cfg-defs/files/pagure-apache-httpd.conf 2020-06-21 09:20:06.923455896 -0400
@@ -29,9 +29,9 @@
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
- #SSLCertificateFile /etc/pki/tls/....crt
- #SSLCertificateChainFile /etc/pki/tls/....intermediate.crt
- #SSLCertificateKeyFile /etc/pki/tls/....key
+ #SSLCertificateFile /etc/ssl/....crt
+ #SSLCertificateChainFile /etc/ssl/....intermediate.crt
+ #SSLCertificateKeyFile /etc/ssl/....key
#<Location />
#WSGIProcessGroup paguredocs
@@ -58,9 +58,9 @@
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
- #SSLCertificateFile /etc/pki/tls/....crt
- #SSLCertificateChainFile /etc/pki/tls/....intermediate.crt
- #SSLCertificateKeyFile /etc/pki/tls/....key
+ #SSLCertificateFile /etc/ssl/....crt
+ #SSLCertificateChainFile /etc/ssl/....intermediate.crt
+ #SSLCertificateKeyFile /etc/ssl/....key
#Alias /releases /var/www/releases
@@ -94,7 +94,7 @@
#</IfModule>
#</Location>
- #<Directory /var/www/releases>
+ #<Directory /srv/www/pagure-releases>
#Options +Indexes
#</Directory>
diff -rup pagure/files/pagure.cfg.sample pagure.cfg-defs/files/pagure.cfg.sample
--- pagure/files/pagure.cfg.sample 2020-06-21 09:19:34.927187112 -0400
+++ pagure.cfg-defs/files/pagure.cfg.sample 2020-06-21 09:20:06.923455896 -0400
@@ -72,25 +72,33 @@ DOC_APP_URL = 'http://docs.localhost.loc
### The URL to use to clone git repositories.
GIT_URL_SSH = 'ssh://git@localhost.localdomain/'
-GIT_URL_GIT = 'git://localhost.localdomain/'
+GIT_URL_GIT = 'http://localhost.localdomain/'
+
+
+### Folder containing the pagure user SSH authorized keys
+SSH_FOLDER = os.path.join(
+ '/srv',
+ 'gitolite',
+ '.ssh'
+)
### Folder containing to the git repos
GIT_FOLDER = os.path.join(
- os.path.abspath(os.path.dirname(__file__)),
- '..',
- 'repos'
+ '/srv',
+ 'gitolite',
+ 'repositories'
)
REPOSPANNER_PSEUDO_FOLDER = os.path.join(
- os.path.abspath(os.path.dirname(__file__)),
- '..',
+ '/srv',
+ 'gitolite',
'pseudo'
)
### Folder containing the clones for the remote pull-requests
REMOTE_GIT_FOLDER = os.path.join(
- os.path.abspath(os.path.dirname(__file__)),
- '..',
+ '/srv',
+ 'gitolite',
'remotes'
)
@@ -100,21 +108,23 @@ VIRUS_SCAN_ATTACHMENTS = False
### Configuration file for gitolite
GITOLITE_CONFIG = os.path.join(
- os.path.abspath(os.path.dirname(__file__)),
- '..',
+ '/srv',
+ 'gitolite',
+ '.gitolite',
+ 'conf',
'gitolite.conf'
)
### Home folder of the gitolite user
### Folder where to run gl-compile-conf from
-GITOLITE_HOME = None
+GITOLITE_HOME = '/srv/gitolite'
### Version of gitolite used: 2 or 3?
GITOLITE_VERSION = 3
### Folder containing all the public ssh keys for gitolite
-GITOLITE_KEYDIR = None
+GITOLITE_KEYDIR = os.path.join(GITOLITE_HOME, '.gitolite', 'keydir')
### Path to the gitolite.rc file
GL_RC = None
diff -rup pagure/files/pagure_docs_web.service pagure.cfg-defs/files/pagure_docs_web.service
--- pagure/files/pagure_docs_web.service 2020-06-21 09:19:34.928187121 -0400
+++ pagure.cfg-defs/files/pagure_docs_web.service 2020-06-21 09:20:06.924455904 -0400
@@ -5,7 +5,7 @@ Documentation=https://pagure.io/pagure
[Service]
-ExecStart=/usr/bin/gunicorn --workers 4 --env PAGURE_CONFIG=/etc/pagure/pagure.cfg --access-logfile /var/log/pagure/access_docs_web.log --error-logfile /var/log/pagure/error_docs_web.log --bind unix:/tmp/pagure_docs_web.sock pagure.docs_server:APP
+ExecStart=/usr/bin/gunicorn --workers 4 --env PAGURE_CONFIG=/etc/pagure/pagure.cfg --access-logfile /var/log/pagure/access_docs_web.log --error-logfile /var/log/pagure/error_docs_web.log --bind unix:/srv/gitolite/.pagure_docs_web.sock pagure.docs_server:APP
Type=simple
User=git
Group=git
diff -rup pagure/files/pagure-nginx.conf pagure.cfg-defs/files/pagure-nginx.conf
--- pagure/files/pagure-nginx.conf 2020-06-21 09:19:34.926187104 -0400
+++ pagure.cfg-defs/files/pagure-nginx.conf 2020-06-21 09:20:06.924455904 -0400
@@ -12,15 +12,15 @@
#access_log /var/log/nginx/pagure_docs.access.log;
#error_log /var/log/nginx/pagure_docs.error.log;
- #ssl_certificate /etc/pki/tls/....crt
- #ssl_certificate_key /etc/pki/tls/....key
+ #ssl_certificate /etc/ssl/....crt
+ #ssl_certificate_key /etc/ssl/....key
#location @pagure_docs {
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
- #proxy_pass http://unix:/tmp/pagure_docs_web.sock;
+ #proxy_pass http://unix:/srv/gitolite/.pagure_docs_web.sock;
#}
#location / {
@@ -43,15 +43,15 @@
#access_log /var/log/nginx/pagure.access.log;
#error_log /var/log/nginx/pagure.error.log;
- #ssl_certificate /etc/pki/tls/....crt
- #ssl_certificate_key /etc/pki/tls/....key
+ #ssl_certificate /etc/ssl/....crt
+ #ssl_certificate_key /etc/ssl/....key
#location @pagure {
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
- #proxy_pass http://unix:/tmp/pagure_web.sock;
+ #proxy_pass http://unix:/srv/gitolite/.pagure_web.sock;
#}
#location / {
@@ -59,7 +59,7 @@
#}
#location /releases {
- #alias /var/www/releases/;
+ #alias /srv/www/pagure-releases/;
#autoindex on;
#}
diff -rup pagure/files/pagure_web.service pagure.cfg-defs/files/pagure_web.service
--- pagure/files/pagure_web.service 2020-06-21 09:19:34.928187121 -0400
+++ pagure.cfg-defs/files/pagure_web.service 2020-06-21 09:20:06.924455904 -0400
@@ -5,7 +5,7 @@ Documentation=https://pagure.io/pagure
[Service]
-ExecStart=/usr/bin/gunicorn --workers 4 --env PAGURE_CONFIG=/etc/pagure/pagure.cfg --access-logfile /var/log/pagure/access_web.log --error-logfile /var/log/pagure/error_web.log --bind unix:/tmp/pagure_web.sock "pagure.flask_app:create_app()"
+ExecStart=/usr/bin/gunicorn --workers 4 --env PAGURE_CONFIG=/etc/pagure/pagure.cfg --access-logfile /var/log/pagure/access_web.log --error-logfile /var/log/pagure/error_web.log --bind unix:/srv/gitolite/.pagure_web.sock "pagure.flask_app:create_app()"
Type=simple
User=git
Group=git

3
pagure-5.14.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4bdab80fb36b161cef6805dcadaa6db5513898e213ca15f9684be06d24b71a54
size 17738653

149
pagure-README.SUSE Normal file
View File

@ -0,0 +1,149 @@
# Setting up pagure
0. Prepare the filesystem (this step is usually performed on package install)
mkdir -p /srv/www/pagure-releases
mkdir -p /srv/gitolite/repositories/{,docs,forks,requests,tickets}
mkdir -p /srv/gitolite/pseudo
mkdir -p /srv/gitolite/remotes
mkdir -p /srv/gitolite/.gitolite/{conf,keydir,logs}
mkdir -p /srv/gitolite/.ssh
chmod 750 /srv/gitolite/.ssh
touch /srv/gitolite/.gitolite/conf/gitolite.conf
cp /usr/share/doc/packages/pagure/gitolite3.rc /srv/gitolite/.gitolite.rc
chown git:git -R /srv/gitolite
chown git:git /srv/www/pagure-releases
mkdir -p /srv/www/run
1. Install and set up a database
Option A: PostgreSQL
Note: If your PostgreSQL server is not on the same machine, just install 'python3-psycopg2'
on the pagure host machine and follow the installation and database creation steps below
on the designated database server. This also requires the database port opened on the
database server's firewall.
zypper install postgresql-server
systemctl start postgresql
A1. Edit /var/lib/pgsql/data/pg_hba.conf and change auth method from `ident` to `md5` for localhost
A2. Create the pagure database
sudo -u postgres psql
CREATE DATABASE pagure;
CREATE USER pagure;
ALTER USER pagure WITH ENCRYPTED PASSWORD '--PagureDBUserPW--';
GRANT ALL PRIVILEGES ON DATABASE pagure to pagure;
GRANT ALL PRIVILEGES ON ALL tables IN SCHEMA public TO pagure;
GRANT ALL PRIVILEGES ON ALL sequences IN SCHEMA public TO pagure;
\q
A3. Enable and restart PostgreSQL
systemctl stop postgresql
systemctl enable --now postgresql
Option B: MariaDB
Note: If your MariaDB server is not on the same machine, just install 'python3-PyMySQL'
on the pagure host machine and follow the installation and database creation steps below
on the designated database server. This also requires the database port opened on the
database server's firewall.
zypper install mariadb mariadb-client
systemctl enable --now mariadb
mysql_secure_installation
B1. Create the pagure database
mysql -u root -p
mysql> create database pagure;
mysql> grant all privileges on pagure.* to pagure identified by '--PagureDBUserPW--';
mysql> flush privileges;
mysql> exit
2. Install Redis
zypper install redis
3. Configure redis
cp /etc/redis/default.conf.example /etc/redis/default.conf
chown root:redis /etc/redis/default.conf
systemctl enable --now redis@default.service
4. Edit /etc/pagure/pagure.cfg to set up pagure settings as appropriate.
As we set up a database earlier using PostgreSQL or MariaDB, comment out the DB_URL for SQLite and
uncomment the correct one. Change the URL to match your database server location.
You'll also want to change email address and domain used for this instance to something real, especially if
you're using with HTTPS or having it public facing.
While currently Pagure defaults to the somewhat brittle legacy Gitolite backend, you should use
the more reliable and performant internal backend.
This is done by setting the following in /etc/pagure/pagure.cfg:
GIT_AUTH_BACKEND = "pagure_authorized_keys"
HTTP_REPO_ACCESS_GITOLITE = None
SSH_COMMAND_NON_REPOSPANNER = ([
"/usr/bin/%(cmd)s",
"/srv/gitolite/repositories/%(reponame)s",
], {"GL_USER": "%(username)s"})
For details on all the options in pagure.cfg, see https://docs.pagure.org/pagure/configuration.html
5. Populate the database
python3 /usr/share/pagure/pagure_createdb.py -c /etc/pagure/pagure.cfg -i /etc/pagure/alembic.ini
Note: On upgrades, just drop the "-i /etc/pagure/alembic.ini", and the script will do the correct
thing to upgrade the database.
6. Install either Apache HTTPD or Nginx web server and set up web configuration
Option A: Apache HTTPD
zypper install pagure-web-apache-httpd
A1. Edit /etc/apache2/vhosts.d/pagure.conf to set up web settings as appropriate.
Most of the settings just need to be uncommented to work. However, you may need to tweak based
on whether or not you're using HTTPS and if you are using HTTPS, where your certs are and what your domain(s) are.
Option B: Nginx
zypper install pagure-web-nginx
systemctl enable --now pagure_web.service pagure_docs_web.service
B1. Edit /etc/nginx/vhosts.d/pagure.conf to set up web settings as appropriate.
Most of the settings just need to be uncommented to work. However, you may need to tweak based
on whether or not you're using HTTPS and if you are using HTTPS, where your certs are and what your domain(s) are.
7. Open ports in the firewall as appropriate
firewall-cmd --add-service=ssh
firewall-cmd --add-service=http
firewall-cmd --add-service=https
firewall-cmd --add-service=redis
firewall-cmd --runtime-to-permanent
8. Enable and start pagure services
systemctl enable --now pagure_worker.service pagure_authorized_keys_worker.service pagure_api_key_expire_mail.timer pagure_mirror_project_in.timer
9. Enable and start your webserver, or restart if it's already running
For more details on setup, take a look at the official Pagure documentation: https://docs.pagure.org/pagure/

39
pagure-pygit2.patch Normal file
View File

@ -0,0 +1,39 @@
commit 8a1a7ba9f789ba446bab63783f7b963246861cb8
Author: Dominik Wombacher <dominik@wombacher.cc>
Date: Tue Apr 16 18:17:03 2024 +0000
tests: Fix issue 'No module named pygit2.remote'
diff '--color=auto' -ur a/pagure/lib/git.py b/pagure/lib/git.py
--- a/pagure/lib/git.py 2024-05-24 16:43:47.000000000 +0200
+++ b/pagure/lib/git.py 2024-08-17 13:39:06.096428774 +0200
@@ -33,8 +33,10 @@
from sqlalchemy.exc import SQLAlchemyError
-# from sqlalchemy.orm.session import Session
-from pygit2.remote import RemoteCollection
+try:
+ from pygit2.remote import RemoteCollection
+except ImportError:
+ from pygit2.remotes import RemoteCollection
import pagure.utils
import pagure.exceptions
diff '--color=auto' -ur a/tests/test_pagure_lib_git.py b/tests/test_pagure_lib_git.py
--- a/tests/test_pagure_lib_git.py 2024-05-24 16:43:47.000000000 +0200
+++ b/tests/test_pagure_lib_git.py 2024-08-17 13:35:21.848131790 +0200
@@ -3645,8 +3645,12 @@
# make sure the function works fine even if there's a leftover
# ref from previous failed run of the function
- with patch("pygit2.remote.RemoteCollection.delete"):
- pagure.lib.git.update_pull_ref(fake_pr, fork)
+ try:
+ with patch("pygit2.remote.RemoteCollection.delete"):
+ pagure.lib.git.update_pull_ref(fake_pr, fork)
+ except ImportError:
+ with patch("pygit2.remotes.RemoteCollection.delete"):
+ pagure.lib.git.update_pull_ref(fake_pr, fork)
self.assertIsNotNone(fork.remotes["pingou_1234567"])
tests.add_content_git_repo(projects[1], append="foobarbaz")
newesthex = fork.references["refs/heads/master"].peel().hex

658
pagure.changes Normal file
View File

@ -0,0 +1,658 @@
-------------------------------------------------------------------
Sat Aug 17 11:28:25 UTC 2024 - Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
- Add pagure-pygit2.patch to repair service startup on Leap 15.6 and Tumbleweed
-------------------------------------------------------------------
Sun Jun 2 09:16:20 UTC 2024 - Dominik Wombacher <dominik@wombacher.cc>
- Backport patches to fix issues after 5.14.1 release (https://pagure.io/pagure/pull-request/5486)
+ fix(5.14.x): Use '==' instead of 'is' in template if condition because to work with old Jinja2 versions
+ fix(oidc): Edge case, avoid 'KeyError' after pagure update if a cached session is used
+ Patch: 5486.patch
-------------------------------------------------------------------
Sun May 26 20:11:46 UTC 2024 - Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
- Update to 5.14.1
* no upstream changelog
-------------------------------------------------------------------
Tue May 3 16:57:56 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to 5.13.3
+ Warn users when a PR contains some characters
+ srcfpo theme:
+ Change "Packages" link to new packages website
+ left-align the lines in description
+ fas user url updated for new accounts system
+ Change fas link from admin.fp.o to accounts.fp.o
+ Remove message about 60 day key length
+ Escape $ to fix Jenkins interpolation warning
+ Fix another invalid <img> width/height attribute
+ Fix missing space before src in <script>
+ Remove duplicate class attribute from Clone dropdown
+ Fix invalid <img> height (no px is allowed here)
+ Add Translation status link on repo_info page at src.fp.o
+ Update fedmsg homepage
+ Add support for noggin with the FAS auth backend
+ Update collaborator access level descriptions
+ Fix a type, add missing work hand
+ Fix Pagure's overview page verbatim error
-------------------------------------------------------------------
Thu Sep 16 21:23:15 UTC 2021 - Neal Gompa <ngompa13@gmail.com>
- Drop unused dependency on nose
-------------------------------------------------------------------
Fri Feb 12 00:58:08 UTC 2021 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.13.2
+ Fix broken pagination of group API
+ Fixing the alias url in the examples
+ Pull in upstream fix for apostrophes from highlightjs-rpm-specfile
+ Improve logging when trying to interract with a git repo via http(s)
-------------------------------------------------------------------
Fri Jan 29 15:43:26 UTC 2021 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.13.1
+ Add the api_project_hascommit endpoint to the API doc
+ Do not return a 500 error when the OpenID provider doesn't provide an email
+ Fix bug in the default hook
+ When failing to find a git repo, log where pagure looked
+ Get the default branch of the target repo when linking for new PR
+ Add an hascommit API endpoint
+ Fixing sample input and output for alias related api
+ Add missing API endpoints related to git aliases and re-order a little
+ Add support for chardet 4.0+
+ Fix support for cchardet
+ Make the token_id column of the commit_flags table nullable
-------------------------------------------------------------------
Thu Jan 7 11:49:02 UTC 2021 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.12
+ Display real line numbers on pull request's diff view
+ Show the assignee's avatar on the board
+ Allow setting a status as closing even if the project has no close_status
+ Include the assignee in the list of people notified on a ticket/PR
+ Add orphaning reason on the dist-git theme
+ Adjust the way we generate humanized dates so we provide the humanized date
as well as the actual date when hovering over
+ When a file a detected as a binary file, return the raw file
+ Allow using the modifyacl API endpoint to remove groups from a project
+ Add a note that repo_from* argument are mandatory in some situations when
opening a Pull-Request from the API
+ Increase the list of running pagure instances in the documentation
+ Remove fenced code block when checking mention
+ Add support for using cchardet to detect files' encoding
+ Show the default branch in the project overview page
+ Send appropriate SMTP status codes and error messages in the milter.
+ Report an error if a message ID isn't recognized by the milter.
+ Add support for disabling user registration
+ Add a way to make the stats view on more than one year (if you know how to)
+ Encode the data passed onto the mail hook so it is of bytes type
+ Reverse out of order instructions for new repos
+ Split the list of branches into two lists active/inactive in dist-git
+ Rework the "My PR" page so it does not pull so many info at once
+ Include the date of the last mirroring process in the logs
+ Forward the username when updating the pull-request
+ Add pagination to group API
+ When returning the commits flags in the API, returned them by update date
+ Change the PR flag API endpoints to use commit flags
+ Only show the subscribers list on demand
+ Improve the message shown when a new mirrored project is created
+ When editing the issue's description sent the html of it to the SSE server
+ Add an update-acls action to pagure-admin
+ Add support for AAA system sending SSH keys encoded in base64
+ Allow deleting the master branch when it is not the default branch
+ Allow people with a fork to have a working drop-down for opening new PRs
+ Fix handling "false" when editing project's options via the API
+ Ensure a fork project has the same default branch as its parent
+ Allow to specify a default branch for all projects hosted on an instance
+ Add a notification for when a group is removed from a project
+ When checking if messages were sent via a rebase, do not run the git hooks
+ Make the API endpoint to update project's options accept JSON
+ Add a full_url to the JSON representation of our main objects
+ Ensure the author in git commit notifications follow the expected format
+ Add support for git branch aliases
+ Allow updating the target branch when editing a PR
- Drop upstreamed patches
+ Patch: 0001-api-project-Fix-handling-of-false.patch
+ Patch: 0001-Display-real-line-numbers-on-pull-request-s-diff-vie.patch
+ Patch: 0002-Show-the-assignee-s-avatar-on-the-board.patch
+ Patch: 0003-Allow-setting-a-status-as-closing-even-if-the-projec.patch
+ Patch: 0004-Include-the-assignee-in-the-list-of-people-notified-.patch
+ Patch: 0005-Introduce-the-collaborator_project_groups-mapping.patch
+ Patch: 0006-When-a-file-a-detected-as-a-binary-file-return-the-r.patch
+ Patch: 0007-Remove-fenced-code-block-when-checking-mention.patch
+ Patch: 0008-Add-support-for-using-cchardet-to-detect-files-encod.patch
+ Patch: 0009-Add-support-for-disabling-user-registration.patch
-------------------------------------------------------------------
Thu Dec 3 02:36:03 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Add proposed fix for setting project options via API
+ Patch: 0001-api-project-Fix-handling-of-false.patch
-------------------------------------------------------------------
Thu Sep 24 22:57:42 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Backport various fixes from upstream
+ Patch: 0001-Display-real-line-numbers-on-pull-request-s-diff-vie.patch
+ Patch: 0002-Show-the-assignee-s-avatar-on-the-board.patch
+ Patch: 0003-Allow-setting-a-status-as-closing-even-if-the-projec.patch
+ Patch: 0004-Include-the-assignee-in-the-list-of-people-notified-.patch
+ Patch: 0005-Introduce-the-collaborator_project_groups-mapping.patch
+ Patch: 0006-When-a-file-a-detected-as-a-binary-file-return-the-r.patch
+ Patch: 0007-Remove-fenced-code-block-when-checking-mention.patch
+ Patch: 0008-Add-support-for-using-cchardet-to-detect-files-encod.patch
+ Patch: 0009-Add-support-for-disabling-user-registration.patch
- Remove mandatory dependency on systemd to ease containerization
-------------------------------------------------------------------
Sun Aug 30 14:25:21 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.11.3
+ Fix the model around the boards so it works with mariadb/mysql
+ Add new endpoints to the API documentation
-------------------------------------------------------------------
Tue Aug 4 13:00:36 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.11.2
+ Allow having a dedicated logging configuration for the git hooks
+ Increase logging to the pagure_auth logger
+ Make work pagure-admin ensure-project-hooks when the target link exists but is
broken
+ Change the project icon when the project is mirrored from an external source
+ Allow a theme or a blueprint to inject custom buttons in the navigation bar.
+ Add API endpoint to get a pull-request comment
+ Omit breaking original comment format in reply on pull-requests
+ Let the milter announce when it reject an email based on its address
+ Don't Let the milter process the email we send.
+ Add a collaborator level to projects
+ Allow setting the default git branch when creating projects via the API
+ Allow creating mirrored project from the API
+ Add the possibility to set the default branch at project creation
+ Add API endpoint to set the default git branch and expose it in an existing
endpoint
+ Adjust the example configuration for logging to a file
+ Allow project-less API token with the "modify_project" ACL to update watchers
+ Add a new API endpoint to retrieve a commit's metadata/info
+ Add a new API endpoint allowing to delete a project
+ Add support for customizing the new issue page
+ Introducing the boards feature
+ Add an API endpoint to view the content of a git repo
+ Port pagure's markdown extension to the new API
+ Multiple small fixes for the vagrant-based development environment
+ Use WhiteNoise to serve static assets for the Pagure web
+ Fix the title of the graph showing the evolution of the number of open tickets
on a project
+ Do not assume there is a SMTP_STARTTLS configuration key set
+ Bring back JS library used for the heatmap
+ Show the ACL name in addition to the description when creating API tokens
+ Allow editing the URL a project is mirrored from
+ Add comments to the mirror service files for clarifying their purpose.
+ Add a dedicated logger for everything that is auth related
+ api: fix apidoc format on api_view_issues_history_detailed_stats Fixes web
api doc view template issues
+ doc: Add a page documenting known Pagure instances
+ starttls support via SMTP_STARTTLS: provide additional documentation.
+ Add support for smtp server requiring starttls to work
+ Make the stats page use the new stats API endpoint
- Drop patches included in this release
+ Patch: 0001-Make-the-stats-page-use-the-new-stats-API-endpoint.patch
+ Patch: 0001-Add-support-for-smtp-server-requiring-starttls-to-wo.patch
+ Patch: 0002-starttls-support-via-SMTP_STARTTLS-provide-additiona.patch
+ Patch: 0001-Do-not-assume-there-is-a-SMTP_STARTTLS-configuration.patch
+ Patch: 0001-Fix-repotype-spelling.patch
+ Patch: 0001-api-fix-apidoc-format-on-api_view_issues_history_det.patch
+ Patch: 0001-Allow-editing-the-URL-a-project-is-mirrored-from.patch
+ Patch: 0001-Show-the-ACL-name-in-addition-to-the-description-whe.patch
+ Patch: 0001-Bring-back-JS-library-used-for-the-heatmap.patch
+ Patch: 0001-Ensure-the-title-name-of-the-headers-are-strings.patch
+ Patch: 0001-Fix-the-title-of-the-graph-showing-the-evolution-of-.patch
+ Patch: 0001-Make-sure-authorized_keys-file-has-mode-600.patch
+ Patch: 0101-Use-WhiteNoise-to-serve-static-assets-for-the-Pagure.patch
-------------------------------------------------------------------
Sun Jun 21 12:57:17 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Backport fixes for STARTTLS support
+ Patch: 0002-starttls-support-via-SMTP_STARTTLS-provide-additiona.patch
+ Patch: 0001-Do-not-assume-there-is-a-SMTP_STARTTLS-configuration.patch
- Backport fix for docs repo access grant
+ Patch: 0001-Fix-repotype-spelling.patch
- Backport fix for visual bug on API docs formatting
+ Patch: 0001-api-fix-apidoc-format-on-api_view_issues_history_det.patch
- Backport fix to changing pull mirror settings
+ Patch: 0001-Allow-editing-the-URL-a-project-is-mirrored-from.patch
- Backport fix to add descriptions to API scopes
+ Patch: 0001-Show-the-ACL-name-in-addition-to-the-description-whe.patch
- Backport fix to make heatmap UI functional again
+ Patch: 0001-Bring-back-JS-library-used-for-the-heatmap.patch
- Backport fix for handling headers
+ Patch: 0001-Ensure-the-title-name-of-the-headers-are-strings.patch
- Backport fix for burndown graph title
+ Patch: 0001-Fix-the-title-of-the-graph-showing-the-evolution-of-.patch
- Backport fix for permissions on authorized_keys file
+ Patch: 0001-Make-sure-authorized_keys-file-has-mode-600.patch
- Add patch to use whitenoise for rendering static assets
+ Patch: 0101-Use-WhiteNoise-to-serve-static-assets-for-the-Pagure.patch
- Refresh default configuration patch
+ Patch: pagure-5.0-default-example-cfg.patch
-------------------------------------------------------------------
Wed May 20 23:34:26 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Fix typo in quickstart on ssh directory mode
- Backport support for STARTTLS support for SMTP servers
+ Patch: 0001-Add-support-for-smtp-server-requiring-starttls-to-wo.patch
-------------------------------------------------------------------
Mon May 18 13:31:41 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Backport fix from upstream to fix stats page
+ Patch: 0001-Make-the-stats-page-use-the-new-stats-API-endpoint.patch
- Add missing step to start pagure web services for nginx setup in quickstart
- Fix directory mode for ssh directory to fix conflict with gitolite
-------------------------------------------------------------------
Fri May 15 01:05:30 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.10.0
+ Allow viewing issues via the API using project-less API token
+ Various improvements to the srcfpo theme
+ Make pagure work with recent sqlalchemy versions (>= 1.3.0)
+ Add a new API endpoint to retrieve detailed stats about the issues
+ Improve the graphs displayed in the stats tab of each projects
+ Add a new graph tracking the number of open issues throughout the year
+ Improve loading tickets from git
+ Support pygit2 >= 1.1.0
+ Add missing endpoints to the API documentation
+ Add support for wtforms >= 2.3
- Add dependency on email_validator in such case
+ Fix sorting users by their username when using python3
+ Correct the API documentation for updating the watchers of a project
+ Ensure the name of the headers are always of the correct type
(especially when using python3)
+ Ensure aclchecker and keyhelper can work with APP_URL having a trailing slash
+ Add a new git auth backend which can manage the .ssh/authorized_keys file
directly
+ Update information about supported Git auth backends
+ Add support for arrow >= 0.15.6
+ Fix getting the milter running with python3
+ Fix mirroring project hosted remotely
+ Add url_path property to class User (and thus in the API)
+ Improve email text for new user registration
+ Set the USER environment variable when pushing over http
+ Add support for git push via http using basic auth relying on API token
+ If pagure is set up for local auth, allow git push via https to use it
+ Add an example nginx configuration file for pagure
+ Create two subpackages in the pagure for the apache and nginx configuration
files
+ Add some documentation on how git push over http works in pagure
+ Make pagure compatible with the latest version of flake8
+ Add PAGURE_PLUGINS_CONFIG setting in pagure configuration file
- Refresh quick start instructions for new configuration options
- Drop unneeded patch
+ Patch: 0501-Revert-Add-a-upper-limit-to-sqlalchemy.patch
- Refresh default configuration patch
+ Patch: pagure-5.0-default-example-cfg.patch
-------------------------------------------------------------------
Sat Apr 4 16:03:40 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.9.1
+ Add a missing div tag that broke the user's settings page
+ Do not block when waiting for subprocess to finish
+ Fix git blame when the identifier provided is a blob
+ Fix view_commits when the identified provided is a blob
+ When viewing file's history, use the default branch if needed
-------------------------------------------------------------------
Wed Mar 25 20:34:56 UTC 2020 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.9.0
+ Add API to manage plugins (ie: git hooks)
+ Fix querying mdapi from within the srcfpo theme
+ Various fixes for the srcfpo theme
+ Multiple fixes and improvements to the API endpoints to retrieve the tags
used in a project
+ Add new API endpoints to manipulate tags in projects
+ Add a new API endpoint to edit/update an existing issue/ticket
+ Add a new page to see a file's history in git (linked from the file's view page
and the blame page)
+ Only consider the 6 most recently active branch in the drop-down to create
new PR
+ Fix the view_commit endpoint when the identifier provided is a git tag
+ Add an endpoint to renew user API token
+ Include a link to where the token can be renewed in the email about API
token nearing expiration
+ Allow users to set their own expiration date on API token (up to 2 years)
+ Fix the /groups API endpoint and order the output by group name
+ Add a new API endpoint to retrieve a project's webhook token
+ Expose related_prs on issue API
+ Fix the regenerate-repo actions
+ Provide some feedback to the user when changing monitoring worked
+ Hide the SSH clone URL if the user is not in one of the group with ssh
access
+ Order pull requests based on updated_on column when we want to order based
on last updated time
+ Fix taking into account the blacklisted patterns
+ Rework/fix the API documentation page
+ Allow deploy keys to commit to the doc git repository of a project
+ Increase a lot the logging when someone asks for access to a git repo
-------------------------------------------------------------------
Mon Dec 2 20:32:39 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.8.1
+ Fix the link to the container namespace in srcfpo
+ Fix checking if the user is a committer of the repo the PR originates from
+ Fix showing the origin of the PR when it originates from the same project
+ Do not hard-code UTF-8 when showing a file
-------------------------------------------------------------------
Sat Nov 16 22:46:39 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.8
+ Enable the ctrl-enter keys to submit forms on tickets and PRs
+ Fix spelling errors on documentation
+ Fix renewing url on invalid token error message
+ Various fixes to the srcfpo theme
+ disable smooth scrolling on initial highlight & scroll process
+ Accept a with_commits parameter on the branches api to resolve the HEAD commits
+ Various fixes to the PR view
+ Add support for arrow >= 0.15
+ Select full text on git|ssh url input boxes when they get focus
+ Send notification when a branch is created
+ Add revision along with tag/branch creation/deletion
+ Add asciidoc syntax override
+ Fix git blame on unborn HEAD or non-master default branch repos
+ Fix the logic to rebase PRs
+ Fix setting one's default email address
+ Send oldrev as old_commit for git.receive event
+ Add a set-default-branch action to pagure-admin
+ Fix rendering badges on the PR list page
+ Tweak when we show the merge and the rebase buttons
+ Fix the logic around interacting with read-only databases in hooks
+ Fix .diff and .patch generation for empty commits
+ Fix url on the invalid token error message
+ Fix typo on the pull request merge error message
+ Allow cross-project API token to open pull-request
+ Allow updating PRs via the API using cross-project tokens
+ Fix the logic to make the merge button appear on pull-request
-------------------------------------------------------------------
Sun Aug 11 14:49:11 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.7.4
+ Add more administrative functions to pagure_admin
+ Add CSP headers support and a mechanism to customize them
+ Do not allow rebase via the API if the PR does not allow it
+ Allow project-less API token to retrieve issues via the API
+ Improve the support for spec file highlighting
- Drop patch that is part of this release
+ 0001-Couple-of-fixes-for-the-mirroring-in-feature.patch
-------------------------------------------------------------------
Tue Apr 9 12:52:31 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.5
+ Add support for !owner to the API listing projects
+ Make sure that TemporaryClone.push also pushes tags
+ Various UI improvements
+ Allow blocking an user on a project
+ Replace calls to pygit2.clone_repository by calls to git clone directly
+ Make fork more performant by using 'git push --mirror'
+ Use the user's default email when rebasing
- Drop patch that is part of this release
+ 0001-pagure-ev-python-3-compatibility.patch
- Backport fix for pull mirroring service
+ 0001-Couple-of-fixes-for-the-mirroring-in-feature.patch
-------------------------------------------------------------------
Fri Mar 29 13:50:54 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.4
+ Allow by default the ACL "pull_request_create" on project-less API token
+ Implement Pagure Git Auth
+ Add a new API endpoint allowing to update an existing PR
+ If the user doesn't have a valid ssh key inform but let them log in
+ Fix various UI issues
+ Add a button to take/drop a pull-request
+ Add a new API endpoint to assign pull-request to someone
+ Allow dots and plus signs in project names
+ Fix seeing releases when the reference provided returned a commit
+ Include the PR tags in their JSON representation
+ Ensure that forking does not run the hook
+ Deprecate fedmsg for fedora-messaging
- Backport fix for pagure-ev issues in Python 3
+ Patch: 0001-pagure-ev-python-3-compatibility.patch
- Add patch to allow SQLAlchemy 1.3.0+ with Pagure
+ Patch: 0501-Revert-Add-a-upper-limit-to-sqlalchemy.patch
- Update the service list to enable and start in README.SUSE
-------------------------------------------------------------------
Fri Feb 22 15:16:39 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.3
+ Add support for AMQP via fedora-messaging
+ Improve filtering and searching through issues and PRs
+ Add support for forcing highlight types based on file extensions
+ Fix naming rules for labels/tags
+ Fix support for repoSpanner Git storage backend
+ CVE-2019-7628: Do not leak partial API keys in key expiration emails (boo#1124762)
- Drop patches that are part of this release
+ 0001-Allow-using-Pagure-with-python-redis-3.0.0.patch
+ 0002-Fix-Markdown-usage-to-work-with-Markdown-3.0.patch
-------------------------------------------------------------------
Sat Jan 12 23:44:52 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Replace old $RPM_* shell vars.
-------------------------------------------------------------------
Thu Jan 10 13:01:50 UTC 2019 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.2
+ Add support for the MQTT protocol
+ Add support for mirroring in git repositories from outside sources
+ Add support to merge a PR when the fork was deleted
+ Add the ability to generate archive from a commit or tag
+ Allow searching the content of the comments on an issue tracker
+ Allow filtering the issue list by the close status
+ Show related PRs on the issue list if there are any
+ Add build status to pull requests page
+ Add new API endpoints for get and set project options
+ Add WIP/experimental/unstable support for third-party extensions to pagure
+ Add support for rebasing pull-requests
+ Implement a button to rerun CI tests on a pull request
+ Support disallowing remote pull requests
+ Add an about page in the themes
+ Update the chameleon theme
- Backport fix from master to allow using python-redis >= 3.0.0
+ Patch: 0001-Allow-using-Pagure-with-python-redis-3.0.0.patch
- Backport fix from master to fix compatibility with Markdown 3.0+
+ Patch: 0002-Fix-Markdown-usage-to-work-with-Markdown-3.0.patch
- Drop patches that are part of this release
+ 0001-Port-pagure-to-markdown-3.0-while-remaining-backward.patch
+ 0002-Bypass-old-hooks-rather-than-using-non-existing-syml.patch
-------------------------------------------------------------------
Thu Dec 13 14:43:19 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.1.4
+ Fix the alembic migration creating the hook_mirror table
+ Close the DB session in one place for all hooks
+ Add more logging to the pagure_logcom service
+ Configure SMTP info for git_multimail
+ Use the PR UID previously read from environment
- Backport fix from master to add compatibility with Markdown 3.0+
+ Patch: 0001-Port-pagure-to-markdown-3.0-while-remaining-backward.patch
- Backport fix from master to properly skip legacy hooks
+ Patch: 0002-Bypass-old-hooks-rather-than-using-non-existing-syml.patch
-------------------------------------------------------------------
Thu Oct 11 16:56:20 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.1.3
+ Don't sync up ssh keys if there are already some
+ Do not notify twice when pushing commits to an open PR
+ Update git-multimail to fix it for Python 3
-------------------------------------------------------------------
Thu Oct 11 12:18:24 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.1.2
+ Make the sshkey migration more flexible from < 5.1
+ Fix the update date information on the pull-request page
+ Fix detecting if the user is a committer via a group
+ Fix writing user's ssh keys on disk
+ tweak colors of the activity graph
+ cache oidc user data
-------------------------------------------------------------------
Tue Oct 9 14:56:15 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Invert Conflicts to Requires OpenSSH >= 7.4
-------------------------------------------------------------------
Tue Oct 9 14:38:32 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.1.1
+ Fix adding and removing ssh keys in the user's profile
-------------------------------------------------------------------
Tue Oct 9 12:16:28 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.1
+ Multiple fixes to the UI to address visual quirks and glitches
+ Initial implementation of HTTP(S) push support
+ Rework how SSH keys are stored in the database
+ Multiple changes and fixes around the ACL checker
+ Adding 'list-groups' function to pagure-admin
+ Add a new API endpoint to retrieve the list of files changed in a PR
- Add Conflicts for OpenSSH < 7.4 due to SSH key handling rework
- Re-wrap previous changelog entry for readability
-------------------------------------------------------------------
Tue Oct 2 09:28:36 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
- Trim bias from description.
- Replace old $RPM_* shell vars by macros.
- Update summaries to include those are Pagure themes.
-------------------------------------------------------------------
Sun Sep 30 15:06:24 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Add missing directory to directory structure
-------------------------------------------------------------------
Sat Sep 29 22:28:26 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Drop unnecessary systemd build dependency
-------------------------------------------------------------------
Sat Sep 29 21:15:49 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Add missing rcFOO symlinks to systemd services
-------------------------------------------------------------------
Sat Sep 29 20:29:04 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 5.0.1
+ Multiple adjustments to the scripts keyhelper and aclchecker
+ Only enforce Signed-Off-By on the code repo of a project
+ Sign-off the merge commits when the project enforces it
+ Switch from GIT_SORT_TIME to GIT_SORT_NONE to preserve
'git log'-like commit ordering
+ Add reporter and assignee to notification emails headers
+ Fix various visual glitches
- Restore symlinks clobbered by setuptools' creation of archive
-------------------------------------------------------------------
Mon Sep 24 21:35:35 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Rebase to 5.0
+ Pagure now runs on Python 3
+ The UI has been completely redesigned
+ Theming has been redesigned, and new themes are included as subpackages
+ Many new API endpoints have been added
+ Rework how git hooks work to rely on a single file for efficiency
+ Expanded functionality included in the pagure-admin command
- Pagure defaults to the chameleon theme for openSUSE
- Drop all upstreamed patches
- Refresh example configuration patch
-------------------------------------------------------------------
Sun Jul 22 00:48:43 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Update to 4.0.4
- Refresh config fix patch for pagure-milters
-------------------------------------------------------------------
Wed Jul 11 04:05:20 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Add missing requirement on python-Pillow
-------------------------------------------------------------------
Wed Jul 11 01:21:18 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Drop python2-trollius-redis requirement since it's not actually used
-------------------------------------------------------------------
Sun Jun 10 00:04:18 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Backport patch to make syntax highlighting threshold configurable
-------------------------------------------------------------------
Sat Jun 9 21:56:34 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Bundle an internal pagure-celery binary to use stock celery
with Python 2
- Switch to a sed call instead of a patch to fix systemd units
to use correct libexecdir
-------------------------------------------------------------------
Sat Jun 9 13:20:33 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Fix syntax error in gitolite3.rc file
-------------------------------------------------------------------
Fri Jun 8 11:13:43 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Switch from /srv/pagure to /srv/gitolite to use the already
setup gitolite directory structure
-------------------------------------------------------------------
Mon Jun 4 04:45:53 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Fix pagure-ev to use correct libexecdir
- Fix pagure-milters to call correct function to load config
-------------------------------------------------------------------
Mon Jun 4 03:36:38 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Install gitolite configuration
-------------------------------------------------------------------
Mon Jun 4 01:15:19 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Prepare more of the filesystem tree as part of the packaging
- Refine README.SUSE to more closely match the required steps
-------------------------------------------------------------------
Sat Jun 2 17:44:49 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Refresh configuration patch to match SUSE sematics
- Add README.SUSE file for basic setup quick start guide
-------------------------------------------------------------------
Mon May 28 22:00:06 UTC 2018 - Neal Gompa <ngompa13@gmail.com>
- Initial packaging based on Mageia packaging

743
pagure.spec Normal file
View File

@ -0,0 +1,743 @@
#
# spec file for package pagure
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2021 Neal Gompa <ngompa13@gmail.com>.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# Prevent dep generators from trying to process static stuff and stall out
# We only need to read the python metadata anyway
%global __provides_exclude_from ^%{python3_sitelib}/pagure/.*$
%global __requires_exclude_from ^%{python3_sitelib}/pagure/.*$
Name: pagure
Version: 5.14.1
Release: 0
Summary: A git-centered forge
Group: Development/Tools/Version Control
# Pagure itself is GPL-2.0-or-later; flask_fas_openid.py is LGPL-2.1-or-later
License: GPL-2.0-or-later AND LGPL-2.1-or-later
URL: https://pagure.io/pagure
Source0: https://pagure.io/pagure/archive/%{version}/%{name}-%{version}.tar.gz
# Vendor in the single file from python-fedora that's needed
# This way, we avoid having to pull in all of python-fedora
# This file is licensed LGPL-2.1-or-later, per https://github.com/fedora-infra/python-fedora/blob/develop/README.rst#license
Source1: https://raw.githubusercontent.com/fedora-infra/python-fedora/4719f10b3af1cf068e969387eab7df7e935003cd/flask_fas_openid.py
# SUSE-specific README providing a quickstart guide
Source10: pagure-README.SUSE
# Backports from upstream
# SUSE-specific fixes
## Change the defaults in the example config to match packaging
Patch1000: pagure-5.0-default-example-cfg.patch
# PATCH-FIX-UPSTREAM 5486.patch https://pagure.io/pagure/pull-request/5486 dominik@wombacher.cc -- Use '==' instead of 'is' in template if condition because to work with older Jinja2 versions. Edge case, avoid 'KeyError' after pagure update if a cached session is used.
Patch1001: 5486.patch
%if 0%{?sle_version} >= 150600 || 0%{suse_version} > 1600
# PATCH-FIX-UPSTREAM pagure-pygit2.patch -- PyGit2 renamed its files: https://github.com/libgit2/pygit2/commit/a8b2421bea55029296cc79ac7c1518b9885d8a6f
Patch1002: pagure-pygit2.patch
%endif
BuildArch: noarch
BuildRequires: apache2
BuildRequires: fdupes
BuildRequires: nginx
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: systemd-rpm-macros
BuildRequires: python3-Flask
BuildRequires: python3-Flask-WTF
BuildRequires: python3-Markdown
BuildRequires: python3-Pillow
BuildRequires: python3-alembic
BuildRequires: python3-arrow
BuildRequires: python3-bcrypt
BuildRequires: python3-binaryornot
BuildRequires: python3-bleach
BuildRequires: python3-blinker
BuildRequires: python3-chardet
BuildRequires: python3-cryptography
BuildRequires: python3-docutils
BuildRequires: python3-email_validator
BuildRequires: python3-psutil
BuildRequires: python3-pygit2 >= 0.26.0
#BuildRequires: python3-fedora-flask
BuildRequires: python3-python3-openid
BuildRequires: python3-SQLAlchemy >= 0.8
BuildRequires: python3-WTForms
BuildRequires: python3-munch
BuildRequires: python3-python-openid-cla
BuildRequires: python3-python-openid-teams
BuildRequires: python3-redis
BuildRequires: python3-straight-plugin
BuildRequires: python3-whitenoise
# We require OpenSSH 7.4+ for SHA256 support
Requires: openssh >= 7.4
Requires: python3-Flask
Requires: python3-Flask-WTF
Requires: python3-Markdown
Requires: python3-Pillow
Requires: python3-alembic
Requires: python3-arrow
Requires: python3-bcrypt
Requires: python3-binaryornot
Requires: python3-bleach
Requires: python3-blinker
Requires: python3-celery
Requires: python3-chardet
Requires: python3-cryptography
Requires: python3-docutils
Requires: python3-email_validator
Requires: python3-psutil
Requires: python3-pygit2 >= 0.26.0
#Requires: python3-fedora-flask
Requires: python3-python3-openid
Requires: python3-SQLAlchemy > 0.8
Requires: python3-WTForms
Requires: python3-munch
Requires: python3-python-openid-cla
Requires: python3-python-openid-teams
Requires: python3-redis
Requires: python3-straight-plugin
Requires: python3-whitenoise
# Required for celery
Requires: python3-pytz
# Required for database setup/migrations
Requires: python3-dbm
Requires: python3-kitchen
Requires: python3-requests
# We want to use cchardet whenever it's available
Recommends: python3-cchardet
# If using PostgreSQL, the correct driver should be installed
Recommends: (python3-psycopg2 if postgresql-server)
# If using MariaDB/MySQL, the correct driver should be installed
Recommends: (python3-PyMySQL if mysql-server)
# If using Apache web server, the correct configuration should be installed
Recommends: (%{name}-web-apache-httpd if apache2)
# If using Nginx web server, the correct configuration should be installed
Recommends: (%{name}-web-nginx if nginx)
# The default theme is required
Requires: %{name}-theme-default
%{?systemd_ordering}
# We use the git tools for some actions due to deficiencies in libgit2 and pygit2
Requires: git-core
# No dependency of the app per se, but required to make it working.
OrderWithRequires: gitolite >= 3.0
Requires(pre): gitolite >= 3.0
Requires: gitolite >= 3.0
Requires(post): user(wwwrun)
%description
Pagure is a git-centered forge based on pygit2.
Currently, Pagure offers a web-interface for git repositories, a ticket
system and possibilities to create new projects, fork existing ones and
create/merge pull-requests across or within projects.
For steps on how to set up the system after installing this package,
please read %{_docdir}/%{name}/README.SUSE.
%package web-apache-httpd
Summary: Apache HTTPD configuration for Pagure
Requires: %{name} = %{version}-%{release}
Requires: apache2-mod_wsgi-python3
# Apache config moved out to its own subpackage
Obsoletes: %{name} < 5.10
Conflicts: %{name} < 5.10
%description web-apache-httpd
This package provides the configuration files for deploying
a Pagure server using the Apache HTTPD server.
%package web-nginx
Summary: Nginx configuration for Pagure
Requires: %{name} = %{version}-%{release}
Requires: nginx
Requires: python3-gunicorn
%description web-nginx
This package provides the configuration files for deploying
a Pagure server using the Nginx web server.
%package theme-upstream
Summary: Base theme for the Pagure web interface
Requires: %{name} = %{version}-%{release}
%description theme-upstream
This package provides the web interface assets for styling
a Pagure server with the base upstream look and feel.
%package theme-pagureio
Summary: Pagure web interface theme used on Pagure.io
Requires: %{name} = %{version}-%{release}
%description theme-pagureio
This package provides the web interface assets for styling
a Pagure server with the same look and feel as Pagure.io.
%package theme-srcfpo
Summary: Pagure web interface theme used on src.fedoraproject.org
Requires: %{name} = %{version}-%{release}
%description theme-srcfpo
This package provides the web interface assets for styling
a Pagure server with the same look and feel as src.fedoraproject.org.
%package theme-chameleon
Summary: Pagure web interface theme based on openSUSE's chameleon theme
Requires: %{name} = %{version}-%{release}
%description theme-chameleon
This package provides the web interface assets for styling
a Pagure server with the same look and feel as openSUSE Infrastructure.
%package theme-default-upstream
Summary: Configuration for pagure to default to the upstream web interface theme
Conflicts: %{name}-theme-default
Provides: %{name}-theme-default
Requires: %{name}-theme-upstream = %{version}-%{release}
%description theme-default-upstream
This package sets the default web interface assets used for
a Pagure server running as shipped by upstream.
%package theme-default-openSUSE
Summary: Configuration for pagure to default to the openSUSE web interface theme
Conflicts: %{name}-theme-default
Provides: %{name}-theme-default
Requires: %{name}-theme-chameleon = %{version}-%{release}
Enhances: (%{name} and branding-openSUSE)
Removepathpostfixes: .openSUSE
%description theme-default-openSUSE
This package sets the default web interface assets used for
a Pagure server running on openSUSE.
%package milters
Summary: Milter to integrate pagure with emails
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
Requires: python3-pymilter
%{?systemd_requires}
# It would work with sendmail but we configure things (like the tempfile)
# to work with postfix
Requires: postfix
%description milters
Milters (Mail filters) allowing the integration of pagure and emails.
This is useful for example to allow commenting on a ticket by email.
%package ev
Summary: EventSource server for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
Requires: python3-Trololio
%{?systemd_requires}
%description ev
Pagure comes with an eventsource server allowing live update of the pages
supporting it. This package provides it.
%package webhook
Summary: Web-Hook server for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
%{?systemd_requires}
%description webhook
Pagure comes with an webhook server allowing http callbacks for any action
done on a project. This package provides it.
%package ci
Summary: A CI service for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
Requires: python3-python-jenkins
%{?systemd_requires}
%description ci
Pagure comes with a continuous integration service, currently supporting
only jenkins but extendable to others.
With this service, your CI server will be able to report the results of the
build on the pull-requests opened to your project.
%package logcom
Summary: The logcom service for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
%{?systemd_requires}
%description logcom
pagure-logcom contains the service that logs commits into the database so that
the activity calendar heatmap is filled.
%package loadjson
Summary: The loadjson service for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
%{?systemd_requires}
%description loadjson
pagure-loadjson is the service allowing to update the database with the
information provided in the JSON blobs that are stored in the tickets (and
in the future pull-requests) git repo.
%package mirror
Summary: The mirroring service for pagure
BuildRequires: systemd-rpm-macros
Requires: %{name} = %{version}-%{release}
%{?systemd_requires}
%description mirror
pagure-mirror is the service mirroring projects that asked for it outside
of this pagure instance.
%prep
%autosetup -p1
# Vendor in the file needed from python-fedora
install -pm 0644 %{SOURCE1} pagure/ui
sed -e "s/import flask_fas_openid/from pagure.ui import flask_fas_openid as flask_fas_openid/" -i pagure/ui/fas_login.py
# Install README.SUSE file
install -pm 0644 %{SOURCE10} README.SUSE
%build
%py3_build
%install
%py3_install
# Install apache configuration file
mkdir -p %{buildroot}/%{_sysconfdir}/apache2/vhosts.d
install -p -m 644 files/pagure-apache-httpd.conf %{buildroot}/%{_sysconfdir}/apache2/vhosts.d/pagure.conf
# Install nginx configuration file
mkdir -p %{buildroot}/%{_sysconfdir}/nginx/vhosts.d/
install -p -m 644 files/pagure-nginx.conf %{buildroot}/%{_sysconfdir}/nginx/vhosts.d/pagure.conf
# Install configuration file
mkdir -p %{buildroot}/%{_sysconfdir}/pagure
install -p -m 644 files/pagure.cfg.sample %{buildroot}/%{_sysconfdir}/pagure/pagure.cfg
# Install WSGI file
mkdir -p %{buildroot}/%{_datadir}/pagure
install -p -m 644 files/pagure.wsgi %{buildroot}/%{_datadir}/pagure/pagure.wsgi
install -p -m 644 files/doc_pagure.wsgi %{buildroot}/%{_datadir}/pagure/doc_pagure.wsgi
# Install the createdb script
install -p -m 644 createdb.py %{buildroot}/%{_datadir}/pagure/pagure_createdb.py
# Install the api_key_expire_mail.py script
install -p -m 644 files/api_key_expire_mail.py %{buildroot}/%{_datadir}/pagure/api_key_expire_mail.py
# Install the mirror_project_in.py script
install -p -m 644 files/mirror_project_in.py %{buildroot}/%{_datadir}/pagure/mirror_project_in.py
# Install the keyhelper and aclcheck scripts
mkdir -p %{buildroot}/%{_libexecdir}/pagure
install -p -m 755 files/aclchecker.py %{buildroot}/%{_libexecdir}/pagure/aclchecker.py
install -p -m 755 files/keyhelper.py %{buildroot}/%{_libexecdir}/pagure/keyhelper.py
# Install the alembic configuration file
install -p -m 644 files/alembic.ini %{buildroot}/%{_sysconfdir}/pagure/alembic.ini
# Install the alembic revisions
cp -r alembic %{buildroot}/%{_datadir}/pagure
# Install the systemd file for the web frontend
mkdir -p %{buildroot}/%{_unitdir}
install -p -m 644 files/pagure_web.service \
%{buildroot}/%{_unitdir}/pagure_web.service
# Install the systemd file for the docs web frontend
mkdir -p %{buildroot}/%{_unitdir}
install -p -m 644 files/pagure_docs_web.service \
%{buildroot}/%{_unitdir}/pagure_docs_web.service
# Install the systemd file for the worker
mkdir -p %{buildroot}/%{_unitdir}
install -p -m 644 files/pagure_worker.service \
%{buildroot}/%{_unitdir}/pagure_worker.service
# Install the systemd file for the authorized_keys worker
install -p -m 644 files/pagure_authorized_keys_worker.service \
%{buildroot}/%{_unitdir}/pagure_authorized_keys_worker.service
# Install the systemd file for the gitolite worker
install -p -m 644 files/pagure_gitolite_worker.service \
%{buildroot}/%{_unitdir}/pagure_gitolite_worker.service
# Install the systemd file for the web-hook
install -p -m 644 files/pagure_webhook.service \
%{buildroot}/%{_unitdir}/pagure_webhook.service
# Install the systemd file for the ci service
install -p -m 644 files/pagure_ci.service \
%{buildroot}/%{_unitdir}/pagure_ci.service
# Install the systemd file for the logcom service
install -p -m 644 files/pagure_logcom.service \
%{buildroot}/%{_unitdir}/pagure_logcom.service
# Install the systemd file for the loadjson service
install -p -m 644 files/pagure_loadjson.service \
%{buildroot}/%{_unitdir}/pagure_loadjson.service
# Install the systemd file for the mirror service
install -p -m 644 files/pagure_mirror.service \
%{buildroot}/%{_unitdir}/pagure_mirror.service
# Install the systemd file for the script sending reminder about API key
# expiration
install -p -m 644 files/pagure_api_key_expire_mail.service \
%{buildroot}/%{_unitdir}/pagure_api_key_expire_mail.service
install -p -m 644 files/pagure_api_key_expire_mail.timer \
%{buildroot}/%{_unitdir}/pagure_api_key_expire_mail.timer
# Install the systemd file for the script updating mirrored project
install -p -m 644 files/pagure_mirror_project_in.service \
%{buildroot}/%{_unitdir}/pagure_mirror_project_in.service
install -p -m 644 files/pagure_mirror_project_in.timer \
%{buildroot}/%{_unitdir}/pagure_mirror_project_in.timer
# Install the milter files
mkdir -p %{buildroot}/%{_tmpfilesdir}
install -p -m 0644 pagure-milters/milter_tempfile.conf \
%{buildroot}/%{_tmpfilesdir}/%{name}-milter.conf
install -p -m 644 pagure-milters/pagure_milter.service \
%{buildroot}/%{_unitdir}/pagure_milter.service
install -p -m 644 pagure-milters/comment_email_milter.py \
%{buildroot}/%{_datadir}/pagure/comment_email_milter.py
# Install the eventsource
mkdir -p %{buildroot}/%{_libexecdir}/pagure-ev
install -p -m 755 pagure-ev/pagure_stream_server.py \
%{buildroot}/%{_libexecdir}/pagure-ev/pagure_stream_server.py
install -p -m 644 pagure-ev/pagure_ev.service \
%{buildroot}/%{_unitdir}/pagure_ev.service
# Switch all systemd units to use the correct libexecdir
sed -e "s|/usr/libexec|%{_libexecdir}|g" -i %{buildroot}/%{_unitdir}/*.service
# Change default_config.py to use the correct libexecdir
sed -e "s|/usr/libexec|%{_libexecdir}|g" -i %{buildroot}/%{python3_sitelib}/pagure/default_config.py
# Fix the shebang for various scripts
sed -e "s|#!/usr/bin/env python|#!%{__python3}|" -i \
%{buildroot}/%{_libexecdir}/pagure-ev/*.py \
%{buildroot}/%{_libexecdir}/pagure/*.py \
%{buildroot}/%{_datadir}/pagure/*.py \
%{buildroot}/%{python3_sitelib}/pagure/hooks/files/*.py \
%{buildroot}/%{python3_sitelib}/pagure/hooks/files/hookrunner \
%{buildroot}/%{python3_sitelib}/pagure/hooks/files/post-receive \
%{buildroot}/%{python3_sitelib}/pagure/hooks/files/pre-receive \
%{buildroot}/%{python3_sitelib}/pagure/hooks/files/repospannerhook
# Switch interpreter for systemd units to correct Python interpreter
sed -e "s|/usr/bin/python|%{__python3}|g" -i %{buildroot}/%{_unitdir}/*.service
# Make symlinks for default theme packages
mv %{buildroot}/%{python3_sitelib}/pagure/themes/default %{buildroot}/%{python3_sitelib}/pagure/themes/upstream
ln -sr %{buildroot}/%{python3_sitelib}/pagure/themes/upstream %{buildroot}/%{python3_sitelib}/pagure/themes/default
ln -sr %{buildroot}/%{python3_sitelib}/pagure/themes/chameleon %{buildroot}/%{python3_sitelib}/pagure/themes/default.openSUSE
# Run fdupes
%fdupes %{buildroot}/%{python3_sitelib}
%fdupes doc/_build/html
# Make log directory and files
mkdir -p %{buildroot}/%{_localstatedir}/log/pagure
logfiles="web docs_web"
for logfile in $logfiles; do
touch %{buildroot}/%{_localstatedir}/log/pagure/access_${logfile}.log
touch %{buildroot}/%{_localstatedir}/log/pagure/error_${logfile}.log
done
# Regenerate clobbered symlinks (Cf. https://pagure.io/pagure/issue/3782)
runnerhooks="post-receive pre-receive"
for runnerhook in $runnerhooks; do
rm -rf %{buildroot}/%{python3_sitelib}/pagure/hooks/files/$runnerhook
ln -sf hookrunner %{buildroot}/%{python3_sitelib}/pagure/hooks/files/$runnerhook
done
# Make the rcFOO symlinks for systemd services
mkdir -p %{buildroot}/%{_sbindir}
paguresvcs="api_key_expire_mail ci ev authorized_keys_worker gitolite_worker loadjson logcom milter mirror webhook worker mirror_project_in"
for paguresvc in $paguresvcs; do
ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcpagure_$paguresvc
done
# Install the basic directory structure
mkdir -p %{buildroot}/srv/www/pagure-releases
mkdir -p %{buildroot}/srv/gitolite/pseudo
mkdir -p %{buildroot}/srv/gitolite/repositories/{,docs,forks,requests,tickets}
mkdir -p %{buildroot}/srv/gitolite/remotes
mkdir -p %{buildroot}/srv/gitolite/.gitolite/{conf,keydir,logs}
mkdir -p %{buildroot}/srv/gitolite/.ssh
# Add empty gitolite config file
touch %{buildroot}/srv/gitolite/.gitolite/conf/gitolite.conf
# Install gitolite rc file
install -p -m 644 files/gitolite3.rc %{buildroot}/srv/gitolite/.gitolite.rc
%pre
# Do nothing, but ensure dependency is evaluated...
%post
echo "Create wsgi rundir if it doesn't exist..."
mkdir -p /srv/www/run || :
echo "See %{_docdir}/%{name}/README.SUSE to continue"
%systemd_post pagure_worker.service
%systemd_post pagure_authorized_keys_worker.service
%systemd_post pagure_gitolite_worker.service
%systemd_post pagure_api_key_expire_mail.timer
%systemd_post pagure_mirror_project_in.timer
%post web-nginx
%systemd_post pagure_web.service
%systemd_post pagure_docs_web.service
%post milters
%tmpfiles_create %{_tmpfilesdir}/%{name}-milter.conf
%systemd_post pagure_milter.service
%post ev
%systemd_post pagure_ev.service
%post webhook
%systemd_post pagure_webhook.service
%post ci
%systemd_post pagure_ci.service
%post logcom
%systemd_post pagure_logcom.service
%post loadjson
%systemd_post pagure_loadjson.service
%post mirror
%systemd_post pagure_mirror.service
%preun
%systemd_preun pagure_worker.service
%systemd_preun pagure_authorized_keys_worker.service
%systemd_preun pagure_gitolite_worker.service
%systemd_preun pagure_api_key_expire_mail.timer
%systemd_preun pagure_mirror_project_in.timer
%preun web-nginx
%systemd_preun pagure_web.service
%systemd_preun pagure_docs_web.service
%preun milters
%systemd_preun pagure_milter.service
%preun ev
%systemd_preun pagure_ev.service
%preun webhook
%systemd_preun pagure_webhook.service
%preun ci
%systemd_preun pagure_ci.service
%preun logcom
%systemd_preun pagure_logcom.service
%preun loadjson
%systemd_preun pagure_loadjson.service
%preun mirror
%systemd_preun pagure_mirror.service
%postun
%systemd_postun_with_restart pagure_worker.service
%systemd_postun_with_restart pagure_authorized_keys_worker.service
%systemd_postun_with_restart pagure_gitolite_worker.service
%systemd_postun pagure_api_key_expire_mail.timer
%systemd_postun pagure_mirror_project_in.timer
%postun web-nginx
%systemd_postun_with_restart pagure_web.service
%systemd_postun_with_restart pagure_docs_web.service
%postun milters
%systemd_postun_with_restart pagure_milter.service
%postun ev
%systemd_postun_with_restart pagure_ev.service
%postun webhook
%systemd_postun_with_restart pagure_webhook.service
%postun ci
%systemd_postun_with_restart pagure_ci.service
%postun logcom
%systemd_postun_with_restart pagure_logcom.service
%postun loadjson
%systemd_postun_with_restart pagure_loadjson.service
%postun mirror
%systemd_postun_with_restart pagure_mirror.service
%files
%doc README.SUSE README.rst UPGRADING.rst files/gitolite3.rc files/pagure.cfg.sample
%license LICENSE
%config(noreplace) %{_sysconfdir}/pagure/pagure.cfg
%config(noreplace) %{_sysconfdir}/pagure/alembic.ini
%dir %{_sysconfdir}/pagure/
%dir %{_datadir}/pagure/
%{_datadir}/pagure/*.py*
%exclude %{_datadir}/pagure/comment_email_milter.py*
%{_datadir}/pagure/alembic/
%{_libexecdir}/pagure/
%{python3_sitelib}/pagure/
%exclude %{python3_sitelib}/pagure/themes/default
%exclude %{python3_sitelib}/pagure/themes/default.openSUSE
%exclude %{python3_sitelib}/pagure/themes/upstream
%exclude %{python3_sitelib}/pagure/themes/pagureio
%exclude %{python3_sitelib}/pagure/themes/srcfpo
%exclude %{python3_sitelib}/pagure/themes/chameleon
%{python3_sitelib}/pagure*.egg-info
%{_bindir}/pagure-admin
%{_unitdir}/pagure_worker.service
%{_unitdir}/pagure_authorized_keys_worker.service
%{_unitdir}/pagure_gitolite_worker.service
%{_unitdir}/pagure_api_key_expire_mail.service
%{_unitdir}/pagure_api_key_expire_mail.timer
%{_unitdir}/pagure_mirror_project_in.service
%{_unitdir}/pagure_mirror_project_in.timer
%{_sbindir}/rcpagure_api_key_expire_mail
%{_sbindir}/rcpagure_worker
%{_sbindir}/rcpagure_authorized_keys_worker
%{_sbindir}/rcpagure_gitolite_worker
%{_sbindir}/rcpagure_mirror_project_in
# Pagure data content
%attr(-,git,git) %dir /srv/gitolite/pseudo
%attr(-,git,git) %dir /srv/gitolite/remotes
%attr(-,git,git) %dir /srv/gitolite/repositories/{,docs,forks,requests,tickets}
%attr(-,git,git) %dir /srv/gitolite/.gitolite/{,conf,keydir,logs}
%attr(750,git,git) %dir /srv/gitolite/.ssh
%attr(-,git,git) %config(noreplace) /srv/gitolite/.gitolite/conf/gitolite.conf
%attr(-,git,git) %config(noreplace) /srv/gitolite/.gitolite.rc
%attr(-,git,git) %dir /srv/www/pagure-releases
%attr(-,git,git) %dir %{_localstatedir}/log/pagure
%files web-apache-httpd
%license LICENSE
%doc files/pagure-apache-httpd.conf
%config(noreplace) %{_sysconfdir}/apache2/vhosts.d/pagure.conf
%config(noreplace) %{_datadir}/pagure/*.wsgi
%files web-nginx
%license LICENSE
%doc files/pagure-nginx.conf
%config(noreplace) %{_sysconfdir}/nginx/vhosts.d/pagure.conf
%{_unitdir}/pagure_web.service
%{_unitdir}/pagure_docs_web.service
%ghost %{_localstatedir}/log/pagure/access_*.log
%ghost %{_localstatedir}/log/pagure/error_*.log
%files theme-upstream
%license LICENSE
%{python3_sitelib}/pagure/themes/upstream/
%files theme-pagureio
%license LICENSE
%{python3_sitelib}/pagure/themes/pagureio/
%files theme-srcfpo
%license LICENSE
%{python3_sitelib}/pagure/themes/srcfpo/
%files theme-chameleon
%license LICENSE
%{python3_sitelib}/pagure/themes/chameleon/
%files theme-default-upstream
%license LICENSE
%{python3_sitelib}/pagure/themes/default
%files theme-default-openSUSE
%license LICENSE
%{python3_sitelib}/pagure/themes/default.openSUSE
%files milters
%license LICENSE
%dir %{_datadir}/pagure/
%{_tmpfilesdir}/%{name}-milter.conf
%{_unitdir}/pagure_milter.service
%{_datadir}/pagure/comment_email_milter.py*
%{_sbindir}/rcpagure_milter
%files ev
%license LICENSE
%{_libexecdir}/pagure-ev/
%{_unitdir}/pagure_ev.service
%{_sbindir}/rcpagure_ev
%files webhook
%license LICENSE
%{_unitdir}/pagure_webhook.service
%{_sbindir}/rcpagure_webhook
%files ci
%license LICENSE
%{_unitdir}/pagure_ci.service
%{_sbindir}/rcpagure_ci
%files logcom
%license LICENSE
%{_unitdir}/pagure_logcom.service
%{_sbindir}/rcpagure_logcom
%files loadjson
%license LICENSE
%{_unitdir}/pagure_loadjson.service
%{_sbindir}/rcpagure_loadjson
%files mirror
%license LICENSE
%{_unitdir}/pagure_mirror.service
%{_sbindir}/rcpagure_mirror
%changelog