We thought it might be a good idea to give everyone a new status update about the progress we are making regarding the conversion to Git. This report has been put together by a couple of members of the sysadmin team. Let’s start with the tasks done in the past weeks:

• SSH Key Management itself can be done in Gosa – but the backend to get it live with gitolite is still to be done (see current todo list below)
• Integration of Reviewboard with LDAP has been accomplished in a testing instance successfully. A script has also been written to sync data such as names and email addresses from LDAP into both Redmine and Reviewboard.
• Gosa has begun to be themed using the kde.org style, chihuahua. Ingo Malchow is brave enough to work on this part.
• Ben Cooksley has been working on making some additional forms for the initial account registration. Basically the new workflow will be like this:
  1. User can register, and can use their account immediately after verifying their email address.
  2. User immediately gets access to redmine and reviewboard and gosa with one and the same login credentials. This is called Single Sign In.
  3. User can change his own data in gosa, for example his ssh public keys. Add more keys or replace lost ones. (yay for no more sysadmin involvement for that)
  4. If the user wants push access to the git repositories (or SVN while it’s still around), he has to apply for that. This is similar to the current form; indicate a supporter and write a small justification.
  5. After evaluation and approval from the supporter, we add the user to the Developers group in gosa, and the user immediately gets push access.
     This grouping mechanism can be extended in the future, to have – for example – a good address book like system for eV-members, or to upgrade users to sysadmins.

The current todo list is basically:

• drive redmine project and reviewboard group creation from gitolite
• This will be used to allow any project to instantly begin to recieve reviews, without any further effort being needed.
• redmine and rb project namespace problems
  At the moment, both Redmine and Reviewboard have problems with projects using the same name, which when you have sub-projects to create a tree of projects, becomes problematic.
• A script to create GOsa accounts, insert SSH key(s) + mail address from the existing data
• Modification of Gitolite to read from LDAP for SSH keys
  By default Gitolite reads the allowed keys from the git admin repository, but we have decided to put the keys in an LDAP database, so there have to be a process to copy the keys to the right place. Currently we do it manually, but that’s not a solution we like :) We just discussed this with Sitaram Chamarty, the author of gitolite and came up with the following workflow:
  • When a user changes a key in gosa, automatically a script is called on the gitolite server so we know something has changed for that user.
  • A script extracts the keys from the LDAP database and updates a folder where all the keys are.
  • Once this is done the internal list of authorised keys will be updated, allowing the new SSH key to be used immediately by the developer.
    That means the keys wont need to go into the special git admin repository which is only accessible by sysadmins. Disadvantage is that this change has to be written by Sitaram with our assistance. So give Sitaram cookies when you see him.
  • Use gitolite for SVN authentication, tying SVN into the unified account system
  • Retire the old “Get an SVN account” web app (as Gosa takes its place)
  • Send out a final set of ‘convert to ssh keys or else your svn access will stop working’ invitations for svn users which use a password currently.
  • Move all the software bits to the right hardware, and give everything the final shake down.

  This blog is a bit on the technical side probably. The open todo’s unfortunately are rather technical, so that’s unavoidable. But it still gives you a good idea about the progress and the things we are currently facing.

  

  We thought it might be a good idea to give everyone a new status update about the progress we are making regarding the conversion to Git. This report has been put together by a couple of members of the sysadmin team. Let's start with the tasks done in the past weeks: SSH Key Management itself can be done in Gosa - but the backend to get it live with gitolite is still to be done (see current todo list below) Integration of Reviewboard with LDAP has been accomplished in a testing instance successfully. A script has also been written to sync data such as names and email addresses from LDAP into both Redmine and Reviewboard. Gosa has begun to be themed using the kde.org style, chihuahua. Ingo Malchow is brave enough to work on this part. Ben Cooksley has been working on making some additional forms for the initial account registration. Basically the new workflow will be like this: User can register, and can use their account immediately after verifying their email address. User immediately gets