Project

General

Profile

Actions

Feature #4253

closed

[API] Users can create their own arvados-hosted git repositories

Added by Tim Pierce about 10 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Target version:
Story points:
2.0

Description

Summary: Similar to github. Each user gets one username, and owns the {git}/username/* namespace.

Assigning usernames

Add "username" attribute to users table.
  • Can be null.
  • Unique.
  • Starts with alpha. Contains only alphanum.
  • Only admin can change. (Could change in future, but simplifies for now.)
  • Migration: for active users, copy VM login name if there is one, otherwise assign one based on email address. For inactive users, leave null.
Future:
  • Add "username" to user profile setup page. Allow user to change own username from null to non-null. Stay on profile page until a unique username is successfully saved.
  • Unique across all federated sites.

Repositories

Repository names
  • Repository with name=bar, owned by user with username=foo, is "{base}/foo/bar.git"
  • name cannot be null.
  • {owner_uuid, name} is unique.
  • name starts with alpha, contains only alphanum.
  • Migrate existing repositories to owner_uuid=system_user_uuid. These will continue to be available at "{base}/foo.git".
  • Repository table "name" column has "foo/bar" (model needs to ensure the "foo" part stays synchronized with owner_uuid->username)
Repository permissions
  • User can create a repository with owner_uuid==current_user.uuid but not with any other owner_uuid (unless current_user.is_admin) Owner_uuid can be set/changed to any user writable by current_user, which is only current_user itself for a non-admin in a typical setup. This part is the same as standard permission behavior.
  • owner_uuid must refer to a user, not a group (even if current_user.is_admin)
  • Permission summary provided to gitolite grants repository owner RW+ permission
  • Export repository names as "username/reponame" (assuming this is convenient for gitolite permission-sync script).
  • Update gitolite permission-sync script.
UI for managing repos
  • On manage account page (at least for now)
  • Add new repository -> dialog box (or inline, if easier)
    • Show note that repositories cannot be renamed
    • Show note that it will take a minute or two before "git clone" will work (aside/future: can Workbench get feedback from the git system somehow so it can say "pending" on new repos?)
  • (Probably) future: Delete repository -> confirm with alert box (cannot be undone). Depends on gitolite moving the old repo out of the way in case a new one is created with the same name.
Gitolite changes
  • Can we store repositories themselves by uuid instead of name? Perhaps symlink names to uuids. This could help with "rename" and "delete" (e.g., delete any symlinks that aren't mentioned in the current permission list; never delete actual git repos).

Other stuff to test

  • Submit jobs & pipelines using repository="username/reponame"

Open questions

  • Any difficult bits on the gitolite/git-daemon side?

Subtasks 13 (0 open13 closed)

Task #5275: Specify desired behaviorResolvedTom Clegg10/17/2014Actions
Task #5444: Confirm gitolite integration plan looks OKResolvedWard Vandewege10/17/2014Actions
Task #5617: Review 4253-gitolite-migration-wipResolvedWard Vandewege03/31/2015Actions
Task #5477: Assign usernamesResolvedBrett Smith03/17/2015Actions
Task #5479: Update repository permission rulesResolvedBrett Smith03/17/2015Actions
Task #5480: Update Workbench repository management UIResolvedBrett Smith03/17/2015Actions
Task #5508: Make sure repository fetch_url is properly updated on renameClosedBrett Smith03/19/2015Actions
Task #5555: Update documentation for new repository names (e.g., 'you/you')ResolvedBrett Smith03/24/2015Actions
Task #5579: Review puppet branch 4253-user-git-repos-wipResolvedWard Vandewege03/27/2015Actions
Task #5578: Review Puppet branch 4253-gitolite3-wipResolvedWard Vandewege03/26/2015Actions
Task #5512: Review 4253-user-usernames-wipResolvedPeter Amstutz03/19/2015Actions
Task #5478: Update repository name rulesResolvedBrett Smith03/17/2015Actions
Task #5605: Review 4253-user-repos-wipResolvedBrett Smith03/29/2015Actions

Related issues 3 (0 open3 closed)

Related to Arvados - Bug #5192: [API] Disallow changing the name of a repository record (by non-admin users)ResolvedRadhika ChippadaActions
Related to Arvados - Bug #5506: arv-copy issue with moving pathomap templateClosedPeter Amstutz03/18/2015Actions
Related to Arvados - Bug #6663: [Documentation] Document git repository setupResolvedTom Clegg07/17/2015Actions
Actions

Also available in: Atom PDF