git repository ACLs do not support a "person who can upload this package" type
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
High
|
Unassigned |
Bug Description
This is a feature request.
In the design for git ACLs in Launchpad, provision was left for the ability to specify something like "only a person who can upload to the repository target can push to this ref". But this was not implemented yet.
In git-ubuntu there's user demand for the ability to "stage" uploads in a common repository branch somewhere. In order to make such a branch open to all uploaders, but closed to anyone else, I think we need this implemented in Launchpad please.
The reason I think this is necessary is that then we could (socially) expect individual uploaders to be responsible for their own staged commits, rather than put that all on the person who finally uploaded the entire branch. But this requires that final uploader to rely on the people who staged commits to be authorised to do so, and that would require the ACL.
Related branches
- Andreas Hasenack: Approve
- Server Team CI bot: Approve (continuous-integration)
- Canonical Server Reporter: Pending requested
-
Diff: 257 lines (+231/-0)2 files modifiedgitubuntu/importer.py (+102/-0)
gitubuntu/importer_test.py (+129/-0)
Changed in launchpad: | |
status: | In Progress → Triaged |
Design notes for this are in https:/ /docs.google. com/document/ d/1JW_D_ Tgo4X2- vPMZtShSbi3cm1i OsGcNIzeOpa5E_ wA/edit# heading= h.wthqu55fy3o4. I'll copy the relevant part here:
""" pending/ ubuntu/ bionic or refs/heads/ pending/ ubuntu/ bionic- proposed or similar. However, we don't want to require reconfiguration any time Ubuntu gains a new series, and we don't want to have to hardcode a particular branch layout.
In future, we will also want the ability for repository owners to declare that a branch may be pushed to by people who can upload the package to its distribution. This is especially useful for git-ubuntu, where we want to be able to configure all its repositories to allow people who can upload the package to (e.g.) Ubuntu bionic-proposed to be able to push to refs/heads/
The solution is to observe that some characters are invalid in ref names (see git-check- ref-format( 1)), and so we can use those to construct an escaping syntax that maps parts of the ref namespace to vocabularies. For instance, we might have a rule for refs/heads/ pending/ ubuntu/ @{suite} with a special permission of type PACKAGE_UPLOADER, which would say that anyone who can upload the linked distribution source package to the given suite may push (or force-push, as applicable) to that branch.
"""