[Git][security-tracker-team/security-tracker][master] Remove historic top-level todo list for svn to git migration

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 6 13:36:19 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fad4fe3 by Salvatore Bonaccorso at 2023-11-06T14:36:05+01:00
Remove historic top-level todo list for svn to git migration

- - - - -


1 changed file:

- − TODO.gitmigration


Changes:

=====================================
TODO.gitmigration deleted
=====================================
@@ -1,90 +0,0 @@
-Setup
-=====
-Repository on alioth
---------------------
-- Commit hook:
-  + pre-commit: Calls
-	"$1/hooks/check-file" "$1" "$2"
-    and in this form requires the name of the file that has been
-    modified. this is not strictly needed if not possible with git,
-    since that is only an optimisation to check the syntax of only
-    that file.
-
-    $1/hooks/check-file: Looks at the modified file and runs
-    bin/check-syntax script checked out in the local checkout in
-    /srv/home/groups/secure-testing/repo . This does not need to be a
-    complete checkout as it uses only the check-syntax and lib
-    directory.
-
-  + post-commit:
-    - Invoke /usr/share/subversion/hook-scripts/commit-email.pl to send
-      email to secure-testing-commits at lists.alioth.debian.org
-    - Runs kgb-client. Configuration is in
-      /home/groups/secure-testing/kgb-client.conf and has setting for
-      svn repository.
-    - Checks out the local copy of the repository on
-      /home/groups/secure-testing/repo (this is possibly not needed
-      anymore in this form)
-
-  + secure-testing-commits mailing list:
-    - sectracker at soriano.debian.org needs to be subscribed to the
-      commits list which are used as triggers to update / create
-      sec-tracker information on security-tracker.debian.org (soriano)
-
-Todos:
-======
-cronjobs:
-- Makefile
-
-alioth project:
-- migrate (active) users (maybe based on only the ones which commited
-to the svn repository in recent years?)
-- get the DD acl applied (then point above only applies to -guest users)
-  => We will add Debian group by default, *-guest user need to re-apply
-
-hooks:
-- this is problematic, we run syntax/sanity checks pre-commit. But with
-  salsa/gitlab there is no easy way anymore without involving protected
-  braches/runners:
-  [18:58] < carnil> is there a way to implement such pre-commit checks with gitlab/salsa?
-  [18:58] < Myon> carnil: I think the short answer is "no"
-  [18:59] < Myon> the longer answer might include protected branches and runners and stuff
-  [...]
-  [20:15] < formorer> carnil: you answer was probably answered, but no thats not possible. Not allowing random hooks was a design decision because it opens several interesting security consequences
-  [20:17] < formorer> carnil: but if you provide a hook, we can review it and enable it
-  [20:18] < formorer> carnil: see https://docs.gitlab.com/ce/administration/custom_hooks.html for details
-  [20:19] < formorer> hope that helps
-  [20:27] < formorer> carnil: https://wiki.debian.org/Salsa/Doc#Custom_Hooks
-
-  => agx/Guido implemented a solution installing a pre-commit hook via
-     bin/setup-repo.
-     although that is not an enforcement it is good enough until CI/runners are
-     available
-
-security-team.debian.org website
-
-- move this file to git
-- ping federico3 to update the codebase for security-metrics.d.n (uses git-svn)
-  => This seems not to be updated anymore
-
-sectracker role account:
-- Creation request: https://salsa.debian.org/salsa/support/issues/6
-  -> Use 'deploy keys'
-- can the role account be added to the project and get the notifications?
-  Possible alternative: https://docs.gitlab.com/ce/user/project/integrations/emails_on_push.html
-  cf. https://salsa.debian.org/salsa/support/issues/5
-- what needs to be done to allow sectracker role account to commit
-  (user creation, guest-user?)
-- Adjust role account procmailrc for trigger updates via mail
-
-bin/tracker_data.py:
-- needs a rewrite, contact buxy (Raphaël Hertzog)
-  => agx/Guido fixed this to work with the git repository
-
-old repository:
-- Add a pre-receive hook to prevent accidental pushes to the old alioth
-  account
-
-References:
-===========
-Mailinglists: https://lists.debian.org/debian-devel-announce/2017/09/msg00004.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fad4fe3b608f19d8d5cb01dfd6486c57c4bd73b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fad4fe3b608f19d8d5cb01dfd6486c57c4bd73b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231106/1b3f7a82/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list