DVCS in big corporation
-
Upload
dchaffiol -
Category
Technology
-
view
2.060 -
download
4
description
Transcript of DVCS in big corporation
![Page 1: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/1.jpg)
November, 14th 2011 DVCS in big Corporation
DVCS in big Corporation
![Page 2: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/2.jpg)
November, 14th 2011 DVCS in big Corporation
DVCS in big Corporation
Solutions● Centralization● Visualization
Challenges● Authentication● Authorization
About● Me● DVCS
![Page 3: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/3.jpg)
November, 14th 2011 DVCS in big Corporation
Quick notes
![Page 4: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/4.jpg)
November, 14th 2011 DVCS in big Corporation
About : me
![Page 5: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/5.jpg)
November, 14th 2011 DVCS in big Corporation
About : me on SO
A Lot Rep
Many times during the day
Every single day
ask@me
100K+
![Page 6: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/6.jpg)
November, 14th 2011 DVCS in big Corporation
CVCSServer sideClient side
![Page 7: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/7.jpg)
November, 14th 2011 DVCS in big Corporation
And then, a miracle:
![Page 8: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/8.jpg)
November, 14th 2011 DVCS in big Corporation
DVCSServer sideClient side
![Page 9: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/9.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
![Page 10: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/10.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
eclipse
![Page 11: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/11.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
eclipse
![Page 12: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/12.jpg)
November, 14th 2011 DVCS in big Corporation
Reaction?
Not enthusiastic
![Page 13: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/13.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Authentication.
Who is VonC?
LDAP
X41064
![Page 14: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/14.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Communication
![Page 15: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/15.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Publication
![Page 16: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/16.jpg)
November, 14th 2011 DVCS in big Corporation
Centralization
Server
![Page 17: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/17.jpg)
November, 14th 2011 DVCS in big Corporation
Centralization
itsvcprd git
![Page 18: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/18.jpg)
November, 14th 2011 DVCS in big Corporation
Server
![Page 19: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/19.jpg)
November, 14th 2011 DVCS in big Corporation
Server
MUTUALIZED
![Page 20: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/20.jpg)
November, 14th 2011 DVCS in big Corporation
Server
![Page 21: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/21.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not root
Sudo apt-get install git
![Page 22: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/22.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not alone
Services are managed by root
![Page 23: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/23.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not in control
/usr/local content can change at any time
![Page 24: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/24.jpg)
November, 14th 2011 DVCS in big Corporation
Help?
![Page 25: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/25.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything
![Page 26: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/26.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: root
![Page 27: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/27.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: alone● Tailored services (ssh, ldap, https)
![Page 28: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/28.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: in control
Your own version of ~/usr/local
![Page 29: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/29.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Download sources
![Page 30: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/30.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Configure./configure --prefix=${HULA}/@@NAMEVER@@ --with-lib=${HULL} --with-openssl --with-curl --with-expat --with-iconv=${HUL} --with-gitconfig=${HUL}/var/gitconfig --with-editor=vim --with-perl=${HULA}/perl/bin/perl --with-zlib=${HUL} --with-tcltk=no --with-python=${HULA}/python/bin/python
./configure --prefix=${HULA}/@@NAMEVER@@ --with-lib=${HULL} --with-openssl --with-curl --with-expat --with-iconv=${HUL} --with-gitconfig=${HUL}/var/gitconfig --with-editor=vim --with-perl=${HULA}/perl/bin/perl --with-zlib=${HUL} --with-tcltk=no --with-python=${HULA}/python/bin/python./configure --prefix=${HULA}/@@NAMEVER@@
--enable-ssl=shared --enable-ssl --with-ssl=${HUL}/ssl --enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http --with-ldap --enable-ldap --enable-authnz-ldap --enable-authn-alias --with-apr=${HUL} --with-apr-util=${HUL} --enable-mods-shared=all --with-z=${HUL} @@WITHOUT_GNU_LD@@
./configure --prefix=${HULA}/@@NAMEVER@@ --enable-ssl=shared --enable-ssl --with-ssl=${HUL}/ssl --enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http --with-ldap --enable-ldap --enable-authnz-ldap --enable-authn-alias --with-apr=${HUL} --with-apr-util=${HUL} --enable-mods-shared=all --with-z=${HUL} @@WITHOUT_GNU_LD@@
./configure --prefix=${HULS}/@@NAMEVER@@ --enable-shared --enable-static --with-zlib=${HUL} --with-ssl-engine=${HUL}/ssl --without-privsep-user --with-pid-dir=${HUL}/var/run --with-default-path=@@PATH@@ --with-privsep-path=${HUL}/var/empty @@WITHOUT_GNU_LD@@
./configure --prefix=${HULS}/@@NAMEVER@@ --enable-shared --enable-static --with-zlib=${HUL} --with-ssl-engine=${HUL}/ssl --without-privsep-user --with-pid-dir=${HUL}/var/run --with-default-path=@@PATH@@ --with-privsep-path=${HUL}/var/empty @@WITHOUT_GNU_LD@@
![Page 31: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/31.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?● Make● Make install
![Page 32: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/32.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Rinse and repeat
GitGit
Gcc 3.4.6openssl,libssh2,curl,libiconv,expat,libidn,zlibGcc 3.4.6openssl,libssh2,curl,libiconv,expat,libidn,zlib
opensshApache Http, lynxSubversion, Python, perl
opensshApache Http, lynxSubversion, Python, perl
=
+
32 libraries
14 applications
4 modules (Perl or ruby)
![Page 33: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/33.jpg)
November, 14th 2011 DVCS in big Corporation
Manual Automated recompilation
![Page 34: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/34.jpg)
November, 14th 2011 DVCS in big Corporation
You've got git.
Now What?
![Page 35: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/35.jpg)
November, 14th 2011 DVCS in big Corporation
What is missing?Server sideClient side
![Page 36: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/36.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: authorization script
Repo1: user1, user2
Repo2: user2, user3
gl-auth-command
+=
Server side
Git command
Client side
Cmd output
![Page 37: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/37.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: openssh
Repo1: user1, user2
Repo2: user2, user3
Server side
Git command
Client side
Cmd output
gl-auth-command
ssh
![Page 38: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/38.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: forced command
Command= "compileEverything/gitolite/bin/gl-auth-command bjensen",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsaAAAAB3NzaC1yc2EAAA...
~/.ssh/authorized_keys
![Page 39: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/39.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: not for users
Repo1: fisheye
Repo2: sonar
Server sideClient side
gl-auth-command
ssh
Repo1: user1
Repo2: user2
![Page 40: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/40.jpg)
November, 14th 2011 DVCS in big Corporation
SSH is not enoughServer sideClient side
ssh gitolite
![Page 41: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/41.jpg)
November, 14th 2011 DVCS in big Corporation
Git & “smart http”Server sideClient side
httpd
git-http-backend
![Page 42: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/42.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: httpd
gl-auth-command
Server side
Git command
Client side
Http answer
httpd
LDAP
+=
git-http-backend
![Page 43: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/43.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: LDAP alias
<AuthnProviderAlias ldap myldap> AuthLDAPBindDN cn=Manager,dc=example,dc=com AuthLDAPBindPassword secret AuthLDAPURL ldap://localhost:9011/dc=example,dc=com ?uid?sub?(objectClass=*)</AuthnProviderAlias>
Httpd.conf
![Page 44: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/44.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: REMOTE_USER
Httpd.conf
ScriptAlias /hgit/ compileEverything/gitolite/bin/gl-auth-command/ <Location /hgit> AuthName "LDAP authentication for ITSVC Smart HTTP Git repositories" AuthBasicProvider myldap Require valid-user AddHandler cgi-script cgi </Location>
![Page 45: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/45.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: https://itsvcprdgit:8453/hgit
# GitHttp on 8453<VirtualHost itsvcprdgit.world.company:8453> ServerName itsvcprdgit.world.company ServerAlias itsvcprdgit SetEnv GIT_PROJECT_ROOT /path/to/repositories SetEnv GIT_HTTP_EXPORT_ALL SetEnv GITOLITE_HTTP_HOME /home/auser/compileEverything
Httpd.conf
![Page 46: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/46.jpg)
November, 14th 2011 DVCS in big Corporation
Httpd: multi-domain SSL certificateServer sideClient side
httpd
itsvcprdgit.world.company
itsvcprdgit
X509v3 extensions: X509v3 Subject Alternative Name: DNS:itsvcprdgit.world.company, DNS:itsvcprdgit
![Page 47: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/47.jpg)
November, 14th 2011 DVCS in big Corporation
Are we there yet?Server sideClient side
ssh
httpd
gitolite
![Page 48: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/48.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb
![Page 49: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/49.jpg)
November, 14th 2011 DVCS in big Corporation
gitweb.cgi ?Server sideClient side
httpd
?
Gitweb.cgigl-auth-command
![Page 50: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/50.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: GL_USER
# finally the user name$ENV{GL_USER} = $cgi->remote_user || "gitweb";# now get gitolite stuff in...unshift @INC, $ENV{GL_BINDIR};require gitolite; gitolite -> import;
~/gitweb/gitweb.conf.pl
![Page 51: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/51.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: repo_rights()
$export_auth_hook = sub { my $repo = shift; return unless $repo =~ s/^\Q$projectroot\E\/?(.+)\.git$/$1/; # check for (at least) "R" permission my ($perm, $creator) = &repo_rights($repo); return ($perm =~ /R/);};
~/gitweb/gitweb.conf.pl
![Page 52: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/52.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: https://itsvcprdgit:8443/git
DocumentRoot compileEverything/gitweb Alias /git compileEverything/gitweb <Directory compileEverything/gitweb> AuthBasicProvider myldap AddHandler cgi-script cgi DirectoryIndex gitweb.cgi </Directory>
Httpd.conf
![Page 53: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/53.jpg)
November, 14th 2011 DVCS in big Corporation
Are we there now?Server sideClient side
ssh
httpd
gitolite
gitweb
![Page 54: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/54.jpg)
November, 14th 2011 DVCS in big Corporation
CGit
![Page 55: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/55.jpg)
November, 14th 2011 DVCS in big Corporation
cgit.cgi ?Server sideClient side
httpd
cgit.cgigl-auth-command
![Page 56: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/56.jpg)
November, 14th 2011 DVCS in big Corporation
CGit: repo_rights()
if ($request_uri ne "/cgit/" && $request_uri ne "/cgit/cgit.pl/") { (my $repo)=($path_info =~ /\/([^\/]+)/); my ($perm, $creator) = &repo_rights($repo); if ($perm =~ /R/) system("compileEverything/cgit/cgit.cgi"); else print " <h1>HTTP Status 403 - Access is denied</h1>\n"; }
~/cgit/cgit.pl
![Page 57: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/57.jpg)
November, 14th 2011 DVCS in big Corporation
CGit: https://itsvcprdgit:8463/cgit
DocumentRoot compileEverything/cgit Alias /cgit compileEverything/cgit <Directory compileEverything/cgit> AuthBasicProvider myldap SetEnv GIT_PROJECT_ROOT=.../repositories AddHandler cgi-script .cgi .pl DirectoryIndex cgit.pl </Directory>
Httpd.conf
![Page 58: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/58.jpg)
November, 14th 2011 DVCS in big Corporation
And now?Server sideClient side
ssh
httpd
gitweb
cgit
https://itsvcprdgit:8453/hgit
https://itsvcprdgit:8443/git
https://itsvcprdgit:8463/cgit
![Page 59: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/59.jpg)
November, 14th 2011 DVCS in big Corporation
What do they want?Server sideClient side
ssh
httpd
gitweb
cgit
https://itsvc/hgit
https://itsvc/git
https://itsvc/cgit
NO PORT NUMBER
SHORT NAMES
![Page 60: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/60.jpg)
November, 14th 2011 DVCS in big Corporation
Reverse ProxyServer sideClient side
ssh
httpd
gitweb
cgit
itsvc
![Page 61: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/61.jpg)
November, 14th 2011 DVCS in big Corporation
NGinx: https://itsvc/xxx
location /hgit/ { proxy_pass https://itsvcprdgit.world.company:8453/hgit/;}location /git/ { proxy_pass https://itsvcprdgit.world.company:8443/git/;}location /cgit/ { proxy_pass https://itsvcprdgit.world.company:8463/cgit/;}
nginx.conf
![Page 62: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/62.jpg)
November, 14th 2011 DVCS in big Corporation
There, there?Server sideClient side
ssh
httpd https://itsvc/hgit
https://itsvc/git
https://itsvc/cgit
![Page 63: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/63.jpg)
November, 14th 2011 DVCS in big Corporation
What!?Server sideClient side
![Page 64: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/64.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: authorname
![Page 65: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/65.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: gitolite + hookServer sideClient side
gl-auth-commandPre-receive
hook
![Page 66: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/66.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: pre-receive hookglog=`git log --format='%cn~%h~%s' $new --not --all`for cns in $glog ; do atLeastOneCommit=true echo branch $name: $cns cn=`echo $cns | cut -d~ -f1` hash=`echo $cns | cut -d~ -f2` subject=`echo $cns | cut -d~ -f3` if [ "$cn" = "$GL_USER" ]; then echo "one commit found with $GL_USER as committer name" exit 0 fidone
![Page 67: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/67.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: pre-receive hook effect
remote: no commit with a committer name equals to 'bjensen', so this push is denied.
push
![Page 68: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/68.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: Actual user on server
putty
Server sideClient side
![Page 69: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/69.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: authorname on serverauser@vonc-VirtualBox:~/gitolite/demo$ ../../bin/git commit -m "default user on server"[master c694ed7] default user on server Committer: auser <auser@vonc-VirtualBox.(none)>Your name and email address were configuredautomatically based on your username and hostname. Please check that they are accurate. git config --global user.name "Your Name" git config --global user.email [email protected]
![Page 70: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/70.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: putty+ git wrapper
Git wrapper
Server sideClient side
putty
![Page 71: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/71.jpg)
November, 14th 2011 DVCS in big Corporation
alias agitBjensenItsvcprdgit='alias git="${H}/sbin/wgit u bjensen,[email protected],itsvcprdgit.world.company,bjensen"'
auser@vonc-VirtualBox:~$ git st[ bjensen,[email protected] for itsvcprdgit.world.company ]# On branch masternothing to commit (working directory clean)
Issue2: authorname on server
[ bjensen,[email protected] for itsvcprdgit.world.company ]
![Page 72: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/72.jpg)
November, 14th 2011 DVCS in big Corporation
Finally, are we there?Server sideClient side
ssh
httpd
gitolite
gitweb cgit
Pre-receivehook
Gitwrapper
![Page 73: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/73.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Server is hard
![Page 74: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/74.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Application is hard
![Page 75: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/75.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Big Corporation
![Page 76: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/76.jpg)
November, 14th 2011 DVCS in big Corporation
Any questions?
![Page 77: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/77.jpg)
November, 14th 2011 DVCS in big Corporation
DVCS in big Corporation
If you need to introduce any tool in a big corporation, this presentation will help you be ware of the question you need to be prepare to answer.
This is a more Git-oriented presentation, but most of it equally applies to Mercurial.
![Page 78: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/78.jpg)
November, 14th 2011 DVCS in big Corporation
DVCS in big Corporation
Solutions● Centralization● Visualization
Challenges● Authentication● Authorization
About● Me● DVCS
![Page 79: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/79.jpg)
November, 14th 2011 DVCS in big Corporation
Quick notes
http://www.slideshare.net/dchaffiol/dvcs-in-big-corporation
![Page 80: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/80.jpg)
November, 14th 2011 DVCS in big Corporation
About : me
The opinions and elements in this presentations are mine and does not represent my current or former clients.
![Page 81: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/81.jpg)
November, 14th 2011 DVCS in big Corporation
About : me on SO
A Lot Rep
Many times during the day
Every single day
ask@me
100K+
![Page 82: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/82.jpg)
November, 14th 2011 DVCS in big Corporation
CVCSServer sideClient side
![Page 83: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/83.jpg)
November, 14th 2011 DVCS in big Corporation
And then, a miracle:
![Page 84: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/84.jpg)
November, 14th 2011 DVCS in big Corporation
DVCSServer sideClient side
![Page 85: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/85.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
![Page 86: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/86.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
eclipse
![Page 87: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/87.jpg)
November, 14th 2011 DVCS in big Corporation
Git on a client
eclipse
![Page 88: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/88.jpg)
November, 14th 2011 DVCS in big Corporation
Reaction?
Not enthusiastic
![Page 89: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/89.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Authentication.
Who is VonC?
LDAP
X41064
![Page 90: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/90.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Communication
![Page 91: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/91.jpg)
November, 14th 2011 DVCS in big Corporation
Issues? Publication
![Page 92: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/92.jpg)
November, 14th 2011 DVCS in big Corporation
Centralization
Server
![Page 93: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/93.jpg)
November, 14th 2011 DVCS in big Corporation
Centralization
itsvcprd git
![Page 94: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/94.jpg)
November, 14th 2011 DVCS in big Corporation
Server
![Page 95: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/95.jpg)
November, 14th 2011 DVCS in big Corporation
Server
MUTUALIZED
![Page 96: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/96.jpg)
November, 14th 2011 DVCS in big Corporation
Server
![Page 97: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/97.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not root
Sudo apt-get install git
![Page 98: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/98.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not alone
Services are managed by root
![Page 99: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/99.jpg)
November, 14th 2011 DVCS in big Corporation
Server: not in control
/usr/local content can change at any time
![Page 100: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/100.jpg)
November, 14th 2011 DVCS in big Corporation
Help?
http://serverfault.com/questions/281810/how-to-install-packages-on-linux-or-solaris-on-non-default-paths
![Page 101: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/101.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything
![Page 102: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/102.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: root
![Page 103: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/103.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: alone● Tailored services (ssh, ldap, https)
![Page 104: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/104.jpg)
November, 14th 2011 DVCS in big Corporation
Recompile Everything: in control
Your own version of ~/usr/local
![Page 105: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/105.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Download sources
![Page 106: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/106.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Configure./configure --prefix=${HULA}/@@NAMEVER@@ --with-lib=${HULL} --with-openssl --with-curl --with-expat --with-iconv=${HUL} --with-gitconfig=${HUL}/var/gitconfig --with-editor=vim --with-perl=${HULA}/perl/bin/perl --with-zlib=${HUL} --with-tcltk=no --with-python=${HULA}/python/bin/python
./configure --prefix=${HULA}/@@NAMEVER@@ --with-lib=${HULL} --with-openssl --with-curl --with-expat --with-iconv=${HUL} --with-gitconfig=${HUL}/var/gitconfig --with-editor=vim --with-perl=${HULA}/perl/bin/perl --with-zlib=${HUL} --with-tcltk=no --with-python=${HULA}/python/bin/python./configure --prefix=${HULA}/@@NAMEVER@@
--enable-ssl=shared --enable-ssl --with-ssl=${HUL}/ssl --enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http --with-ldap --enable-ldap --enable-authnz-ldap --enable-authn-alias --with-apr=${HUL} --with-apr-util=${HUL} --enable-mods-shared=all --with-z=${HUL} @@WITHOUT_GNU_LD@@
./configure --prefix=${HULA}/@@NAMEVER@@ --enable-ssl=shared --enable-ssl --with-ssl=${HUL}/ssl --enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http --with-ldap --enable-ldap --enable-authnz-ldap --enable-authn-alias --with-apr=${HUL} --with-apr-util=${HUL} --enable-mods-shared=all --with-z=${HUL} @@WITHOUT_GNU_LD@@
./configure --prefix=${HULS}/@@NAMEVER@@ --enable-shared --enable-static --with-zlib=${HUL} --with-ssl-engine=${HUL}/ssl --without-privsep-user --with-pid-dir=${HUL}/var/run --with-default-path=@@PATH@@ --with-privsep-path=${HUL}/var/empty @@WITHOUT_GNU_LD@@
./configure --prefix=${HULS}/@@NAMEVER@@ --enable-shared --enable-static --with-zlib=${HUL} --with-ssl-engine=${HUL}/ssl --without-privsep-user --with-pid-dir=${HUL}/var/run --with-default-path=@@PATH@@ --with-privsep-path=${HUL}/var/empty @@WITHOUT_GNU_LD@@
![Page 107: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/107.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?● Make● Make install
![Page 108: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/108.jpg)
November, 14th 2011 DVCS in big Corporation
Manual recompilation?
Rinse and repeat
GitGit
Gcc 3.4.6openssl,libssh2,curl,libiconv,expat,libidn,zlibGcc 3.4.6openssl,libssh2,curl,libiconv,expat,libidn,zlib
opensshApache Http, lynxSubversion, Python, perl
opensshApache Http, lynxSubversion, Python, perl
=
+
32 libraries
14 applications
4 modules (Perl or ruby)
![Page 109: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/109.jpg)
November, 14th 2011 DVCS in big Corporation
Manual Automated recompilation
https://github.com/VonC/compileEverything
![Page 110: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/110.jpg)
November, 14th 2011 DVCS in big Corporation
You've got git.
Now What?
![Page 111: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/111.jpg)
November, 14th 2011 DVCS in big Corporation
What is missing?Server sideClient side
![Page 112: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/112.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: authorization script
Repo1: user1, user2
Repo2: user2, user3
gl-auth-command
+=
Server side
Git command
Client side
Cmd output
https://github.com/sitaramc/gitolite
![Page 113: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/113.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: openssh
Repo1: user1, user2
Repo2: user2, user3
Server side
Git command
Client side
Cmd output
gl-auth-command
ssh
![Page 114: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/114.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: forced command
Command= "compileEverything/gitolite/bin/gl-auth-command bjensen",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsaAAAAB3NzaC1yc2EAAA...
~/.ssh/authorized_keys
![Page 115: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/115.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: not for users
Repo1: fisheye
Repo2: sonar
Server sideClient side
gl-auth-command
ssh
Repo1: user1
Repo2: user2
![Page 116: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/116.jpg)
November, 14th 2011 DVCS in big Corporation
SSH is not enoughServer sideClient side
ssh gitolite
![Page 117: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/117.jpg)
November, 14th 2011 DVCS in big Corporation
Git & “smart http”Server sideClient side
httpd
git-http-backend
![Page 118: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/118.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: httpd
gl-auth-command
Server side
Git command
Client side
Http answer
httpd
LDAP
+=
git-http-backend
![Page 119: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/119.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: LDAP alias
<AuthnProviderAlias ldap myldap> AuthLDAPBindDN cn=Manager,dc=example,dc=com AuthLDAPBindPassword secret AuthLDAPURL ldap://localhost:9011/dc=example,dc=com ?uid?sub?(objectClass=*)</AuthnProviderAlias>
Httpd.conf
![Page 120: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/120.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: REMOTE_USER
Httpd.conf
ScriptAlias /hgit/ compileEverything/gitolite/bin/gl-auth-command/ <Location /hgit> AuthName "LDAP authentication for ITSVC Smart HTTP Git repositories" AuthBasicProvider myldap Require valid-user AddHandler cgi-script cgi </Location>
![Page 121: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/121.jpg)
November, 14th 2011 DVCS in big Corporation
Gitolite: https://itsvcprdgit:8453/hgit
# GitHttp on 8453<VirtualHost itsvcprdgit.world.company:8453> ServerName itsvcprdgit.world.company ServerAlias itsvcprdgit SetEnv GIT_PROJECT_ROOT /path/to/repositories SetEnv GIT_HTTP_EXPORT_ALL SetEnv GITOLITE_HTTP_HOME /home/auser/compileEverything
Httpd.conf
![Page 122: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/122.jpg)
November, 14th 2011 DVCS in big Corporation
Httpd: multi-domain SSL certificateServer sideClient side
httpd
itsvcprdgit.world.company
itsvcprdgit
X509v3 extensions: X509v3 Subject Alternative Name: DNS:itsvcprdgit.world.company, DNS:itsvcprdgit
![Page 123: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/123.jpg)
November, 14th 2011 DVCS in big Corporation
Are we there yet?Server sideClient side
ssh
httpd
gitolite
![Page 124: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/124.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb
![Page 125: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/125.jpg)
November, 14th 2011 DVCS in big Corporation
gitweb.cgi ?Server sideClient side
httpd
?
Gitweb.cgigl-auth-command
![Page 126: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/126.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: GL_USER
# finally the user name$ENV{GL_USER} = $cgi->remote_user || "gitweb";# now get gitolite stuff in...unshift @INC, $ENV{GL_BINDIR};require gitolite; gitolite -> import;
~/gitweb/gitweb.conf.pl
![Page 127: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/127.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: repo_rights()
$export_auth_hook = sub { my $repo = shift; return unless $repo =~ s/^\Q$projectroot\E\/?(.+)\.git$/$1/; # check for (at least) "R" permission my ($perm, $creator) = &repo_rights($repo); return ($perm =~ /R/);};
~/gitweb/gitweb.conf.pl
![Page 128: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/128.jpg)
November, 14th 2011 DVCS in big Corporation
GitWeb: https://itsvcprdgit:8443/git
DocumentRoot compileEverything/gitweb Alias /git compileEverything/gitweb <Directory compileEverything/gitweb> AuthBasicProvider myldap AddHandler cgi-script cgi DirectoryIndex gitweb.cgi </Directory>
Httpd.conf
![Page 129: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/129.jpg)
November, 14th 2011 DVCS in big Corporation
Are we there now?Server sideClient side
ssh
httpd
gitolite
gitweb
![Page 130: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/130.jpg)
November, 14th 2011 DVCS in big Corporation
CGit
![Page 131: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/131.jpg)
November, 14th 2011 DVCS in big Corporation
cgit.cgi ?Server sideClient side
httpd
cgit.cgigl-auth-command
![Page 132: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/132.jpg)
November, 14th 2011 DVCS in big Corporation
CGit: repo_rights()
if ($request_uri ne "/cgit/" && $request_uri ne "/cgit/cgit.pl/") { (my $repo)=($path_info =~ /\/([^\/]+)/); my ($perm, $creator) = &repo_rights($repo); if ($perm =~ /R/) system("compileEverything/cgit/cgit.cgi"); else print " <h1>HTTP Status 403 - Access is denied</h1>\n"; }
~/cgit/cgit.pl
![Page 133: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/133.jpg)
November, 14th 2011 DVCS in big Corporation
CGit: https://itsvcprdgit:8463/cgit
DocumentRoot compileEverything/cgit Alias /cgit compileEverything/cgit <Directory compileEverything/cgit> AuthBasicProvider myldap SetEnv GIT_PROJECT_ROOT=.../repositories AddHandler cgi-script .cgi .pl DirectoryIndex cgit.pl </Directory>
Httpd.conf
![Page 134: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/134.jpg)
November, 14th 2011 DVCS in big Corporation
And now?Server sideClient side
ssh
httpd
gitweb
cgit
https://itsvcprdgit:8453/hgit
https://itsvcprdgit:8443/git
https://itsvcprdgit:8463/cgit
![Page 135: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/135.jpg)
November, 14th 2011 DVCS in big Corporation
What do they want?Server sideClient side
ssh
httpd
gitweb
cgit
https://itsvc/hgit
https://itsvc/git
https://itsvc/cgit
NO PORT NUMBER
SHORT NAMES
![Page 136: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/136.jpg)
November, 14th 2011 DVCS in big Corporation
Reverse ProxyServer sideClient side
ssh
httpd
gitweb
cgit
itsvc
![Page 137: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/137.jpg)
November, 14th 2011 DVCS in big Corporation
NGinx: https://itsvc/xxx
location /hgit/ { proxy_pass https://itsvcprdgit.world.company:8453/hgit/;}location /git/ { proxy_pass https://itsvcprdgit.world.company:8443/git/;}location /cgit/ { proxy_pass https://itsvcprdgit.world.company:8463/cgit/;}
nginx.conf
![Page 138: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/138.jpg)
November, 14th 2011 DVCS in big Corporation
There, there?Server sideClient side
ssh
httpd https://itsvc/hgit
https://itsvc/git
https://itsvc/cgit
![Page 139: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/139.jpg)
November, 14th 2011 DVCS in big Corporation
What!?Server sideClient side
![Page 140: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/140.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: authorname
![Page 141: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/141.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: gitolite + hookServer sideClient side
gl-auth-commandPre-receive
hook
![Page 142: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/142.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: pre-receive hookglog=`git log --format='%cn~%h~%s' $new --not --all`for cns in $glog ; do atLeastOneCommit=true echo branch $name: $cns cn=`echo $cns | cut -d~ -f1` hash=`echo $cns | cut -d~ -f2` subject=`echo $cns | cut -d~ -f3` if [ "$cn" = "$GL_USER" ]; then echo "one commit found with $GL_USER as committer name" exit 0 fidone
![Page 143: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/143.jpg)
November, 14th 2011 DVCS in big Corporation
Issue1: pre-receive hook effect
remote: no commit with a committer name equals to 'bjensen', so this push is denied.
push
![Page 144: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/144.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: Actual user on server
putty
Server sideClient side
![Page 145: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/145.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: authorname on serverauser@vonc-VirtualBox:~/gitolite/demo$ ../../bin/git commit -m "default user on server"[master c694ed7] default user on server Committer: auser <auser@vonc-VirtualBox.(none)>Your name and email address were configuredautomatically based on your username and hostname. Please check that they are accurate. git config --global user.name "Your Name" git config --global user.email [email protected]
![Page 146: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/146.jpg)
November, 14th 2011 DVCS in big Corporation
Issue2: putty+ git wrapper
Git wrapper
Server sideClient side
putty
![Page 147: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/147.jpg)
November, 14th 2011 DVCS in big Corporation
alias agitBjensenItsvcprdgit='alias git="${H}/sbin/wgit u bjensen,[email protected],itsvcprdgit.world.company,bjensen"'
auser@vonc-VirtualBox:~$ git st[ bjensen,[email protected] for itsvcprdgit.world.company ]# On branch masternothing to commit (working directory clean)
Issue2: authorname on server
[ bjensen,[email protected] for itsvcprdgit.world.company ]
![Page 148: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/148.jpg)
November, 14th 2011 DVCS in big Corporation
Finally, are we there?Server sideClient side
ssh
httpd
gitolite
gitweb cgit
Pre-receivehook
Gitwrapper
![Page 149: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/149.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Server is hard
![Page 150: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/150.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Application is hard
![Page 151: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/151.jpg)
November, 14th 2011 DVCS in big Corporation
Conclusion: Big Corporation
![Page 152: DVCS in big corporation](https://reader030.fdocuments.us/reader030/viewer/2022020116/55565f7ed8b42aa41e8b5432/html5/thumbnails/152.jpg)
November, 14th 2011 DVCS in big Corporation
Any questions?