Launchpad itself

Add Git HTTPS push tokens for snapcraft experiment

Bug #1824399 reported by Colin Watson
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Fix Released
High
Colin Watson

Bug Description

There's some experimental work going on in snapcraft that would be made easier by being able to request temporary push tokens allowing users to push to Launchpad-hosted Git repositories over HTTPS (so that they don't have to set up SSH keys). This is a special case of the more general requirement for what some other sites call "HTTPS access tokens" or similar, but it's simpler because we don't need to make the tokens persistent or add UI for managing/revoking them, but for the moment we can just issue tokens with a relatively short expiry period.

I'm working on this, and am filing this bug to track the work.

Related branches

lp:~cjwatson/launchpad/git-issue-access-tokens
William Grant: Approve (code)
Diff: 745 lines (+417/-36)
9 files modified
lib/lp/code/configure.zcml (+10/-1)
lib/lp/code/model/codeimportjob.py (+3/-3)
lib/lp/code/model/gitrepository.py (+101/-1)
lib/lp/code/model/tests/test_gitrepository.py (+233/-0)
lib/lp/services/authserver/tests/test_authserver.py (+3/-3)
lib/lp/services/macaroons/interfaces.py (+7/-2)
lib/lp/services/macaroons/model.py (+54/-20)
lib/lp/snappy/model/snapbuild.py (+3/-3)
lib/lp/soyuz/model/binarypackagebuild.py (+3/-3)
lp:~cjwatson/launchpad/git-honour-access-tokens
William Grant: Approve (code)
Diff: 249 lines (+145/-14)
3 files modified
lib/lp/code/model/codeimportjob.py (+4/-0)
lib/lp/code/xmlrpc/git.py (+25/-14)
lib/lp/code/xmlrpc/tests/test_git.py (+116/-0)
lp:~cjwatson/launchpad/git-export-issue-access-token
William Grant: Approve (code)
Diff: 140 lines (+81/-2)
3 files modified
lib/lp/code/interfaces/gitrepository.py (+17/-1)
lib/lp/code/model/gitrepository.py (+14/-0)
lib/lp/code/model/tests/test_gitrepository.py (+50/-1)
lp:~cjwatson/launchpad/git-repository-macaroon-secret-key
William Grant: Approve (code)
Diff: 46 lines (+12/-2)
3 files modified
lib/lp/code/model/gitrepository.py (+8/-0)
lib/lp/code/model/tests/test_gitrepository.py (+1/-2)
lib/lp/services/config/schema-lazr.conf (+3/-0)
lp:~cjwatson/launchpad/export-git-repositories-new
Rejected for merging into lp:launchpad
Launchpad code reviewers: Pending requested
Diff: 496 lines (+185/-80)
9 files modified
lib/lp/code/errors.py (+5/-1)
lib/lp/code/interfaces/gitnamespace.py (+6/-2)
lib/lp/code/interfaces/gitrepository.py (+15/-2)
lib/lp/code/model/githosting.py (+2/-2)
lib/lp/code/model/gitnamespace.py (+42/-2)
lib/lp/code/model/gitrepository.py (+21/-6)
lib/lp/code/model/tests/test_gitrepository.py (+66/-0)
lib/lp/code/xmlrpc/git.py (+27/-64)
lib/lp/code/xmlrpc/tests/test_git.py (+1/-1)
~cjwatson/launchpad:export-git-repositories-new
William Grant: Approve (code)
Diff: 496 lines (+184/-79)
9 files modified
lib/lp/code/errors.py (+5/-1)
lib/lp/code/interfaces/gitnamespace.py (+6/-2)
lib/lp/code/interfaces/gitrepository.py (+15/-2)
lib/lp/code/model/githosting.py (+2/-2)
lib/lp/code/model/gitnamespace.py (+42/-2)
lib/lp/code/model/gitrepository.py (+21/-6)
lib/lp/code/model/tests/test_gitrepository.py (+66/-0)
lib/lp/code/xmlrpc/git.py (+26/-63)
lib/lp/code/xmlrpc/tests/test_git.py (+1/-1)
Colin Watson (cjwatson)
Changed in launchpad:
assignee: nobody → Colin Watson (cjwatson)
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

r18954 in stable (http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/18954) is part of this bug's fix.

tags: added: qa-needstesting
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

r18958 in stable (http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/18958) is part of this bug's fix.

Colin Watson (cjwatson)
tags: added: qa-ok
removed: qa-needstesting
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

r19049 in stable (http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/19049) is part of this bug's fix.

tags: added: qa-needstesting
removed: qa-ok
Colin Watson (cjwatson)
tags: added: qa-ok
removed: qa-needstesting
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

Fixed in stable r19050 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/19050>.

tags: added: qa-needstesting
removed: qa-ok
Changed in launchpad:
status: In Progress → Fix Committed
Revision history for this message
Colin Watson (cjwatson) wrote :

This is safe to deploy because the new issueAccessToken method will fail with "RuntimeError: codehosting.git_macaroon_secret_key not configured" until we get that configured. I'll file a ticket for that.

tags: added: qa-ok
removed: qa-needstesting
Revision history for this message
Colin Watson (cjwatson) wrote :

Some more of this is deployed now. However, we still need that configuration tweak, and I realised that we also need a way to create repositories via the API, so I'm working on that.

Changed in launchpad:
status: Fix Committed → In Progress
Colin Watson (cjwatson)
Changed in launchpad:
status: In Progress → Fix Committed
Colin Watson (cjwatson)
Changed in launchpad:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.