====== SIP Router - GIT Repository - Generic Settings ======


===== Mail Notifications =====

The central git repository can send email notifications whenever a
contributor pushes commits into it. The mailing script is in
$GIT_REPO/hooks/mail and it is called from $GIT_REPO/hooks/update. The
notifications can be configured from the repository. To enable mail
notifications you have to set mailNotifications to true in the hooks
section:

<code>
[hooks]
    mailNotification = true
</code>

After that you need to configure the sender and recipient email
addresses and a link to gitweb. These parameters belong to section
mail:

<code>
[mail]
    envelopeSender = admin@sip-router.org
    recipient = admin@sip-router.org
    gitwebURL = http://git.sip-router.org/cgi-bin/gitweb.cgi
</code>

Parameter ''envelopeSender'' configures the sender address to be put
in the message envelope. This is the email address that will receive
delivery status notification and notifications of failures. This is
not the email address that will be put in From header, the From header
will be set to your name and email address which you configured in git
and which appears in the commits.

Parameter ''recipient'' is the destination address, usually a
development mailing list. Mail notifications can contain a link to
gitweb in the body, configure ''gitwebURL'' with the URL to your
gitweb if you want to have a link to gitweb in your email
notifications.

The mapping of usernames to email addresses is done using a static
file. The original commitlog script used a static address in From. I
then modified the script to extract the author information from the
commit object so that we can use it in From and people can reply to
commitlog messages directly -- reaching the author of the
change. Unfortunately this did not work as I expected. A contributor
might pull some changes from a private repository for somebody else
and then the email address of that person would be in the author field
and in From header of the commitlog, although the commit was done by
somebody else. Then we tried to use the committer field from the
commit object, but the result was the same, most of the time it
contains the same email address as the author field.

It turned out that we couldn't use GIT_COMMITTER_NAME and
GIT_COMMITTER_EMAIL environment variables in people's ''~/.bashrc''
either to be used in From, because git executes the shell as
non-interactive and non-login so the startup files are ignored when
git executes commands and hooks on the server.

So I ended up adding a simple mapping file, it is in $GIT_DIR/email_map

format is 
<code>
username=First Last <email>
</code>

You can define a catch-all rule in the mapping file which will be used
whenever no matching username can be find if you replace the username
with *:

<code>
*=root@localhost
</code>

and I added a new configuration option to the git config where you can
specify with mapping file will be used for the repository:

<code>
[mail]
    envelopeSender = email_addr
    recipient = email_addr
    gitwebURL = http://git.sip-router.org/cgi-bin/gitweb.cgi
    emailMap = $GIT_DIR/email_map
</code>

The mailing script dies if it cannot translate a username to email
address. It is also possible specify a static From address in the git
confiuration file, i.e:

<code>
[mail]
    from=admin@sip-router.org
</code>

Then the static configuration takes precedence. Two more improvements
to come are:

  * Update the cvs synchronization script so that we get notifications of commits from cvs.
  * Implement a new option which would allow us to explicitly set the list of branches that generate commit logs.

===== Branch ACLs =====

Write access to specific branches can be limited. This is implemented
in the update hook.  There are 2 files that control who can commit and
on which branch:
   *  **$GIT_DIR/info/allowed-users** : contains one branch pattern and a user pattern list on each line (the patterns are 
 regular expressions separated by white space). Empty lines and comments (lines starting with '#') are allowed. The branch rules evaluate in the order
they are written in the file and they stop at the first match. If the username matches one of the user patterns on the first line matching the branch it will be allowed to commit, else if the branch matched it will be denied and if no branch pattern matched it depends on the **acl.defaultPolicy** config variable.
<code>
# Example:
# Format: branch_pattern user_pattern_list
# All the patterns are regular expressions, separated by whitespace
# A branch patter starting with a '+' has a special meaning: on that branch
# non-fast-forwards are allowed.
# The pattern evaluation stops on first match (so all user allowed to commit
# on some branch should be listed on the same line)

# original ser branches are read only (only root is allowed to update them)
refs/heads/cvs-head     root

# everybody can do any change in tmp/* branches
+refs/heads/tmp/.*      .*

# everybody can commit on the master branch
refs/heads/master$      .*

# everybody can make any tag
refs/tags/.*            .*
</code>

  * **$GIT_DIR/info/allowed-groups** : same as above but uses unix group names instead of usernames. It's evaluated only if no match
 was found in **$GIT_DIR/info/allowed-users**.

Config options:
  * **acl.defaultPolicy** : if set to "allow" and no rules match the branchname in the allowed-user or allowed-group files, the commit will be allowed. If set to any other value, it will be denied.
  * **acl.usernameBranches** : is set to "allow" commits to branches of the form ${username}/.* are allowed, even if access to them
is not explicitely allowed in the allowed-user file.

Example config acl section:
<code>
[acl]
        defaultPolicy = deny
        usernameBranches = allow
</code>


===== Changelog =====
  * ''2008-08-21'': Hook post-update made executable in the ser shared repository to make sure that git-update-info is run--the repository is published over HTTP.
  * ''2008-08-19'': Fixed links to stylesheets and images in gitweb
  * ''2008-08-18'': Automatically generated doxygen documentation
  * ''2008-08-14'': Mapping of usernames to email addresses added, support for catch-all mapping rule, commit logs from cvs sync script
  * ''2008-08-13'': Commitlogs installed and configured
  * ''2008-08-12'': CVS emulation enabled
  * ''2008-08-11'': gitweb working, repo available through http, git, and ssh
  * ''2008-08-10'': Automatic synchronization with cvs on berlios
  * ''2008-08-09'': Migrated to new host

===== Remember =====
  * When setting up a repository that should be available through HTTP (i.e. dumb server), it is necessary to do ''chmod +x repository/hooks/post-update''. This makes sure that every time you push into the repository, ''git-update-info'' will be run.

  * Run ''git-repack'' and ''git-prune-packed'' from time to time in the repository.