From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id DB67B1386F1 for ; Sun, 9 Aug 2015 05:36:30 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 16AD0E086E; Sun, 9 Aug 2015 05:36:21 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7DC05E0864 for ; Sun, 9 Aug 2015 05:36:19 +0000 (UTC) Received: from grubbs.orbis-terrarum.net (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id EB033340A27 for ; Sun, 9 Aug 2015 05:36:16 +0000 (UTC) Received: (qmail 23690 invoked by uid 10000); 9 Aug 2015 05:36:16 -0000 Date: Sun, 9 Aug 2015 05:36:16 +0000 From: "Robin H. Johnson" To: gentoo-dev@lists.gentoo.org Cc: gentoo-scm@lists.gentoo.org, gentoo-core@lists.gentoo.org Subject: [gentoo-dev] Git Migration: go-live! Message-ID: References: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Archives-Salt: 9483ca7f-2a50-4506-af24-fae7de6fc992 X-Archives-Hash: 3769821c7b094d0377cea291e8e6548a On Sat, Aug 08, 2015 at 05:47:14PM +0000, Robin H. Johnson wrote: > On Thu, Jul 02, 2015 at 09:39:52PM +0000, Robin H. Johnson wrote: > > 2015/08/08 15:00 UTC - Freeze > > 2015/08/08 19:00 UTC - Git commits open for developers This is going live in a few minutes. There was a lot of delays and snags that were hit. QA has a lot of reviewing to do of in-tree patches with long-standing CVS keyword damage. gkeys is also not sufficiently baked, so we're using some scripting for now instead [1]. The new setup DOES enforce that commits AND pushes are signed. I'm only 90% sure that everything works, but I've spent almost the entire day on it, and there's more to go tomorrow. Other old CVS repos are still closed for the moment, they will re-open tomorrow. > > 2015/08/09 01:00 UTC - Rsync live again (with lagged changelog) > > 2015/08/11 - History repo available to graft > > 2015/08/12 - rsync mirrors carry up-to-date changelogs again These parts are still pending. Quick instructions: Set PORTAGE_GPG_KEY="0xLONG-GPG-KEY" in your make.conf $ git config user.signingkey 0xLONG-GPG-KEY $ git clone git+ssh://git@git.gentoo.org/repo/gentoo.git $ vim ... $ repoman commit -m '...' [2] $ git push --signed (some time later, when you have local unpushed commits you want to rebase instead of merging) $ git pull --rebase -S $ vim ... $ repoman commit -m '...' $ git push --signed (some time later, when you have a local branch you want to merge) $ git merge -S some-branch $ git push --signed [1] The keys as they are in LDAP right now have been used. If you need to change your key, please ping infra as well, so I can update the temporary setup. $ ldapsearch 'gentooStatus=active' gpgfingerprint -Z -LLL \ |grep gpgfingerprint |cut -d: -f2- |tr -d ' ' \ |grep -v 'undefined' | xargs gpg --recv [2] If you commit directly with "git commit" you MUST pass -S (and ideally -s). -- Robin Hugh Johnson Gentoo Linux: Developer, Infrastructure Lead E-Mail : robbat2@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85