upstream/mercurial-mirror Files · contrib/hg-ssh

packaging: support building WiX installers with PyOxidizer...

packaging: support building WiX installers with PyOxidizer We initially implemented PyOxidizer support for Inno installers. That did most of the heavy work of integrating PyOxidizer into the packaging system. Implementing WiX installer support was pretty straightforward. Aspects of this patch look very similar to Inno's. The main difference is the handling of the Visual C++ Redistributable Runtime files. The WiX installer was formerly using merge modules to install the VC++ 9.0 runtime because this feature is supported by the WiX installer (it isn't easily available to Inno installers). Our strategy for the runtime files is to install the vcruntime140.dll file next to hg.exe just like any other file. While we could leverage WiX's functionality for invoking a VCRedist installer, I don't want to deal with the complexity at this juncture. So, we let run_pyoxidizer() copy vcruntime140.dll into the staging directory (like it does for Inno) and our dynamic WiX XML generator picks it up as a regular file and installs it. We did, however, have to teach mercurial.wxs how to conditionally use the merge modules. But this was rather straightforward. Comparing the file layout of the WiX installers before and after: * Various lib/*.{pyd, dll} files no longer exist * python27.dll was replaced by python37.dll * vcruntime140.dll was added All these changes are expected due to the transition to Python 3 and to PyOxidizer, which embeded the .pyd and .dll files in hg.exe. Differential Revision: https://phab.mercurial-scm.org/D8477

Gregory Szorc - - Load All Authors

File last commit:

r44058:99e231af default


                r45274:234882d1

stable

Download file

             hg-ssh
        
                    111 lines
            
             | 3.2 KiB
            
                | text/plain
            
             |
                TextLexer

/ contrib / hg-ssh

History | Annotation | Raw |Copy content |Copy permalink

				#!/usr/bin/env python
				#
				# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
				#
				# Author(s):
				# Thomas Arendsen Hein <thomas@intevation.de>
				#
				# This software may be used and distributed according to the terms of the
				# GNU General Public License version 2 or any later version.

				"""
				hg-ssh - a wrapper for ssh access to a limited set of mercurial repos

				To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
				command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
				(probably together with these other useful options:
				no-port-forwarding,no-X11-forwarding,no-agent-forwarding)

				This allows pull/push over ssh from/to the repositories given as arguments.

				If all your repositories are subdirectories of a common directory, you can
				allow shorter paths with:
				command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"

				You can use pattern matching of your normal shell, e.g.:
				command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"

				You can also add a --read-only flag to allow read-only access to a key, e.g.:
				command="hg-ssh --read-only repos/*"
				"""
				from __future__ import absolute_import

				import os
				import shlex
				import sys

				# enable importing on demand to reduce startup time
				import hgdemandimport

				hgdemandimport.enable()

				from mercurial import (
				dispatch,
				pycompat,
				ui as uimod,
				)


				def main():
				# Prevent insertion/deletion of CRs
				dispatch.initstdio()

				cwd = os.getcwd()
				readonly = False
				args = sys.argv[1:]
				while len(args):
				if args[0] == '--read-only':
				readonly = True
				args.pop(0)
				else:
				break
				allowed_paths = [
				os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
				for path in args
				]
				orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
				try:
				cmdargv = shlex.split(orig_cmd)
				except ValueError as e:
				sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e))
				sys.exit(255)

				if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']:
				path = cmdargv[2]
				repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
				if repo in allowed_paths:
				cmd = [b'-R', pycompat.fsencode(repo), b'serve', b'--stdio']
				req = dispatch.request(cmd)
				if readonly:
				if not req.ui:
				req.ui = uimod.ui.load()
				req.ui.setconfig(
				b'hooks',
				b'pretxnopen.hg-ssh',
				b'python:__main__.rejectpush',
				b'hg-ssh',
				)
				req.ui.setconfig(
				b'hooks',
				b'prepushkey.hg-ssh',
				b'python:__main__.rejectpush',
				b'hg-ssh',
				)
				dispatch.dispatch(req)
				else:
				sys.stderr.write('Illegal repository "%s"\n' % repo)
				sys.exit(255)
				else:
				sys.stderr.write('Illegal command "%s"\n' % orig_cmd)
				sys.exit(255)


				def rejectpush(ui, **kwargs):
				ui.warn((b"Permission denied\n"))
				# mercurial hooks use unix process conventions for hook return values
				# so a truthy return means failure
				return True


				if __name__ == '__main__':
				main()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages