upstream/mercurial-mirror Files · contrib/hg-ssh

packaging: add support for PyOxidizer...

packaging: add support for PyOxidizer I've successfully built Mercurial on the development tip of PyOxidizer on Linux and Windows. It mostly "just works" on Linux. Windows is a bit more finicky. In-memory resource files are probably not all working correctly due to bugs in PyOxidizer's naming of modules. PyOxidizer now now supports installing files next to the produced binary. (We do this for templates in the added file.) So a workaround should be available. Also, since the last time I submitted support for PyOxidizer, PyOxidizer gained the ability to auto-generate Rust projects to build executables. So we don't need to worry about vendoring any Rust code to initially support PyOxidizer. However, at some point we will likely want to write our own command line driver that embeds a Python interpreter via PyOxidizer so we can run Rust code outside the confines of a Python interpreter. But that will be a follow-up. I would also like to add packaging.py CLI commands to build PyOxidizer distributions. This can come later, if ever. PyOxidizer's new "targets" feature makes it really easy to define packaging tasks in its Starlark configuration file. While not much is implemented yet, eventually we should be able to produce MSIs, etc using a `pyoxidizer build` one-liner. We'll get there... Differential Revision: https://phab.mercurial-scm.org/D7450

Gregory Szorc - - Load All Authors

File last commit:

r44058:99e231af default


                r44697:281b6690

default

Download file

             hg-ssh
        
                    111 lines
            
             | 3.2 KiB
            
                | text/plain
            
             |
                TextLexer

/ contrib / hg-ssh

History | Annotation | Raw |Copy content |Copy permalink

				#!/usr/bin/env python
				#
				# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
				#
				# Author(s):
				# Thomas Arendsen Hein <thomas@intevation.de>
				#
				# This software may be used and distributed according to the terms of the
				# GNU General Public License version 2 or any later version.

				"""
				hg-ssh - a wrapper for ssh access to a limited set of mercurial repos

				To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
				command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
				(probably together with these other useful options:
				no-port-forwarding,no-X11-forwarding,no-agent-forwarding)

				This allows pull/push over ssh from/to the repositories given as arguments.

				If all your repositories are subdirectories of a common directory, you can
				allow shorter paths with:
				command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"

				You can use pattern matching of your normal shell, e.g.:
				command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"

				You can also add a --read-only flag to allow read-only access to a key, e.g.:
				command="hg-ssh --read-only repos/*"
				"""
				from __future__ import absolute_import

				import os
				import shlex
				import sys

				# enable importing on demand to reduce startup time
				import hgdemandimport

				hgdemandimport.enable()

				from mercurial import (
				dispatch,
				pycompat,
				ui as uimod,
				)


				def main():
				# Prevent insertion/deletion of CRs
				dispatch.initstdio()

				cwd = os.getcwd()
				readonly = False
				args = sys.argv[1:]
				while len(args):
				if args[0] == '--read-only':
				readonly = True
				args.pop(0)
				else:
				break
				allowed_paths = [
				os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
				for path in args
				]
				orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
				try:
				cmdargv = shlex.split(orig_cmd)
				except ValueError as e:
				sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e))
				sys.exit(255)

				if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']:
				path = cmdargv[2]
				repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
				if repo in allowed_paths:
				cmd = [b'-R', pycompat.fsencode(repo), b'serve', b'--stdio']
				req = dispatch.request(cmd)
				if readonly:
				if not req.ui:
				req.ui = uimod.ui.load()
				req.ui.setconfig(
				b'hooks',
				b'pretxnopen.hg-ssh',
				b'python:__main__.rejectpush',
				b'hg-ssh',
				)
				req.ui.setconfig(
				b'hooks',
				b'prepushkey.hg-ssh',
				b'python:__main__.rejectpush',
				b'hg-ssh',
				)
				dispatch.dispatch(req)
				else:
				sys.stderr.write('Illegal repository "%s"\n' % repo)
				sys.exit(255)
				else:
				sys.stderr.write('Illegal command "%s"\n' % orig_cmd)
				sys.exit(255)


				def rejectpush(ui, **kwargs):
				ui.warn((b"Permission denied\n"))
				# mercurial hooks use unix process conventions for hook return values
				# so a truthy return means failure
				return True


				if __name__ == '__main__':
				main()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages