www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject @apache.org commit address requirement (Was: Git hosting is go)
Date Wed, 14 Dec 2011 13:19:52 GMT

The asfgit pre_receive hook currently checks that each commit being
pushed has its committer email (%ce) set to the @apache.org address of
one of committers of the respective project.

This seems too strict and makes it quite cumbersome to handle things
like pull requests where you'd want to take in incoming commits as-is
and just merge them to the main branch instead of rebasing or
rewriting the commits. We can't even rely on the %ce information being
correct since it's set on the client side.

Instead of this %ce check I'd leave the commit messages as-is and
rather augment the ref-updates.log with information about who pushed
each individual commit. That gives us a more reliable record for tying
individual changes to ICLAs than the %ce addresses in commit messages.

Alternatively, if we do want to include explicit and properly verified
ICLA references in the actual Git commit messages (instead of an
out-of-band mechanism like ref-updates.log), then I'd rather use
separate Signed-Off-By labels that the committer who pushes a set of
commits needs to add to each commit being pushed.

WDYT? I can make the changes if we can reach consensus on this.

[See below for the relevant context from callback-dev@]


Jukka Zitting

---------- Forwarded message ----------
From: Jukka Zitting <jukka.zitting@gmail.com>
Date: Wed, Dec 14, 2011 at 1:58 PM
Subject: Re: Git hosting is go
To: callback-dev@incubator.apache.org


On Wed, Dec 14, 2011 at 12:05 PM, Jukka Zitting <jukka.zitting@gmail.com> wrote:
> I'm not sure how strict the backend is about commits pulled from
> elsewhere. Ideally it should only record the currently authenticated
> user or at most require a Signed-Off-By entry from the committer who's
> pushing the commits. I'll see what I can find out.

The backend check that the committer (not author) address of each
commit being pushed is an @apache.org address of one of the committers
authorized to push to the repository.

Checking the committer address seems way too strict as it would
require breaking history on all pull requests from outside the core
development group. I'll bring this up on infra-dev@ [1], to see how we
could best address the issue.

[1] http://mail-archives.apache.org/mod_mbox/www-infrastructure-dev/


Jukka Zitting

View raw message