hg-ssh: reject push earlier (on pretxnopen)
We now have a lock triggered for any transaction. We use it to ensure no-read
are made in read-only mode. We need more that just "no changegroup is added",
since bundle2 allows for more than just changegroup to be exchanged. We still
protect pushkey as it may write data without opening a transaction.
#!/bin/bash -e
. $(dirname $0)/dockerlib.sh
BUILDDIR=$(dirname $0)
export ROOTDIR=$(cd $BUILDDIR/..; pwd)
checkdocker
PLATFORM="$1"
shift # extra params are passed to buildrpm
initcontainer $PLATFORM
RPMBUILDDIR=$ROOTDIR/packages/$PLATFORM
contrib/buildrpm --rpmbuilddir $RPMBUILDDIR --prepare $*
DSHARED=/mnt/shared
$DOCKER run -u $DBUILDUSER --rm -v $RPMBUILDDIR:$DSHARED $CONTAINER \
rpmbuild --define "_topdir $DSHARED" -ba $DSHARED/SPECS/mercurial.spec --clean
$DOCKER run -u $DBUILDUSER --rm -v $RPMBUILDDIR:$DSHARED $CONTAINER \
createrepo $DSHARED
cat << EOF > $RPMBUILDDIR/mercurial.repo
# Place this file in /etc/yum.repos.d/mercurial.repo
[mercurial]
name=Mercurial packages for $PLATFORM
# baseurl=file://$RPMBUILDDIR/
baseurl=http://hg.example.com/build/$PLATFORM/
skip_if_unavailable=True
gpgcheck=0
enabled=1
EOF
echo
echo "Build complete - results can be found in $RPMBUILDDIR"