We show how to use the tla GNU Arch implementation to cooperate on a project, using one central shared archive.
We are using a tla 1.3.5 Debian package. The tla package doesn't need to be installed on the machine hosting the shared archive. In this setup, only an ssh daemon is needed there.
Our workstation is called "nagy". The machine hosting the shared archive is called "brouwer". We have an ssh login on that machine.
See The GNU Arch Wiki and the document arch Meets hello world for information on GNU Arch and tla.
tla remembers your id, your archives and your default archive. You can tell tla to forget about these things. Here's how to set, query and tell tla to forget about these things.
joostvb@nagy:~% tla my-id 'Joost van Baal <joostvb@example.org>' joostvb@nagy:~% tla my-id joostvb@nagy:~% rm ~/.arch-params/=id joostvb@nagy:~% tla archives joostvb@nagy:~% tla register-archive --delete logreport@example.org--2007-logreport-private joostvb@nagy:~% tla my-default-archive logreport@example.org--2007-logreport-private joostvb@nagy:~% tla my-default-archive --delete
The file joostvb@nagy:.arch-params/signing/=default.check (or, if you like to affect the handling of the archive logreport@example.org--2007-logreport-private only, ~/.arch-params/signing/logreport@example.org--2007-logreport-private.check), should contain
tla-gpg-check gpg_command="gpg --verify-files -"
See tla-gpg-check(1)
If you'd like to PGP sign your own patches, the file joostvb@nagy:.arch-params/signing/=default (or, if you like to affect the handling of the archive joostvb@example.org--2007-logreport-private only, ~/.arch-params/signing/joostvb@example.org--2007-logreport-private), should contain
gpg --clearsign --use-agent
See also The GNU Arch Wiki on Signing Archives.
We'll create a dedicated keypair for keeping the archive synced, using ssh.
joostvb@nagy:~% ssh-keygen -t rsa -C 'joostvb@nagy, key for arch.logreport.org' [...] Enter file in which to save the key (/home/joostvb/.ssh/id_rsa): /home/joostvb/.ssh/id_rsa-arch.logreport.org Enter passphrase (empty for no passphrase):ยท
Create the file brouwer:/projects/logreport/bin/sftp-wrapper with contents:
#!/bin/sh umask 002 exec /usr/lib/sftp-server "$@"
See also The GNU Arch Wiki on Centralized Development by Colin Walters e.a.
Now, copy nagy:.ssh/id_rsa-arch.logreport.org.pub to brouwer:.ssh/authorized_keys, with a prefix; the line should look like:
command=/projects/logreport/bin/sftp-wrapper ssh-rsa AAAAB3NzaC1yc2[...]lC+NeONz7bQ== joostvb@nagy.example.org, key for arch.logreport.org
While the file nagy:.ssh/config should have a stanza:
Host arch.logreport.org
IdentityFile ~/.ssh/id_rsa-arch.logreport.org
joostvb@nagy:~% tla my-id 'Joost van Baal <joostvb@example.org>'
joostvb@nagy:~% mkdir ~\{archives\}
joostvb@nagy:~% tla register-archive logreport@example.org--2007-logreport-private sftp://arch.logreport.org/projects/logreport/archives/2007-logreport-private
joostvb@nagy:~% tla make-archive --mirror logreport@example.org--2007-logreport-private ~/\{archives\}/2007-logreport-private
Now fetch a mirror from the archive. All PGP signatures will get verified.
joostvb@nagy:~/arch% tla get logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1 logreport@example.org-logreport-private
Make sure your tla id is set up OK. Then run:
joostvb@nagy:~% tla make-archive --signed joostvb@example.org--2007-logreport-private ~/\{archives\}/2007-logreport-private-joostvb
joostvb@nagy:~% tla my-default-archive joostvb@example.org--2007-logreport-private
Now copy the shared archive to your own archive. This takes a while: all PGP signatures get checked, and you'll be asked to make a signature yourself twice.
joostvb@nagy:~% tla tag --setup logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1 joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1 [...] * creating version joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1 gpg: Signature made Sat 05 May 2007 03:47:59 PM CEST using RSA key ID 24525E9E gpg: Good signature from "Joost E. van Baal (Nederland, 1970)" [...] * Archive caching revision [...] * from import revision: logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--base-0 * patching for revision: logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-1 * patching for revision: logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-2 * patching for revision: logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-3 [...] * patching for revision: logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-1087 * patching for revision: joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--base-0 [...] * Made cached revision of joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--base-0
Now get a working copy of this archive. The 2 signatures you've just made will get checked.
joostvb@nagy:~/arch% tla get joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1 ./joostvb@example.org-logreport-private [...] * from archive cached: joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--base-0 * making pristine copy * tree version set joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1
joostvb@nagy:~/ar...report-private/hibou/doc% vim hibou-rip.txt joostvb@nagy:~/ar...report-private/hibou/doc% tla add hibou-rip.txt joostvb@nagy:~/ar...report-private/hibou/doc% tla commit * no log found, creating one automatically * (Use "tla make-log" to create a log file.) A hibou/doc/.arch-ids/hibou-rip.txt.id A hibou/doc/hibou-rip.txt You need a passphrase to unlock the secret key for user: "Joost E. van Baal (Nederland, 1970)" 4096-bit RSA key, ID 24525E9E, created 2005-10-12 (main key ID 0B86B067) * update pristine tree (joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--base-0 => logreport-private--mainline--0.1--patch-1) * committed joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-1
On each commit, or after some commits, you should sync your local archive with your mirror of the shared archive.
First, bring the two working copies in sync:
joostvb@nagy:~/arch/logreport@example.org-logreport-private% tla update
joostvb@nagy:~/arch/logreport@example.org-logreport-private% tla star-merge joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1
* star-merge by delta(logreport@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-1087,joostvb@example.org--2007-logreport-private/logreport-private--mainline--0.1--patch-1)[/home/joostvb/arch/logreport@example.org-logreport-private]
* applying changeset
A/ {arch}/logreport-private/logreport-private--mainline/logreport-private--mainline--0.1/joostvb@example.org--2007-logreport-private
A/ {arch}/logreport-private/logreport-private--mainline/logreport-private--mainline--0.1/joostvb@example.org--2007-logreport-private/patch-log
A hibou/doc/.arch-ids/hibou-rip.txt.id
A hibou/doc/hibou-rip.txt
A {arch}/logreport-private/logreport-private--mainline/logreport-private--mainline--0.1/joostvb@example.org--2007-logreport-private/patch-log/base-0
A {arch}/logreport-private/logreport-private--mainline/logreport-private--mainline--0.1/joostvb@example.org--2007-logreport-private/patch-log/patch-1
Now resync with your mirror archive and with the master shared archive (you get asked for for commit-message and passphrase)
joostvb@nagy:~/arch/logreport@example.org-logreport-private% tla commit
Did this commit get in the archive? Yes it did: in brouwer:/projects/logreport/archives/2007-logreport-private/logreport-private--mainline--0.1/ we have:
drwxrws--- 2 joostvb logreport 4096 May 5 17:06 patch-1085/ drwxrws--- 2 joostvb logreport 4096 May 5 17:06 patch-1086/ drwxrws--- 3 joostvb logreport 4096 May 6 13:18 patch-1088/ drwxrws--- 2 joostvb logreport 4096 May 6 13:18 patch-1087/
$Id: using-a-shared-archive-with-gnu-arch.html 1231 2007-08-22 10:07:07Z joostvb $, $URL: svn+ssh://agate.conuropsis.org/home/users/joostvb/srv/svn/www.mdcc.cx/trunk/mdcc.cx/gnu-arch/using-a-shared-archive-with-gnu-arch.html $
Copyright 2007 Joost van Baal, and likely lots of people who've contributed to the The GNU Arch Wiki too.
This document is free; you can redistribute it and/or modify it under the terms of version 2 of the GNU General Public License as published by the Free Software Foundation.