Split-git?
46 views
Skip to first unread message
Elias Mårtenson
Feb 17, 2018, 4:44:40 AM2/17/18
to qubes-devel
Has anyone considered implementing split-git? The idea being that you'd have a custom git protocol that forwards requests over qrexec to a git repository on a different vm.
The reading I started thinking about it is that I have a vm for Keybase, and I'm using the keybase git provider for some private repositories. It would be nice to be able to work with those repositories from a vm which does not have Keybase installed.
I can also envision other usecases for a split-git implementation.
I have started working on a proof-of-concept but I'm nowhere near anything that works yet. That's why I'm asking here if anyone else have worked on the same thing, before spending more time on it.
Regards,
Elias
Marek Marczykowski-Górecki
Feb 17, 2018, 10:01:32 AM2/17/18
to Elias Mårtenson, Wojciech Porczyk, qubes-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
There are one and a half existing implementations of similar feature:
1. Running plain git protocol over qrexec: https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms
- there is no validation of the protocol itself, only some policy for
repository access (hardcoded into the script)
2. Wojtek tried something similar to your idea - forwarding specific
requests over qrexec (at git object level), with data validation before
passing it to git. AFAIK this is in very early stage and very limited
scope (pushing one signed tag + dependencies?).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlqIQ6oACgkQ24/THMrX
1yzaFQf9GuzdD0lfNMpFXOAYrDH89W8ucambj7LywHvVRpb0kO8CpDDFyDd8xGuu
ShErP1UKtE234fAGQ2PdBh1PocURnDb2GzANhh8lREPiwJFjQTvc96i3iQ8LF/zD
4d7IzHHjlg9IkGu9+3wbSjd8bWFizrpos861TFqsOngAwLMUgRfh+kmJcYpewaj1
faVrSE6uL9Xt0GUAfxlinx87gwSh7d4BEw/XxSCxhbzLlgXv/yqb/PhOACWdRIPZ
WjKeoI9QPZw4FQpLJjuELNxmS1b5klZji6P0QwW4lNI6WlVVWFF98DCM0/UYWxnq
V4c6iJ/nwYugUVCHbt9YrTg2WmwFXw==
=kzWI
-----END PGP SIGNATURE-----
Hash: SHA256
1. Running plain git protocol over qrexec: https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms
- there is no validation of the protocol itself, only some policy for
repository access (hardcoded into the script)
2. Wojtek tried something similar to your idea - forwarding specific
requests over qrexec (at git object level), with data validation before
passing it to git. AFAIK this is in very early stage and very limited
scope (pushing one signed tag + dependencies?).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlqIQ6oACgkQ24/THMrX
1yzaFQf9GuzdD0lfNMpFXOAYrDH89W8ucambj7LywHvVRpb0kO8CpDDFyDd8xGuu
ShErP1UKtE234fAGQ2PdBh1PocURnDb2GzANhh8lREPiwJFjQTvc96i3iQ8LF/zD
4d7IzHHjlg9IkGu9+3wbSjd8bWFizrpos861TFqsOngAwLMUgRfh+kmJcYpewaj1
faVrSE6uL9Xt0GUAfxlinx87gwSh7d4BEw/XxSCxhbzLlgXv/yqb/PhOACWdRIPZ
WjKeoI9QPZw4FQpLJjuELNxmS1b5klZji6P0QwW4lNI6WlVVWFF98DCM0/UYWxnq
V4c6iJ/nwYugUVCHbt9YrTg2WmwFXw==
=kzWI
-----END PGP SIGNATURE-----
viq
Feb 18, 2018, 5:29:54 AM2/18/18
to qubes...@googlegroups.com
On 17 Feb 2018 10:44 a.m., "Elias Mårtenson" <lok...@gmail.com> wrote:
Has anyone considered implementing split-git? The idea being that you'd have a custom git protocol that forwards requests over qrexec to a git repository on a different vm.
The reading I started thinking about it is that I have a vm for Keybase, and I'm using the keybase git provider for some private repositories. It would be nice to be able to work with those repositories from a vm which does not have Keybase installed.
I can also envision other usecases for a split-git implementation.
One that comes to my mind is having nice editor and versioning available for salt states for managing your system, without having to put those in dom0.
Wojtek Porczyk
Feb 19, 2018, 12:01:33 PM2/19/18
to Marek Marczykowski-Górecki, Elias Mårtenson, qubes-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Sat, Feb 17, 2018 at 04:01:06PM +0100, Marek Marczykowski-Górecki wrote:
> On Sat, Feb 17, 2018 at 01:44:40AM -0800, Elias Mårtenson wrote:
> > Has anyone considered implementing split-git? The idea being that you'd have a custom git protocol that forwards requests over qrexec to a git repository on a different vm.
> >
> > The reading I started thinking about it is that I have a vm for Keybase, and I'm using the keybase git provider for some private repositories. It would be nice to be able to work with those repositories from a vm which does not have Keybase installed.
> >
> > I can also envision other usecases for a split-git implementation.
> >
> > I have started working on a proof-of-concept but I'm nowhere near anything that works yet. That's why I'm asking here if anyone else have worked on the same thing, before spending more time on it.
>
> There are one and a half existing implementations of similar feature:
>
> 1. Running plain git protocol over qrexec: https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms
> - there is no validation of the protocol itself, only some policy for
> repository access (hardcoded into the script)
>
> 2. Wojtek tried something similar to your idea - forwarding specific
> requests over qrexec (at git object level), with data validation before
> passing it to git. AFAIK this is in very early stage and very limited
> scope (pushing one signed tag + dependencies?).
This is my take: https://github.com/woju/qubes-app-split-git
> On Sat, Feb 17, 2018 at 01:44:40AM -0800, Elias Mårtenson wrote:
> > Has anyone considered implementing split-git? The idea being that you'd have a custom git protocol that forwards requests over qrexec to a git repository on a different vm.
> >
> > The reading I started thinking about it is that I have a vm for Keybase, and I'm using the keybase git provider for some private repositories. It would be nice to be able to work with those repositories from a vm which does not have Keybase installed.
> >
> > I can also envision other usecases for a split-git implementation.
> >
> > I have started working on a proof-of-concept but I'm nowhere near anything that works yet. That's why I'm asking here if anyone else have worked on the same thing, before spending more time on it.
>
> There are one and a half existing implementations of similar feature:
>
> 1. Running plain git protocol over qrexec: https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms
> - there is no validation of the protocol itself, only some policy for
> repository access (hardcoded into the script)
>
> 2. Wojtek tried something similar to your idea - forwarding specific
> requests over qrexec (at git object level), with data validation before
> passing it to git. AFAIK this is in very early stage and very limited
> scope (pushing one signed tag + dependencies?).
After first consulting with Marek I was under impression that this may not be
that useful, but if you ask, I'm happy to share.
It mostly works, but has purposefuly limited functionality. It fetches one
tag. The tag has to be signed and the rest of the objects (the commit the tag
points to, its tree and recursively any blobs and trees) are verified based on
their SHA1. You can't fetch branches nor any other refs, but you can fetch tag
and fast-forward an existing branch to it. Any objects are verified in memory
before writing them to .git/objects.
gpg --no-default-keyring --keyring gittrust.kpx --import < trustedpubkey.asc
git remote add origin qrexec://remoteqube/repo.git?keyring=gittrust.kbx
# the first time
git fetch origin tag v1.0
git checkout -b master v1.0
# after some time
git fetch origin tag v1.1
git merge --ff-only v1.1
I'll probably write some README to cover installation.
Marek is right that this is very early stage, so bugs are very much expected.
- --
pozdrawiam / best regards _.-._
Wojtek Porczyk .-^' '^-.
Invisible Things Lab |'-.-^-.-'|
| | | |
I do not fear computers, | '-.-' |
I fear lack of them. '-._ : ,-'
-- Isaac Asimov `^-^-_>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJaiwLeAAoJEL9r2TIQOiNR0rIQAJM2AEt5Fp+2f6gWoMDlcKIl
+jhxQ/Yky00Y1O4OBL27ZrtfSE3A1Iy5U2bzTrW/gXbWqF31PTo/Jjq6gplL/dLF
ir+jX3OhnsQumlNIc3Uqrq8TqNYI8mkezF7MOlwDFExcOKYQJfOJdjZFtNoUbwc5
nHJlB4LZhinCv3fPJ2qBWOz8fHJ+KUtOpqfxSTGG6apz+fdmRmk/r7KC6bQEzsh8
kBtGTDc9JcKI3TFncwc/KYnzUWU3mGe9nGvCwHd+6Xhsk4wmnOL0Q7emmnbt72mw
Xa4QNUb0HKwoI0QboXmdQxQ1wlBDZG5B96N24p2v68HyLVsk+O4ZM0HB94aN8njH
Ip5oQaHDod2cifCvwYmyBu6qYjEjKY1q3dC3vRQGBKDBmOQ1y8O9bw3aWFP6V4Ne
TI5UBuL3+5hdvy7CL5bGmHditvR3LPe8+DxBjSdEklufR6EQOquxgiMlp7DY4tQg
v6NeXtJR+hc7xLvhk55DhhkGuFHvkZCfqko0eDe4KQ0nAmK6DKlSv10747BTAdmQ
8kVUQbyJovjy1ejlHwrwgeM8lrjKyDABNsh9d4zHR7Ozz7zRXU1dujYn370k9agR
WgUe+4wl3bpMQlhCOPsQvV3CdkG6hQhaC0lJb1jeGd06UCzAe6UCKHEWIBAbkNes
I3pqLtjgsqeWmW9RwK8V
=Q3LW
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages