0

I have a small group of developers and we all develop on our own machines. When we have code that is ready for testing, we merge and push to a RhodeCode installation. The hgrc file for my central RhodeCode repo is set up like this:

[paths]
test_env = /www/mysite/test
prod_env = /www/mysite/prod
[hooks]
changegroup = hg push test_env

so when a person checks code into RhodeCode, the changes are automatically pushed to the test environment. (There's a hg update in the test repo hgrc file, so the code updates there). This is perfect.

BUT.. I would like our RhodeCode admins to be able to push to prod without needing shell access on the server. Is there a way to allow someone to run a "hg push prod_env" from the RhodeCode interface? I figure since RhodeCode has full control over hg, it should be possible, but does this ability exists somewhere in RhodeCode? would it be a huge task to add it?

If not, how would you go about allowing an authenticated user to push a repository to production without shell access? I have been googling, but I can't seem to find anything. I know I could write a php script with a passthru("hg push test_env), but that seems like a permissions nightmare as apache runs as "nobody" and rhodecode owns the repo.

Thoughts?

whiteatom
  • 1,456
  • 2
  • 14
  • 33
  • You would have better luck posting directly on the owner of the project's issue tracker: https://bitbucket.org/marcinkuzminski/rhodecode/issues?status=new&status=open – Blaskovicz Nov 08 '12 at 02:19
  • I had done that and not gotten a response... hence coming here. They have since told me there are scripting controls being added. – whiteatom Nov 09 '12 at 17:35
  • You could also try going to #rhodecode irc on freenode; I've had good luck there. – Blaskovicz Nov 10 '12 at 18:25

2 Answers2

1

Obviously, you cannot push nothing. But you can try to add or edit some file from the RhodeCode interface (which allows this to do) at the prod_env. This should cause local commit and push without accessing a shell.

ScayTrase
  • 1,810
  • 23
  • 36
0

For those looking at this question, here's how I solved it:

Wrote a passworded page in PHP with a button that executes this code:

shell_exec('hg pull -R ../wp-content/themes/2014');

I then put hg update in the hgrc file for the prod website, and made the web user and authorized user of the repository.

It works pretty good - i have slight security concerns because of the resulting file ownership, but assuming the PHP follows proper practice, there aren't any problems.

whiteatom
  • 1,456
  • 2
  • 14
  • 33