Bug 265835
| Summary: | [NEW PORT] security/py-ssh-import-id: Authorize SSH public keys from trusted online identities | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Seyed Pouria Mousavizadeh Tehrani <p.mousavizadeh> | ||||||||||||||
| Component: | Individual Port(s) | Assignee: | Robert Clausecker <fuz> | ||||||||||||||
| Status: | Closed FIXED | ||||||||||||||||
| Severity: | Affects Only Me | CC: | eduardo, fuz, p.mousavizadeh, pyrus, python | ||||||||||||||
| Priority: | --- | Keywords: | feature | ||||||||||||||
| Version: | Latest | Flags: | p.mousavizadeh:
maintainer-feedback+
p.mousavizadeh: maintainer-feedback+ |
||||||||||||||
| Hardware: | Any | ||||||||||||||||
| OS: | Any | ||||||||||||||||
| URL: | https://launchpad.net/ssh-import-id | ||||||||||||||||
| Attachments: |
|
||||||||||||||||
|
Description
Seyed Pouria Mousavizadeh Tehrani
2022-08-14 13:54:51 UTC
Thank you for creating a FreeBSD Port Sayed Review items: * Add LICENSE_FILE if one is shipped with the distfile. If one isn't provided, ask upstream to add one, and just add a `#LICENSE_FILE=Not shipped in PyPI sdist` in the comment for future reviewers/reminder to yourself and others. * USES=python:<version-spec> should be used declaratively, not imperatively, to declare what version of Python a package supports (not which one to 'use'). This is usually declared as a python_requires version spec in setup.py or similar. If not there, one can usually find a supported versions declaration in documentation, or use the versions upstream tests against in CI. Closest I could find is a reference [1] saying versions > 2.6, which may or may not be the case actually. In these circumstances, the best method is to include TEST_DEPENDS and a (do-)test: target in the prot to run the package test suite, and verify the tests pass for the Python versions allowed by USES=python:<version-spec>. Ultimately this should be explicitly declared upstream, so ask upstream to declare that (in python setup and CI files to match). * Python packages that ship files in shared, non-versioned locations (like /usr/local/bin) should be made USE_PYTHON=concurrent safe. This makes it possible for multiple versions of the package install'able concurrently, without filenames conflicting. In most cases this takes the form on 'scripts=' and/or 'console_scripts' in setup.py, as this project does [2] * The package delcares a run time (install_requires) dependency on the 'distro' package [3], but this dependency is not declared in the port * You'll want to confirm the port passed QA (with portlint and poudriere at least). See the following for instructions: https://docs.freebsd.org/en/books/porters-handbook/testing/ If you need help getting this setup, we have #freebsd-ports on Libera Chat IRC, or the #ports channel on our FreeBSD Discord where you can get support :) [1] https://git.launchpad.net/ssh-import-id/tree/README.md [2] https://git.launchpad.net/ssh-import-id/tree/setup.py#n53 [2] https://git.launchpad.net/ssh-import-id/tree/setup.py#n56 [3] https://git.launchpad.net/ssh-import-id/tree/setup.py#n54: install_requires=["distro"] Additionally: * Wrap pkg-descr lines at 72-75 characters Created attachment 237259 [details]
ssh-import-id shar file
Changes:
Makefile:
USES is now declarative.
USE_PYTHON: concurrent added.
RUN_DEPENDS: distro added.
PLIST_FILES: Removed in favor of distutils.
#LICENSE_FILE=Not shipped in PyPI sdist
pkg-descr:
each line is now under 80 characters.
Test:
porttools: looks fine.
portlint: looks fine.
portfmt: looks fine.
Created attachment 237260 [details]
Poudriere Logs
Poudriere is fine too.
An issue for the LICENSE file created on the upstream project: https://bugs.launchpad.net/ssh-import-id/+bug/1992842 Created attachment 237384 [details]
ssh-import-id shar file
Add #LICENSE_FILE=Not shipped in PyPI sdist to the shar file.
Created attachment 237385 [details]
ssh-import-id shar file
Improvement on pkg-descr.
Add the reference issue on LICENSE_FILE.
Created attachment 237386 [details]
ssh-import-id shar file
Replaced python:2.6+ to python.
Looks good! A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=d24b8053f7906b948f5bf28aa9816ccbfde1b469 commit d24b8053f7906b948f5bf28aa9816ccbfde1b469 Author: Seyed Pouria Mousavizadeh Tehrani <p.mousavizadeh@protonmail.com> AuthorDate: 2023-02-16 21:06:31 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-02-20 23:36:35 +0000 security/ssh-import-id: new port You're logged onto a cloud instance working on a problem with your fellow devs, and you want to invite them to log in and take a look at these crazy log messages. What to do? Oh. You have to ask them to cat their public SSH key, paste it into IRC (wait, no, it's id_rsa.pub, not id_rsa silly!) then you copy it and cat it to the end of authorized_hosts. That's where ssh-import-id comes in. With ssh-import-id, you can add the public SSH keys from a known, trusted online identity to grant SSH access. Currently supported identities include Github and Launchpad. WWW: https://git.launchpad.net/ssh-import-id Submitter is first time maintainer. PR: 265835 Approved by: flo (mentor) Differential Revision: https://reviews.freebsd.org/D38681 security/Makefile | 1 + security/ssh-import-id/Makefile (new) | 20 ++++++++++++++++++++ security/ssh-import-id/distinfo (new) | 3 +++ security/ssh-import-id/pkg-descr (new) | 13 +++++++++++++ 4 files changed, 37 insertions(+) Thank you for your contribution. |
