README.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118


 # Git Configuration Management Plugin for Gerrit

 ![Gerrit Version](https://img.shields.io/badge/Gerrit-3.8%2B-brightgreen)
 ![License](https://img.shields.io/badge/License-Apache%202.0-blue)

 A Gerrit plugin that provides web UI and REST API for managing Git configuration files at both global and repository levels.

 ## Features

 - **Dual Configuration Management**:
   - Global `~/.gitconfig` management
   - Repository-specific `.git/config` management
 - **Web UI Features**:
   - Repository picker with search functionality
   - Validation of config sections, subsections, variables and values upon submit.
   - Logs usernames and changes for auditing.
 - **Security**:
   - Capability-based access control (`manageGitConfig` capability)
   - Input sanitization for repository names
   - Prevention of absolute paths and directory traversal
   - Automatic backup/restore on invalid configurations
 - **Validation**:
   - Section header validation
   - Variable format checking
   - Include path security checks
   - Line continuation validation
 - **API Support**:
   - REST endpoints for config retrieval/update
   - Base64-encoded payloads
   - Atomic writes with filesystem safety

## Installation

 1. **Build the plugin**:
    Requires building in-tree with Gerrit.

    `bazelisk build plugins/gerrit-plugin-gitconfig`

 2. Deploy to Gerrit:
    - Copy `target/gerrit-plugin-gitconfig.jar` to `review_site/plugins/gerrit-plugin-gitconfig`

## Testing:
`bazel test //plugins/gerrit-plugin-gitconfig:tests`


# Configuration
No configuration required.


# Usage

1. Access UI:
    - Navigate to Admin > Git Configuration in Gerrit Web UI
    - Toggle between Global/Repository views
2. Permissions:
    - Grant manageGitConfig capability to required groups via:

      `ssh -p 29418 admin@localhost gerrit set-capability manageGitConfig 'Group Administrators'`

 3 Editing:
    - Select repository from picker (or use Global view)
    - Modify configuration with real-time validation
    - Save changes with automatic syntax check
 4 Error Handling:
    - Invalid configurations show inline errors
    - Failed updates automatically roll back
    - Audit logs track all configuration changes


# API Documentation

## Get Configuration


 GET /a/config/server/gitconfig[?repo=<repository>]


Parameters:

 - repo: Optional repository name

Response:

 - Base64-encoded config content
 - Content-Type: text/plain

## Update Configuration


 PUT /config/server/gitconfig[?repo=<repository>]


Body:

 - Base64-encoded config content

Success:

 - 200 OK with success message

Errors:

 - 400 Bad Request: Invalid syntax/input
 - 404 Not Found: Repository not exists
 - 409 Conflict: Invalid config state after update


# Limitations

- Maximum config file size: 1000 lines
- UI requires modern browser (ES2015+ support)
- Nested includes not fully validated

---

Disclaimer: Use with caution on production systems. Always test configuration changes in staging environments first.