From 9d1445a69caff59ffbd39caf230a76898f33bf08 Mon Sep 17 00:00:00 2001
From: Thomas Steinbach <thomas.steinbach@aikq.de>
Date: Sun, 16 Sep 2018 14:10:06 +0000
Subject: [PATCH 1/4] test

---
 tasks/setup-clone.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/setup-clone.yml b/tasks/setup-clone.yml
index 264827b..5d47d0b 100644
--- a/tasks/setup-clone.yml
+++ b/tasks/setup-clone.yml
@@ -57,7 +57,7 @@
 
 - name: execute hook
   become: true
-  become_user: "{{ '#' + sourceDir.stat.uid }}"
+  become_user: "{{ '#' + (sourceDir.stat.uid | string) }}"
   command: ./custom_hooks/post-receive
   args:
     chdir: "{{ source_repository_path }}/{{ item.path_with_namespace }}.git"
-- 
GitLab


From c5dd4063bf95cc115c6e9e407026af96c948a06d Mon Sep 17 00:00:00 2001
From: Thomas Steinbach <thomas.steinbach@aikq.de>
Date: Sun, 16 Sep 2018 14:16:59 +0000
Subject: [PATCH 2/4] fixed permissions for git related files

---
 tasks/setup-clone.yml | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/tasks/setup-clone.yml b/tasks/setup-clone.yml
index 5d47d0b..a799a6e 100644
--- a/tasks/setup-clone.yml
+++ b/tasks/setup-clone.yml
@@ -32,18 +32,12 @@
   changed_when: "result.status == 201"
   failed_when: "result.status != 201 and 'name already exists on this account' not in result.content"
 
-- name: get owner and group of repository dir
-  become: true
-  stat:
-    path: "{{ source_repository_path }}/{{ item.path_with_namespace }}.git"
-  register: sourceDir
-
 - name: create custom_hooks directory
   become: true
   file:
     path: "{{ source_repository_path }}/{{ item.path_with_namespace }}.git/custom_hooks"
-    owner: "{{ sourceDir.stat.uid }}"
-    group: "{{ sourceDir.stat.gid }}"
+    owner: git
+    group: root
     state: directory
 
 - name: setup post-receive hook to push clone
@@ -51,13 +45,13 @@
   template:
     src: post-receive.j2
     dest: "{{ source_repository_path }}/{{ item.path_with_namespace }}.git/custom_hooks/post-receive"
-    owner: "{{ sourceDir.stat.uid }}"
-    group: "{{ sourceDir.stat.gid }}"
+    owner: git
+    group: root
     mode: 0750
 
 - name: execute hook
   become: true
-  become_user: "{{ '#' + (sourceDir.stat.uid | string) }}"
+  become_user: git
   command: ./custom_hooks/post-receive
   args:
     chdir: "{{ source_repository_path }}/{{ item.path_with_namespace }}.git"
-- 
GitLab


From ada13f8b1768597ed817101d82457fed6e166750 Mon Sep 17 00:00:00 2001
From: Thomas Steinbach <thomas.steinbach@aikq.de>
Date: Sun, 16 Sep 2018 14:21:27 +0000
Subject: [PATCH 3/4] fixed 'Exec format error' for hook

---
 templates/post-receive.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/post-receive.j2 b/templates/post-receive.j2
index 6e9f7f8..fa16f0e 100644
--- a/templates/post-receive.j2
+++ b/templates/post-receive.j2
@@ -1,3 +1,4 @@
+#!/bin/sh
 git push --prune git@gitlab.com:{{ gitlabcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
 {% if item.visibility is not defined or item.visibility == 'public' %}
 git push --prune git@github.com:{{ githubcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
-- 
GitLab


From 2830b49f89d037f701b729ce695bd217de6db9c5 Mon Sep 17 00:00:00 2001
From: Thomas Steinbach <thomas.steinbach@aikq.de>
Date: Sun, 16 Sep 2018 14:51:59 +0000
Subject: [PATCH 4/4] test

---
 tasks/main.yml            | 9 +++++++++
 templates/post-receive.j2 | 4 ++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index 7b8ab17..bba837c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,4 +1,13 @@
 ---
+- name: ensure git user has a private key for executing push hooks got gitlab.com and github.com
+  become: yes
+  openssl_privatekey:
+    path: /var/opt/gitlab/.ssh/id_rsa
+    size: 4096
+    type: RSA
+    owner: git
+    group: git
+
 - name: query users repositories where he is at least developer
   uri:
     url: "{{ SOURCE_GITLAB_URL }}/api/v4/projects?per_page={{ project_query_size }}&min_access_level=30"
diff --git a/templates/post-receive.j2 b/templates/post-receive.j2
index fa16f0e..040c927 100644
--- a/templates/post-receive.j2
+++ b/templates/post-receive.j2
@@ -1,5 +1,5 @@
 #!/bin/sh
-git push --prune git@gitlab.com:{{ gitlabcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
+/opt/gitlab/embedded/bin/git push --prune git@gitlab.com:{{ gitlabcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
 {% if item.visibility is not defined or item.visibility == 'public' %}
-git push --prune git@github.com:{{ githubcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
+/opt/gitlab/embedded/bin/git push --prune git@github.com:{{ githubcom_username }}/{{ item.namespace.name }}-{{ item.path }}.git +refs/heads/*:refs/heads/* +refs/tags/*:refs/tags/*
 {% endif %}
-- 
GitLab