From 4d2942edc26e7cd144a3178a1a7f6470ea401345 Mon Sep 17 00:00:00 2001
From: Eric Hayes <eric@inflection.com>
Date: Fri, 29 Jun 2012 02:50:12 -0700
Subject: Run git operations as a specific user (puppetlabs ticket 4773), added
 ssh options to ensure no prompting (also fixed in pull request #1 by
 riseuplabs), added ability to keep repository up to date with latest
 (puppetlabs ticket 11278)

---
 lib/puppet/provider/vcsrepo/git.rb | 12 ++++++++----
 lib/puppet/type/vcsrepo.rb         |  9 +++++++++
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/lib/puppet/provider/vcsrepo/git.rb b/lib/puppet/provider/vcsrepo/git.rb
index 5febce2..afd9963 100644
--- a/lib/puppet/provider/vcsrepo/git.rb
+++ b/lib/puppet/provider/vcsrepo/git.rb
@@ -4,9 +4,10 @@ Puppet::Type.type(:vcsrepo).provide(:git, :parent => Puppet::Provider::Vcsrepo)
   desc "Supports Git repositories"
 
   ##TODO modify the commands below so that the su - is included
-  optional_commands :git => 'git'
+  optional_commands :git => 'git',
+                    :su => 'su'
   defaultfor :git => :exists
-  has_features :bare_repositories, :reference_tracking, :ssh_identity, :multiple_remotes
+  has_features :bare_repositories, :reference_tracking, :ssh_identity, :multiple_remotes, :user
 
   def create
     if !@resource.value(:source)
@@ -95,7 +96,8 @@ Puppet::Type.type(:vcsrepo).provide(:git, :parent => Puppet::Provider::Vcsrepo)
 
   def update_references
     at_path do
-      git_with_identity('fetch', '--tags', @resource.value(:remote))
+      checkout
+      git_with_identity('pull', @resource.value(:remote))
       update_owner_and_excludes
     end
   end
@@ -278,7 +280,7 @@ Puppet::Type.type(:vcsrepo).provide(:git, :parent => Puppet::Provider::Vcsrepo)
     if @resource.value(:identity)
       Tempfile.open('git-helper') do |f|
         f.puts '#!/bin/sh'
-        f.puts "exec ssh -i #{@resource.value(:identity)} $*"
+        f.puts "exec ssh -oStrictHostKeyChecking=no -oPasswordAuthentication=no -oKbdInteractiveAuthentication=no -oChallengeResponseAuthentication=no -i #{@resource.value(:identity)} $*"
         f.close
 
         FileUtils.chmod(0755, f.path)
@@ -291,6 +293,8 @@ Puppet::Type.type(:vcsrepo).provide(:git, :parent => Puppet::Provider::Vcsrepo)
 
         return ret
       end
+    elsif @resource.value(:user)
+      su(@resource.value(:user), '-c', "git #{args.join(' ')}" )
     else
       git(*args)
     end
diff --git a/lib/puppet/type/vcsrepo.rb b/lib/puppet/type/vcsrepo.rb
index 231ce93..352f439 100644
--- a/lib/puppet/type/vcsrepo.rb
+++ b/lib/puppet/type/vcsrepo.rb
@@ -21,6 +21,9 @@ Puppet::Type.newtype(:vcsrepo) do
 
   feature :ssh_identity,
           "The provider supports a configurable SSH identity file"
+          
+  feature :user,
+          "The provider can run as a different user"
 
   feature :modules,
           "The repository contains modules that can be chosen of"
@@ -49,6 +52,7 @@ Puppet::Type.newtype(:vcsrepo) do
     end
 
     newvalue :present do
+      notice "Creating repository from present"
       provider.create
     end
 
@@ -75,6 +79,7 @@ Puppet::Type.newtype(:vcsrepo) do
         notice "Updating to latest '#{reference}' revision"
         provider.revision = reference
       else
+        notice "Creating repository from latest"
         provider.create
       end
     end
@@ -128,6 +133,10 @@ Puppet::Type.newtype(:vcsrepo) do
     desc "The group/gid that owns the repository files"
   end
 
+  newparam :user do
+    desc "The user to run for repository operations"
+  end
+
   newparam :excludes do
     desc "Files to be excluded from the repository"
   end
-- 
cgit v1.2.3