commit 87ba867c08225748c326fbc156bde18571721834
author Martin Polreich <polreichmartin@gmail.com> Wed Jun 19 11:39:31 2019 +0200
committer Martin Polreich <polreichmartin@gmail.com> Mon Jul 01 15:22:16 2019 +0200
tree 6a277ea5d5ee32d6965e180c7a86df14614fab7e
parent 221add28366aba97be1d6fc18ad5fd4892b80877

Add ability to configure allowed download schemes and commands

	- also add tests for this functionality

Related: PROD-31172

Change-Id: Ie8f8c633b197ae1421322650e51cd9abfdc47215

gerrit/files/gerrit.config

diff --git a/gerrit/files/gerrit.config b/gerrit/files/gerrit.config
index 2c53ba4..6b6754d 100644
--- a/gerrit/files/gerrit.config
+++ b/gerrit/files/gerrit.config
@@ -249,6 +249,20 @@
 [groups]
     newGroupsVisibleToAll = {{ server.get('new_groups_visible_to_all', False) }}
 
+{%- if server.download is defined %}
+[download]
+    {%- if server.download.command is defined and server.download.command is iterable and server.download.command is not string %}
+        {%- for command in server.download.command %}
+    command = {{ command }}
+        {%- endfor %}
+    {%- endif %}
+    {%- if server.download.scheme is defined and server.download.scheme is iterable and server.download.scheme is not string %}
+        {%- for scheme in server.download.scheme %}
+    scheme = {{ scheme }}
+        {%- endfor %}
+    {%- endif %}
+{%- endif %}
+
 [mimetype "image/*"]
     safe = true
 

tests/pillar/server.sls

diff --git a/tests/pillar/server.sls b/tests/pillar/server.sls
index 49af9dd..e0acbb6 100644
--- a/tests/pillar/server.sls
+++ b/tests/pillar/server.sls
@@ -50,3 +50,15 @@
       password: passw0rd
       pool_limit: 250
       pool_max_idle: 16
+    download:
+      command:
+      - checkout
+      - cherry_pick
+      - pull
+      - format_patch
+      scheme:
+      - http
+      - ssh
+      - anon_http
+      - anon_git
+      - repo_download