From 989d6f03362bc52f4b328bf70c921c6465fa474e Mon Sep 17 00:00:00 2001
From: Christian Boltz <cboltz@opensuse.org>
Date: Oct 31 2020 18:35:25 +0000
Subject: Merge branch 'ngompa/pagure-cfg-fix-aclchecker' into 'production'


pagure: Configure aclchecker correctly in pagure.cfg

See merge request infra/salt!448
---

diff --git a/salt/profile/pagure/files/pagure.cfg b/salt/profile/pagure/files/pagure.cfg
index 282eb5b..2ea0afc 100644
--- a/salt/profile/pagure/files/pagure.cfg
+++ b/salt/profile/pagure/files/pagure.cfg
@@ -116,6 +116,12 @@ SSH_COMMAND_NON_REPOSPANNER = ([
     "/srv/gitolite/repositories/%(reponame)s",
 ], {"GL_USER": "%(username)s"})
 
+# Arguments to add to the SSH keys, possible replacements:
+# %(username)s: username owning this key
+SSH_KEYS_OPTIONS = (
+    'restrict,command="/usr/lib/pagure/aclchecker.py %(username)s"'
+)
+
 ### Configuration file for gitolite
 GITOLITE_CONFIG = os.path.join(
     '/srv',