dist-git/pagure: configure pagure to allow access via a single git user for everyone

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>

roles/distgit/pagure/templates/pagure.cfg

@@ -298,8 +298,6 @@ ADMIN_API_ACLS = [
 
 PROJECT_NAME_REGEX = '^[a-zA-z0-9_][a-zA-Z0-9-_\.+]*$'
 
-HTTP_REPO_ACCESS_GITOLITE = None
-
 CSP_HEADERS = (
     "default-src 'self'; "
     "script-src 'self' '{nonce_script}' https://apps.fedoraproject.org https://mdapi.fedoraproject.org; "

roles/distgit/pagure/templates/pagure_shared.cfg

@@ -90,16 +90,13 @@ PDC_URL = 'https://pdc{{ env_suffix }}.fedoraproject.org/rest_api/v1/'
 SSH_KEYS_USERNAME_LOOKUP = True
 SSH_KEYS_OPTIONS = 'restrict,command="/usr/libexec/pagure/aclchecker.py %(username)s"'
 
-SSH_COMMAND_REPOSPANNER = ([
-    "/usr/libexec/repobridge",
-    "--extra", "username", "%(username)s",
-    "--extra", "repotype", "%(repotype)s",
-    "--extra", "project_name", "%(project_name)s",
-    "--extra", "project_user", "%(project_user)s",
-    "--extra", "project_namespace", "%(project_namespace)s",
-    "%(cmd)s",
-    "'pagure/%(repotype)s/%(reponame)s'",
-], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"})
+{% if env == 'staging' %}
+GIT_AUTH_BACKEND = 'pagure'
+SSH_KEYS_USERNAME_EXPECT = 'git'
+{% endif %}
+
+HTTP_REPO_ACCESS_GITOLITE = None
+
 SSH_COMMAND_NON_REPOSPANNER = ([
     "/usr/libexec/git-core/%(cmd)s",
     "%(repopath)s",