From f18b6c94176caa31074628a96b09fd47762264fd Mon Sep 17 00:00:00 2001
From: Ryan DV <rdevilla@uwaterloo.ca>
Date: Fri, 22 Apr 2022 23:58:24 -0400
Subject: [PATCH 1/3] setuid and setgid with given user for `git pull`

---
 aura/aura.cabal        | 1 +
 aura/lib/Aura/Build.hs | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/aura/aura.cabal b/aura/aura.cabal
index c1ae48ac8..1567075eb 100644
--- a/aura/aura.cabal
+++ b/aura/aura.cabal
@@ -58,6 +58,7 @@ common libexec
     , scheduler                    >=1.1 && <2.1
     , transformers                 ^>=0.5
     , typed-process                ^>=0.2
+    , unix                         ^>=2.7.2.2
 
 library
   import:          commons, libexec
diff --git a/aura/lib/Aura/Build.hs b/aura/lib/Aura/Build.hs
index b6865d662..aba672672 100644
--- a/aura/lib/Aura/Build.hs
+++ b/aura/lib/Aura/Build.hs
@@ -38,6 +38,7 @@ import qualified RIO.Set as S
 import qualified RIO.Text as T
 import           RIO.Time
 import           System.Process.Typed
+import           System.Posix.User
 
 ---
 
@@ -194,7 +195,10 @@ pullRepo usr = do
   logDebug "git: Clearing worktree. "
   void . runProcess . setStderr closed . setStdout closed $ proc "git" ["reset", "--hard", "HEAD"]
   logDebug "git: Pulling repo."
-  ec <- runProcess . setStderr closed . setStdout closed $ proc "git" ["pull"]
+  ue <- liftIO . getUserEntryForName . T.unpack . user $ usr
+  let uid = userID ue
+  let gid = userGroupID ue
+  ec <- runProcess . setChildUser uid . setChildGroup gid . setStderr closed . setStdout closed $ proc "git" ["pull"]
   case ec of
     ExitFailure _ -> pure . Left . Failure $ FailMsg buildFail_12
     ExitSuccess   -> liftIO (chown usr "." ["-R"]) $> Right ()

From 8852f6d7659d341e0d1e44bc0025ac3833499e58 Mon Sep 17 00:00:00 2001
From: Colin Woodbury <colin@fosskers.ca>
Date: Sat, 23 Apr 2022 11:37:25 -0700
Subject: [PATCH 2/3] chore: bump stackage lts

---
 stack.yaml      | 2 +-
 stack.yaml.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/stack.yaml b/stack.yaml
index a8b2e1844..a3c1e8231 100644
--- a/stack.yaml
+++ b/stack.yaml
@@ -1,4 +1,4 @@
-resolver: lts-19.1
+resolver: lts-19.4
 
 ghc-options:
   $everything: -split-sections -haddock
diff --git a/stack.yaml.lock b/stack.yaml.lock
index 0bc47516a..d3ea4f4f4 100644
--- a/stack.yaml.lock
+++ b/stack.yaml.lock
@@ -27,7 +27,7 @@ packages:
     hackage: text-2.0
 snapshots:
 - completed:
-    size: 617355
-    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/19/1.yaml
-    sha256: cbd5e8593869445794924668479b5bd9f1738d075898623dceacc13b2576b6e3
-  original: lts-19.1
+    size: 618683
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/19/4.yaml
+    sha256: d4ee004c46ba878d2f304f5d748d493057be579192a8d148527f3ba55c9df57f
+  original: lts-19.4

From 73375658aa2f7efab7066f46b8deb2c9c7a6b111 Mon Sep 17 00:00:00 2001
From: Colin Woodbury <colin@fosskers.ca>
Date: Sat, 23 Apr 2022 11:37:35 -0700
Subject: [PATCH 3/3] tweak(aura): log name of user who is git pulling

---
 aura/lib/Aura/Build.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aura/lib/Aura/Build.hs b/aura/lib/Aura/Build.hs
index aba672672..23a72c1ed 100644
--- a/aura/lib/Aura/Build.hs
+++ b/aura/lib/Aura/Build.hs
@@ -194,7 +194,7 @@ pullRepo :: User -> RIO Env (Either Failure ())
 pullRepo usr = do
   logDebug "git: Clearing worktree. "
   void . runProcess . setStderr closed . setStdout closed $ proc "git" ["reset", "--hard", "HEAD"]
-  logDebug "git: Pulling repo."
+  logDebug $ "git: Pulling repo as " <> display (user usr)
   ue <- liftIO . getUserEntryForName . T.unpack . user $ usr
   let uid = userID ue
   let gid = userGroupID ue