Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

distgit: Block push of branches named 'origin/*'

Browse source 
We already use the update hook for gitolite.

This introduces a new update hook, which merely chains the gitolite one,
and a new one to block pushes to badly named branches.

The new hook was written originally by Till Maas.

https://fedorahosted.org/rel-eng/ticket/4071
This commit is contained in:
Mathieu Bridon 2014-09-18 16:54:39 +02:00 committed by Pierre-Yves Chibon
parent 57e3254f1a
commit 7ab3ff2817
4 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
roles/distgit/files/setup_git_package
View file

@ -108,9 +108,17 @@ git commit -q -m 'Initial setup of the repo' --author "$AUTHOR"
git push -q origin master
popd >/dev/null
# Put our special update hooks in place
ln -s /usr/share/gitolite/hooks/common/update $GITROOT/$PACKAGE.git/hooks/
# Setup our update hooks
mkdir -p $GITROOT/$PACKAGE.git/hooks/update-chained.d
ln -s /usr/share/gitolite/hooks/common/update \
$GITROOT/$PACKAGE.git/hooks/update-chained.d/update-gitolite
ln -s /usr/share/git-core/update-block-push-origin \
$GITROOT/$PACKAGE.git/hooks/update-chained.d/update-block-push-origin
# This one kicks off all the others in update-chained.d
ln -s /usr/share/git-core/update-chained $GITROOT/$PACKAGE.git/hooks/update
# Setup our post-receive hooks
mkdir -p $GITROOT/$PACKAGE.git/hooks/post-receive-chained.d
ln -s /usr/share/git-core/mail-hooks/gnome-post-receive-email \
$GITROOT/$PACKAGE.git/hooks/post-receive-chained.d/post-receive-email

10
roles/git/hooks/files/update-block-push-origin Normal file
View file

@ -0,0 +1,10 @@
#!/bin/sh
#
# Block pushes to branches if their name starts with `origin/`
# https://fedorahosted.org/rel-eng/ticket/4071
refname="${1}"
sha1_old="${2}"
sha1_new="${3}"
echo "${refname}" | grep -qE '^refs/heads/origin/' && exit 1 || exit 0

12
roles/git/hooks/files/update-chained Normal file
View file

@ -0,0 +1,12 @@
#!/bin/bash
refname="${1}"
sha1_old="${2}"
sha1_new="${3}"
$GIT_DIR/hooks/update-chained.d/update-gitolite "$refname" "$sha1_old" "$sha1_new" || exit 1
$GIT_DIR/hooks/update-chained.d/update-block-push-origin "$refname" "$sha1_old" "$sha1_new" || exit 1
exit 0

2
roles/git/hooks/tasks/main.yml
View file

@ -13,6 +13,8 @@
with_items:
- post-receive-fedmsg
- post-receive-chained
- update-block-push-origin
- update-chained
- name: install the git mail hooks
copy: src={{item}} dest=/usr/share/git-core/mail-hooks mode=0755