123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 |
- #!/usr/bin/env bash
- # git pre-push hook script to:
- # 0) Call the pre-commit hook, if it is available
- # 1) prevent "fixup!" and "squash!" commit from ending up in main, release-*
- # or maint-*
- # 2) Disallow pushing branches other than main, release-*
- # and maint-* to origin (e.g. gitweb.torproject.org)
- #
- # To install this script, copy it into .git/hooks/pre-push path in your
- # local copy of git repository. Make sure it has permission to execute.
- # Furthermore, make sure that TOR_UPSTREAM_REMOTE_NAME environment
- # variable is set to local name of git remote that corresponds to upstream
- # repository on e.g. git.torproject.org.
- #
- # The following sample script was used as starting point:
- # https://github.com/git/git/blob/master/templates/hooks--pre-push.sample
- # Are you adding a new check to the git hooks?
- # - Common checks belong in the pre-commit hook
- # - Push-only checks belong in the pre-push hook
- echo "Running pre-push hook"
- z40=0000000000000000000000000000000000000000
- upstream_name=${TOR_UPSTREAM_REMOTE_NAME:-"upstream"}
- # The working directory
- workdir=$(git rev-parse --show-toplevel)
- # The .git directory
- # If $workdir is a worktree, then $gitdir is not $workdir/.git
- gitdir=$(git rev-parse --git-dir)
- cd "$workdir" || exit 1
- remote="$1"
- remote_name=$(git remote --verbose | grep "$2" | awk '{print $1}' | head -n 1)
- ref_is_upstream_branch() {
- if [ "$1" == "refs/heads/main" ] ||
- [[ "$1" == refs/heads/release-* ]] ||
- [[ "$1" == refs/heads/maint-* ]]; then
- return 1
- fi
- }
- # shellcheck disable=SC2034
- while read -r local_ref local_sha remote_ref remote_sha
- do
- if [ "$local_sha" = $z40 ]; then
- # Handle delete
- :
- else
- if [ "$remote_sha" = $z40 ]; then
- # New branch, examine commits not in main
- range="main...$local_sha"
- else
- # Update to existing branch, examine new commits
- range="$remote_sha..$local_sha"
- fi
- # Call the pre-commit hook for the common checks, if it is executable
- pre_commit=${gitdir}/hooks/pre-commit
- if [ -x "$pre_commit" ]; then
- # Only check the files newly modified in this branch
- CHECK_FILTER="git diff --name-only --diff-filter=ACMR $range"
- # Use the appropriate owned tor source list to filter the changed
- # files
- # This is the layout in 0.3.5
- # Keep these lists consistent:
- # - OWNED_TOR_C_FILES in Makefile.am
- # - CHECK_FILES in pre-commit.git-hook and pre-push.git-hook
- # - try_parse in check_cocci_parse.sh
- CHECK_FILES="$($CHECK_FILTER \
- src/lib/*/*.[ch] \
- src/core/*/*.[ch] \
- src/feature/*/*.[ch] \
- src/app/*/*.[ch] \
- src/test/*.[ch] \
- src/test/*/*.[ch] \
- src/tools/*.[ch] \
- )"
- export TOR_EXTRA_PRE_COMMIT_CHECKS=1
- # We want word splitting here, because file names are space
- # separated
- # shellcheck disable=SC2086
- if ! "$pre_commit" $CHECK_FILES ; then
- exit 1
- fi
- fi
- if [[ "$remote_name" != "$upstream_name" ]]; then
- echo "Not pushing to upstream - refraining from further checks"
- continue
- fi
- if (ref_is_upstream_branch "$local_ref" == 0 ||
- ref_is_upstream_branch "$remote_ref" == 0) &&
- [ "$local_ref" != "$remote_ref" ]; then
- if [ "$remote" == "origin" ]; then
- echo >&2 "Not pushing: $local_ref to $remote_ref"
- echo >&2 "If you really want to push this, use --no-verify."
- exit 1
- else
- continue
- fi
- fi
- # Check for fixup! commit
- commit=$(git rev-list -n 1 --grep '^fixup!' "$range")
- if [ -n "$commit" ]; then
- echo >&2 "Found fixup! commit in $local_ref, not pushing"
- echo >&2 "If you really want to push this, use --no-verify."
- exit 1
- fi
- # Check for squash! commit
- commit=$(git rev-list -n 1 --grep '^squash!' "$range")
- if [ -n "$commit" ]; then
- echo >&2 "Found squash! commit in $local_ref, not pushing"
- echo >&2 "If you really want to push this, use --no-verify."
- exit 1
- fi
- fi
- done
- exit 0
|