[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/04: maint: Git pre-push hook runs "make authenticate check-channel-ne
From: |
guix-commits |
Subject: |
04/04: maint: Git pre-push hook runs "make authenticate check-channel-news". |
Date: |
Fri, 29 May 2020 12:32:42 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit e65a44649e8d7698c4a888f1de625a67052520e9
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Fri May 29 18:19:07 2020 +0200
maint: Git pre-push hook runs "make authenticate check-channel-news".
* etc/git/pre-push: Change to run "make authenticate check-channel-news".
---
etc/git/pre-push | 49 +++++--------------------------------------------
1 file changed, 5 insertions(+), 44 deletions(-)
diff --git a/etc/git/pre-push b/etc/git/pre-push
index 9206a2d..59294f0 100755
--- a/etc/git/pre-push
+++ b/etc/git/pre-push
@@ -1,7 +1,6 @@
#!/bin/sh
-# This hook script prevents the user from pushing to Savannah if any of the new
-# commits' OpenPGP signatures cannot be verified.
+# A hook script that prevents the user from pushing unsigned commits.
# Called by "git push" after it has checked the remote status, but before
# anything has been pushed. If this script exits with a non-zero status
nothing
@@ -19,51 +18,13 @@
#
# <local ref> <local sha1> <remote ref> <remote sha1>
-z40=0000000000000000000000000000000000000000
-
# Only use the hook when pushing to Savannah.
case "$2" in
-*git.sv.gnu.org*)
- break
+ *.gnu.org*)
+ exec make authenticate check-channel-news
+ exit 127
;;
-*)
+ *)
exit 0
;;
esac
-
-while read local_ref local_sha remote_ref remote_sha
-do
- if [ "$local_sha" = $z40 ]
- then
- # Handle delete
- :
- else
- if [ "$remote_sha" = $z40 ]
- then
- # We are pushing a new branch. To prevent wasting too
- # much time for this relatively rare case, we examine
- # all commits since the first signed commit, rather than
- # the full history. This check *will* fail, and the user
- # will need to temporarily disable the hook to push the
- # new branch.
-
range="e3d0fcbf7e55e8cbe8d0a1c5a24d73f341d7243b..$local_sha"
- else
- # Update to existing branch, examine new commits
- range="$remote_sha..$local_sha"
- fi
-
- # Verify the signatures of all commits being pushed.
- ret=0
- for commit in $(git rev-list $range)
- do
- if ! git verify-commit $commit >/dev/null 2>&1
- then
- printf "%s failed signature check\n" $commit
- ret=1
- fi
- done
- exit $ret
- fi
-done
-
-exit 0