Last active
November 17, 2021 06:21
-
-
Save isutare412/36efacbc80be5631432f55bc1cae2cc6 to your computer and use it in GitHub Desktop.
Git server hook tha blocks git push except users on whitelist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Blocks git push except permitted commiters. | |
| # | |
| # To enable this hook, rename this file to "pre-receive". | |
| # parse old, new, ref from stdin | |
| read OLD NEW REF | |
| # get author and committer | |
| AUTHOR=$(git log -1 $NEW --pretty=%an) | |
| COMMITTER=$(git log -1 $NEW --pretty=%cn) | |
| # branch name | |
| BRANCH=$(echo $REF | sed 's/refs\/heads\///g') | |
| # print commit information | |
| echo "---------------------------------------------" | |
| echo "old: $OLD" | |
| echo "new: $NEW" | |
| echo "ref: $REF" | |
| echo "branch: $BRANCH" | |
| echo "author: $AUTHOR" | |
| echo "committer: $COMMITTER" | |
| echo "---------------------------------------------" | |
| # block push if committer is not in allowed file | |
| check_block() | |
| { | |
| BLOCK_FILE=$1 # e.g. master.allowed | |
| COMMIT_BRANCH=$2 | |
| COMMIT_AUTHOR=$3 | |
| BLOCK_BRANCH=$(basename $BLOCK_FILE | cut -f 1 -d '.') | |
| if [ "$BLOCK_BRANCH" != "$COMMIT_BRANCH" ]; then | |
| return | |
| fi | |
| if ! `grep -Fxq $COMMIT_AUTHOR $BLOCK_FILE`; then | |
| echo "! Branch '$BLOCK_BRANCH' is in build process" | |
| echo "! Wait until the build finishes" | |
| echo "---------------------------------------------" | |
| exit 1 | |
| fi | |
| } | |
| # block branches if branch.allowed file exists | |
| BLOCK_LISTS=$(find custom_hooks -iname '*.allowed') | |
| for FILE in $BLOCK_LISTS; do | |
| check_block $FILE $BRANCH $COMMITTER | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment