summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar steering72532026-07-01 15:41:46 -0600
committerGravatar steering72532026-07-01 15:42:32 -0600
commit93b724af7be9056a28ac7032049bb75f800950e6 (patch)
treed1685973ca8152c16b0ce2dbde9b9341282c2c96
parentpost-update - set umask to 0022 (diff)
rework notificaitons, add better limiting HEAD main
-rwxr-xr-xpost-receive71
-rw-r--r--sh.conf.example13
-rwxr-xr-xupdate49
3 files changed, 96 insertions, 37 deletions
diff --git a/post-receive b/post-receive
new file mode 100755
index 0000000..e8752f1
--- /dev/null
+++ b/post-receive
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+default_branch="$(git rev-parse --abbrev-ref HEAD)"
+default_branch_path="$(git rev-parse --symbolic-full-name HEAD)"
+
+suppress="$(git config --get --type bool --default=false hooks.suppressNotify)"
+allowForcePush="$(git config --type=bool hooks.allowForcePush)"
+protectedRefs="$(git config --default "$default_branch_path" hooks.protectedRefs)"
+addlNotify="$(git config get --value '^([a-zA-Z0-9_.-]+|[0-9.]+|[0-9a-fA-F:.]+):[0-9]{1,5}$' hooks.notify)"
+
+config="$(dirname "$(readlink -f "$0")")"/sh.conf
+[ -r "$config" ] && source "$config"
+
+reponame="$(readlink -f .)"
+#reponame="${reponame%/.git}"
+reponame="${reponame#/home/}"
+
+FORMAT="%C(auto)%h by %an (%ah: %s) sig: %G? %GS 0x%GK https://cgit.space/~$reponame/commit/?id=%h"
+
+commits_per_ref="${commits_per_ref:-5}"
+lines_total=0
+max_num_lines="${max_num_lines:-10}"
+
+#cat|notify
+while read old new ref; do
+ wait
+ commits=""
+ forced=""
+ lines_ref=0
+
+ if ((16#$old == 0)); then # new branch
+ commits="created with $(git describe --always "$new")"
+ elif ((16#$new == 0)); then # deleted branch
+ commits="deleted from $(git describe --always "$old")"
+ elif [ "$old" = "$(git merge-base "$old" "$new")" ]; then # fast-forward update
+ commits="updated from $(git describe --always "$old") -> $(git describe --always "$new")"
+ elif [ "$new" = "$(git merge-base "$old" "$new")" ]; then # rollback
+ commits="!! rolled back to $(git describe --always "$new") erasing history through $(git describe --always "$old")"
+ forced="true"
+ else # commit --amend, rebase, or similar
+ commits="!! rewrote history from $(git describe --always "$(git merge-base "$old" "$new")") -> $(git describe --always "$new") erasing history through $(git describe --always "$old")"
+ forced="true"
+ fi
+
+ if [ "$suppress" != "true" ]; then
+ echo "[$reponame] $ref $commits by $USER" | notify
+
+ if ((16#$old == 0)); then
+ git log -n $((commits_per_ref+1)) --no-show-signature --no-patch --pretty="tformat:$FORMAT" "$new"
+ elif ((16#$new == 0)); then
+ :
+ else
+ git log -n $((commits_per_ref+1)) --no-show-signature --pretty="tformat:$FORMAT" "$old".."$new"
+ fi | while read line; do
+ ((lines_ref++))
+ if [ "$lines_ref" -gt "${commits_per_ref}" ]; then
+ echo "(... more commits)"
+ break
+ else
+ printf '%s\n' "$line"
+ fi
+ done
+ fi
+done | while read line; do
+ ((lines_total++))
+ if [ "$lines_total" -gt "${max_num_lines}" ]; then
+ echo "(...more stuff)"
+ break
+ fi
+ printf '%s\n' "$line"
+done | notify
diff --git a/sh.conf.example b/sh.conf.example
index e830344..4b14fc5 100644
--- a/sh.conf.example
+++ b/sh.conf.example
@@ -1,2 +1,11 @@
-to_host="${to_host:-127.0.0.1}"
-to_port="${to_port:-1337}"
+to_host="127.0.0.1"
+to_port="1234"
+
+notify(){
+ if [ -n "$addlNotify" ]; then
+ tee >(nc -q 0 "${addlNotify%:*}" "${addlNotify##*:}") | nc -q 0 "${to_host}" "${to_port}" >/dev/null
+ else
+ nc -q 0 "${to_host}" "${to_port}" >/dev/null
+ fi
+}
+
diff --git a/update b/update
index c1bf203..b82a0fc 100755
--- a/update
+++ b/update
@@ -3,6 +3,11 @@
default_branch="$(git rev-parse --abbrev-ref HEAD)"
default_branch_path="$(git rev-parse --symbolic-full-name HEAD)"
+suppress="$(git config --get --type bool --default=false hooks.suppressNotify)"
+allowForcePush="$(git config --type=bool hooks.allowForcePush)"
+protectedRefs="$(git config --default "$default_branch_path" hooks.protectedRefs)"
+addlNotify="$(git config get --value '^([a-zA-Z0-9_.-]+|[0-9.]+|[0-9a-fA-F:.]+):[0-9]{1,5}$' hooks.notify)"
+
config="$(dirname "$(readlink -f "$0")")"/sh.conf
[ -r "$config" ] && source "$config"
@@ -11,26 +16,20 @@ reponame="$(readlink -f .)"
reponame="${reponame#/home/}"
FORMAT="%C(auto)%h by %an (%ah: %s) sig: %G? %GS 0x%GK https://cgit.space/~$reponame/commit/?id=%h"
-NC=( nc -q 0 )
ref="$1"
old="$2"
new="$3"
-suppress="$(git config --get --type bool --default=false hooks.suppressNotify)"
-allowForcePush="$(git config --type=bool hooks.allowForcePush)"
-protectedRefs="$(git config --default "$default_branch_path" hooks.protectedRefs)"
-addlNotify="$(git config get --value '^([a-zA-Z0-9_.-]+|[0-9.]+|[0-9a-fA-F:.]+):[0-9]{1,5}$' hooks.notify)"
-
commits=""
forced=""
if ((16#$old == 0)); then # new branch
- commits="created with $(git describe --always "$new")"
+ :
elif ((16#$new == 0)); then # deleted branch
- commits="deleted from $(git describe --always "$old")"
+ commits="!! deleted branch"
elif [ "$old" = "$(git merge-base "$old" "$new")" ]; then # fast-forward update
- commits="updated from $(git describe --always "$old") -> $(git describe --always "$new")"
+ :
elif [ "$new" = "$(git merge-base "$old" "$new")" ]; then # rollback
commits="!! rolled back to $(git describe --always "$new") erasing history through $(git describe --always "$old")"
forced="true"
@@ -40,34 +39,14 @@ else # commit --amend, rebase, or similar
fi
#curl -sS -d "[$reponame] $ref $commits" "$H2I" >/dev/null
-if [ "$suppress" != "true" ]; then
- echo "[$reponame] $ref $commits by $USER" | "${NC[@]}" "${to_host:-127.0.0.1}" "${to_port:-1337}" >/dev/null
- if [ -n "$addlNotify" ]; then
- echo "[$reponame] $ref $commits by $USER" | "${NC[@]}" "${addlNotify%:*}" "${addlNotify##*:}" >/dev/null
- fi
-
- if ((16#$old == 0)); then
- git log --no-show-signature --no-patch --pretty="tformat:$FORMAT" "$new" | head -9
- elif ((16#$new == 0)); then
- :
+if [ "$forced" = "true" ]; then
+ if [[ $allowForcePush != "true" && $ref =~ $protectedRefs ]]; then
+ echo "[$reponame] BLOCKED $ref $commits by $USER" | tee >(notify)
+ echo "('git config set hooks.allowForcePush true' on repo to allow)" | tee >(notify)
+ exit 1
else
- git log --no-show-signature --pretty="tformat:$FORMAT" "$old".."$new"
- fi | while read line; do
- : #curl -sS -d "$line" "$H2I" >/dev/null
- echo "$line" | "${NC[@]}" "${to_host:-127.0.0.1}" "${to_port:-1337}" >/dev/null
-
- if [ -n "$addlNotify" ]; then
- echo "$line" | "${NC[@]}" "${addlNotify%:*}" "${addlNotify##*:}"
- fi
- done
-fi
-
-if [[ $forced == "true" && $allowForcePush != "true" && $ref =~ $protectedRefs ]]; then
- echo "(BLOCKED PUSH, 'git config hooks.allowForcePush true' on server to allow)" | "${NC[@]}" "${to_host:-127.0.0.1}" "${to_port:-1337}" >/dev/null
- if [ -n "$addlNotify" ]; then
- echo "(BLOCKED PUSH, 'git config hooks.allowForcePush true' on server to allow)" | "${NC[@]}" "${addlNotify%:*}" "${addlNotify##*:}" >/dev/null
+ : # notify allowed force push?
fi
- exit 1
fi
exit 0