diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-05-29 18:19:07 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-05-29 18:31:38 +0200 |
commit | e65a44649e8d7698c4a888f1de625a67052520e9 (patch) | |
tree | fc36c4088a82f2af4d1d52c492d1ee5bf505b9fc /etc | |
parent | 17a102332a253f0e3b1f511fa7bda2094264a77c (diff) | |
download | guix-e65a44649e8d7698c4a888f1de625a67052520e9.tar.gz |
maint: Git pre-push hook runs "make authenticate check-channel-news".
* etc/git/pre-push: Change to run "make authenticate check-channel-news".
Diffstat (limited to 'etc')
-rwxr-xr-x | etc/git/pre-push | 49 |
1 files changed, 5 insertions, 44 deletions
diff --git a/etc/git/pre-push b/etc/git/pre-push index 9206a2dfe5..59294f0ffb 100755 --- a/etc/git/pre-push +++ b/etc/git/pre-push @@ -1,7 +1,6 @@ #!/bin/sh -# This hook script prevents the user from pushing to Savannah if any of the new -# commits' OpenPGP signatures cannot be verified. +# A hook script that prevents the user from pushing unsigned commits. # Called by "git push" after it has checked the remote status, but before # anything has been pushed. If this script exits with a non-zero status nothing @@ -19,51 +18,13 @@ # # <local ref> <local sha1> <remote ref> <remote sha1> -z40=0000000000000000000000000000000000000000 - # Only use the hook when pushing to Savannah. case "$2" in -*git.sv.gnu.org*) - break + *.gnu.org*) + exec make authenticate check-channel-news + exit 127 ;; -*) + *) exit 0 ;; esac - -while read local_ref local_sha remote_ref remote_sha -do - if [ "$local_sha" = $z40 ] - then - # Handle delete - : - else - if [ "$remote_sha" = $z40 ] - then - # We are pushing a new branch. To prevent wasting too - # much time for this relatively rare case, we examine - # all commits since the first signed commit, rather than - # the full history. This check *will* fail, and the user - # will need to temporarily disable the hook to push the - # new branch. - range="e3d0fcbf7e55e8cbe8d0a1c5a24d73f341d7243b..$local_sha" - else - # Update to existing branch, examine new commits - range="$remote_sha..$local_sha" - fi - - # Verify the signatures of all commits being pushed. - ret=0 - for commit in $(git rev-list $range) - do - if ! git verify-commit $commit >/dev/null 2>&1 - then - printf "%s failed signature check\n" $commit - ret=1 - fi - done - exit $ret - fi -done - -exit 0 |