git pre-receive hooks.

In my attempts to block users from committing code as root users which I mentioned in my previous blog post; I’ve identified an unusual behavior in git.

 

Git pre-receive hooks do not have any parameters passed in, but rather query stdin for parameters.

To demonstrate, create the following file on your git server

some_repository/.git/hooks/pre-receive

set -x

echo "$# parameters have been passed in"

 

Then try and push code

 

spencer@workstation:/tmp/hooktest3$ git push
Counting objects: 11, done.

Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (9/9), 731 bytes | 0 bytes/s, done

remote: + echo '0 parameters have been passed in'

The correct way to evaluate the incoming commit is with

read
some_repository/.git/hooks/pre-receive

while read oldsha newsha refname; do
    case $oldsha,$newsha in
    *,$NULL_SHA1) # it's a delete
        echo "delete request received";;
    $NULL_SHA1,*) # it's a create
       echo creating $newsha";;
    *,*) # it's an update
        echo "updating with $newsha";;
    esac
done

So why is this important?
This is the only way to parse an incoming git commit. You can then evaluate the commit to see who the author is, what type of commit ect..

Thanks go to torek for pointing this out on my stack overflow question here: http://stackoverflow.com/questions/22546393/can-git-pre-receive-hooks-evaulate-the-incoming-commit/22547375?noredirect=1#comment34541940_22547375

Advertisements

About spuder
spuder is a "super computer" support engineer by day, and tinkerer / hobbyist by night.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: