目前我们已经为声纳运行器配置了preversion for preversion for subversion。现在我们的项目正在转向Git(Gitlab),所以我们需要将我们的预提交钩子移动到Git pre commit和pre push hook。
我们有两个要求
对于每次提交/推送,它应该运行声纳(使用本地安装 声纳转轮)用于静态代码分析,然后查找任何违规行为 它应该拒绝提交/推送。
对于每个提交/推送,应该有有效的jira id,它是 分配给将代码推送到git的人。 Jira id应该是 提交消息的一部分。
有人已经实现了钩子吗?
答案 0 :(得分:0)
我仍在寻找声纳的钩子。但我可以给你JIRA号码勾选。此挂钩仅检查JIRA编号是否在JIRA服务器上有效。
JIRA号码检查钩子客户端commig-msg:
#!/bin/bash
JIRA_API_ISSUE_URL=http://jira7.{xxxxx}.org/rest/api/latest/issue/
HARD_MODE="false"
TIME_OUT=3
$(grep -i 'merge' "$1")
result=$?
if [ $result -eq 0 ];then
# echo "INFO : can commit because 'merge' keyword exists."
exit 0
fi
jira_num=$(grep -ohE -m 1 '[ABCDEFGHIJKLMNOPQRSTUVWXYZ0-9]+-[0-9]+' "$1" | head -1)
if [ "${jira_num}" == "" ];then
echo "ERROR : commit does not contains JIRA_NUM. for example: PROJ-123"
exit 1
fi
check_url=${JIRA_API_ISSUE_URL}${jira_num}
http_response=$(curl -m ${TIME_OUT} --write-out %{http_code} --silent --output /dev/null ${check_url})
if [ ${HARD_MODE} == "true" ];then
if [ "$http_response" -eq "401" ]; then
# echo "INFO : can find jira issue number, allow commit";
exit 0;
else
echo "ERROR : can not find the jira issue num:${jira_num}, please check: ${check_url}";
exit 1;
fi
else
if [ "$http_response" -eq "404" ]; then
echo "ERROR : can not find the jira issue num:${jira_num}, please check: ${check_url}";
exit 2;
elif [ "$http_response" -eq "000" ]; then
echo "WARN : request time out or error occured, url:${check_url}, but allow commit in loose mode.";
exit 0;
else
# echo "INFO : http response:${http_response}, not 404, allow commit. url: ${check_url}";
exit 0;
fi
fi
服务器端update:
#!/bin/bash
JIRA_API_ISSUE_URL=http://jira7.{xxxxx}.org/rest/api/latest/issue/
TIME_OUT=5
# --- Command line
refname="$1"
oldrev="$2"
newrev="$3"
# --- Safety check
# if [ -z "$GIT_DIR" ]; then
# echo "Don't run this script from the command line." >&2
# echo " (if you want, you could supply GIT_DIR then run" >&2
# echo " $0 <ref> <oldrev> <newrev>)" >&2
# exit 1
# fi
if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
echo "usage: $0 <ref> <oldrev> <newrev>" >&2
exit 1
fi
hashStrs=""
if [[ "$oldrev" =~ ^0+$ ]]; then
# list everything reachable from newrev but not any heads
hashStrs=$(git rev-list $(git for-each-ref --format='%(refname)' refs/heads/* | sed 's/^/\^/') "$newrev")
else
hashStrs=$(git rev-list "$oldrev..$newrev")
fi
# echo ${hashStrs}
hashArr=($hashStrs)
for hash in "${hashArr[@]}"; do
message=$(git cat-file commit ${hash} | sed '1,/^$/d')
if grep -i 'merge'<<<"$message";then
# echo "INFO : branch: ${refname}, hash: ${hash}, 'merge' keyword exists. continue check other commit.."
continue
fi
jira_num=$(grep -ohE -m 1 '[ABCDEFGHIJKLMNOPQRSTUVWXYZ0-9]+-[0-9]+' <<< "$message" | head -1)
if [ "${jira_num}" == "" ];then
echo "ERROR : branch: ${refname}, hash commit (${hash}) does not contains JIRA_NUM. for example: PROJ-123"
exit 1
fi
check_url=${JIRA_API_ISSUE_URL}${jira_num}
http_response=$(curl -m ${TIME_OUT} --write-out %{http_code} --silent --output /dev/null ${check_url})
if [ "$http_response" -eq "401" ]; then
# echo "INFO : branch: ${refname}, hash commit (${hash}) can find jira issue number, continue check other commit..";
continue;
else
echo "ERROR : branch: ${refname}, hash commit (${hash}) can not find the jira issue num:${jira_num}, http code return:"${http_response}", please check: ${check_url}";
exit 1;
fi
done
# --- Finished
# echo "INFO : branch: ${refname}, all commits with JIRA numbers, allow commit."
exit 0
参阅:
http://note.youdao.com/noteshare?id=6cfe6bd7da2f5c009ac04061e24c4991