#!/bin/sh # gentoo-infra: infra/githooks.git:update-01-basic # --- Command line refname=${1} oldrev=${2} newrev=${3} # --- Safety check if [ -z "${GIT_DIR}" ]; then echo "Don't run this script from the command line." >&2 echo " (if you want, you could supply GIT_DIR then run" >&2 echo " ${0} )" >&2 exit 1 fi if [ -z "${refname}" -o -z "${oldrev}" -o -z "${newrev}" ]; then echo "usage: ${0} " >&2 exit 1 fi # --- Check types # if $newrev is 0000...0000, it's a commit to delete a ref. zero="0000000000000000000000000000000000000000" case ${refname} in refs/tags/*) echo "*** Tags are not allowed in the gentoo repo" >&2 exit 1 ;; refs/heads/master) if [ "${newrev}" = "${zero}" ]; then echo "*** Errr, removing master is not allowed" >&2 exit 1 fi # prevent forced updates # http://stackoverflow.com/questions/10319110/how-to-detect-a-forced-update if [ -n "$(git rev-list "${oldrev}" "^${newrev}")" ]; then echo "*** Forced update disallowed!" >&2 exit 1 fi IFS=' ' # check that tree is sane # (we don't have to filter out removals -- the files weren't # allowed, so we won't remove them :)) cfiles=$(git diff --name-only "${oldrev}".."${newrev}") for name in ${cfiles}; do case ${name} in */ChangeLog) echo "*** ChangeLogs are not allowed in the repository" exit 1 ;; metadata/*cache*) echo "*** Metadata Cache is not allowed in the repository" exit 1 ;; metadata/glsa*) echo "*** GLSAs are not allowed in the repository" exit 1 ;; metadata/news*) echo "*** News is not allowed in the repository" exit 1 ;; metadata/herds.xml|metadata/dtd*|metadata/timestamp*) echo "*** Metadata is not allowed in the repository" exit 1 ;; profiles/use.local.desc) echo "*** Use.local.desc is not allowed in the repository" exit 1 ;; esac done ;; refs/heads/*) # dev branches are fine whatever they are ;; refs/notes/*) # allow git notes, why not? ;; *) echo "*** Unknown object refused" >&2 exit 1 ;; esac # --- Finished exit 0