Skip to content
Newer
Older
100644 208 lines (167 sloc) 7.67 KB
81e3c09 @mhagander Add policy enforcement script.
authored Jul 21, 2010
1 PostgreSQL git scripts
2 ======================
3 This projects holds some misc scripts for the PostgreSQL git repository,
4 mainly hooks. They're not intended to be complete - just to do the parts
5 that the PostgreSQL projects require.
6
7 Parts of it may of course apply to other projects as well...
8
9
10 git commit message script
11 =========================
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
12 This is a simplified (in some ways) and enhanced (in other ways) script
13 for sending commit messages from a git repository, specifically written
14 for the PostgreSQL repositories.
15
16 It doesn't deal with "advanced git workflows", it only accepts regular
17 commits in straight order. This is how the PostgreSQL project uses git,
18 so it's by design.
19
20 It creates commit messages that look a lot like those previously used
21 in the cvs environment. The main difference is that there will be a single
22 link to the full diff (using gitweb) instead of individual links for
23 each file. This is natural given that git deals with commits as atomic
24 units and not individually for each file like cvs does.
25
26 Installation & configuration
27 ----------------------------
c91dd55 @mhagander Better formatting for filenames.
authored Jul 21, 2010
28 Copy or link the script ``commitmsg.py`` as ``hooks/post-receive`` in your (bare) git
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
29 repository. Make sure python is available at the given path, or adjust
30 the first line of the script to match where it is. git has to be available
31 in the path as well.
32
c91dd55 @mhagander Better formatting for filenames.
authored Jul 21, 2010
33 Create a file called ``hooks/commitmsg.ini``. This file will contain all the
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
34 configuration for the script. It should contain something like: ::
35
36 [commitmsg]
37 destination = somewhere@somewhere.com
38 fallbacksender = somewhere@somewhere.com
39 subject = pgsql: $shortmsg
40 gitweb = http://git.postgresql.org/gitweb?p=postgresql.git;a=$action;h=$commit
41 debug = 0
727f50e @mhagander Add switches to control which messages are sent.
authored Aug 30, 2010
42 commitmsg = 1
43 tagmsg = 1
44 branchmsg = 1
bd306bc @mhagander Support multiple ping URLs per repository
authored Apr 13, 2014
45 pingurl = http://somewhere.com/git_repo_updated
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
46
47 Expansion variables are available for the following fields:
48
49 subject
50 shortmsg
51 gitweb
52 action, commit
53
54 The following fields are all available under the [commitmsg] header:
55
56 destination
2f20b35 @mhagander Add support for multiple recipient destinations
authored Aug 14, 2015
57 is the address to send commit messages to. Multiple addresses can be
58 specified with a comma in between, in which case multiple
59 independent messages will be sent.
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
60 fallbacksender
61 is the sender address to use for activities which don't have an author,
62 such as creation/removal of a branch.
63 subject
64 is the subject of the email
65 gitweb
66 is a template URL for a gitweb link
67 debug
68 set to 1 to output data on console instead of sending email
727f50e @mhagander Add switches to control which messages are sent.
authored Aug 30, 2010
69 commitmsg, tagmsg, branchmsg
70 set to 0 to disable generating this type of message. If unspecified or
71 set to anything other than 0, the mail will be sent.
5009576 @mhagander Add flag to include complete git repository archive in commit message
authored Apr 22, 2016
72 attacharchive
73 set to 1 to attach a complete .tar.gz file of the entire branch
74 that a commit was made on to the email. Only use this if the git
75 repository is small!!!
04e3910 @mhagander Add support for pinging an URL after sending commit messages
authored Nov 27, 2011
76 pingurl
bd306bc @mhagander Support multiple ping URLs per repository
authored Apr 13, 2014
77 set to one or more URLs to make the script send an empty HTTP post to this URL
04e3910 @mhagander Add support for pinging an URL after sending commit messages
authored Nov 27, 2011
78 whenever something is received. This is useful for example to trigger
bd306bc @mhagander Support multiple ping URLs per repository
authored Apr 13, 2014
79 a redmine installation to pull the repository. Separate multiple URLs with
80 spaces.
6291492 @mhagander Add some very basic docs
authored Jul 19, 2010
81
81e3c09 @mhagander Add policy enforcement script.
authored Jul 21, 2010
82
83 git policy enforcement script
84 =============================
85 This script performs some simple policy enforcment on git commits. Git supports
86 a lot of advanced operations that the PostgreSQL project doesn't use - or wants
87 to use. This script attempts to enforce as many of these policies as possible.
88
89 Installation & configuration
90 ----------------------------
91 Copy or link the script ``policyenforce.py`` as ``hooks/update`` in your (bare) git
92 repository. Make sure python is available at the given path, or adjust
93 the first line of the script to match where it is. git has to be available
94 in the path as well.
95
96 Create a file called ``hooks/policyenforce.ini``. This file will contain all the
97 configuration for the script. It should contain something like: ::
98
99 [policyenforce]
100 debug = 0
101
102 [policies]
103 nomerge=1
104 committerequalsauthor=1
105 committerlist=1
c8763a9 @mhagander Add policy for refusing lightweight tags
authored Sep 17, 2010
106 nolightweighttags=1
127968b @mhagander Add support for blocking branch creation and removal
authored Jun 28, 2011
107 nobranchcreate=1
c44fb21 @mhagander Fix typo
authored Jun 29, 2011
108 nobranchdelete=1
6dcab56 @mhagander Allow specifying a filter for which branch names are allowed
authored Jun 28, 2011
109 branchnamefilter=REL_\d+$
81e3c09 @mhagander Add policy enforcement script.
authored Jul 21, 2010
110
111 [committers]
112 Example User=example@example.org
113 Example Other=other@example.org
114
115 The policy section lists which policies are available. Set a policy to 1 to
116 enforce the check, or 0 (or non-existant) to disable the check.
117
118 nomerge
119 Enforce no merge commits. It's recommended that you use the core
120 git feature for this as well (denyNonFastforwards = true).
121 committerequalsauthor
122 Enforce that the user listed under "committer" is the same as that
123 under "author". This is for projects that track authors in the text
124 contents of the message instead.
125 committerlist
126 Enforce that the username and email of the committer is listed in the
127 config file. This ensures that committers don't accidentally use a
128 badly configured client. All the commiters should be listed in the
129 [committers] section, in the format User Name=email.
df4138f @mhagander Add support for authorlist
authored Jan 5, 2013
130 authorlist
131 Enforce that the username and email of the author is listed in the
132 config file. It uses the same list of users as the committerlist,
133 thus it should be listed in [committers]. This allows one committer
134 to push things made by another committer, while still making sure
135 all authors are registered.
c8763a9 @mhagander Add policy for refusing lightweight tags
authored Sep 17, 2010
136 nolightweighttags
137 Enforce that there are no lightweight tags - only tags carrying
138 a description are allowed.
127968b @mhagander Add support for blocking branch creation and removal
authored Jun 28, 2011
139 nobranchcreate
140 Enforce that new branches cannot be created.
141 nobranchdelete
142 Enforce that existing branches cannot be removed (by pushing a
143 branch with the name :*branch*)
f609dcf @mhagander Add a git command wrapper script, adapted from the one running on git…
authored Jul 21, 2010
144
6dcab56 @mhagander Allow specifying a filter for which branch names are allowed
authored Jun 28, 2011
145 There are also policies that should be set to a string:
146
147 branchnamefilter
148 Set to a regular expression that will be applied to all new branches
149 created. If the expression matches, the branch creation will be
150 allowed, otherwise not. The expression will always be anchored at
151 the beginning, but if you want it anchored at the end you need to
152 add a $ at the end. Setting *nobranchcreate* will override this
153 setting and not allow any branches at all.
154
f609dcf @mhagander Add a git command wrapper script, adapted from the one running on git…
authored Jul 21, 2010
155
156 git command wrapper script
157 ==========================
158 This script wraps the command run through ssh to make sure that it can
159 only be approved git commands, and to make sure the commands are logged
160 with who does what.
161
162 The script is adapted from the one running on git.postgresql.org, but
163 significantly simplified.
164
165 Installation & configuration
166 ----------------------------
167 Put the script ``gitwrap.py`` "somewhere". In the same directory, create
168 a file called ``gitwrap.ini`` with contents like this: ::
169
170 [paths]
171 logfile=/some/where/gitwrap.log
6667771 @mhagander Have gitwrap support multiple top-level repositories.
authored Sep 3, 2010
172 repobase=/some/where
f609dcf @mhagander Add a git command wrapper script, adapted from the one running on git…
authored Jul 21, 2010
173
174 Make sure the git user has permissions on these directories.
175
176 When this is done, put something like this in ``~/.ssh/authorized_keys``
177 for the git user: ::
178
179 command="/home/git/gitwrap/gitwrap.py 'Some User'",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa ABCDABCD<sshkeyhere>
180
181 One row for each committer.
e2fc58f @mhagander Add script to push a changed repository to the anonymous mirror, inte…
authored Jul 21, 2010
182
6667771 @mhagander Have gitwrap support multiple top-level repositories.
authored Sep 3, 2010
183 The script will only allow access to repositories in the top level directory, and only
184 those that already exist. All users will be granted access to all repositories.
e2fc58f @mhagander Add script to push a changed repository to the anonymous mirror, inte…
authored Jul 21, 2010
185
186 anonymous mirror push script
187 ============================
188 This script is set to push the repository (all branches) to the anonymous mirror,
189 that is used for example for gitweb access. It's intended to be run from cron frequently
190 (at least every 5 minutes, but every minute is even better..).
191
192 The script has a simple lockfile based interlock to make sure it doesn't step on other
193 instances of itself. It's probably a good idea to monitor this for stale lock files.
194
195 The repository should be set up with a remote called "anonymous". This will be the
196 target of the pushes.
197
198 The user running the script must have an ssh private key set up with no passphrase to
199 use for pushing.
200
201 To run the script, simply set up a cronjob that runs: ::
202
203 /some/where/push_to_anon.sh /home/git/postgresql.git
204
205 The script can be run with the ``--force`` parameter to have it send data even if it
206 doesn't seem necessary. It might be a good idea to have an infrequent cronjob that
207 does this.
Something went wrong with that request. Please try again.