[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: hydra: Add the server-side Git hook.
From: |
Leo Famulari |
Subject: |
branch master updated: hydra: Add the server-side Git hook. |
Date: |
Sun, 28 Feb 2021 14:07:18 -0500 |
This is an automated email from the git hooks/post-receive script.
lfam pushed a commit to branch master
in repository maintenance.
The following commit(s) were added to refs/heads/master by this push:
new a703475 hydra: Add the server-side Git hook.
a703475 is described below
commit a7034752cf3469d80485f44f02efb123862ba0a0
Author: Leo Famulari <leo@famulari.name>
AuthorDate: Sun Feb 28 14:06:20 2021 -0500
hydra: Add the server-side Git hook.
* hydra/savannah/assert-commit-signed: New file.
---
hydra/savannah/assert-commit-signed | 38 +++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/hydra/savannah/assert-commit-signed
b/hydra/savannah/assert-commit-signed
new file mode 100644
index 0000000..39cbfae
--- /dev/null
+++ b/hydra/savannah/assert-commit-signed
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# Server-side Git update hook for checking whether pushed commits are
+# signed. To enable it, rename this file to 'update'.
+#
+# For more info:
+#
+# https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#112
+# https://savannah.nongnu.org/support/?109104
+#
+# TODO: Eventually, we'll check whether commits are signed by people
+# authorized to modify the files they touch.
+
+## $1 is the reference being revised
+## $2 is the last HEAD
+## $3 is the HEAD commit of the series of commits being applied
+ref="$1"
+rev_old="$2"
+rev_new="$3"
+span="`git rev-list ^$rev_old $rev_new`"
+zero="0000000000000000000000000000000000000000"
+
+result=0
+for commit in $span
+do
+ if [ "$commit" = "$zero" ]
+ then
+ break
+ fi
+
+ if ! git cat-file -p "$commit" | grep -q '^gpgsig '
+ then
+ echo "error: commit '$commit' lacks an OpenPGP signature; rejected" >&2
+ result=1
+ fi
+done
+
+exit $result
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: hydra: Add the server-side Git hook.,
Leo Famulari <=