Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 553906 - Git migration: Update hook to enforce QA filename policy
Summary: Git migration: Update hook to enforce QA filename policy
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Git (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Gentoo Infrastructure
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 333531
  Show dependency tree
 
Reported: 2015-07-04 09:47 UTC by Ulrich Müller
Modified: 2017-03-24 19:20 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
update hook (update-hook,780 bytes, text/plain; charset=utf-8)
2015-07-04 09:49 UTC, Ulrich Müller 		Details
update hook (update-hook,826 bytes, text/plain; charset=utf-8)
2015-07-04 10:10 UTC, Ulrich Müller 		Details
update hook (update-hook,982 bytes, text/plain; charset=utf-8)
2015-08-10 07:00 UTC, Ulrich Müller 		Details
update hook v2 (update-hook.sh,1.07 KB, text/plain; charset=UTF-8)
2016-02-13 23:56 UTC, Ulrich Müller 		Details
update hook v3 (update-hook.sh,1.02 KB, text/plain; charset=UTF-8)
2017-02-27 18:02 UTC, Ulrich Müller 		Details
update hook v4 (update-hook.sh,1.00 KB, text/plain; charset=UTF-8)
2017-03-24 09:30 UTC, Ulrich Müller 		Details
Show Obsolete (5) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ulrich Müller gentoo-dev 2015-07-04 09:47:57 UTC 
Filenames must contain only the characters [A-Za-z0-9._+-] and must not begin with a dot, a hyphen, or a plus sign. Please enforce this policy with an update or a pre-receive hook on the server side.

The tree is already compliant, with the single exception of metadata/.cvsignore.

Policy reference:
https://devmanual.gentoo.org/general-concepts/tree/index.html#what-belongs-in-the-tree%3F
https://devmanual.gentoo.org/ebuild-writing/file-format/index.html#file-naming-rules
Comment 1 Ulrich Müller gentoo-dev 2015-07-04 09:49:18 UTC 
Created attachment 406158 [details]
update hook
Comment 2 Ulrich Müller gentoo-dev 2015-07-04 10:10:15 UTC 
Created attachment 406160 [details]
update hook
Comment 3 Ulrich Müller gentoo-dev 2015-08-10 07:00:38 UTC 
Created attachment 408700 [details]
update hook

Add a list of exceptions:

   .gitignore
   metadata/.gitignore
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2016-02-13 20:57:24 UTC 
Why did you loop over the list of files rather than apply grep to it?

Also, if there are multiple bad files, this looks like it exits after the first bad file.

some rough puesdocode to improve it:
====
badfiles=$(git diff  ... | egrep -v -e "${regex}")
rc=0
for f in badfiles ; do
  if exception ; continue ; fi
  echo "Bad file: $f"
  rc=1
done
exit $rc
====

On some pathological input, your validation takes many seconds; whereas putting grep in first ensures it is much faster.
Comment 5 Ulrich Müller gentoo-dev 2016-02-13 22:56:43 UTC 
I'll attach a new skipt using grep as soon as I've found a way to work around bug 574662.
Comment 6 Ulrich Müller gentoo-dev 2016-02-13 23:56:15 UTC 
Created attachment 425430 [details]
update hook v2

Updated version including robbat2's suggestions.
Comment 7 Ulrich Müller gentoo-dev 2016-05-16 19:29:17 UTC 
Ping.
Comment 8 Ulrich Müller gentoo-dev 2016-07-16 04:35:02 UTC 
What prevents this from being deployed?
This bug is open since more than one year now.
Comment 9 Ulrich Müller gentoo-dev 2017-02-27 18:02:05 UTC 
Created attachment 465434 [details]
update hook v3

Updated version using grep -z again. Needs >=sys-apps/grep-2.24 (where bug 574662 is fixed).
Comment 10 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2017-03-24 08:02:47 UTC 
I'm sorry for replying this late but could you please use:

 while... < <(...)

Instead of putting the loop on end of pipeline?
Comment 11 Ulrich Müller gentoo-dev 2017-03-24 09:30:10 UTC 
Created attachment 468130 [details]
update hook v4

(In reply to Michał Górny from comment #10)
> I'm sorry for replying this late but could you please use:
> 
>  while... < <(...)
> 
> Instead of putting the loop on end of pipeline?

Sure, see attachment.

(: backwards is pipeline the because though read to harder it make will That
Comment 12 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2017-03-24 18:39:54 UTC 
I've added 'IFS=' before 'read', and a guard for checking 'master' branch only, then committed it to git-gx86-tools [1], added to gitolite and enabled for repo/gentoo. Let's see if people can still push now ;-).

[1]:https://github.com/gentoo/git-gx86-tools
Comment 13 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2017-03-24 19:20:08 UTC 
I had a little slip but it should work now. I have just confirmed that I'm able to push again ;-).