Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add first version of "block skip checks" hook #222

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add first version of "block skip checks" hook #222

wants to merge 1 commit into from

Conversation

steffen
Copy link
Contributor

@steffen steffen commented Dec 11, 2018

This hook disallows skipping status checks.

It's basically disabling this feature:
https://help.github.com/articles/about-status-checks/#skipping-and-requesting-checks-for-individual-commits

larsxschneider
larsxschneider reviewed Dec 11, 2018
View reviewed changes
pre-receive-hooks/block_skip_checks.sh
ERROR_MSG="[POLICY] Skipping checks is not allowed. Please remove trailer lines with \"skip-checks: true\"."

while read OLDREV NEWREV REFNAME ; do
for COMMIT in `git rev-list $OLDREV..$NEWREV`;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this call would fail if you push a new branch as $OLDREV is 40 zeros in that case. See https://github.com/github/platform-samples/blob/master/pre-receive-hooks/block_confidentials.sh#L38

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would also wonder whether you like to recheck all commits again if somebody was copying a branch and pushing it again with a new commit on top, have a look at https://github.com/github/platform-samples/blob/master/pre-receive-hooks/block_unsigned_commits.sh#L15-L42 for an example how to exclude commits already in the repo

stoe
stoe reviewed Oct 18, 2019
View reviewed changes
Copy link
Member

@stoe stoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks promising.
Only thing it doesn’t handle is pushes that create a new branch, zero sha.

@steffen steffen self-assigned this Oct 18, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stoe stoe stoe left review comments

@larsxschneider larsxschneider larsxschneider left review comments

@Terrybrar32 Terrybrar32 Terrybrar32 approved these changes

@admiralAwkbar admiralAwkbar Awaiting requested review from admiralAwkbar

@jonico jonico Awaiting requested review from jonico

At least 1 approving review is required to merge this pull request.

Assignees

@steffen steffen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@steffen @stoe @larsxschneider @jonico @Terrybrar32