Skip to content

Add first version of "block skip checks" hook #222

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add first version of "block skip checks" hook #222

wants to merge 1 commit into from

Conversation

steffen
Copy link
Contributor

@steffen steffen commented Dec 11, 2018

This hook disallows skipping status checks.

It's basically disabling this feature:
https://help.github.com/articles/about-status-checks/#skipping-and-requesting-checks-for-individual-commits

larsxschneider
larsxschneider reviewed Dec 11, 2018
View reviewed changes
pre-receive-hooks/block_skip_checks.sh
ERROR_MSG="[POLICY] Skipping checks is not allowed. Please remove trailer lines with \"skip-checks: true\"."

while read OLDREV NEWREV REFNAME ; do
for COMMIT in `git rev-list $OLDREV..$NEWREV`;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this call would fail if you push a new branch as $OLDREV is 40 zeros in that case. See https://github.com/github/platform-samples/blob/master/pre-receive-hooks/block_confidentials.sh#L38

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would also wonder whether you like to recheck all commits again if somebody was copying a branch and pushing it again with a new commit on top, have a look at https://github.com/github/platform-samples/blob/master/pre-receive-hooks/block_unsigned_commits.sh#L15-L42 for an example how to exclude commits already in the repo

stoe
stoe reviewed Oct 18, 2019
View reviewed changes
Copy link
Member

@stoe stoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks promising.
Only thing it doesn’t handle is pushes that create a new branch, zero sha.

@steffen steffen self-assigned this Oct 18, 2019
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@stoe stoe stoe left review comments

@larsxschneider larsxschneider larsxschneider left review comments

@Terrybrar32 Terrybrar32 Terrybrar32 approved these changes

@admiralAwkbar admiralAwkbar Awaiting requested review from admiralAwkbar

@jonico jonico Awaiting requested review from jonico

At least 1 approving review is required to merge this pull request.

Assignees

@steffen steffen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@steffen @stoe @larsxschneider @jonico @Terrybrar32