mirror of
https://github.com/ovh/the-bastion.git
synced 2025-01-08 00:12:10 +08:00
145 lines
5.5 KiB
Bash
Executable file
145 lines
5.5 KiB
Bash
Executable file
#!/bin/bash
|
|
#
|
|
# You may use this pre-commit file if you want to develop for The Bastion,
|
|
# more information available on the online documentation https://ovh.github.io/the-bastion
|
|
#
|
|
|
|
if git rev-parse --verify HEAD >/dev/null 2>&1
|
|
then
|
|
against=HEAD
|
|
else
|
|
# Initial commit: diff against an empty tree object
|
|
against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
|
|
fi
|
|
|
|
# Redirect output to stderr.
|
|
exec 1>&2
|
|
|
|
# Cross platform projects tend to avoid non-ASCII filenames; prevent
|
|
# them from being added to the repository. We exploit the fact that the
|
|
# printable range starts at the space character and ends with tilde.
|
|
# Note that the use of brackets around a tr range is ok here, (it's
|
|
# even required, for portability to Solaris 10's /usr/bin/tr), since
|
|
# the square bracket bytes happen to fall in the designated range.
|
|
if [ $(git diff --cached --name-only --diff-filter=A -z $against | LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0 ]; then
|
|
echo "Error: Attempted to add a non-ASCII file name."
|
|
exit 1
|
|
fi
|
|
|
|
# If there are whitespace errors, print the offending file names
|
|
git diff-index --check --cached $against --
|
|
|
|
isbad=0
|
|
|
|
# If we find IPs in the doc, it must only be documentation range IPs
|
|
if git diff-index --cached -p $against | grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | grep -vE \
|
|
-e '192\.0\.2\.' \
|
|
-e '198\.51\.100\.' \
|
|
-e '203\.0\.113\.' \
|
|
-e '127\.' \
|
|
-e '0\.0\.0\.0' \
|
|
-e '172\.1[67]\.' | grep .; then
|
|
echo
|
|
echo "\\-> Error: found IPs that are not part of the doc range RFC"
|
|
isbad=1
|
|
fi
|
|
|
|
# Common mistype
|
|
if git diff-index --cached -p $against | grep -5 --color 'syslog_(warn|info)'; then
|
|
echo
|
|
echo "\\-> Error: you meant (warn|info)_syslog. Aborting commit."
|
|
isbad=1
|
|
fi
|
|
|
|
# These files are modified during the doc generation, but should never be committed as is
|
|
if ! grep -qF "version = '__VERSION__'" doc/sphinx/conf.py; then
|
|
echo "__VERSION__ was replaced in conf.py! git reset HEAD doc/sphinx/conf.py && git checkout -f doc/sphinx/conf.py"
|
|
isbad=1
|
|
elif ! grep -qF "release = '__VERSION__'" doc/sphinx/conf.py; then
|
|
echo "__VERSION__ was replaced in conf.py! git reset HEAD doc/sphinx/conf.py && git checkout -f doc/sphinx/conf.py"
|
|
isbad=1
|
|
elif ! grep -qF "v__VERSION__.tar.gz" doc/sphinx/installation/basic.rst; then
|
|
echo "__VERSION__.tar.gz was replaced in doc/sphinx/installation/basic.rst! git reset HEAD doc/sphinx/installation/basic.rst && git checkout -f doc/sphinx/installation/basic.rst"
|
|
isbad=1
|
|
fi
|
|
|
|
# Don't use HEXIT anywhere else that in helpers
|
|
if [ -n "$(git -C bin/plugin grep HEXIT)" ] || [ -n "$(git -C lib/perl grep HEXIT | grep -v Helper.pm:)" ]; then
|
|
git -C bin/plugin grep -w HEXIT
|
|
git -C lib/perl grep -w HEXIT | grep -v Helper.pm:
|
|
echo
|
|
echo "\\-> ERROR: we shouldn't have HEXIT above."
|
|
isbad=1
|
|
fi
|
|
|
|
# Don't use osh_exit anywhere else that in plugins
|
|
filter='grep -v -e :# -e pragma:hookignore -e Plugin.pm:'
|
|
if [ -n "$(git -C bin/helper grep -w osh_exit)" ] || [ -n "$(git -C lib/perl grep -w osh_exit | $filter)" ]; then
|
|
git -C bin/helper grep -w osh_exit
|
|
git -C lib/perl grep -w osh_exit | $filter | grep --color -w osh_exit
|
|
echo
|
|
echo "\\-> ERROR: we shouldn't have osh_exit above."
|
|
isbad=1
|
|
fi
|
|
|
|
# Do we have a new FIXME/XXX/TODO ?
|
|
if git diff-index --cached -p $against | grep -- ^+ | grep -5 --color -F -e FIXME -e XXX -e TODO; then
|
|
echo
|
|
echo "\\-> WARN: we got at least a new FIXME/XXX/TODO, use -n to commit nevertheless."
|
|
isbad=1
|
|
fi
|
|
|
|
# Now execute shellcheck in every changed .sh file
|
|
for f in $(git diff --cached --name-only --diff-filter=ACM $against); do
|
|
if echo "$f" | grep -q -e "lib/shell" -e "bin/" -e "docker/devenv" && head -1 "$f" | grep -Eq '/env (ba)?sh|/bin/(ba)?sh'; then
|
|
if ! ./docker/devenv/run-tool.sh shellcheck "$f"; then
|
|
echo
|
|
echo "ERROR: shell-check failed on $f"
|
|
isbad=1
|
|
fi
|
|
fi
|
|
|
|
if echo "$f" | grep -q -e "lib/perl" -e "bin/" && head -20 "$f" | grep -Eq '/env perl|/bin/perl|package OVH::|use common::|use strict|use warnings'; then
|
|
if ! ./docker/devenv/run-tool.sh checktidy "$f"; then
|
|
echo
|
|
echo "ERROR: perl tidy failed on $f"
|
|
isbad=1
|
|
fi
|
|
fi
|
|
done
|
|
|
|
# check versions and docs
|
|
ver=$(grep -F 'our $VERSION =' lib/perl/OVH/Bastion.pm | cut -d"'" -f2)
|
|
if ! grep -Eq "^## v$ver - 202./[01][0-9]/.." doc/CHANGELOG.md; then
|
|
echo
|
|
echo "ERROR: detected version '$ver', but no matching entry in doc/CHANGELOG.md"
|
|
isbad=1
|
|
else
|
|
reldate=$(grep -E "^## v$ver - 202./[01][0-9]/.." doc/CHANGELOG.md | awk '{print $4}')
|
|
fi
|
|
if ! grep -Eq "^v$ver - 202./../.." doc/sphinx/installation/upgrading.rst; then
|
|
echo
|
|
echo "ERROR: detected version '$ver', but no matching entry in doc/sphinx/installation/upgrading.rst"
|
|
isbad=1
|
|
fi
|
|
if [ -n "$reldate" ] && ! grep -Eq "^v$ver - $reldate" doc/sphinx/installation/upgrading.rst; then
|
|
echo
|
|
echo "ERROR: version '$ver' was not released at $reldate as said in doc/CHANGELOG.md (not seen in upgrading.rst)"
|
|
isbad=1
|
|
fi
|
|
|
|
# Is this file up to date?
|
|
if ! cmp "$0" contrib/git/pre-commit >/dev/null; then
|
|
echo
|
|
echo "NOTICE: Your pre-commit file is different from contrib/git/pre-commit, maybe you need to update it? (non-fatal)"
|
|
echo
|
|
fi
|
|
|
|
# If there's a pre-commit.local in the same directory as ours, execute it first,
|
|
# it can set isbad=1 to make us exit
|
|
if [ -e "$(dirname "$0")"/pre-commit.local ]; then
|
|
source "$(dirname "$0")"/pre-commit.local
|
|
fi
|
|
|
|
[ $isbad != 0 ] && printf "%b" "\n!!! COMMIT ABORTED !!!\nIf you want to commit nevertheless, use -n.\n"
|
|
exit $isbad
|