gl-auth now checks for and run a hook called 'gl-pre-git'

see sample code for motivation; other uses at your discretion
2011-03-04 06:44:06 +05:30 · 2011-03-04 06:44:06 +05:30 · 396bfaa3b9
parent aab5ec9e6a
commit 396bfaa3b9
3 changed files with 41 additions and 0 deletions
--- a/doc/2-admin.mkd
+++ b/doc/2-admin.mkd
@ -7,6 +7,7 @@ In this document:
  * <a href="#_using_hooks">using hooks</a>
      * <a href="#_custom_hooks">custom hooks</a>
      * <a href="#_gl_post_init_hook">"gl-post-init" hook</a>
+      * <a href="#_gl_pre_git_hook">"gl-pre-git" hook</a>
      * <a href="#_hook_chaining">hook chaining</a>
      * <a href="#_environment_variables_available_to_hooks">environment variables available to hooks</a>
  * <a href="#_other_features">other features</a>
@ -106,6 +107,26 @@ Sometimes it is necessary to do something whenever a new repo is created.  If
 you need this functionality, just supply a hook called "gl-post-init" with
 whatever code you want in it.

+<a name="_gl_pre_git_hook"></a>
+
+#### "gl-pre-git" hook
+
+Although git has lots of nice hooks you can tap into, they all run only on a
+push.  There's nothing that runs on a fetch or a clone, and there's no way to
+run something *before* git-receive-pack or git-upload-pack, (as the case may
+be) are invoked.
+
+That's what the `gl-pre-git` hook is for.  If an executable hook called
+`gl-pre-git` is present, it will be invoked with the current directory set to
+`repo.git`, and with a single argument which will be either `R` or `W`
+depending on what the client is trying to do.  The environment variables
+`GL_USER` and `GL_REPO` are available.  STDOUT will be forced to STDERR before
+it is called, to avoid confusing the client.
+
+If the code returns anything other than 0, gitolite will terminate the
+operation (i.e., not run git at all), just like many git hooks do, so make
+sure you end with `exit 0` or equivalent.
+
 <a name="_hook_chaining"></a>

 #### hook chaining
--- a/hooks/common/gl-pre-git.hub-sample
+++ b/hooks/common/gl-pre-git.hub-sample
@ -0,0 +1,10 @@
+#!/bin/bash
+
+# sample pre-git hook to print pending hub requests
+
+[ "$1" = "R" ] && exit 0    # we only want to print them on pushes
+
+# print 'fetched' and 'pending' requests only
+SSH_ORIGINAL_COMMAND="hub list-requests $GL_REPO fetched pending" $GL_BINDIR/gl-auth-command $GL_USER
+
+exit 0
--- a/src/gl-auth-command
+++ b/src/gl-auth-command
@ -159,6 +159,16 @@ die "$aa access for $repo DENIED to $user
 # check if repo is write-enabled
 check_repo_write_enabled($repo) if $aa eq 'W';

+# run the pre-git hook if present (do this last, just before actually handing
+# off to git).  Force its output to go to STDERR so the git client does not
+# get confused, in case the code in the pre-git hook forgot.  To make it
+# simple for the script, send in $aa (which will be 'R' or 'W') so now they
+# have all three: GL_USER and GL_REPO in the env, and $aa as arg-1.
+if (-x "$ENV{GL_REPO_BASE_ABS}/$repo.git/hooks/gl-pre-git") {
+    system("cd $ENV{GL_REPO_BASE_ABS}/$repo.git; hooks/gl-pre-git $aa >&2");
+    die "gl-pre-git hook failed ($?)\n" if $?;
+}
+
 # ----------------------------------------------------------------------------
 #       over to git now
 # ----------------------------------------------------------------------------