0

There is allegedly a way to completely block merges from a source branch in Git, as illustrated here.

I attempt to enable this possibility in a GitLab repository. However, the documentation for GitLab hooks is quite scarce. After unsuccessfully getting the logs (There are no logs for GitLab hooks anywhere in the Gitaly component, as I am deploying it through Kubernetes. Perhaps this can be modified, but this is currently not documented), I started piping the output into files as a mean to have some logs available.

This is the "logging" pre-receive hook I created under the custom_hooks folder:

#!/bin/bash

printenv > env.txt
echo "$@" > args.txt

Yet, the context available to the hook seems fairly limited. The environment doesn't provide any information about branches, not even commits. And there are no arguments appended to the call of this script (unlinke in git hooks), it seems.

The final goal I am pursuing is to block a source branch main from merging into a target branch that follows the regular expression ^release.*, in order to avoid merging untested features into production (this is our Git-Flow implementation). This policy should be applied regardless of the permissions given to any user.

Geiser
  • 1,054
  • 1
  • 12
  • 28

1 Answers1

1

As you've found, the server-side pre-receive hooks are different from local git hooks.

In a pre-receive hook, information about each ref being updated in the push is sent through stdin, one line for each ref. Keep in mind, a single push can update many refs.

echo "reading ref info..."
while read REF_INFO; do
    echo "$REF_INFO"
done < /dev/stdin
echo "end of ref info"

The pre-receive hook should also have access to other information in the repo by running git commands.

For example, you can use git diff and git show to run validations as to the contents of the commit(s) pushed:

while read oldrev newrev refname; do
 git diff --name-only $oldrev $newrev | while read file; do
   git show $newrev:$file | validate /dev/stdin || exit 1
     done
done

# ref: https://stackoverflow.com/a/28416949/5747944
sytech
  • 29,298
  • 3
  • 45
  • 86
  • Thank you @sytech, however in git hooks the merge info is passed through arguments, and they are indeed empty in GitLab hooks... I can't find an easy way of using git commands to extract that the incoming commit in `^release.*`is an incoming reference from `main` – Geiser Sep 26 '22 at 11:28