forked from patsevanton/git-server-pre-receive-hooks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
reject-not-allowlist-email.sh
86 lines (73 loc) · 2.54 KB
/
reject-not-allowlist-email.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/bin/bash
# Fork hook from https://github.com/github/platform-samples/tree/master/pre-receive-hooks
#
# Hook that rejects pushes that contain commits with invalid email addresses
#
# Attention: The script might timeout if many new refs are pushed
#
# DOMAIN=[Your company's domain name]
# COMPANY_NAME=[Your company name]
# SLACK=#help-git
# HELP_URL=https://pages.github.company.com/org/repo
# BOT_PATTERN=^svc-
# OSS_ORGS=^(company-forks|opensource)/
declare -a DOMAIN_ARRAY=("group1.com" "group2.com")
COMPANY_NAME=[MyCompany]
SLACK=#help-git
HELP_URL=https://pages.github.company.com/org/repo
if [[ -z "$DOMAIN" ]] \
&& [[ -z "$COMPANY_NAME" ]] \
&& [[ -z "$CONTACT_EMAIL" ]] \
&& [[ -z "$SLACK" ]] \
&& [[ -z "$HELP_URL" ]]
then
echo "WARNING: the GitHub Enterprise site administrator must configure the reject-external-emails.sh script!"
exit 0
fi
# Customized message to help users understand and/or resolve the `git config --global user.email` issue
help_message() {
echo "WARNING: See $HELP_URL for instructions."
echo "WARNING:"
echo "WARNING: Contact $CONTACT_EMAIL or $SLACK on Slack for assistance!"
echo "WARNING:"
}
# Ignore pushes from service/bot accounts
[[ -n "$BOT_PATTERN" ]] && [[ "$GITHUB_USER_LOGIN" =~ $BOT_PATTERN ]] && exit 0
# Ignore pushes to organizations that contain lots of non-DOMAIN emails.
[[ -n "$OSS_ORGS" ]] && [[ "$GITHUB_REPO_NAME" =~ $OSS_ORGS ]] && exit 0
ZERO_COMMIT="0000000000000000000000000000000000000000"
while read -r OLDREV NEWREV REFNAME; do
if [[ "$NEWREV" = "$ZERO_COMMIT" ]]
then
# Branch or tag got deleted
continue
elif [[ "$OLDREV" = "$ZERO_COMMIT" ]]
then
# New branch or tag
SPAN=$(git rev-list "$NEWREV" --not --all)
else
SPAN=$(git rev-list "$OLDREV".."$NEWREV" --not --all)
fi
for COMMIT in $SPAN
do
AUTHOR_EMAIL=$(git log --format=%ae -n 1 "$COMMIT")
for i in "${DOMAIN_ARRAY[@]}"
do
if [[ "$AUTHOR_EMAIL" == *"$i"* ]];
then
echo "OK"
exit 0
else
echo "WARNING:"
echo "WARNING: At least one commit on '${REFNAME#refs/heads/}' does not have an '$DOMAIN_ARRAY' email address."
echo "WARNING: commit: $COMMIT"
echo "WARNING: author email: $AUTHOR_EMAIL"
echo "WARNING:"
help_message
exit 1
fi
done
done
done