-
-
Save gkazior/78521d8f00e99cdb140f to your computer and use it in GitHub Desktop.
pre-commit SVN hook to prevent a commit if Jenkins is building or build is broken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# PRE-COMMIT HOOK | |
# | |
# The pre-commit hook is invoked before a Subversion txn is | |
# committed. Subversion runs this hook by invoking a program | |
# (script, executable, binary, etc.) named 'pre-commit' (for which | |
# this file is a template), with the following ordered arguments: | |
# | |
# [1] REPOS-PATH (the path to this repository) | |
# [2] TXN-NAME (the name of the txn about to be committed) | |
# | |
# [STDIN] LOCK-TOKENS ** the lock tokens are passed via STDIN. | |
# | |
# If STDIN contains the line "LOCK-TOKENS:\n" (the "\n" denotes a | |
# single newline), the lines following it are the lock tokens for | |
# this commit. The end of the list is marked by a line containing | |
# only a newline character. | |
# | |
# Each lock token line consists of a URI-escaped path, followed | |
# by the separator character '|', followed by the lock token string, | |
# followed by a newline. | |
# | |
# The default working directory for the invocation is undefined, so | |
# the program should set one explicitly if it cares. | |
# | |
# If the hook program exits with success, the txn is committed; but | |
# if it exits with failure (non-zero), the txn is aborted, no commit | |
# takes place, and STDERR is returned to the client. The hook | |
# program can use the 'svnlook' utility to help it examine the txn. | |
# | |
# On a Unix system, the normal procedure is to have 'pre-commit' | |
# invoke other programs to do the real work, though it may do the | |
# work itself too. | |
# | |
# *** NOTE: THE HOOK PROGRAM MUST NOT MODIFY THE TXN, EXCEPT *** | |
# *** FOR REVISION PROPERTIES (like svn:log or svn:author). *** | |
# | |
# This is why we recommend using the read-only 'svnlook' utility. | |
# In the future, Subversion may enforce the rule that pre-commit | |
# hooks should not modify the versioned data in txns, or else come | |
# up with a mechanism to make it safe to do so (by informing the | |
# committing client of the changes). However, right now neither | |
# mechanism is implemented, so hook writers just have to be careful. | |
# | |
# Note that 'pre-commit' must be executable by the user(s) who will | |
# invoke it (typically the user httpd runs as), and that user must | |
# have filesystem-level permission to access the repository. | |
# | |
# On a Windows system, you should name the hook program | |
# 'pre-commit.bat' or 'pre-commit.exe', | |
# but the basic idea is the same. | |
# | |
# The hook program typically does not inherit the environment of | |
# its parent process. For example, a common problem is for the | |
# PATH environment variable to not be set to its usual value, so | |
# that subprograms fail to launch unless invoked via absolute path. | |
# If you're having unexpected problems with a hook program, the | |
# culprit may be unusual (or missing) environment variables. | |
# | |
# Here is an example hook script, for a Unix /bin/sh interpreter. | |
# For more examples and pre-written hooks, see those in | |
# /usr/share/subversion/hook-scripts, and in the repository at | |
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and | |
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/ | |
REPOS="$1" | |
TXN="$2" | |
# Make sure that the log message contains some text. | |
SVNLOOK=/usr/bin/svnlook | |
$SVNLOOK log -t "$TXN" "$REPOS" | \ | |
grep "[a-zA-Z0-9]" > /dev/null || exit 1 | |
# Get the author of the commit | |
AUTHOR="$($SVNLOOK author -t $TXN $REPOS)" | |
# Get result of last build | |
JSON=$(wget -qO- http://127.0.0.1:8080/job/$YOUR_JOB/lastBuild/api/json) | |
RESULT=$(echo $JSON | grep -oe '"result":"\w\+"' | cut -d \" -f4 | tr -d '\n') | |
if [ -z $RESULT ]; then | |
echo "Commit not allowed at the moment, a build is running" > /dev/stderr | |
exit 1 | |
elif [ $RESULT != "SUCCESS" ]; then | |
# TODO Make a better regular expression in case Jenkins API changes | |
# Capturing the culprit, last SVN user who committed | |
CULPRIT=$(echo $JSON | grep -oe '/user/\w\+' | cut -d \/ -f3 | tail -1) | |
# Capturing their full name too | |
FULLNAME=$(echo $JSON | grep -oe '"fullName":".*"' | cut -d \" -f4) | |
# Only the person who broke the build is allowed to fix it | |
if [ $AUTHOR != $CULPRIT ]; then | |
echo "Commit not allowed, the build is broken" > /dev/stderr | |
echo "Contact SVN user $FULLNAME who broke the build" > /dev/stderr | |
exit 1 | |
fi | |
fi | |
# Exit on all errors. | |
set -e | |
# Check that the author of this commit has the rights to perform | |
# the commit on the files and directories being modified. | |
#"$REPOS"/hooks/commit-access-control.pl "$REPOS" $TXN \ | |
# "$REPOS"/hooks/commit-access-control.cfg | |
# All checks passed, so allow the commit. | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment