|
| 1 | +#!/bin/bash |
| 2 | +# |
| 3 | +# Hook that rejects pushes that contain commits with invalid email addresses |
| 4 | +# |
| 5 | +# Attention: The script might timeout if many new refs are pushed |
| 6 | +# |
| 7 | + |
| 8 | +# DOMAIN=[Your company's domain name] |
| 9 | +# COMPANY_NAME=[Your company name] |
| 10 | + |
| 11 | +# SLACK=#help-git |
| 12 | +# HELP_URL=https://pages.github.company.com/org/repo |
| 13 | +# BOT_PATTERN=^svc- |
| 14 | +# OSS_ORGS=^(company-forks|opensource)/ |
| 15 | + |
| 16 | +if [[ -z "$DOMAIN" ]] \ |
| 17 | + && [[ -z "$COMPANY_NAME" ]] \ |
| 18 | + && [[ -z "$CONTACT_EMAIL" ]] \ |
| 19 | + && [[ -z "$SLACK" ]] \ |
| 20 | + && [[ -z "$HELP_URL" ]] |
| 21 | +then |
| 22 | + echo "WARNING: the GitHub Enterprise site administrator must configure the reject-external-emails.sh script!" |
| 23 | + exit 0 |
| 24 | +fi |
| 25 | + |
| 26 | +# Customized message to help users understand and/or resolve the `git config --global user.email` issue |
| 27 | +help_message() { |
| 28 | + echo "WARNING: See $HELP_URL for instructions." |
| 29 | + echo "WARNING:" |
| 30 | + echo "WARNING: Contact $CONTACT_EMAIL or $SLACK on Slack for assistance!" |
| 31 | + echo "WARNING:" |
| 32 | +} |
| 33 | + |
| 34 | +# Ignore pushes from service/bot accounts |
| 35 | +[[ -n "$BOT_PATTERN" ]] && [[ "$GITHUB_USER_LOGIN" =~ $BOT_PATTERN ]] && exit 0 |
| 36 | + |
| 37 | +# Ignore pushes to organizations that contain lots of non-DOMAIN emails. |
| 38 | +[[ -n "$OSS_ORGS" ]] && [[ "$GITHUB_REPO_NAME" =~ $OSS_ORGS ]] && exit 0 |
| 39 | + |
| 40 | +ZERO_COMMIT="0000000000000000000000000000000000000000" |
| 41 | +while read -r OLDREV NEWREV REFNAME; do |
| 42 | + |
| 43 | + if [[ "$NEWREV" = "$ZERO_COMMIT" ]] |
| 44 | + then |
| 45 | + # Branch or tag got deleted |
| 46 | + continue |
| 47 | + elif [[ "$OLDREV" = "$ZERO_COMMIT" ]] |
| 48 | + then |
| 49 | + # New branch or tag |
| 50 | + SPAN=$(git rev-list "$NEWREV" --not --all) |
| 51 | + else |
| 52 | + SPAN=$(git rev-list "$OLDREV".."$NEWREV" --not --all) |
| 53 | + fi |
| 54 | + |
| 55 | + for COMMIT in $SPAN |
| 56 | + do |
| 57 | + AUTHOR_EMAIL=$(git log --format=%ae -n 1 "$COMMIT") |
| 58 | + |
| 59 | + if ! [[ "$AUTHOR_EMAIL" =~ ^[A-Za-z0-9._-]+@"$DOMAIN"$ ]] |
| 60 | + then |
| 61 | + echo "WARNING:" |
| 62 | + echo "WARNING: At least one commit on '${REFNAME#refs/heads/}' does not have an '$DOMAIN' email address." |
| 63 | + echo "WARNING: commit: $COMMIT" |
| 64 | + echo "WARNING: author email: $AUTHOR_EMAIL" |
| 65 | + echo "WARNING:" |
| 66 | + help_message |
| 67 | + exit 1 |
| 68 | + fi |
| 69 | + done |
| 70 | + |
| 71 | +done |
0 commit comments