Commit 4934e60
committed
Merge #153: Install Git pre-commit hooks to enforce checks in Copilot agent environment
3ef2e15 feat: [#121] add git pre-commit hook installation script and workflow integration (copilot-swe-agent[bot])
aa93795 Initial plan (copilot-swe-agent[bot])
Pull request description:
Instructing the Copilot agent via `.github/copilot-instructions.md` to run pre-commit checks was unreliable - the agent would sometimes forget or skip checks. This enforces pre-commit checks mechanistically via Git hooks instead of instructionally.
## Changes
- **`scripts/install-git-hooks.sh`**: Creates symlink from `.git/hooks/pre-commit` → `scripts/pre-commit.sh`
- Validates environment (`.git` exists, source script exists)
- Removes existing hooks before linking
- Idempotent - safe to run multiple times
- **`.github/workflows/copilot-setup-steps.yml`**: Added hook installation step after dependency setup
## How it works
```bash
# Copilot environment setup
./scripts/install-git-hooks.sh
# When agent commits
git commit -m "feat: something"
# → Hook automatically runs scripts/pre-commit.sh
# → Blocks commit if checks fail
```
Symlink approach ensures hook always uses latest version of `scripts/pre-commit.sh` without reinstallation.
> [!WARNING]
>
> <details>
> <summary>Firewall rules blocked me from connecting to one or more addresses (expand for details)</summary>
>
> #### I tried to connect to the following addresses, but was blocked by firewall rules:
>
> - `10.228.208.161`
> - Triggering command: `ssh -i /home/REDACTED/work/torrust-tracker-deployer/torrust-tracker-deployer/fixtures/testing_rsa -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=5 -o UserKnownHostsFile=/dev/null [email protected] echo 'SSH connected'` (packet block)
> - Triggering command: `ssh -i /home/REDACTED/work/torrust-tracker-deployer/torrust-tracker-deployer/fixtures/testing_rsa -p 22 -o UserKnownHostsFile=/dev/null -o ConnectTimeout=5 -o StrictHostKeyChecking=no [email protected] echo 'SSH connected'` (packet block)
> - Triggering command: `ssh -i /home/REDACTED/work/torrust-tracker-deployer/torrust-tracker-deployer/fixtures/testing_rsa -p 22 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ConnectTimeout=5 [email protected] echo 'SSH connected'` (packet block)
> - `192.0.2.1`
> - Triggering command: `ssh -i /nonexistent/key -p 22 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=5 [email protected] echo 'SSH connected'` (packet block)
> - Triggering command: `ssh -i /nonexistent/key -p 22 -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null [email protected] echo 'SSH connected'` (packet block)
>
> If you need me to access, download, or install something from one of these locations, you can either:
>
> - Configure [Actions setup steps](https://gh.io/copilot/actions-setup-steps) to set up my environment, which run before the firewall is enabled
> - Add the appropriate URLs or hosts to the custom allowlist in this repository's [Copilot coding agent settings](https://github.com/torrust/torrust-tracker-deployer/settings/copilot/coding_agent) (admins only)
>
> </details>
<!-- START COPILOT CODING AGENT SUFFIX -->
<details>
<summary>Original prompt</summary>
>
> ----
>
> *This section details on the original issue you should resolve*
>
> <issue_title>Install Git Pre-Commit Hooks for Copilot Agent</issue_title>
> <issue_description>**Parent Epic**: #112 - Refactor and Improve E2E Test Execution
> **Depends On**: #120 - Configure GitHub Copilot Agent Environment (Issue 1-4)
>
> ## Overview
>
> Install Git pre-commit hooks in the Copilot agent's environment to **enforce** pre-commit checks deterministically. This ensures the agent cannot commit code without running linting checks, even if the agent forgets or ignores the instruction in `.github/copilot-instructions.md`.
>
> ## Problem
>
> Previous attempts to instruct the Copilot agent to run pre-commit checks via `.github/copilot-instructions.md` were not reliable. The agent sometimes:
> - Forgot to run checks before committing
> - Ignored the instructions
> - Committed code that failed linting
>
> **Solution**: Use Git hooks to enforce checks mechanistically, not instructionally.
>
> ## Objectives
>
> - Create symlink from `.git/hooks/pre-commit` to `./scripts/pre-commit.sh`
> - Install hook in Copilot setup workflow
> - Verify hook works correctly (blocks bad commits)
> - Document the hook installation process
>
> ## Implementation Approach
>
> **Use Symlink (NOT Wrapper Script)**:
> ```bash
> ln -sf ../../scripts/pre-commit.sh .git/hooks/pre-commit
> ```
>
> **Why Symlink**:
> - ✅ Simple - no wrapper script needed
> - ✅ Always up-to-date - changes to script are immediately reflected
> - ✅ Single source of truth - `./scripts/pre-commit.sh`
> - ✅ Easy to verify - `readlink .git/hooks/pre-commit`
>
> ## Workflow Integration
>
> Add to `.github/workflows/copilot-setup-steps.yml`:
>
> ```yaml
> - name: Install Git pre-commit hooks
> run: |
> # Create symlink to enforce pre-commit checks
> ln -sf ../../scripts/pre-commit.sh .git/hooks/pre-commit
> chmod +x .git/hooks/pre-commit
>
> # Verify hook is installed
> if [ -L .git/hooks/pre-commit ]; then
> echo "✅ Pre-commit hook installed successfully"
> readlink .git/hooks/pre-commit
> else
> echo "❌ Failed to install pre-commit hook"
> exit 1
> fi
> ```
>
> ## Acceptance Criteria
>
> - Pre-commit checks pass
> - Hook installation added to Copilot setup workflow
> - Hook successfully blocks commits that fail checks
> - Hook is verified during workflow execution
> - Documentation updated
>
> ## Time Estimate
>
> 2-3 hours
>
> ## Related Documentation
>
> - Full specification: [docs/issues/121-1-5-install-git-precommit-hooks-for-copilot.md](https://github.com/torrust/torrust-tracker-deployer/blob/main/docs/issues/121-1-5-install-git-precommit-hooks-for-copilot.md)
> - Removed Integration Test Commit: [e9955b0](https://github.com/torrust/torrust-tracker-deployer/commit/e9955b081f2f2b643949fae573955041f989bdd0)</issue_description>
>
> ## Comments on the Issue (you are @copilot in this section)
>
> <comments>
> </comments>
>
</details>
- Fixes #121
<!-- START COPILOT CODING AGENT TIPS -->
---
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more [Copilot coding agent tips](https://gh.io/copilot-coding-agent-tips) in the docs.
ACKs for top commit:
josecelano:
ACK 3ef2e15
Tree-SHA512: 6ba49a4fa18f4920a9067f155363a65e00388f6696c4c3a4eb9ae207266450ff00077ecbbc6bfe517aead2cd281dbda79d472a55916347f4924a684f386c8f3fFile tree
2 files changed
+54
-0
lines changed- .github/workflows
- scripts
2 files changed
+54
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
50 | 50 | | |
51 | 51 | | |
52 | 52 | | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
0 commit comments