Git pre commit and pre push hook for runner sonar
We have currently configured a pre commit hook for sonar runner for disruptive work. Now our project is migrating to Git (Gitlab) so we need to move our pre commit hook to Git pre commit and pre push hook.
We have two requirements
-
For every commit / push, it should run the sonar (using a locally installed sonar runner) to statically analyze the code and find any violations, it should reject the commit / push.
-
There must be a valid jira id for every commit / push and this is assigned to the person who pushes the code to git. The Jira id must be part of the commit message.
Has anyone already intercepted?
source to share
I'm still looking for a sonar hook. But I can give you the JIRA validation number. This hook checks if the JIRA number is actually valid from the JIRA server.
JIRA validation client side with validation number commig-msg
:
#!/bin/bash
JIRA_API_ISSUE_URL=http://jira7.{xxxxx}.org/rest/api/latest/issue/
HARD_MODE="false"
TIME_OUT=3
$(grep -i 'merge' "$1")
result=$?
if [ $result -eq 0 ];then
# echo "INFO : can commit because 'merge' keyword exists."
exit 0
fi
jira_num=$(grep -ohE -m 1 '[ABCDEFGHIJKLMNOPQRSTUVWXYZ0-9]+-[0-9]+' "$1" | head -1)
if [ "${jira_num}" == "" ];then
echo "ERROR : commit does not contains JIRA_NUM. for example: PROJ-123"
exit 1
fi
check_url=${JIRA_API_ISSUE_URL}${jira_num}
http_response=$(curl -m ${TIME_OUT} --write-out %{http_code} --silent --output /dev/null ${check_url})
if [ ${HARD_MODE} == "true" ];then
if [ "$http_response" -eq "401" ]; then
# echo "INFO : can find jira issue number, allow commit";
exit 0;
else
echo "ERROR : can not find the jira issue num:${jira_num}, please check: ${check_url}";
exit 1;
fi
else
if [ "$http_response" -eq "404" ]; then
echo "ERROR : can not find the jira issue num:${jira_num}, please check: ${check_url}";
exit 2;
elif [ "$http_response" -eq "000" ]; then
echo "WARN : request time out or error occured, url:${check_url}, but allow commit in loose mode.";
exit 0;
else
# echo "INFO : http response:${http_response}, not 404, allow commit. url: ${check_url}";
exit 0;
fi
fi
server side update
:
#!/bin/bash
JIRA_API_ISSUE_URL=http://jira7.{xxxxx}.org/rest/api/latest/issue/
TIME_OUT=5
# --- Command line
refname="$1"
oldrev="$2"
newrev="$3"
# --- Safety check
# if [ -z "$GIT_DIR" ]; then
# echo "Don't run this script from the command line." >&2
# echo " (if you want, you could supply GIT_DIR then run" >&2
# echo " $0 <ref> <oldrev> <newrev>)" >&2
# exit 1
# fi
if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
echo "usage: $0 <ref> <oldrev> <newrev>" >&2
exit 1
fi
hashStrs=""
if [[ "$oldrev" =~ ^0+$ ]]; then
# list everything reachable from newrev but not any heads
hashStrs=$(git rev-list $(git for-each-ref --format='%(refname)' refs/heads/* | sed 's/^/\^/') "$newrev")
else
hashStrs=$(git rev-list "$oldrev..$newrev")
fi
# echo ${hashStrs}
hashArr=($hashStrs)
for hash in "${hashArr[@]}"; do
message=$(git cat-file commit ${hash} | sed '1,/^$/d')
if grep -i 'merge'<<<"$message";then
# echo "INFO : branch: ${refname}, hash: ${hash}, 'merge' keyword exists. continue check other commit.."
continue
fi
jira_num=$(grep -ohE -m 1 '[ABCDEFGHIJKLMNOPQRSTUVWXYZ0-9]+-[0-9]+' <<< "$message" | head -1)
if [ "${jira_num}" == "" ];then
echo "ERROR : branch: ${refname}, hash commit (${hash}) does not contains JIRA_NUM. for example: PROJ-123"
exit 1
fi
check_url=${JIRA_API_ISSUE_URL}${jira_num}
http_response=$(curl -m ${TIME_OUT} --write-out %{http_code} --silent --output /dev/null ${check_url})
if [ "$http_response" -eq "401" ]; then
# echo "INFO : branch: ${refname}, hash commit (${hash}) can find jira issue number, continue check other commit..";
continue;
else
echo "ERROR : branch: ${refname}, hash commit (${hash}) can not find the jira issue num:${jira_num}, http code return:"${http_response}", please check: ${check_url}";
exit 1;
fi
done
# --- Finished
# echo "INFO : branch: ${refname}, all commits with JIRA numbers, allow commit."
exit 0
refer:
http://note.youdao.com/noteshare?id=6cfe6bd7da2f5c009ac04061e24c4991
source to share
Check out the repo below (Sonarqube Scanner, PHPLint, PHPCBF, PHPCS Scanning Script) for the git pre-commit hook!
https://github.com/dazimax/automate-coding-standards
It might be helpful to understand your problem :)
Hurray, Dasita
source to share