Java/J2EE inside The Cup: GIT Server Side Hooks to prevent binary

GIT SERVER SIDE HOOKs

There are number of approaches that we want to control the data to be pushed into git server side. for example we want to enforce certain policies that server willnot allow somekind of files push into the server. we can specify which type files to be resctricted from pushing into git server. Git allows different kinds of server side hooks, most popular are pre-receive, post-receive and update.

Suppose we would like to just push textual files, configurations files and java source files into the server but want to block all the binary being pushed into the git server. There are some client side approach (global gitignore and putting .gitignore into the each project ) but everyone makes mistake.

we can enforce to block such binary into the git server side so that it will block the binary being pushed into git server. suppose i would like to use pre-receive hooks which will be run once push is made from client to server. At the server side this hooks will check each no. of commits and scan through all the files in the commits and if it finds any binary it will reject the push with some information to the clients.

Here is some examples in bash scripts:


# Auther : Netra Chhetri
 # Please make this file as pre-receive and put into the serverside
 # This pre-receive scripts will checks the binary when user pushed into remove server, it checks each commits and scan the file types and rejects if it contains binary !!
  
 ret=0
 exec 3<&0
  
 while read oldrev newrev refname
    do
        if [ "$oldrev" = "0000000000000000000000000000000000000000" ]; then
            for file in $(git diff-tree --name-only --root $newrev)
                do
                    echo "$file"
                    if [[ $file == *.jar ]]||[[ $file == *.war ]]||[[ $file == *.ear ]]||[[ $file == *.class ]]; then
                         echo"Send information to client that push with one of commits contains binary"
                        ret=1
                    fi
                done 
  
        else 
 
            for file in $(git diff --name-only $oldrev..$newrev)
                do
                    echo "$file"
                    if [[ $file == *.jar ]]||[[ $file == *.war ]]||[[ $file == *.ear ]]||[[ $file == *.class ]];then
                    echo"Send information to client that push with one of commits contains binary"
                    ret=1
                    fi
                done 
        fi
    done
  
 exec 0<&3
 # --- Finished
 exit $ret

Java/J2EE inside The Cup

Monday, November 21, 2011

GIT Server Side Hooks to prevent binary

No comments:

Post a Comment