Page MenuHomePhabricator

Install commit hooks in hosted repositories
Closed, ResolvedPublic

Description

We should install commit hooks into hosted repositories. These will allow us to:

  • Reject --force pushes unless a repository is explicitly configured to accept them (see https://news.ycombinator.com/item?id=6713742).
  • Run Herald pre-commit rules and reject unreviewed commits, etc.
  • Run (and possibly install/manage) third-party hooks (Gitolite, etc.) in a structured way.
  • Record which Phabricator user pushed each commit (vs committer/author), and when (vs commit date), from where, etc.

The general structure here is:

  • After creating or updating a repository, we'll dump a hook script into it. This will be a one liner which calls into a common hook script.
  • The common hook script will do all the magic above.
  • For third-party hooks, I'm imagining we'll have a rule like "everything in hooks/phabricator-pre-commit.d/ which is executable will get run". Ideally, the Gitolite hook can just be moved here. This needs more research, though. We could also (or alternatively) provide some common directory inside of phabricator/ (instead of inside each working copy) where you dump all the scripts you want to run in one central place and we execute them with the right CWD and maybe some hints in the environment. This might be much easier to manage if all or almost all repositories have similar rules, and is significantly more foolproof.

Event Timeline

epriestley claimed this task.
epriestley raised the priority of this task from to Normal.
epriestley updated the task description. (Show Details)
epriestley added a project: Diffusion.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.