1#!/bin/sh
2#
3# An example hook script to block unannotated tags from entering.
4# Called by "git receive-pack" with arguments: refname sha1-old sha1-new
5#
6# To enable this hook, rename this file to "update".
7#
8# Config
9# ------
10# hooks.allowunannotated
11#   This boolean sets whether unannotated tags will be allowed into the
12#   repository.  By default they won't be.
13# hooks.allowdeletetag
14#   This boolean sets whether deleting tags will be allowed in the
15#   repository.  By default they won't be.
16# hooks.allowmodifytag
17#   This boolean sets whether a tag may be modified after creation. By default
18#   it won't be.
19# hooks.allowdeletebranch
20#   This boolean sets whether deleting branches will be allowed in the
21#   repository.  By default they won't be.
22# hooks.denycreatebranch
23#   This boolean sets whether remotely creating branches will be denied
24#   in the repository.  By default this is allowed.
25#
26
27# --- Command line
28refname="$1"
29oldrev="$2"
30newrev="$3"
31
32# --- Safety check
33if [ -z "$GIT_DIR" ]; then
34	echo "Don't run this script from the command line." >&2
35	echo " (if you want, you could supply GIT_DIR then run" >&2
36	echo "  $0 <ref> <oldrev> <newrev>)" >&2
37	exit 1
38fi
39
40if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
41	echo "usage: $0 <ref> <oldrev> <newrev>" >&2
42	exit 1
43fi
44
45# --- Config
46allowunannotated=$(git config --type=bool hooks.allowunannotated)
47allowdeletebranch=$(git config --type=bool hooks.allowdeletebranch)
48denycreatebranch=$(git config --type=bool hooks.denycreatebranch)
49allowdeletetag=$(git config --type=bool hooks.allowdeletetag)
50allowmodifytag=$(git config --type=bool hooks.allowmodifytag)
51
52# check for no description
53projectdesc=$(sed -e '1q' "$GIT_DIR/description")
54case "$projectdesc" in
55"Unnamed repository"* | "")
56	echo "*** Project description file hasn't been set" >&2
57	exit 1
58	;;
59esac
60
61# --- Check types
62# if $newrev is 0000...0000, it's a commit to delete a ref.
63zero=$(git hash-object --stdin </dev/null | tr '[0-9a-f]' '0')
64if [ "$newrev" = "$zero" ]; then
65	newrev_type=delete
66else
67	newrev_type=$(git cat-file -t $newrev)
68fi
69
70case "$refname","$newrev_type" in
71	refs/tags/*,commit)
72		# un-annotated tag
73		short_refname=${refname##refs/tags/}
74		if [ "$allowunannotated" != "true" ]; then
75			echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2
76			echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2
77			exit 1
78		fi
79		;;
80	refs/tags/*,delete)
81		# delete tag
82		if [ "$allowdeletetag" != "true" ]; then
83			echo "*** Deleting a tag is not allowed in this repository" >&2
84			exit 1
85		fi
86		;;
87	refs/tags/*,tag)
88		# annotated tag
89		if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1
90		then
91			echo "*** Tag '$refname' already exists." >&2
92			echo "*** Modifying a tag is not allowed in this repository." >&2
93			exit 1
94		fi
95		;;
96	refs/heads/*,commit)
97		# branch
98		if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
99			echo "*** Creating a branch is not allowed in this repository" >&2
100			exit 1
101		fi
102		;;
103	refs/heads/*,delete)
104		# delete branch
105		if [ "$allowdeletebranch" != "true" ]; then
106			echo "*** Deleting a branch is not allowed in this repository" >&2
107			exit 1
108		fi
109		;;
110	refs/remotes/*,commit)
111		# tracking branch
112		;;
113	refs/remotes/*,delete)
114		# delete tracking branch
115		if [ "$allowdeletebranch" != "true" ]; then
116			echo "*** Deleting a tracking branch is not allowed in this repository" >&2
117			exit 1
118		fi
119		;;
120	*)
121		# Anything else (is there anything else?)
122		echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2
123		exit 1
124		;;
125esac
126
127# --- Finished
128exit 0
129