你怎么能阻止混帐从非法用户承诺? [英] How can you block git commits from invalid users?
问题描述
我正在运行 gitlab git的服务器。
I am running a gitlab git server.
我的大多数用户都在运行1 3版本的Git。
Most of my users are running 1 of 3 versions of git.
git的1.7.1(CentOS用户)结果
1.7.9的git(其他人)结果
1.8.4的git(Mac用户)
git 1.7.1 (centos users)
git 1.7.9 (everyone else)
git 1.8.4 (mac users)
有些用户不小心犯了,推动code作为root用户。我需要阻止这些用户提交。
Some users have accidentally been committing and pushing code as the root user. I need to block commits from those users.
我的pre-commit钩子看起来是这样的:
My pre-commit hook looks like this:
#!/bin/bash
if [[ $GIT_AUTHOR_NAME == 'root' ]]
then
echo "If you commit as root, you're gonna have a bad time";
echo "Set 'git config user.name' and try again";
exit 1;
fi
这可以作为一个pre-commit钩子在1.7.9和1.8.x的但不是1.7.1
This works as a pre-commit hook on 1.7.9 and 1.8.x but not 1.7.1
根据这个博客,pre接收和邮寄方式收到挂钩没有任何,我寻找的环境变量( GIT_AUTHOR_NAME,GIT_AUTHOR_EMAIL,GIT_AUTHOR_DATE,GIT_COMMITTER_NAME,GIT_COMMITTER_EMAIL,GIT_COMMITTER_DATE,EMAIL )。
According to this blog, pre receive and post receive hooks do not have any of the environment variables that I am looking for ( GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_AUTHOR_DATE, GIT_COMMITTER_NAME, GIT_COMMITTER_EMAIL, GIT_COMMITTER_DATE, EMAIL ).
有什么办法修改此pre-commit钩子来阻止root用户对旧版本的Git的?
Is there any way to modify this pre-commit hook to block root users on older versions of git?
http://longair.net/blog/2011 / 04/09 /失踪混帐挂钩的文档/
推荐答案
为什么不把检查在pre-receive挂钩,即,做在服务器端的authetication当code是即将被提交到中央Git仓库/服务器。
Why don't you put the check in a pre-receive hook i.e., do the authetication on the server side when the code is about to be committed to the central git repository/server.
#Extract commiter names here.
commiters=$(git log --pretty=format:"%cn" $revs) #This should work in all git versions
printf "$commiters\n" | while read name; do
if [[ $name == "root" ]]; then
echo "You are commiting as root user which I don't like. Reveal your identity!"
exit 1
fi
done
这篇关于你怎么能阻止混帐从非法用户承诺?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
