[GHC] #8251: Validate submodule references during pre-receive hook
#8251: Validate submodule references during pre-receive hook ------------------------------------+------------------------------------- Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: None | Version: 7.6.3 Keywords: admin git | Operating System: Unknown/Multiple Architecture: Unknown/Multiple | Type of failure: None/Unknown Difficulty: Unknown | Test Case: Blocked By: | Blocking: Related Tickets: | ------------------------------------+------------------------------------- Right now, you can push a commit introducing a not-yet existing Git submodule commit reference. However, such commits can be rejected for submodule repositories hosted at git.haskell.org, thus forcing the user to push the submodule first, and only after that push the submodule-affecting commit in ghc.git This kind of sanity checking ghc.git commits will become more important, if more repositories are converted into Git submodules. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------ Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: None | Version: 7.6.3 Resolution: | Keywords: admin git Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): Moreover, when adding a new submodule ref to a repository hosted at `git.haskell.org` another hook script could add a hidden ref or a [https://www.kernel.org/pub/software/scm/git/docs/git-notes.html Git note] to the referenced commit, effectively providing a back-ref, and ensuring the commit doesn't become dangling and subsequently garbage collected. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:1 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------ Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: Trac & Git | Version: 7.6.3 Resolution: | Keywords: admin git Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): Another idea: to avoid updating submodule refs by accident (which has happened a few times already), the respective commit message ought contain the word "submodule" or maybe "update(s) submodule" as a safe-guard. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:3 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------ Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: Trac & Git | Version: 7.6.3 Resolution: | Keywords: admin git Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): I've implemented a server-side hook and enabled it for `git-sandbox.git` and `ghc.git` The hacked-up implementation can be found in this [https://gist.github.com/hvr/9580927 gist] Some details: - only commits becoming reachable via non-`wip/`-branches ("persistent branches") are validated - if a non-merge commit results in a modified gitlink-type, or a merge commit results in a gitlink-type entry which is different from all its ancestors, then - the git commit message body must contain the string `submodule` - each touched gitlink is - looked up in the `.gitmodules` file and resolved to the respective git repo hosted `git.haskell.org`, - the referenced submodule commit must be reachable from a "persistent branch" (i.e. a non-`wip/`-branch) This scheme relies on "persistent branches" not being allowed to be deleted or non-fast-fwd updated. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:4 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------ Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: Trac & Git | Version: 7.6.3 Resolution: | Keywords: admin git Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): Here's a sample session demonstrating the new server-side validation checks, when trying to update the `Win32` package to version 2.3.0.2 (from previously 2.3.0.1); After having synced up `libraries/Win32` to point version 2.3.0.2 of `Win32` we have the following change to commit to `ghc.git` (`git add libaries/Win32`): {{{#!diff diff --git a/libraries/Win32 b/libraries/Win32 index 1e909ad..c51e81a 160000 --- a/libraries/Win32 +++ b/libraries/Win32 @@ -1 +1 @@ -Subproject commit 1e909adb06b766e107148b8b37a4a9f9e50baf74 +Subproject commit c51e81a43cd5e9540453bd5ca6da8992245a4774 }}} 1. Pushing a commit touching a submodule ref w/o including the "`submodule`" safe-word: {{{ $ git commit -s -m "Update Win32-2.3.0.2" $ git push ... remote: performing tab-check... remote: performing submodule-ref update validations... remote: Submodule update(s) detected in ff458fc260fd05ebcb7db3294cbb1ec623e6525e: remote: *FAIL* commit message does not contain magic 'submodule' word remote: hooklet hooks/update.secondary.d/check-submodule-refs failed remote: hooks/update.secondary died remote: error: hook declined to update refs/heads/master To ssh://git@git.haskell.org/ghc.git ! [remote rejected] master -> master (hook declined) error: failed to push some refs to 'ssh://git@git.haskell.org/ghc.git' }}} 2. Rewrite the commit message to include the magic word, and try pusing again: {{{ $ git commit --amend -s -m "Update submodule to Win32-2.3.0.2" $ git push ... remote: performing tab-check... remote: performing submodule-ref update validations... remote: Submodule update(s) detected in a24ef02140dabb42dfbd2b649434017af6bb6fca: remote: libraries/Win32 => c51e81a43cd5e9540453bd5ca6da8992245a4774 remote: *FAIL* commit not found in submodule repo ('../packages/Win32.git') remote: or not reachable from persistent branches remote: hooklet hooks/update.secondary.d/check-submodule-refs failed remote: hooks/update.secondary died remote: error: hook declined to update refs/heads/master To ssh://git@git.haskell.org/ghc.git ! [remote rejected] master -> master (hook declined) error: failed to push some refs to 'ssh://git@git.haskell.org/ghc.git' }}} 3. Making sure the `Win32` sub-repo actually contains the new commit `ghc.git` is going to refer to, and try pushing again: {{{ $ (cd libraries/Win32 ; git push origin HEAD:ghc-head) ... To ssh://git@git.haskell.org/packages/Win32.git 1e909ad..c51e81a ghc-head -> ghc-head $ git push ... remote: performing tab-check... remote: performing submodule-ref update validations... remote: Submodule update(s) detected in 696bfc4ba5fce6b75cc91bcb67c5d0a3c9f29bd2: remote: libraries/Win32 => c51e81a43cd5e9540453bd5ca6da8992245a4774 remote: OK remote: mirroring ssh://git@git.haskell.org/ghc to ssh://git@github.com/ghc/ghc ... remote: To ssh://git@github.com/ghc/ghc remote: 3099e40..696bfc4 master -> master remote: running notifier To ssh://git@git.haskell.org/ghc.git 3099e40..696bfc4 master -> master }}} The last `git push` finally succeeded! -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:5 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------ Reporter: hvr | Owner: hvr Type: task | Status: new Priority: normal | Milestone: Component: Trac & Git | Version: 7.6.3 Resolution: | Keywords: admin git Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: #8545 #8544 -------------------------------------+------------------------------------ Changes (by hvr): * related: => #8545 #8544 -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:6 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
Moreover, when adding a new submodule ref to a repository hosted at `git.haskell.org` another hook script could add a hidden ref or a [https://www.kernel.org/pub/software/scm/git/docs/git-notes.html Git note] to the referenced commit, effectively providing a back-ref, and ensuring
#8251: Validate submodule references during pre-receive hook -------------------------------------+------------------------------------- Reporter: hvr | Owner: hvr Type: task | Status: closed Priority: normal | Milestone: Component: Trac & Git | Version: 7.6.3 Resolution: fixed | Keywords: admin git Operating System: | Architecture: Unknown/Multiple Unknown/Multiple | Difficulty: Unknown Type of failure: | Blocked By: None/Unknown | Related Tickets: #8545 #8544 Test Case: | Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Changes (by thomie): * status: new => closed * resolution: => fixed Comment: Please reopen if needed: the commit doesn't become dangling and subsequently garbage collected. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8251#comment:7 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
participants (1)
-
GHC