Git 预提交挂钩以检查更改的文件数
[英]Git pre-commit hook to check number of files changing
问题描述
Our repository has custom status checks that get fired based on the number of files that we changed.
我们的存储库具有自定义状态检查,根据我们更改的文件数量触发。 If the number of files changed in a single PR is large, these status checks can bring down a downstream dependency.如果单个 PR 中更改的文件数量很大,则这些状态检查可以降低下游依赖性。 (there are requests to a service being made in these status checks). (在这些状态检查中有对服务的请求)。 I'm not here to argue about these status checks and why they are there in the first place, at this point in time we can't change that or scale the service to handle such load.我不是在这里争论这些状态检查以及为什么它们首先存在,此时我们无法更改它或扩展服务以处理此类负载。
The idea to gate these large changes is to add a git hook on pre-commit which basically gets the number of files that are different between the current branch and the tip of remote master.控制这些大变化的想法是在 pre-commit 上添加一个 git hook,它基本上可以获取当前分支和远程 master 的提示之间不同的文件数量。 Then we want to error out if the number of those files is greater than a certain number.然后我们想在这些文件的数量大于某个数量时出错。
Basically the way I'm going about this is by using the following commands in a git hook基本上我要做的方法是在 git hook 中使用以下命令
# Refresh local reference to origin/HEAD
git fetch
# Get the diff between the tip of current branch and the tip of origin/HEAD and count them
git diff --name-only --cached origin/HEAD | wc -l
...
This seems to work but I have a couple of questions: 1. Are there any hidden gotchas with these method?这似乎有效,但我有几个问题: 1. 这些方法有什么隐藏的问题吗? I want to ensure I'm covering all cases where we can prevent a pull request being opened with a diff spanning the number of files > X. 2. Is it safe to call git fetch in a git hook?我想确保我涵盖了所有可以防止打开拉取请求的情况,其中的差异跨越文件数> X。 2. 在 git 钩子中调用 git fetch 是否安全? I need some way to ensure that the local reference origin/HEAD isn't stale otherwise the hook wouldn't fail but the pull request could still have an obscenely large diff if the local master is outdated.我需要一些方法来确保本地参考源/HEAD 不会过时,否则钩子不会失败,但如果本地主服务器已过时,拉取请求仍然可能具有非常大的差异。
1 个解决方案
解决方案1
0 已采纳 2020-03-13 22:54:26
Yes, the hidden gotcha here is that this service runs on developer machines, which means that the integrity of your CI system is based on developers' willingness and ability to install the pre-commit hook and not override it.是的,这里隐藏的问题是该服务在开发人员机器上运行,这意味着您的 CI 系统的完整性基于开发人员安装pre-commit挂钩而不是覆盖它的意愿和能力。 As has been mentioned before here and elsewhere, it's impossible to rely on pre-commit hooks for policy enforcement, since developer machines are not trusted.正如之前在这里和其他地方提到的,依靠pre-commit钩子来执行策略是不可能的,因为开发人员机器不受信任。
You'd be far better off putting this in your CI scripts and just fail early if the number of changes is large.你最好把它放在你的 CI 脚本中,如果更改数量很大,就尽早失败。 Your CI system is the right place to make policy decisions, even if those policy decisions are to give up and not run the rest of the CI jobs.您的 CI 系统是制定政策决策的正确场所,即使这些政策决定是放弃而不是运行其余的 CI 作业。 Alternately, if your Git server supports a pre-receive hook, you could do the work there.或者,如果您的 Git 服务器支持pre-receive挂钩,您可以在那里完成这项工作。
In addition, pre-commit hooks like this make it difficult for advanced users to create a series of logical commits or even create fixup commits for squashing into an older commit.此外,像这样的pre-commit钩子使高级用户难以创建一系列逻辑提交,甚至创建修复提交以压缩为旧提交。 As one such user, I'd be very unhappy if I had to wait for a fetch every time I wanted to add some commits, and I expect your users will delete the hook or compulsively use --no-verify .作为这样的用户,如果每次我想添加一些提交时都必须等待获取,我会非常不高兴,我希望您的用户会删除钩子或强制使用--no-verify 。
Having said that, it won't break anything to fetch in the pre-commit hook, although you will find that doing so will break users' use of git push --force-with-lease , along with potentially confusing editor integrations.话虽如此,它不会破坏pre-commit挂钩中的任何获取内容,尽管您会发现这样做会破坏用户对git push --force-with-lease ,以及可能会混淆编辑器集成。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.