1#!/bin/bash 2 3# git pre-push hook to detect whether a developer is attempting to push 4# non-public commits to a public repository. 5 6remote="$1" 7url="$2" 8 9# Don't bother checking if this is being pushed to gerrit. 10if [[ "$url" = "sso://googleplex-android/platform/external/drm_hwcomposer" ]] || 11 [[ "$url" = "sso://android.googlesource.com/platform/external/drm_hwcomposer" ]] || 12 [[ "$url" = "sso://android/platform/external/drm_hwcomposer" ]] 13then 14 exit 0 15fi 16 17while read local_ref local_sha remote_ref remote_sha 18do 19 # Gather a list of all commits that are to be pushed to the remote. 20 # remote_sha will be 000000 if there is no corresponding remote branch. 21 if [[ "$remote_sha" =~ "0000000000" ]]; then 22 commits=$(git rev-list $local_sha --not --remotes=$remote) 23 else 24 commits=$(git rev-list $remote_sha..$local_sha) 25 fi 26 27 # Check each commit message for the prohibited prefix. 28 for commit in $commits; do 29 # Get the commit message. 30 message=$(git log -1 --pretty=%B $commit) 31 32 # Check if the commit message starts with "ANDROID:" 33 if [[ "$message" == "ANDROID"* ]] || 34 [[ "$message" == "INTERNAL"* ]] || 35 [[ "$message" == "DO NOT MERGE"* ]]; then 36 echo "Error: Commit message starts with downstream tag:" 37 echo "$message" 38 echo "It looks like you're trying to push internal changes to an externally " 39 echo "visible repository: $url" 40 exit 1 41 fi 42 done 43done 44 45exit 0 46