aboutsummaryrefslogtreecommitdiff
#!/bin/sh

# This hook script prevents the user from pushing to Savannah if any of the new
# commits' OpenPGP signatures cannot be verified, or if a commit is signed
# with an unauthorized key.

# Called by "git push" after it has checked the remote status, but before
# anything has been pushed.  If this script exits with a non-zero status nothing
# will be pushed.
#
# This hook is called with the following parameters:
#
# $1 -- Name of the remote to which the push is being done
# $2 -- URL to which the push is being done
#
# If pushing without using a named remote those arguments will be equal.
#
# Information about the commits which are being pushed is supplied as lines to
# the standard input in the form:
#
#   <local ref> <local sha1> <remote ref> <remote sha1>

# This is the "empty hash" used by Git when pushing a branch deletion.
z40=0000000000000000000000000000000000000000

while read local_ref local_hash remote_ref remote_hash
do
	# When deleting a remote branch, no commits are pushed to the remote, and
	# thus there are no signatures to be verified.
	if [ "$local_hash" != $z40 ]
	then
		# Only use the hook when pushing to Savannah.
		case "$2" in
		    *.gnu.org*)
			set -e
			make check-channel-news
			exec guix git authenticate
			exit 127
			;;
		    *)
			exit 0
			;;
		esac
	fi
done

exit 0
generated by cgit
70056b1b2beebbc9f8ea2c34eacc57f379368ab3, which inadvertently pulled in (shepherd support) on the host side. * gnu/home/services/media.scm (home-kodi-services): Change 'command' and 'logfile' to gexps. Add 'modules' field to 'shepherd-service'. Ludovic Courtès 2023-03-16gnu: home: services: Add home-kodi-service-type....* gnu/home/services/media.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * po/guix/POTFILES.in: Likewise. * doc/guix.texi (Media Home Services): Document it in new subsection. Jan (janneke) Nieuwenhuizen