Allow gid videoteam to sudo to local user veyepar on vittoria

[mirror/dsa-puppet.git] / tools / git-hooks / pre-commit

#!/bin/bash

if ! cmp -s ${PWD}/.git/hooks/pre-commit ${PWD}/tools/git-hooks/pre-commit ; then
        rm -f ${PWD}/.git/hooks/pre-commit
        ln -sf ../../tools/git-hooks/pre-commit ${PWD}/.git/hooks/pre-commit
        exec ${PWD}/.git/hooks/pre-commit
fi

if git rev-parse --verify HEAD &>/dev/null; then
        against=HEAD
else
        # Initial commit: diff against an empty tree object
        against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
fi

check_puppet_manifest () {
        local file=$1

        local pp=${workdir}/${file}
        mkdir -p $(dirname ${pp})
        git cat-file blob :0:${file} | sed 's/^import .*/#&/' >${pp}
        trap "rm -f ${pp}" RETURN

        local output=$(puppet parser validate ${pp} 2>&1)
        if [ $? -ne 0 ] || [ -n "${output}" ]; then
                echo '** Syntax check failed:' >&2
                echo "${output}" >&2
                return 1
        fi

        # Check manifests for exactly one class or define per file.
        case "${file}" in
                modules/*/manifests/*)
                        if [[ "$(egrep -c '^(class|define) ' ${file})" != "1" ]]; then
                                echo "** Multiple class/defines:" >&2
                                egrep -n '^(class|define) ' ${file} >&2
                                return 1
                        fi
                        ;;
        esac

        case "${file}" in
                manifests/site.pp|modules/*/manifests/*) ;;
                *) return
        esac

        if [ -x /usr/bin/pcregrep ]; then
                local wsfail=$({
                        # grep -nPT would be nice. grep -P seems broken on gudeploy01.
                        # Patterns checked for are (in this order):
                        # - leading SPACE
                        # - SPACE followed by TAB
                        # - TAB followed by SPACE
                        # - non-leading TAB (but allow around '#' comment leader)
                        # - trailing whitespace
                        pcregrep -n -e '^ ' -e ' \t' -e '\t ' -e '[^\t#]\t+(?!#)' -e '\s+$' ${pp}
                })
                if [[ $(wc -l <${pp}) > $(cat -s ${pp}|wc -l) ]]; then
                        wsfail+="Excess blank line(s). 'cat -s' is your friend."
                fi
                if [[ -n "${wsfail}" ]]; then
                        echo '** Bad whitespace (see Manifest Standards):' >&2
                        echo "${wsfail}" >&2
                        return 1
                fi
        else
                echo "Missing pcregrep: apt-get install pcregrep" >&2
        fi

        case "${file}" in
                manifests/site.pp|modules/*/manifests/*)
                        if [[ -n "$(which puppet-lint)" ]]; then
                                puppet-lint --no-hard_tabs-check --no-2sp_soft_tabs-check --no-80chars-check ${pp} >&2 | uniq
                        else
                                echo "Please install puppet-lint (gem install puppet-lint)" >&2
                        fi
                        ;;
                *)
                        return
                        ;;
        esac

        return 0
}

# Check a Puppet template.
#
check_puppet_template () {
        local file=$1

        # Beware of 'Syntax OK' message on success.
        local output=$((git cat-file blob :0:${file}|erb -x -P -T -|ruby -c >/dev/null) 2>&1)
        if [[ $? -ne 0 || -n "${output}" ]]; then
                echo '** Syntax check failed:' >&2
                echo "${output}" >&2
                return 1
        fi

        return 0
}

readonly failed=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX)
readonly missing=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX)
readonly parse=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX)
readonly retest=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX)
readonly workdir=$(mktemp -d ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX)
trap "rm -f ${failed} ${missing} ${parse} ${retest}; rm -rf ${workdir}" EXIT

error=0
warning=0
for file in $(git diff-index --name-only --diff-filter=AM --cached ${against}); do
        output=""
        rc=0

        case "${file}" in
                manifests/site.pp)
                        output=$(check_puppet_manifest ${file} 2>&1); rc=$?;;
                modules/*)

                        case "${file}" in
                                modules/*/manifests/*)
                                        case "${file}" in
                                                # FIXME: doing this so the whitespace check happens
                                                *.pp) output=$(check_puppet_manifest ${file} 2>&1); rc=$?;;
                                        esac
                                        ;;
                                modules/*/templates/*)
                                        output=$(check_puppet_template ${file} 2>&1); rc=$?;;
                        esac
                        ;;

        esac

        if [[ ${rc} -ne 0 || -n "${output}" ]]; then
                echo "** ${file}" >&2
                echo "${output}" >&2
                if [[ ${file} != *.pp ]]; then
                        error=1
                # puppet-lint warnings are acceptable.
                elif [[ -n "$(egrep -v '^WARNING: ' <<<${output})" ]]; then
                        error=1
                else
                        warning=1
                fi
        fi
done

if [ "$error" -ne 0 ]; then
        echo "** Please correct the above errors." >&2
        exit 1
fi

if [ "$warning" -ne 0 ]; then
        sleep 5
fi

exit 0