#!/bin/bash if git rev-parse --verify HEAD &>/dev/null; then against=HEAD else # Initial commit: diff against an empty tree object against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 fi check_puppet_manifest () { local file=$1 local pp=${workdir}/${file} mkdir -p $(dirname ${pp}) git cat-file blob :0:${file} | sed 's/^import .*/#&/' >${pp} trap "rm -f ${pp}" RETURN local output=$(puppet apply --noop ${pp} 2>&1) if [ $? -ne 0 ] || [ -n "${output}" ]; then echo '** Syntax check failed:' >&2 echo "${output}" >&2 return 1 fi # Check manifests for exactly one class or define per file. case "${file}" in modules/*/manifests/*) if [[ "$(egrep -c '^(class|define) ' ${file})" != "1" ]]; then echo "** Multiple class/defines:" >&2 egrep -n '^(class|define) ' ${file} >&2 return 1 fi ;; esac case "${file}" in manifests/site.pp|modules/*/manifests/*) ;; *) return esac if [ -x /usr/bin/pcregrep ]; then local wsfail=$({ # grep -nPT would be nice. grep -P seems broken on gudeploy01. # Patterns checked for are (in this order): # - leading SPACE # - SPACE followed by TAB # - TAB followed by SPACE # - non-leading TAB (but allow around '#' comment leader) # - trailing whitespace pcregrep -n -e '^ ' -e ' \t' -e '\t ' -e '[^\t#]\t+(?!#)' -e '\s+$' ${pp} }) if [[ $(wc -l <${pp}) > $(cat -s ${pp}|wc -l) ]]; then wsfail+="Excess blank line(s). 'cat -s' is your friend." fi if [[ -n "${wsfail}" ]]; then echo '** Bad whitespace (see Manifest Standards):' >&2 echo "${wsfail}" >&2 return 1 fi else echo "Missing pcregrep: apt-get install pcregrep" >&2 fi case "${file}" in manifests/site.pp|modules/*/manifests/*) puppet-lint --no-hard_tabs-check --no-80chars-check ${pp} >&2 | uniq ;; *) return ;; esac return 0 } # Check a Puppet template. # check_puppet_template () { local file=$1 # Beware of 'Syntax OK' message on success. local output=$((git cat-file blob :0:${file}|erb -x -P -T -|ruby -c >/dev/null) 2>&1) if [[ $? -ne 0 || -n "${output}" ]]; then echo '** Syntax check failed:' >&2 echo "${output}" >&2 return 1 fi return 0 } readonly failed=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX) readonly missing=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX) readonly parse=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX) readonly retest=$(mktemp ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX) readonly workdir=$(mktemp -d ${TMPDIR:-/tmp}/git.puppet.pre-commit.XXXXXXXXXX) trap "rm -f ${failed} ${missing} ${parse} ${retest}; rm -rf ${workdir}" EXIT error=0 warning=0 for file in $(git diff-index --name-only --diff-filter=AM --cached ${against}); do output="" rc=0 case "${file}" in manifests/site.pp) output=$(check_puppet_manifest ${file} 2>&1); rc=$?;; modules/*) case "${file}" in modules/*/manifests/*) case "${file}" in # FIXME: doing this so the whitespace check happens *.pp) output=$(check_puppet_manifest ${file} 2>&1); rc=$?;; esac ;; modules/*/templates/*) output=$(check_puppet_template ${file} 2>&1); rc=$?;; esac ;; esac if [[ ${rc} -ne 0 || -n "${output}" ]]; then echo "** ${file}" >&2 echo "${output}" >&2 if [[ ${file} != *.pp ]]; then error=1 # puppet-lint warnings are acceptable. elif [[ -n "$(egrep -v '^WARNING: ' <<<${output})" ]]; then error=1 else warning=1 fi fi done if [ "$error" -ne 0 ]; then echo "** Please correct the above errors." >&2 exit 1 fi if [ "$warning" -ne 0 ]; then sleep 5 fi exit 0