When I set up a pre-receive server hook for GitLab project, it can work normally, but anyone and any role can directly push the code to this project protection branch (similar to master). When this custom hook is cancelled, the protection branch is normal again, and no one can push the code directly.
Does anyone know what's going on?
#!/usr/bin/env bash
export LANG="en_US.UTF-8"
REJECT=0
JAVA_HOME=/data/jdk1.8.0_144
CHECK_JAR_HOME=/opt/gitlab/embedded/service/gitaly-ruby/git-hooks/pre-receive.d
TEMPDIR="tmp_for_scan"
file_repository_path=`pwd`
sub_str=${file_repository_path%.git*}
repository_name=${sub_str##*/}
check_main() {
check
}
check() {
get_all_change_file_and_save
p3c_jar_check
rm -rf $TEMPDIR
if [[ $REJECT -ne 0 ]]; then
exit $REJECT
fi
}
p3c_jar_check() {
files_to_check=`find $TEMPDIR -name '*.java'`
if [[ -n $files_to_check && $files_to_check != "" ]];then
echo -e "ali-p3c-pmd check starting......"
$JAVA_HOME/bin/java -cp $CHECK_JAR_HOME/p3c-pmd-2.1.1.jar net.sourceforge.pmd.PMD -d $TEMPDIR -R rulesets/p3c.xml -f text -shortnames
REJECT=$?
echo -e "ali-p3c-pmd check end......"
if [[ $REJECT == 0 ]] ;then
echo -e "恭喜你代码通过质量检测!"
else
echo -e "请及时修改代码并再次尝试!!"
fi
else
echo 'ali-p3c-pmd pass....'
fi
}
get_all_change_file_and_save() {
while read oldrev newrev refname; do
if test "$oldrev" = "0000000000000000000000000000000000000000" ;then
oldrev="$newrev^"
fi
operate_log=`git log $oldrev..$newrev --pretty="%h $refname %B"`
if [[ $operate_log =~ "merge request" ]];then
echo "***merge request** continue"
continue
fi
files=`git diff --name-only $oldrev $newrev | grep -e ".java$"`
file_repository_path=`pwd`
if test -n "$files"; then
for file in $files; do
mkdir -p "$TEMPDIR/`dirname $file`" > /dev/null
git show $newrev:$file > $TEMPDIR/$file
done;
fi
break
done
}
check_main
exit $REJECT;
Double-check exactly how you have set up your hook, by reviewing "Chained hooks":
Server hooks are searched for and executed in the following order of priority:
Built-in GitLab server hooks. These are not user-customizable.
<project>.git/custom_hooks/<hook_name>: Per-project hooks. This was kept for backwards compatibility.
<project>.git/custom_hooks/<hook_name>.d/*: Location for per-project hooks.
<custom_hooks_dir>/<hook_name>.d/*: Location for all executable global hook files except editor backup files.
The goal is to make sure you do not override the default pre-receive hook, which is reserved for branch protection.
Related
I'm trying to run programs (for example mv file1.txt file2.txt) in my .sh script and I need to hide errors, but handle it with my script.
Currently I'm trying to do something like
EXECUTE="mv -v $VOL $BACKUP_YESTERDAY_CRYPT"
{
EXEC_ERROR=$($EXECUTE)
} &2>> $LOG_FILE
if [[ -n $EXEC_ERROR ]]; then
echo "There is an error!"
fi
But it doesn't work at all - it shows an error (for example mv: cannot stat 'file1.txt': No such file or directory) and $EXEC_ERROR variable is empty.
Is there any way to get output to variable + to log file?
How about something like:
mv -v $VOL $BACKUP_YESTERDAY_CRYPT 2>> $LOG_FILE
if [[ ! ( $? -eq 0 ) ]] ; then
echo "There is an error\!"
fi
Though $? is good for saving and processing exit codes, the if statement is designed to take any command, not just [ or [[:
if ! mv -v "$VOL" "$BACKUP_YESTERDAY_CRYPT" 2>> $LOG_FILE; then
echo "There is an error!"
fi
This includes saving variables:
if OUTPUT=$(mv -v "$VOL" "$BACKUP_YESTERDAY_CRYPT" 2>> $LOG_FILE); then
echo ">>> $OUTPUT <<<"
fi
In fact, if can take more than one command, as its man page describes. Documentation on boolean operators such as !, &&, and || is hidden within the description of shell commands, where they form pipelines (!) and lists (&&, ||).
Try this:
mv sourcefile destfile 2> /dev/null 1>logfile
returnstatus=`echo $?`
if [[ $returnstatus -ne 0 ]]; then
echo "There was an error!"
fi
I'm trying to create a script that searches through a directory to find symlinks that point to non-existing objects.
I have a file in a directory with a deleted symlink, but for some reason when i run the below script It says file exists.
#!/bin/bash
ls -l $1 |
if [ -d $1 ]
then
while read file
do
if test -e $1
then
echo "file exists"
else
echo "file does not exist"
fi
done
else
echo "No directory given"
fi
Thanks
Check this page. It has a test for broken links. It uses the -h operator to identify a symlink and the -e operator to check existance.
From that page:
linkchk () {
for element in $1/*; do
[ -h "$element" -a ! -e "$element" ] && echo \"$element\"
[ -d "$element" ] && linkchk $element
# Of course, '-h' tests for symbolic link, '-d' for directory.
done
}
# Send each arg that was passed to the script to the linkchk() function
#+ if it is a valid directoy. If not, then print the error message
#+ and usage info.
##################
for directory in $directorys; do
if [ -d $directory ]
then linkchk $directory
else
echo "$directory is not a directory"
echo "Usage: $0 dir1 dir2 ..."
fi
done
exit $?
You can test whether link is valid or not using:
[[ -f "$link" ]] && echo "points to a valid file"
To check if it is indeed a link use -L:
[[ -L "$link" ]] && echo "it's a link"
There seems to be a program named symlinks that does, among other things, what you're looking for.
I am working on a bash script that I am working on for a universal Linux dotfile install script. I am attempting to get the symlinking working but I have been bashing (no pun intended) my head against the wall trying to figure out why the symlinks will not work and the copying will not work. I currently have this separated into multiple files so I don't have if statements three miles long.
ultimate-install.sh
#! /bin/bash
#
# The ultimate install script for all dotfiles.
if [[ -z "$1" ]]; then
echo "Please specify the directory where all of you dotfiles are located."
exit 1
fi
# Makes sure that the directory does NOT have a trailing slash!
if [[ ${1:(-1)} == "/" ]]; then
DOTFILE_DIR=${1:0:${#1} - 1}
else
DOTFILE_DIR="$1"
fi
# TODO: Clean this mess up and make it more concise.
if [[ -z "$2" ]]; then
if [[ ! -d $HOME/.config/old_dotfiles ]]; then
mkdir "$HOME/.config/old_dotfiles"
fi
BACKUP_DIR="$HOME/.config/old_dotfiles"
else
if [[ -d "$2" ]]; then
BACKUP_DIR="$2"
else
mkdir "$2"
BACKUP_DIR="$2"
fi
fi
read DECISION
if [ $DECISION == "N" -o $DECISION == "n" ]; then
echo "Aborting installation!"
exit
fi
read DECISION
echo
if [ $DECISION == "N" -o $DECISION == "n" ]; then
source src/no-prompts.sh "$DOTFILE_DIR" "$BACKUP_DIR"
else
source src/prompts.sh "$DOTFILE_DIR" "$BACKUP_DIR"
fi
echo "Installation complete. Old dotfiles are backed up to $BACKUP_DIR."
src/no-prompts.sh
#! /bin/bash
#
# Maintained by Daniel Seymour
DOTFILE_DIR="$1"
BACKUP_DIR="$2"
TEST_DIR="/home/daniel/dotfile-test"
function no_prompt_install(){
FILE_NAME="$1"
if [ "${FILE_NAME:0:1}" == "." ]; then
ln -s "$FILE_NAME $TEST_DIR/$FILE_NAME"
else
ln -s ".$FILE_NAME $TEST_DIR/$FILE_NAME"
fi
}
# TODO: implement a check for file type and deal with unknown files.
for FILE in $DOTFILE_DIR/*; do
cp $FILE $BACKUP_DIR
no_prompt_install $FILE
done
src/prompts.sh
#! /bin/bash
#
# Maintained by Daniel Seymour
DOTFILE_DIR="$1"
BACKUP_DIR="$2"
TEST_DIR="/home/daniel/dotfile-test"
function prompt_install {
FILE_PATH=$1
FILE_NAME=${FILE_PATH##*/}
echo "Would you like to install $FILE_NAME? [Y, n]"
read DECISION
if [ $DECISION == "n" -o $DECISION == "N" ]; then
echo "Not installing."
return
else
# TODO: Clean this up into one statement.
if [ ${FILE_NAME:0:1} == "." ]; then
rm -rf "$TEST_DIR/$FILE_NAME"
ln -sn "$FILE_PATH $TEST_DIR/$FILE_NAME"
else
FILE_NAME="."$FILE_NAME
rm -rf "$TEST_DIR/$FILE_NAME"
ln -sn "$FILE_PATH $TEST_DIR/$FILE_NAME"
fi
fi
}
# TODO: implement a check for file type and deal with unknown files.
for FILE in $DOTFILE_DIR/*; do
cp $FILE $BACKUP_DIR
prompt_install $FILE
done
The above is trimmed for long echo statements that do a lot of explaining.
The basic idea of this script is to take as many as two arguments (the dotfile directory to install and if specified, the custom backup directory, $1 and $2 respectively). The script should then copy all of the files in the target directory to BACKUP_DIR and symlink all of the dotfiles in the DOTFILE_DIR to TEST_DIR. (TEST_DIR will be $HOME in the production scripts.) Great in theory, right?
The complication comes when I run the script. None of the files are copied or symlinked as they should be. Instead, I end up with NO copy (probably due to the same issue as the symlink not working) and a broken symlink in the current directory.
One last piece of information. I am executing the file from the directory that contains ultimate-install.sh (/home/daniel/Projects/Git-Repos/Ultimate-Dotfile-Install-Scripts).
So where did I go wrong?
PS Please don't comment on the TODOs. :)
Short answer
Your quoting is wrong.
ln -sn -- "$FILE_PATH" "$TEST_DIR/$FILE_NAME"
Longer answer
This does not really relate to your problem, but I want to point it out.
Do not use "" inside [[ ]], so instead of this if [[ -z "$1" ]]; then use this if [[ -z $1 ]]; then
What is the point of making sure that directory does not have a trailing slash? It has no effect! /usr/bin/ is the same directory as /usr/bin or /usr////bin or /usr////////bin//////
Do not check if a directory exists when creating directories. Use -p option! Example: mkdir -p "$HOME/.config/old_dotfiles"
Instead of if [ $DECISION == "N" -o $DECISION == "n" ]; use if [[ ${DECISION^^} == N]];
I have another great answer about bash code style HERE. Please check it out! Also read the comments, since I was explaining there exactly your issue.
I would like to check if a certain file exists on the remote host.
I tried this:
$ if [ ssh user#localhost -p 19999 -e /home/user/Dropbox/path/Research_and_Development/Puffer_and_Traps/Repeaters_Network/UBC_LOGS/log1349544129.tar.bz2 ] then echo "okidoke"; else "not okay!" fi
-sh: syntax error: unexpected "else" (expecting "then")
In addition to the answers above, there's the shorthand way to do it:
ssh -q $HOST [[ -f $FILE_PATH ]] && echo "File exists" || echo "File does not exist";
-q is quiet mode, it will suppress warnings and messages.
As #Mat mentioned, one advantage of testing like this is that you can easily swap out the -f for any test operator you like: -nt, -d, -s etc...
Test Operators: http://tldp.org/LDP/abs/html/fto.html
Here is a simple approach:
#!/bin/bash
USE_IP='-o StrictHostKeyChecking=no username#192.168.1.2'
FILE_NAME=/home/user/file.txt
SSH_PASS='sshpass -p password-for-remote-machine'
if $SSH_PASS ssh $USE_IP stat $FILE_NAME \> /dev/null 2\>\&1
then
echo "File exists"
else
echo "File does not exist"
fi
You need to install sshpass on your machine to work it.
Can't get much simpler than this :)
ssh host "test -e /path/to/file"
if [ $? -eq 0 ]; then
# your file exists
fi
As suggested by dimo414, this can be collapsed to:
if ssh host "test -e /path/to/file"; then
# your file exists
fi
one line, proper quoting
ssh remote_host test -f "/path/to/file" && echo found || echo not found
You're missing ;s. The general syntax if you put it all in one line would be:
if thing ; then ... ; else ... ; fi
The thing can be pretty much anything that returns an exit code. The then branch is taken if that thing returns 0, the else branch otherwise.
[ isn't syntax, it's the test program (check out ls /bin/[, it actually exists, man test for the docs – although can also have a built-in version with different/additional features.) which is used to test various common conditions on files and variables. (Note that [[ on the other hand is syntax and is handled by your shell, if it supports it).
For your case, you don't want to use test directly, you want to test something on the remote host. So try something like:
if ssh user#host test -e "$file" ; then ... ; else ... ; fi
Test if a file exists:
HOST="example.com"
FILE="/path/to/file"
if ssh $HOST "test -e $FILE"; then
echo "File exists."
else
echo "File does not exist."
fi
And the opposite, test if a file does not exist:
HOST="example.com"
FILE="/path/to/file"
if ! ssh $HOST "test -e $FILE"; then
echo "File does not exist."
else
echo "File exists."
fi
ssh -q $HOST [[ -f $FILE_PATH ]] && echo "File exists"
The above will run the echo command on the machine you're running the ssh command from. To get the remote server to run the command:
ssh -q $HOST "[[ ! -f $FILE_PATH ]] && touch $FILE_PATH"
Silent check if file exist and perform if not
if ! ssh $USER#$HOST "test -e file.txt" 2> /dev/null; then
echo "File not exist"
fi
You can specify the shell to be used by the remote host locally.
echo 'echo "Bash version: ${BASH_VERSION}"' | ssh -q localhost bash
And be careful to (single-)quote the variables you wish to be expanded by the remote host; otherwise variable expansion will be done by your local shell!
# example for local / remote variable expansion
{
echo "[[ $- == *i* ]] && echo 'Interactive' || echo 'Not interactive'" |
ssh -q localhost bash
echo '[[ $- == *i* ]] && echo "Interactive" || echo "Not interactive"' |
ssh -q localhost bash
}
So, to check if a certain file exists on the remote host you can do the following:
host='localhost' # localhost as test case
file='~/.bash_history'
if `echo 'test -f '"${file}"' && exit 0 || exit 1' | ssh -q "${host}" sh`; then
#if `echo '[[ -f '"${file}"' ]] && exit 0 || exit 1' | ssh -q "${host}" bash`; then
echo exists
else
echo does not exist
fi
I wanted also to check if a remote file exist but with RSH. I have tried the previous solutions but they didn't work with RSH.
Finally, I did I short function which works fine:
function existRemoteFile ()
{
REMOTE=$1
FILE=$2
RESULT=$(rsh -l user $REMOTE "test -e $FILE && echo \"0\" || echo \"1\"")
if [ $RESULT -eq 0 ]
then
return 0
else
return 1
fi
}
On CentOS machine, the oneliner bash that worked for me was:
if ssh <servername> "stat <filename> > /dev/null 2>&1"; then echo "file exists"; else echo "file doesnt exits"; fi
It needed I/O redirection (as the top answer) as well as quotes around the command to be run on remote.
This also works :
if ssh user#ip "[ -s /path/file_name ]" ;then
status=RECEIVED ;
else
status=MISSING ;
fi
#its simple
if [[ "`ssh -q user#hostname ls /dir/filename.abc 2>dev/null`" == "/dir/filename.abc" ]]
then
echo "file exists"
else
echo "file not exists"
fi
Pasted a piece of code from the shell script transfer.sh
if [[ ${ld} -eq ${eld} ]] ; then
mv "$file1" "$FILESNEW/."
if [ $? -ne 0 ]; then
echo "Move Command Failed-File ${fspec}"
fi
echo "File ${fspec} Sucessfully Moved to ready directory "
else
echo "File ${fspec} line count mismatch: ${lc}/${elc}"
fi
when i execute ./transfer.sh move command waits for a prompt "override protection y/n"
I dont want this prompt to appear when move command gets executed. How can i get rid of it?
Use mv -f. Option -f overrides any prompts ("force").
-f, --force
do not prompt before overwriting
change mv to mv -f
Man page for mv
But remember, -f to force it means it won't prompt you so you better be sure you know how it's going to be used.
try
if [[ ${ld} -eq ${eld} ]] ; then
mv -f "$file1" "$FILESNEW/"
....
change:
mv "$file1" "$FILESNEW/."
to:
/bin/mv "$file1" "$FILESNEW/."
(or wherever mv is located on your machine)