| #!/bin/sh | |
| # Called by "git push" after it has checked the remote status, | |
| # but before anything has been pushed. | |
| # | |
| # If this script exits with a non-zero status nothing will be pushed. | |
| # | |
| # Steps to install, from the root directory of your repo... | |
| # 1. Copy the file into your repo at `.git/hooks/pre-push` | |
| # 2. Set executable permissions, run `chmod +x .git/hooks/pre-push` | |
| # 3. Or, use `rake hooks:pre_push` to install | |
| # | |
| # Try a force push to master, you should get a message `*** [Policy] never force push...` | |
| # | |
| # The commands below will not be allowed... | |
| # `git push --force origin master` | |
| # `git push --delete origin master` | |
| # `git push origin :master` | |
| # | |
| # Nor will a force push while on the master branch be allowed... | |
| # `git co master` | |
| # `git push --force origin` | |
| # | |
| # Requires git 1.8.2 or newer | |
| # | |
| # Git 1.8.2 release notes cover the new pre-push hook: | |
| # <https://github.com/git/git/blob/master/Documentation/RelNotes/1.8.2.txt> | |
| # | |
| # See Sample pre-push script: | |
| # <https://github.com/git/git/blob/87c86dd14abe8db7d00b0df5661ef8cf147a72a3/templates/hooks--pre-push.sample> | |
| protected_branch='master' | |
| policy='[Policy] Never force push or delete the '$protected_branch' branch! (Prevented with pre-push hook.)' | |
| current_branch=$(git symbolic-ref HEAD | sed -e 's,.*/\(.*\),\1,') | |
| push_command=$(ps -ocommand= -p $PPID) | |
| is_destructive='force|delete|\-f' | |
| will_remove_protected_branch=':'$protected_branch | |
| do_exit(){ | |
| echo $policy | |
| exit 1 | |
| } | |
| if [[ $push_command =~ $is_destructive ]] && [ $current_branch = $protected_branch ]; then | |
| do_exit | |
| fi | |
| if [[ $push_command =~ $is_destructive ]] && [[ $push_command =~ $protected_branch ]]; then | |
| do_exit | |
| fi | |
| if [[ $push_command =~ $will_remove_protected_branch ]]; then | |
| do_exit | |
| fi | |
| unset do_exit | |
| exit 0 |
jagadeesh0014
commented
Jul 25, 2013
|
how to enable normal push without force in this script i enable this script in my windows environment everything is work but it denies normal fush and force fush i done the bellow changes in the script before after $(ps --ocommand= -p $PPID) before $push_command =~ $is_destructive after test thanks in advance |
vistik
commented
Oct 9, 2013
|
I have added an array of protected branches (eg. production and master or your team branch etc) I have also added a more strict check if you are pushing to any protected branch (see comments in the code) I hope this helps anybody :) and thanks to @pixelhandler for the original script |
dideler
commented
Jan 23, 2014
|
Thanks for sharing! On Linux, I had to change the shebang line to BTW, there's an interesting (and perhaps incomplete) fork written in Ruby. |
city41
commented
Mar 19, 2014
|
This script does not allow |
stefansundin
commented
Jul 30, 2014
|
Here's my own version of this pre-push hook, along with an install script: https://gist.github.com/stefansundin/d465f1e331fc5c632088 |
stephen-mw
commented
Feb 9, 2015
|
It's easy to prevent pushing to multiple branches using posix regular expressions. You don't need to create and iterate through an array: #!/bin/bash
# Prevents force-pushing to master
BRANCH=`git rev-parse --abbrev-ref HEAD`
PUSH_COMMAND=`ps -ocommand= -p $PPID`
PROTECTED_BRANCHES="^(master|dev|release-*|patch-*)"
FORCE_PUSH="force|delete|-f"
if [[ "$BRANCH" =~ $PROTECTED_BRANCHES && "$PUSH_COMMAND" =~ $FORCE_PUSH ]]; then
echo "Prevented force-push to protected branch \"$BRANCH\" by pre-push hook"
exit 1
fi
exit 0 |
amhed
commented
Jul 20, 2015
|
|
amhed
commented
Jul 20, 2015
|
Any ideas? Im currently running bash 3.1.23 for windows |
alexnewmannn
commented
Aug 19, 2015
|
Same issue as @amhed, googled with no luck |
agent-0007
commented
Sep 10, 2015
|
No windows = no problem. |
vincenzo
commented
Oct 13, 2015
|
@stephen-mw - love your version; I am also looking to understand how to stop any push to master, even if I am currently on a non protected branch. Let's say |
lovebes
commented
Dec 16, 2015
|
@vincenzo, add this line. It seems to work for me. # Prevents makes sure while you are on different branch, you don't push to master
if [ $current_branch != $protected_branch ] && [[ $push_command =~ $protected_branch ]]; then
do_exit
fi |
luiskhernandez
commented
Dec 21, 2015
|
Hi, this is very useful thanks. How about if i want to prevent push to master but only in the origin remote, others remote like staging, can push force to master. |
RobertoPrevato
commented
Jun 28, 2016
•
|
It is worth mentioning that the pre-push hook is a local hook, that is a hook that is fired when invoking a command in the local repository, and is potentially editable by a user. If you want to protect your repositories against disgruntled programmers, a pre-receive hook in the remote repository is necessary. Anyway, thanks for sharing! The script is perfect when you can trust all programmers in the team. |
TxHawks
commented
Aug 29, 2016
•
|
I may be a bit late for the party, but the name of the remote is passed to the hook as the first argument, so you can just put the following lines at the begining of the script: # Exit early if pushing to a remote that isn't 'origin'
[[ $1 != "origin" ]] && exit 0
# rest of script here |
nhoag
commented
Sep 15, 2016
|
Over 3 years later and this is still a great script! Note that this doesn't protect against |
gajendramani
commented
Oct 26, 2016
|
any idea in groovy as pre receieve hook. |
pixelhandler commentedJun 6, 2013
Steps to install, from the root directory of your repo...
.git/hooks/pre-pushchmod +x .git/hooks/pre-pushTry a force push to master, you should get a message *** [Policy] never force push master
Note: Requires git 1.8.2 or newer
See Sample pre-push script: https://github.com/git/git/blob/87c86dd14abe8db7d00b0df5661ef8cf147a72a3/templates/hooks--pre-push.sample
1.8.2 release notes talking about the new pre-push hook: https://github.com/git/git/blob/master/Documentation/RelNotes/1.8.2.txt