How to control order of pre-receive hooks?

We are running Stash 3.7.  We protect the master branch in all our repositories using branch permissions.  We are also using standard Git hooks (we use the update hook) to enforce various conditions such as commit message formats, user names with email address known to Stash, ...  We validate that all branch names begin with a Rally ID (story id or defect id).  Our branch permissions allow any authenticated user to push a branch that is named US*  or DE*.

If a user tries to push a branch that does not meet this requirement, they get an error message from the pre-receive hook that enforces branch permissions:

 

remote: You have insufficient permissions to update 'refs/heads/invalid-branch-name'
remote: Check your branch permissions with the project administrator
To http://stash.host:8080/scm/ips/ips-atms
! [remote rejected] master -> invalid-branch-name (pre-receive hook declined)
error: failed to push some refs to 'http://stash.chotel.com:8080/scm/ips/ips-atms'

This message, while clear enough to the experienced developer, results in several emails asking for access to Stash.  We implemented a Git update hook that checks the branch name and issues a very explicit message:

 

remote: -----
remote: branch-name-verifier: (refs/heads/invalid-branch-name) branch name is NOT valid
remote: Branch names must include a Rally ID prefix followed by a dash or underscore
remote: followed by a brief description of the branch.
remote: Examples:
remote: US0000-update-command-parser
remote: DE0000_new-button
remote: TS0000_what-this-test-does
remote:
remote: Your branch name "invalid-branch-name" does not match this pattern.

Unfortunately, the message is only issued if the user has permissions to push code to any branch (such as administrators, and users authorized to merge branches to master).   From our experience, the order of hook execution is pre-receive hooks followed by Git hooks.

Given that we want control of the error message issued for unacceptable branch names, what is the best approach?

Is there a file we can drop our custom message into?  would be nice to provide our own message for branch permissions rejections.

If not, can we inject our Git update hook into the pre-receive chain of processing?  If so, how?

If not, and if we write our own pre-receive hook in Java, how do we guarantee that it will be fired BEFORE branch permissions are checked?

Michael

1 answer

Maybe you could write your own pre-receive hook that will take care of both the validity of branch names and branch permissions...

Suggest an answer

Log in or Join to answer
Community showcase
Piotr Plewa
Published Dec 27, 2017 in Bitbucket

Recipe: Deploying AWS Lambda functions with Bitbucket Pipelines

Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda&nbsp...

631 views 0 4
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot