How can I implement a policy in Stash to prevent check-in without an issue linked in the commit?

I would say that would be best achieved using pre-commit hooks. I'm sure there will be some for that (if not already available)

http://blogs.atlassian.com/2013/03/stash-git-hooks-api/

Commit Policy Plugin is a relatively new JIRA(!) add-on to verify issue keys in commit messages, among others.

It integrates nicely with Stash, although that requires a little bit of manual work on the hook script, for which we provide a step-by-step guide. We also have a public feature request to offer a smoother integration, possibly in the form of a Stash hook plugin (make sure you vote for this).

For the problem mentioned by Bryan Turner, our approach is that it's better to prevent problems than retrospectively fix them. The idea here is to offer a mechanism which would make it super easy to integrate the checks not only to Stash managed blessed repositories and forks, but also to clones (working copies located at the developer machines). That means your developers wouldn't even be able to commit to their working copies if their commit is rejected by the team's policy. If this feature created value for you, vote to this!

Important: unlike most other solutions suggested here, it does not only verify if there is an issue key formally present in the commit message (like "FOO-123"), but even matches that or those against a JIRA JQL query!
For instance, this allows to verify if the mentioned issue(s) are:

• in-progress user stories in the current sprint
• unresolved bugs or tasks targeting the next product version
• high-priority tasks assigned to team-leads (in a code freeze period)

Other than checking the mentioned issues, it can also verify:

• the committer's identity (is he in JIRA? is he in a JIRA group?) 
• the changed files (only images are submitted? is there any *.class,*.obj,*.tmp file? all *.PNG are in the /images directory?)
• the commit message (is this 10+ characters long without whitespace? does it start with a JIRA key?)

commit-policies.png

Hi,

I've created an open-source Stash plugin to enforce the presence of issue references and cross-check them against Jira: https://bitbucket.org/teslamotors/jira-issue-enforcement-stash-plugin

It's also published on the Atlassian Marketplace: https://marketplace.atlassian.com/plugins/com.teslamotors.stash.hook.jira-issue-enforcer

Karl

Hi Charles,

I'd definitely be interested in trying that out. Did you upload the source as well or is the jar file the only thing in the repo?

Thank you very much,

Garret

I have a perl script that handles this:

#! /usr/bin/perl

# From http://stackoverflow.com/questions/2524101/git-how-do-we-verify-commit-messages-for-a-push
# Only enforces the check for the master branch

my $errors = 0;
while (<>) {
  chomp;
  next unless my($old,$new) =
    m[ ^ ([0-9a-f]+) \s+   # old SHA-1
         ([0-9a-f]+) \s+   # new SHA-1
         refs/heads/master # ref
       \s* $ ]x;

  chomp(my @commits = `git rev-list $old..$new`);
  if ($?) {
    warn "git rev-list $old..$new failed\n";
    ++$errors, next;
  }

  foreach my $sha1 (@commits) {
    my $msg = `git cat-file commit $sha1`;
    if ($?) {
      warn "git cat-file commit $sha1 failed";
      ++$errors, next;
    }

    $msg =~ s/\A.+? ^$ \s+//smx;
    unless ($msg =~ /^[A-Z]+-[0-9]/) {
      warn "The git commit message for $sha1\n";
      warn "must be prepended with a valid JIRA key.\n";
      warn "Use CAPS for the project key.\n";
      warn "For example:\n";
      warn "    KEY-123: $msg\n";
      warn "Use \"git commit --amend -m\" to fix the message or\n";
      warn "\"git rebase\" if you are pushing multiple commits.\n";

      ++$errors, next;
    }
  }
}

exit $errors == 0 ? 0 : 1;

Unfortunately, it can't be nicely managed with the latest features in stash. I like the plugin architecture and the ability to enable/disable a particular hook for each repository and also create a unique configuration for each repo.

However, it's not a trivial process to port existing shell/perl scripts like this to Java and the plugin architecture.

I'd really like to see a feature where a script could be uploaded to stash and managed through the dashboard without having to manage scripts like this directly on the disk.

We've been forced to create our own management tools/automation for this and that's where stash should really be adding value IMHO.

thanks,

Garret

Hey Mark,

the JIRA Hooks for Stash Plugin will be available for Bitbucket soon. Then you are able to cover your usecase. 

Cheers

Benni

Still stunned this isn't an included fearture of git essentials.  JIRA references in commit messages are the essential part that welds code and original issue, and we need this to be enforced.  The Tickets Please! Plugin has been working well, but I can't seem to find anything for Bitbucket Server 4

Hello erberybody,

please see also the plugin JIRA Hooks for Stash (https://marketplace.atlassian.com/1211959)

Best regards

benni

I find the option to retrospectively edit commit messages very interesting (RL). In the corresponding UI, it would be helpful to be able apprend/prepend all messages with an issue ID in a single operation. This way, if you have 30 messages to ammend, you still could do it in a reasonable time.

Another thing that might help is to consider the branch name. If it was created using Stash/Jira then the the branch already has a valid issue Id in its name in most cases. This could be checked when the branch is pushed/merged and then if it actually contains an issue ID the whole commit batch could be accepted as is (maybe a configurable option) even without checking commit messages. I'm not sure what would be the impact on other integration plugins relying on the issue ID being in each message, though.

Also, I know that local hooks cannot be bundled (at least working hooks) in the git repo, but they could be provided in a standardized manner with every repo created (assuming it was created with the "jira-integrated" option) with simple instructions/scripts for each developer to install them. Instead of a complex hook connecting to Jira, I think a simple regexp checker would be enough at this level. Stash could even generate the hook script dynamically so that it explicitly checks for the specific issue pattern.

Rémi

I have worked on a client hook and cgi script that checks for the presence of a proper (and correct) Jira issue if/when the user is online using a cgi script.

- We provide a git clone "clone -template..." wrapper so that all developers get the client hooks. Since many projects are made up of multiple repos, most use the wrapper without question and get the client hook. Tthe commit-msg hook uses curl to call a remote cgi script on the JIRA server which will return "true/false" if the commit contains a valid JIRA issue. If the commit includes a correct JIRA issue (that actualy exists and is in the correct fixVersion) its ok. Otherwise, it fails. We use cgi instead of just a client hook so that the logic can change but the client hook will not need to be updated because the logic of what is a correct JIRA issue is in the cgi code, not the git hook. The git hook just get back a true/false from the cgi if the commit looks like is has a correct JIRA issue listed.

- If the developer is working offline, the client hook cannot check for a correct JIRA issue. For now, we just let these go (most people work online or VPN).

I wish git would embrace some form of "client hook" copy/update option (other than templates) during a clone that was not "optional" but dictated by the remote/source repo. I know this is kind of against the culture but as long as it was an optional thing set up in the remote side, it would make client hooks much more predictable.

I have installed the version 1.1 together with the Stash version 2.8.2.

The problem I have is, that each commit and each push is allowed. But I would like that the plugin checks, whether a valid issue is entered in the commit message..

I enabled the checkboxes for the usage of the Application Link and the searching of an Issue Key. The rest is default..

But it doesnt work. Any Idea?

Is there any documentaion?

Hi Charles,

I am trying to understand what Brian said initially here:

"The primary drawback there is that, when such a push is rejected, the user then has to amend their commits and rewrite history to add those issue keys. Depending on how many commits the user had made, that can be pretty painful. "

So, I have a stash instance running and I am implementing git hooks.

Scenario: I have 3 commits in my local repo.. Now I want to push all of it to my master, so I do "git push origin master"..

* This fails, which I fixed by updating the git commit message using git commit --amend -m "blah". And then I did the git push origin master again.

* This submitted all my three commits, which means if the git push fails because of a commit message, then they can just fix the message and do the push again.

* This I think will keep the history as it is as well.

Please correct me if I am wrong...

Also I am trying to understand what is "retrospective linking approach?"

Thanks for your patience..

--Ishan

Yes.. I want to try out precommit hooks at the git level, to see that goes.. Also, I saw in one of the posts that you can do precommits at repository level but not at the global level. Is that possible with stash ??

Hey Charles,

This seems to be working fine for me.. Essentially I want to try and do this in python... So is it possible to get the commit message, for the current commit in question ??

Thanks for all your assistance..

--Ishan

Hey Charles,

Yeah it seems to be working now. Here is what I tried:

I enabled the precommit check, then I tried to do a submit with my commit message =

git commit -a -m "Testing it out". This failed because of the precommit check.

So ,then I tried to fix the commit message using:

git commit -ammend -m "Testing it out [ISSUE: FEA-12345]"

and then I did git push origin master

but this does not seem to be updating the message and so it was failing for me!!

Aplogies for the inconvinience.

--Ishan

Hi All,

I installed : stash-enforce-message-hook-plugin-1.0.0-SNAPSHOT.jar on my stash server and was testing it out for a bit, but somehow it does not seems to work..

Here is what I have:

In the hook:

Pattern: [Issue:[ \t]*(.*)] & Message: Needs an issue for this checkin

My commit message: git commit -a -m "Testing it out"

This just works. However it should not!!

Also,

when I try the below it does not work:

Pattern: \[Issue:[ \t]*(.*)\] & Message: Needs an issue for this checkin !!

My commit message: git commit -a -m "Testing it out [ISSUE: FEA-12345]"

This never works..

Please let me know if I am doing something wrong!!

Using the pre-receive hook is not an ideal solution because Git does (currently) not allow changing the log message on a easy way.

@Bryan: I'm wondering is there in the near future a new feature in Stash for the "retrospective linking approach"? I could imaging this as part of the review process adding beside of some commens also JIRA Issues. But how would you handle it if the log message has already a JIRA issue, but it's the wrong one? Do you think about mechanism of overriding; which could make intransparent.