THE WORLD DISCUSSES #PYTHIAN ON TWITTER. HAVE A QUESTION? USE OUR HASHTAG AND ASK AWAY.

Push… a little more than I ever wanted

Posted by Yanick Champoux on Jan 12, 2011

Tell me if that sounds familiar: you’re happily hacking on your codebase and, at some point, you type in a password / secret token / really shameful limerick that shouldn’t be sent to the repository mothership, but that you need on your local copy. Well, no sweat, you just have to remember not to commit that specific file. So hack, hack, hack go the fingers. Several hours later, satisfied by your work, you commit the fruit of your labor and send it to the master public repository. And, guess what? The file you were supposed to remember not to commit? You didn’t. And you did. Ooops.

Knowing how embarassingly failible my memory is, I looked for some automated safety net to use with Git. The most obvious would have been to use a push hook, but alas Git has no such thing, and if the latest thread I caught on the topic still hold, one isn’t going to appear anytime soon. Since that venue is (for now) closed, I turned to plan B: crafting a new git command, git-safepush:

#!/usr/bin/env perl

use 5.12.0;

use Git::Wrapper;
use File::chdir;
use IO::All;
use List::MoreUtils qw/ any /;

my $remote = shift @ARGV or die "usage: $0 <remote>";

my ( $local_branch, $remote_branch ) = split ':', shift @ARGV;

pop @CWD until any { /\.git$/ } glob "$CWD/.g*" or not @CWD;

die "not in a git repository\n" if $CWD eq '/';

my $git = Git::Wrapper->new($CWD);

$local_branch ||= ( ($local_branch) = grep { s/\* // } $git->branch )[0];
$remote_branch ||= $local_branch;

my $filename;

for ( $git->diff( join( '/', $remote, $remote_branch ), $local_branch ) ) {

    $filename = $1 when /^diff --git .* b\/(.*?)$/;

    die "'DO NO PUSH' seen in file '$filename', aborting push\n" when
      /^\+.*#\s*DO NOT PUSH/;
}

$git->push( $remote, "$local_branch:$remote_branch" );

With that, I just had to add DO NOT PUSH in a comment line along
sensitive code, like so

    # DO NOT PUSH
    my $password = '$ecr3t';

and safepush is going to prevent me of doing anything foolish:

$ git safepush origin master:foo
'DO NO PUSH' seen in file 'MyConfig.pm', aborting push
Facebook Twitter Email

Category: Perl
Tags:

Leave a Reply

Start NowWith Pythian - database design, management and emergency handling capabilities...

Papers & Books

MySQL Administrator's Bible by Sheeri K. Cabral

Oracle RAC Workload Management whitepaper by Alex Gorbachev

8 Rules for Designing More Secure Applications with MySQL by Augusto Bott and Nick Westerlund

Live Updates

pythian: RT @FN_Press2: Schooner Information Technology Teams with Pythian to Deliver Advanced Support and High... http://finanznachrichten.de/20
more



Testimonials

  • Serge Racine

    DBA, Brookfield Energy

    We are very satisfied by the service given to us by Andre and Shakir in support of our recent data quality and reorganization initiative.... more



Social links powered by Ecreative Internet Marketing