diff options
Diffstat (limited to '.lefthook/pre-push')
-rwxr-xr-x | .lefthook/pre-push/security_harness | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/.lefthook/pre-push/security_harness b/.lefthook/pre-push/security_harness new file mode 100755 index 00000000000..89a6d4a608d --- /dev/null +++ b/.lefthook/pre-push/security_harness @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +set -e +shopt -s nocasematch # Enable case-insensitive matching + +local_branch="$(git rev-parse --abbrev-ref HEAD)" +security_branch_regex="^security.+" +url="$2" + +if [[ $local_branch =~ $security_branch_regex ]] && [[ "$url" != *"gitlab-org/security/"* ]] +then + echo "Pushing security branches to remotes other than gitlab.com/gitlab-org/security has been disabled!" + echo "Please read https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#do-not-push-to-gitlab-orggitlab" + echo + + exit 1 +fi |