#!/bin/sh # Helper hook to prevent folk from accidentally committing broken Puppet # manifests to the repository. # # You must have Ruby and Puppet installed on your workstation. If a # local copy of the `puppet' program is not available, and you know what # you are doing, you may bypass this hook script at your own peril with: # # $ git config anchor.im_a_puppet_master true # # or, for a once-off display of intrepidity, `git commit --no-verify'. derp() { echo "[$(basename ${0})] ${@}" exit 1 } if git rev-parse --verify HEAD >/dev/null 2>&1; then against=HEAD else # Initial commit: diff against an empty tree object against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 fi if [ "$(git config anchor.im_a_puppet_master)" = 'true' ]; then # User has opted out of manifest verification exit 0 fi if which puppet >/dev/null 2>&1; then # Find the root of the Git repository. The paths `git diff' spits # out will be relative to this root. OLD_PWD="$PWD" while [ \! -d .git ]; do if [ "$PWD" = "/" ]; then cd "$OLD_PWD" derp "I could not find the root of your Git repo." fi cd .. done IFS=' ' boned=0 for MANIFEST in $(git diff --cached --name-only --diff-filter=AM \ $against | grep '\.pp$'); do puppet --parseonly "$MANIFEST" || boned=1 done cd "$OLD_PWD" if [ $boned -ne 0 ]; then derp "Aborting on broken manifest. See feedback above." fi else cat - <