From dd7fc0317dc4976d7c97a00e1904686be0e7d192 Mon Sep 17 00:00:00 2001
From: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Date: Wed, 18 Dec 2019 01:16:27 +0200
Subject: Add git-request-pull.sh

The git-request-pull.sh script wraps git-request-pull with additional
sanity checks to verify that all commits are properly signed by both the
author and the committer.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
---
 git-request-pull.sh | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100755 git-request-pull.sh

(limited to 'git-request-pull.sh')

diff --git a/git-request-pull.sh b/git-request-pull.sh
new file mode 100755
index 0000000..4694130
--- /dev/null
+++ b/git-request-pull.sh
@@ -0,0 +1,89 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0+
+#
+# git-request-pull wrapper with sanity checks
+#
+
+baserev=
+headrev=
+
+parse_options() {
+	# The code below if borrowed from git-request-pull
+
+	# Skip all options
+	while [[ $# != 0 ]] ; do
+		case "$1" in
+		-p)
+			;;
+		--)
+			shift
+			break
+			;;
+		-*)
+			return
+			;;
+		*)
+			break
+			;;
+		esac
+		shift
+	done
+
+	local base=$1
+	local head=
+
+	baserev=$(git rev-parse --verify --quiet "$base"^0)
+	if [[ -z "$baserev" ]] ; then
+		return
+	fi
+
+	local=${3%:*}
+	local=${local:-HEAD}
+	head=$(git symbolic-ref -q "$local")
+	head=${head:-$(git show-ref --heads --tags "$local" | cut -d' ' -f2)}
+	head=${head:-$(git rev-parse --quiet --verify "$local")}
+
+	if [[ -z "$head" ]] ; then
+		return
+	fi
+
+	headrev=$(git rev-parse --verify --quiet "$head"^0)
+}
+
+check_commits() {
+	if [[ -z "$baserev" || -z "$headrev" ]] ; then
+		# git request-pull will catch this issue
+		return
+	fi
+
+	local author
+	local commit
+	local committer
+	local errors=0
+	local sob
+
+	for commit in $(git rev-list ^$baserev $headrev) ; do
+		local author=$(git show --pretty='format:%an <%ae>' -s $commit)
+		local committer=$(git show --pretty='format:%cn <%ce>' -s $commit)
+		local summary=$(git show --pretty='format:%h ("%s")' -s $commit)
+
+		git show -s $commit | grep -Fqx "    Signed-off-by: $author" || {
+			echo "Commit $summary is not signed off by author"
+			errors=$((errors+1))
+		}
+		git show -s $commit | grep -Fqx "    Signed-off-by: $committer" || {
+			echo "Commit $summary is not signed off by committer"
+			errors=$((errors+1))
+		}
+	done
+
+	if [[ $errors != 0 ]] ; then
+		echo "$errors errors found, please fix"
+		exit 1
+	fi
+}
+
+parse_options $*
+check_commits
+
+git request-pull $*
-- 
cgit v1.2.3