backup/dn42-registry
1
Fork 0
mirror of https://git.dn42.dev/dn42/registry.git synced 2026-02-03 19:01:43 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
dn42-registry/check-pol
Simon Marsh 36e3570111 Update registry scripts
2026-01-25 10:30:16 +00:00

106 lines
2.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/sh -e
###########################################################################
#
# dn42 registry - policy checks
#
###########################################################################
commit="$1"
mntner="$2"
if [ -z "$commit" ] || [ -z "$mntner" ]
then
>&2 echo "Usage: $0 COMMIT YOUR-MNT"
exit 1
fi
check_script='utils/schema-check/dn42_schema_local.py'
exitcode=0
###########################################################################
# determine registry directory
#
# this will fail if the script is in the PATH or is sourced but those
# both seem unlikely. In any case if it does fail an env var can be used
# to override the check
rdir="$REGDIR"
if [ -z "$rdir" ]
then
rdir=$(cd -- "$(dirname -- "$0")" && pwd)
fi
if ! [ -x "${rdir}/${check_script}" ]
then
>&2 cat <<EOF
ERROR: Unable to automatically find the registry directory,
or the script '$check_script' is not executable
You can set the directory manually using the
REGDIR environment variable.
For example:
REGDIR='path/to/registry' $0 $commit $mntner
EOF
exit 1
fi
# switch to the registry directory
cd "$rdir"
###########################################################################
# find each changed file, using git diff, and then run the policy
# check against each object that has changed
#
# the shell loop is a bit contrived but is required to maintain POSIX
# compatibility and avoid the need for subshells
# loop through each file that has changed
while IFS= read -r filename
do
# extract the object type and name from the filename
IFS='/'
# shellcheck disable=SC2086
set -- $filename
IFS=
path="$1"
type="$2"
object="$3"
# check the file really is a registry object
# (including if it still exists, as it may have been deleted)
if [ -f "$filename" ] && [ "$path" = 'data' ] && \
[ -n "$type" ] && [ -n "$object" ]
then
# run the check script
if ! "$check_script" -v policy \
"$type" "$object" "$mntner" "$commit"
then
# update exit code on failure
exitcode=1
fi
fi
done <<EOF
$(git diff --name-only "$commit")
EOF
###########################################################################
# output a message and set exit code on failure
if [ "$exitcode" -ne 0 ]
then
>&2 echo 'FAILED: check the output for details'
exit "$exitcode"
fi
# all good
exit 0
###########################################################################
# end of file
Reference in New Issue View Git Blame Copy Permalink