Commit ae30a545 authored by Katrin Leinweber's avatar Katrin Leinweber

Log and advise about push-rule-rejected commit

Because the GitLab Shell log doesn't include another detail
that references other GitLab components [1],
it is very difficult to find out where and
why exactly a certain push rule was broken.

This commit adds the commit's SHA into that output
and suggests a next step to the user.

[1] https://gitlab.com/gitlab-org/gitlab/-/blob/14-0-stable-ee/doc/administration/logs.md#gitlab-shelllog

Changelog: changed
EE: true
parent f5efd46f
...@@ -39,6 +39,12 @@ Now when a user tries to push a commit with a message `Bugfix`, their push is ...@@ -39,6 +39,12 @@ Now when a user tries to push a commit with a message `Bugfix`, their push is
declined. Only pushing commits with messages like `Bugfix according to JIRA-123` declined. Only pushing commits with messages like `Bugfix according to JIRA-123`
is accepted. is accepted.
The error message includes the rejected commit's SHA.
To resolve such errors, commit again with a matching message,
[rebase and reword](../topics/git/numerous_undo_possibilities_in_git/index.md#how-to-change-history),
or [amend](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend)
that commit's message locally.
### Restrict branch names ### Restrict branch names
If your company has a strict policy for branch names, you may want the branches to start If your company has a strict policy for branch names, you may want the branches to start
......
...@@ -42,11 +42,11 @@ module EE ...@@ -42,11 +42,11 @@ module EE
# In case of errors - all other checks will be canceled and push will be rejected. # In case of errors - all other checks will be canceled and push will be rejected.
def check_commit(commit) def check_commit(commit)
unless push_rule.commit_message_allowed?(commit.safe_message) unless push_rule.commit_message_allowed?(commit.safe_message)
return "Commit message does not follow the pattern '#{push_rule.commit_message_regex}'" return "Commit rejected: Commit message of #{Commit.truncate_sha(commit.id)} does not follow the pattern '#{push_rule.commit_message_regex}'. See https://docs.gitlab.com/ee/push_rules/push_rules.html#commit-messages-with-a-specific-reference for advice."
end end
if push_rule.commit_message_blocked?(commit.safe_message) if push_rule.commit_message_blocked?(commit.safe_message)
return "Commit message contains the forbidden pattern '#{push_rule.commit_message_negative_regex}'" return "Commit rejected: Commit message of #{Commit.truncate_sha(commit.id)} contains the forbidden pattern '#{push_rule.commit_message_negative_regex}'. See https://docs.gitlab.com/ee/push_rules/push_rules.html#commit-messages-with-a-specific-reference for advice."
end end
unless push_rule.author_email_allowed?(commit.committer_email) unless push_rule.author_email_allowed?(commit.committer_email)
......
...@@ -12,14 +12,14 @@ RSpec.describe EE::Gitlab::Checks::PushRules::CommitCheck do ...@@ -12,14 +12,14 @@ RSpec.describe EE::Gitlab::Checks::PushRules::CommitCheck do
it_behaves_like 'check ignored when push rule unlicensed' it_behaves_like 'check ignored when push rule unlicensed'
it 'returns an error if the rule fails due to missing required characters' do it 'returns an error if the rule fails due to missing required characters' do
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "Commit message does not follow the pattern '#{push_rule.commit_message_regex}'") expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "Commit rejected: Commit message of 54fcc214 does not follow the pattern '#{push_rule.commit_message_regex}'. See https://docs.gitlab.com/ee/push_rules/push_rules.html#commit-messages-with-a-specific-reference for advice.")
end end
it 'returns an error if the rule fails due to forbidden characters' do it 'returns an error if the rule fails due to forbidden characters' do
push_rule.commit_message_regex = nil push_rule.commit_message_regex = nil
push_rule.commit_message_negative_regex = '.*' push_rule.commit_message_negative_regex = '.*'
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "Commit message contains the forbidden pattern '#{push_rule.commit_message_negative_regex}'") expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "Commit rejected: Commit message of 54fcc214 contains the forbidden pattern '#{push_rule.commit_message_negative_regex}'. See https://docs.gitlab.com/ee/push_rules/push_rules.html#commit-messages-with-a-specific-reference for advice.")
end end
it 'returns an error if the regex is invalid' do it 'returns an error if the regex is invalid' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment