#!/bin/bash
#
# Scan the bug numbers in commit logs and check whether it's still embargoed
#
# Put me on pre-push git hook
#
if [ ! -x /usr/bin/jq ]; then
echo >&2 "embargoed check: jq is not present, please install jq package"
exit 1
fi
remote="$1"
url="$2"
z40=0000000000000000000000000000000000000000
jsonf="$(mktemp)" || exit 1
trap "rm \"$jsonf\"" 0 1 2 3 15
curl -s -o "$jsonf" https://smash.suse.de/api/embargoed-bugs/ || exit 1
ids=$(jq -r '.[].bug.name | capture("^bnc#(?<id>[[:digit:]]+)").id' "$jsonf") \
|| exit 1
declare -A emb_bugs
for e in $ids; do
emb_bugs[$e]=1
done
while read local_ref local_sha remote_ref remote_sha
do
test "$local_sha" = $z40 && continue
case "$remote_ref" in
*_EMBARGO/*|*_EMBARGO)
continue;;
refs/heads/users/*/for-next)
base=${remote_ref#refs/heads/users/*/}
base=${base%/*}
;;
refs/heads/cve-*|refs/heads/SLE*|refs/heads/openSUSE*)
base=${remote_ref#refs/heads/}
;;
*)
continue;;
esac
if [ "$remote_sha" = $z40 ]; then
range="refs/remotes/origin/$base..$local_sha"
else
range="$remote_sha..$local_sha"
fi
bugs=$(git log "$range" | grep -E '\(bsc|bnc|boo)#?[0-9]\+' | sed -e's/[^a-z0-9#]/ /g')
test -z "$bugs" && continue
for w in $bugs; do
case "$w" in
bnc\#[0-9]*|bsc\#[0-9]*|boo\#[0-9]*)
bug=${w#b*#}
if [ -n "${emb_bugs[$bug]}" ]; then
echo >&2 "Found EMABARGO bug (in bsc#$bug) at $local_ref, not pushing"
exit 1
fi
esac
done
done
exit 0