summaryrefslogtreecommitdiff
path: root/lib/oxidized/hook/githubrepo.rb
blob: 97016089d554906a72b3398e2253a89eb0283d2b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
class GithubRepo < Oxidized::Hook
  def validate_cfg!
    raise KeyError, 'hook.remote_repo is required' unless cfg.has_key?('remote_repo')
  end

  def run_hook(ctx)
    repo = Rugged::Repository.new(ctx.node.repo)
    log "Pushing local repository(#{repo.path})..."
    remote = repo.remotes['origin'] || repo.remotes.create('origin', remote_repo(ctx.node))
    log "to remote: #{remote.url}"

    fetch_and_merge_remote(repo)

    remote.push([repo.head.name], credentials: credentials)
  end

  def fetch_and_merge_remote(repo)
    result = repo.fetch('origin', [repo.head.name], credentials: credentials)
    log result.inspect, :debug

    unless result[:total_deltas] > 0
      log "nothing recieved after fetch", :debug
      return
    end

    their_branch = repo.branches["origin/master"]

    log "merging fetched branch #{their_branch.name}", :debug

    merge_index = repo.merge_commits(repo.head.target_id, their_branch.target_id)

    if merge_index.conflicts?
      log("Conflicts detected, skipping Rugged::Commit.create", :warn)
      return
    end

    Rugged::Commit.create(repo, {
                            parents: [repo.head.target, their_branch.target],
                            tree: merge_index.write_tree(repo),
                            message: "Merge remote-tracking branch '#{their_branch.name}'",
                            update_ref: "HEAD"
                          })
  end

  private

  def credentials
    Proc.new do |url, username_from_url, allowed_types|
      if cfg.has_key?('username')
        git_user = cfg.username
      else
        git_user = username_from_url || 'git'
      end

      if cfg.has_key?('password')
        log "Authenticating using username and password as '#{git_user}'", :debug
        Rugged::Credentials::UserPassword.new(username: git_user, password: cfg.password)
      elsif cfg.has_key?('publickey') && cfg.has_key?('privatekey')
        log "Authenticating using ssh keys as '#{git_user}'", :debug
        Rugged::Credentials::SshKey.new(username: git_user, publickey: File.expand_path(cfg.publickey), privatekey: File.expand_path(cfg.privatekey), passphrase: ENV["OXIDIZED_SSH_PASSPHRASE"])
      else
        log "Authenticating using ssh agent as '#{git_user}'", :debug
        Rugged::Credentials::SshKeyFromAgent.new(username: git_user)
      end
    end
  end

  def remote_repo(node)
    if node.group.nil? || cfg.remote_repo.is_a?(String)
      cfg.remote_repo
    else
      cfg.remote_repo[node.group]
    end
  end
end