Allow hook to warn on failures but accept commits

Description

It would be pretty beneficial if admins could warn users instead of blocking them. It would help with transitions and would also make companies with more lax workflows find more use out of hooks.

Design

  • Since pre-receive hooks can print out output to the pusher and still accept the commit, there’s no reason to make a separate post-receive hook.

    • There is only one hook, but with configurable behavior.

  • Add a Disabled / Warn / Block dropdown option in the global options.

  • Add a “warn_dont_block” boolean option to mohami-security.yml.

    • If the “warn_dont_block” is missing, and the global hook is enabled, inherit the global hook configuration.

    • If the option is missing, and the global hook is disabled, default to blocking behavior (i.e. false).

  • Remember to update the hook description in UI (currently it says “Reject vulnerable commits”)

Activity

Show:
Andrey Levchenko
April 17, 2020, 4:54 PM

I reviewed related API and it doesn’t seem that PostReceiveHook can return anything to client shell.

PreRepositoryHook returns RepositoryHookResult while PostRepositoryHook has void return type

Andrey Levchenko
April 21, 2020, 8:45 AM

Atlassian documents are often outdated
https://docs.atlassian.com/bitbucket-server/javadoc/7.1.1/spi/com/atlassian/bitbucket/hook/repository/PostRepositoryHook.html
I’m not seeing any hook response among parameters

Mohammed Davoodi
April 21, 2020, 5:04 PM

Assignee

Unassigned

Reporter

Mohammed Davoodi

Sprint

None

Labels

None

Github URL

None

Priority

Medium
Configure