Best way to apply regex policy to BitBucket Cloud commit messages? - jenkins

Is there a way to implement a commit message policy on BitBucket Cloud?
From my understanding, the webhooks only work as commit notifications and can not intervene with the commits (to deny the commit if the commit message does not follow the set regex). For pre-commit hooks you would need BitBucket Server, right?
If that's the case, what about checking commit messages on a Jenkins build to fail the build if it contains a certain message that does not match the regex? Is that a viable option?
Another option, is there a local git config file where I could set the rules locally (even if they could be bypassed)?

I think you're confusing pre-commit hooks (which determine whether or not a commit can be made) with pre-receive hooks (which determine whether or not a specific remote will accept pushes). Bitbucket Cloud does not currently support custom pre-receive hooks, but Bitbucket Server does. Pre-commit hooks would need to be installed on every system where users make commits; those are not currently replicated, so you'd need everyone to manage them manually.
It sounds like Jenkins tests would be your best bet - check the commit message for the desired regex, and fail the test if the regex isn't there. That won't prevent people from making bad commits in the first place, but it will keep those bad commits out of the final product.

Related

pre-commit check or Remote-run missing with Github setup & Jenkins

Just to quote as an example one can submit a remote-run with some tool like TeamCity (similar to Jenkins) where it will apply delta/patch on what user is trying to commit & produces result whether changes is good from set-of configured checks for that project.
With Github & Jenkins, can such validation be achieved with any plugins out there?, which will avoid breaking a build?
I know with pull-request & status check one can achieve similar end-result. But without commit/push to remote repo of Git - is there a way Jenkins can handle this validation & produce initial result ??
It isn't possible to have GitHub perform checks on data it doesn't have, so if you don't push the data to the remote server, GitHub won't know anything about it and therefore will do nothing.
Jenkins does have a REST API that you could use to do this, provided you equipped each developer with appropriate credentials. However, this is not a common situation and wouldn't be a recommended configuration.
You'd be better off with a script in the repository that users could install as a hook or invoke from a hook that would perform the testing you want. If your CI jobs run a script in your repository, then sharing code between them should be easy.
Note that you shouldn't mandate pre-commit hooks, since they can interfere with advanced users (who may make intentionally incomplete temporary commits) and they can be disabled by users. Any sort of required checks should be done as part of CI, where policy can be enforced appropriately.

Is there a way to get gerrit to reject commits without a JiRA ticket number?

How does an admin configure Gerrit to automatically reject commits without JiRA ticket number? I've read this documentation but not sure how to implement it on all branches in a specific repository (not all repos!). Do all users need to download the file and copy it to their local repository or how does it work? What I want to achieve is that git/gerrit automatically rejects a commit that are missing a JiRA ticket number - doesn't have to be valid, it's up to the team to control that the ticket number is valid.
The Jira plugin is based in the ITS plugin. These plugins have a association configuration that can be set to MANDATORY.
MANDATORY : One or more issue-ids are required in the git commit message, otherwise the git push will be rejected.
SUGGESTED : Whenever git commit message does not contain one or more issue-ids, a warning message is displayed as a suggestion on the client.
OPTIONAL : Issues-ids are liked when found on git commit message, no warning are displayed otherwise.
The below config example is taken from the Jira plugin documentation.
[commentLink "Jira"]
match = (\\[[A-Z][A-Z]+-[1-9][0-9]*\\])
html = "$1"
association = MANDATORY
The Git::Hooks is the best solution to this job.
See how to install and configure it here.
See more info about it here.

Trigger building the Github's webhook head_commit in Jenkins

I have configured a Jenkins Pipeline that correctly receives webhooks push notifications from GitHub, on push events.
The authentication is done through a deployment key.
Jenkins configuration seems to rely a lot on the concepts of branches and pull requests.
Given my workflow, which consists mostly of creating branches for any needs, and merge changes back onto master once things would look fine on the CI, I do not really care about seeing my builds categorized by branch or PR.
I would prefer to see builds based on commits' hashes. I do not see the need to tell Jenkins what branch I want it to match.
My current configuration is not selecting the commit revision I desire. I do not understand how it decides which branch or commit to build, once it receives a push notification. In Jenkins I have set the branch to **.
Checking the webhook payload, I noticed that it contains both the list of commits but also something called head_commit, with its id property being the commit's hash I want to see being built.
I would like Jenkins to do the following:
Check what's the head commit in the webhook notification (head_commit.id in the payload)
Build that precise commit, no matter the branch it is part of
Setting a green tick or a red cross beside the commit's hash on Github
Is this possible?

How to accomplish read-only git branch using Gerrit access rules

We use Gerrit 2.5-rc1) ACLs to manage access to our git projects & branches. We try to keep the rules simple for developer groups; refs/heads/* allow Push, Create Reference, Push Merge Commit.
There is a need to mark a specific branch, call it foo, as read only. I have tried adding a new rule for refs/heads/foo/*, allowing READ, but DENYing Push, Push Merge Commit, etc. (both with and without "Exclusive" tickbox ticked). In any case, developers are still permitted to push to that branch.
Any idea how to do this without writing server hooks, etc?
For your Gerrit version I think the following set should do the trick:
refs/heads/* ALLOW
refs/heads/foo/* BLOCK

Is there a way to inform users about a change in Stash repository?

I would like to know if it is possible to send an e-mail notification to certain users when there is a modification to a particular directory within a repository in Stash. I know it is possible to write a shell script within Jenkins project to do this and then inform through e-mail but I would like to know if there is a native option within Jenkins configuration to this action.
This is possible within BitBucket Server itself as of May 7, 2013:
Repository subscriptions
[...] At times, you may want to receive emails on specific types of messages you care most about including:
...
Commits – when a new commit is added or a comment is left
...
See also Manage Inbox and email notifications.
You can use Poll SCM under Build Triggers section.
Define a job that uses GIT plugin, specify a workspace and machine so it'll always be synced with the latest, and poll every 2 minutes. if there is a change in the repository the job will be triggered. Add a post build action to send emails using the built in email notification or using Email-ext plugin.
Don't forget to edit the SMTP information under Manage Jenkins->Configure.
You can check Here for more information about Jenkins Polling.

Resources