pre-push git hooks for the Gemnasium repos
Problem to solve
As a developer working on Gemnasium in an MR, I want to know that my change doesn't pass code linting before I push a new commit, and don't want to wait for a failing linting job (running on the CI) to tell me about it.
- Async notifications about failing linting jobs cause a context switch, and that impacts my productivity.
- Pushing code that doesn't pass code linting is a waste of resources.
- (Also, it clutters the git history for the branch.)
Proposal
Configure pre-push
git hooks that perform the same checks as the ones performed in the pipeline:
- go lint
- go mod tidy
- CI lint (either using the API or locally using the JSON schema)
Use lefthook to configure the git hooks, like in the gitlab
project.
The lefthook configuration and the scripts it needs are shared by the 3 Gemnasium projects.
Share the same code to perform the checks locally in the pre-push
hooks, and in the linting jobs running on the CI.
See gitlab-org/security-products/ci-templates!286 (comment 897023510) and gl-retrospectives/secure-sub-dept/composition-analysis#17 (comment 874691062) for context.
Documentation
TODO: figure out where this should be documented
Intended users
groupcomposition analysis backend developers, and contributors to Gemnasium.