Fix `scripts/security-harness` to support older git versions (!72695) · Merge requests · GitLab.org / GitLab

Peter Leitzen requested to merge pl-security-harness-fix into master Oct 20, 2021

What does this MR do and why?

Prior this commit scripts/security-harness would not remove lefthook if the git < 2.31 because the option --path-format=absolute wasn't available yet and just been echoed which resulted in a multiline result:

$ git rev-parse  --path-format=absolute --git-path hooks/pre-push
--path-format=absolute
.git/hooks/pre-push

The hook path "--path-format=absolute\n.git/hooks/pre-push" which does not exist. Moreover, the first run creates a directory "--path-format=absolute\n.git/" which is cumbersome to remove.

In this MR we only care about the last line which is most likely the path to the hook.

Screenshots or screen recordings

Before with `git < 2.31` 💥	After with `git < 2.31` ✔	After with `git >= 2.31` ✔

How to set up and validate locally

Ensure you have git installed < 2.31 and verify via git --version
Without this patch: Run scripts/security-harness and verify that hook is not installed and "--path-format=absolute\n.git/" exists 💥
With patch applied: Run scripts/security-harness again. Hook installed and no "--path-format=absolute\n.git/" ✔

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Oct 20, 2021 by Peter Leitzen

Fix `scripts/security-harness` to support older git versions

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports