3

I am trying to restrict the binary file (EXE, DLL, PDF) committing in our gitlab. So I need to add the hook to restrict it in globally. How can I do this? Is Pre-receive hook is suitable for this?

Is this place is correct to add the hook?

/opt/gitlab/embedded/service/gitlab-shell/hooks/pre-receive

Any helps appreciated!

2 Answers2

0

As I commented, for per-project, use custom hooks: (Chained hooks support)
See the exact steps at "How can I add hooks to gitlab?", and involve the create of a dedicate repo.git/custom_hooks subfolder.

But that is per-repository, not for all repos.
You would need to add that script for each repo of a group.

The pre-receive script you would see in the normal repo.git/hooks folder is actually a symlink to the gitlab-shell hook folder, and it is taken by GitLab to manage the access permission.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • You meant, I need to add the pre-receive hook in each and every repo in server machine? –  Aug 30 '17 at 11:06
  • @Arunkumar Yes, or at least a symlink to one common script if you want. – VonC Aug 30 '17 at 15:23
0

You can install a side-wide hook, but it is not very well documented. Gitlab is currently integrating gitlab-shell and gitaly. So providing instructions is a bit of a moving target, but they are valid as of the release of 12.3.5.

The scripts in gitlab-shell/hooks/* scan the current repository and site wide directories. However, the site wide directories will not be created at a clean install and you need to create them yourself.

mkdir -p <XXX>/gitlab-shell/hooks/pre-receive.d       # or update.d or post-receive.d
chown git:git <XXX>/gitlab-shell/hooks/pre-receive.d

# link or copy your script of course it needs to be executable by the Gitlab user
ln -s /usr/bin/my-hook <XXX>/gitlab-shell/hooks/pre-receive.d/my-hook
Bolke de Bruin
  • 690
  • 4
  • 8