Documentation/git-push.txt: document when --signed may fail
[gitweb.git] / builtin / receive-pack.c
index 8266c1fccf0c0b5908c14a726d443dec36a22d58..5292bb5a506805778c6b9c164523c80a44da3edd 100644 (file)
@@ -38,9 +38,11 @@ static int receive_fsck_objects = -1;
 static int transfer_fsck_objects = -1;
 static int receive_unpack_limit = -1;
 static int transfer_unpack_limit = -1;
+static int advertise_atomic_push = 1;
 static int unpack_limit = 100;
 static int report_status;
 static int use_sideband;
+static int use_atomic;
 static int quiet;
 static int prefer_ofs_delta = 1;
 static int auto_update_server_info;
@@ -67,6 +69,7 @@ static const char *NONCE_SLOP = "SLOP";
 static const char *nonce_status;
 static long nonce_stamp_slop;
 static unsigned long nonce_stamp_slop_limit;
+static struct ref_transaction *transaction;
 
 static enum deny_action parse_deny_action(const char *var, const char *value)
 {
@@ -160,6 +163,11 @@ static int receive_pack_config(const char *var, const char *value, void *cb)
                return 0;
        }
 
+       if (strcmp(var, "receive.advertiseatomic") == 0) {
+               advertise_atomic_push = git_config_bool(var, value);
+               return 0;
+       }
+
        return git_default_config(var, value, cb);
 }
 
@@ -175,6 +183,8 @@ static void show_ref(const char *path, const unsigned char *sha1)
 
                strbuf_addstr(&cap,
                              "report-status delete-refs side-band-64k quiet");
+               if (advertise_atomic_push)
+                       strbuf_addstr(&cap, " atomic");
                if (prefer_ofs_delta)
                        strbuf_addstr(&cap, " ofs-delta");
                if (push_cert_nonce)
@@ -733,7 +743,25 @@ static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
        return 0;
 }
 
-static const char *update_worktree(unsigned char *sha1)
+/*
+ * NEEDSWORK: we should consolidate various implementions of "are we
+ * on an unborn branch?" test into one, and make the unified one more
+ * robust. !get_sha1() based check used here and elsewhere would not
+ * allow us to tell an unborn branch from corrupt ref, for example.
+ * For the purpose of fixing "deploy-to-update does not work when
+ * pushing into an empty repository" issue, this should suffice for
+ * now.
+ */
+static int head_has_history(void)
+{
+       unsigned char sha1[20];
+
+       return !get_sha1("HEAD", sha1);
+}
+
+static const char *push_to_deploy(unsigned char *sha1,
+                                 struct argv_array *env,
+                                 const char *work_tree)
 {
        const char *update_refresh[] = {
                "update-index", "-q", "--ignore-submodules", "--refresh", NULL
@@ -743,74 +771,95 @@ static const char *update_worktree(unsigned char *sha1)
        };
        const char *diff_index[] = {
                "diff-index", "--quiet", "--cached", "--ignore-submodules",
-               "HEAD", "--", NULL
+               NULL, "--", NULL
        };
        const char *read_tree[] = {
                "read-tree", "-u", "-m", NULL, NULL
        };
-       const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
-       struct argv_array env = ARGV_ARRAY_INIT;
        struct child_process child = CHILD_PROCESS_INIT;
 
-       if (is_bare_repository())
-               return "denyCurrentBranch = updateInstead needs a worktree";
-
-       argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
-
        child.argv = update_refresh;
-       child.env = env.argv;
+       child.env = env->argv;
        child.dir = work_tree;
        child.no_stdin = 1;
        child.stdout_to_stderr = 1;
        child.git_cmd = 1;
-       if (run_command(&child)) {
-               argv_array_clear(&env);
+       if (run_command(&child))
                return "Up-to-date check failed";
-       }
 
        /* run_command() does not clean up completely; reinitialize */
        child_process_init(&child);
        child.argv = diff_files;
-       child.env = env.argv;
+       child.env = env->argv;
        child.dir = work_tree;
        child.no_stdin = 1;
        child.stdout_to_stderr = 1;
        child.git_cmd = 1;
-       if (run_command(&child)) {
-               argv_array_clear(&env);
+       if (run_command(&child))
                return "Working directory has unstaged changes";
-       }
+
+       /* diff-index with either HEAD or an empty tree */
+       diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
 
        child_process_init(&child);
        child.argv = diff_index;
-       child.env = env.argv;
+       child.env = env->argv;
        child.no_stdin = 1;
        child.no_stdout = 1;
        child.stdout_to_stderr = 0;
        child.git_cmd = 1;
-       if (run_command(&child)) {
-               argv_array_clear(&env);
+       if (run_command(&child))
                return "Working directory has staged changes";
-       }
 
        read_tree[3] = sha1_to_hex(sha1);
        child_process_init(&child);
        child.argv = read_tree;
-       child.env = env.argv;
+       child.env = env->argv;
        child.dir = work_tree;
        child.no_stdin = 1;
        child.no_stdout = 1;
        child.stdout_to_stderr = 0;
        child.git_cmd = 1;
-       if (run_command(&child)) {
-               argv_array_clear(&env);
+       if (run_command(&child))
                return "Could not update working tree to new HEAD";
-       }
 
-       argv_array_clear(&env);
        return NULL;
 }
 
+static const char *push_to_checkout_hook = "push-to-checkout";
+
+static const char *push_to_checkout(unsigned char *sha1,
+                                   struct argv_array *env,
+                                   const char *work_tree)
+{
+       argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
+       if (run_hook_le(env->argv, push_to_checkout_hook,
+                       sha1_to_hex(sha1), NULL))
+               return "push-to-checkout hook declined";
+       else
+               return NULL;
+}
+
+static const char *update_worktree(unsigned char *sha1)
+{
+       const char *retval;
+       const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
+       struct argv_array env = ARGV_ARRAY_INIT;
+
+       if (is_bare_repository())
+               return "denyCurrentBranch = updateInstead needs a worktree";
+
+       argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
+
+       if (!find_hook(push_to_checkout_hook))
+               retval = push_to_deploy(sha1, &env, work_tree);
+       else
+               retval = push_to_checkout(sha1, &env, work_tree);
+
+       argv_array_clear(&env);
+       return retval;
+}
+
 static const char *update(struct command *cmd, struct shallow_info *si)
 {
        const char *name = cmd->ref_name;
@@ -910,6 +959,7 @@ static const char *update(struct command *cmd, struct shallow_info *si)
        }
 
        if (is_null_sha1(new_sha1)) {
+               struct strbuf err = STRBUF_INIT;
                if (!parse_object(old_sha1)) {
                        old_sha1 = NULL;
                        if (ref_exists(name)) {
@@ -919,35 +969,35 @@ static const char *update(struct command *cmd, struct shallow_info *si)
                                cmd->did_not_exist = 1;
                        }
                }
-               if (delete_ref(namespaced_name, old_sha1, 0)) {
-                       rp_error("failed to delete %s", name);
+               if (ref_transaction_delete(transaction,
+                                          namespaced_name,
+                                          old_sha1,
+                                          0, "push", &err)) {
+                       rp_error("%s", err.buf);
+                       strbuf_release(&err);
                        return "failed to delete";
                }
+               strbuf_release(&err);
                return NULL; /* good */
        }
        else {
                struct strbuf err = STRBUF_INIT;
-               struct ref_transaction *transaction;
-
                if (shallow_update && si->shallow_ref[cmd->index] &&
                    update_shallow_ref(cmd, si))
                        return "shallow error";
 
-               transaction = ref_transaction_begin(&err);
-               if (!transaction ||
-                   ref_transaction_update(transaction, namespaced_name,
-                                          new_sha1, old_sha1, 0, 1, "push",
-                                          &err) ||
-                   ref_transaction_commit(transaction, &err)) {
-                       ref_transaction_free(transaction);
-
+               if (ref_transaction_update(transaction,
+                                          namespaced_name,
+                                          new_sha1, old_sha1,
+                                          0, "push",
+                                          &err)) {
                        rp_error("%s", err.buf);
                        strbuf_release(&err);
+
                        return "failed to update ref";
                }
-
-               ref_transaction_free(transaction);
                strbuf_release(&err);
+
                return NULL; /* good */
        }
 }
@@ -1131,11 +1181,105 @@ static void reject_updates_to_hidden(struct command *commands)
        }
 }
 
+static int should_process_cmd(struct command *cmd)
+{
+       return !cmd->error_string && !cmd->skip_update;
+}
+
+static void warn_if_skipped_connectivity_check(struct command *commands,
+                                              struct shallow_info *si)
+{
+       struct command *cmd;
+       int checked_connectivity = 1;
+
+       for (cmd = commands; cmd; cmd = cmd->next) {
+               if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
+                       error("BUG: connectivity check has not been run on ref %s",
+                             cmd->ref_name);
+                       checked_connectivity = 0;
+               }
+       }
+       if (!checked_connectivity)
+               die("BUG: connectivity check skipped???");
+}
+
+static void execute_commands_non_atomic(struct command *commands,
+                                       struct shallow_info *si)
+{
+       struct command *cmd;
+       struct strbuf err = STRBUF_INIT;
+
+       for (cmd = commands; cmd; cmd = cmd->next) {
+               if (!should_process_cmd(cmd))
+                       continue;
+
+               transaction = ref_transaction_begin(&err);
+               if (!transaction) {
+                       rp_error("%s", err.buf);
+                       strbuf_reset(&err);
+                       cmd->error_string = "transaction failed to start";
+                       continue;
+               }
+
+               cmd->error_string = update(cmd, si);
+
+               if (!cmd->error_string
+                   && ref_transaction_commit(transaction, &err)) {
+                       rp_error("%s", err.buf);
+                       strbuf_reset(&err);
+                       cmd->error_string = "failed to update ref";
+               }
+               ref_transaction_free(transaction);
+       }
+       strbuf_release(&err);
+}
+
+static void execute_commands_atomic(struct command *commands,
+                                       struct shallow_info *si)
+{
+       struct command *cmd;
+       struct strbuf err = STRBUF_INIT;
+       const char *reported_error = "atomic push failure";
+
+       transaction = ref_transaction_begin(&err);
+       if (!transaction) {
+               rp_error("%s", err.buf);
+               strbuf_reset(&err);
+               reported_error = "transaction failed to start";
+               goto failure;
+       }
+
+       for (cmd = commands; cmd; cmd = cmd->next) {
+               if (!should_process_cmd(cmd))
+                       continue;
+
+               cmd->error_string = update(cmd, si);
+
+               if (cmd->error_string)
+                       goto failure;
+       }
+
+       if (ref_transaction_commit(transaction, &err)) {
+               rp_error("%s", err.buf);
+               reported_error = "atomic transaction failed";
+               goto failure;
+       }
+       goto cleanup;
+
+failure:
+       for (cmd = commands; cmd; cmd = cmd->next)
+               if (!cmd->error_string)
+                       cmd->error_string = reported_error;
+
+cleanup:
+       ref_transaction_free(transaction);
+       strbuf_release(&err);
+}
+
 static void execute_commands(struct command *commands,
                             const char *unpacker_error,
                             struct shallow_info *si)
 {
-       int checked_connectivity;
        struct command *cmd;
        unsigned char sha1[20];
        struct iterate_data data;
@@ -1166,27 +1310,13 @@ static void execute_commands(struct command *commands,
        free(head_name_to_free);
        head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
 
-       checked_connectivity = 1;
-       for (cmd = commands; cmd; cmd = cmd->next) {
-               if (cmd->error_string)
-                       continue;
-
-               if (cmd->skip_update)
-                       continue;
-
-               cmd->error_string = update(cmd, si);
-               if (shallow_update && !cmd->error_string &&
-                   si->shallow_ref[cmd->index]) {
-                       error("BUG: connectivity check has not been run on ref %s",
-                             cmd->ref_name);
-                       checked_connectivity = 0;
-               }
-       }
+       if (use_atomic)
+               execute_commands_atomic(commands, si);
+       else
+               execute_commands_non_atomic(commands, si);
 
-       if (shallow_update && !checked_connectivity)
-               error("BUG: run 'git fsck' for safety.\n"
-                     "If there are errors, try to remove "
-                     "the reported refs above");
+       if (shallow_update)
+               warn_if_skipped_connectivity_check(commands, si);
 }
 
 static struct command **queue_command(struct command **tail,
@@ -1268,6 +1398,9 @@ static struct command *read_head_info(struct sha1_array *shallow)
                                use_sideband = LARGE_PACKET_MAX;
                        if (parse_feature_request(feature_list, "quiet"))
                                quiet = 1;
+                       if (advertise_atomic_push
+                           && parse_feature_request(feature_list, "atomic"))
+                               use_atomic = 1;
                }
 
                if (!strcmp(line, "push-cert")) {