commit hooks

Commit hooks using the pre-commit framework.

The hooks can be run client-side during development to give early feedback about common errors, style consistency, and standards enforcement. They can also be run server-side on our gitolite installation in order to prevent problematic commits.

Installation

Client install

To install client-side, first install the pre-commit package:

brew install pre-commit

or

pip install pre-commit

Hook config

Add a .pre-commit-config.yaml to the top-level of the git repository.

repos:
-   repo: https://github.com/bowdoincollege/noc-commit-hooks
    rev: <commit hash or tag>
    hooks:
    -   id: check-dhcp-format
    -   id: check-macaddr-case
        args: [ --fix ]
    -   id: check-dhcp-config
    -   id: check-ascii

or

repos:
-   repo: https://github.com/bowdoincollege/noc-commit-hooks
    rev: <commit hash or tag>
    hooks:
    -   id: check-dns-cname
    -   id: check-ipv6-case
    -   id: check-dns-serial
    -   id: check-dns-config
    -   id: check-ascii

Install hook into repo

To install the hook locally into a specific git repo:

sapphire:~/dns/(master=)$ pre-commit install
pre-commit installed at .git/hooks/pre-commit

Or, create a git template and add the hook to it so any new/cloned repos will have the hook added automatically.

git config --global init.templateDir ~/.git-template
pre-commit init-templatedir ~/.git-template

Hooks

DHCP hooks

check-dhcp-config

Check ISC DHCP server configuration files.

Runs dhcpd -t to check ISC DHCP daemon configuration files for any syntax errors. The script expects a top-level include directory for common files, and overwrites it with any files in the top-level host directories before running the checks.

Requires docker installed on the local machine.

check-dhcphost-format

Check ISC DHCP host entries match standard format.

Checks against a regex to match organizational standardized formatting of DHCP host entries. Uses fuzzy matching to indicate location of possible errors.

check-macaddr-case

Check that all MAC addresses are lower case.

The -fix and -nofix (default) options control whether the file is modified. Color output is enabled for terminal output, disabled otherwise; it can be forced with --color or --nocolor.

DNS hooks

check-dns-cname

Check if any CNAME resource records point to an IP address.

The BIND parser (used by check-dns-config) does not fail if the canonical name of a CNAME record looks like an IP address. This is a common mistake; even though it is valid syntax, it is almost never what the user intended.

check-dns-config

Check bind DNS server configuration and zone files.

Runs named-checkconf to check ISC bind nameserver configuration files and zone configurations. The script expects the repository to be organized with a top-level directory for each host. The top-level bind directory is for common files, typically symlinked from the other directories.

Requires docker installed on the local machine.

check-dns-serial

Check if serial in SOA RR is updated on all modified zone files.

The options -f (default) to enable, or -n to disable automatically updating the serial number in any modified zone files. The option -d specifies the repository subdirectory (default: bind/namedb) where primary zone files reside; only files in this directory or below will be checked/updated.

check-ipv6-case

Check that all IPv6 literals are lower case.

The -fix and -nofix (default) options control whether the file is modified. Color output is enabled for terminal output, disabled otherwise; it can be forced with --color or --nocolor.

check-ascii

Check for non-ascii printable chars and error if any are found.

---