(plan created by intrigeri and hefee - Jan 2018)
- Have a (rough) review of used scripts and interaction of components (#16326).
- We have to make sure that Weblate git only contains reviewed translations.
- maybe have pre-commit hooks that run check_po on the commit.
- Weblate should push by commit. Or if that to much noise once per hour. If once per hour we need a cronjob for this on the weblate VM.
- get pre-receive hook reviewed (#15402).
- On merge, our main git has to verify that weblate tries to push only po files, modified or new ones, and nothing else. Email on error to weblate admins and tails-l10n.
#3 Updated by u over 1 year ago
- Subject changed from Have the interface communicate with our main Git repository to Have the Weblate Git communicate with our main Git repository
Only reviewed and i18inspector checked translations should make it into our main repository. We need to add hooks to Weblate and Git for this.
#5 Updated by u over 1 year ago
Current pre-receive hook for Main Git (works) - but instead of comparing the committer email we might also want to add an env variable to detect when weblate is pushing.
#!/usr/bin/env python3 # Pre-receive or update hook for main git # Weblate is only allowed to push po files. import re, subprocess, sys expected = "firstname.lastname@example.org" # fixme regex = re.compile(".*\.po$") # read references from stdin oldref, newref, refname = sys.stdin.read().split() # get list of modified revisions rev_list = subprocess.run("git rev-list %s..%s"%(oldref,newref), check=True, shell=True, stdout=subprocess.PIPE) revlist = rev_list.stdout.decode().split("\n") for rev in revlist: # Email address of committer, not author committer = subprocess.run("git cat-file commit %s | grep 'committer' | grep -o -P '(?<=\<).*(?=\>)'"%rev, shell=True, stdout=subprocess.PIPE) # Which files have been modified files = subprocess.run("git diff-tree --no-commit-id --name-only -r %s"%rev, shell=True, stdout=subprocess.PIPE) if expected == committer.stdout.decode().strip() and not regex.search(files.stdout.decode()): print ("[POLICY] Weblate is only allowed to modify po files.") sys.exit(-1) ~