From 18e9a5efbf13f0886b259e8f17c6d646a52cfb10 Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Thu, 18 Aug 2022 09:40:16 -0400
Subject: gitolite: Set default branch on first push

The non-core feature 'symbolic-ref' that ships with gitolite opens a
bigger hole than I would intend to (in the form of allowing arbitrary
git-symbolic-ref commands to be executed).

As an alternative, a post-git gitolite trigger is added.  Its only
purpose at the moment is to check on the state of HEAD following any
pushes.

Under normal circumstances, HEAD will point to a valid branch, or on a
first push, the master branch will be provided, validating HEAD.  If
after the first push, there is no branch called master, we assume the
creator wishes to use another name for the default branch, and so will
update the ref if doing so is unambiguous (there is only one other
branch).  If multiple non-master branches are present in this case, a
warning is issued, and HEAD is left invalid, awaiting a later push to
master.

This _should_ only be an issue for the first push.  Once HEAD refers to
a valid branch (of any name), this action is bypassed going forward.

Signed-off-by: Malfurious <m@lfurio.us>
---
 conf/.gitolite.rc   |  6 +++++-
 local/triggers/push | 16 ++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100755 local/triggers/push

diff --git a/conf/.gitolite.rc b/conf/.gitolite.rc
index c40ac25..25a5231 100644
--- a/conf/.gitolite.rc
+++ b/conf/.gitolite.rc
@@ -79,12 +79,16 @@
         # or you can use this, which lets you put everything in a subdirectory
         # called "local" in your gitolite-admin repo.  For a SECURITY WARNING
         # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
-        # LOCAL_CODE                =>  "$rc{GL_ADMIN_BASE}/local",
+        LOCAL_CODE                  =>  "$rc{GL_ADMIN_BASE}/local",
 
     # ------------------------------------------------------------------
 
     # List of commands and features to enable
 
+    POST_GIT => [
+        'push',
+    ],
+
     ENABLE => [
 
         # COMMANDS
diff --git a/local/triggers/push b/local/triggers/push
new file mode 100755
index 0000000..6aa587a
--- /dev/null
+++ b/local/triggers/push
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+[ "$4" = "W" ] || exit 0
+
+cd "$GL_REPO_BASE/$2.git"
+head=$(git symbolic-ref HEAD)
+
+if ! [ -f "$head" ]; then
+    set -- refs/heads/*
+    if [ "$#" -eq 1 ]; then
+        git symbolic-ref HEAD "$1"
+        echo "NOTICE: Default branch set to $1" >&2
+    else
+        echo "WARNING: The default branch is $head, but no such branch exists" >&2
+    fi
+fi
-- 
cgit v1.2.3