[PATCH 5 of 6 v3] hooks: fix potentially invalid interpreter in git hooks (Issue #333)

Thomas De Schampheleire patrickdepinguin at gmail.com
Mon Apr 8 20:14:56 UTC 2019 

# HG changeset patch
# User Thomas De Schampheleire <thomas.de_schampheleire at nokia.com>
# Date 1554323208 -7200
#      Wed Apr 03 22:26:48 2019 +0200
# Branch stable
# Node ID cb33fa0fa1551384df6e2f4ab9ddd00d8567c69d
# Parent  bcfc72030155063a2398004e4d55316160d276cb
hooks: fix potentially invalid interpreter in git hooks (Issue #333)

Commit 5e501b6ee639 introduced the use of 'sys.executable' as interpreter
for git hooks instead of 'python2' with the following argument:

    "Windows doesn't necessarily have "python2" available in $PATH, but we
    still want to make sure we don't end up invoking a python3. Using the
    absolute path seems more safe."

But, sys.executable does not necessarily point to Python. When Kallithea is
started under uWSGI, sys.executable points to the uwsgi executable. As a
result, the interpreter encoded in the git hooks on the server repositories
would be:

    #!/usr/bin/env /path/to/uwsgi

And pushing to such repo would result in following client errors:

    $ git push
    Password for 'http://user@localhost:5050':
    Enumerating objects: 3, done.
    Counting objects: 100% (3/3), done.
    Writing objects: 100% (3/3), 241 bytes | 241.00 KiB/s, done.
    Total 3 (delta 0), reused 0 (delta 0)
    remote: unable to load configuration from hooks/pre-receive
    To http://localhost:5050/gitrepo-new
     ! [remote rejected] master -> master (pre-receive hook declined)
    error: failed to push some refs to 'http://user@localhost:5050/gitrepo-new'


Fix this problem by using the newly introduced 'git_hook_interpreter'
setting from the ini file. This value is filled in automatically by
'kallithea-cli config-create', but can be overridden by the administrator.
If the value is not supplied or empty, fall back to the existing logic of
using sys.executable, or if that cannot be obtained 'python2'.

Suggested-by: Mads Kiilerich <mads at kiilerich.com>

diff --git a/kallithea/model/scm.py b/kallithea/model/scm.py
--- a/kallithea/model/scm.py
+++ b/kallithea/model/scm.py
@@ -727,10 +727,13 @@ class ScmModel(object):
         Git hook scripts so they invoke Kallithea code with the right Python
         interpreter and in the right environment.
 
+        This is not simply sys.executable because under uwsgi it will be the
+        uwsgi program itself.
+
         FIXME This may not work on Windows and may need a shell wrapper script.
         To be revisited later...
         """
-        return sys.executable or 'python2'
+        return kallithea.CONFIG.get('git_hook_interpreter') or sys.executable or 'python2'
 
     def install_git_hooks(self, repo, force_create=False):
         """

More information about the kallithea-general mailing list