31 lines
1.1 KiB
Bash
Executable File
31 lines
1.1 KiB
Bash
Executable File
#!/bin/sh -e
|
|
|
|
if [ -f "$__object/parameter/no-updates" ]; then
|
|
# User requested explicitly not to have updates
|
|
exit
|
|
fi
|
|
|
|
destination="/$__object_id"
|
|
|
|
state_should="$(cat "$__object/parameter/state")"
|
|
branch_should="$(cat "$__object/parameter/branch")"
|
|
owner="$(cat "$__object/parameter/owner")"
|
|
|
|
# If the user did not provide an owner, cdist defaults to root.
|
|
git_user="${owner:-root}"
|
|
|
|
# Only do something if we are not removing the repo and it is not the first run
|
|
if [ "$state_should" = "present" ] && [ -d "$destination/.git" ]; then
|
|
# First fetch the remote
|
|
# Whenever possible run git as non-root, see history of CVEs.
|
|
su -m "$git_user" -c "git -C '$destination' fetch --quiet"
|
|
head="$(su -m "$git_user" -c "git -C '$destination' rev-parse HEAD")"
|
|
# Try first to get the latest commit in the remote current branch,
|
|
# if it fails try to get the commit for the expected tag name
|
|
upstream="$(su -m "$git_user" -c "git -C '$destination' rev-parse '@{u}'" 2>/dev/null ||
|
|
su -m "$git_user" -c "git -C '$destination' rev-parse '${branch_should}^{}'")"
|
|
if [ "${head}" != "$upstream" ]; then
|
|
echo "YES"
|
|
fi
|
|
fi
|