cytopia/check_git
Composer 安装命令:
composer require cytopia/check_git
包简介
Nagios plugin to verify a git repository.
关键字:
README 文档
README
Nagios plugin to verify a git directory. Checks include git status (with or without submodules), HEAD is on a branch or tag (any or specified), has diffs against remote (with or without submodules), HEAD (tag, branch or commit) is GPG signed and the signature is valid.
![]() |
Find more plugins at Awesome Nagios |
|---|---|
![]() |
Find more plugins at Icinga Exchange |
![]() |
Find more plugins at Nagios Exchange |
1. Nagios / Icinga integration
There are two ways how to integrate this with nagios or icinga.
1.1 Direct approach (not recommended)
Use check_git directly from nagios and test a repository every time a check is triggered. In order for the output to be usaeble by Nagios / Icinga, you will have to use -n <NAME>, which will amongst others remove the shell colors from the output. Correct exit codes for success, warning, error and unknown are thrown by default.
Example
$ check_git -d <PATH_TO_GIT_DIR> -s -n <PROJECT_NAME>
1.2 Approach to just parse a logfile (recommended)
This approach reduces the overhead to check a repository every 5min by nagios, and rather check the logfile created by check_git.
Sometimes a full check (status, gpg, remote check, etc) can take up to a few seconds and u don't want to stress the system every 5min.
For that to work, you simply add check_git to your crontab and only check your repository every 4 hours for example.
Nagios / Icinga can still check the logfile every 5 minutes.
Crontab
0 0,4,8,12,16,20 * * * /full/path/to/check_git -d <GIT_DIR> -n <PROJECT_NAME> -l /var/log/git/<project-name>.log
This will update the logfile under /var/log/git/<project-name>.log every 4 hours and nagios/icinga can however check on it as often as they want via:
The actual check
$ check_git_log -f /var/log/git/<project-name>.log
2. Examples
The following examples show each options separately, you can of course combine most checks.
2.1 Check git status
Without submodules (-s)
$ check_git -d /shared/httpd/my-project/ -s -n My-Project [SUCCESS] My-Project git repo is healthy. [SUCCESS] Git status: clean
With submodules (-S)
$ check_git -d /shared/httpd/my-project/ -S -n My-Project [CRITICAL] My-Project git repo has errors. [SUCCESS] Git status: clean [CRITICAL] Git status: submodule(s) unclean
2.2 Check status of HEAD (branch or tag)
HEAD must be on a branch (any branch -b)
$ check_git -d /shared/httpd/my-project/ -b -n My-Project
[SUCCESS] My-Project git repo is healthy.
[SUCCESS] Git Branch: on branch 'develop'
HEAD must be on branch develop (-B)
$ check_git -d /shared/httpd/my-project/ -B develop -n My-Project
[SUCCESS] My-Project git repo is healthy.
[SUCCESS] Git Branch: on branch 'develop'
HEAD must be on a tag (any tag -t)
$ check_git -d /shared/httpd/my-project/ -t -n My-Project [CRITICAL] My-Project git repo has errors. [CRITICAL] Git Tag: not on any tag
HEAD must be on tag 0.3 (-T)
$ check_git -d /shared/httpd/my-project/ -T 0.3 -n My-Project [CRITICAL] My-Project git repo has errors. [CRITICAL] Git Tag: on tag '0.2', but should be on: '0.3'
2.3 Check GPG signature of commit/tag
Check if the current commit (or if HEAD is a tag, the current tag) is signed with gpg and valid (-g).
$ check_git -d /shared/httpd/my-project/ -g -n My-Project [SUCCESS] My-Project git repo is healthy. [SUCCESS] GPG Signed: Yes with key: 695128A2 [SUCCESS] GPG Pubkey: available [SUCCESS] GPG Signer: cytopia [SUCCESS] GPG Trust: ULTIMATE
Check if the current commit (or if HEAD is a tag, the current tag) is signed with gpg, valid and matches one of the specified key ids (-G).
$ check_git -d /shared/httpd/my-project/ -G 695128A2,00000000,11111111,22222222 -n My-Project [SUCCESS] My-Project git repo is healthy. [SUCCESS] GPG Signed: Yes with expected key: 695128A2 [SUCCESS] GPG Pubkey: available [SUCCESS] GPG Signer: cytopia [SUCCESS] GPG Trust: ULTIMATE
2.4 Check Diff against remote
Check if you have new code to pull (only makes sense if you are on a branch). Check excluding submodules (-R)
$ check_git -d /shared/httpd/my-project/ -R origin -n My-Project
[SUCCESS] My-Project git repo is healthy.
[SUCCESS] Git remote: equals with 'origin'
Check if you have new code to pull (only makes sense if you are on a branch). Check including submodules (-r)
$ check_git -d /shared/httpd/my-project/ -r origin -n My-Project [CRITICAL] My-Project git repo has errors. [SUCCESS] Git remote: equals with 'origin' [CRITICAL] Git remote: submodule(s) differs from 'origin'
2.5 Show additional verbose output
Show some verbose output (will also be visible within nagios extended output)
$ check_git -d /shared/httpd/my-project/ -v -n My-Project
[SUCCESS] My-Project git repo is healthy.
[INFO] Bin: git version 2.10.2
[INFO] Path: /shared/httpd/my-project/
[INFO] Submodules: 2
[INFO] HEAD: on branch 'develop'
[INFO] GPG: signed 695128A2
3. Usage
Usage: check_git -d <git dir> [-s|-S] [-r|-R <remote>] [-b] [-B <branch>] [-t] [-T <tag>]] [-g] [-G <hash>[,<hash>]] [-v] OR -d <git dir> [-n <name>] [-l logfile] [-s|-S] [-r|-R <remote>] [-b] [-B <branch>] [-t] [-T <tag>]] [-g] [-G <hash>[,<hash>]] [-v] OR -h OR -V check_git can validate a git repository by different requirements You can have normal output or nagios (-n) compatible output to integrate this into your monitoring system. Required arguments: -d <git dir> Specify path to git repository. Optional arguments (output): -v Be more verbose. -n <name> Create nagios style check outout. Removes colors and adds a project name to the first line. -l <logfile> Log to file instead of stdout. This is especially useful if you want to integrate this check via nagios. You can then add a cronjob which periodically logs to file (as your deploy user) and the nagios check simply parses the logfile via 'check_git_log'. Requires '-n'. Optional arguments (checks): -s Check if git directory is clean. This also take any submodules into account. To prevent checking submodules use '-S'. '-s' and '-S' are mutually exclusive. -S Check if git directory is clean (ignore submodules). This ignores any submodules. To also check against submodules use '-s'. '-s' and '-S' are mutually exclusive. -r <remote> Check if git repository is in sync with remote. This option makes only sense, if your repository is checked out on a branch that can be compared with remote. This also take any submodules into account. To prevent checking submodules use '-R'. '-r' and '-R' are mutually exclusive. -R <remote> Check if git repository is in sync with remote (ignore submodules). This option makes only sense, if your repository is checked out on a branch that can be compared with remote. This ignores any submodules. To also check submodules use '-r'. '-r' and '-R' are mutually exclusive. -b Check if repository is checkout out on a branch. No detached HEAD or tag. '-b', '-B', '-t' and '-T' are mutually exclusive. -B [<branch>] Check if repository is checkout out on the specified branch. '-b', '-B', '-t' and '-T' are mutually exclusive. -t Check if repository is checkout out on a tag. No detached HEAD or branch. '-b', '-B', '-t' and '-T' are mutually exclusive. -T [<tag>] Check if repository is checkout out on the specified tag. No detached HEAD or branch. '-b', '-B', '-t' and '-T' are mutually exclusive. -g Check if current HEAD is signed and has a valid GPG signature. If current HEAD is a tag, the GPG signature of the tag is checked, instead of the signature of the current commit. For this to pass, you will also have to add your trusted GPG public keys locally. Returns: Error, if not signed. Warning, if signed, but pubkey is not available. Warning, if signed, but pubkey is not trusted. OK, if signed, pubkey is available and trusted. '-g', and '-G' are mutually exclusive. -G <hash>[,<hash>] Check if current HEAD is signed by the given key id (hash) and has a valid GPG signature. You can separate multiple key-id's via comma without space. key-id (hash) must be the last 8 characters (all uppercase) of the key. If current HEAD is a tag, the GPG signature of the tag is checked, instead of the signature of the current commit. For this to pass, you will also have to add your trusted GPG public keys locally. Returns: Error, if not signed. Error, if signed with a different key-id. Warning, if signed, but pubkey is not available. Warning, if signed, but pubkey is not trusted. OK, if signed, pubkey is available and trusted. '-g', and '-G' are mutually exclusive. Version and Help: -V Show version information -h Show this help screen
cytopia/check_git 适用场景与选型建议
cytopia/check_git 是一款 基于 Shell 开发的 Composer 扩展包,目前已累计 5.17k 次下载、GitHub Stars 达 10, 最近一次更新时间为 2016 年 12 月 05 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「git」 「nagios」 「icinga」 「nagios-plugin」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 cytopia/check_git 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 cytopia/check_git 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 cytopia/check_git 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Easily manage git hooks in your composer config
MediaWiki extension that allows embedding external content, specified by URL, into your wiki pages
Nagios plugin to check for a string/regex on a webpage. Also works behind .htaccess and POST login.
This nagios plugin will check if your drupal site has issues (security updates, updates[optional], outstanding db updates, other problems).
Simple monitoring tooling and Symfony bundle
Nagios Plugin to monitor mysqldump database backups.
统计信息
- 总下载量: 5.17k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 10
- 点击次数: 3
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2016-12-05


