Clone this repo:


  1. 23e03f4 cmd/checker: for GCP, check scopes by Han-Wen Nienhuys · 9 weeks ago master
  2. c7e40da Build gerrit-linter as a docker image by Han-Wen Nienhuys · 10 weeks ago
  3. bcdaf26 Fix typo by Han-Wen Nienhuys · 9 weeks ago
  4. d4e5357 Rate limit PendingChecksByScheme calls on failure by Han-Wen Nienhuys · 10 weeks ago
  5. 23e4268 Get rid of deprecated name gerritfmt by Han-Wen Nienhuys · 10 weeks ago


This is a style verifier intended to be used with the Gerrit checks plugin.


  1. Install formatters:
go install
curl -o google-java-format.jar
  1. Obtain an HTTP password, and put it in testsite-auth. The format is username:secret.

  2. Register a checker

go run ./cmd/checker -auth_file=testsite-auth  --gerrit http://localhost:8080 \
  --language go --repo gerrit --register
  1. Make sure the checker is there
go run ./cmd/checker -auth_file=testsite-auth  --gerrit http://localhost:8080 \
  1. Start the server
go run ./cmd/checker -auth_file=testsite-auth  --gerrit http://localhost:8080


For simplicity of deployment, the gerrit-linter checker is stateless. All the necessary data is encoded in the checker UUID.


  • handle file types (symlink) and deletions

  • more formatters: clang-format, typescript, jsformat, ... ?

  • isolate each formatter to run with a separate gvisor/docker container.

  • tests: the only way to test this reliably is to spin up a gerrit server, and create changes against the server.

  • Update the list of checkers periodically.


This currently runs the formatters without sandboxing. Critical bugs (heap overflow, buffer overflow) in formatters can be escalated to obtain the OAuth2 token used for authentication.

The currently supported formatters are written in Java and Go, so this should not be an issue.


The following example shows how to build a Docker image hosted on GCP, in the project api-project-164060093628.

VERSION=$(date --iso-8601=minutes | tr -d ':' | tr '[A-Z]' '[a-z]'| sed \
    's|\+.*$||')-$(git rev-parse --short HEAD)${VERSION}
docker build -t ${NAME} -f Dockerfile .
docker push ${NAME}

To deploy onto a GCP VM, configure the VM to have scope

cloud beta compute instances set-scopes VM-NAME --scopes=


This is not an official Google product