-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
82 lines (74 loc) · 2.76 KB
/
.pre-commit-config.yaml
File metadata and controls
82 lines (74 loc) · 2.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v5.0.0
hooks:
- id: check-merge-conflict
name: Check for merge conflict strings
- id: end-of-file-fixer
name: Fix missing newline at the end of files
- id: check-shebang-scripts-are-executable
name: Check shell scripts are executable
files: \.(sh)$
- id: check-yaml
name: Check pipelines configuration
files: ^(.github)
- repo: https://github.com/pycqa/flake8
rev: "7ef0350a439c93166bc8ba89fcc3de6a9a664e6c" # release 6.1.0
hooks:
- id: flake8
- repo: local
hooks:
- id: lint-githubactions
name: Lint github actions
entry: make
args: ["lint-githubactions"]
language: system
files: ^.github
types_or: [yaml]
pass_filenames: false
- id: lint-githubaction-scripts
name: Lint github action scripts
entry: make
args: ["lint-githubaction-scripts"]
language: system
files: ^.github/scripts
types_or: [sh, shell]
pass_filenames: false
- id: git-secrets
name: Git Secrets
description: git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories.
entry: bash
args:
- -c
- 'git-secrets --pre_commit_hook'
language: system
- id: check-commit-signing
name: Check commit signing
description: Ensures that commits are GPG signed
entry: bash
args:
- -c
- |
if ! git config --get user.signingkey > /dev/null 2>&1; then
echo "Error: Git signing key not configured."
echo "Please configure your GPG signing key with:"
echo " git config user.signingkey <YOUR_GPG_KEY_ID>"
echo ""
echo "To find your GPG key ID, run: gpg --list-secret-keys --keyid-format=long"
echo "For more information, see: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
exit 1
fi
if ! git config --get commit.gpgsign | grep -q "true" > /dev/null 2>&1; then
echo "Error: Commit signing is not enabled."
echo "Please enable commit signing with:"
echo " git config commit.gpgsign true"
echo ""
echo "For more information, see: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
exit 1
fi
echo "Commit signing is properly configured."
language: system
pass_filenames: false
always_run: true
fail_fast: true
default_stages: [pre-commit]