pax_global_header 0000666 0000000 0000000 00000000064 14121662721 0014514 g ustar 00root root 0000000 0000000 52 comment=6def7591ec486668c32808b8671559e6adc8ffac
pre-commit-hooks-v0.2.0/ 0000775 0000000 0000000 00000000000 14121662721 0015076 5 ustar 00root root 0000000 0000000 pre-commit-hooks-v0.2.0/.gitignore 0000664 0000000 0000000 00000000713 14121662721 0017067 0 ustar 00root root 0000000 0000000 ~*
*~
*.sw[op]
*.py[cod]
.DS_Store
__pycache__/
.vagrant/
vendor/
Thumbs.db
*.retry
.svn/
.sass-cache/
*.log
*.out
*.so
node_modules/
.npm/
nbproject/
*.ipynb
.idea/
*.egg-info/
*.[ao]
.classpath
.cache/
bower_components/
*.class
*.[ewj]ar
secring.*
.*.kate-swp
.swp.*
.directory
.Trash-*
build/
_build/
dist/
.tox/
*.pdf
*.exe
*.dll
*.gz
*.tgz
*.tar
*.rar
*.zip
*.xz
*.pid
*.lock
*.env
.bundle/
!Pipfile.lock
.terraform
.terraform.*
tfplan
*.tfstate*
*.venv
pre-commit-hooks-v0.2.0/.gitlab-ci.yml 0000664 0000000 0000000 00000001477 14121662721 0017543 0 ustar 00root root 0000000 0000000 ---
include:
- project: shore/ci-templates
file: templates/pre-commit.yml
pre-commit-try-repo:
stage: test
image: registry.shore.co.il/ci-images:pre-commit
tags: [ns4.shore.co.il]
variables:
XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache"
before_script:
- >-
curl https://apt.releases.hashicorp.com/gpg |
GNUPGHOME=/tmp gpg --dearmor >
/usr/share/keyrings/hashicorp.gpg
- . /etc/os-release
# yamllint disable rule:line-length
- >-
echo "deb [ signed-by=/usr/share/keyrings/hashicorp.gpg ] https://apt.releases.hashicorp.com $VERSION_CODENAME main" >
/etc/apt/sources.list.d/hashicorp.list
# yamllint enable rule:line-length
- apt-get update
- apt-get install -y terraform
script:
- pre-commit try-repo --all-files ./
cache:
paths:
- .cache/
pre-commit-hooks-v0.2.0/.pre-commit-config.yaml 0000664 0000000 0000000 00000004530 14121662721 0021361 0 ustar 00root root 0000000 0000000 ---
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks.git
rev: v4.0.1
hooks:
- id: check-added-large-files
- id: check-executables-have-shebangs
- id: check-merge-conflict
- id: check-shebang-scripts-are-executable
- id: check-yaml
- id: detect-private-key
- id: end-of-file-fixer
exclude: VERSION
- id: trailing-whitespace
- repo: https://github.com/codespell-project/codespell.git
rev: v2.1.0
hooks:
- id: codespell
- repo: https://github.com/Yelp/detect-secrets.git
rev: v1.1.0
hooks:
- id: detect-secrets
- repo: https://gitlab.com/devopshq/gitlab-ci-linter
rev: v1.0.3
hooks:
- id: gitlab-ci-linter
args:
- "--server"
- https://git.shore.co.il
- repo: https://github.com/amperser/proselint.git
rev: 0.10.2
hooks:
- id: proselint
types: [plain-text]
exclude: LICENSE
- repo: https://github.com/adrienverge/yamllint.git
rev: v1.26.3
hooks:
- id: yamllint
- repo: https://github.com/executablebooks/mdformat.git
rev: 0.7.9
hooks:
- id: mdformat
- repo: https://github.com/ambv/black.git
rev: 21.8b0
hooks:
- id: black
args:
- |
--line-length=79
- repo: https://github.com/PyCQA/prospector.git
rev: 1.5.1b0
hooks:
- id: prospector
args:
- |-
--max-line-length=79
- |-
--with-tool=bandit
- |-
--without-tool=pep257
- |-
--doc-warnings
- |-
--test-warnings
- |-
--full-pep8
- |-
--strictness=high
- |-
--no-autodetect
additional_dependencies:
- bandit
- repo: https://gitlab.com/pycqa/flake8.git
rev: 3.9.2
hooks:
- id: flake8
args:
- |-
--doctests
additional_dependencies:
- flake8-bugbear
- repo: https://github.com/pre-commit/pre-commit.git
rev: v2.15.0
hooks:
- id: validate_manifest
- repo: https://git.shore.co.il/nimrod/pre-commit-hooks.git
rev: v0.1.0
hooks:
- id: shell-validate
- repo: https://github.com/shellcheck-py/shellcheck-py.git
rev: v0.7.2.1
hooks:
- id: shellcheck
pre-commit-hooks-v0.2.0/.pre-commit-hooks.yaml 0000664 0000000 0000000 00000002625 14121662721 0021242 0 ustar 00root root 0000000 0000000 ---
- id: shell-validate
name: Lint shell scripts
description: Run /bin/sh -en against shell scripts.
language: script
entry: ./hooks/shell-validate
types: [shell]
- id: ansible-syntax-check
name: Syntax check Ansible playbooks
description: Check Ansible playbooks for syntax errors.
language: python
entry: ansible-playbook
files: playbook\.yml
types: [yaml]
args: ['--inventory=localhost,', '--syntax-check']
- id: docker-compose
name: docker-compose config
description: Validate the Docker Compose file using docker-compose config
language: python
entry: docker-compose-validate
files: docker-compose
types: [yaml]
- id: terraform-fmt
name: Format Terraform files
description: Format Terraform files using terraform fmt
language: python
types: [terraform]
entry: terraform-fmt
- id: terraform-validate
name: Validate Terraform modules
description: Validate Terraform modules using terraform validate
language: python
types: [terraform]
entry: terraform-validate
- id: poetry-check
name: poetry check
description: Validate pyproject.toml files using Poetry
language: python
entry: poetry-check
types: [toml]
files: pyproject
- id: branch-merge-conflicts
name: branch merge conflicts
description: Checks for merge conflicts with a specific branch.
language: script
entry: ./hooks/branch-merge-conflicts
pass_filenames: false
always_run: true
pre-commit-hooks-v0.2.0/LICENSE.txt 0000664 0000000 0000000 00000002054 14121662721 0016722 0 ustar 00root root 0000000 0000000 MIT License
Copyright (c) 2021 Adar Nimrod
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
pre-commit-hooks-v0.2.0/README.md 0000664 0000000 0000000 00000003416 14121662721 0016361 0 ustar 00root root 0000000 0000000 # pre-commit hooks
[![pipeline status](https://git.shore.co.il/nimrod/pre-commit-hooks/badges/main/pipeline.svg)](https://git.shore.co.il/nimrod/pre-commit-hooks/-/commits/main)
A collection of [pre-commit](https://pre-commit.com/) hooks.
## Requirements
- Supported Python 3 version (at time of writing 3.6 or later).
- [pre-commmit](https://pre-commit.com/) 2.0.0 or later.
- [Terraform](https://www.terraform.io/) (for the terraform hooks).
## Example .pre-commit-config.yaml
```yaml
---
- repo: https://git.shore.co.il/nimrod/pre-commit-hooks.git
rev: 0.1.0 # Check for the latest tag or run pre-commit autoupdate.
hooks:
- id: shell-validate
- id: ansible-syntax-check
- id: docker-compose
- id: terraform-fmt
- id: terraform-validate
- id: poetry-check
- id: branch-merge-conflict
```
## Available hooks
### `shell-validate`
Check shell scripts with `/bin/sh -en`.
### `ansible-syntax-check`
Check Ansible playbooks for syntax errors.
### `docker-compose`
Validate the Docker Compose file using docker-compose config.
### `terraform-fmt`
Format Terraform files using `terraform fmt`.
Requires an installed `terraform`.
### `terraform-validate`
Validate Terraform modules using `terraform validate`.
Requires an installed `terraform`.
### `poetry-check`
Validate `pyproject.toml` files using Poetry.
### `branch-merge-conflict`
Checks for merge conflicts with a specific branch.
## License
This software is licensed under the MIT license (see `LICENSE.txt`).
## Author Information
Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my
[website](https://www.shore.co.il/). Patches are welcome via
[`git send-email`](http://git-scm.com/book/en/v2/Git-Commands-Email). The repository
is located at: .
pre-commit-hooks-v0.2.0/VERSION 0000664 0000000 0000000 00000000005 14121662721 0016141 0 ustar 00root root 0000000 0000000 0.2.0 pre-commit-hooks-v0.2.0/hooks/ 0000775 0000000 0000000 00000000000 14121662721 0016221 5 ustar 00root root 0000000 0000000 pre-commit-hooks-v0.2.0/hooks/__init__.py 0000664 0000000 0000000 00000000000 14121662721 0020320 0 ustar 00root root 0000000 0000000 pre-commit-hooks-v0.2.0/hooks/branch-merge-conflicts 0000775 0000000 0000000 00000000571 14121662721 0022466 0 ustar 00root root 0000000 0000000 #!/bin/sh
set -eu
default_branch="$(git symbolic-ref refs/remotes/origin/HEAD | cut -d/ -f4)"
dest="${1:-$default_branch}"
current="$(git symbolic-ref --short HEAD)" || exit 0 # Detached head.
[ "$current" != "$dest" ] || exit 0
patch="$(git format-patch "$(git merge-base HEAD "$dest")..$dest" --stdout)"
[ "$patch" != "" ] || exit 0
echo "$patch" | git apply --check -
pre-commit-hooks-v0.2.0/hooks/docker_compose_validate.py 0000664 0000000 0000000 00000001067 14121662721 0023444 0 ustar 00root root 0000000 0000000 """Validate Docker Compose files."""
import argparse
import pathlib
import sys
import hooks.utils
def main():
"""Main entrypoint."""
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("file", nargs="+", type=pathlib.Path)
args = parser.parse_args()
hooks.utils.check_executable("docker-compose")
return hooks.utils.bulk_check(
lambda x: hooks.utils.check_file(
["docker-compose", "--file", x, "config"], file=x
),
args.file,
)
if __name__ == "__main__":
sys.exit(main())
pre-commit-hooks-v0.2.0/hooks/poetry_check.py 0000664 0000000 0000000 00000001103 14121662721 0021245 0 ustar 00root root 0000000 0000000 """Validate pyproject.toml files."""
import argparse
import pathlib
import sys
import hooks.utils
def main():
"""Main entrypoint."""
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("file", nargs="+", type=pathlib.Path)
args = parser.parse_args()
hooks.utils.check_executable("poetry")
return hooks.utils.bulk_check(
lambda x: hooks.utils.check_directory(
["poetry", "check"], directory=x
),
hooks.utils.unique_directories(args.file),
)
if __name__ == "__main__":
sys.exit(main())
pre-commit-hooks-v0.2.0/hooks/shell-validate 0000775 0000000 0000000 00000000200 14121662721 0021035 0 ustar 00root root 0000000 0000000 #!/bin/sh
set -eu
for filename in "$@"
do
/usr/bin/env -i /bin/sh -en "$filename" || failed=1
done
[ "${failed:-0}" -eq 0 ]
pre-commit-hooks-v0.2.0/hooks/terraform_fmt.py 0000664 0000000 0000000 00000001166 14121662721 0021446 0 ustar 00root root 0000000 0000000 """Format Terraform modules."""
import argparse
import os
import pathlib
import sys
import hooks.utils
def main():
"""Main entrypoint."""
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("file", nargs="+", type=pathlib.Path)
args = parser.parse_args()
hooks.utils.check_executable("terraform")
os.putenv("TF_INPUT", "0")
os.putenv("TF_IN_AUTOMATION", "1")
return hooks.utils.bulk_check(
lambda x: hooks.utils.check_file(["terraform", "fmt", "-diff", x]),
hooks.utils.unique_directories(args.file),
)
if __name__ == "__main__":
sys.exit(main())
pre-commit-hooks-v0.2.0/hooks/terraform_validate.py 0000664 0000000 0000000 00000001640 14121662721 0022446 0 ustar 00root root 0000000 0000000 """Validate Terraform modules."""
import argparse
import os
import pathlib
import sys
import hooks.utils
def tf_validate(directory):
if (
hooks.utils.check_directory(
["terraform", "init", "-backend=false"], directory=directory
)
> 0
):
return 1
if (
hooks.utils.check_directory(
["terraform", "validate"], directory=directory
)
> 0
):
return 1
return 0
def main():
"""Main entrypoint."""
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("file", nargs="+", type=pathlib.Path)
args = parser.parse_args()
hooks.utils.check_executable("terraform")
os.putenv("TF_INPUT", "0")
os.putenv("TF_IN_AUTOMATION", "1")
return hooks.utils.bulk_check(
tf_validate, hooks.utils.unique_directories(args.file)
)
if __name__ == "__main__":
sys.exit(main())
pre-commit-hooks-v0.2.0/hooks/utils.py 0000664 0000000 0000000 00000004303 14121662721 0017733 0 ustar 00root root 0000000 0000000 """Utilities for Python hooks.
Mainly, executing external processes.
"""
import contextlib
import os
import pathlib
import shutil
import subprocess # nosec
import sys
def unique_directories(files):
"""Returns a list of directories (pathlib.Path objects) for the files
passed without repetitions."""
return list({pathlib.Path(x).parent for x in files})
@contextlib.contextmanager
def chdir(path):
"""Context manager for changing the working directory.
>>> import os
>>> os.chdir("/")
>>> os.getcwd()
'/'
>>> with chdir("/tmp"):
... assert os.getcwd() == "/tmp"
...
>>> assert os.getcwd() == "/"
"""
cwd = os.getcwd()
os.chdir(path)
yield
os.chdir(cwd)
def check_executable(executable):
"""Checks if an executable exists, logs and exits otherwise."""
if shutil.which(executable) is None:
print(f"{executable} is not in the PATH.", file=sys.stderr)
sys.exit(1)
def run(args):
"""Wrapper for subprocess.run."""
return subprocess.run( # nosec
args,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
universal_newlines=True,
check=False,
)
def check_file(args, file=None):
"""A simple check for a file, may be used to build more complex checks."""
proc = run(args)
if proc.returncode > 0:
if file is not None:
print(f"In file {file}:")
print(proc.stdout)
return proc.returncode
def check_directory(args, directory):
"A simple check for a directory, may be used to build more complex checks."
with chdir(directory):
proc = run(args)
if proc.returncode > 0:
print(f"In {directory}:")
print(proc.stdout)
return proc.returncode
def bulk_check(checker, items):
"""Bulk check files.
Some programs can only accept a single file or directory to process at a
time. This function receives a function that returns the check function and
list to go through. The function returns 0 if all checks returned 0 or 1
otherwise.
"""
returncode = 0
for item in items:
check = checker(item)
if check > 0:
returncode = 1
return returncode
pre-commit-hooks-v0.2.0/setup.py 0000664 0000000 0000000 00000001375 14121662721 0016616 0 ustar 00root root 0000000 0000000 from setuptools import setup, find_packages
with open("VERSION", "r", encoding="utf-8") as fh:
VERSION = fh.read().strip()
setup(
name="shore-co-il-pre-commit-hooks",
url="https://git.shore.co.il/nimrod/pre-commit-hooks",
author="Nimrod Adar",
author_email="nimrod@shore.co.il",
version=VERSION,
install_requires=[
"ansible>=4",
"docker-compose>=1.20",
"poetry",
],
entry_points={
"console_scripts": [
"docker-compose-validate=hooks.docker_compose_validate:main",
"terraform-validate=hooks.terraform_validate:main",
"terraform-fmt=hooks.terraform_fmt:main",
"poetry-check=hooks.poetry_check:main",
]
},
packages=find_packages(),
)
pre-commit-hooks-v0.2.0/test_files/ 0000775 0000000 0000000 00000000000 14121662721 0017237 5 ustar 00root root 0000000 0000000 pre-commit-hooks-v0.2.0/test_files/docker-compose.yml 0000664 0000000 0000000 00000000124 14121662721 0022671 0 ustar 00root root 0000000 0000000 ---
version: '3.5'
services:
httpd:
image: docker.io/library/httpd:2.4-alpine
pre-commit-hooks-v0.2.0/test_files/main.tf 0000664 0000000 0000000 00000000015 14121662721 0020512 0 ustar 00root root 0000000 0000000 terraform {}
pre-commit-hooks-v0.2.0/test_files/playbook.yml 0000664 0000000 0000000 00000000147 14121662721 0021604 0 ustar 00root root 0000000 0000000 ---
- hosts: all
tasks:
- name: Debug
ansible.builtin.debug:
var: ansible_hostname
pre-commit-hooks-v0.2.0/test_files/pyproject.toml 0000664 0000000 0000000 00000001121 14121662721 0022146 0 ustar 00root root 0000000 0000000 [tool.poetry]
name = "mnpw"
version = "0.1.5"
description = "My Nagios plugin wrapper"
authors = ["Adar Nimrod "]
license = "MIT"
homepage = "https://git.shore.co.il/shore/mnpw"
repository = "https://git.shore.co.il/shore/mnpw"
classifiers = [
"Development Status :: 4 - Beta",
"Environment :: Console",
"Intended Audience :: Information Technology",
"Intended Audience :: System Administrators",
"License :: OSI Approved :: MIT License",
"Topic :: System :: Monitoring",
"Topic :: System :: Systems Administration",
"Topic :: Utilities",
]
pre-commit-hooks-v0.2.0/test_files/script.sh 0000775 0000000 0000000 00000000032 14121662721 0021075 0 ustar 00root root 0000000 0000000 #!/bin/sh
set -eu
exit 0