Skip to content

Commit c5366d9

Browse files
cornmonstercornmonster
committed
add pre-commit hooks for checking seneitive information
1 parent 85f4339 commit c5366d9

File tree

1 file changed

+20
-0
lines changed

1 file changed

+20
-0
lines changed

hooks/pre-commit

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
#!/bin/sh
2+
3+
STAGE_FILES=$(git diff --cached --name-only --diff-filter=ACM)
4+
5+
echo 'check sensitive information ...'
6+
FAIL=0
7+
for FILE in $STAGE_FILES
8+
do
9+
grep --color -Hni -E "(ssh-rsa|authorized_keys|id_dsa|ssh-keygen)" $FILE && FAIL=1
10+
grep --color -Hni -E "(private key|secret|signature|accessid|access_id|access_key|accesskey|access_|password)(.*?)(\=|\:)(\s*)(\'|\")[^\$^%][^)]+(\'|\")[^)]*$" $FILE && FAIL=1
11+
grep --color -Hni -E "jdbc\:odps\:.*?accessId\=[^\.]+)" $FILE && FAIL=1
12+
done
13+
14+
if [ ${FAIL} == 0 ]; then
15+
echo 'check sensitive information ... passed'
16+
exit 0
17+
else
18+
echo 'check sensitive information ... failed'
19+
exit 1
20+
fi

0 commit comments

Comments
 (0)