forked from pagopa/git-hooks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
install.sh
executable file
·103 lines (89 loc) · 2.6 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/bin/bash
# run this script inside your target repository
# like:
# cd myproject/
# ../git-hooks/install.sh
# Github references
repo=pagopa/git-hooks
branch=master
# to use local files instead of github's
is_local=$1
# check if is a git repo
if [ ! -d ".git" ]; then
echo "Please run this script inside your target git repository"
exit 1
fi
# check if git-secrets is installed
if [ ! -x $(command -v git-secrets > /dev/null 2>&1) ]; then
echo "The git-secrets binary is not available. Install from source or package or check your PATH."
echo "Visit https://github.com/awslabs/git-secrets for instructions."
exit 1
fi
# hooks to be installed
declare -a hooks=(
"post-checkout"
"post-merge"
"pre-push"
"pre-commit"
"prepare-commit-msg"
)
# providers to be installed
declare -a providers=(
"commons"
)
# allowed to be installed
declare -a alloweds=(
"commons"
)
# copy a file from current file system or from github, depending from the value of $is_local
function copyFile {
source=$1
dest=$2
if [ -z "$is_local" ]; then
url="https://raw.githubusercontent.com/$repo/$branch/$source"
echo "Download from $url"
curl "$url" -o "$dest"
else
# get script directory
script_directory="$(dirname $0)"
file="$script_directory/$source"
echo "Copying $file"
cp "$file" "$dest"
fi
}
# install each hook
mkdir -p ".git/hooks"
for hook in "${hooks[@]}"
do
source="hooks/$hook"
dest=".git/hooks/$hook"
copyFile "$source" "$dest"
# make the hook executable
chmod +x "$dest"
done
# install each provider and setup the git-secrets engine
# the configuration is saved in .git/config secrets.providers section
mkdir -p ".git/git-secrets-providers"
for provider in "${providers[@]}"
do
source="providers/$provider"
dest=".git/git-secrets-providers/$provider"
copyFile "$source" "$dest"
# add patterns
git secrets --add-provider -- grep '^[^#[:space:]]' "$dest"
echo "Added the following patterns to block local commits:"
grep '^[^#[:space:]]' "$dest" # maybe avoid if too verbose in future
done
# install each allowed and setup the git-secrets engine
# the configuration is saved in .git/config secrets.allowed section
mkdir -p ".git/git-secrets-alloweds"
for allowed in "${alloweds[@]}"
do
source="alloweds/$allowed"
dest=".git/git-secrets-alloweds/$allowed"
copyFile "$source" "$dest"
grep '^[^#[:space:]]' "$dest" | xargs -I{} git secrets --add -a "{}"
echo "Added the following patterns to ALLOW local commits:"
grep '^[^#[:space:]]' "$dest"
done
printf "\nAll done!\n"