huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Adds gitguardian ggshield pre-commit hook (#912)

Browse Source 
* Adds gitguardian ggshield pre-commit step
* Intended to be run locally and not in CI
* Updates gitguardian config to version 2
This commit is contained in:
Iain Sproat
2022-10-25 13:41:00 +01:00
committed by GitHub
parent ce2624760c
commit 8255015696
5 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitguardian.yml
+7 -3
View File
@@ -1,3 +1,7 @@
matches-ignore:
- name: MIXPANEL_TOKEN
match: acd87c5a50b56df91a795e999812a3a4
secret:
ignored-paths:
- 'packages/server/modules/emails/tests'
ignored-matches:
- match: acd87c5a50b56df91a795e999812a3a4
name: 'packages/frontend/src/bootstrapper.ts - mixpanel token'
version: 2
.gitignore
+3
View File
@@ -54,3 +54,6 @@ packages/server/.vscode/*.log
# ST workspace files
./speckle.sublime-project
./speckle.sublime-workspace
# GitGuardian
.cache_ggshield
.husky/pre-commit
+7 -1
View File
@@ -26,7 +26,13 @@ check_dependencies_available() {
done
}
check_dependencies_available pre-commit hadolint helm shellcheck
additional_dependencies=""
if [ -z "${CI}" ]; then
additional_dependencies=" ggshield"
fi
# shellcheck disable=SC2086
check_dependencies_available pre-commit hadolint helm shellcheck circleci${additional_dependencies}
echo "All systems functional, running additional pre-commit checks..."
pre-commit run --all-files
.pre-commit-config.yaml
+5
View File
@@ -21,5 +21,10 @@ repos:
hooks:
- id: circleci-config-validate
- repo: https://github.com/specklesystems/pre-commit
rev: '0.2.0'
hooks:
- id: ggshield-not-ci
ci:
autoupdate_schedule: quarterly
README.md
+3
View File
@@ -141,8 +141,11 @@ When committing to git, an automated script will run. This will check that your
- [`hadolint`](https://github.com/hadolint/hadolint#install)
- [`shellcheck`](https://github.com/koalaman/shellcheck#installing)
- [`helm`](https://helm.sh/docs/intro/install/)
- [`circleci`](https://circleci.com/docs/local-cli)
- [`ggshield`](https://github.com/GitGuardian/ggshield#installation)
- Please note that these additional checks will be run by Speckle's automated CI environment and non-conformances, if any, may prevent your Pull Request from being merged.
- Please use the name of the package as the scope of your commit.
- Note that `ggshield` requires you to [register an account](https://dashboard.gitguardian.com/auth/signup) and then [authorise with GitGuardian](https://github.com/GitGuardian/ggshield#initial-setup) before it can be used: `ggshield auth login`
### Security