From 3d7e33f2ead0182a55c696fca908e2914624ba35 Mon Sep 17 00:00:00 2001 From: "minghui.qmh" Date: Thu, 7 Apr 2022 14:06:52 +0800 Subject: [PATCH] update tools --- .gitignore | 1 - tools/init.sh | 17 +++++++++++++++++ tools/pre-commit | 31 +++++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 tools/init.sh create mode 100644 tools/pre-commit diff --git a/.gitignore b/.gitignore index 67d40e0..171041e 100644 --- a/.gitignore +++ b/.gitignore @@ -7,7 +7,6 @@ .idea easytexminer.egg-info build -tools xflow_deploy dist .DS_Store diff --git a/tools/init.sh b/tools/init.sh new file mode 100644 index 0000000..3680ad6 --- /dev/null +++ b/tools/init.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# init pre-commit check hook +if [ ! -d .git/hooks/ ]; then + mkdir .git/hooks +fi + +rm -rf .git/hooks/pre-commit +cp tools/pre-commit .git/hooks/ +chmod a+rx .git/hooks/pre-commit + +# other inits +#python git-lfs/git_lfs.py pull + +# compile proto files +#source scripts/gen_proto.sh + diff --git a/tools/pre-commit b/tools/pre-commit new file mode 100644 index 0000000..964bd79 --- /dev/null +++ b/tools/pre-commit @@ -0,0 +1,31 @@ +#!/bin/bash +echo "Check for sensitive information leak:" +projectUrl=`git config --get remote.origin.url` +user=`git config --get user.name` +user_email=`git config --get user.email` +STAGE_FILES=$(git diff --cached --name-only) +stage_files=(${STAGE_FILES/ // }) +keywords=("LTAI[a-zA-Z0-9]{20}" "LTAI[a-zA-Z0-9]{12}" "acs:ram::[0-9]{16}:role/") + +result=0 +for i in "${!stage_files[@]}"; do + if [ ! -e "${stage_files[i]}" ] + then + continue + fi + for index in "${!keywords[@]}"; do + grep -E -q ${keywords[index]} ${stage_files[i]} + if [ $? -eq 0 ] + then + echo "Check Failed, ${stage_files[i]} contain sensitive info: pattern=${keywords[index]}, details: " + grep -E ${keywords[index]} ${stage_files[i]} + result=1 + break + fi + done +done +if [ $result -eq 0 ];then + echo "Sensitive Information Leak Check Passed." +else + exit 1 +fi