github.com/filecoin-project/bacalhau@v0.3.23-0.20230228154132-45c989550ace/.gitprecommit/aws_key_checker.sh (about) 1 #!/usr/bin/env bash 2 3 if git rev-parse --verify HEAD >/dev/null 2>&1 4 then 5 against=HEAD 6 else 7 # Initial commit: diff against an empty tree object 8 EMPTY_TREE=$(git hash-object -t tree /dev/null) 9 against=${EMPTY_TREE} 10 fi 11 12 # Redirect output to stderr. 13 exec 1>&2 14 15 # Check changed files for an AWS keys 16 FILES=$(git diff --cached --name-only "${against}") 17 18 if [[ -n "${FILES}" ]]; then 19 KEY_ID=$(grep -E --line-number '([^A-Z0-9]|^)[A-Z0-9]{20}([^A-Z0-9]|$)' "${FILES}") 20 KEY=$(grep -E --line-number '^(?!github)([^A-Za-z0-9/+=]|^)[A-Za-z0-9/+=]{40}([^A-Za-z0-9/+=]|$)' "${FILES}") 21 22 if [[ -n "${KEY_ID}" ]] || [[ -n "${KEY}" ]]; then 23 echo "=========== Possible AWS Access Key IDs ===========" 24 echo "${KEY_ID}" 25 echo "" 26 27 echo "=========== Possible AWS Secret Access Keys ===========" 28 echo "${KEY}" 29 echo "" 30 31 exit 1 32 fi 33 fi 34 35 # Normal exit 36 exit 0