github.com/filecoin-project/bacalhau@v0.3.23-0.20230228154132-45c989550ace/.gitprecommit/aws_key_checker.sh

github.com/filecoin-project/bacalhau@v0.3.23-0.20230228154132-45c989550ace/.gitprecommit/aws_key_checker.sh (about)

     1  #!/usr/bin/env bash
     2  
     3  if git rev-parse --verify HEAD >/dev/null 2>&1
     4  then
     5      against=HEAD
     6  else
     7      # Initial commit: diff against an empty tree object
     8      EMPTY_TREE=$(git hash-object -t tree /dev/null)
     9      against=${EMPTY_TREE}
    10  fi
    11  
    12  # Redirect output to stderr.
    13  exec 1>&2
    14   
    15  # Check changed files for an AWS keys
    16  FILES=$(git diff --cached --name-only "${against}")
    17  
    18  if [[ -n "${FILES}" ]]; then
    19      KEY_ID=$(grep -E --line-number '([^A-Z0-9]|^)[A-Z0-9]{20}([^A-Z0-9]|$)' "${FILES}")
    20      KEY=$(grep -E --line-number '^(?!github)([^A-Za-z0-9/+=]|^)[A-Za-z0-9/+=]{40}([^A-Za-z0-9/+=]|$)' "${FILES}")
    21  
    22      if [[ -n "${KEY_ID}" ]] || [[ -n "${KEY}" ]]; then
    23          echo "=========== Possible AWS Access Key IDs ==========="
    24          echo "${KEY_ID}"
    25          echo ""
    26  
    27          echo "=========== Possible AWS Secret Access Keys ==========="
    28          echo "${KEY}"
    29          echo ""
    30  
    31          exit 1
    32      fi
    33  fi
    34  
    35  # Normal exit
    36  exit 0