Skip to content

Instantly share code, notes, and snippets.

@alexsapran alexsapran/pre-commit
Last active Dec 22, 2016

Embed
What would you like to do?
Terraform client git hook
# Redirect output to stderr.
exec 1>&2
# enable user input
exec < /dev/tty
# check if there is a change in the tfstate file
TFSTATE=`git diff --cached --name-status | awk '$1 != "R" { print $2 }' |grep tfstate |wc -l`
if [ $TFSTATE -ne 0 ]
then
#Check if we have set somewhere a password field and show notification that we should change the password
PASSEXISTS=`git diff --cached |grep "\"password\":" |wc -l`;
if [ $PASSEXISTS -ne 0 ]
then
cat <<\EOF
There is and RDS instance in your Terraform plan.
Remeber to change this from the AWS console to a secure password.
If you do not know how to do that please contact Administrators
EOF
fi
#Check if we are going to send sensitive information
if test $(git diff --cached | grep "\"secret\":" | wc -l) != 0
then
exec git diff --cached | grep -ne "\"secret\":"
read -p "You have commited a secret in the git. Are you sure you want to conitnue? (y/n)" yn
echo $yn | grep ^[Yy]$
if [ $? -eq 0 ]
then
exit 0; #THE USER WANTS TO CONTINUE
else
exit 1; # THE USER DONT WANT TO CONTINUE SO ROLLBACK
fi
fi
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.