Pre-commit hook to make sure that client secret is parameterized in Jmeter scripts

pre-commit.sh

#!/bin/bash

# Define the pattern to search for
pattern='client_secret'

# Define the elements to search in
udv_element='UserDefinedVariables'
http_element='HTTPSamplerProxy'

# Loop over all the .jmx files being committed
for file in $(git diff --name-only --cached | grep '\.jmx$')
do
  # Extract the contents of the User Defined Variables node
  udv_contents=$(< "$file" grep -Poz "(?s)<$udv_element>.*<\/$udv_element>")

  # Search for the pattern in the User Defined Variables element of the file
  if [[ "$udv_contents" =~ \<stringProp\ name=\"client_secret\"\>(.*)\<\/stringProp\> ]]; then
    # Check if the pattern is parameterized as a variable
    if ! [[ "${BASH_REMATCH[1]}" =~ \${__BeanShell\( System\.getenv\(\"client_secret\"\)\)\\} ]]; then
      # Print an error message and exit with non-zero status
      echo "Error: $file contains a hard-coded client_secret in a $udv_element element that is not parameterized."
      exit 1
    fi
  fi

  # Extract the contents of the HTTP Request node with testname="Get Token"
  http_contents=$(< "$file" grep -Poz "(?s)<$http_element\s+testname=\"Get Token\".*<\/$http_element>")

  # Search for the pattern in the HTTP Request element of the file
  if [[ "$http_contents" =~ \<stringProp\ name=\"bodyData\"\>(.*)$pattern(.*)\<\/stringProp\> ]]; then
    # Check if the pattern is parameterized as a variable
    if ! [[ "${BASH_REMATCH[1]}${BASH_REMATCH[2]}" =~ \${CLIENT_SECRET} ]]; then
      # Print an error message and exit with non-zero status
      echo "Error: $file contains a hard-coded client_secret in a $http_element element named 'Get Token' that is not parameterized."
      exit 1
    fi
  fi
done

# If we reach this point, everything is fine
exit 0