princebot/pre-commit

## pre-commit
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Name:     pre-commit
# Author:   prince@princebot.com
# Synopsis: Reject commits containing unencrypted Ansible Vault files.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

set -e

vault_files=($(IFS=$'\n' find . -type f -name 'vault'))
for f in "${vault_files[@]}"; do
    if ! head -n 1 "$f" | grep -E '^\$ANSIBLE_VAULT' >/dev/null; then
        abspath=$(cd "$(dirname "$f")" && pwd -P)/$(basename "$f")
        >&2 printf -- "\n$(tput bold)$(tput setaf 1)\t"
        >&2 printf -- "error: commit rejected\n"
        >&2 printf -- "$(tput sgr0)$(tput setaf 1)\t"
        >&2 printf -- "${abspath} is not encrypted with ansible-vault\n\n"
        >&2 printf -- "$(tput sgr0)"
        exit 1
    fi
done
	#!/usr/bin/env bash
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Name: pre-commit
	# Author: prince@princebot.com
	# Synopsis: Reject commits containing unencrypted Ansible Vault files.
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	set -e

	vault_files=($(IFS=$'\n' find . -type f -name 'vault'))
	for f in "${vault_files[@]}"; do
	if ! head -n 1 "$f" \| grep -E '^\$ANSIBLE_VAULT' >/dev/null; then
	abspath=$(cd "$(dirname "$f")" && pwd -P)/$(basename "$f")
	>&2 printf -- "\n$(tput bold)$(tput setaf 1)\t"
	>&2 printf -- "error: commit rejected\n"
	>&2 printf -- "$(tput sgr0)$(tput setaf 1)\t"
	>&2 printf -- "${abspath} is not encrypted with ansible-vault\n\n"
	>&2 printf -- "$(tput sgr0)"
	exit 1
	fi
	done