forked from packit/packit-service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.pre-commit-config.yaml
120 lines (119 loc) · 4.65 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# HOWTO: https://pre-commit.com/#usage
# pip3 install pre-commit
# pre-commit install -t pre-commit -t pre-push
repos:
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.7.0
hooks:
- id: ruff
args: [--fix, --exit-non-zero-on-fix]
- id: ruff-format
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.11.2
hooks:
- id: mypy
args: [
--no-strict-optional,
--ignore-missing-imports,
# the alembic directory in packit-service repo is considered to be a namespace package,
# which means `import alembic` works even though alembic is not actually installed
# without disabling namespace packages, mypy throws a bunch of errors like:
# error: Module "alembic" has no attribute "context" [attr-defined]
--no-namespace-packages,
--python-version,
"3.9",
]
additional_dependencies:
[
types-jwt,
types-setuptools,
types-redis,
types-requests,
types-Flask,
types-PyYAML,
types-cachetools,
]
exclude: files/scripts/
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v4.0.0-alpha.8
hooks:
- id: prettier
exclude: tests_openshift/openshift_integration/test_data/
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
- id: check-added-large-files
- id: check-ast
- id: check-builtin-literals
- id: check-docstring-first
- id: check-executables-have-shebangs
- id: check-merge-conflict
- id: check-symlinks
- id: check-yaml
args: [--allow-multiple-documents]
- id: detect-private-key
exclude: tests/conftest.py
- id: detect-aws-credentials
args: [--allow-missing-credentials]
- id: end-of-file-fixer
- id: mixed-line-ending
- id: trailing-whitespace
- repo: https://github.com/shellcheck-py/shellcheck-py
rev: v0.10.0.1
hooks:
- id: shellcheck
- repo: https://github.com/packit/pre-commit-hooks
rev: v1.2.0
hooks:
- id: check-rebase
args:
- https://github.com/packit/packit-service.git
stages: [manual, push]
- repo: https://github.com/packit/requre
rev: 0.8.4
hooks:
- id: requre-purge
name: Requre response files cleanup
description: Replace the sensitive/time-based values in the requre response files
entry: >
requre-patch purge
--replaces 'requests.sessions%send:Date:str:Fri, 01 Nov 2019 13-36-03 GMT'
--replaces 'requests.sessions%send:ETag:str:W/"1e51b8e1c48787a433405211e9e0fe61"'
--replaces 'requests.sessions%send:X-Fedora-RequestID:str:XcFVKMi@EiqyqRlV7q32fgBBBkM'
--replaces 'requests.sessions%send:X-RateLimit-Remaining:str:4972'
--replaces 'requests.sessions%send:X-RateLimit-Reset:str:1572953901'
--replaces 'requests.sessions%send:X-GitHub-Request-Id:str:18FB:AA1A:99616C4:B8092CB:5CC15425'
--replaces 'requests.sessions%send:AppTime:str:D=4081'
--replaces 'requests.sessions%send:X-Fedora-AppServer:str:koji01.phx2.fedoraproject.org'
--replaces 'requests.sessions%send:X-Fedora-ProxyServer:str:proxy01.phx2.fedoraproject.org'
--replaces "requests.sessions%send:Content-Security-Policy:str:default-src 'self';script-src 'self' 'nonce-YqLDC0BS8d7iY8mKO7VtBbIne' https://apps.fedoraproject.org; style-src 'self' 'nonce-YqLDC0BS8d7iY8mKO7VtBbIne'; object-src 'none';base-uri 'self';img-src 'self' https:;"
--replaces "requests.sessions%_content:expires_at:str:2019-11-01T14:35:53Z"
--replaces "requests.sessions%send:elapsed:float:0.2"
--replaces "requests.sessions%_content:token:str:v1.1cd89d399b8c70f8b88e22cbdaa72abbe5e390db"
language: python
types: [yaml]
files: /tests_openshift.*\.yaml$
stages: [manual, push]
- repo: https://github.com/gitleaks/gitleaks
rev: v8.18.4
hooks:
- id: gitleaks
# The hook runs 'gitleaks protect --staged' which parses output of
# 'git diff --staged', i.e. always passes in pre-push/manual stage.
stages: [commit]
- repo: https://github.com/python-jsonschema/check-jsonschema
rev: 0.29.2
hooks:
- id: check-github-workflows
args: ["--verbose"]
- repo: https://github.com/Lucas-C/pre-commit-hooks
rev: v1.5.5
hooks:
- id: insert-license
files: \.py$
exclude: alembic/
args:
- --license-filepath
- LICENSE_HEADER.txt
- --comment-style
- "#"