https://github.com/eitrtechnologies/pre-commit-yamlpolicy

pre-commit hooks to allow an organization to specify YAML usage policy.
https://github.com/eitrtechnologies/pre-commit-yamlpolicy

Last synced: 4 months ago
JSON representation

pre-commit hooks to allow an organization to specify YAML usage policy.

• Host: GitHub
• URL: https://github.com/eitrtechnologies/pre-commit-yamlpolicy
• Owner: eitrtechnologies
• License: apache-2.0
• Created: 2022-01-14T21:29:04.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2023-02-03T19:26:55.000Z (over 3 years ago)
• Last Synced: 2025-04-23T16:53:28.007Z (about 1 year ago)
• Language: Python
• Homepage:
• Size: 19.5 KB
• Stars: 3
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# pre-commit-yamlpolicy

pre-commit hooks to deny commits which don't conform to organizational YAML

usage policies.

See also: 

### Using pre-commit-yamlpolicy with pre-commit

Add this to your `.pre-commit-config.yaml`

```yaml

repos:

- repo: https://github.com/eitrtechnologies/pre-commit-yamlpolicy

  rev: v1.3.0  # Use the ref you want to point to

  hooks:

    - id: bannedk8skinds

    - id: disallowunquoted

    - id: valueregex

      args:

        - --jmespath

        - '*.matchers[].match'

        - --regex

        - '\([^ ]|[^ ]\)'

        - --error-message

        - Found parentheses too close together. Can haz fix plz?

```

### Hooks Available

#### `bannedk8skinds`

Deny commits of certain Kubernetes object types.

  - `--allow-multiple-documents` - allow yaml files which use the

    [multi-document syntax](http://www.yaml.org/spec/1.2/spec.html#YAML)

  - `--kinds` - Specify a comma-separated list of

    [Kubernetes object types](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds)

    which will be denied in a commit to the repo. Defaults to `Secret`

#### `disallowunquoted`

Deny commits where certain YAML values are found but not quoted.

  - `--values` - Specify a comma-separated list of YAML values to disallow.

    Defaults to `on,off,yes,no,y,n`.

  - `--case-sensitive` - Flag to turn off case insensitivity when searching for

    values. Operation defaults to ignore case.

#### `valueregex`

Deny commits where certain YAML values are found and match a given regex. A

JMESPath query is used in conjunction with a regular expression to match string

values in YAML.

  - `--jmespath` - [JMESPath expression](https://jmespath.org/) which returns

    the values to run a regex against. *REQUIRED*

  - `--regex` - Regex which will cause the hook to fail if it matches any of the

    values returned by the JMESPath query. *REQUIRED*

  - `--error-message` - Message to display when a match is found. This allows

    a more user-friendly message to be displayed for a given regex match.

  - `--allow-multiple-documents` - Allow YAML files which use the

    [multi-document syntax](http://www.yaml.org/spec/1.2/spec.html#YAML)