pre-commit hook to ensure that files that should be encrypted with sops are in fact encrypted
Project description
pre-commit-hook-ensure-sops
A pre-commit hook to ensure that users don't accidentally check-in unencrypted files into a repository that uses sops to safely store encrypted secrets.
By default, any file with the word secret
in its path is required to
be encrypted with sops
. This means any files under a directory
named secret
are also required to be encrypted. If you want to exempt
specific files or directories from this requirement in your repository,
use the exclude
option in your .pre-commit-config.yaml
. When pushing
secrets to a repo, better safe than sorry :)
Installation
Add this to your .pre-commit-config.yaml
:
- repo: https://github.com/yuvipanda/pre-commit-hook-ensure-sops
rev: v1.0
hooks:
- id: sops-encryption
# Uncomment to exclude all markdown files from encryption
# exclude: *.\.md
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pre-commit-hook-ensure-sops-1.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4a61c72df5516bc2a95a40259979bd49d2ad10c0303f8d4d3dcd303ae8f352fb |
|
MD5 | f44dc2fb9a481bcccffc5db87e2d03dc |
|
BLAKE2b-256 | ee1887ed5c2d9192267649e219fbdbeaa1e45482be18b58ff40bb9611ce75bd8 |
Hashes for pre_commit_hook_ensure_sops-1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 061fcd3335557f848b5901057bb34767ad7a49044d9b0afbe598e3666ca2dc08 |
|
MD5 | 6079d0dc7797cea38bfcb5609618c15f |
|
BLAKE2b-256 | 2b6423fb91394ce03116361a9bd3459ffb97855b7fa25e448650af1bb4a4aa49 |