RHEL9-CIS/.pre-commit-config.yaml

---
##### CI for use by github no need for action to be added
##### Inherited
ci:
  autofix_prs: false
  skip: [detect-aws-credentials, ansible-lint ]

repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
  rev: v6.0.0
  hooks:
  # Safety
  - id: detect-aws-credentials
    name: Detect AWS Credentials
  - id: detect-private-key
    name: Detect Private Keys

  # git checks
  - id: check-merge-conflict
    name: Check for merge conflicts
  - id: check-added-large-files
    name: Check for Large files
  - id: check-case-conflict
    name: Check case conflict

  # General checks
  - id: trailing-whitespace
    name: Trim Trailing Whitespace
    description: This hook trims trailing whitespace.
    entry: trailing-whitespace-fixer
    language: python
    types: [text]
    args: [--markdown-linebreak-ext=md]
  - id: end-of-file-fixer
    name: Ensure line at end of file

# Scan for passwords
- repo: https://github.com/Yelp/detect-secrets
  rev: v1.5.0
  hooks:
  - id: detect-secrets
    name: Detect Secrets test

- repo: https://github.com/gitleaks/gitleaks
  rev: v8.30.0
  hooks:
  - id: gitleaks
    name: Run Gitleaks test

- repo: https://github.com/ansible-community/ansible-lint
  rev: v26.2.0
  hooks:
  - id: ansible-lint
    name: Ansible-lint
    description: This hook runs ansible-lint.
    entry: python3 -m ansiblelint --force-color site.yml -c .ansible-lint
    language: python
    # do not pass files to ansible-lint, see:
    # https://github.com/ansible/ansible-lint/issues/611
    pass_filenames: false
    always_run: true
    # additional_dependencies:
    # https://github.com/pre-commit/pre-commit/issues/1526
    # If you want to use specific version of ansible-core or ansible, feel
    # free to override `additional_dependencies` in your own hook config
    # file.
    # - ansible-core>=2.10.1

- repo: https://github.com/adrienverge/yamllint.git
  rev: v1.38.0  # or higher tag
  hooks:
  - id: yamllint
    name: Check YAML Lint