pre-commit hooks to deny commits which don't conform to organizational YAML usage policies.
See also: https://github.com/pre-commit/pre-commit
Add this to your .pre-commit-config.yaml
repos:
- repo: https://github.com/eitrtechnologies/pre-commit-yamlpolicy
rev: v1.3.0 # Use the ref you want to point to
hooks:
- id: bannedk8skinds
- id: disallowunquoted
- id: valueregex
args:
- --jmespath
- '*.matchers[].match'
- --regex
- '\([^ ]|[^ ]\)'
- --error-message
- Found parentheses too close together. Can haz fix plz?Deny commits of certain Kubernetes object types.
--allow-multiple-documents- allow yaml files which use the multi-document syntax--kinds- Specify a comma-separated list of Kubernetes object types which will be denied in a commit to the repo. Defaults toSecret
Deny commits where certain YAML values are found but not quoted.
--values- Specify a comma-separated list of YAML values to disallow. Defaults toon,off,yes,no,y,n.--case-sensitive- Flag to turn off case insensitivity when searching for values. Operation defaults to ignore case.
Deny commits where certain YAML values are found and match a given regex. A JMESPath query is used in conjunction with a regular expression to match string values in YAML.
--jmespath- JMESPath expression which returns the values to run a regex against. REQUIRED--regex- Regex which will cause the hook to fail if it matches any of the values returned by the JMESPath query. REQUIRED--error-message- Message to display when a match is found. This allows a more user-friendly message to be displayed for a given regex match.--allow-multiple-documents- Allow YAML files which use the multi-document syntax