forked from 18F/laptop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathseekrets-install
executable file
·123 lines (110 loc) · 3.37 KB
/
seekrets-install
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/bin/bash
SCRIPTPATH=$( cd "$(dirname "$0")" ; pwd -P )
# Add new baseline rules here
#rsa-private.rule
SEEKRET_DEFAULT_RULES="
aws.rule
newrelic.rule
mandrill.rule
slack.rule"
if [ -d "${SCRIPTPATH}/seekret-rules" ]; then
SEEKRET_DEFAULT_RULES=$( ls "${SCRIPTPATH}/seekret-rules" )
fi
fancy_echo() {
# shellcheck disable=SC2039
local fmt="$1"; shift
# shellcheck disable=SC2059
printf "\n$fmt\n" "$@"
}
toolversion() {
# shellcheck disable=SC2039
local prog="$1" operator="$2" value="$3" version
version=$($prog --version | awk '{print $NF; exit}')
awk -v v1="$version" -v v2="$value" 'BEGIN {
split(v1, a, /\./); split(v2, b, /\./);
if (a[2] == b[2]) {
exit (a[3] '"${operator}"' b[3]) ? 0 : 1
}
else if (a[1] == b[1]) {
exit (a[2] '"${operator}"' b[2]) ? 0 : 1
}
else {
exit (a[1] '"${operator}"' b[1]) ? 0 : 1
}
}'
}
get_platform() {
case $OSTYPE in
linux*)
PLATFORM=linux
;;
darwin*)
PLATFORM=osx
;;
*)
echo "unknown platform: $OSTYPE"
exit 1
;;
esac
}
set -e
if toolversion git '>=' 2.9.1; then
fancy_echo "Installing Seekret"
WORK_DIR=$( mktemp -d -t "$( basename "$(pwd)XXXXX" )" )
pushd "${WORK_DIR}" > /dev/null
git init > /dev/null
get_platform
LATEST_RELEASE_URL=$(curl -s https://github.com/18F/git-seekret/releases | grep "18F/git-seekret/releases/download" | grep ${PLATFORM} | head -n 1 | cut -d '"' -f 2)
BIN_LOCATION="/usr/local/bin"
SUDO_REQUIRED=true
if [[ -d "$HOME/bin" && ":$PATH:" == *":$HOME/bin:"* ]]; then
BIN_LOCATION="$HOME/bin"
SUDO_REQUIRED=false
fi
INSTALL_CMD="curl -L -# \"https://github.com${LATEST_RELEASE_URL}\" -o \"${BIN_LOCATION}/git-seekret\" > /dev/null && chmod a+x \"${BIN_LOCATION}/git-seekret\""
echo "Installing in $BIN_LOCATION"
if [ "$SUDO_REQUIRED" = false ]; then
eval "$INSTALL_CMD"
else
sudo sh -c "$INSTALL_CMD"
fi
fancy_echo "Downloading Seekret rules"
export SEEKRET_RULES_PATH="${HOME}/.git-support/seekret-rules"
mkdir -p "${SEEKRET_RULES_PATH}"
# Download rules
SEEKRET_RULES_URL="https://raw.githubusercontent.com/18F/laptop/master/seekret-rules"
SEEKRET_RULES="${SEEKRET_RULES:=$SEEKRET_DEFAULT_RULES}"
for rule in ${SEEKRET_RULES}
do
printf "\t%s: " "$rule"
if [ -d "${SCRIPTPATH}/seekret-rules" ]; then
cp "${SCRIPTPATH}/seekret-rules/${rule}" "${SEEKRET_RULES_PATH}"
else
(cd "${SEEKRET_RULES_PATH}" \
&& curl -# -o "${rule}" "${SEEKRET_RULES_URL}/${rule}" > /dev/null)
fi
printf "done\n"
done
fancy_echo "Configuring Seekret"
mkdir -p "${HOME}/.git-support/hooks"
git config --global core.hooksPath "${HOME}/.git-support/hooks"
git seekret --global config --init
# Activate all installed rules
git seekret --global rules --enable-all
git seekret --global hook --enable-all
popd > /dev/null
rm -rf "${WORK_DIR}"
fancy_echo "Finished installing Seekret"
else
echo
echo "Looks like you need to install git 2.9.1 or better."
echo
echo "If you are using git from the command line, this should"
echo "be as easy as upgrading with homebrew:"
echo " $ brew update && brew upgrade git"
echo
echo "If you are using GitHub Desktop, please upgrade to version"
echo "221 or better for OS X. Download: https://desktop.github.com/"
echo
exit 1;
fi