.pre-commit-hooks.yaml

# (c) 2023 Amazon Web Services, Inc. or its affiliates. All Rights Reserved.
# This AWS Content is provided subject to the terms of the AWS Customer Agreement
# available at http://aws.amazon.com/agreement or other written agreement between
# Customer and either Amazon Web Services, Inc. or Amazon Web Services EMEA SARL
# or both.

#
# This pre-commit hook configuration allows the ASH tool
# to be run as a pre-commit hook on the local workstation
# where pre-commit is installed.
#
# The configuration parameters below turn on "verbose"
# output, so that even when the hook returns success (0)
# the output from the run of the ASH tool will be displayed
# to the user.
#
# The supported stages are listed below, including the
# "manual" stage.  Users of this hook may want to limit
# the stages where this hook runs to only "manual" since
# the ASH tool can take several minutes to complete.
#
# Output from the run of the ASH tool can be found in
# a file named "aggregated_results.txt" in the root
# folder of the git repository where the pre-commit
# command was invoked from.
#
# A useful example pre-commit-config.yaml clause for
# running the ASH tool on MacOS, where "finch" is
# used as the containerd user interface is:
#   - repo: git@github.com:aws-samples/automated-security-helper.git
#     rev: '1.0.8-e-03May2023'
#     hooks:
#     - id: ash
#       name: scan files using ash
#       stages: [ manual ]
#       args: [ "-f" ]
#
# With that pre-commit-config, this hook can be run manually
# against the code repository using this command:
#   pre-commit run --hook-stage manual ash
#
-   id: ash
    name: use ASH for checking
    description: Runs various code scanners in separate Docker containers
    entry: ash
    verbose: true
    stages: [commit, merge-commit, push, manual]
    language: script
    pass_filenames: false
    types_or: [yaml, json, shell, bash, python]