mirror of
https://github.com/tofuutils/pre-commit-opentofu.git
synced 2025-10-15 17:38:54 +02:00
73 lines
1.6 KiB
Bash
Executable file
73 lines
1.6 KiB
Bash
Executable file
#!/usr/bin/env bash
|
||
set -eo pipefail
|
||
|
||
main() {
|
||
initialize_
|
||
parse_cmdline_ "$@"
|
||
|
||
# propagate $FILES to custom function
|
||
tfsec_ "$ARGS" "$FILES"
|
||
}
|
||
|
||
tfsec_() {
|
||
# consume modified files passed from pre-commit so that
|
||
# tfsec runs against only those relevant directories
|
||
for file_with_path in $FILES; do
|
||
file_with_path="${file_with_path// /__REPLACED__SPACE__}"
|
||
paths[index]=$(dirname "$file_with_path")
|
||
|
||
let "index+=1"
|
||
done
|
||
|
||
for path_uniq in $(echo "${paths[*]}" | tr ' ' '\n' | sort -u); do
|
||
path_uniq="${path_uniq//__REPLACED__SPACE__/ }"
|
||
pushd "$path_uniq" > /dev/null
|
||
tfsec $ARGS
|
||
popd > /dev/null
|
||
done
|
||
}
|
||
|
||
initialize_() {
|
||
# get directory containing this script
|
||
local dir
|
||
local source
|
||
source="${BASH_SOURCE[0]}"
|
||
while [[ -L $source ]]; do # resolve $source until the file is no longer a symlink
|
||
dir="$(cd -P "$(dirname "$source")" > /dev/null && pwd)"
|
||
source="$(readlink "$source")"
|
||
# if $source was a relative symlink, we need to resolve it relative to the path where the symlink file was located
|
||
[[ $source != /* ]] && source="$dir/$source"
|
||
done
|
||
_SCRIPT_DIR="$(dirname "$source")"
|
||
|
||
# source getopt function
|
||
# shellcheck source=lib_getopt
|
||
. "$_SCRIPT_DIR/lib_getopt"
|
||
}
|
||
|
||
parse_cmdline_() {
|
||
declare argv
|
||
argv=$(getopt -o a: --long args: -- "$@") || return
|
||
eval "set -- $argv"
|
||
|
||
for argv; do
|
||
case $argv in
|
||
-a | --args)
|
||
shift
|
||
ARGS+=("$1")
|
||
shift
|
||
;;
|
||
--)
|
||
shift
|
||
FILES+=("$@")
|
||
break
|
||
;;
|
||
esac
|
||
done
|
||
}
|
||
|
||
# global arrays
|
||
declare -a ARGS=()
|
||
declare -a FILES=()
|
||
|
||
[[ ${BASH_SOURCE[0]} != "$0" ]] || main "$@"
|