refactor: Remove duplicated pre-commit-configs (#157)

kdestin · web-flow · commit c08a4d89cf22 · 2024-12-05T12:37:04.000-05:00
* refactor(pre-commit): Remove duplicated pre-commit config

* refactor: Move CI script out of repository root

* refactor: Resolve lint issues in script
diff --git a/.github/scripts/detect_azure_secrets.py b/.github/scripts/detect_azure_secrets.py
@@ -3,7 +3,7 @@
 import json
 import os
 from typing import Union
-
+from pathlib import Path
 
 SECRET_PATTERNS = [
     re.compile(r'[\'"]?subscription_id[\'"]?\s*[:=]\s*[\'"][0-9a-f\-]{36}[\'"]', re.IGNORECASE),
@@ -22,7 +22,7 @@
 def check_ipynb_for_secrets(filename: Union[str, os.PathLike]) -> bool:
     """Jupyter notebooks can't be parsed directly - need to convert to JSON first"""
     try:
-        with open(filename, "r", encoding="utf-8") as file:
+        with Path(filename).open("r", encoding="utf-8") as file:
             notebook_data = json.load(file)
             failed = False
             for cell in notebook_data.get("cells", []):
@@ -38,23 +38,22 @@ def check_ipynb_for_secrets(filename: Union[str, os.PathLike]) -> bool:
         return True
 
 
-def main():
+def main() -> None:
     failed = False
 
     for filename in sys.argv[1:]:
         if filename.endswith((".py", ".yaml", ".yml", ".md")):
             try:
-                with open(filename, "r", encoding="utf-8") as file:
+                with Path(filename).open("r", encoding="utf-8") as file:
                     for line_number, line in enumerate(file, start=1):
                         for pattern in SECRET_PATTERNS:
                             if pattern.search(line):
                                 print(f"Secret detected in {filename} on line {line_number}: {line.strip()}")
                                 failed = True
             except UnicodeDecodeError:
                 print(f"Failed to read {filename}. Skipping secrets check.")
-        elif filename.endswith(".ipynb"):
-            if check_ipynb_for_secrets(filename):
-                failed = True
+        elif filename.endswith(".ipynb") and check_ipynb_for_secrets(filename):
+            failed = True
 
     if failed:
         sys.exit(1)
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -20,4 +20,6 @@ jobs:
           python-version: "3.8"
       - run: pip install -r dev-requirements.txt
       - name: Run Pre-Commit
-        run: pre-commit run --all-files --config .pre-commit-config-remote.yaml
+        run: pre-commit run --all-files
+        env:
+          SKIP: detect-azure-secrets-custom
diff --git a/.pre-commit-config-remote.yaml b/.pre-commit-config-remote.yaml
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -24,7 +24,7 @@ repos:
       require_serial: true
       additional_dependencies: []
       minimum_pre_commit_version: "2.9.2"
-      args: ["--fix", "--exit-non-zero-on-fix", "--exclude", "detect_azure_secrets.py"]
+      args: ["--fix", "--exit-non-zero-on-fix"]
     - id: black
       name: black
       description: "Black: The uncompromising Python code formatter"
@@ -36,6 +36,6 @@ repos:
       args: ["-m", "tox", "-qqq", "run", "-e", "black", "--"]
     - id: detect-azure-secrets-custom
       name: Detect Azure Secrets
-      entry: python detect_azure_secrets.py
+      entry: python .github/scripts/detect_azure_secrets.py
       language: python
       types: [file]
