Is it possible for clouseau to run against local clone?

cfpb / clouseau

⚠️ THIS PROJECT IS DEPRECATED ⚠️ Search your repository's git history for undesirable text patterns such as passwords, ssh keys and other personal identifiable information

Creative Commons Zero v1.0 Universal

97 stars 26 forks source link

Is it possible for clouseau to run against local clone? #29

Open exafox opened 9 years ago

exafox commented 9 years ago

Hey all, I am hoping to use clouseau to audit source code before it is sent to a remote location (looking at pre-commit at the moment). I followed the git hooks setup guide, but I cannot see a way to tell clouseau to run against a local branch. Is this possible or does it require a new feature?

In case it helps describe my intent, I have a script on my PATH that looks like this:

#! /usr/local/clouseau/.py/bin/python
# -*- codes: utf-8 -*-
import sys
from clouseau.clouseau import Clouseau
from clouseau.clients.console_thin import ConsoleThinClient

if __name__ == '__main__':
    clouseau = Clouseau()
    client = ConsoleThinClient()
    sys.argv.pop(0)
    clouseau.main( _args=sys.argv, client=client )

And a pre-commit script looks like this:

echo "running clouseau"
remote_url=$(git config --get remote.origin.url)
clouseau -u $remote_url --skip --dest $(dirname $(pwd)) --revlist="HEAD"

marcesher commented 9 years ago

@exafox What you're describing should work, though you shouldn't need to have that script on your path. If you have the latest clouseau cloned locally, you should be able to pip install -e clouseau to install clouseau, and then your git hook should just work. The --skip tells it not to pull from the remote, and the --dest tells it to use the current directory, i.e. your local repo.

What behavior are you seeing that you shouldn't be?

exafox commented 9 years ago

I think it may be a lack of understanding on my part: I tried locally committing something that looked like a social security number with the above configuration and it failed to block or warn. I was curious if it is possible to have clouseau ignore remote locations and focus on the local one. It sounds like from your response that is indeed something the tool currently does. I'll poke around with --skip and --dest, thanks!

marcesher commented 9 years ago

@exafox Did you see any evidence that clouseau ran on your commit at all? Or did it appear to run but not flag anything?

louy2 commented 8 years ago

Just wanna +1 on pre-commit usage. If it is already possible maybe document it?

exafox commented 8 years ago

@louy2 I believe this is solved using the simpler installation technique @marcesher articulated up above. Agreed that pre-commit usage should be better documented in the readme though.

cc @tanderegg

cfarm commented 8 years ago

+1 another vote for updating the readme with pre-commit usage instructions.