-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
131 lines (117 loc) · 4.08 KB
/
.pre-commit-config.yaml
File metadata and controls
131 lines (117 loc) · 4.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
repos:
# General file checks
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
exclude: '^infra/cloudformation/.*\.yaml$' # CloudFormation uses intrinsic functions (!Ref, !GetAtt)
- id: check-merge-conflict
- id: mixed-line-ending
- id: check-added-large-files
args: ["--maxkb=1000"]
# Go checks
- repo: https://github.com/golangci/golangci-lint
rev: v1.55.2
hooks:
- id: golangci-lint
name: golangci-lint (backend/api)
entry: bash -c 'cd backend/api && golangci-lint run'
language: system
files: ^backend/api/.*\.go$
pass_filenames: false
- id: golangci-lint
name: golangci-lint (backend/worker)
entry: bash -c 'cd backend/worker && golangci-lint run'
language: system
files: ^backend/worker/.*\.go$
pass_filenames: false
- repo: local
hooks:
# Go mod tidy
- id: go-mod-tidy-api
name: go mod tidy (backend/api)
entry: bash -c 'cd backend/api && go mod tidy'
language: system
files: ^backend/api/(go\.mod|go\.sum|.*\.go)$
pass_filenames: false
- id: go-mod-tidy-worker
name: go mod tidy (backend/worker)
entry: bash -c 'cd backend/worker && go mod tidy'
language: system
files: ^backend/worker/(go\.mod|go\.sum|.*\.go)$
pass_filenames: false
# Go build check
- id: go-build-api
name: go build (backend/api)
entry: bash -c 'cd backend/api && go build ./cmd/server'
language: system
files: ^backend/api/.*\.go$
pass_filenames: false
- id: go-build-worker
name: go build (backend/worker)
entry: bash -c 'cd backend/worker && go build ./cmd/worker'
language: system
files: ^backend/worker/.*\.go$
pass_filenames: false
# Go security scan
- id: gosec-api
name: gosec (backend/api)
entry: bash -c 'cd backend/api && gosec -exclude=G115,G103 -exclude-dir=internal/grpc ./...'
language: system
files: ^backend/api/.*\.go$
pass_filenames: false
- id: gosec-worker
name: gosec (backend/worker)
entry: bash -c 'cd backend/worker && gosec ./...'
language: system
files: ^backend/worker/.*\.go$
pass_filenames: false
# Python checks
- id: ruff-check
name: ruff check (backend/ai)
entry: bash -c 'cd backend/ai && uv run ruff check app/'
language: system
files: ^backend/ai/app/.*\.py$
pass_filenames: false
- id: mypy-check
name: mypy (backend/ai)
entry: bash -c 'cd backend/ai && export MYPYPATH=. && uv run mypy app/'
language: system
files: ^backend/ai/app/.*\.py$
pass_filenames: false
- id: bandit-check
name: bandit (backend/ai)
entry: bash -c 'cd backend/ai && uv run bandit -r app/'
language: system
files: ^backend/ai/app/.*\.py$
pass_filenames: false
# Frontend checks
- id: eslint-check
name: eslint (frontend)
entry: bash -c 'cd frontend && bun run lint'
language: system
files: ^frontend/.*\.(ts|tsx|js|jsx)$
pass_filenames: false
- id: prettier-check
name: prettier check (frontend)
entry: bash -c 'cd frontend && bun run format:check'
language: system
files: ^frontend/.*\.(ts|tsx|js|jsx|json|css|md)$
pass_filenames: false
# Docker compose build check (only on docker-compose.yml changes)
- id: docker-compose-check
name: docker compose config check
entry: bash -c 'docker compose -f infra/docker-compose.yml config --quiet'
language: system
files: ^infra/docker-compose\.yml$
pass_filenames: false
# Commitlint
- id: commitlint
name: commitlint
entry: bunx commitlint --edit
language: system
stages: [commit-msg]
always_run: true
pass_filenames: false