Coverage for src/lcdoc/mkdocs/blacklist/__init_

1"""

2## Blacklist

4When any word of `$blacklisted_words` (e.g. "mypass::mycompany::myuser")

5occurs in non git ignored sources, we die.

7This prevents private information being pushed to a public repo.

9Set `$blacklisted_words` e.g. via `$(pass show my/sensitive_words)` in an environ file.

11This is run after config is read and scans all docs folder content, not just the .md

12files.

14Requires rg ([ripgrep](https://github.com/BurntSushi/ripgrep)) tool.

16"""

19from lcdoc.mkdocs.tools import MDPlugin, app, config_options 1 ctxlp

20from lcdoc.tools import os, project, require, sys 1 ctxlp

23def fail_on_blacklisted_words(config, envkey, envsep): 1 ctxlp

24 l = os.environ.get(envkey) 1 ctxlp

25 if not l: 25 ↛ 27line 25 didn't jump to line 27, because the condition on line 25 was never false1 ctxlp

26 return app.debug('No $%s to check for blacklisted words' % envkey) 1 ctxlp

27 here = os.getcwd()

28 try:

29 os.chdir(project.root(config)) # ['docs_dir'])

30 require('rg --version', name='ripgrep')

31 H = False

32 words = [s.strip() for s in l.split(envsep)]

33 for w in words:

34 if not w.strip():

35 continue

36 h = os.popen("rg -i '%s'" % w).read()

37 if h.strip():

38 H = True

39 f = app.die if not 'serve' in sys.argv else app.error

40 f('Found blacklisted word', word=w, json=h.splitlines()[:10])

41 if not H:

42 app.info(

43 'Blacklist check passed: No occurrance of %s blacklisted words'

44 % len(words)

46 finally:

47 os.chdir(here)

50class BlacklistPlugin(MDPlugin): 1 ctxlp

51 config_scheme = (

52 ('envkey', config_options.Type(str, default='blacklisted_words')),

53 ('envsep', config_options.Type(str, default='::')),

56 def on_config(self, config): 1 ctxlp

57 fail_on_blacklisted_words(config, self.config['envkey'], self.config['envsep']) 1 ctxlp

Coverage for src/lcdoc/mkdocs/blacklist/init.py: 31.71%