--- # Pre-commit hooks for Homelab repository # Ensures code quality and prevents broken deployments repos: # Basic file checks - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.5.0 hooks: - id: trailing-whitespace exclude: '\.md$' - id: end-of-file-fixer exclude: '\.md$' - id: check-yaml args: ['--allow-multiple-documents'] exclude: '^(archive/|\.git/|hosts/vms/homelab-vm/fluxer\.yaml)' - id: check-added-large-files args: ['--maxkb=10240'] # 10MB limit - id: check-merge-conflict - id: check-case-conflict # YAML linting - repo: https://github.com/adrienverge/yamllint rev: v1.35.1 hooks: - id: yamllint args: [-c=.yamllint] exclude: '^(archive/|\.git/|hosts/vms/homelab-vm/fluxer\.yaml|hosts/synology/setillo/prometheus/snmp\.yml|hosts/synology/calypso/grafana_prometheus/snmp\.yml|hosts/physical/concord-nuc/piped\.yaml|hosts/synology/calypso/seafile-server\.yaml|hosts/vms/bulgaria-vm/hemmelig\.yml|hosts/vms/seattle/stoatchat/livekit\.yml)' # Docker Compose validation - repo: local hooks: - id: docker-compose-check name: Docker Compose Syntax Check entry: scripts/validate-compose.sh language: script files: '\.ya?ml$' exclude: '^(archive/|ansible/|\.git/|docker/monitoring/prometheus/|prometheus/)' pass_filenames: true # Secret detection - blocks commits containing passwords, tokens, API keys - repo: https://github.com/Yelp/detect-secrets rev: v1.5.0 hooks: - id: detect-secrets args: ['--baseline', '.secrets.baseline'] exclude: '^(archive/|\.git/|\.secrets\.baseline$)' # Ansible playbook validation (disabled due to dependency issues) # - repo: https://github.com/ansible/ansible-lint # rev: v24.2.0 # hooks: # - id: ansible-lint # files: '^ansible/.*\.(yml|yaml)$' # exclude: '^(archive/|\.git/)' # args: # - --exclude=ansible/archive/ # - --skip-list=yaml[line-length] # Global settings default_stages: [pre-commit] fail_fast: false minimum_pre_commit_version: '3.0.0'