šŸ”’šŸ¤– The Next Step in GitGuardianā€™s Approach to NHI Security

DISCOVER

šŸ”’šŸ¤– The Next Step in GitGuardianā€™s Approach to NHI Security

DISCOVER

What are GitHooks? Explained in 5 minutes

Learn about GitHooks, where they run, and how to use the pre-existing hooks in the standard git template.

Video Transcript

let's first take a look at the workflow that you go through when you're creating software and using git so if this is you here on my screen the first thing that you generally do is write some code and that gets staged and tracked by get then you make a commit and that goes into your local stash when you make that commit before it happens you can trigger a git hook and you can get it to automatically run some scripts and you can get it to block that commit if it fails conditions that you set you're then gonna push a series of commits to your remote repository before that push leaves your computer you can trigger another hook a pre-push hook and you can prevent them from leaving and entering your remote repository if that hook fails and of course then we have server side so the first two are on your local environment and these are great you have a lot of control around these and then you also have hooks that you can put on your server side right where you'll get server sits and for instance pre-received so before it gets into your repository but after it's less your computer you can run something when we talk about githubs three come up the most often pre-commit pre-push pre-receive if you know how to use git you probably know exactly what all of these already do there's actually a whole bunch more and there's more than even what I have on the screen right now what you need to know is that they get hooks all work in exactly the same way so after today you're gonna understand really how they work and you're going to be able to write your own ones and it doesn't matter what Hooks you're going to be using now there's one more thing I want to talk about and that is understanding the difference between a local and a global hook right probably pretty self-explanatory a local hook sits inside your repository I'll show you exactly where it is in a minute and this runs just on this repository just this project right nothing else is concerned you can set up a global hook and this means that it's going to run on all of your repositories so just keep that in mind and of course there's lots of different ways to be able to do this and I'm going to run you through the one that I prefer okay so we're all caught up on what git hooks are what they do let's create our first git hook so I've got my IDE open here I'm using visual studio whatever idea you use that's fine everything's going to work in the same way I'm navigated right now into an empty project an empty directory called githooks the first thing that I'm going to do is I'm going to initialize get with Git init obviously and what does this do this creates a folder it creates a DOT get directory dot get folder on my navigator you can see this a little bit more clearly so this is the folder we have here if you can't see it it just means that you have hidden files not showing so just make sure that you turn your hidden files on if we navigate into this folder we'll see some things here we won't worry about a lot of them but we will look in this folder here that says hooks and in here you'll see we have a lot of hooks that are named that are called dot sample I'm going to get rid of this and I'm going to navigate into using my IDE now so these are all the hooks that come standard out the box every time you initiate git so if you have old git directories so long as you haven't messed around with the template settings these will all be in those folders so we have here the pre-commit the pre-merge pre-apply patch so on and so forth to create our first git hook it's actually ridiculously easy all that we need to do is take one of these hooks go to rename and remove dot sample that's it every time git performs an action it looks inside this hooks folder and see if there is an applicable hook that is valid if it is it will run that the script that you write will be executed we don't need to update any configurations that will happen at the Box inside this pre-commit folder we can see some code now this is written in bash as you can see by the first line here right sh you can write your githubs in any scripting language so you can use Python you can use Peril in this video I'm going to be using Bash one of the things that this cook is doing out the box is is checking for trailing white space error and this is what this very last one is here all right I'm going to open up my main.py file and all I'm going to do is add some errors by putting in a bunch of white spaces so if we save this and we try and commit this file we should be blocked by the pre-commit git hook and we are you'll see here that we it's given us a trailing white spaces era and it's actually exited from that hook so if we go get status we'll see that there are no commits yet this has been blocked now this is really helpful when we're writing githooks knowing that we can actually exit out of it and prevent the action right we can write git hooks that just allow it through it doesn't always have to exit we have to write that in but it's helpful to know that that is happening because we don't need to do anything about our git history we don't need to rebase or use a soft head we can just continue on as normal and remove these trailing white spaces which if I do that and I do the exact same thing we'll see that with it's all gone through no troubles at all