From c67cce8ec48f38be53ffeec147ac83bdf9bdbda6 Mon Sep 17 00:00:00 2001
From: openQA web UI <openqa@yutao-qe1>
Date: Fri, 7 Feb 2025 10:40:01 +0800
Subject: [PATCH] Add CI/CD check to avoid uses of plain password in pull
 requests

---
 t/01_style.t | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/t/01_style.t b/t/01_style.t
index dbe9b74260d3..3c71243aede0 100644
--- a/t/01_style.t
+++ b/t/01_style.t
@@ -12,4 +12,6 @@ ok system(qq{git grep -I -l '[#/ ]*SPDX-License-Identifier ' ':!t/01_style.t'})
 $out = qx{git grep -ne "check_var('ARCH',.*)" -e "check_var('BACKEND',.*)" ':!lib/Utils/Architectures.pm' ':!lib/Utils/Backends.pm' 'lib' 'tests'};
 ok $? != 0 && $out eq '', 'No check_var function to verify ARCH/BACKEND types' or diag $out;
 ok system(qq{git grep -I -l \\( -e "egrep" -e "fgrep" \\) ':!t/01_style.t' ':!CONTRIBUTING.md'}) != 0, 'No usage of the deprecated egrep and fgrep commands';
+$out = qx{git grep -I -l 'nots3cr3t' ':!data/wsl/Autounattend_*.xml' 'data' | xargs grep -L 'luks.*password.*nots3cr3t'};
+ok $? != 0 && $out eq '', 'No plain password on data directory' or diag $out;
 done_testing;