Merge pull request #260 from PVSec/master
Fix for issue #258
diff --git a/pre_commit_hooks/detect_aws_credentials.py b/pre_commit_hooks/detect_aws_credentials.py
index b2afd71..47a69bf 100644
--- a/pre_commit_hooks/detect_aws_credentials.py
+++ b/pre_commit_hooks/detect_aws_credentials.py
@@ -53,7 +53,9 @@
'aws_session_token',
):
try:
- keys.add(parser.get(section, var))
+ key = parser.get(section, var).strip()
+ if key:
+ keys.add(key)
except configparser.NoOptionError:
pass
return keys
diff --git a/testing/resources/aws_config_without_secrets_with_spaces.ini b/testing/resources/aws_config_without_secrets_with_spaces.ini
new file mode 100644
index 0000000..b169952
--- /dev/null
+++ b/testing/resources/aws_config_without_secrets_with_spaces.ini
@@ -0,0 +1,4 @@
+# file with an AWS access key id but no valid AWS secret access key only space characters
+[production]
+aws_access_key_id = AKIASLARTARGENTINA86
+aws_secret_access_key =
diff --git a/tests/detect_aws_credentials_test.py b/tests/detect_aws_credentials_test.py
index 954f3d8..f1bd7d4 100644
--- a/tests/detect_aws_credentials_test.py
+++ b/tests/detect_aws_credentials_test.py
@@ -83,6 +83,7 @@
},
),
('aws_config_without_secrets.ini', set()),
+ ('aws_config_without_secrets_with_spaces.ini', set()),
('nonsense.txt', set()),
('ok_json.json', set()),
),
@@ -100,6 +101,7 @@
('aws_config_with_session_token.ini', 1),
('aws_config_with_multiple_sections.ini', 1),
('aws_config_without_secrets.ini', 0),
+ ('aws_config_without_secrets_with_spaces.ini', 0),
('nonsense.txt', 0),
('ok_json.json', 0),
),