From ba842240a831ec7b06befe639a893438a5d10ba2 Mon Sep 17 00:00:00 2001
From: Hare Sudhan <code@0x6c.dev>
Date: Sat, 27 Apr 2024 12:35:45 -0500
Subject: [PATCH] Validate Byte Order marks before committing to GitHub (#194)

* yamlfmt

* add readme
---
 .github/workflows/check-installation.yml |  1 -
 .github/workflows/lint.yml               |  1 -
 .github/workflows/publish-release.yml    |  8 ++------
 .pre-commit-config.yaml                  | 11 +++++++++++
 README.md                                | 17 +++++++++++++++++
 kubernetes/k8s-deployment.yaml           | 12 ++++++------
 6 files changed, 36 insertions(+), 14 deletions(-)
 create mode 100644 .pre-commit-config.yaml

diff --git a/.github/workflows/check-installation.yml b/.github/workflows/check-installation.yml
index db69915..3092dd8 100644
--- a/.github/workflows/check-installation.yml
+++ b/.github/workflows/check-installation.yml
@@ -1,6 +1,5 @@
 name: Check installation
 on: pull_request
-
 jobs:
   install-invoke:
     name: Install Invoke-Atomic
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index b7b8a13..00c29f0 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,6 +1,5 @@
 name: Lint
 on: pull_request
-
 jobs:
   install-invoke:
     name: Install Invoke-Atomic
diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
index d428007..195a6de 100644
--- a/.github/workflows/publish-release.yml
+++ b/.github/workflows/publish-release.yml
@@ -1,20 +1,18 @@
 name: publish-release
 on:
   push:
-    tags: [ 'v*.*.*' ]
+    tags: ['v*.*.*']
 jobs:
   publish-powershell-gallery:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
         uses: actions/checkout@v2
-        
       - name: publishing
         run: |
           Install-Module -Name powershell-yaml -Force
           Publish-Module -Path '.' -NuGetApiKey ${{ secrets.PGALLERY }}
         shell: pwsh
-
   build-docker-containers:
     name: Build and Publish Containers
     runs-on: ${{ matrix.os }}
@@ -41,13 +39,12 @@ jobs:
           password: ${{ secrets.DOCKER_TOKEN }}
       - name: Docker Build
         run: |
-          docker build docker -f ${{ matrix.file }} -t ${{ matrix.tag }} 
+          docker build docker -f ${{ matrix.file }} -t ${{ matrix.tag }}
           docker build docker -f ${{ matrix.file }} -t ${{ matrix.latest }}
       - name: Docker Push
         run: |
           docker push ${{ matrix.tag }}
           docker push ${{ matrix.latest }}
-  
   publish-manfiest:
     name: Publish Manifest
     runs-on: ubuntu-latest
@@ -78,4 +75,3 @@ jobs:
         run: |
           docker manifest push redcanary/invoke-atomicredteam:${{ github.sha }}
           docker manifest push redcanary/invoke-atomicredteam:latest
-
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..b28e2d4
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,11 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: trailing-whitespace
+      - id: check-yaml
+      - id: fix-byte-order-marker
+  - repo: https://github.com/google/yamlfmt
+    rev: "v0.11.0"
+    hooks:
+      - id: yamlfmt
diff --git a/README.md b/README.md
index 2cff2f5..17c5cce 100644
--- a/README.md
+++ b/README.md
@@ -11,3 +11,20 @@ Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [
 See the Wiki for complete [Installation and Usage instructions](https://github.com/redcanaryco/invoke-atomicredteam/wiki).
 
 Note: This execution frameworks works on Windows, MacOS and Linux. If using on MacOS or Linux you must install PowerShell Core first.
+
+### Contributing
+Ensure proper byte order marks (BOM) are maintained when utilizing a PowerShell linter with the following steps:
+
+```shell
+pip3 install pre-commit
+pre-commit install
+pre-commit install-hooks
+```
+
+By following these instructions, pre-commit hooks will be activated, automatically resolving any byte order mark issues within your PowerShell files. Additionally, these hooks will be triggered prior to committing code to your GitHub repository, ensuring consistent formatting and adherence to best practices.
+
+You can also trigger pre-commit hooks manually by
+
+```shell
+pre-commit run --all-files
+```
\ No newline at end of file
diff --git a/kubernetes/k8s-deployment.yaml b/kubernetes/k8s-deployment.yaml
index e8da59b..a64c24f 100644
--- a/kubernetes/k8s-deployment.yaml
+++ b/kubernetes/k8s-deployment.yaml
@@ -16,11 +16,11 @@ spec:
         app: atomicred
     spec:
       containers:
-      - name: atomicred
-        image: redcanary/invoke-atomicredteam
-        imagePullPolicy: "IfNotPresent"
-        command: ["sleep", "3560d"]
-        securityContext:
-          privileged: true
+        - name: atomicred
+          image: redcanary/invoke-atomicredteam
+          imagePullPolicy: "IfNotPresent"
+          command: ["sleep", "3560d"]
+          securityContext:
+            privileged: true
       nodeSelector:
         kubernetes.io/os: linux