Configured a local quality gate using pre-commit, Black, Flake8, Bandit, JSON/YAML checks, and a custom TODO-blocking hook.
- Basic understanding of Git workflows and commits
- Familiarity with Python and command-line operations
- Knowledge of code quality concepts (linting, formatting)
- A Linux machine with sudo privileges
- Basic understanding of YAML configuration files
- Operating System: Ubuntu 24.04 LTS cloud lab environment
- Primary User: toor
- Python Runtime: Python 3.12.x in a virtual environment
- Source Control: Git with pre-commit hooks
- Configure pre-commit hooks to enforce code quality standards
- Implement automated linting checks before commits
- Set up code formatting enforcement
- Configure basic security scanning in the commit workflow
- Understand quality gates in DevOps pipelines
This lab was completed through the following high-level activities:
- Step 1: Install Pre-commit
- Step 2: Create Sample Python Project
- Step 3: Create Pre-commit Configuration
- Step 4: Install Pre-commit Hooks
- Step 5: Run Pre-commit Manually
- Step 1: Create Flake8 Configuration
- Step 2: Create Bandit Configuration
- Step 3: Fix the Python Code
lab04-pre-commit-quality-gate-setup/
├── README.md
├── commands.sh
├── output.txt
├── interview_qna.md
├── troubleshooting.md
└── project/
.bandit
.flake8
.pre-commit-config.yaml
app.py
app_fixed.py
bad_code.py
config.json
config.yaml
-
- Update your system and install required packages:
-
- Verify installations:
-
- Create a working directory:
-
- Create and activate a virtual environment
- How pre-commit automates quality checks before code reaches version control.
- How formatting, linting, and security scanning complement each other.
- How custom hooks can enforce team-specific repository rules.
- Why emergency bypass options exist and why they should be used carefully.
This lab has strong security relevance because Bandit was used to catch hardcoded secrets and unsafe patterns before commit, turning the repository into a first-line defensive control.
Quality gates are a practical way to shift code quality and security checks left. They reduce noisy reviews, catch common issues early, and help teams maintain a predictable standard before code reaches shared branches.
- Python application repositories with enforced style and security checks.
- Team-level developer workflows before CI/CD pipelines run.
- Source control hygiene for production-facing infrastructure repositories.
Installed and tested a working pre-commit pipeline that enforced formatting, linting, security checks, and a custom local rule.
This lab strengthened my hands-on foundation in pre-commit quality gate setup and produced a clean set of project files, command history, execution output, interview notes, and troubleshooting guidance for portfolio use.
All code, commands, outputs, and support material used for this lab are organized in this folder for traceability and GitHub documentation readiness.