From a6665279e73c7ccc0fdfed60c61047d6c975ae1e Mon Sep 17 00:00:00 2001
From: Dean Wilson <dean.wilson@gmail.com>
Date: Wed, 28 Oct 2015 05:13:37 +0000
Subject: [PATCH] Show names of files containing aws credentials

---
 pre_commit_hooks/detect_aws_credentials.py | 31 +++++++++++++---------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/pre_commit_hooks/detect_aws_credentials.py b/pre_commit_hooks/detect_aws_credentials.py
index 55e83a1..e63e72a 100644
--- a/pre_commit_hooks/detect_aws_credentials.py
+++ b/pre_commit_hooks/detect_aws_credentials.py
@@ -24,14 +24,17 @@ def get_your_keys(credentials_file):
     return keys
 
 
-def check_file_for_aws_keys(filename, keys):
-    with open(filename, 'r') as content:
-        # naively match the entire file, chances be so slim
-        # of random characters matching your flipping key.
-        text_body = content.read()
-        if any(key in text_body for key in keys):
-            return 1
-    return 0
+def check_file_for_aws_keys(filenames, keys):
+    bad_files = []
+
+    for filename in filenames:
+        with open(filename, 'r') as content:
+            text_body = content.read()
+            if any(key in text_body for key in keys):
+                # naively match the entire file, low chance of incorrect collision
+                bad_files.append(filename)
+
+    return bad_files
 
 
 def main(argv=None):
@@ -48,11 +51,13 @@ def main(argv=None):
     if not keys:
         return 2
 
-    retv = 0
-    for filename in args.filenames:
-        retv |= check_file_for_aws_keys(filename, keys)
-    return retv
-
+    bad_filenames = check_file_for_aws_keys(args.filenames, keys)
+    if bad_filenames:
+        for bad_file in bad_filenames:
+            print('AWS secret key found: {0}'.format(bad_file))
+        return 1
+    else:
+        return 0
 
 if __name__ == '__main__':
     exit(main())