Show names of files containing aws credentials

pre_commit_hooks/detect_aws_credentials.py

@@ -24,14 +24,17 @@ def get_your_keys(credentials_file):
     return keys
 
 
-def check_file_for_aws_keys(filename, keys):
+def check_file_for_aws_keys(filenames, keys):
-    with open(filename, 'r') as content:
+    bad_files = []
-        # naively match the entire file, chances be so slim
+
-        # of random characters matching your flipping key.
+    for filename in filenames:
-        text_body = content.read()
+        with open(filename, 'r') as content:
-        if any(key in text_body for key in keys):
+            text_body = content.read()
-            return 1
+            if any(key in text_body for key in keys):
-    return 0
+                # naively match the entire file, low chance of incorrect collision
+                bad_files.append(filename)
+
+    return bad_files
 
 
 def main(argv=None):
@@ -48,11 +51,13 @@ def main(argv=None):
     if not keys:
         return 2
 
-    retv = 0
+    bad_filenames = check_file_for_aws_keys(args.filenames, keys)
-    for filename in args.filenames:
+    if bad_filenames:
-        retv |= check_file_for_aws_keys(filename, keys)
+        for bad_file in bad_filenames:
-    return retv
+            print('AWS secret key found: {0}'.format(bad_file))
-
+        return 1
+    else:
+        return 0
 
 if __name__ == '__main__':
     exit(main())