diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml new file mode 100644 index 0000000..ce1f5a6 --- /dev/null +++ b/.pre-commit-hooks.yaml @@ -0,0 +1,30 @@ +# Configuring our pre-commit hooks to be used with pre-commit: http://pre-commit.com/ + +# https://www.terraform.io/docs/commands/fmt.html +- id: terraform-fmt + name: Terraform fmt + description: The terraform fmt command is used to rewrite Terraform configuration files to a canonical format and style. This command applies a subset of the Terraform language style conventions, along with other minor adjustments for readability. + entry: pre_commit_hooks/terraform/fmt.sh + language: script + files: \.tf$ + exclude: \.+.terraform\/.*$ + require_serial: true + +# https://www.terraform.io/docs/commands/validate.html +- id: terraform-validate + name: Terraform validate + description: The terraform validate command validates all Terraform configuration files, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc. + entry: pre_commit_hooks/terraform/validate.sh + language: script + files: \.tf$ + exclude: \.+.terraform\/.*$ + require_serial: true + +# https://github.com/terraform-linters/tflint +- id: tflint + name: tflint + description: TFLint is a Terraform linter focused on possible errors, best practices, etc. (Terraform >= 0.12) + entry: hooks/tflint.sh + language: script + files: \.tf$ + exclude: \.+.terraform\/.*$ diff --git a/LICENSE b/LICENSE index 261eeb9..5391b0b 100644 --- a/LICENSE +++ b/LICENSE @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright [2020] [Mineiros] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/README.adoc b/README.adoc new file mode 100644 index 0000000..7156109 --- /dev/null +++ b/README.adoc @@ -0,0 +1,58 @@ +// AsciiDoc TOC settings +:toc: +:toc-placement!: +:toc-title: + +// GitHub Flavored Asciidoc (GFA). See https://gist.github.com/dcode/0cfbf2699a1fe9b46ff04c41721dda74 for details. +ifdef::env-github[] +:tip-caption: :bulb: +:note-caption: :information_source: +:important-caption: :heavy_exclamation_mark: +:caution-caption: :fire: +:warning-caption: :warning: +endif::[] + += pre-commit-hooks + +This repository is a collection of https://pre-commit.com/[pre-commit hooks] used by https://mineiros.io[mineiros.io]. + +Currently, the following hooks are supported: + +* terraform-fmt: The terraform fmt command is used to rewrite Terraform configuration `*.tf` files to a canonical format and style. +* terraform-validate: The terraform validate command validates all Terraform configuration `*.tf` files, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc. +* tflint: TFLint is a Terraform linter focused on possible errors, best practices, etc. (Terraform >= 0.12). Applied to all Terraform configuration `*.tf` files. + +== Installation +Install https://pre-commit.com/[pre-commit]. E.G. `brew install pre-commit` + +== Usage + +Create a `.pre-commit-config.yaml` inside your repositories. You can dynamically add and remove hooks inside the configuration file. +Please see the https://pre-commit.com/#usage[documentation] for further information. + +``` +repos: + - repo: https://github.com/mineiros-io/pre-commit-hooks + rev: # Check for the latest version: https://github.com/mineiros-io/pre-commit-hooks/releases + hooks: + - id: terraform-fmt + - id: terraform-validate + - id: tflint +``` + +Once you created the configuration file inside your repository, you must run `pre-commit install` to activate the hooks. + +That's it, pre-commit will now listen for changes in your files and run the checks accordingly. + +=== Run Check against All Files + +==== Example: Run A Specific Hook +``` +pre-commit run terraform-validate --all-files +``` + +==== Example: Run All Hooks ( Useful Inside CI ) +``` + +pre-commit run --all-files +``` diff --git a/README.md b/README.md deleted file mode 100644 index 247eda6..0000000 --- a/README.md +++ /dev/null @@ -1,2 +0,0 @@ -# pre-commit-hooks -A collection of pre-commit-hooks used by the Mineiros IaC Library. diff --git a/pre_commit_hooks/terraform/fmt.sh b/pre_commit_hooks/terraform/fmt.sh new file mode 100644 index 0000000..4fccf59 --- /dev/null +++ b/pre_commit_hooks/terraform/fmt.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +# set -e is considered to be a bad practice as written here http://mywiki.wooledge.org/BashFAQ/105 +# so we use a trap instead +trap 'exit' ERR + +# Make environment variables working in OSX GUI apps such as Github Desktop https://stackoverflow.com/q/135688/483528 +export PATH=$PATH:/usr/local/bin + +terraform fmt -recursive + diff --git a/pre_commit_hooks/terraform/tflint.sh b/pre_commit_hooks/terraform/tflint.sh new file mode 100644 index 0000000..855105b --- /dev/null +++ b/pre_commit_hooks/terraform/tflint.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# set -e is considered to be a bad practice as written here http://mywiki.wooledge.org/BashFAQ/105 +# so we use a trap instead +trap 'exit' ERR + +# Make environment variables working in OSX GUI apps such as Github Desktop https://stackoverflow.com/q/135688/483528 +export PATH=$PATH:/usr/local/bin + +for file in "$@"; do + tflint "$file" +done diff --git a/pre_commit_hooks/terraform/validate.sh b/pre_commit_hooks/terraform/validate.sh new file mode 100644 index 0000000..53a3bd8 --- /dev/null +++ b/pre_commit_hooks/terraform/validate.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +# set -e is considered to be a bad practice as written here http://mywiki.wooledge.org/BashFAQ/105 +# so we use a trap instead +trap 'exit' ERR + +# Make environment variables working in OSX GUI apps such as Github Desktop https://stackoverflow.com/q/135688/483528 +export PATH=$PATH:/usr/local/bin + +for dir in $(echo "$@" | xargs -n1 dirname | sort -u | uniq); do + terraform init -backend=false "$dir" + terraform validate "$dir" +done