gruntwork-io/pre-commit gruntwork-io/pre-commit

  • Stars
    star
    476
  • Rank 92,280 (Top 2 %)
  • Language
    Shell
  • License
    Apache License 2.0
  • Created over 6 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
gruntwork-io/pre-commit
github

gruntwork-io

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of pre-commit hooks used by Gruntwork tools

Maintained by Gruntwork.io

Pre-commit hooks

This repo defines Git pre-commit hooks intended for use with pre-commit. The currently supported hooks are:

  • terraform-fmt: Automatically run terraform fmt on all Terraform code (*.tf files).
  • terraform-validate: Automatically run terraform validate on all Terraform code (*.tf files).
  • packer-validate: Automatically run packer validate on all Packer code (*.pkr.* files).
  • terragrunt-hclfmt: Automatically run terragrunt hclfmt on all Terragrunt configurations.
  • tflint: Automatically run tflint on all Terraform code (*.tf files).
  • shellcheck: Run shellcheck to lint files that contain a bash shebang.
  • gofmt: Automatically run gofmt on all Golang code (*.go files).
  • goimports: Automatically run goimports on all Golang code (*.go files).
  • golint: Automatically run golint on all Golang code (*.go files). [DEPRECATED]: Please use golangci-lint below.
  • golangci-lint: Automatically run golangci-lint on all Golang code (*.go files).
  • yapf: Automatically run yapf on all python code (*.py files).
  • helmlint Automatically run helm lint on your Helm chart files. See caveats here.
  • markdown-link-check Automatically run markdown-link-check on markdown doc files.
  • sentinel-fmt: Automatically run sentinel fmt on all Sentinel code (*.sentinel.* files).

General Usage

In each of your repos, add a file called .pre-commit-config.yaml with the following contents:

repos:
  - repo: https://github.com/gruntwork-io/pre-commit
    rev: <VERSION> # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
    hooks:
      - id: terraform-fmt
      - id: terraform-validate
      - id: tflint
      - id: shellcheck
      - id: gofmt
      - id: golint

Next, have every developer: 

  1. Install pre-commit. E.g. brew install pre-commit.
  2. Run pre-commit install in the repo.

That’s it! Now every time you commit a code change (.tf file), the hooks in the hooks: config will execute.

Running Against All Files At Once

Example: Formatting all files

If you'd like to format all of your code at once (rather than one file at a time), you can run:

pre-commit run terraform-fmt --all-files

Example: Enforcing in CI

If you'd like to enforce all your hooks, you can configure your CI build to fail if the code doesn't pass checks by adding the following to your build scripts:

pip install pre-commit
pre-commit install
pre-commit run --all-files

If all the hooks pass, the last command will exit with an exit code of 0. If any of the hooks make changes (e.g., because files are not formatted), the last command will exit with a code of 1, causing the build to fail.

Helm Lint Caveats

Detecting charts

The helmlint pre-commit hook runs helm lint on the charts that have been changed by the commit. It will run once per changed chart that it detects.

Note that charts are detected by walking up the directory tree of the changed file and looking for a Chart.yaml file that exists on the path.

linter_values.yaml

helm lint requires input values to look for configuration errors in your helm chart. However, this means that the linter needs a complete values file. Because we want to develop charts that define required values that the operator should provide, we don't want to specify defaults for all the values the chart expects in the default values.yaml file.

Therefore, to support this, this pre-commit hook looks for a special linter_values.yaml file defined in the chart path. This will be combined with the values.yaml file before running helm lint. In your charts, you should define the required values in linter_values.yaml.

For example, suppose you had a helm chart that defined two input values: containerImage and containerTag. Suppose that your chart required containerImage to be defined, but not containerTag. To enforce this, you created the following values.yaml file for your chart:

# values.yaml

# containerImage is required and defines which image to use

# containerTag specifies the image tag to use. Defaults to latest.
containerTag: latest

If you run helm lint on this chart, it will fail because somewhere in your chart you will reference .Values.containerImage which will be undefined with this values.yaml file. To handle this, you can define a linter_values.yaml file that defines containerImage:

# linter_values.yaml
containerImage: nginx

Now when the pre-commit hook runs, it will call helm lint with both linter_values.yaml and values.yaml:

helm lint -f values.yaml -f linter_values.yaml .

Shellcheck Arguments

To enable optional shellcheck features you can use the --enable flag. Other shellcheck flags can not be passed through.

repos:
  - repo: https://github.com/gruntwork-io/pre-commit
    rev: <VERSION>
    hooks:
      - id: shellcheck
        args: ["--enable require-variable-braces,deprecate-which"]

License

This code is released under the Apache 2.0 License. Please see LICENSE and NOTICE for more details.

Copyright © 2019 Gruntwork, Inc.

More Repositories

1

terragrunt

Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.
Go
7,998
star
2

terratest

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
Go
7,425
star
3

cloud-nuke

A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it
Go
2,722
star
4

git-xargs

git-xargs is a command-line tool (CLI) for making updates across multiple Github repositories with a single command.
Go
928
star
5

terragrunt-infrastructure-live-example

A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
HCL
748
star
6

bash-commons

A collection of reusable Bash functions for handling common tasks such as logging, assertions, string manipulation, and more
Shell
747
star
7

intro-to-terraform

Sample code for the blog post series "A Comprehensive Guide to Terraform."
HCL
732
star
8

fetch

Download files, folders, and release assets from a specific git commit, branch, or tag of public and private GitHub repos.
Go
586
star
9

kubergrunt

Kubergrunt is a standalone go binary with a collection of commands to fill in the gaps between Terraform, Helm, and Kubectl. https://www.gruntwork.io
Go
510
star
10

terraform-google-gke

Terraform code and scripts for deploying a Google Kubernetes Engine (GKE) cluster.
HCL
357
star
11

infrastructure-as-code-training

Materials for learning how to use infrastructure-as-code
Ruby
351
star
12

terragrunt-infrastructure-modules-example

A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
HCL
298
star
13

terraform-aws-utilities

A collection of useful Terraform utilities
HCL
214
star
14

helm-kubernetes-services

Helm charts that can be used to package your applications into production ready deployments for Kubernetes. https://www.gruntwork.io
Go
192
star
15

infrastructure-as-code-testing-talk

Sample code for the talk "How to test your infrastructure code: automated testing for Terraform, Docker, Packer, Kubernetes, and more" by Yevgeniy Brikman
Go
186
star
16

boilerplate

A tool for generating files and folders ("boilerplate") from a set of templates
Go
166
star
17

toc

A Table of Contents of all Gruntwork Code
Shell
117
star
18

terraform-google-network

Terraform code and scripts for deploying a GCP Virtual Private Cloud (VPC).
HCL
107
star
19

health-checker

A simple HTTP server that will return 200 OK if all configured health checks pass.
Go
98
star
20

terraform-google-load-balancer

Terraform modules for deploying Load Balancers in GCP
HCL
93
star
21

terraform-google-sql

Terraform modules for deploying Google Cloud SQL (e.g. MySQL, PostgreSQL) in GCP
Go
92
star
22

terraform-aws-couchbase

Reusable infrastructure modules for running Couchbase on AWS
HCL
92
star
23

gruntwork-installer

A script to make it easy to install Gruntwork Modules
Shell
92
star
24

terragrunt-action

A GitHub Action for installing and running Terragrunt
Shell
91
star
25

terraform-training-solutions

The solutions for the exercises in the Infrastructure as Code with Terraform Workshop
HCL
81
star
26

terraform-kubernetes-helm

Terraform code and scripts for deploying Helm Server (Helm v2) on a Kubernetes cluster. https://www.gruntwork.io
HCL
65
star
27

terraform-fake-modules

HCL
45
star
28

private-tls-cert

A simple Terraform module to generate self-signed TLS certificates for private use
HCL
43
star
29

terratest-helm-testing-example

Example Helm Chart and corresponding test code using terratest.
Go
42
star
30

gruntwork-io.github.io

The gruntwork.io website
HTML
41
star
31

terraform-google-static-assets

Modules for managing static assets (CSS, JS, images) in GCP
HCL
36
star
32

go-commons

A standard library to use in all Gruntwork CLI tools
Go
34
star
33

knowledge-base

Gruntwork Knowledge Base. You are more than welcomed to create questions and share knowledge with our community.
34
star
34

docs

Gruntwork docs files plus a set of tools to auto-generate a docs website from package markdown files.
JavaScript
26
star
35

terraform-google-ci

Terraform code and scripts for deploying automated CI/CD pipelines on GCP.
HCL
19
star
36

patcher-action

A GitHub Action for running Patcher, including setting up promotion workflows.
TypeScript
17
star
37

terraform-kubernetes-namespace

This repo contains a Module for managing Kubernetes Namespaces with Terraform.
HCL
17
star
38

tflint-ruleset-aws-cis

Tflint rules for CIS AWS Foundations Benchmark compliance checks. These rules work in addition to the recommendations from Gruntwork's CIS Service Catalog.
Go
11
star
39

helmcharts

Holds Gruntwork's public helm chart repository
6
star
40

sample-app-docker

Sample app for use with Google Cloud Build
JavaScript
6
star
41

terragrunt-engine-opentofu

Go
5
star
42

terraform-hiera-like-example

A repo that shows an example of how to deploy services dynamically from Hiera-like YAML files using Terraform/Terragrunt
HCL
2
star
43

module-ci-update-terraform-variable-test

This repo is used as part of the automated tests for the terraform-update-tests script in module-ci
HCL
2
star
44

pipelines-orchestrate

Shell
2
star
45

terragrunt-engine-go

Go
2
star
46

terraform-module-in-root-for-terragrunt-test

This repo is used during automated tests for Terragrunt. It is not meant for any production usage.
HCL
1
star
47

pipelines-dispatch

Shell
1
star
48

terraform-null-terragrunt-registry-test

HCL
1
star
49

legal

1
star
50

pipelines-aws-execute

1
star
51

pipelines-workflows

1
star
52

pipelines-baseline-account-action

1
star
53

website-comments

This repository captures all comments written in the guides
1
star
54

pipelines-provision-repo-action

1
star
55

fetch-test-public

A public repo meant solely for testing with gruntwork-io/fetch
1
star
56

pipelines-execute

Shell
1
star
57

pipelines-status-update

Shell
1
star
58

pipelines-provision-access-control-action

1
star
59

pipelines-baseline-child-account-action

1
star
60

pipelines-bootstrap

1
star
61

pipelines-preflight-action

1
star
62

pipelines-provision-account-action

1
star