https://github.com/excoriate/terraform-precommit-hooks
π Set of simple, straightforward and easy-to-understand terraform hooks
https://github.com/excoriate/terraform-precommit-hooks
Last synced: 4 months ago
JSON representation
π Set of simple, straightforward and easy-to-understand terraform hooks
- Host: GitHub
- URL: https://github.com/excoriate/terraform-precommit-hooks
- Owner: Excoriate
- License: mit
- Created: 2021-03-29T05:10:01.000Z (about 5 years ago)
- Default Branch: main
- Last Pushed: 2021-07-30T06:39:58.000Z (almost 5 years ago)
- Last Synced: 2025-10-25T03:42:59.255Z (8 months ago)
- Language: Shell
- Size: 885 KB
- Stars: 1
- Watchers: 1
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Terraform PreCommit Hooks
These Hooks work out with pre-commit framework π β These hooks found inspiration in some other nice projects available in the community, however, I've added my own additions, like adding a hook to cleaning up the `.terraform` (metadata) folder which is usually generated whenever we run a local `terraform` command, or the addition of the `terraform plan` hook as well.
## Hooks
These hooks works with [pre-commit](https://pre-commit.com/) and act onto (`*.tf` and `*.tfvars`) depending on the `file` configuration placed in the main `.pre-commit.hooks.yaml` file. Whether in the future I (or anyone who wanna contribute here) found that's needed a new hook, please, feel free to raise a `feature request or, even better! just push your PR!
| Hook | Description |
| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------- |
| `terraform-validate` | Validates all Terraform configuration files. |
| `terraform-validate-full` | Validates all Terraform configuration files (with full backend configuration) |
| `terraform-fmt` | Format (check and fix) Terraform configuration following the canonical format. |
| `terraform-docs` | Generate and keep up to date the documentation of terraform components. Re-write the `readme.md` file dynamically |
| `terraform-lint` | Use [TFLint](https://github.com/terraform-linters/tflint) to prevent bugs! |
| `terraform-clean` | Get rid of the `.terraform` folder on local executions, after you've done all your local terraform commands. |
| `terraform-sec` | Validates all Terraform configuration from the security point of view. It uses [TFSec](https://github.com/liamg/tfsec) |
| `terraform-plan` | Execute terraform plan command onto specific terraform modules (supports extra vars) |
## Configuration
### 1. Install dependencies
* [`pre-commit`](https://pre-commit.com/#install)
* [`terraform-docs`](https://github.com/terraform-docs/terraform-docs) required for `terraform_docs` hooks.
* [`TFLint`](https://github.com/terraform-linters/tflint)
* [`TFSec`](https://github.com/liamg/tfsec)
##### MacOS
```bash
brew install pre-commit gawk terraform-docs tflint tfsec coreutils
```
Or run this script
```bash
npm run lib:install
```
### 2. Hook consumer configuration
After pre-commit hook has been installed you can run it manually on all files in the repository
```bash
pre-commit run -a
```
At the repository level, add the following file calledΒ `.pre-commit-config.yaml` with the following contents (This is just an example. You can add whatever available hook you might need. In addition, depending in your folder structure, you can use the same hook that acts in different `submodules` within your `terraform` project ;)):
```yaml
repos:
- repo: https://github.com/Excoriate/terraform-precommit-hooks.git
rev: v0.0.1
hooks:
- id: terraform-clean
files: ^module/
args:
- "--dir=module"
- id: terraform-sec
files: ^module/
args:
- "--dir=module"
```
### 3. Use notes
Every time you commit a code change (`.tf` file), the hooks in the `.pre-commit-config.yaml` will be executed.