forked from terraform-ibm-modules/common-dev-assets
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.pre-commit-config.yaml
149 lines (149 loc) · 4.93 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
default_stages: [commit]
repos:
- repo: local
hooks:
- id: git-submodule-version-check
name: git-submodule-version-check
description: Hook that will fail if local common-dev-assets git submodule is older than the one currently on primary branch
entry: ci/submoduleVersionCheck.sh
language: script
pass_filenames: false
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
- id: check-yaml
exclude: chart/|metadata.yaml
- id: check-json
- id: end-of-file-fixer
- id: trailing-whitespace
- id: check-merge-conflict
- id: detect-private-key
- id: mixed-line-ending
args: ['--fix=lf']
description: Forces to replace line ending by the UNIX 'lf' character.
- repo: https://github.com/hadolint/hadolint
rev: v2.12.0
hooks:
- id: hadolint
- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
rev: v9.3.0
hooks:
- id: commitlint
stages: [commit-msg]
additional_dependencies: ['@commitlint/config-angular']
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.76.0
hooks:
- id: terraform_fmt
- id: terraform_validate
files: ^examples/
- id: terraform_docs
args: ['--args=--hide=providers']
- id: terraform_tflint
args:
- --args=--enable-rule=terraform_unused_declarations
- --args=--enable-rule=terraform_deprecated_index
- --args=--enable-rule=terraform_comment_syntax
- --args=--enable-rule=terraform_documented_outputs
- --args=--enable-rule=terraform_documented_variables
- --args=--enable-rule=terraform_typed_variables
- --args=--enable-rule=terraform_naming_convention
- --args=--enable-rule=terraform_required_version
- --args=--enable-rule=terraform_required_providers
- --args=--enable-rule=terraform_unused_required_providers
- --args=--enable-rule=terraform_standard_module_structure
exclude: dynamic_values/ # Do not run tflint in dynamic_folders directory (temp solution for SLZ modules). Internal issue created to track better solution.
- id: terragrunt_fmt
- id: terragrunt_validate
- id: terraform_tfsec
files: '\.tf'
# checkov (does not require checkov to be installed locally to run)
- repo: https://github.com/bridgecrewio/checkov.git
rev: 2.2.95
hooks:
- id: checkov
args:
- --skip-path=.scv
- --skip-path=Dockerfile
- --skip-path=module-metadata.json
- --skip-framework=github_actions
- repo: https://github.com/syntaqx/git-hooks
rev: v0.0.17
hooks:
- id: forbid-binary
exclude: .png|.jpg
- id: shellcheck
- id: go-fmt
- repo: https://github.com/ibm/detect-secrets
rev: 0.13.1+ibm.55.dss
hooks:
- id: detect-secrets
args: ['--baseline', '.secrets.baseline', '--fail-on-unaudited', 'use-all-plugins']
exclude: go.sum|module-metadata.json
# flake8
- repo: https://github.com/pycqa/flake8
rev: 6.0.0
hooks:
- id: flake8
args: # arguments to configure flake8
# making isort line length compatible with black
- "--max-line-length=88"
# these are errors that will be ignored by flake8
# check out their meaning here
# https://flake8.pycqa.org/en/latest/user/error-codes.html
- "--ignore=E203,E501,W503"
# isort
- repo: https://github.com/pycqa/isort
rev: 5.10.1
hooks:
- id: isort
args: ["--profile", "black", "--filter-files"]
# black
- repo: https://github.com/ambv/black
rev: 22.10.0
hooks:
- id: black
args: # arguments to configure black
- --line-length=88
- repo: local
hooks:
- id: golangci-lint
name: golangci-lint
description: Fast linters runner for Go.
entry: bash ci/golangci-lint.sh
types: [go]
language: golang
pass_filenames: false
- id: build_module_template
name: Build module template
description: Build module template (module template repos only)
entry: python3 ci/module-template-automation/moduleTemplateBuilder.py
language: python
files: "README.md"
pass_filenames: false
- id: add_examples
name: Add examples section to README
description: Add examples section to README
entry: python3 ci/terraformDocExamples.py
language: python
files: "README.md"
pass_filenames: false
- id: terraform-config-inspect
name: Generate terraform module metadata
description: Extracting high-level metadata about Terraform modules
entry: python3 ci/terraformConfigInspect.py
language: python
files: '\.tf'
pass_filenames: false
- id: go-mod-module-repository
name: Add module repository to go.mod
description: Adding module repository to go.mod file
entry: python3 ci/terraformDocGoMod.py
language: python
files: "tests/go.mod"
pass_filenames: false
# helm lint
- repo: https://github.com/gruntwork-io/pre-commit
rev: v0.1.17
hooks:
- id: helmlint