Become an AceSign inSign up
gruntwork-io/ pre-commit (v0.1.12) 3 months ago
Shell Python devops Bash Git
View on GitHub
Need help with pre-commit?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

gruntwork-io
165 Stars 53 Forks Apache License 2.0 91 Commits 8 Opened issues

Description

A collection of pre-commit hooks used by Gruntwork tools

Services available

!
?

Need anything else?

Contributors list

Maintained by Gruntwork.io

Pre-commit hooks

This repo defines Git pre-commit hooks intended for use with pre-commit. The currently supported hooks are:

  • terraform-fmt: Automatically run 
    terraform fmt
    on all Terraform code (
    *.tf
    files).
  • terraform-validate: Automatically run 
    terraform validate
    on all Terraform code (
    *.tf
    files).
  • terragrunt-hclfmt: Automatically run 
    terragrunt hclfmt
    on all Terragrunt configurations.
  • tflint: Automatically run 
    tflint
     on all Terraform code (
    *.tf
    files).
  • shellcheck: Run 
    shellcheck
     to lint files that contain a bash shebang.
  • gofmt: Automatically run 
    gofmt
    on all Golang code (
    *.go
    files).
  • goimports: Automatically run 
    goimports
    on all Golang code (
    *.go
    files).
  • golint: Automatically run 
    golint
    on all Golang code (
    *.go
    files).
  • yapf: Automatically run 
    yapf
     on all python code (
    *.py
    files).
  • helmlint Automatically run 
    helm lint
     on your Helm chart files. See caveats here.
  • markdown-link-check Automatically run markdown-link-check on markdown doc files.

General Usage

In each of your repos, add a file called 

.pre-commit-config.yaml
with the following contents: 
repos:
  - repo: https://github.com/gruntwork-io/pre-commit
    rev:  # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
    hooks:
      - id: terraform-fmt
      - id: terraform-validate
      - id: tflint
      - id: shellcheck
      - id: gofmt
      - id: golint

Next, have every developer: 

  1. Install pre-commit. E.g. 
    brew install pre-commit
    .
  2. Run 
    pre-commit install
    in the repo.

That’s it! Now every time you commit a code change (

.tf
file), the hooks in the 
hooks:
config will execute.

Running Against All Files At Once

Example: Formatting all files

If you'd like to format all of your code at once (rather than one file at a time), you can run:

pre-commit run terraform-fmt --all-files

Example: Enforcing in CI

If you'd like to enforce all your hooks, you can configure your CI build to fail if the code doesn't pass checks by adding the following to your build scripts:

pip install pre-commit
pre-commit install
pre-commit run --all-files

If all the hooks pass, the last command will exit with an exit code of 0. If any of the hooks make changes (e.g., because files are not formatted), the last command will exit with a code of 1, causing the build to fail.

Helm Lint Caveats

Detecting charts

The 

helmlint
pre-commit hook runs 
helm lint
on the charts that have been changed by the commit. It will run once per changed chart that it detects.

Note that charts are detected by walking up the directory tree of the changed file and looking for a 

Chart.yaml
file that exists on the path.

linter_values.yaml

helm lint
requires input values to look for configuration errors in your helm chart. However, this means that the linter needs a complete values file. Because we want to develop charts that define required values that the operator should provide, we don't want to specify defaults for all the values the chart expects in the default 
values.yaml
file.

Therefore, to support this, this pre-commit hook looks for a special 

linter_values.yaml
file defined in the chart path. This will be combined with the 
values.yaml
file before running 
helm lint
. In your charts, you should define the required values in 
linter_values.yaml
.

For example, suppose you had a helm chart that defined two input values: 

containerImage
and 
containerTag
. Suppose that your chart required 
containerImage
to be defined, but not 
containerTag
. To enforce this, you created the following 
values.yaml
file for your chart: 
# values.yaml


containerImage is required and defines which image to use


containerTag specifies the image tag to use. Defaults to latest.


containerTag: latest

If you run 

helm lint
on this chart, it will fail because somewhere in your chart you will reference 
.Values.containerImage
which will be undefined with this 
values.yaml
file. To handle this, you can define a 
linter_values.yaml
file that defines 
containerImage
: 
# linter_values.yaml
containerImage: nginx

Now when the pre-commit hook runs, it will call 

helm lint
with both 
linter_values.yaml
and 
values.yaml
: 
helm lint -f values.yaml -f linter_values.yaml .

Shellcheck Arguments

To enable optional shellcheck features you can use the 

--enable
flag. Other shellcheck flags can not be passed through. 
repos:
  - repo: https://github.com/gruntwork-io/pre-commit
    rev: 
    hooks:
      - id: shellcheck
        args: ["--enable require-variable-braces,deprecate-which"]

License

This code is released under the Apache 2.0 License. Please see LICENSE and NOTICE for more details.

Copyright © 2019 Gruntwork, Inc.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.