forked from sheeeng/terraform-pull-request-commenter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.pre-commit-config.yaml
232 lines (232 loc) · 8.46 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
default_install_hook_types: [pre-commit]
files: ""
exclude: "^$"
fail_fast: true
minimum_pre_commit_version: "2.3.0"
repos:
- repo: https://github.com/gruntwork-io/pre-commit
rev: v0.1.20
hooks:
- id: tflint
args:
- "--module"
- id: terraform-validate
- id: terraform-fmt
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.77.2
hooks:
- id: terraform_tfsec
- id: terraform_docs
- id: terraform_checkov
args:
- --args=--directory .
- --args=--download-external-modules false
- --args=--include-all-checkov-policies
- --args=--quiet
- --args=--summary-position bottom
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
- id: check-added-large-files
name: check for added large files
description: prevents giant files from being committed.
entry: check-added-large-files
language: python
stages: [commit, push, manual]
- id: check-ast
name: check python ast
description: simply checks whether the files parse as valid python.
entry: check-ast
language: python
types: [python]
- id: check-byte-order-marker
name: "check BOM - deprecated: use fix-byte-order-marker"
description: forbids files which have a utf-8 byte-order marker.
entry: check-byte-order-marker
language: python
types: [text]
- id: check-builtin-literals
name: check builtin type constructor use
description: requires literal syntax when initializing empty or zero python builtin types.
entry: check-builtin-literals
language: python
types: [python]
- id: check-case-conflict
name: check for case conflicts
description: checks for files that would conflict in case-insensitive filesystems.
entry: check-case-conflict
language: python
- id: check-docstring-first
name: check docstring is first
description: checks a common error of defining a docstring after code.
entry: check-docstring-first
language: python
types: [python]
- id: check-executables-have-shebangs
name: check that executables have shebangs
description: ensures that (non-binary) executables have a shebang.
entry: check-executables-have-shebangs
language: python
types: [text, executable]
stages: [commit, push, manual]
- id: check-json
name: check json
description: checks json files for parseable syntax.
entry: check-json
language: python
types: [json]
- id: check-shebang-scripts-are-executable
name: check that scripts with shebangs are executable
description: ensures that (non-binary) files with a shebang are executable.
entry: check-shebang-scripts-are-executable
language: python
types: [text]
stages: [commit, push, manual]
- id: pretty-format-json
name: pretty format json
description: sets a standard for formatting json files.
entry: pretty-format-json
language: python
types: [json]
args: ["--no-sort-keys"]
- id: check-merge-conflict
name: check for merge conflicts
description: checks for files that contain merge conflict strings.
entry: check-merge-conflict
language: python
types: [text]
- id: check-symlinks
name: check for broken symlinks
description: checks for symlinks which do not point to anything.
entry: check-symlinks
language: python
types: [symlink]
- id: check-toml
name: check toml
description: checks toml files for parseable syntax.
entry: check-toml
language: python
types: [toml]
- id: check-vcs-permalinks
name: check vcs permalinks
description: ensures that links to vcs websites are permalinks.
entry: check-vcs-permalinks
language: python
types: [text]
- id: check-xml
name: check xml
description: checks xml files for parseable syntax.
entry: check-xml
language: python
types: [xml]
- id: check-yaml
name: check yaml
description: checks yaml files for parseable syntax.
entry: check-yaml
language: python
types: [yaml]
- id: debug-statements
name: debug statements (python)
description: checks for debugger imports and py37+ `breakpoint()` calls in python source.
entry: debug-statement-hook
language: python
types: [python]
- id: destroyed-symlinks
name: detect destroyed symlinks
description: detects symlinks which are changed to regular files with a content of a path which that symlink was pointing to.
entry: destroyed-symlinks
language: python
types: [file]
- id: detect-aws-credentials
name: detect aws credentials
description: detects *your* aws credentials from the aws cli credentials file.
entry: detect-aws-credentials
language: python
types: [text]
- id: detect-private-key
name: detect private key
description: detects the presence of private keys.
entry: detect-private-key
language: python
types: [text]
- id: double-quote-string-fixer
name: fix double quoted strings
description: replaces double quoted strings with single quoted strings.
entry: double-quote-string-fixer
language: python
types: [python]
- id: end-of-file-fixer
name: fix end of files
description: ensures that a file is either empty, or ends with one newline.
entry: end-of-file-fixer
language: python
types: [text]
stages: [commit, push, manual]
- id: file-contents-sorter
name: file contents sorter
description: sorts the lines in specified files (defaults to alphabetical). you must provide list of target files as input in your .pre-commit-config.yaml file.
entry: file-contents-sorter
language: python
files: "^$"
- id: fix-byte-order-marker
name: fix utf-8 byte order marker
description: removes utf-8 byte order marker.
entry: fix-byte-order-marker
language: python
types: [text]
- id: fix-encoding-pragma
name: fix python encoding pragma
description: "adds # -*- coding: utf-8 -*- to the top of python files."
language: python
entry: fix-encoding-pragma
types: [python]
- id: forbid-new-submodules
name: forbid new submodules
description: prevents addition of new git submodules.
language: python
entry: forbid-new-submodules
types: [directory]
- id: forbid-submodules
name: forbid submodules
description: forbids any submodules in the repository
language: fail
entry: "submodules are not allowed in this repository:"
types: [directory]
- id: mixed-line-ending
name: mixed line ending
description: replaces or checks mixed line ending.
entry: mixed-line-ending
language: python
types: [text]
- id: name-tests-test
name: python tests naming
description: verifies that test files are named correctly.
entry: name-tests-test
language: python
files: (^|/)tests/.+\.py$
- id: no-commit-to-branch
name: "don't commit to branch"
entry: no-commit-to-branch
language: python
pass_filenames: false
always_run: true
args: ["--branch", "master", "--branch", "staging"]
- id: requirements-txt-fixer
name: fix requirements.txt
description: sorts entries in requirements.txt.
entry: requirements-txt-fixer
language: python
files: (requirements|constraints).*\.txt$
- id: sort-simple-yaml
name: sort simple yaml files
description: sorts simple yaml files which consist only of top-level keys, preserving comments and blocks.
language: python
entry: sort-simple-yaml
files: "^$"
- id: trailing-whitespace
name: trim trailing whitespace
description: trims trailing whitespace.
entry: trailing-whitespace-fixer
language: python
types: [text]
stages: [commit, push, manual]