antonbabenko · rahulmlokurte · Jan 4, 2022 · Jan 4, 2022 · Jan 4, 2022 · Jan 5, 2022
@@ -1,6 +1,6 @@
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.0.1
+  rev: v4.1.0
   hooks:
     # Git style
     - id: check-added-large-files

@@ -111,3 +111,12 @@
   files: \.tf$
   exclude: \.terraform\/.*$
   require_serial: true
+
+- id: terrafmt
+  name: terrafmt
+  description: Runs terrafmt on Markdown files.
+  language: script
+  entry: terrafmt.sh
+  files: \.md$
+  exclude: \.md\/.*$
+  require_serial: true
@@ -12,7 +12,6 @@ RUN apk add --no-cache \
 
 ARG PRE_COMMIT_VERSION=${PRE_COMMIT_VERSION:-latest}
 ARG TERRAFORM_VERSION=${TERRAFORM_VERSION:-latest}
-
 # Install pre-commit
 RUN [ ${PRE_COMMIT_VERSION} = "latest" ] && pip3 install --no-cache-dir pre-commit \
     || pip3 install --no-cache-dir pre-commit==${PRE_COMMIT_VERSION}
@@ -34,6 +33,7 @@ ARG TERRAGRUNT_VERSION=${TERRAGRUNT_VERSION:-false}
 ARG TERRASCAN_VERSION=${TERRASCAN_VERSION:-false}
 ARG TFLINT_VERSION=${TFLINT_VERSION:-false}
 ARG TFSEC_VERSION=${TFSEC_VERSION:-false}
+ARG TERRAFMT_VERSION=${TERRAFMT_VERSION:-false}
 
 
 # Tricky thing to install all tools by set only one arg.
@@ -47,7 +47,8 @@ RUN if [ "$INSTALL_ALL" != "false" ]; then \
         echo "export TERRAGRUNT_VERSION=latest" >> /.env && \
         echo "export TERRASCAN_VERSION=latest" >> /.env && \
         echo "export TFLINT_VERSION=latest" >> /.env && \
-        echo "export TFSEC_VERSION=latest" >> /.env \
+        echo "export TFSEC_VERSION=latest" >> /.env && \
+        echo "export TERRAFMT_VERSION=latest" >> /.env \
     ; else \
         touch /.env \
     ; fi
@@ -126,6 +127,13 @@ RUN . /.env && \
     ) && chmod +x tfsec \
     ; fi
 
+RUN . /.env && \
+    if [ "TERRAFMT_VERSION" != "false" ]; then \
+    ( \
+       curl -L "https://github.com/katbyte/terrafmt/archive/refs/tags/v0.3.0.zip" > terrafmt.zip \
+    ) && unzip terrafmt.zip && rm terrafmt.zip \
+    ; fi
+
 # Checking binaries versions and write it to debug file
 RUN . /.env && \
     F=tools_versions_info && \
@@ -138,6 +146,7 @@ RUN . /.env && \
     (if [ "$TERRASCAN_VERSION"      != "false" ]; then echo "terrascan $(./terrascan version)" >> $F; else echo "terrascan SKIPPED" >> $F      ; fi) && \
     (if [ "$TFLINT_VERSION"         != "false" ]; then ./tflint --version >> $F;                      else echo "tflint SKIPPED" >> $F         ; fi) && \
     (if [ "$TFSEC_VERSION"          != "false" ]; then echo "tfsec $(./tfsec --version)" >> $F;       else echo "tfsec SKIPPED" >> $F          ; fi) && \
+    (if [ "$TERRAFMT_VERSION"       != "false" ]; then echo "terrafmt $(terrafmt version)" >> $F;     else echo "terrafmt SKIPPED" >> $F       ; fi) && \
     echo -e "\n\n" && cat $F && echo -e "\n\n"
 
 

@@ -62,6 +62,7 @@ If you are using `pre-commit-terraform` already or want to support its developme
 * [`TFSec`](https://github.com/liamg/tfsec) required for `terraform_tfsec` hook.
 * [`infracost`](https://github.com/infracost/infracost) required for `infracost_breakdown` hook.
 * [`jq`](https://github.com/stedolan/jq) required for `infracost_breakdown` hook.
+* [`terrafmt`](https://github.com/katbyte/terrafmt) required for `terraform_fmt` hook.
 
 <details><summary><b>Docker</b></summary><br>
 
@@ -225,6 +226,7 @@ There are several [pre-commit](https://pre-commit.com/) hooks to keep Terraform
 | `terragrunt_fmt`                                       | Reformat all [Terragrunt](https://github.com/gruntwork-io/terragrunt) configuration files (`*.hcl`) to a canonical format.                                                                                                                   | `terragrunt`                                                                         |
 | `terragrunt_validate`                                  | Validates all [Terragrunt](https://github.com/gruntwork-io/terragrunt) configuration files (`*.hcl`)                                                                                                                                         | `terragrunt`                                                                         |
 | `terrascan`                                            | [terrascan](https://github.com/accurics/terrascan) Detect compliance and security violations. [Hook notes](#terrascan)                                                                                                                                               | `terrascan`                                                                          |
+| `terrafmt`                                             | [terrafmt](https://github.com/katbyte/terrafmt) Format terraform blocks embedded in files.                                                                                                                                                   | `terrafmt`                                                                           |
 <!-- markdownlint-enable no-inline-html -->
 
 Check the [source file](https://github.com/antonbabenko/pre-commit-terraform/blob/master/.pre-commit-hooks.yaml) to know arguments used for each hook.
@@ -568,6 +570,19 @@ Example:
 3. Use `--skip-rules="ruleID1,ruleID2"` parameter to skip one or more rules globally while scanning (e.g.: `--args=--skip-rules="ruleID1,ruleID2"`).
 4. Use the syntax `#ts:skip=RuleID optional_comment` inside a resource to skip the rule for that resource.
 
+### terrafmt
+
+1. `terrafmt` supports custom arguments so you can pass [supported flags](https://github.com/katbyte/terrafmt#usage) like `diff` and `fmt` to see what would be formatted and to format the blocks respectively:
+
+    ```yaml
+    - id: terrafmt
+      args:
+        - --args=diff
+        - --args=fmt
+     ```
+
+     See the `terrafmt --help` command line help for available options
+
 ## Authors
 
 This repository is managed by [Anton Babenko](https://github.com/antonbabenko) with help from these awesome contributors:

@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+set -eo pipefail
+
+main() {
+  initialize_
+  parse_cmdline_ "$@"
+  terrafmt_
+}
+
+initialize_() {
+  # get directory containing this script
+  local dir
+  local source
+  source="${BASH_SOURCE[0]}"
+  while [[ -L $source ]]; do # resolve $source until the file is no longer a symlink
+    dir="$(cd -P "$(dirname "$source")" > /dev/null && pwd)"
+    source="$(readlink "$source")"
+    # if $source was a relative symlink, we need to resolve it relative to the path where the symlink file was located
+    [[ $source != /* ]] && source="$dir/$source"
+  done
+  _SCRIPT_DIR="$(dirname "$source")"
+
+  # source getopt function
+  # shellcheck source=lib_getopt
+  . "$_SCRIPT_DIR/lib_getopt"
+}
+
+parse_cmdline_() {
+  declare argv
+  argv=$(getopt -o a: --long args: -- "$@") || return
+  eval "set -- $argv"
+
+  for argv; do
+    case $argv in
+      -a | --args)
+        shift
+        ARGS+=("$1")
+        shift
+        ;;
+      --)
+        shift
+        break
+        ;;
+    esac
+  done
+}
+
+terrafmt_() {
+  find . | grep -E "README.md" | sort | while read -r f; do
+    echo "terrafmt: $f"
+    terrafmt "${ARGS[@]}" "$f"
+  done
+}
+
+# global arrays
+declare -a ARGS=()
+
+[[ ${BASH_SOURCE[0]} != "$0" ]] || main "$@"