-
Notifications
You must be signed in to change notification settings - Fork 7
/
.pre-commit-config.yaml
32 lines (32 loc) · 1.42 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.68.1 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
hooks:
- id: terraform_fmt
- id: terraform_docs
args: ['--args=--lockfile=false', '--args=--indent=3']
- id: terraform_tflint
args: [
# --args=--module, # TODO enable it after ensuring `terraform init`
# --args=--only=terraform_comment_syntax,
--args=--only=terraform_deprecated_interpolation,
--args=--only=terraform_deprecated_index,
# --args=--only=terraform_documented_variables,
--args=--only=terraform_module_pinned_source,
--args=--only=terraform_naming_convention,
# --args=--only=terraform_required_providers,
# --args=--only=terraform_required_version,
# --args=--only=terraform_unused_declarations,
--args=--only=terraform_workspace_remote,
]
- repo: https://github.com/bridgecrewio/checkov.git
rev: '2.2.125'
hooks:
- id: checkov
verbose: true
args: [
--compact,
--quiet,
--skip-check, "CKV_GCP_26,CKV_GCP_32,CKV_GCP_35,CKV_GCP_36,CKV_GCP_39,CKV_GCP_40,CKV_GCP_76,CKV_GCP_62,CKV_GCP_37,CKV_GCP_38,CKV_GCP_74,CKV_GCP_83,CKV2_GHA_1,CKV_SECRET_6",
--soft-fail-on, "CKV_GCP_37,CKV_GCP_38,CKV_GCP_74,CKV_GCP_83,CKV2_GHA_1",
]