From 31b662a5764f8f023c8b2acab8aeab9a687cc857 Mon Sep 17 00:00:00 2001
From: Joachim Hill-Grannec <joachim.hill@gmail.com>
Date: Thu, 22 Feb 2024 16:31:52 -0600
Subject: [PATCH] feat: add pre-commit checks

---
 .github/workflows/lint-tf.yaml                | 17 --------
 .github/workflows/lint-yaml.yaml              | 16 -------
 .github/workflows/pre-commit.yaml             | 18 ++++++++
 .pre-commit-config.yaml                       | 43 +++++++++++++++++++
 .tflint.hcl                                   |  2 +-
 Makefile                                      | 17 --------
 commitlint.config.js                          |  1 +
 docs/README.md                                |  3 +-
 .../replacements/kustomization.yaml           |  2 -
 .../components/crossplane/kustomization.yaml  |  1 -
 gitops/components/crossplane/resources.yaml   |  1 -
 gitops/components/s3-csi/kustomization.yaml   |  1 -
 gitops/components/s3-csi/resources.yaml       |  1 -
 .../components/whereabouts/kustomization.yaml |  1 -
 terraform/example/main.tf                     |  3 ++
 15 files changed, 67 insertions(+), 60 deletions(-)
 delete mode 100644 .github/workflows/lint-tf.yaml
 delete mode 100644 .github/workflows/lint-yaml.yaml
 create mode 100644 .github/workflows/pre-commit.yaml
 create mode 100644 .pre-commit-config.yaml
 delete mode 100644 Makefile
 create mode 100644 commitlint.config.js

diff --git a/.github/workflows/lint-tf.yaml b/.github/workflows/lint-tf.yaml
deleted file mode 100644
index dd596de..0000000
--- a/.github/workflows/lint-tf.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-name: Lint TF files
-on:
-  pull_request:
-    paths:
-      - '**.tf'
-    branches:
-      - main
-
-jobs:
-  lint-tf:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: terraform-linters/setup-tflint@v4.0.0
-        with:
-          tflint_version: v0.45.0
-      - run: make lint-tf
diff --git a/.github/workflows/lint-yaml.yaml b/.github/workflows/lint-yaml.yaml
deleted file mode 100644
index 4d38ff4..0000000
--- a/.github/workflows/lint-yaml.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-name: Lint YAML files
-on:
-  pull_request:
-    paths:
-      - '**.yaml'
-      - '**.yml'
-    branches:
-      - main
-
-jobs:
-  lint-yaml:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - run: sudo apt-get install -y yamllint
-      - run: make lint-yaml
diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
new file mode 100644
index 0000000..ccca5cf
--- /dev/null
+++ b/.github/workflows/pre-commit.yaml
@@ -0,0 +1,18 @@
+name: pre-commit
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: install pre-commit
+        run: pip install pre-commit
+      - name: pre-commit
+        run: pre-commit run --all-files --show-diff-on-failure
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..86e9303
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,43 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.5.0
+  hooks:
+    - id: check-merge-conflict
+    - id: end-of-file-fixer
+    - id: trailing-whitespace
+    - id: forbid-submodules
+- repo: https://github.com/adrienverge/yamllint
+  rev: v1.35.1
+  hooks:
+    - id: yamllint
+      args: [--strict, -c=.yamllint]
+- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
+  rev: v9.11.0
+  hooks:
+    - id: commitlint
+      stages: [commit-msg]
+      additional_dependencies: ['@commitlint/config-conventional']
+- repo: https://github.com/antonbabenko/pre-commit-terraform
+  rev: v1.85.0
+  hooks:
+    - id: terraform_fmt
+    - id: terraform_wrapper_module_for_each
+#    - id: terraform_validate
+    - id: terraform_docs
+      args:
+        - '--args=--lockfile=false'
+    - id: terraform_tflint
+#      args:
+#        - '--args=--only=terraform_deprecated_interpolation'
+#        - '--args=--only=terraform_deprecated_index'
+#        - '--args=--only=terraform_unused_declarations'
+#        - '--args=--only=terraform_comment_syntax'
+#        - '--args=--only=terraform_documented_outputs'
+#        - '--args=--only=terraform_documented_variables'
+#        - '--args=--only=terraform_typed_variables'
+#        - '--args=--only=terraform_module_pinned_source'
+#        - '--args=--only=terraform_naming_convention'
+#        - '--args=--only=terraform_required_version'
+#        - '--args=--only=terraform_required_providers'
+#        - '--args=--only=terraform_standard_module_structure'
+#        - '--args=--only=terraform_workspace_remote'
diff --git a/.tflint.hcl b/.tflint.hcl
index 169c89a..d60efed 100644
--- a/.tflint.hcl
+++ b/.tflint.hcl
@@ -2,4 +2,4 @@ plugin "aws" {
     enabled = true
     version = "0.30.0"
     source  = "github.com/terraform-linters/tflint-ruleset-aws"
-}
\ No newline at end of file
+}
diff --git a/Makefile b/Makefile
deleted file mode 100644
index 6b0c07c..0000000
--- a/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
-.PHONY: lint
-lint: lint-tf lint-yaml
-
-# TODO: fail on exit 1 but not 2
-.PHONY: lint-tf
-lint-tf:
-	tflint --init
-	tflint --recursive || echo "Temp bypass and need to figure out warnings"
-
-
-.PHONY: lint-yaml
-lint-yaml:
-	yamllint -c .yamllint .
-
-.PHONY: format
-format:
-	terraform fmt -recursive
diff --git a/commitlint.config.js b/commitlint.config.js
new file mode 100644
index 0000000..3347cb9
--- /dev/null
+++ b/commitlint.config.js
@@ -0,0 +1 @@
+module.exports = {extends: ['@commitlint/config-conventional']};
diff --git a/docs/README.md b/docs/README.md
index 561eb86..c802398 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -1,5 +1,4 @@
-![TF Lint](https://github.com/pelotech/foundation/actions/workflows/lint-tf.yaml/badge.svg)
-![YAML Lint](https://github.com/pelotech/foundation/actions/workflows/lint-yaml.yaml/badge.svg)
+![pre-commit](https://github.com/pelotech/foundation/actions/workflows/pre-commit.yaml/badge.svg)
 ![Publish-Kustomizations](https://github.com/pelotech/foundation/actions/workflows/publish-kustomizations.yaml/badge.svg)
 
 
diff --git a/gitops/base-install/replacements/kustomization.yaml b/gitops/base-install/replacements/kustomization.yaml
index 049bf14..877ed0e 100644
--- a/gitops/base-install/replacements/kustomization.yaml
+++ b/gitops/base-install/replacements/kustomization.yaml
@@ -130,5 +130,3 @@ replacements:
           name: cert-manager
         fieldPaths:
           - spec.source.helm.valuesObject.serviceAccount.annotations.[eks.amazonaws.com/role-arn]
-
-
diff --git a/gitops/components/crossplane/kustomization.yaml b/gitops/components/crossplane/kustomization.yaml
index 1269ca6..0e9cb63 100644
--- a/gitops/components/crossplane/kustomization.yaml
+++ b/gitops/components/crossplane/kustomization.yaml
@@ -19,4 +19,3 @@ patches:
         value:
           namespace: crossplane-system
           server: https://kubernetes.default.svc
-
diff --git a/gitops/components/crossplane/resources.yaml b/gitops/components/crossplane/resources.yaml
index 68aa7bb..d44b7e9 100644
--- a/gitops/components/crossplane/resources.yaml
+++ b/gitops/components/crossplane/resources.yaml
@@ -21,4 +21,3 @@ spec:
     targetRevision: 1.14.5
     helm:
       releaseName: crossplane
-
diff --git a/gitops/components/s3-csi/kustomization.yaml b/gitops/components/s3-csi/kustomization.yaml
index 4d79243..254785a 100644
--- a/gitops/components/s3-csi/kustomization.yaml
+++ b/gitops/components/s3-csi/kustomization.yaml
@@ -34,4 +34,3 @@ replacements:
           name: s3-csi
         fieldPaths:
           - spec.source.helm.valuesObject.node.serviceAccount.annotations.[eks.amazonaws.com/role-arn]
-
diff --git a/gitops/components/s3-csi/resources.yaml b/gitops/components/s3-csi/resources.yaml
index 45baa65..c501989 100644
--- a/gitops/components/s3-csi/resources.yaml
+++ b/gitops/components/s3-csi/resources.yaml
@@ -28,4 +28,3 @@ spec:
             annotations:
               eks.amazonaws.com/role-arn: S3_CSI_ROLE_ARN
               eks.amazonaws.com/sts-regional-endpoints: "true"
-
diff --git a/gitops/components/whereabouts/kustomization.yaml b/gitops/components/whereabouts/kustomization.yaml
index 516562d..15b7213 100644
--- a/gitops/components/whereabouts/kustomization.yaml
+++ b/gitops/components/whereabouts/kustomization.yaml
@@ -14,4 +14,3 @@ patches:
       - op: add
         path: /spec/sourceRepos/-
         value: registry-1.docker.io/bitnamicharts
-
diff --git a/terraform/example/main.tf b/terraform/example/main.tf
index 4662314..c780a8d 100644
--- a/terraform/example/main.tf
+++ b/terraform/example/main.tf
@@ -21,6 +21,9 @@ provider "aws" {
   region = "us-west-2"
 }
 data "aws_caller_identity" "current" {}
+output "account_id" {
+  value = data.aws_caller_identity.current.account_id
+}
 resource "aws_ebs_encryption_by_default" "us_west_2" {
   enabled = true
 }