antonbabenko / pre-commit-terraform Goto Github PK

Hi all,

I'm running pre-commit run -a and the Terraform docs emits a Failure, but doesn't update the readme. I get an error that a module directory can't be found:

Terraform docs...........................................................Failed
- hook id: terraform_docs
- exit code: 1

2020/02/13 11:31:39 Failed to read module directory: Module directory /var/folders/nh/3_wcty396z3bqg1nsjxjmxqm0000gq/T//terraform-docs-CWUNv7Sw6d.tf does not exist or cannot be read.

And then the README won't update. I'm currently on this version:
pre-commit 2.0.1

And this is what my yaml file looks like:

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.21.0
  hooks:
    - id: terragrunt_fmt
    - id: terraform_fmt
    - id: terraform_docs
    - id: terraform_tflint
      exclude: ^test/

I can see that in the later versions of this project the two existing validate hooks have been reduced to one (terraform_validate_with_variables.sh and terraform_validate_no_variables.sh -> terraform_validate.sh)

The hooks file still suggests this single hook validates without checking variables:

But the script itself does not specify -check-variables and so seems to default to true, as per the docs:
https://www.terraform.io/docs/commands/validate.html#check-variables-true

Please could you clarify the intended behaviour/reasoning behind dropping the option to not check variables? Would you accept a PR that re-introduced the option to skip the variable check without duplicating the script and creating a separate hook (e.g. allowing the hook to accept an argument to skip the checks).

Our project structure is such that some variables are only defined by external files, passed in via -var-file arguments to Terraform, and therefore do not validate successfully on their own

Many thanks

How reproduce

Working code:

staged README.md

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

staged vars.tf

variable "ingress_cidr_blocks" {
  description = "Bzzzzz"
  type = list(
    object({
      # description = string
      cidr_blocks = string
      from_port   = number
      to_port     = number
      protocol    = string
    })
  )

  default = [
    {
      description = "SG"
      cidr_blocks = "10.0.0.0/32"
      from_port   = 22
      to_port     = 22
      protocol    = "tcp"
    },
  ]
}

provider "aws" {
  region = "eu-west-1"
}

If uncomment # description = string - terraform_docs failed:

Terraform docs...........................................................Failed
hookid: terraform_docs

2019/09/09 18:19:45 At 4:21: Unknown token: 4:21 IDENT string

Root case

Error happens because awk rewrite this type to next construction:

variable "ingress_cidr_blocks" {
  description = "Bzzzzz"
  type = "list("
      description = string
  default = [
    {
      description = "SG"
      cidr_blocks = "10.0.0.0/32"
      from_port   = 22
      to_port     = 22
      protocol    = "tcp"
    },
  ]
}

Suggestion

"type" need be rewrite to "multiline", but I spend about 2 hours on it and not get excepted result.
I made crutch that fix error, but it will be good have full value, as in "default" block.

Workaround

Just not specify description field in complex types.

If temp files need to be a part of this hook, I'd suggest putting them in a standard tucked away temp file location on the system. Since you're using bash anyway, we can assume Windows isn't supported unless through WSL. Consider sticking temp files in /tmp/ and having some cleanup logic if the hook fails.

Hello,

Frist, thank you so much for the shared pre-commit code. i am referencing this original repo in pre-config yaml but somehow both validation with / without variable ones are not working as expected. see below.

λ cat .pre-commit-config.yaml

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.7.3
  hooks:
    - id: terraform_fmt
    - id: terraform_validate_no_variables
    - id: terraform_validate_with_variables

λ pre-commit install
pre-commit installed at C:\Cloud\Github\pre-commit\tf-test3\tf-test3.git\hooks\pre-commit

λ git status
modified: main.tf

λcat main.tf

provider "aws" {}
resource "aws_s3_bucket_test1" "b" "e" "f" {
  bucket1                   = "my-tf-test-bucket-1"
  acl     = "private"
}
provider "aws" {}
resource "aws_s3_bucket_test2" "b" "c" "d" {
  bucket1 = "my-tf-test-bucket-2"
  acl                 = "private-public"
}

λ git commit -m "main.tf add"
Terraform fmt............................................................Failed
hookid: terraform_fmt

Files were modified by this hook. Additional output:
main.tf

Terraform validate without variables.....................................Passed
Terraform validate with variables........................................Passed

We can see here that fmt working as expected but somehow validation hooks are not catching the issues in main.tf file ( which shouldn't go through validation passed ).

Really appreciate help on this.

I kept getting this error when trying to use the terraform_docs hook:

Terraform Docs...........................................................Failed
hookid: terraform_docs

sed: 1: "/BEGINNING OF PRE-COMMI ...": unexpected EOF (pending }'s)

Further inspection revealed this is a limitation of the BSD sed shipping with the latest macOS:

$ sed -i -n '/BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK/{p;:a;N;/END OF PRE-COMMIT-TERRAFORM DOCS HOOK/!ba;s/.*\n/I_WANT_TO_BE_REPLACED\n/};p' README.md
sed: 1: "/BEGINNING OF PRE-COMMI ...": unexpected EOF (pending }'s)

Running the same command using GNU sed (installed as gsed by Homebrew):

$ gsed -i -n '/BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK/{p;:a;N;/END OF PRE-COMMIT-TERRAFORM DOCS HOOK/!ba;s/.*\n/I_WANT_TO_BE_REPLACED\n/};p' README.md
$ cat README.md 
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
I_WANT_TO_BE_REPLACED
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

I'd like to see the tflint pre-commit script have --deep be an optional argument rather than the default. I believe --deep only works with AWS and causes issues if you attempt to run it for GCP or Azure infrastructure.

.tfvars files are skipped when the extension is set in .pre-commit-hooks.yaml

name: Terraform fmt
description: Rewrites all Terraform configuration files to a canonical format.
entry: terraform_fmt.sh
language: script
files: \.tfvars$

$ pre-commit run terraform_fmt

Terraform fmt........................................(no files to check)Skipped

Hello,

Now that this issue appears to be resolved, maybe we can run terraform-docs withouth the hacky awk workaround :)

The terraform_docs plugin is failing on terraform 0.11.x.

$ pre-commit run -a terraform_docs
Terraform docs...........................................................Failed
- hook id: terraform_docs
- exit code: 1

It's caused by a combination of set -e and this line:

hack_terraform_docs=$(terraform version | head -1 | grep -c 0.12)

This exits with error code 1 on terraform 0.11.x, and the set -e causes the script to exit.

Working on a fix...

Need to improve the awk hack to probably convert default = null to default = "null" so terraform-docs can parse it.

Right now I get:
2019/06/17 17:41:15 At 17:17: Unknown token: 17:17 IDENT null

Hi,

This is connected to #45 that was fixed in v1.15.0. That version has fixed the issue i had with mktemp but i am getting a new error on this version:

$ pre-commit run terraform_docs -a
Terraform docs...........................................................Failed
hookid: terraform_docs

2019/06/19 10:45:22 At 62:1: expected: IDENT | STRING | ASSIGN | LBRACE got: RBRACE

But on another terraform config we have the error slightly differs:

$ pre-commit run terraform_docs -a
Trim Trailing Whitespace.................................................Passed
Fix End of Files.........................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

2019/06/19 10:48:03 At 24:11: nested object expected: LBRACE got: ASSIGN

Both of these worked previously as they have fully populated README's. I would look into this further but not sure where the files are that the error location refers too (if you point me in the right direction i am more than happy to investigate)

Thanks,

╭─ workpc ~/Projects/billing-pipeline-tf-module  ‹master*›                                                                   ╰─$ pre-commit run -a
Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

mktemp: illegal option -- -                                                                                                                             usage: mktemp [-d] [-q] [-t prefix] [-u] template ...
       mktemp [-d] [-q] [-u] -t prefix                                                                                                                  
╭─ workpc ~/Projects/billing-pipeline-tf-module  ‹master*›                                                                   ╰─$ cat .pre-commit-config.yaml                                                                                                                   127 ↵
- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.14.0
  hooks:
    - id: terraform_fmt
    - id: terraform_docs

mktemp doesn't seem to be working on Mac.

Not sure why yet but this hook runs in the .terraform dir for me but from the code it looks like that dir should be ignored?

I will investigate further and post an update.

it's unclear from the documentation that various hooks don't work unless you install a separate tool into the path. It would be great to call this out on README. I was running terraform_docs_replace and it was just writing an empty file. I had to dive into the code to determine that it requires a separate install.

Does pre-commit not support a way to install the dependencies? Unfortunately, my team won't be able to use those hooks since it doesn't automatically install them.

Clone this repo: https://github.com/djgoku/pre-commit-terraform-docs-failure

see README.md in master for output for both 1.7.3 vs 1.7.4 version.

When something get wrong, it doesn't show the file path and it is very useful.

❯ git commit -v
[WARNING] Unstaged files detected.
[INFO] Stashing unstaged files to /Users/robinho/.cache/pre-commit/patch1562252730.
Terraform fmt............................................................Failed
hookid: terraform_fmt

Files were modified by this hook. Additional output:

cluster.tf

Error: Invalid block definition

  on vars.tf line 20:
  (source code not available)

A block definition must have block content delimited by "{" and "}", starting
on the same line as the block header.

Would it be possible to support running the docker versions of the executables?

i.e.
terraform -> docker run -i -t hashicorp/terraform:light
tflint -> docker run --rm -v $(pwd):/data -t wata727/tflint

Consider adding Checkov.
Checkov now has a documented pre-commit integration:
https://bridgecrewio.github.io/checkov/4.Integrations/pre-commit.html

pre-commit configuration is available at:
https://github.com/bridgecrewio/checkov/blob/master/.pre-commit-hooks.yaml

Hi
My modules contains examples/ folder with implementation example. After upgrade of pre-commit-terraform and my code to 0.12.x the validate without variables stopped working for subfolders complaining that module wasn't initialised but it actually was.

My hook config:

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.17.0
  hooks:
    - id: terraform_fmt
    - id: terraform_docs
    - id: terraform_validate

Error:
pre-commit run -a
Terraform fmt............................................................Passed
Terraform docs...........................................................Passed
Terraform validate without variables.....................................Failed
hookid: terraform_validate

Success! The configuration is valid.


Failed path: examples
================================

Error: Module not installed

  on examples/main.tf line 6:
   6: module "s3_bucket" {

This module is not yet installed. Run "terraform init" to install all modules
required by this configuration.

I've added the following to my pre-commit config:

repos:
  - repo: git://github.com/antonbabenko/pre-commit-terraform
    rev: v1.25.0
    hooks:
      - id: terraform_fmt
      - id: terraform_validate
      - id: terraform_tflint
        args: ['--deep']

but:

$ pre-commit run -a
Terraform fmt............................................................Passed
Terraform validate without variables.....................................Passed
Terraform validate with tflint...........................................Failed
- hook id: terraform_tflint
- exit code: 1

getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'
getopt: unrecognized option '--deep'

Hi
It would be cool if terraform_fmt would add the changes done to the file to the commit. Right know, if you don't format the files, the process is:

• git add
• git commit
• the hook modifies the unformatted file, formatting it
• git add
• git commit

It may be:

• git add
• git commit
• the hook modifies the unformatted file, formatting it, and adds it to the commit

I remember this happening automatically with this hook a couple of months ago, but I can't reproduce it, so maybe I'm just wrong.

PD: Thanks for your work, it's awesome.

The terraform_docs_replace hook uses sed, rather than taking care of the cleaning up of the document using native Python. Removing the dependency on sed will make this hook more platform agnostic.

Hello, for my typical terraform + terragrunt repo with following .tflint.hcl configuration:

config {
  module     = true
  deep_check = false
  force      = false
}

And following hook configuration:

  - repo: git://github.com/antonbabenko/pre-commit-terraform
    rev: v1.21.0
    hooks:
      - id: terraform_fmt
      - id: terraform_validate
      - id: terraform_tflint
        args: [' --config .tflint.hcl']
      - id: terragrunt_fmt

Getting following errors:

/Users/user/.cache/pre-commit/repo31phc1no/terraform_tflint.sh: line 42: pushd --config .tflint.hcl modules/dynamodb-table/dynamodb-table.tf modules/dynamodb-table/dynamodb-table-outputs.tf modules/s3-state-bucket: No such file or directory

You can see below.

pre-commit run -a
Check for merge conflicts................................................Passed
Trim Trailing Whitespace.................................................Passed
Check JSON...............................................................Passed
Check Yaml...............................................................Passed
Detect Private Key.......................................................Passed
Detect AWS Credentials...................................................Passed
Don't commit to branch...................................................Passed
Pretty format JSON.......................................................Passed
Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

2019/09/06 10:53:17 At 60:1: expected: IDENT | STRING | ASSIGN | LBRACE got: RBRACE

Non-executable shell script filename ends in .sh.........................Passed
Check shell style with shfmt.............................................Passed

Maybe being a bit more verbose? Though that looks like Terraform to me? HCL2 syntax?

Thanks for the update...however, I received the following error when running:

Check for merge conflicts................................................Passed
Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

mktemp: failed to create file via template ‘/tmpterraform-docs-XXXXXXXXXX’: Permission denied

Looked at code and ran export TMPDIR=/tmp/, then:

$ pre-commit run -a
Check for merge conflicts................................................Passed
Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

2019/06/18 11:15:40 At 34:15: nested object expected: LBRACE got: ASSIGN

Thanks!

Remaining to-do:

• Allow to specify filename to update (default, README.md) Estimate: 1 hour. Code Done by #245
• Check for changes not only in tf files, probably (but also in README.md)

There is this great blog post by @davidbegin:

• http://www.davidbegin.com/using-terraform-docs-to-automate-keeping-your-terraform-modules-documenting/

Here is the variable it hasn't been able to handle.

  type = list(object({
    name            = string
    category        = string
    owner           = string
    provider        = string
    version         = string
    input_artifacts = list(string)
  }))
  default = [{
    name            = "Apply"
    category        = "Build"
    owner           = "AWS"
    provider        = "CodeBuild"
    version         = "1"
    input_artifacts = ["Source"]
  }]
}

This is the output:

| stages |  | object | `[ { "category": "Build", "input_artifacts": [ "Source" ], "name": "Apply", "owner": "AWS", "provider": "CodeBuild", "version": "1" } ]` | no |

When virtualbox shared folder is hosted by Windows you get all limitations of Windows filesystems (can't rename or delete open file). terraform_docs.sh script is using perl's -i option which is not working with vboxsf mountpoints - in this case perl tries to delete open file. Perl options like -i.bak also won't help since perl will try to "rename" open file.

I tried sed and it's working fine with shared folders. Possible fix could be python-native, sed or something else.

Hi @antonbabenko

When I run pre-commit I had this message:

[INFO] Initializing environment for git://github.com/pre-commit/pre-commit-hooks.
updating v0.4.2 -> 46251c9523506b68419aefdf5ff6ff2fbc4506a4.
Updating git://github.com/antonbabenko/pre-commit-terraform...[INFO] Initializing environment for git://github.com/antonbabenko/pre-commit-terraform.
[WARNING] git://github.com/antonbabenko/pre-commit-terraform uses legacy hooks.yaml to provide hooks.
In newer versions, this file is called .pre-commit-hooks.yaml
This will work in this version of pre-commit but will be removed at a later time.
If `pre-commit autoupdate` does not silence this warning consider making an issue / pull request.
[INFO] Initializing environment for git://github.com/antonbabenko/pre-commit-terraform.
updating v1.0.0 -> b50c154638d10aef306b3c5538b1813bb3c70064.

I saw you created these days a .pre-commit-hooks.yaml to work with the new pre-commit version.

Is it possible to release it as the version 1.1 ?

Here is the simplest example I could make of the problem:

Here are some tests of various versions using a README.md with the begin/end tags.

Here, I drop back to v1.7.3 and I can get terraform_docs to work again:

Here, I bump to v1.7.4 and the problem returns:

I can repeat that with any version past v1.7.3. Here's v1.9.0:

Unfortunately, I'm not sure where these hook scripts are installed, otherwise I'd try tracking down the failure myself. I'm happy to dig further myself if you can point me to where the hooks are installed so I can modify them for debugging?

It would be nice to add tflint to the checks (https://github.com/wata727/tflint)

Hi All,

I had this strange problem with the hook that it would throw me

Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

2019/07/17 16:41:09 At 6:4: illegal char

Trying to debug it I checked the file on /tmp folder. Where I discovered which line was causing the problem.

...
     3	 }
     4	output "kubeconfig" {
     5	  description = "Kubernetes configuration file for kubectl"
     6	  })
     7	output "name" {
...

On the original terraform file this had been declared in the following manner

output "kubeconfig" {
  description = "Kubernetes configuration file for kubectl"
  value = templatefile("${path.module}/templates/kubeconfig.tpl", {
    cluster_name     = var.name
    cluster_endpoint = aws_eks_cluster.this.endpoint
    cluster_ca_data  = aws_eks_cluster.this.certificate_authority[0].data
  })
}

Changing this to

output "kubeconfig" {
  description = "Kubernetes configuration file for kubectl"
  value = templatefile("${path.module}/templates/kubeconfig.tpl",
    {
      cluster_name     = var.name
      cluster_endpoint = aws_eks_cluster.this.endpoint
      cluster_ca_data  = aws_eks_cluster.this.certificate_authority[0].data
    }
  )
}

solved the problem.

I'm running terraform >0.12.0 so I believe this may happen because of the terraform_0.12 hack.

Hi, trying to use pre-commit hooks for terraform-docs but every-time the hook is passed no readme.md file is created. It works well for terraform-fmt though and modify the files accordingly. Thanks for your support!

System Information:

MacOS : 10.14.4 (18E226)
Terraform-docs : 0.6.0
Bash version : GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin18)
Terraform v0.11.13
Python 3.7.3

Files:

├── main.tf
├── output.tf
└── variable.tf

.pre-commit-hook.yaml:

  rev: v1.11.0
  hooks:
    - id: terraform_fmt
    - id: terraform_docs

Issue:

% pre-commit run -c .pre-commit-config.yaml --all-files --verbose
[terraform_fmt] Terraform fmt............................................Passed
[terraform_docs] Terraform docs..........................................Passed

Hello!

I'm not sure why but I can't add arguments to terraform_tflint hook. I'm trying to use tflint --module or any argument but I always get the following error message:

getopt: unrecognize option '--module'

Project structures

I'm using official terraform modules which are located in the .terraform file and custom modules.

.
├── .terraform
├── .pre-commit-config.yaml
├── main.tf
├── variables.tf
└── outputs.tf

or

.
├── custom_module
│   ├── main.tf
│   ├── outputs.tf
│   └── variables.tf
│
├── .terraform
├── .pre-commit-config.yaml
├── main.tf
├── outputs.tf
└── variables.tf

pre-commit-config.yaml just contains the following hooks :

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.21.0
  hooks:
    - id: terraform_tflint
      args: ['--module']

I use TFLint version 0.13.1, pre-commit 1.20.0 and pre-commit-terraform v1.21.0. pre-commit is up to date.

Is there something I'm missing ? If you have any suggestion or workaround to help us with this problem, I'd greatly appreciate it.

Hello pre-commit hook implementer!

In version 0.12.0 pre-commit has changed the default location for the file formerly known as hooks.yaml to make it more convincing for others to add more hooks.

As such, a migration has to (unfortunately) occur.

For maximum compatibility it is suggested to cp hooks.yaml .pre-commit-hooks.yaml (at least for the migration period). A copy is suggested over a symlink unless you do not care for windows compatibility (and I wouldn't blame you!).

Once the migration period is over (or you no longer care to support old versions of pre-commit), the hooks.yaml file is no longer necessary and may be deleted.

See pre-commit/pre-commit#470 for more details

Thanks again for contributing to the pre-commit ecosystem, we couldn't do it without you :)
Anthony

mawk (the default version of awk on Debian/Ubuntu) doesn't work with the terraform 0.12 awk script. gawk (and the awk in busybox) works fine. I'm not sure it's worth trying to figure out why and can probably be immediately closed.

Hopefully this note helps someone else who runs into the same thing

Using v1.19.0 of the terraform_docs hook.

With mawk

$ sudo update-alternatives --set awk /usr/bin/mawk
update-alternatives: using /usr/bin/mawk to provide /usr/bin/awk (awk) in manual mode

$ pre-commit run -a
Terraform docs...........................................................Failed
hookid: terraform_docs

Files were modified by this hook.

$ cat README.md 
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

With gawk

$ sudo update-alternatives --set awk /usr/bin/gawk
update-alternatives: using /usr/bin/gawk to provide /usr/bin/awk (awk) in manual mode

$ pre-commit run -a
Terraform docs...........................................................Failed
hookid: terraform_docs

Files were modified by this hook.

$ cat README.md 
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| test\_number |  | number | n/a | yes |
| test\_string |  | string | `"testing"` | no |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

Due to syntax changes with new Terraform version 0.12.x, this webhook will fail on terraform code that follows the new TF 0.12 syntax.

With segmentio/terraform-docs being maintained again, it would be great to leverage some new terraform-docs options, such as:

• --no-sort: no name-sorting of inputs and outputs when the order of variables should be preserved
• --with-aggregate-type-defaults: renders default values of types list and map as JSON string into the document

Ideally, the hook would support a pass-through option that relays command line arguments on to terraform-docs. @antonbabenko: Thoughts?

Is there any interest or appetite in porting the shell scripts to python to enable these pre-commit checks to work within environments where bash is not available, ex: windows?

Since v1.13.0 when terraform_docs hook began to work with Terraform 0.12 syntax, the awk script which is used to do the magic for Terraform 0.12 types does not like variables or outputs named "description".

As a result, this module - https://github.com/terraform-aws-modules/terraform-aws-security-group - can't use this hook.

How to reproduce?

1. Clone this repository
2. Clone failing terraform-aws-module repository - https://github.com/terraform-aws-modules/terraform-aws-security-group
3. cd terraform-aws-security-group
4. pre-commit try-repo ~/cloned-repo/pre-commit-terraform terraform_docs --verbose --all-files

Error:

At 1:17: Unknown token: 1:17 IDENT var.description

@cytopia, could you take a look at this?

I would expect a tool like this to operate in a very standard mode, not trying to do anything like inserting between comments. This is your design decision to make but I'd much prefer a more standard execution of the tool like:

terraform-docs md ./ | cat -s | ghead -n -1 > README.md

This approach is markdown linter compliant and supports the standard of putting your documentation in the main.tf

Can you include a license with this project?

.pre-commit-config.yaml:

repos:
- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.8.0
  hooks:
    - id: terraform_fmt
    - id: terraform_docs_replace
      args: ['--with-aggregate-type-defaults', '--sort-inputs-by-required']

There are *.tf and *.tfvars files in root and in directories.

README.md in directories is correct, but README.md in the root dir has this content:

Usage:
    terraform-docs [--no-required] [--no-sort | --sort-inputs-by-required] [--with-aggregate-type-defaults] [json | markdown | md] <path>...

PS: @RothAndrew could you please take a look and fix this.

I'm sad to be posting this because I've been struggling for days to get these simple pre-commit hooks to work. So far, the only one I've actually gotten functional is terraform_fmt. I'm aware of #59 but there's been no response there since October of 2019. Here are some details:

terraform_validate

Fails with several errors:

• Error: Module not installed
• Error: provider.aws: no suitable version installed
• Error: Could not satisfy plugin requirements

All of these are basically indicating the same thing, init has not been run in the sub-directory. There are a few problems with this:

1. init has indeed been run in each of these sub-directories but the pre-commit hook (or perhaps Terraform) doesn't seem to be aware
2. Running terraform validate from the project root directory succeeds without error

What is the pre-commit hook doing that the CLI command isn't (or vice-versa)?

terraform_tflint

I see several variations of the following error:

• ERROR: unable to resolve endpoint for service "ecs", region "", err: UnknownEndpointError: could not resolve endpoint (replace ecs with any other service we're using)
• also: Error: An error occurred while invoking DescribeSecurityGroups; MissingRegion: could not find region configuration

Now, running tflint --deep --module returns one error (the first one detailed above) so this is also probably an issue with that tool but ... is no one else using sub-directories? I find that incredibly hard to believe.

So, in the end, the only pre-commit hook I've gotten to work is terraform_fmt. Kind of disappointing as I've been extolling the value of validating & linting but am unable to deliver a working MVP to prove it due to the above problems.

Has anyone experienced these pains? Are there any workarounds or fixes for the above issues? Any advice at all? Thanks for your time & effort.

I've got a terragrunt config tree like this:

live
├── aws
│   ├── aws
│   │   ├── cloud.tfvars
│   │   ├── eu-west-1
│   │   │   ├── development
│   │   │   │   └── terraform.tfvars
│   │   │   ├── production
│   │   │   │   └── terraform.tfvars
│   │   │   ├── region.tfvars
│   │   │   └── staging
│   │   │       └── terraform.tfvars
│   │   └── us-east-1
│   │       └── development
│   └── site.tfvars
└── terraform.tfvars

I have the terraform_validate_no_variables pre-commit hook enabled and it fails with the following msg:

Error: No Terraform configuration files found in directory:

Error:

/Users/Bob/.cache/pre-commit/repo7hr9pvka/terraform_fmt.sh: line 20: pushd: $path_uniq: No such file or directory

Related code:

for path_uniq in $(echo "${paths[*]}" | tr ' ' '\n' | sort -u); do
...
done

From the pre-commit docs for Creating New Hooks:

The hook must exit nonzero on failure or modify files in the working directory (since 0.6.3).

Neither of the validation hooks in this repo will exit with a non-zero status on failure. The if ! terraform validate command uses the non-zero exit code, and then moves on. The scripts will then reach end of file and exit 0.

Because they exit 0, pre-commit interprets that as Passed and suppresses all output. For my own project, I've enabled the verbose option so that its not a no-op.

Hey guys,

running git commit -va give me this:

Terraform fmt............................................................Failed
- hook id: terraform_fmt
- files were modified by this hook

main.tf

Markdownlint.........................................(no files to check)Skipped

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.24.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
  hooks:
    - id: terraform_fmt
- repo: https://github.com/markdownlint/markdownlint
  rev: v0.8.0
  hooks:
    - id: markdownlint

we're having terraform dir in a mono-repo for now.

Terraform v0.12.19

Any ideas how to debug that?

I had to upgrade terraform-docs because of issue with a null value in variables.tf
terraform-docs/terraform-docs#161
Now pre-commit complains about the directory.

Here is some information about the versions.
pre-commit-config.yaml

- repo: git://github.com/antonbabenko/pre-commit-terraform
  rev: v1.22.0
  hooks:
    - id: terraform_fmt
    - id: terraform_docs

run pre-commit run -a

pre-commit run -a
Terraform fmt............................................................Passed
Terraform docs...........................................................Failed
hookid: terraform_docs

2020/01/14 16:27:41 Failed to read module directory: Module directory /var/folders/_v/n250j8397bj273wj64d3rz180000gn/T//terraform-docs-TQYHbozJA7.tf does not exist or cannot be read.

terraform-docs version

terraform-docs version
terraform-docs version v0.8.0-rc.2 d52122d darwin/amd64 BuildDate: 2020-01-12T20:38:24+0000