Last active
June 27, 2025 15:28
-
-
Save mhemani-reach/881cc89aca096b1de77bd58235dc0640 to your computer and use it in GitHub Desktop.
Dockerized pre-commit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| plugin_cache_dir = "$HOME/.terraform.d/plugin-cache" | |
| disable_checkpoint = true |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alias aws='docker run --rm -it -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN -e AWS_CREDENTIAL_EXPIRATION -v ~/.aws:/root/.aws -v ~/.ssh:/root/.ssh -v ${PWD}:/aws public.ecr.aws/aws-cli/aws-cli:2.27.21' | |
| alias terraform='docker run --rm -ti -v ${PWD}:/terraform -v ~/.aws:/root/.aws -v ~/.terraformrc:/root/.terraformrc -v ~/.terraform.d/plugin-cache:/root/.terraform.d/plugin-cache -w /terraform -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN -e AWS_CREDENTIAL_EXPIRATION -v /run/host-services/ssh-auth.sock:/ssh-agent -e SSH_AUTH_SOCK="/ssh-agent" hashicorp/terraform:1.5.7' | |
| alias tf='docker run --rm -ti -v ${PWD}:/terraform -v ~/.aws:/root/.aws -v ~/.terraformrc:/root/.terraformrc -v ~/.terraform.d/plugin-cache:/root/.terraform.d/plugin-cache -w /terraform -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN --entrypoint /bin/sh -e AWS_CREDENTIAL_EXPIRATION -v /run/host-services/ssh-auth.sock:/ssh-agent -e SSH_AUTH_SOCK="/ssh-agent" hashicorp/terraform:1.5.7' | |
| alias terraform-docs='docker run --rm -ti --platform linux/amd64 -w /terraform-docs --volume "$(pwd):/terraform-docs" -u $(id -u) quay.io/terraform-docs/terraform-docs:0.19.0' | |
| alias tfdocs='terraform-docs markdown table --html=false --output-file README.md --output-mode inject .' | |
| alias tflint='docker run --rm -v $(pwd):/data -v ~/.tflint.hcl:/root/.tflint.hcl -v ~/.ssh:/root/.ssh -t ghcr.io/terraform-linters/tflint-bundle:v0.47.0.0' | |
| alias pre-commit-install='docker run --rm -it -v $(git rev-parse --show-toplevel):/precommit --entrypoint /bin/bash reachfinancial/pre-commit /pre-commit-install.sh && chmod +x $(git rev-parse --show-toplevel)/.git/hooks/pre-commit' | |
| alias pre-commit='docker run --rm -v $(git rev-parse --show-toplevel):/precommit -v $(echo $HOME)/.ssh:/root/.ssh -v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -v $(echo $HOME)/.terraformrc:/root/.terraformrc -v $(echo $HOME)/.terraform.d/plugin-cache:/root/.terraform.d/plugin-cache -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK --entrypoint pre-commit reachfinancial/pre-commit' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ARG TF_VERSION=1.5.7 | |
| ARG TFLINT_VERSION=0.53.0 | |
| ARG TFDOCS_VERSION=0.19.0 | |
| FROM hashicorp/terraform:${TF_VERSION} AS tf | |
| FROM ghcr.io/terraform-linters/tflint:v${TFLINT_VERSION} AS tflint | |
| FROM quay.io/terraform-docs/terraform-docs:${TFDOCS_VERSION} AS tfdocs | |
| FROM python:3.12-slim | |
| ARG PRECOMMIT_VERSION=4.0.1 | |
| RUN apt-get update && \ | |
| apt-get install -y --no-install-recommends git openssh-client && \ | |
| rm -rf /var/lib/apt/lists/* | |
| WORKDIR /precommit | |
| RUN pip install pre-commit==${PRECOMMIT_VERSION} --no-cache-dir | |
| COPY --from=tf /bin/terraform /usr/local/bin/terraform | |
| COPY --from=tflint /usr/local/bin/tflint /usr/local/bin/tflint | |
| COPY --from=tfdocs /usr/local/bin/terraform-docs /usr/local/bin/terraform-docs | |
| COPY <<'EOF' /pre-commit-template | |
| #!/usr/bin/env bash | |
| # File generated by pre-commit: https://pre-commit.com | |
| # ID: 138fd403232d2ddd5efb44317e38bf03 | |
| # start templated | |
| INSTALL_PYTHON=/usr/local/bin/python3.12 | |
| ARGS=(hook-impl --config=.pre-commit-config.yaml --hook-type=pre-commit) | |
| PRE_COMMIT_CMD="docker run --rm -v $(git rev-parse --show-toplevel):/precommit -v $(echo $HOME)/.ssh:/root/.ssh -v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -v $(echo $HOME)/.terraformrc:/root/.terraformrc -v $(echo $HOME)/.terraform.d/plugin-cache:/root/.terraform.d/plugin-cache -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK --entrypoint pre-commit reachfinancial/pre-commit" | |
| # end templated | |
| HERE="$(cd "$(dirname "$0")" && pwd)" | |
| ARGS+=(--hook-dir "$HERE" -- "$@") | |
| if command -v $PRE_COMMIT_CMD > /dev/null; then | |
| exec $PRE_COMMIT_CMD "${ARGS[@]}" | |
| else | |
| echo '`pre-commit` not found. Did you forget to build the container?' 1>&2 | |
| exit 1 | |
| fi | |
| EOF | |
| COPY <<'EOF' /pre-commit-install.sh | |
| #!/usr/bin/env bash | |
| mv /pre-commit-template /precommit/.git/hooks/pre-commit | |
| if [ $? -eq 0 ] ; then | |
| echo "pre-commit hook installed successfully" | |
| else | |
| echo "pre-commit hook did not install sucessfully" | |
| fi | |
| EOF | |
| RUN chmod +x /pre-commit-install.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment