pre-commit hooks are a mechanism of the version control system git. They let you execute code right before the commit. I highly recommend using WSL/WSL2 with Ubuntu and following the Ubuntu installation guide.
sudo apt update
sudo apt install -y unzip software-properties-common python3 python3-pip
python3 -m pip install --upgrade pip
pip3 install --no-cache-dir pre-commit
pip3 install --no-cache-dir checkov
curl -L "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E -m 1 "https://.+?-linux-amd64.tar.gz")" > terraform-docs.tgz && tar -xzf terraform-docs.tgz terraform-docs && rm terraform-docs.tgz && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/tenable/terrascan/releases/latest | grep -o -E -m 1 "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz && tar -xzf terrascan.tar.gz terrascan && rm terrascan.tar.gz && sudo mv terrascan /usr/bin/ && terrascan init
curl -L "$(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E -m 1 "https://.+?_linux_amd64.zip")" > tflint.zip && unzip tflint.zip && rm tflint.zip && sudo mv tflint /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/aquasecurity/tfsec/releases/latest | grep -o -E -m 1 "https://.+?tfsec-linux-amd64")" > tfsec && chmod +x tfsec && sudo mv tfsec /usr/bin/
sudo apt install -y jq && \
curl -L "$(curl -s https://api.github.com/repos/infracost/infracost/releases/latest | grep -o -E -m 1 "https://.+?-linux-amd64.tar.gz")" > infracost.tgz && tar -xzf infracost.tgz && rm infracost.tgz && sudo mv infracost-linux-amd64 /usr/bin/infracost && infracost register
curl -L "$(curl -s https://api.github.com/repos/minamijoyo/tfupdate/releases/latest | grep -o -E -m 1 "https://.+?_linux_amd64.tar.gz")" > tfupdate.tar.gz && tar -xzf tfupdate.tar.gz tfupdate && rm tfupdate.tar.gz && sudo mv tfupdate /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/minamijoyo/hcledit/releases/latest | grep -o -E -m 1 "https://.+?_linux_amd64.tar.gz")" > hcledit.tar.gz && tar -xzf hcledit.tar.gz hcledit && rm hcledit.tar.gz && sudo mv hcledit /usr/bin/Install dependencies
You need to install terraform-docs and TFLint dependencies to execute our pre-commit successfully. Click the link to follow the instruction.
Install Terraform
1. Open Ubuntu application (or your installed distro)
2. Run the following command which will install unzip (its my preference to extract files)
sudo apt-get install unzip3.Navigate to the Terraform download page and grab the most recent download URL.
4. Using the above URL, run the following commands which will download, unzip, move the binary to users bin.
wget <terraform_url> -O terraform.zip;
unzip terraform.zip;
sudo mv terraform /usr/local/bin;
rm terraform.zip;example:
wget https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip -O terraform.zip;
unzip terraform.zip;
sudo mv terraform /usr/local/bin;
rm terraform.zip;5. Run the following command to verify terraform is installed.
terraform -vreference: Configuring Terraform on Windows 10 Linux Sub-System
Run pre-commit
pre-commit run -aPotential Error
DNS server resolution error
You may get this error when you run pre-commit first time.
My best solution is the following commands
sudo rm /etc/resolv.conf
sudo bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
sudo bash -c 'echo "[network]" > /etc/wsl.conf'
sudo bash -c 'echo "generateResolvConf = false" >> /etc/wsl.conf'
sudo chattr +i /etc/resolv.confresolv.conf file is no longer overwritten and you will be able to run without DNS server resolution error.
Curl (60) SSL certificate problem: unable to get local issuer certificate
add option -k to skip ssl certificate verification. For example
curl -Lk "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E -m 1 "https://.+?-linux-amd64.tar.gz")" > terraform-docs.tgz && tar -xzf terraform-docs.tgz terraform-docs && rm terraform-docs.tgz && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/Zscaler SSL certificate problem
You may see this error message when your ubuntu can not verify the SSL certificates returned by the server. To solve this problem, import Zscaler certificate to your Ubuntu machine.
1. Locate to /etc/ssl/certs and create a file with follow name
sudo nano /etc/ssl/certs/ZscalerRootCertificate-2048-SHA256.crt2. Paste content of certificate and save.
-----BEGIN CERTIFICATE-----
Send me an email if you want to get the content of certificate.
Email Address: dlatlrrb@gmail.com
-----END CERTIFICATE-----References
https://github.com/antonbabenko/pre-commit-terraform#how-to-install