Pre-commit Hook Integration
Terratags can be integrated with pre-commit to automatically validate tags before commits are made to your repository.
Prerequisites
-
Install pre-commit:
-
Ensure you have a terratags configuration file in your repository (see Configuration)
Basic Setup
- Create or update your
.pre-commit-config.yamlfile in your repository root:
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0 # Use the latest version (available from v0.3.0+)
hooks:
- id: terratags
-
Install the pre-commit hook:
-
Create your
terratags.yamlconfiguration file:
Advanced Configuration
Custom Configuration File
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
- id: terratags
args: [--config=custom-config.yaml]
Generate HTML Report
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
- id: terratags
args: [--config=terratags.yaml, --report=tag-report.html]
Show Remediation Suggestions
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
- id: terratags
args: [--config=terratags.yaml, --remediate]
Use Exemptions
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
- id: terratags
args: [--config=terratags.yaml, --exemptions=exemptions.yaml]
Custom Directory
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
- id: terratags
args: [--config=terratags.yaml, --dir=./infrastructure]
Multiple Hook Configurations
You can define multiple hooks for different purposes:
repos:
- repo: https://github.com/terratags/terratags
rev: v0.3.0
hooks:
# Basic validation on every commit
- id: terratags
name: terratags-validate
args: [--config=terratags.yaml]
# Generate report (manual stage)
- id: terratags
name: terratags-report
args: [--config=terratags.yaml, --report=reports/tags.html]
stages: [manual]
# Show remediation suggestions
- id: terratags
name: terratags-remediate
args: [--config=terratags.yaml, --remediate]
stages: [manual]
Usage Examples
Basic Workflow
- Make changes to your Terraform files
- Attempt to commit:
- Terratags will automatically run and validate your tags
- If validation fails, fix the issues and commit again
Manual Report Generation
# Run terratags report generation
pre-commit run terratags-report --hook-stage manual
# Run terratags with remediation suggestions
pre-commit run terratags-remediate --hook-stage manual
Skip Hook for Emergency Commits
# Skip all pre-commit hooks
git commit -m "Emergency fix" --no-verify
# Skip only terratags hook
SKIP=terratags git commit -m "Skip terratags validation"
File Filtering
The terratags pre-commit hook is configured to only run on Terraform configuration files: - *.tf files
This ensures the hook only runs when relevant files are changed, improving performance.
Note: Pre-commit hooks validate Terraform source files only. For validating Terraform plan output, use the --plan flag in your CI/CD pipeline as described in the main README.
Troubleshooting
Hook Not Running
- Ensure pre-commit is installed:
pre-commit --version - Ensure hooks are installed:
pre-commit install - Check your
.pre-commit-config.yamlsyntax
Configuration File Not Found
- Ensure your terratags configuration file exists in the repository root
- Use the
--configargument to specify a custom path - Check the file name matches what you specified in args
Validation Failures
- Use
--remediateto see suggested fixes - Check exemptions if certain resources should be excluded
- Review your required tags configuration
Integration with CI/CD
Pre-commit hooks work well with CI/CD pipelines. You can run the same validations in your CI:
This ensures that even if developers skip local pre-commit hooks, the validation still runs in CI.