This repository was archived by the owner on Feb 18, 2025. It is now read-only.
TLS-133-tracking-wpengine-pre-commit-terraform-via-dependabot-bump-tj-actions-changed-files-to-41 #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… arm64. Workaround till issue will be fixed in `checkov` itself (#635) --------- Co-authored-by: George L. Yermulnik <[email protected]> Co-authored-by: MaxymVlasov <[email protected]>
## [1.88.1](v1.88.0...v1.88.1) (2024-03-11) ### Bug Fixes * **docker:** Checkov installation silently fails on `docker build` in arm64. Workaround till issue will be fixed in `checkov` itself ([#635](#635)) ([f255b05](f255b05))
…+ Add `trace` log level (#645) --------- Co-authored-by: George L. Yermulnik <[email protected]>
## [1.88.2](v1.88.1...v1.88.2) (2024-03-13) ### Bug Fixes * **non-linux:** Bash environment variables in arguments not expanded + Add `trace` log level ([#645](#645)) ([a2a2990](a2a2990))
--------- Co-authored-by: George L. Yermulnik <[email protected]>
…form_validate` hook) run when only lockfile changed (#649) ### Description of your changes  When the terraform root module contains any child module it requires `terraform init` to run to be able to successfully run the provider lock operation. Previously, `terraform init` was in `terraform_providers_lock` hook too, but moved out to be only in `terraform_validate`, because there was little sense in trying to lock anything that was code invalid. If we return `terraform init` back to `terraform_providers_lock` - major changes in providers that remove resources etc. can be successfully written to lockfile without any checks, as such checks done in `terraform_validate` ## Workaround till the release of that stuff Add `files: (\.tf|\.tfvars|\.terraform\.lock\.hcl)$` to `terraform_validate` hook call --- Co-authored-by: George L. Yermulnik <[email protected]>
## [1.88.3](v1.88.2...v1.88.3) (2024-03-22) ### Bug Fixes * **`terraform_providers_lock`:** Require `terraform init` (and `terraform_validate` hook) run when only lockfile changed ([#649](#649)) ([02c1935](02c1935))
## [1.88.4](v1.88.3...v1.88.4) (2024-03-25) ### Bug Fixes * Improve README and drop quotes from hook env vars ([#651](#651)) ([daec682](daec682))
…rom the module if it exists (#657) Co-authored-by: Nick Henry <[email protected]>
# [1.89.0](v1.88.4...v1.89.0) (2024-04-15) ### Features * Hook terraform_wrapper_module_for_each should use versions.tf from the module if it exists ([#657](#657)) ([b127601](b127601))
…d` (#644) --------- Co-authored-by: George L. Yermulnik <[email protected]>
## [1.89.1](v1.89.0...v1.89.1) (2024-04-25) ### Bug Fixes * **docker:** Prevent all possible "silent errors" during `docker build` ([#644](#644)) ([0340c8d](0340c8d))
….6.0 (#666) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…#662) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…656) --------- Signed-off-by: Steffen Tautenhahn <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…cker image build, please note that `TERRAFORM_VERSION` now must be provided (#670) --------- Co-authored-by: George L. Yermulnik <[email protected]> Co-authored-by: Maksym Vlasov <[email protected]>
# [1.90.0](v1.89.1...v1.90.0) (2024-05-23) ### Features * Support set custom TF/OpenTofu binary. | If you use a custom Docker image build, please note that `TERRAFORM_VERSION` now must be provided ([#670](#670)) ([c7011c0](c7011c0))
# [1.91.0](v1.90.0...v1.91.0) (2024-06-07) ### Features * Added Terramate as sponsor ([#676](#676)) ([dae1a48](dae1a48))
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
That PR integrate one more static analysis tool, as CodeQL is good, but it not cover all cases Here is an article about zizmor value - https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection zizmor repo - https://github.com/woodruffw/zizmor --------- Co-authored-by: George L. Yermulnik <[email protected]>
Pinned by `pre-commit autoupdate --freeze` as `pre-commit` in Renovate currently [does not support](renovatebot/renovate#22488) freezing style used by `pre-commit`
Signed-off-by: Oliver Ladner <[email protected]> Co-authored-by: Oliver Ladner <[email protected]>
## [1.99.2](v1.99.1...v1.99.2) (2025-06-05) ### Bug Fixes * make infracost_breakdown.sh compatible with bash 3.2 (macOS) ([#903](#903)) ([dcb4c36](dcb4c36))
….tofu` files support (#904) --------- Co-authored-by: T. Hinrichsmeyer <[email protected]> Co-authored-by: George L. Yermulnik <[email protected]>
## [1.99.3](v1.99.2...v1.99.3) (2025-06-06) ### Bug Fixes * **`terraform_docs`, `terraform_wrapper_module_for_each`:** Improve `.tofu` files support ([#904](#904)) ([4f85212](4f85212))
….395 (#907) ### Description of your changes Drop not more needed to hack for `checkov` during docker images installation, as bridgecrewio/checkov#7072 merged 3 months ago as `3.2.395`. That's make obsolete hack from #635 as bridgecrewio/checkov#7072 finally closes bridgecrewio/checkov#5608 for Mac arm64, because `checkov` finally uses `rustworkx >= 0.14.0`
## [1.99.4](v1.99.3...v1.99.4) (2025-06-12) ### Bug Fixes * **docker:** Drop Mac arm64 build-time hack, needed for `checkov`<3.2.395 ([#907](#907)) ([3c9ef3d](3c9ef3d))
### Description of your changes * Integrate wemake-python-styleguide and ruff * Add ignores for deprecated hook * Make initial setup of wemake-python-styleguide, by disabling a few too strict rules --------- Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <[email protected]>
…-commit run -a`, that causes multiply hooks runs. `terraform_trivy` from its introduction could always be `Passed` for `pre-commit run -a` (#909) ### Description of your changes Probably introduced in #875 or even earlier. There were issue that regex in `.pre-commit-hooks.yaml` specified for Python `re` library, but we also used it with `grep -e`. `grep -e` working slightly different than we expect, so I switched to `grep -E` which have less differences with Python `re`. (step 3 below) Then I found that there is no [required `--exit-code=1`](https://trivy.dev/latest/docs/configuration/others/#exit-code) in `run_hook_on_whole_repo` from hook introduction 2 years ago #606. Fixed it too. From above, I assume that `pre-commit run -a` for Fix #908 ### How can we test changes 1. Clone https://github.com/pre-commit-terraform/GH-908-reproduce. 2. Run `pre-commit run -a` - you'll see 2 occurrences of same error. 3. (Optional) Change `.pre-commit-config.yaml` to ```yaml repos: - repo: https://github.com/antonbabenko/pre-commit-terraform rev: 48525b2 hooks: - id: terraform_trivy args: # https://trivy.dev/latest/docs/configuration/others/#exit-code # It wasn't set, when it should be set by default in hook. Another issue. - --args=--exit-code=1 ``` and run `pre-commit run -a` 4. Change `.pre-commit-config.yaml` to ```yaml repos: - repo: https://github.com/antonbabenko/pre-commit-terraform rev: bafa663 hooks: - id: terraform_trivy ``` and run `pre-commit run -a`
## [1.99.5](v1.99.4...v1.99.5) (2025-07-08) ### Bug Fixes * Regression from (at least) v1.99.0 which incorrectly handle `pre-commit run -a`, that causes multiply hooks runs. `terraform_trivy` from its introduction could always be `Passed` for `pre-commit run -a` ([#909](#909)) ([a5bd84e](a5bd84e)), closes [#908](#908) [/github.com/pre-commit-terraform/#908](https://github.com//github.com/pre-commit-terraform//issues/908)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…#917) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* docs: Clarify docker instructions to work with spaces in paths * Update README.md Co-authored-by: George Yermulnik (Georgii Iermulnik) <[email protected]> --------- Co-authored-by: George Yermulnik (Georgii Iermulnik) <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* chore(deps): Use latest available Python 3.12 base image * Bump docker image versions * f * f * Update tests
…` formatting (#911) Both supported in https://github.com/hashicorp/terraform/blob/0c63fb2b097edcd5cb1a91322765a414206fbea2/internal/command/fmt.go#L30-L35 --------- Co-authored-by: Maksym Vlasov <[email protected]>
# [1.100.0](v1.99.5...v1.100.0) (2025-08-08) ### Features * **`terraform_fmt`:** Add support for `.tftest.hcl` and `.tfmock.hcl` formatting ([#911](#911)) ([7433e13](7433e13)), closes [/github.com/hashicorp/terraform/blob/0c63fb2b097edcd5cb1a91322765a414206fbea2/internal/command/fmt.go#L30-L35](https://github.com//github.com/hashicorp/terraform/blob/0c63fb2b097edcd5cb1a91322765a414206fbea2/internal/command/fmt.go/issues/L30-L35)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Put an
xinto the box if that apply:Description of your changes
How can we test changes