Thomas Thornton – Microsoft Azure MVP – HashiCorp Ambassador

Microsoft Azure Blog – Microsoft MVP

Running pre-commit hooks as GitHub Actions

on by Leave a comment

In your Git repository, you may be using pre-commit hooks, as part of your pre-commit process – this works fine but sometimes, someone may pull request via the UI in GitHub for example and these pre-commit hooks won’t run natively. In this blog I am going to show you can run run pre-commit hooks as GitHub Actions

Very useful workflow to have as part of your CI checks prior to any code being merged. In my example, I will have a pre-commit that checks the format of terraform using terraform fmt

Like all pre-commit hooks, a file .pre-commit-config.yaml is required. Here is is the only I will be using with contents:

repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
  rev: v1.74.1
  hooks:
    - id: terraform_fmt
      args:
      - --args=-write=true

As you can see, I am using a pre-commit-terraform hook – they are great! In theory, install information on how to setup pre-commit hooks within your repository

Now that we have a .pre-commit-config.yaml file in our repository, we can now add this to a GitHub workflow – I used:

name: pre-commit

on:
  pull_request:
  push:
    branches: [main]

jobs:
  pre-commit:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - uses: pre-commit/action@v3.0.0
        with: 
          extra_args: terraform_fmt --all-files

Link to the action

I used the pre-commit GitHub action – it is deprecated, but worked in my use case. The recommendation is to use https://pre-commit.ci/ if required

Reviewing the GitHub action, we can see the two steps ran successfully above

With successful output of the pre-commit@action terraform_fmt

[INFO] Initializing environment for https://github.com/antonbabenko/pre-commit-terraform.
Terraform fmt............................................................Passed

Lets try merging some terraform that is not correctly formatted, I modified the terraform file which I will know that will fail the terraform_fmt check

resource "azurerm_resource_group" "tamopsrg" {
  name                = "tamopsrg"
  location    = "West Europe"
}

The pull-request shows the failure

Reviewing the log from the pre-commit action, we can see that it has failed on the terraform change I applied

Run pre-commit run --show-diff-on-failure --color=always terraform_fmt --all-files
Terraform fmt............................................................Failed
- hook id: terraform_fmt
- files were modified by this hook

main.tf

pre-commit hook(s) made changes.
If you are seeing this message in CI, reproduce locally with: `pre-commit run --all-files`.
To run `pre-commit` as part of git workflow, use `pre-commit install`.
All changes made by hooks:
diff --git a/terraform/main.tf b/terraform/main.tf
index 7040430..ea7a933 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -1,4 +1,4 @@
 resource "azurerm_resource_group" "tamopsrg" {
-  name                = "tamopsrg"
-  location    = "West Europe"
+  name     = "tamopsrg"
+  location = "West Europe"
 }
Error: Process completed with exit code 1.

Very useful to have as part of your CI checks that I initially mentioned. A great way to ensure your pre-commit hooks are always ran even when attempting to pull-request via the GitHub web page!

Thanks to colleague Tim Jacomb for assisting with this as well

Repository used during this blog post

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s