# See https://pre-commit.com/hooks.html for more hooks
repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.4.0
    hooks:
      - id: trailing-whitespace
      - id: end-of-file-fixer
      - id: check-yaml
        args:
          - --unsafe
      - id: check-json
      - id: check-toml
      - id: check-xml
      - id: check-added-large-files
      - id: check-executables-have-shebangs
      - id: check-merge-conflict
      - id: check-symlinks
      - id: detect-private-key
      - id: mixed-line-ending
      - id: pretty-format-json
        args:
          - --autofix
          - --no-sort-keys
      - id: debug-statements
  - repo: local
    hooks:
      - id: terraform-fmt
        name: terraform-fmt
        language: docker_image
        pass_filenames: false
        entry: registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/logan-terraform:1.7 terraform fmt -recursive
      - id: tflint
        name: tflint
        language: docker_image
        pass_filenames: false
        entry: ghcr.io/terraform-linters/tflint:latest
        args: []
      - id: trivy
        name: trivy
        language: docker_image
        pass_filenames: false
        entry: aquasec/trivy:latest
        args: ["--cache-dir", "/tmp/.trivy-cache", "--skip-dirs", "dev/.terraform", "config", ".", "--exit-code", "1"]
  - repo: https://github.com/DavidAnson/markdownlint-cli2
    rev: v0.12.1
    hooks:
      # For rule definitions see https://github.com/markdownlint/markdownlint/blob/main/docs/RULES.md
      - id: markdownlint-cli2
        # Exclude README.md and CHANGELOG.md as they are auto-generated and contain a bunch of illegal HTML etc. We lint
        # the source *.md files in ./docs though so at least our pure markdown is being checked.
        exclude: CHANGELOG.md