From 5f3ac96d4441b230c04e14161fdeb350dba7ad9c Mon Sep 17 00:00:00 2001
From: Anton Babenko <anton@antonbabenko.com>
Date: Wed, 24 Jan 2018 12:13:51 +0100
Subject: [PATCH] Added scripts to validate terraform files

---
 .pre-commit-hooks.yaml               | 16 ++++++++++++++++
 README.md                            |  8 ++++++--
 hooks.yaml                           | 16 ++++++++++++++++
 terraform_validate_no_variables.sh   |  5 +++++
 terraform_validate_with_variables.sh |  5 +++++
 5 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100755 terraform_validate_no_variables.sh
 create mode 100755 terraform_validate_with_variables.sh

diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml
index f77a70d..786ef5a 100644
--- a/.pre-commit-hooks.yaml
+++ b/.pre-commit-hooks.yaml
@@ -5,3 +5,19 @@
   language: script
   files: (\.tf|\.tfvars)$
   exclude: \.terraform\/.*$
+
+- id: terraform_validate_no_variables
+  name: Terraform validate without variables
+  description: Validates all Terraform configuration files without checking whether all required variables were set (basic check).
+  entry: terraform_validate_no_variables.sh
+  language: script
+  files: (\.tf|\.tfvars)$
+  exclude: \.terraform\/.*$
+
+- id: terraform_validate_with_variables
+  name: Terraform validate with variables
+  description: Validates all Terraform configuration files and checks whether all required variables were specified.
+  entry: terraform_validate_with_variables.sh
+  language: script
+  files: (\.tf|\.tfvars)$
+  exclude: \.terraform\/.*$
diff --git a/README.md b/README.md
index 77249d2..b9bf0c8 100644
--- a/README.md
+++ b/README.md
@@ -2,14 +2,18 @@
 
 [![Github tag](https://img.shields.io/github/tag/antonbabenko/pre-commit-terraform.svg)](https://github.com/antonbabenko/pre-commit-terraform/releases) ![](https://img.shields.io/maintenance/yes/2018.svg) [![Help Contribute to Open Source](https://www.codetriage.com/antonbabenko/pre-commit-terraform/badges/users.svg)](https://www.codetriage.com/antonbabenko/pre-commit-terraform)
 
-Single [pre-commit](http://pre-commit.com/) hook which runs `terraform fmt` on Terraform configuration files (both `*.tf` and `*.tfvars`).
+Several [pre-commit](http://pre-commit.com/) hooks to keep Terraform configurations (both `*.tf` and `*.tfvars`) in a good shape:
+* `terraform_fmt` - Rewrites all Terraform configuration files to a canonical format.
+* `terraform_validate_no_variables` - Validates all Terraform configuration files without checking whether all required variables were set.
+* `terraform_validate_with_variables` - Validates all Terraform configuration files and checks whether all required variables were specified. This is an optional check, because it will not work if variables are being set dynamically (eg, when using [Terragrunt](https://github.com/gruntwork-io/terragrunt)). Use `terraform_validate_no_variables` hook instead.
 
 An example `.pre-commit-config.yaml`:
 
 ```yaml
 - repo: git://github.com/antonbabenko/pre-commit-terraform
-  sha: v1.3.0
+  sha: v1.4.0
   hooks:
+    - id: terraform_validate_no_variables
     - id: terraform_fmt
 ```
 
diff --git a/hooks.yaml b/hooks.yaml
index f77a70d..786ef5a 100644
--- a/hooks.yaml
+++ b/hooks.yaml
@@ -5,3 +5,19 @@
   language: script
   files: (\.tf|\.tfvars)$
   exclude: \.terraform\/.*$
+
+- id: terraform_validate_no_variables
+  name: Terraform validate without variables
+  description: Validates all Terraform configuration files without checking whether all required variables were set (basic check).
+  entry: terraform_validate_no_variables.sh
+  language: script
+  files: (\.tf|\.tfvars)$
+  exclude: \.terraform\/.*$
+
+- id: terraform_validate_with_variables
+  name: Terraform validate with variables
+  description: Validates all Terraform configuration files and checks whether all required variables were specified.
+  entry: terraform_validate_with_variables.sh
+  language: script
+  files: (\.tf|\.tfvars)$
+  exclude: \.terraform\/.*$
diff --git a/terraform_validate_no_variables.sh b/terraform_validate_no_variables.sh
new file mode 100755
index 0000000..d977342
--- /dev/null
+++ b/terraform_validate_no_variables.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+for file in "$@"; do
+  terraform validate -check-variables=false "$file"
+done
diff --git a/terraform_validate_with_variables.sh b/terraform_validate_with_variables.sh
new file mode 100755
index 0000000..7748bed
--- /dev/null
+++ b/terraform_validate_with_variables.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+for file in "$@"; do
+  terraform validate -check-variables=true "$file"
+done