- id: infracost_breakdown
  name: Infracost breakdown
  description: Check terraform infrastructure cost
  entry: hooks/infracost_breakdown.sh
  language: script
  require_serial: true
  files: \.(tf(vars)?|hcl)$
  exclude: \.terraform\/.*$

- id: terraform_fmt
  name: Terraform fmt
  description: Rewrites all Terraform configuration files to a canonical format.
  entry: hooks/terraform_fmt.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terraform_docs
  name: Terraform docs
  description: Inserts input and output documentation into README.md (using terraform-docs).
  require_serial: true
  entry: hooks/terraform_docs.sh
  language: script
  files: (\.tf|\.terraform\.lock\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_docs_without_aggregate_type_defaults
  name: Terraform docs (without aggregate type defaults)
  description: Inserts input and output documentation into README.md (using terraform-docs). Identical to terraform_docs.
  require_serial: true
  entry: hooks/terraform_docs.sh
  language: script
  files: (\.tf)$
  exclude: \.terraform\/.*$

- id: terraform_docs_replace
  name: Terraform docs (overwrite README.md)
  description: Overwrite content of README.md with terraform-docs.
  require_serial: true
  entry: terraform_docs_replace
  language: python
  files: (\.tf)$
  exclude: \.terraform\/.*$

- id: terraform_validate
  name: Terraform validate
  description: Validates all Terraform configuration files.
  require_serial: true
  entry: hooks/terraform_validate.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terraform_providers_lock
  name: Lock terraform provider versions
  description: Updates provider signatures in dependency lock files.
  require_serial: true
  entry: hooks/terraform_providers_lock.sh
  language: script
  files: (\.terraform\.lock\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_tflint
  name: Terraform validate with tflint
  description: Validates all Terraform configuration files with TFLint.
  require_serial: true
  entry: hooks/terraform_tflint.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terragrunt_fmt
  name: Terragrunt fmt
  description: Rewrites all Terragrunt configuration files to a canonical format.
  entry: hooks/terragrunt_fmt.sh
  language: script
  files: (\.hcl)$
  exclude: \.terraform\/.*$

- id: terragrunt_validate
  name: Terragrunt validate
  description: Validates all Terragrunt configuration files.
  entry: hooks/terragrunt_validate.sh
  language: script
  files: (\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_tfsec
  name: Terraform validate with tfsec
  description: Static analysis of Terraform templates to spot potential security issues.
  require_serial: true
  entry: hooks/terraform_tfsec.sh
  language: script

- id: checkov
  name: checkov (deprecated, use "terraform_checkov")
  description: Runs checkov on Terraform templates.
  entry: checkov -d .
  language: python
  pass_filenames: false
  always_run: false
  files: \.tf$
  exclude: \.terraform\/.*$
  require_serial: true

- id: terraform_checkov
  name: Checkov
  description: Runs checkov on Terraform templates.
  entry: hooks/terraform_checkov.sh
  language: script
  always_run: false
  files: \.tf$
  exclude: \.terraform\/.*$
  require_serial: true

- id: terraform_wrapper_module_for_each
  name: Terraform wrapper with for_each in module
  description: Generate Terraform wrappers with for_each in module.
  entry: hooks/terraform_wrapper_module_for_each.sh
  language: script
  pass_filenames: false
  always_run: false
  require_serial: true
  files: \.tf$
  exclude: \.terraform\/.*$

- id: terrascan
  name: terrascan
  description: Runs terrascan on Terraform templates.
  language: script
  entry: hooks/terrascan.sh
  files: \.tf$
  exclude: \.terraform\/.*$
  require_serial: true

- id: tfupdate
  name: tfupdate
  description: Runs tfupdate on Terraform templates.
  language: script
  entry: hooks/tfupdate.sh
  args:
    - --args=terraform
  files: \.tf$
  require_serial: true