- id: infracost_breakdown
  name: Infracost breakdown
  description: Check terraform infrastructure cost
  entry: infracost_breakdown.sh
  language: script
  require_serial: true
  files: \.(tf(vars)?|hcl)$
  exclude: \.terraform\/.*$

- id: terraform_fmt
  name: Terraform fmt
  description: Rewrites all Terraform configuration files to a canonical format.
  entry: terraform_fmt.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terraform_docs
  name: Terraform docs
  description: Inserts input and output documentation into README.md (using terraform-docs).
  require_serial: true
  entry: terraform_docs.sh
  language: script
  files: (\.tf|\.terraform\.lock\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_docs_without_aggregate_type_defaults
  name: Terraform docs (without aggregate type defaults)
  description: Inserts input and output documentation into README.md (using terraform-docs). Identical to terraform_docs.
  require_serial: true
  entry: terraform_docs.sh
  language: script
  files: (\.tf)$
  exclude: \.terraform\/.*$

- id: terraform_docs_replace
  name: Terraform docs (overwrite README.md)
  description: Overwrite content of README.md with terraform-docs.
  require_serial: true
  entry: terraform_docs_replace
  language: python
  files: (\.tf)$
  exclude: \.terraform\/.*$

- id: terraform_validate
  name: Terraform validate
  description: Validates all Terraform configuration files.
  require_serial: true
  entry: terraform_validate.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terraform_providers_lock
  name: Lock terraform provider versions
  description: Updates provider signatures in dependency lock files.
  require_serial: true
  entry: terraform_providers_lock.sh
  language: script
  files: (\.terraform\.lock\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_tflint
  name: Terraform validate with tflint
  description: Validates all Terraform configuration files with TFLint.
  require_serial: true
  entry: terraform_tflint.sh
  language: script
  files: (\.tf|\.tfvars)$
  exclude: \.terraform\/.*$

- id: terragrunt_fmt
  name: Terragrunt fmt
  description: Rewrites all Terragrunt configuration files to a canonical format.
  entry: terragrunt_fmt.sh
  language: script
  files: (\.hcl)$
  exclude: \.terraform\/.*$

- id: terragrunt_validate
  name: Terragrunt validate
  description: Validates all Terragrunt configuration files.
  entry: terragrunt_validate.sh
  language: script
  files: (\.hcl)$
  exclude: \.terraform\/.*$

- id: terraform_tfsec
  name: Terraform validate with tfsec
  description: Static analysis of Terraform templates to spot potential security issues.
  require_serial: true
  entry: terraform_tfsec.sh
  language: script

- id: checkov
  name: Checkov
  description: Runs checkov on Terraform templates.
  entry: checkov -d .
  language: python
  pass_filenames: false
  always_run: false
  files: \.tf$
  exclude: \.+.terraform\/.*$
  require_serial: true

- id: terrascan
  name: terrascan
  description: Runs terrascan on Terraform templates.
  language: script
  entry: terrascan.sh