{"id":23118,"date":"2021-01-21T14:20:49","date_gmt":"2021-01-21T22:20:49","guid":{"rendered":"https:\/\/www.spokeo.com\/compass\/?p=23118"},"modified":"2022-09-05T12:02:50","modified_gmt":"2022-09-05T20:02:50","slug":"a-guide-to-terraform-pre-commit-hooks","status":"publish","type":"post","link":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/","title":{"rendered":"A Guide to Terraform Pre-Commit Hooks"},"content":{"rendered":"\n

We (like everyone else) want to be able to ship easy to read code in a way that’s fast, maintainable, and free of errors. As our operations grow, so does the amount of infrastructure we manage and the size of the teams involved. At Spokeo, we have gone from AWS GUI -> shell scripts aws-cli calls to create instances -> using Terraform, Infrastructure as code. <\/p>\n\n\n\n

As operations teams grow, ground rules on code styles and review can become tribal knowledge that is hard to communicate or standardize. The whole argument of tabs vs spaces, heredoc vs codified comes into play as many engineers already have a predisposition to one or the other. Using auto formatters like Terraform pre-commit hooks relieves code reviewers of having to scrutinize these details while easily creating uniform code that anybody can clearly read. This is already a fairly common development practice that can be leveraged with infrastructure as code.<\/p>\n\n\n\n

General Guidelines<\/h2>\n\n\n\n

Homogenized Formatting<\/h4>\n\n\n\n

We implement homogenized formatting in Terraform by setting up a pre-commit hook to run terraform fmt to ensure that the \u201ctf\u201d files conform to formatting standards. Pre-commit tells Terraform to automatically implement standardized formatting. This removes the annoying task of lining up the \u201c=\u201d.<\/p>\n\n\n\n

Basic Linting<\/h4>\n\n\n\n

This attempts to catch all the blatantly wrong or \u201cfat fingered\u201d errors.  There is also an attempt to catch provider specific errors such as wrong instance types for AWS that don\u2019t typically reveal themselves in a terraform plan and terraform validate.  <\/p>\n\n\n\n

Basic Security Checks<\/h4>\n\n\n\n

We\u2019ve implemented linters that will check for basic security issues such as ensuring that buckets are not public and instances are not open to the world. We also implemented a feature that allows us to tag on a line-by-line basis in order to be able to create exemptions for specific use cases. <\/p>\n\n\n\n

Our Configuration<\/h2>\n\n\n\n

We use the boilerplate pre-commit hook setup which runs before every git commit -m.  This is a sample of our configuration:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

This is what it looks like when it runs:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

We also have jenkins setup with Git hooks to monitor all pull requests in order to ensure that the pull request meets all standards:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Where to go from here<\/h2>\n\n\n\n

Terraform pre-commit hooks have been a great addition to our workflow. They make our code more uniform and help us easily spot the small trivial issues that might slip by. However, things are far from perfect. One current shortcoming is that we run \u201cterraform apply\u201d from our laptops instead of a server. Eventually we would like to get to a point where infrastructure is deployed via continuous integration. This will help mitigate the \u201csomeone didn\u2019t commit their changes\u201d issue. We want to get to a point where developers have a self-service infrastructure option, which will empower them to make sure they have all the tools they need to ship code faster. <\/p>\n","protected":false},"excerpt":{"rendered":"

We (like everyone else) want to be able to ship easy to read code in a way that’s fast, maintainable, and free of errors. As our operations grow, so does…<\/p>\n","protected":false},"author":88,"featured_media":23444,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[722],"tags":[592],"class_list":["post-23118","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-blog","tag-recruiting"],"yoast_head":"\nA Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo\" \/>\n<meta property=\"og:description\" content=\"We (like everyone else) want to be able to ship easy to read code in a way that’s fast, maintainable, and free of errors. As our operations grow, so does…\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/\" \/>\n<meta property=\"og:site_name\" content=\"The Compass Blog | Digital Identity and People Search | Spokeo\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Spokeo\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-21T22:20:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-05T20:02:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"621\" \/>\n\t<meta property=\"og:image:height\" content=\"414\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Olivia Tighe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:site\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Olivia Tighe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/\",\"url\":\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/\",\"name\":\"A Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo\",\"isPartOf\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1\",\"datePublished\":\"2021-01-21T22:20:49+00:00\",\"dateModified\":\"2022-09-05T20:02:50+00:00\",\"author\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/79de1b18e01fb71637ea971e65b66b34\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1\",\"width\":621,\"height\":414},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\",\"url\":\"https:\/\/www.spokeo.com\/compass\/\",\"name\":\"The Compass Blog | Digital Identity and People Search | Spokeo\",\"description\":\"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/79de1b18e01fb71637ea971e65b66b34\",\"name\":\"Olivia Tighe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5147448fc308e61aecaa6782b45b69738d5ed842652b02bffc24ca6e0a7a1911?s=96&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5147448fc308e61aecaa6782b45b69738d5ed842652b02bffc24ca6e0a7a1911?s=96&r=g\",\"caption\":\"Olivia Tighe\"},\"url\":\"https:\/\/www.spokeo.com\/compass\/author\/olivia\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/","og_locale":"en_US","og_type":"article","og_title":"A Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo","og_description":"We (like everyone else) want to be able to ship easy to read code in a way that’s fast, maintainable, and free of errors. As our operations grow, so does…","og_url":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/","og_site_name":"The Compass Blog | Digital Identity and People Search | Spokeo","article_publisher":"https:\/\/www.facebook.com\/Spokeo\/","article_published_time":"2021-01-21T22:20:49+00:00","article_modified_time":"2022-09-05T20:02:50+00:00","og_image":[{"width":621,"height":414,"url":"https:\/\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg","type":"image\/jpeg"}],"author":"Olivia Tighe","twitter_card":"summary_large_image","twitter_creator":"@Spokeo","twitter_site":"@Spokeo","twitter_misc":{"Written by":"Olivia Tighe","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/","url":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/","name":"A Guide to Terraform Pre-Commit Hooks - The Compass Blog | Digital Identity and People Search | Spokeo","isPartOf":{"@id":"https:\/\/www.spokeo.com\/compass\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage"},"image":{"@id":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1","datePublished":"2021-01-21T22:20:49+00:00","dateModified":"2022-09-05T20:02:50+00:00","author":{"@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/79de1b18e01fb71637ea971e65b66b34"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/a-guide-to-terraform-pre-commit-hooks\/#primaryimage","url":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1","width":621,"height":414},{"@type":"WebSite","@id":"https:\/\/www.spokeo.com\/compass\/#website","url":"https:\/\/www.spokeo.com\/compass\/","name":"The Compass Blog | Digital Identity and People Search | Spokeo","description":"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/79de1b18e01fb71637ea971e65b66b34","name":"Olivia Tighe","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5147448fc308e61aecaa6782b45b69738d5ed842652b02bffc24ca6e0a7a1911?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5147448fc308e61aecaa6782b45b69738d5ed842652b02bffc24ca6e0a7a1911?s=96&r=g","caption":"Olivia Tighe"},"url":"https:\/\/www.spokeo.com\/compass\/author\/olivia\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/Tech-Blog-Header-1-scaled.jpg?fit=621%2C414&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p8V62u-60S","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/23118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/users\/88"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/comments?post=23118"}],"version-history":[{"count":1,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/23118\/revisions"}],"predecessor-version":[{"id":23320,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/23118\/revisions\/23320"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/media\/23444"}],"wp:attachment":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/media?parent=23118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/categories?post=23118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/tags?post=23118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}