feat: Add infracost_breakdown hook (#252)

.github/CONTRIBUTING.md

@@ -12,6 +12,11 @@ Enjoy the clean, valid, and documented code!
   * [Run via Docker](#run-via-docker)
   * [Check results](#check-results)
   * [Cleanup](#cleanup)
+* [Add new hook](#add-new-hook)
+  * [Before write code](#before-write-code)
+  * [Prepare basic documentation](#prepare-basic-documentation)
+  * [Add code](#add-code)
+  * [Finish with the documentation](#finish-with-the-documentation)
 
 ## Run and debug hooks locally
 
@@ -41,14 +46,15 @@ For example, to test that the [`terraform_fmt`](../README.md#terraform_fmt) hook
 To check is your improvement not violate performance, we have dummy execution time tests.
 
 Script accept next options:
-
+<!-- markdownlint-disable no-inline-html -->
 | #   | Name                               | Example value                                                            | Description                                          |
 | --- | ---------------------------------- | ------------------------------------------------------------------------ | ---------------------------------------------------- |
 | 1   | `TEST_NUM`                         | `200`                                                                   | How many times need repeat test                      |
 | 2   | `TEST_COMMAND`                     | `'pre-commit try-repo -a /tmp/159/pre-commit-terraform terraform_tfsec'` | Valid pre-commit command                             |
 | 3   | `TEST_DIR`                         | `'/tmp/infrastructure'`                                                  | Dir on what you run tests.                           |
 | 4   | `TEST_DESCRIPTION`                 | ```'`terraform_tfsec` PR #123:'```                                       | Text that you'd like to see in result                |
 | 5   | `RAW_TEST_`<br>`RESULTS_FILE_NAME` | `terraform_tfsec_pr123`                                                  | (Temporary) File where all test data will be stored. |
+<!-- markdownlint-enable no-inline-html -->
 
 ### Run via BASH
 
@@ -87,3 +93,46 @@ Results will be located at `./test/results` dir.
 ```bash
 sudo rm -rf tests/results
 ```
+
+## Add new hook
+
+You can use [this PR](https://github.com/antonbabenko/pre-commit-terraform/pull/252) as an example.
+
+### Before write code
+
+1. Try to figure out future hook usage.
+2. Confirm the concept with [Anton Babenko](https://github.com/antonbabenko).
+
+### Prepare basic documentation
+
+1. Identify and describe dependencies in [Install dependencies](../README.md#1-install-dependencies) and [Available Hooks](../README.md#available-hooks) sections
+
+### Add code
+
+1. Based on prev. block, add hook dependencies installation to [Dockerfile](../Dockerfile).  
+    Check that works:
+    * `docker build -t pre-commit --build-arg INSTALL_ALL=true .`
+    * `docker build -t pre-commit --build-arg <NEW_HOOK>_VERSION=latest .`
+    * `docker build -t pre-commit --build-arg <NEW_HOOK>_VERSION=<1.2.3> .`
+2. Add new hook to [`.pre-commit-hooks.yaml`](../.pre-commit-hooks.yaml)
+3. Create hook file. Don't forget to make it executable via `chmod +x /path/to/hook/file`.
+4. Test hook. How to do it is described in [Run and debug hooks locally](#run-and-debug-hooks-locally) section.
+5. Test hook one more time.
+    1. Push commit with hook file to GitHub
+    2. Grab SHA hash of the commit
+    3. Test hook using `.pre-commit-config.yaml`:
+
+        ```yaml
+        repos:
+        - repo: https://github.com/antonbabenko/pre-commit-terraform # Your repo
+        rev: 3d76da3885e6a33d59527eff3a57d246dfb66620 # Your commit SHA
+        hooks:
+          - id: terraform_docs # New hook name
+            args:
+              - --args=--config=.terraform-docs.yml # Some args that you'd like to test
+        ```
+
+### Finish with the documentation
+
+1. Add hook description to [Available Hooks](../README.md#available-hooks).
+2. Create and populate a new hook section in [Hooks usage notes and examples](../README.md#hooks-usage-notes-and-examples).

.pre-commit-hooks.yaml

@@ -1,3 +1,12 @@
+- id: infracost_breakdown
+  name: Infracost breakdown
+  description: Check terraform infrastructure cost
+  entry: infracost_breakdown.sh
+  language: script
+  require_serial: true
+  files: \.(tf(vars)?|hcl)$
+  exclude: \.terraform\/.*$
+
 - id: terraform_fmt
   name: Terraform fmt
   description: Rewrites all Terraform configuration files to a canonical format.

Dockerfile

@@ -11,7 +11,9 @@ RUN apt update && \
         software-properties-common \
         curl \
         python3 \
-        python3-pip && \
+        python3-pip \
+        # infracost deps
+        jq && \
     # Upgrade pip for be able get latest Checkov
     python3 -m pip install --upgrade pip && \
     # Cleanup
@@ -41,6 +43,7 @@ RUN curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - && \
 WORKDIR /bin_dir
 
 ARG CHECKOV_VERSION=${CHECKOV_VERSION:-false}
+ARG INFRACOST_VERSION=${INFRACOST_VERSION:-false}
 ARG TERRAFORM_DOCS_VERSION=${TERRAFORM_DOCS_VERSION:-false}
 ARG TERRAGRUNT_VERSION=${TERRAGRUNT_VERSION:-false}
 ARG TERRASCAN_VERSION=${TERRASCAN_VERSION:-false}
@@ -54,6 +57,7 @@ ARG TFSEC_VERSION=${TFSEC_VERSION:-false}
 ARG INSTALL_ALL=${INSTALL_ALL:-false}
 RUN if [ "$INSTALL_ALL" != "false" ]; then \
         echo "export CHECKOV_VERSION=latest" >> /.env && \
+        echo "export INFRACOST_VERSION=latest" >> /.env && \
         echo "export TERRAFORM_DOCS_VERSION=latest" >> /.env && \
         echo "export TERRAGRUNT_VERSION=latest" >> /.env && \
         echo "export TERRASCAN_VERSION=latest" >> /.env && \
@@ -73,6 +77,16 @@ RUN . /.env && \
     ) \
     ; fi
 
+# infracost
+RUN . /.env && \
+    if [ "$INFRACOST_VERSION" != "false" ]; then \
+    ( \
+        INFRACOST_RELEASES="https://api.github.com/repos/infracost/infracost/releases" && \
+        [ "$INFRACOST_VERSION" = "latest" ] && curl -L "$(curl -s ${INFRACOST_RELEASES}/latest | grep -o -E -m 1 "https://.+?-linux-amd64.tar.gz")" > infracost.tgz \
+        || curl -L "$(curl -s ${INFRACOST_RELEASES} | grep -o -E "https://.+?v${INFRACOST_VERSION}/infracost-linux-amd64.tar.gz")" > infracost.tgz \
+    ) && tar -xzf infracost.tgz && rm infracost.tgz && mv infracost-linux-amd64 infracost \
+    ; fi
+
 # Terraform docs
 RUN . /.env && \
     if [ "$TERRAFORM_DOCS_VERSION" != "false" ]; then \
@@ -131,6 +145,7 @@ RUN . /.env && \
     pre-commit --version >> $F && \
     terraform --version | head -n 1 >> $F && \
     (if [ "$CHECKOV_VERSION"        != "false" ]; then echo "checkov $(checkov --version)" >> $F;     else echo "checkov SKIPPED" >> $F       ; fi) && \
+    (if [ "$INFRACOST_VERSION"      != "false" ]; then echo "$(./infracost --version)" >> $F;         else echo "infracost SKIPPED" >> $F     ; fi) && \
     (if [ "$TERRAFORM_DOCS_VERSION" != "false" ]; then ./terraform-docs --version >> $F;              else echo "terraform-docs SKIPPED" >> $F; fi) && \
     (if [ "$TERRAGRUNT_VERSION"     != "false" ]; then ./terragrunt --version >> $F;                  else echo "terragrunt SKIPPED" >> $F    ; fi) && \
     (if [ "$TERRASCAN_VERSION"      != "false" ]; then echo "terrascan $(./terrascan version)" >> $F; else echo "terrascan SKIPPED" >> $F     ; fi) && \
@@ -159,10 +174,14 @@ COPY --from=builder \
     /usr/local/bin/pre-commit \
     /usr/bin/git \
     /usr/bin/git-shell \
+    /usr/bin/jq \
         /usr/bin/
 # Copy terrascan policies
 COPY --from=builder /root/ /root/
 
 ENV PRE_COMMIT_COLOR=${PRE_COMMIT_COLOR:-always}
 
+ENV INFRACOST_API_KEY=${INFRACOST_API_KEY:-}
+ENV INFRACOST_SKIP_UPDATE_CHECK=${INFRACOST_SKIP_UPDATE_CHECK:-false}
+
 ENTRYPOINT [ "pre-commit" ]