cloudformation-guard icon indicating copy to clipboard operation
cloudformation-guard copied to clipboard
verified publisher icon aws-cloudformation

Feature Request: Add support for the pre-commit framework

Open dontirun opened this issue 5 years ago • 7 comments

The pre-commit framework is a commonly used tool to create git hooks for code validation. Other AWS tools such as cfn-python-lint provide support for the framework

dontirun avatar Jun 22 '20 22:06 dontirun

This is very reasonable ask. We're looking at integrations right now. We'll pull this into that discussion.

nathanataws avatar Jun 23 '20 20:06 nathanataws

Looks like pre-commit natively supports rust as a buildable language plugin. If this is the case, this should be straightforward to offer.

johnttompkins avatar Feb 25 '21 01:02 johnttompkins

There are still some hurdles (at least the last time I tried):

  • You need to have rust installed (not much to do about that, and you can install cfn-guard yourself and use the system "language")
  • pre-commit passes all matching files on one invocation (or at least does so by default). I couldn't get it to invoke cfn-guard multiple times (that's why I created #62 )

benbridts avatar Feb 25 '21 10:02 benbridts

+1 to this issue. Pre-commits are a vital way of remediating latent vulnerabilities before they're committed.

barnesrobert avatar Jun 01 '21 12:06 barnesrobert

Do we have any update on this Feature request to support pre-commit hooks?

kgrvamsi avatar Apr 26 '23 21:04 kgrvamsi

if the project already have a .pre-commit-confg.yaml i see the below config works

  - repo: local
    hooks:
      - id: cfn-guard
        name: Run Cfn Guard
        language: system
        entry: "cfn-guard validate -r ./cfn-rules/cloudformation/aws/ --data ./cdk.out/"
        pass_filenames: false

kgrvamsi avatar Apr 27 '23 17:04 kgrvamsi

Hi @kgrvamsi we do not have any updates here yet.

joshfried-aws avatar Jun 22 '23 12:06 joshfried-aws