docs: add README for provider-pinned-versions hook

open-turo · Dec 10, 2024 · 0c930e3 · 0c930e3
1 parent 425fe53
commit 0c930e3
Show file tree

Hide file tree

Showing 2 changed files with 77 additions and 1 deletion.
diff --git a/hooks/provider-pinned-versions/README.md b/hooks/provider-pinned-versions/README.md
@@ -0,0 +1,77 @@
+# Provider Pinned Versions Hook
+
+This hook validates that all providers under the `required_providers` block of a Terraform configuration file have a pinned version.
+
+## Usage
+
+### cli
+
+```bash
+pre-commit run provider-pinned-versions --all-files
+```
+
+### pre-commit config
+
+```yaml
+repos:
+  - repo: https://github.com/open-turo/standards-terraform
+    hooks:
+      - id: provider-pinned-versions
+        files: ^terraform.tf$
+```
+
+## Examples of supported configurations
+
+### Standard pinned version
+
+```hcl
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "3.40.0"
+    }
+  }
+}
+```
+
+### Pre-release version
+
+```hcl
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "3.41.0-beta1"
+    }
+  }
+}
+```
+
+## Examples of unsupported configurations
+
+### Version constraints
+
+If the version contains any of the following constraint characters, `!~><`, the hook will fail.
+
+```hcl
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = ">= 3.40.0"
+    }
+  }
+}
+```
+
+```hcl
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "~> 3.40.0"
+    }
+  }
+}
+```
diff --git a/hooks/provider-pinned-versions/required_providers.awk b/hooks/provider-pinned-versions/required_providers.awk
@@ -5,7 +5,6 @@ BEGIN {
     brace_count = 0;
     version_prefix_regex = ".*version[[:space:]]+=[[:space:]]+";
     provider_prefix_regex = "[a-z_-]+[[:space:]]+=[[:space:]]+\{";
-    pinned_version_regex = "[0-9]+\.[0-9]+\.[0-9]+";
     version_constraints_regex = "[!~><]+";
 }