feat: Add support for pre-commit/pre-commit-hooks in Docker image

[Jno21]

Put an x into the box if that apply:

• This PR introduces breaking change.
• This PR fixes a bug.
• This PR adds new functionality.
• This PR enhances existing functionality.

Description of your changes

Fixes #359 :
Add alpine-sdk package so we are able to run third party checks. This is mostly to be able to run directly this docker image with checks coming from https://github.com/pre-commit/pre-commit-hooks since they are widely use in combination with pre-commit-terraform.

This is to avoid all the users of the community using pre-commit-terraform to build their own image on top of the one existing.

FIY: This was working before the v1.63.0. So I guess it is a change coming directly from the image of Python.

-->

How can we test changes

1. Create a .pre-commit-config.yaml file containing:

repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.2.0
    hooks:
      # Common errors
      - id: end-of-file-fixer
      - id: trailing-whitespace
        args: [--markdown-linebreak-ext=md]
      - id: check-yaml

      # Security
      - id: detect-aws-credentials
        args: ["--allow-missing-credentials"]
      - id: detect-private-key

  - repo: https://github.com/antonbabenko/pre-commit-terraform
    rev: v1.68.1
    hooks:
      - id: terraform_fmt
      - id: terraform_docs
      - id: terraform_tfsec
      - id: terraform_tflint
      - id: terraform_validate

2. Build the docker image using my branch docker build -t pre-commit-terraform --build-arg INSTALL_ALL=true .
3. Run it docker run -v $(pwd):/lint -it -w /lint pre-commit-terraform run -a

All the tests should run.

[yermulnik]

Should the comment be added to this line to align with how other packages in this block are described?

[Jno21]

I am not sure what you mean, do you mean should we add another comment to differentiate the hooks deps.

Suggested change

	alpine-sdk
	# Third party hooks deps
	alpine-sdk

Like this ?

[yermulnik]

Yep, that's what I mean. Thanks.

[MaxymVlasov]

1. alpine-sdk is a too big package. pre-commit "default" hooks need https://wiki.alpinelinux.org/wiki/GCC
2. Depending on what you use, you need different hooks and deps. I oppose adding half of the internet to the Docker image because some folks besides TF can use Golang, Python, Bash, Ruby, YAML, etc. in their IaC.

So, first of all, we need to understand what we'd like to support and how, because what I see in this PR is not really is:

Add alpine-sdk as package to be able to run third party hooks

[Jno21]

1. alpine-sdk is a too big package. pre-commit "default" hooks need https://wiki.alpinelinux.org/wiki/GCC
2. Depending on what you use, you need different hooks and deps. I oppose adding half of the internet to the Docker image because some folks besides TF can use Golang, Python, Bash, Ruby, YAML, etc. in their IaC.

So, first of all, we need to understand what we'd like to support and how, because what I see in this PR is not really is:

Add alpine-sdk as package to be able to run third party hooks

1. You are right, build-base is enough to make it works. I am can update my PR with only this if you want.
2. I totally agree with this point, I knew this can will create a debate, like I said in the issue. My point of view on the idea is not to supports everything since it would be unmaintainable.
   I think having at least support for hooks coming from https://github.com/pre-commit/pre-commit-hooks has some sense. They are belonging to the pre-commit, and they are widely use and can be useful with basic terraform projects.

It was working before with the image v1.62.3, even if it wasn't something that was specifically wanted for this image.

The question that I am asking then is could we support at least the hooks from https://github.com/pre-commit/pre-commit-hooks. That would be a huge gain for the community, since we we won't all need to create our own image on top.

I would understand any answer as I see the pros and cons adding this. We can discuss this further if you would like to.

[MaxymVlasov]

I suggest installing as minimum as possible deps.
Add all existing hooks in pre-commit-hooks to your test .pre-commit-config.yaml and try running them with gcc and musl-dev or libc-dev as suggested in the Alpine GCC article.

Let's find min req deps and add only them. With major version pining.

[Jno21]

Hi,

Thank you for your feedbacks. I update the PR so we only install musl-dev and gcc. I tested it with all the hooks and it seems to be working.

Tell me if you want me to change the title of the PR and rebase to only have one commit.

Thank you !

[antonbabenko]

This PR is included in version 1.70.0 🎉