From 5dbbaa039cb083808287d6871e35b5935f108bb3 Mon Sep 17 00:00:00 2001
From: Julien Rottenberg <julien@rottenberg.info>
Date: Sun, 30 Jan 2022 17:35:02 -0800
Subject: [PATCH] feat: tfupdate support

---
 .pre-commit-hooks.yaml          |  9 +++++
 CHANGELOG.md                    |  2 +-
 README.md                       | 68 ++++++++++++++++++++++-----------
 hooks/__init__.py               |  4 --
 hooks/terraform_docs_replace.py |  4 ++
 hooks/tfupdate.py               | 28 ++++++++++++++
 setup.py                        |  1 +
 7 files changed, 89 insertions(+), 27 deletions(-)
 create mode 100644 hooks/tfupdate.py

diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml
index 2ec99d792..13a8a40b8 100644
--- a/.pre-commit-hooks.yaml
+++ b/.pre-commit-hooks.yaml
@@ -111,3 +111,12 @@
   files: \.tf$
   exclude: \.terraform\/.*$
   require_serial: true
+
+- id: tfupdate
+  name: tfupdate
+  description: Runs tfupdate on Terraform templates.
+  language: python
+  entry: hook_tfupdate
+  require_serial: true
+  always_run: true
+  pass_filenames: false
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0766df9c1..9c2e1370c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -303,7 +303,7 @@ All notable changes to this project will be documented in this file.
 
 - fix: Change terraform_validate hook functionality for subdirectories with terraform files ([#100](https://github.com/antonbabenko/pre-commit-terraform/issues/100))
 
-### 
+###
 
 configuration for the appropriate working directory.
 
diff --git a/README.md b/README.md
index 87a038494..77eb43e31 100644
--- a/README.md
+++ b/README.md
@@ -25,27 +25,29 @@ If you are using `pre-commit-terraform` already or want to support its developme
 
 ## Table of content
 
-* [Sponsors](#sponsors)
-* [Table of content](#table-of-content)
-* [How to install](#how-to-install)
-  * [1. Install dependencies](#1-install-dependencies)
-  * [2. Install the pre-commit hook globally](#2-install-the-pre-commit-hook-globally)
-  * [3. Add configs and hooks](#3-add-configs-and-hooks)
-  * [4. Run](#4-run)
-* [Available Hooks](#available-hooks)
-* [Hooks usage notes and examples](#hooks-usage-notes-and-examples)
-  * [checkov](#checkov)
-  * [infracost_breakdown](#infracost_breakdown)
-  * [terraform_docs](#terraform_docs)
-  * [terraform_docs_replace (deprecated)](#terraform_docs_replace-deprecated)
-  * [terraform_fmt](#terraform_fmt)
-  * [terraform_providers_lock](#terraform_providers_lock)
-  * [terraform_tflint](#terraform_tflint)
-  * [terraform_tfsec](#terraform_tfsec)
-  * [terraform_validate](#terraform_validate)
-  * [terrascan](#terrascan)
-* [Authors](#authors)
-* [License](#license)
+- [Collection of git hooks for Terraform to be used with pre-commit framework](#collection-of-git-hooks-for-terraform-to-be-used-with-pre-commit-framework)
+  - [Sponsors](#sponsors)
+  - [Table of content](#table-of-content)
+  - [How to install](#how-to-install)
+    - [1. Install dependencies](#1-install-dependencies)
+    - [2. Install the pre-commit hook globally](#2-install-the-pre-commit-hook-globally)
+    - [3. Add configs and hooks](#3-add-configs-and-hooks)
+    - [4. Run](#4-run)
+  - [Available Hooks](#available-hooks)
+  - [Hooks usage notes and examples](#hooks-usage-notes-and-examples)
+    - [checkov](#checkov)
+    - [infracost_breakdown](#infracost_breakdown)
+    - [terraform_docs](#terraform_docs)
+    - [terraform_docs_replace (deprecated)](#terraform_docs_replace-deprecated)
+    - [terraform_fmt](#terraform_fmt)
+    - [terraform_providers_lock](#terraform_providers_lock)
+    - [terraform_tflint](#terraform_tflint)
+    - [terraform_tfsec](#terraform_tfsec)
+    - [terraform_validate](#terraform_validate)
+    - [terrascan](#terrascan)
+    - [tfupdate](#tfupdate)
+  - [Authors](#authors)
+  - [License](#license)
 
 ## How to install
 
@@ -224,7 +226,8 @@ There are several [pre-commit](https://pre-commit.com/) hooks to keep Terraform
 | `terraform_validate`                                   | Validates all Terraform configuration files. [Hook notes](#terraform_validate)                                                                                                                                                               | -                                                                                    |
 | `terragrunt_fmt`                                       | Reformat all [Terragrunt](https://github.com/gruntwork-io/terragrunt) configuration files (`*.hcl`) to a canonical format.                                                                                                                   | `terragrunt`                                                                         |
 | `terragrunt_validate`                                  | Validates all [Terragrunt](https://github.com/gruntwork-io/terragrunt) configuration files (`*.hcl`)                                                                                                                                         | `terragrunt`                                                                         |
-| `terrascan`                                            | [terrascan](https://github.com/accurics/terrascan) Detect compliance and security violations. [Hook notes](#terrascan)                                                                                                                                               | `terrascan`                                                                          |
+| `terrascan`                                            | [terrascan](https://github.com/accurics/terrascan) Detect compliance and security violations. [Hook notes](#terrascan)                                                                                                                       | `terrascan`                                                                          |
+| `tfupdate`                                             | [tfupdate](https://github.com/minamijoyo/tfupdate) Update version constraints of Terraform core, providers, and modules. [Hook notes](#tfupdate)                                                                                             | `tfupdate`                                                                           |
 <!-- markdownlint-enable no-inline-html -->
 
 Check the [source file](https://github.com/antonbabenko/pre-commit-terraform/blob/master/.pre-commit-hooks.yaml) to know arguments used for each hook.
@@ -617,6 +620,27 @@ Example:
 3. Use `--skip-rules="ruleID1,ruleID2"` parameter to skip one or more rules globally while scanning (e.g.: `--args=--skip-rules="ruleID1,ruleID2"`).
 4. Use the syntax `#ts:skip=RuleID optional_comment` inside a resource to skip the rule for that resource.
 
+### tfupdate
+
+Out of the box tfupdate will pin the terraform version
+
+```yaml
+      - id: tfupdate
+  ```
+
+  But you can pass `tfupdate` custom commands like `provider ${PROVIDER_NAME}` :
+
+```yaml
+    - id: tfupdate
+      name: tfupdate terraform
+    - id: tfupdate
+      name: tfupdate provider vsphere
+      args:
+        - provider
+        - vsphere
+```
+See the `tfupdate --help` command line help for available options. No need to pass `--recursive .` , it is added automatically
+
 ## Authors
 
 This repository is managed by [Anton Babenko](https://github.com/antonbabenko) with help from these awesome contributors:
diff --git a/hooks/__init__.py b/hooks/__init__.py
index ff01067a9..e69de29bb 100644
--- a/hooks/__init__.py
+++ b/hooks/__init__.py
@@ -1,4 +0,0 @@
-print(
-    '`terraform_docs_replace` hook is DEPRECATED.'
-    'For details, see https://github.com/antonbabenko/pre-commit-terraform/issues/248'
-)
diff --git a/hooks/terraform_docs_replace.py b/hooks/terraform_docs_replace.py
index a9cf6c9bc..4f884f4ad 100644
--- a/hooks/terraform_docs_replace.py
+++ b/hooks/terraform_docs_replace.py
@@ -53,4 +53,8 @@ def main(argv=None):
 
 
 if __name__ == '__main__':
+    print(
+        '`terraform_docs_replace` hook is DEPRECATED.'
+        'For details, see https://github.com/antonbabenko/pre-commit-terraform/issues/248'
+    )
     sys.exit(main())
diff --git a/hooks/tfupdate.py b/hooks/tfupdate.py
new file mode 100644
index 000000000..2022efd60
--- /dev/null
+++ b/hooks/tfupdate.py
@@ -0,0 +1,28 @@
+import subprocess
+import sys
+
+
+def main(argv=None):
+    args = sys.argv
+    del args[0]
+
+    retval = 0
+    procArgs = []
+    procArgs.append("tfupdate")
+    if len(args) == 0:
+        args = ['terraform']
+    procArgs += args
+    procArgs.append('-r')
+    procArgs.append('.')
+
+    try:
+
+        subprocess.check_call(procArgs)
+    except subprocess.CalledProcessError as e:
+        print(e)
+        retval = 1
+    return retval
+
+
+if __name__ == '__main__':
+    sys.exit(main())
diff --git a/setup.py b/setup.py
index 2d88425b9..b84b44c06 100644
--- a/setup.py
+++ b/setup.py
@@ -28,6 +28,7 @@
     entry_points={
         'console_scripts': [
             'terraform_docs_replace = hooks.terraform_docs_replace:main',
+            'hook_tfupdate = hooks.tfupdate:main',
         ],
     },
 )