.pre-commit-config.yaml

---
# yaml-language-server: $schema=https://json.schemastore.org/pre-commit-config.json
fail_fast: false

default_stages:
  - pre-commit
  - pre-push

repos:
  - repo: https://github.com/thlorenz/doctoc
    rev: v2.2.0
    hooks:
      - id: doctoc
        args:
          - --update-only
          - --maxlevel
          - "3"
          - --github
          - --notitle

  - repo: https://github.com/antonbabenko/pre-commit-terraform
    rev: v1.96.2
    hooks:
      - id: terraform_docs
        args:
          - --hook-config=--path-to-file=README.md
          - --args=--config=.terraform-docs.yaml
      - id: terraform_fmt
      - id: terraform_tflint
        args:
          - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl
      - id: terraform_trivy
      #   args:
      #     - --args=--config-file=__GIT_WORKING_DIR__/.tfsec.yaml

  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v5.0.0
    hooks:
      - id: check-merge-conflict
      - id: check-added-large-files
        exclude: "gotk-components.yaml"
        args:
          - --maxkb=200

      - id: check-case-conflict
      - id: check-executables-have-shebangs
      - id: check-json
      - id: check-symlinks
      - id: check-xml
      - id: detect-aws-credentials
        args:
          - --allow-missing-credentials
      - id: detect-private-key
      - id: end-of-file-fixer
      - id: fix-byte-order-marker
      - id: mixed-line-ending
        args:
          - --fix=auto
      - id: trailing-whitespace
        args:
          - --markdown-linebreak-ext=md

  - repo: https://github.com/adrienverge/yamllint
    rev: v1.35.1
    hooks:
      - id: yamllint
        args:
          - -c
          - .yamllint.yaml

  - repo: https://github.com/Lucas-C/pre-commit-hooks
    rev: v1.5.5
    hooks:
      - id: remove-crlf
      - id: remove-tabs

  - repo: https://github.com/sirosen/texthooks
    rev: 0.6.7
    hooks:
      - id: fix-smartquotes
      - id: fix-ligatures
      - id: forbid-bidi-controls

  - repo: https://github.com/igorshubovych/markdownlint-cli
    rev: v0.42.0
    hooks:
      - id: markdownlint-fix
        args:
          - --config
          - .markdownlint.yaml

  - repo: https://github.com/pre-commit/mirrors-prettier
    rev: v3.1.0
    hooks:
      - id: prettier
        args:
          - --ignore-path
          - .prettierignore
          - --config
          - .prettierrc.yaml

  - repo: https://github.com/k8s-at-home/sops-pre-commit
    rev: v2.1.1
    hooks:
      - id: forbid-secrets
        exclude: |
          (?x)^(
            kubernetes/kube-nas/apps/secops/vault-auth.yaml|
            kubernetes/talos-flux/apps/secops/vault-auth.yaml|
            kubernetes/talos-flux/apps/devops/tekton/triggers/interceptors.yaml|
            kubernetes/talos-flux/apps/devops/tekton/triggers/release.yaml
          )$()

  - repo: https://github.com/zricethezav/gitleaks
    rev: v8.21.2
    hooks:
      - id: gitleaks

  - repo: https://github.com/tarioch/flux-check-hook
    rev: v0.5.0
    hooks:
      - id: check-flux-helm-values
        exclude: |
          (?x)^(
            devenv/.*|
            kubernetes/talos-flux/apps/home-automation/esphome/app/config/.+.yaml|
            kubernetes/talos-flux/apps/home-automation/home-assistant/app/patches/db-init.yaml|
            kubernetes/talos-flux/apps/github/actions-runner-controller/.+/helm-release.yaml
          )$()