Feature Request: Add support for the pre-commit framework

[dontirun]

The pre-commit framework is a commonly used tool to create git hooks for code validation. Other AWS tools such as cfn-python-lint provide support for the framework

[nathanataws]

This is very reasonable ask. We're looking at integrations right now. We'll pull this into that discussion.

[johnttompkins]

Looks like pre-commit natively supports rust as a buildable language plugin. If this is the case, this should be straightforward to offer.

[benbridts]

There are still some hurdles (at least the last time I tried):

• You need to have rust installed (not much to do about that, and you can install cfn-guard yourself and use the system "language")
• pre-commit passes all matching files on one invocation (or at least does so by default). I couldn't get it to invoke cfn-guard multiple times (that's why I created [Enhancement] Run cfn-guard check without parameters #62 )

[barnesrobert]

+1 to this issue. Pre-commits are a vital way of remediating latent vulnerabilities before they're committed.

[kgrvamsi]

Do we have any update on this Feature request to support pre-commit hooks?

[kgrvamsi]

if the project already have a .pre-commit-confg.yaml i see the below config works

  - repo: local
    hooks:
      - id: cfn-guard
        name: Run Cfn Guard
        language: system
        entry: "cfn-guard validate -r ./cfn-rules/cloudformation/aws/ --data ./cdk.out/"
        pass_filenames: false
       

[joshfried-aws]

Hi @kgrvamsi we do not have any updates here yet.