Managing infrastructure can be an overtly daunting task made no less confusing by having a big spaghetti codebase. In order to maintain a high standard of code you can implement a number of easy checks in your deployment pipeline.
jobs:
terraform_fmt:
name: "Terraform fmt"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ...
cli_config_credentials_token: ...
- name: Terraform fmt
id: fmt
run: terraform fmt -check -recursive
documentation
terraform_lint:
name: "Terraform Lint"
needs: [terraform_fmt]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup tflint
run: |
curl -s https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
tflint --init
- name: Run tflint
run: |
tflint --recursive --config "$(pwd)/.tflint.hcl"
documentation
An example config for tflint using .tflint.hcl
plugin "aws" {
enabled = true
version = "0.26.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}
rule "terraform_naming_convention" {
enabled = true
}