Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Code Quality for Terraform

Code Quality for Terraform

In this talk, I look at some ways to improve the code quality of your Terraform repositories.

This version of the presentation was given at a virtual event for the Bangalore HashiCorp User Group in July 2020.

---

Companion Code: github.com/ksatirli/code-quality-for-terraform

Kerim Satirli
PRO

July 25, 2020
Tweet

More Decks by Kerim Satirli

Other Decks in Programming

Transcript

  1. Copyright © 2020 HashiCorp Code Quality for Terraform

  2. Kerim Satirli (He/Him) Developer Advocate at HashiCorp

  3. @ksatirli on GitHub and Twitter Developer Advocate at HashiCorp

  4. Agenda Terraform-native terraform fmt and terraform validate TFLint and pre-commit

    Local options to improve code GitHub Actions Validate code on git push
  5. Terraform-native code quality tools

  6. Command: terraform fmt TERMINAL > terraform fmt provider.tf terraform.tf

  7. Command: terraform validate TERMINAL > terraform validate Success! The configuration

    is valid.
  8. TFLint

  9. TFLint .tflint.hcl rule "terraform_required_providers" { enabled = true } rule

    "terraform_required_version" { enabled = true } rule "terraform_naming_convention" { enabled = true format = "snake_case" }
  10. Command: tflint TERMINAL > tflint 1 issue(s) found: Warning: data

    "google_projects" "projects" is declared but not used (terraform_unused_declarations) on data-sources.tf line 11: 11: data "google_projects" "projects" {
  11. pre-commit

  12. pre-commit .pre-commit-config.yaml --- fail_fast: true minimum_pre_commit_version: "2.6.0" repos: - repo:

    https://github.com/antonbabenko/pre-commit-terraform rev: v1.31.0 hooks: - id: terraform_fmt - id: terraform_validate
  13. Command: pre-commit run TERMINAL > pre-commit run --all-files Terraform fmt............................................Passed

    Terraform validate.......................................Passed Check for added large files..............................Passed Check for case conflicts.................................Passed Check for merge conflicts................................Passed Check that executables have shebangs....................Skipped Check JSON..............................................Skipped Check for merge conflicts................................Passed Check for broken symlinks...............................Skipped Check vcs permalinks.....................................Passed markdownlint.............................................Passed
  14. GitHub Actions

  15. GitHub Actions .github/workflows/terraform.yml --- name: "Code Quality: Terraform" on: push:

    pull_request: env: # `AWS_REGION` must be specified for `terraform validate` AWS_REGION: "xx-xxxx-0" ...
  16. GitHub Actions .github/workflows/terraform.yml ... jobs: terraform: name: Terraform runs-on: ubuntu-latest

    steps: - name: Checkout Repository uses: actions/checkout@v2 with: fetch-depth: 1 ...
  17. GitHub Actions .github/workflows/terraform.yml ... - name: Setup Terraform uses: hashicorp/setup-terraform@v1

    with: terraform_version: "0.12.29" ...
  18. GitHub Actions .github/workflows/terraform.yml ... - name: Run `terraform fmt` run:

    terraform fmt -diff -check -no-color -recursive - name: Run `terraform init` run: terraform init - name: Run `terraform validate` run: terraform validate -no-color
  19. GitHub Actions hashi.co/tf-code-quality-gha

  20. Review ▪ built-in options: fmt and validate ▪ local options:

    TFLint and pre-commit ▪ remote options: GitHub Actions
  21. Materials ▪ slides: hashi.co/tf-code-quality ▪ code: hashi.co/tf-code-quality-code ▪ forums: hashi.co/tf-forum

  22. Thank You kerim@hashicorp.com