Code Quality for Terraform

Transcript

1. Copyright © 2020 HashiCorp Code Quality for Terraform

2. Kerim Satirli (He/Him) Developer Advocate at HashiCorp

3. @ksatirli on GitHub and Twitter Developer Advocate at HashiCorp

4. Agenda Terraform-native terraform fmt and terraform validate TFLint and pre-commit

   Local options to improve code GitHub Actions Validate code on git push

5. Terraform-native code quality tools

6. Command: terraform fmt TERMINAL > terraform fmt provider.tf terraform.tf

7. Command: terraform validate TERMINAL > terraform validate Success! The configuration

   is valid.

8. TFLint

9. TFLint .tflint.hcl rule "terraform_required_providers" { enabled = true } rule

   "terraform_required_version" { enabled = true } rule "terraform_naming_convention" { enabled = true format = "snake_case" }

10. Command: tflint TERMINAL > tflint 1 issue(s) found: Warning: data

    "google_projects" "projects" is declared but not used (terraform_unused_declarations) on data-sources.tf line 11: 11: data "google_projects" "projects" {

11. pre-commit

12. pre-commit .pre-commit-config.yaml --- fail_fast: true minimum_pre_commit_version: "2.6.0" repos: - repo:

    https://github.com/antonbabenko/pre-commit-terraform rev: v1.31.0 hooks: - id: terraform_fmt - id: terraform_validate

13. Command: pre-commit run TERMINAL > pre-commit run --all-files Terraform fmt............................................Passed

    Terraform validate.......................................Passed Check for added large files..............................Passed Check for case conflicts.................................Passed Check for merge conflicts................................Passed Check that executables have shebangs....................Skipped Check JSON..............................................Skipped Check for merge conflicts................................Passed Check for broken symlinks...............................Skipped Check vcs permalinks.....................................Passed markdownlint.............................................Passed

14. GitHub Actions

15. GitHub Actions .github/workflows/terraform.yml --- name: "Code Quality: Terraform" on: push:

    pull_request: env: # `AWS_REGION` must be specified for `terraform validate` AWS_REGION: "xx-xxxx-0" ...

16. GitHub Actions .github/workflows/terraform.yml ... jobs: terraform: name: Terraform runs-on: ubuntu-latest

    steps: - name: Checkout Repository uses: actions/checkout@v2 with: fetch-depth: 1 ...

17. GitHub Actions .github/workflows/terraform.yml ... - name: Setup Terraform uses: hashicorp/setup-terraform@v1

    with: terraform_version: "0.12.29" ...

18. GitHub Actions .github/workflows/terraform.yml ... - name: Run `terraform fmt` run:

    terraform fmt -diff -check -no-color -recursive - name: Run `terraform init` run: terraform init - name: Run `terraform validate` run: terraform validate -no-color

19. GitHub Actions hashi.co/tf-code-quality-gha

20. Review ▪ built-in options: fmt and validate ▪ local options:

    TFLint and pre-commit ▪ remote options: GitHub Actions

21. Materials ▪ slides: hashi.co/tf-code-quality ▪ code: hashi.co/tf-code-quality-code ▪ forums: hashi.co/tf-forum

22. Thank You [email protected]