Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Code Quality for Terraform

Code Quality for Terraform

In this talk, I look at some ways to improve the code quality of your Terraform repositories.

This version of the presentation was given at a virtual event for the Bangalore HashiCorp User Group in July 2020.

Avatar for Kerim Satirli

Kerim Satirli

July 25, 2020
Tweet

Resources

More Decks by Kerim Satirli

Other Decks in Technology

Transcript

  1. Agenda Terraform-native terraform fmt and terraform validate TFLint and pre-commit

    Local options to improve code GitHub Actions Validate code on git push
  2. TFLint .tflint.hcl rule "terraform_required_providers" { enabled = true } rule

    "terraform_required_version" { enabled = true } rule "terraform_naming_convention" { enabled = true format = "snake_case" }
  3. Command: tflint TERMINAL > tflint 1 issue(s) found: Warning: data

    "google_projects" "projects" is declared but not used (terraform_unused_declarations) on data-sources.tf line 11: 11: data "google_projects" "projects" {
  4. pre-commit .pre-commit-config.yaml --- fail_fast: true minimum_pre_commit_version: "2.6.0" repos: - repo:

    https://github.com/antonbabenko/pre-commit-terraform rev: v1.31.0 hooks: - id: terraform_fmt - id: terraform_validate
  5. Command: pre-commit run TERMINAL > pre-commit run --all-files Terraform fmt............................................Passed

    Terraform validate.......................................Passed Check for added large files..............................Passed Check for case conflicts.................................Passed Check for merge conflicts................................Passed Check that executables have shebangs....................Skipped Check JSON..............................................Skipped Check for merge conflicts................................Passed Check for broken symlinks...............................Skipped Check vcs permalinks.....................................Passed markdownlint.............................................Passed
  6. GitHub Actions .github/workflows/terraform.yml --- name: "Code Quality: Terraform" on: push:

    pull_request: env: # `AWS_REGION` must be specified for `terraform validate` AWS_REGION: "xx-xxxx-0" ...
  7. GitHub Actions .github/workflows/terraform.yml ... jobs: terraform: name: Terraform runs-on: ubuntu-latest

    steps: - name: Checkout Repository uses: actions/checkout@v2 with: fetch-depth: 1 ...
  8. GitHub Actions .github/workflows/terraform.yml ... - name: Run `terraform fmt` run:

    terraform fmt -diff -check -no-color -recursive - name: Run `terraform init` run: terraform init - name: Run `terraform validate` run: terraform validate -no-color
  9. Review ▪ built-in options: fmt and validate ▪ local options:

    TFLint and pre-commit ▪ remote options: GitHub Actions