Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Code Quality for Terraform

Kerim Satirli
PRO
July 25, 2020
Programming
1
370

Code Quality for Terraform

In this talk, I look at some ways to improve the code quality of your Terraform repositories.

This version of the presentation was given at a virtual event for the Bangalore HashiCorp User Group in July 2020.

---

Companion Code: github.com/ksatirli/code-quality-for-terraform

Kerim Satirli
PRO

July 25, 2020
Tweet

More Decks by Kerim Satirli

See All by Kerim Satirli
Event-driven Access Controls
ksatirli
PRO
0
16
Securing IaC Workflows
ksatirli
PRO
0
120
Better Reliability through Observability (and Experimentation)
ksatirli
PRO
1
520
Strengthening your DevOps muscle
ksatirli
PRO
1
2k
Building Infrastructure you can (mostly) trust
ksatirli
PRO
0
160
Enhancing Infrastructure Lifecycles
ksatirli
PRO
0
94
Cloud Cost Optimisation
ksatirli
PRO
2
110
Testable - Trustable
ksatirli
PRO
1
74
Reusable Infrastructure with Terraform
ksatirli
PRO
1
83

Other Decks in Programming

See All in Programming
モバイルアプリの行動ログの「仕込み」を快適にする / iOSDC Japan 2022 - Mobile App Logging
yujif
1
1.8k
Webフロントエンドと アーキテクチャ事情の持論を喋る
ahomu
2
770
PiPを応用した配信コメントバー機能の開発秘話と技術の詳解 / pip_streaming_comment_bar
narujpn
1
190
OpenAPIで 楽に始めるスキーマ駆動開発実践論 - PHP Conference 2022
komtaki
0
110
Create my own search engine.
m_seki
0
520
SwiftUI Navigation のすべて
kalupas226
8
2.9k
String meets Encoding
ima1zumi
2
1.1k
Swift Concurrency時代のiOSアプリの作り方
koher
13
950
I shall define this only once
freekmurze
0
210
react-reconcilerでオレオレReact Nativeを作ろう!
kwzr
0
210
可觀測性(Observability)的實踐
marcustung
0
1.5k
2年かけました!大規模サービスをJava製CMSからPHP+Laravelの構成にリプレイスし、運用している話 / Replaced service from Java CMS to PHP and Laravel architecture
yumechi
0
170

Featured

See All Featured
How GitHub (no longer) Works
holman
298
140k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
174
8.7k
The Web Native Designer (August 2011)
paulrobertlloyd
75
2k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
21
1.5k
Building Applications with DynamoDB
mza
84
4.8k
Music & Morning Musume
bryan
35
4.4k
Adopting Sorbet at Scale
ufuk
65
7.6k
Support Driven Design
roundedbygravity
87
8.7k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
15k
Designing the Hi-DPI Web
ddemaree
273
32k
Atom: Resistance is Futile
akmur
255
23k
Bash Introduction
62gerente
598
210k

Transcript

  1. Copyright © 2020 HashiCorp Code Quality for Terraform

  2. Kerim Satirli (He/Him) Developer Advocate at HashiCorp

  3. @ksatirli on GitHub and Twitter Developer Advocate at HashiCorp

  4. Agenda Terraform-native terraform fmt and terraform validate TFLint and pre-commit

    Local options to improve code GitHub Actions Validate code on git push

  5. Terraform-native code quality tools

  6. Command: terraform fmt TERMINAL > terraform fmt provider.tf terraform.tf

  7. Command: terraform validate TERMINAL > terraform validate Success! The configuration

    is valid.

  8. TFLint

  9. TFLint .tflint.hcl rule "terraform_required_providers" { enabled = true } rule

    "terraform_required_version" { enabled = true } rule "terraform_naming_convention" { enabled = true format = "snake_case" }

  10. Command: tflint TERMINAL > tflint 1 issue(s) found: Warning: data

    "google_projects" "projects" is declared but not used (terraform_unused_declarations) on data-sources.tf line 11: 11: data "google_projects" "projects" {

  11. pre-commit

  12. pre-commit .pre-commit-config.yaml --- fail_fast: true minimum_pre_commit_version: "2.6.0" repos: - repo:

    https://github.com/antonbabenko/pre-commit-terraform rev: v1.31.0 hooks: - id: terraform_fmt - id: terraform_validate

  13. Command: pre-commit run TERMINAL > pre-commit run --all-files Terraform fmt............................................Passed

    Terraform validate.......................................Passed Check for added large files..............................Passed Check for case conflicts.................................Passed Check for merge conflicts................................Passed Check that executables have shebangs....................Skipped Check JSON..............................................Skipped Check for merge conflicts................................Passed Check for broken symlinks...............................Skipped Check vcs permalinks.....................................Passed markdownlint.............................................Passed

  14. GitHub Actions

  15. GitHub Actions .github/workflows/terraform.yml --- name: "Code Quality: Terraform" on: push:

    pull_request: env: # `AWS_REGION` must be specified for `terraform validate` AWS_REGION: "xx-xxxx-0" ...

  16. GitHub Actions .github/workflows/terraform.yml ... jobs: terraform: name: Terraform runs-on: ubuntu-latest

    steps: - name: Checkout Repository uses: actions/checkout@v2 with: fetch-depth: 1 ...

  17. GitHub Actions .github/workflows/terraform.yml ... - name: Setup Terraform uses: hashicorp/setup-terraform@v1

    with: terraform_version: "0.12.29" ...

  18. GitHub Actions .github/workflows/terraform.yml ... - name: Run `terraform fmt` run:

    terraform fmt -diff -check -no-color -recursive - name: Run `terraform init` run: terraform init - name: Run `terraform validate` run: terraform validate -no-color

  19. GitHub Actions hashi.co/tf-code-quality-gha

  20. Review ▪ built-in options: fmt and validate ▪ local options:

    TFLint and pre-commit ▪ remote options: GitHub Actions

  21. Materials ▪ slides: hashi.co/tf-code-quality ▪ code: hashi.co/tf-code-quality-code ▪ forums: hashi.co/tf-forum

  22. Thank You kerim@hashicorp.com