Automatic terraform linting with reviewdog and tflint

Introduction

In this article we will test how to lint and get automatic checks in our github pull requests for our terraform code using reviewdog and the tflint github action, this is particularly useful to prevent unwanted changes or buggy commits to be merged into your principal branch whatever that is. In order for this to work you just need to configure a Github action in your repo and that’s it, you don’t need to generate any token or do any extra step.

In order to make the example easier I have created this repo with the basic configuration to make it work.

Terraform

First of all we need to get our terraform code, as you can see it’s a simple ec2 instance in AWS, but the instance type doesn’t exist, we will fix that in a bit.

Github Workflow

Since we’re using Github we can take advantage of Actions in order to run a linter for our code and mark our PR if something is wrong.

Example PR

First we will run a PR with an issue to see it fail and how reporting works (To get here you can click in the checks tab in the PR and then the tflint step see here).

One that actually works

Since we already tested it and it failed as expected we can now fix it, and now that reviewdog and tflint are happy with our commit we can just merge it (just change t1 to t2 in the main.tf file).

Closing notes

For me this seems particularly useful because it can catch a lot of errors that sometimes are hard for the eye to catch, specially when we are talking of typos, it’s also a good practice to lint your code so there you go, I hope you give this a shot and have in mind that reviewdog can review a lot of different languages, I just picked terraform because it’s what I’m using the most lately.

Errata

If you spot any error or have any suggestion, please send me a message so it gets fixed.

Also, you can check the source code and changes in the generated code and the sources here