12

I'm hoping there is something to pick up when I have misspelled variables and comments to save me some time when I'm checking my code and reduce the potential for any errors.

I normally use IntelliJ IDE for Terraform on a MAC but also have VS code set up that I can use.

Is there a plugin for either I could use or even a different tool? I imaging variable might be difficult to lint due as I use underscores to separate words in my variable names so the tool would need to know to treat underscores as white space for linting purposes.

Improve this question
2

6 Answers 6

Reset to default
13

terraform fmt

The terraform fmt command is used to rewrite Terraform configuration files to a canonical format and style.

Improve this answer
5
  • 1
    I already use that. Commented Dec 6, 2020 at 21:34
  • Thanks anyway though. I'm after something to spell check for me. I use terraform fmt to formate run terraform plan to check it should run. But for spelling, I currently do git compare with branch then look through each bit I changed and copy all my comments and variable names I'm not 100% sure about to word and change any seportors for spaces then see if anything gets highlighted. It's just really not a time-efficient process for that part of it. Commented Dec 6, 2020 at 21:46
  • @doug it might be easier using an IDE that has spell check (or a plugin thereof). Commented Dec 9, 2020 at 21:00
  • The issue I had when I last tried that in VS code was the spell check plugin I used thought all the resources were misspelled as it couldn't pick out words separated by underscores. So I need it to treat - . and _ as if they were spaces so it can tell if the words separated by them are spelled correctly. Commented Dec 11, 2020 at 8:06
  • 1
    Sorry but this is not linting, this is putting something in canonical format as stated but it is not a linter Commented Jul 13, 2021 at 10:39
8

The tools that we have include in our Terraform pipelines to check code quality and best practises are;

  1. Tflint
  2. TFSec
  3. Checkov

This way any issues get highlighted early at the MR stage.

Improve this answer
2
  • 1
    this is the correct answer Commented Jul 13, 2021 at 10:39
  • 1
    you can also hook all these up with pre-commit, which is a really nice way to check a commit each time :) Commented Jul 13, 2021 at 10:41
1

VSCode has a Terraform Linter "l2fprod.terraform-fork" Have NOT tried it. Did a simple search terra + lint. HTH DrewBai

Improve this answer
1

You can use tflint project. It has lot of plugins for cloud providers. https://github.com/terraform-linters/tflint

Improve this answer
1

terraform fmt can generate git diff, so you can fix the linting automatically (given your files are added to the git repo) with terraform fmt -diff | git apply

Improve this answer
0

To go further and actually show what the change will do, after using linting as an initial gate (as other answers have mentioned how to do), I found what worked well as a quality gate was to perform a terraform plan (on a particular workspace that had the latest resources) without locking the state, e.g, using -lock=false. This tested that what an actual pull request would actually change and would not fail if there is a syntax error but also show to myself and whoever is reviewing the PR what the change would result in.

I also found if you want to lint a whole group of terraform workspaces a helpful tool is terragrunt. Running terragrunt run-all validate could validate all the workspaces that had a terragrunt.hcl file in it in 1 command.

I used this even before I passed my pull request onto others, creating a pull request early, pushing the code and let the pipeline validate things in the background while I'm also checking I have the best I could do at the same time.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.