devopsinfra/action-tflint

Sponsored OSS

By DevOps Infra

โ€ขUpdated 4 days ago

GitHub Action that will run TFlint on Terraform files

Image
0

100K+

devopsinfra/action-tflint repository overview

โ ๐Ÿš€ GitHub Action linting Terraform files

GitHub Action that will run TFlint on Terraform files.

โ ๐Ÿ“ฆ Available on

โ โœจ Features

โ ๐Ÿ“Š Badges

GitHub repo GitHub last commit GitHub code size in bytes GitHub license โ 
DockerHub Docker version Image size Docker Pulls โ 

โ ๐Ÿท๏ธ Version Tags: vX, vX.Y, vX.Y.Z

This action supports three tag levels for flexible versioning:

  • vX: latest patch of the major version (e.g., v1).
  • vX.Y: latest patch of the minor version (e.g., v1.2).
  • vX.Y.Z: fixed to a specific release (e.g., v1.2.3).

โ ๐Ÿ“– API Reference

    - name: Run the Action
      uses: devops-infra/[email protected]
      with:
        dir_filter: modules
โ ๐Ÿ”ง Input Parameters
Input VariableRequiredDefaultDescription
dir_filterNo*Prefixes or sub-directories to search for Terraform modules. Use comma as separator.
fail_on_changesNotrueWhether TFLint should fail whole action.
tflint_configNo.tflint.hclLocation from repository root to TFLint config file. Disables tflint_params.
tflint_paramsNo``Parameters passed to TFLint binary. See TFLintโ  for details.
run_initNotrueWhether the action should run terraform init. Defaults to true.

โ ๐Ÿ’ป Usage Examples

โ ๐Ÿ“ Basic Example

By default fail if lint errors found in any subdirectory. Run the Action via GitHub.

name: Check TFLint
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v6

    - name: Check linting of Terraform files
      uses: devops-infra/[email protected]
โ ๐Ÿ”€ Advanced Example

Use different location for TFLint config file and parse only aws* and gcp* modules in modules/ directory. Run the Action via GitHub.

name: Check TFLint with custom config
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v6

    - name: Check linting of Terraform modules
      uses: devops-infra/[email protected]
      with:
        tflint_config: modules/.tflint.hcl
        dir_filter: modules/aws,modules/gcp
โ ๐Ÿ”€ Advanced Example

Use deep check (need cloud credentials) and treat all directories under modules as Terraform modules. Run the Action via DockerHub.

name: Check TFLint with custom config
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v6

    - name: Check linting of Terraform modules
      uses: devops-infra/[email protected]
      with:
        tflint_params: "--module --deep"
        dir_filter: modules
โ ๐ŸŽฏ Use specific version

Pick the tag level based on your stability needs:

  • vX.Y.Z: exact immutable release (most predictable)
  • vX.Y: latest patch within one minor line
  • vX: latest patch within one major line
name: Use pinned action version
on: [push]
jobs:
  tflint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6

      - uses: devops-infra/[email protected]
        id: pin-patch

      - uses: devops-infra/[email protected]
        id: pin-minor

      - uses: devops-infra/action-tflint@v1
        id: pin-major

โ ๐Ÿค Contributing

Contributions are welcome! See CONTRIBUTINGโ . This project is licensed under the MIT License - see the LICENSEโ  file for details.

โ ๐Ÿ“„ License

This project is licensed under the MIT License - see the LICENSEโ  file for details.

โ ๐Ÿ’ฌ Support

If you have any questions or need help, please:

  • ๐Ÿ“ Create an issueโ 
  • ๐ŸŒŸ Star this repository if you find it useful!

โ ๐Ÿงช End-to-End Validation

Use the manual workflow .github/workflows/manual-e2e-validate.yml to validate this action against the centralized E2E repository.

  • mode=image validates a published image tag (recommended for -test and -rc release checks).
  • mode=ref validates ref-oriented E2E paths against stable pinned action refs.

CI/CD automation also runs these E2E checks automatically:

  • Pull requests: E2E validation runs through reusable org workflows.
  • Release branch prepare: E2E validation runs against release candidate artifacts (-rc).
  • Release create: E2E validation runs against production release artifacts.

Example trigger inputs:

mode=ref
mode=image
image_tag=v1.2.3-test

โ Forking

To publish images from a fork, set these variables so Task uses your registry identities: DOCKER_USERNAME, DOCKER_ORG_NAME, GITHUB_USERNAME, GITHUB_ORG_NAME.

Two supported options (environment variables take precedence over .env):

# .env (local only, not committed)
DOCKER_USERNAME=your-dockerhub-user
DOCKER_ORG_NAME=your-dockerhub-org
GITHUB_USERNAME=your-github-user
GITHUB_ORG_NAME=your-github-org
# Shell override
DOCKER_USERNAME=your-dockerhub-user \
DOCKER_ORG_NAME=your-dockerhub-org \
GITHUB_USERNAME=your-github-user \
GITHUB_ORG_NAME=your-github-org \
task docker:build

Recommended setup:

  • Local development: use a .env file.
  • GitHub Actions: set repo variables for the four values above, and secrets for DOCKER_TOKEN and GITHUB_TOKEN.

Publish images without a release:

  • Run the (Manual) Release Create workflow with build_only: true to build and push images without tagging a release.

Tag summary

Content type

Image

Digest

sha256:34044712cโ€ฆ

Size

68.4 MB

Last updated

4 days ago

docker pull devopsinfra/action-tflint:latest-test

This week's pulls

Pulls:

1,772

Last week