🚀 GitHub Action linting Terraform files

GitHub Action that will run TFlint on Terraform files.

📦 Available on

• Docker Hub: devopsinfra/action-tflint:latest
• GitHub Packages: ghcr.io/devops-infra/action-tflint:latest

✨ Features

• Main use will be everywhere where Terraform is used and is great for statically or actively checking modules' sources.
• Using wata727's TFLint.

📊 Badges

🏷️ Version Tags: vX, vX.Y, vX.Y.Z

This action supports three tag levels for flexible versioning:

• vX: latest patch of the major version (e.g., v1).
• vX.Y: latest patch of the minor version (e.g., v1.2).
• vX.Y.Z: fixed to a specific release (e.g., v1.2.3).

📖 API Reference

    - name: Run the Action
      uses: devops-infra/action-tflint@v1.0.0
      with:
        dir_filter: modules

🔧 Input Parameters

Input Variable	Required	Default	Description
dir_filter	No	*	Prefixes or sub-directories to search for Terraform modules. Use comma as separator.
fail_on_changes	No	true	Whether TFLint should fail whole action.
tflint_config	No	.tflint.hcl	Location from repository root to TFLint config file. Disables tflint_params.
tflint_params	No	``	Parameters passed to TFLint binary. See TFLint for details.
run_init	No	true	Whether the action should run terraform init. Defaults to true.

💻 Usage Examples

📝 Basic Example

By default fail if lint errors found in any subdirectory. Run the Action via GitHub.

name: Check TFLint
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v5

    - name: Check linting of Terraform files
      uses: devops-infra/action-tflint@v1.0.0

🔀 Advanced Example

Use different location for TFLint config file and parse only aws* and gcp* modules in modules/ directory. Run the Action via GitHub.

name: Check TFLint with custom config
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v5

    - name: Check linting of Terraform modules
      uses: devops-infra/action-tflint@v1.0.0
      with:
        tflint_config: modules/.tflint.hcl
        dir_filter: modules/aws,modules/gcp

🔀 Advanced Example

Use deep check (need cloud credentials) and treat all directories under modules as Terraform modules. Run the Action via DockerHub.

name: Check TFLint with custom config
on:
  push:
    branches:
      - "**"
jobs:
  format-hcl:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v5

    - name: Check linting of Terraform modules
      uses: devops-infra/action-tflint@v1.0.0
      with:
        tflint_params: "--module --deep"
        dir_filter: modules

🤝 Contributing

Contributions are welcome! See CONTRIBUTING. This project is licensed under the MIT License - see the LICENSE file for details.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

💬 Support

If you have any questions or need help, please:

• 📝 Create an issue
• 🌟 Star this repository if you find it useful!

Forking

To publish images from a fork, set these variables so Task uses your registry identities: DOCKER_USERNAME, DOCKER_ORG_NAME, GITHUB_USERNAME, GITHUB_ORG_NAME.

Two supported options (environment variables take precedence over .env):

# .env (local only, not committed)
DOCKER_USERNAME=your-dockerhub-user
DOCKER_ORG_NAME=your-dockerhub-org
GITHUB_USERNAME=your-github-user
GITHUB_ORG_NAME=your-github-org

# Shell override
DOCKER_USERNAME=your-dockerhub-user \
DOCKER_ORG_NAME=your-dockerhub-org \
GITHUB_USERNAME=your-github-user \
GITHUB_ORG_NAME=your-github-org \
task docker:build

Recommended setup:

• Local development: use a .env file.
• GitHub Actions: set repo variables for the four values above, and secrets for DOCKER_TOKEN and GITHUB_TOKEN.

Publish images without a release:

• Run the (Manual) Update Version workflow with build_only: true to build and push images without tagging a release.