GitHub Actions for tflint.
Run tflint and notify the result with reviewdog and github-comment. This GitHub Actions does not install tflint and reviewdog, so you have to install them in advance. It allows to install tools outside this action. We recommend aqua to install them.
We know there are other GitHub Actions for tflint. They install tflint automatically, but we would like to manage tools with aqua, which is a declarative CLI Version Manager written in Go. By aqua, you can update tools continuously with Renovate very easily and use the same tool versions in both CI and your development environment. This GitHub Actions does not install tflint, so we can install them outside this action.
- tflint
- reviewdog
- (Optional) github-comment
- (Optional) ghcp: If the input
fixis true, ghcp is required.
You can install these tools by aqua:
aqua g -i terraform-linters/tflint reviewdog/reviewdog suzuki-shunsuke/github-comment int128/ghcp- uses: suzuki-shunsuke/github-action-tflint@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
working_directory: tests
github_comment: true # Enable github-comment notification💡 If you want to hide old notification, please use github-comment hide command.
- uses: suzuki-shunsuke/github-action-tflint@v0.1.1- uses: suzuki-shunsuke/github-action-tflint@v0.1.1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token_for_tflint_init: ${{ secrets.GH_TOKEN_FOR_TFLINT_INIT }}
github_token_for_fix: ${{ secrets.GH_TOKEN_FOR_FIX }}
working_directory: foo
github_comment: "true"
fix: "true"Nothing.
| name | default value | description |
|---|---|---|
| github_token | github.token |
GitHub Access Token. The permission pull-requests:write is required. |
| github_token_for_tflint_init | github_token |
GitHub Access Token for tflint --init. It this isn't set, the input github_token is used. This input is useful for a GitHub Enterprise Server. The permission contents:read is required |
| github_token_for_fix | github_token |
GitHub Access Token for tflint --fix. It this isn't set, the input github_token is used. The permission contents:write is required. |
| working_directory | "" (current directory) | Woring Directory |
| github_comment | false |
Whether a comment is posted with github-comment |
| fix | false | If this is true, code is fixed by tflint --fix. ghcp is required for this |
| github_app_id_for_securefix_action | GitHub App ID for Securefix Action's client app | |
| github_app_private_key_for_securefix_action | GitHub App Private Key for Securefix Action's client app | |
| securefix_action_server_repository | Securefix Action Server Repository name (not full name) |
Nothing.
As of v1.3.0, the available versions were changed.
Caution
We don't add dist/*.js in the main branch and feature branches.
So you can't specify main and feature branches as versions.
# This never works as dist/index.js doesn't exist.
uses: suzuki-shunsuke/github-action-tflint@mainThe following versions are available.
uses: suzuki-shunsuke/github-action-tflint@v0.1.1- Pull Request versions: These versions are removed when we feel unnecessary. These versions are used to test pull requests.
uses: suzuki-shunsuke/github-action-tflint@pr/1473- latest branch: This branch is built by CI when the main branch is updated. Note that we push commits to the latest branch forcibly.
uses: suzuki-shunsuke/github-action-tflint@latestPull Request versions and the latest branch are unstable. These versions are for testing. You should use the latest release version in production.