search

terraform-linters / setup-tflint

A GitHub action that installs Terraform linter TFLint
MIT License
149 stars 38 forks source link

Handle cache and init internally #161

Open lukasz-mitka opened 1 year ago

lukasz-mitka commented 1 year ago

Instead of requiring users to setup cache and call init just do it as part of this action.

    - uses: actions/cache@v3
      name: Cache plugin dir
      with:
        path: ~/.tflint.d/plugins
        key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }}

    - uses: terraform-linters/setup-tflint@v3
      name: Setup TFLint
      with:
        tflint_version: v0.44.1

    - name: Show version
      run: tflint --version

    - name: Init TFLint
      run: tflint --init
      env:
        # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting
        GITHUB_TOKEN: ${{ github.token }}

Could become

    - name: Setup TFLint
      uses: terraform-linters/setup-tflint@v4
      with:
        tflint_version: v0.44.1
bendrucker commented 1 year ago

cache

Doable, PR welcome

token

Not sure about this. This is not the same situation as setup-terraform, which can accept Terraform credentials and write them somewhere where they will only influence Terraform.

Accomplishing this means writing out GITHUB_TOKEN to $GITHUB_ENV. Which then affects other programs potentially using that environment variable.

I'd only be inclined to do something like this by default with an alternative env var, e.g. TFLINT_GITHUB_TOKEN, which will require an upstream change to the CLI and won't be backwards compatible with any existing versions.

version - just run it

Doesn't seem like a suitable default. Printing debug logs on which version was downloaded, sure, and maybe even an output based on that. setup-terraform doesn't call terraform version. And tflint --version outputs human-readable text, not JSON, so it's not suitable for programmatic usage.

bendrucker commented 1 year ago

I'd only be inclined to do something like this by default with an alternative env var

Clarifying: it probably makes sense to offer this as an input, just not on by default. At least not without a major version bump.