Add `terraform get` hook in recursive inspection

[wata727]

Introduction

To perform recursive inspection with --module, you must download child modules beforehand in each working directory. This means you need to run terraform init (or terraform get) recursively.

However, Terraform does not provide an efficient way to do this. For local modules, https://github.com/terraform-linters/tflint/issues/1502 solves this issue by eliminating the need for terraform get, but remote modules still have this issue.

Proposal

Add a configuration hook that runs terraform get on each directory when performing recursive inspection. Imagine something like below:

config {
  run_terraform_get = true
}

The above is the simplest idea, so there may be a better configuration. Terragrunt's design may be helpful. https://terragrunt.gruntwork.io/docs/features/hooks/

Enabling this flag will run terraform get before performing an inspection. It will probably run around here: https://github.com/terraform-linters/tflint/blob/v0.49.0/cmd/inspect.go#L115

This hook will result in an error if the Terraform binary is not installed. It is your responsibility to install Terraform and set up credentials for private repositories/registries, and TFLint just invoke a command. This allows us to keep the considerations in TFLint regarding module downloads to a minimum.

To run terraform get programmatically, we can use terraform-exec. https://github.com/hashicorp/terraform-exec

References

• https://developer.hashicorp.com/terraform/cli/commands/get
• https://github.com/terraform-linters/tflint/issues/1502
• https://terragrunt.gruntwork.io/docs/features/hooks/
• https://github.com/hashicorp/terraform-exec