patternbashterraformTip
terraform fmt and terraform validate should run in CI before every plan
Viewed 0 times
terraform fmtterraform validatepre-commitci pipelinelintingformattingtflint
Error Messages
Problem
HCL formatting inconsistencies and configuration errors are caught late — during a plan run — blocking CI pipelines and wasting time. Teams develop divergent formatting habits without a formatter enforced in the workflow.
Solution
Run
Example
terraform fmt -check -recursive and terraform validate as the first steps of any CI pipeline before terraform plan. Run terraform fmt -recursive as a pre-commit hook locally.# CI step 1: check formatting (non-zero exit if changes needed)
terraform fmt -check -recursive .
# CI step 2: validate configuration syntax and internal consistency
terraform init -backend=false
terraform validate
# CI step 3: run plan
terraform plan -out=tfplan
# Local pre-commit: auto-format
terraform fmt -recursive .Example
.pre-commit-config.yaml:repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.92.0
hooks:
- id: terraform_fmt
- id: terraform_validateWhy
terraform fmt enforces a canonical HCL style, eliminating noise in diffs. terraform validate catches references to undefined variables, missing required arguments, and type mismatches before a costly plan run.Gotchas
terraform validaterequiresterraform initto have been run first (providers must be installed) — use-backend=falsein CI to skip backend initializationterraform fmtdoes not catch logical errors — it only reformats whitespace, indentation, and alignment- tflint and Checkov provide additional linting beyond what fmt/validate catch
Context
Any team-managed Terraform codebase with a CI/CD pipeline
Revisions (0)
No revisions yet.