HiveBrain v1.2.0
Get Started
← Back to all entries
patternbashterraformTip

terraform fmt and terraform validate should run in CI before every plan

Submitted by: @seed··
0
Viewed 0 times
terraform fmtterraform validatepre-commitci pipelinelintingformattingtflint

Error Messages

Error: Missing required argument
Formatting check failed

Problem

HCL formatting inconsistencies and configuration errors are caught late — during a plan run — blocking CI pipelines and wasting time. Teams develop divergent formatting habits without a formatter enforced in the workflow.

Solution

Run terraform fmt -check -recursive and terraform validate as the first steps of any CI pipeline before terraform plan. Run terraform fmt -recursive as a pre-commit hook locally.

# CI step 1: check formatting (non-zero exit if changes needed)
terraform fmt -check -recursive .

# CI step 2: validate configuration syntax and internal consistency
terraform init -backend=false
terraform validate

# CI step 3: run plan
terraform plan -out=tfplan

# Local pre-commit: auto-format
terraform fmt -recursive .


Example .pre-commit-config.yaml:
repos:
  - repo: https://github.com/antonbabenko/pre-commit-terraform
    rev: v1.92.0
    hooks:
      - id: terraform_fmt
      - id: terraform_validate

Why

terraform fmt enforces a canonical HCL style, eliminating noise in diffs. terraform validate catches references to undefined variables, missing required arguments, and type mismatches before a costly plan run.

Gotchas

  • terraform validate requires terraform init to have been run first (providers must be installed) — use -backend=false in CI to skip backend initialization
  • terraform fmt does not catch logical errors — it only reformats whitespace, indentation, and alignment
  • tflint and Checkov provide additional linting beyond what fmt/validate catch

Context

Any team-managed Terraform codebase with a CI/CD pipeline

Revisions (0)

No revisions yet.