Skip to content

The-Infra-Company/github-action-tflint-upload

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
docs
docs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
script.sh
script.sh
 
 

Repository files navigation

github-action-tflint-upload Latest Release

A GitHub Action to run tflint and post the results to the GitHub Security tab.

findings

Usage

name: tflint

on:
  pull_request:
    branches: [ 'main' ]
    types: [ opened, synchronize, reopened, closed, labeled, unlabeled ]

jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repo
        uses: actions/checkout@v4

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v3

      - name: Terraform Init
        run: terraform init
        working-directory: "terraform/modules/vpc"

      - name: Run tflint
        uses: The-Infra-Company/github-action-tflint-upload@a742d2ea7d35dc6a3cc8e929daf199f5e9a848ae # v0.2.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          tflint_version: "v0.49.0" # TFLint added a "Bug Fix" with v0.50.0 that added .tflint.hcl as a requirement
          working_directory: "terraform/modules/vpc"
          tflint_rulesets: "aws"
          flags: >-
            --disable-rule=terraform_unused_required_providers
            --disable-rule=terraform_deprecated_index

Inputs

name description required default
github_token

GITHUB_TOKEN

 true ${{ github.token }}
working_directory

Directory to run the action on, from the repo root. Default is . (root of the repository)

 false .
tflint_version

The tflint version to install and use. Default is to use the latest release version.

 false latest
tflint_rulesets

Space separated, official (from the terraform-linters GitHub organization) tflint rulesets to install and use. If a pre-configured TFLINT_PLUGIN_DIR is set, rulesets are installed in that directory. Default is empty.

 false ""
tflint_init

Whether or not to run tflint --init prior to running scan [true,false] Default is false.

 false false
tflint_target_dir

The target dir for the tflint command. This is the directory passed to tflint as opposed to working_directory which is the directory the command is executed from. Default is . (root of the repository)

 false .
tflint_config

Config file name for tflint. Default is .tflint.hcl.

 false .tflint.hcl
flags

List of arguments to send to tflint For the output to be parsable by reviewdog --format=checkstyle is enforced Default is --call-module-type=all.

 false --call-module-type=all

Outputs

name description
tflint-return-code

tflint command return code

About

Run tflint on pull requests and upload the results to the GitHub Security tab

Topics

github-actions

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 5

v0.4.0 Latest
Mar 20, 2025
+ 4 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Languages