Giters

terraform-linters / tflint

A Pluggable Terraform Linter

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Redesign config schema

wata727 opened this issue · comments

commented

Introduction

The .tflint.hcl configuration schema has remained largely unchanged since its design, but I believe there are better designs out there now. The current (v0.50) schema is shown below:

config {
  call_module_type    = string
  force               = bool
  ignore_module       = map(bool)
  varfile             = list(string)
  variables           = list(string)
  disabled_by_default = bool
  plugin_dir          = string
  format              = string
}

plugin "name" {
  enabled     = bool
  version     = string
  source      = string
  signing_key = string

  [plugin custom fields]
}

rule "name" {
  enabled = bool

  [plugin custom fields]
}

This schema has the following issues:

  • Top-level config block is redundant. As I recall, this was introduced simply for implementation reasons at the time. This limitation no longer exists.
  • ignore_module is set by a module source, not an ID, so you cannot ignore a module exactly. Also, originally, list(string) should be enough instead of map(bool).
  • varfile is poorly named. Given that the CLI flag in Terraform is --var-file, var_file is appropriate. var_files is the best because it accepts multiple files.
  • variables is accepted as simple string, but HCL allows for more flexible expressions. Imagine being able to write *.tfvars inline.
  • There is a mix of different types of attributes within the config block. For example, it may be easier to understand if attributes that affect inspection and attributes that affect output are grouped in separate blocks.
  • Plugin custom fields and reserved fields may conflict. Adding new reserved attributes in the future may impact existing plugins.
  • Since rules are provided by plugins, it might be possible to nest rule blocks inside plugin blocks.

Proposal

Redesign config schema like below:

force               = bool
disabled_by_default = bool
plugin_dir          = string
format              = string

terraform {
  var_files = list(map)
  variables = {
    foo = "bar"
    baz = 1
  }
  ignore_modules   = list(string)
  call_module_type = string
}

plugin "name" {
  enabled     = bool
  version     = string
  source      = string
  signing_key = string

  _ {
    [plugin custom fields]
  }

  rule "name" {
    enabled = bool

    _ {
      [plugin custom fields]
    }
  }
}

However, this is a draft and we do not guarantee that it will be changed to this schema. The final version should be considered for backward compatibility and impact on changes.

References