Skip to content

Run tflint with reviewdog on pull requests to enforce best practices


Notifications You must be signed in to change notification settings


Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

GitHub Action: Run tflint with reviewdog

Test reviewdog release GitHub release (latest SemVer) action-bumpr supported depup

This action runs tflint with reviewdog on pull requests to enforce best practices.


With github-pr-check

By default, with reporter: github-pr-check an annotation is added to the line:

Example comment made by the action, with github-pr-check

With github-pr-review

With reporter: github-pr-review a comment is added to the Pull Request Conversation:

Example comment made by the action, with github-pr-review



Required. Must be in form of github_token: ${{ secrets.github_token }}.


Optional. Report level for reviewdog [info,warning,error]. It's same as -level flag of reviewdog. The default is error.


Optional. Reporter of reviewdog command [github-pr-check,github-pr-review]. The default is github-pr-check.


Optional. Filtering for the reviewdog command [added,diff_context,file,nofilter].

The default is added.

See reviewdog documentation for filter mode for details.


Optional. Exit code for reviewdog when errors are found [true,false].

The default is false.

See reviewdog documentation for exit codes for details.


Optional. Directory to run the action on, from the repo root. The default is . ( root of the repository).


Optional. The tflint version to install and use. The default is latest.


Optional. Space separated, official (from the terraform-linters GitHub organization) tflint rulesets to install and use. If a pre-configured TFLINT_PLUGIN_DIR is set, rulesets are installed in that directory. Default is `` (empty).


Optional. Whether to run tflint --init prior to linting (useful if you have a .tflint.hcl with some values in it). The default is false.


Optional. List of arguments to send to tflint. For the output to be parsable by reviewdog --format=checkstyle is enforced. The default is --module.



The tflint command return code.


The reviewdog command return code.

Example usage

name: reviewdog
on: [pull_request]
    name: runner / tflint
    runs-on: ubuntu-latest

      - name: Clone repo
        uses: actions/checkout@v4

      # Install latest Terraform manually as
      #  Docker-based GitHub Actions are
      #  slow due to lack of caching
      # Note: Terraform is not needed for tflint
      - name: Install Terraform
        run: |
          brew install terraform

      # Run init to get module code to be able to use `--module`
      - name: Terraform init
        run: |
          terraform init

      # Minimal example
      - name: tflint
        uses: reviewdog/action-tflint@v1
          github_token: ${{ secrets.github_token }}

      # More complex example
      - name: tflint
        uses: reviewdog/action-tflint@v1
          github_token: ${{ secrets.github_token }}
          working_directory: "testdata" # Optional. Change working directory
          reporter: github-pr-review # Optional. Change reporter
          fail_on_error: "true" # Optional. Fail action if errors are found
          filter_mode: "nofilter" # Optional. Check all files, not just the diff
          tflint_version: "v0.24.0" # Optional. Custom version, instead of latest
          tflint_rulesets: "azurerm google" # Optional. Extra official rulesets to install
          flags: "--module" # Optional. Add custom tflint flags



You can bump version on merging Pull Requests with specific labels (bump:major,bump:minor,bump:patch). Pushing tag manually by yourself also work.

This action updates major/minor release tags on a tag push. e.g. Update v1 and v1.2 tag when released v1.2.3. ref:

Lint - reviewdog integration

This reviewdog action template itself is integrated with reviewdog to run lints which is useful for Docker container based actions.

Supported linters: