{"id":15022212,"url":"https://github.com/dflook/terraform-fmt-check","last_synced_at":"2026-01-16T20:01:15.904Z","repository":{"id":61301415,"uuid":"277396342","full_name":"dflook/terraform-fmt-check","owner":"dflook","description":"GitHub action to check the formatting of terraform files","archived":false,"fork":false,"pushed_at":"2026-01-13T13:53:45.000Z","size":65,"stargazers_count":8,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-01-13T16:35:37.452Z","etag":null,"topics":["actions","devops","github-action","github-actions","terraform"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dflook.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["dflook"]}},"created_at":"2020-07-05T22:52:23.000Z","updated_at":"2026-01-13T13:53:45.000Z","dependencies_parsed_at":"2023-02-18T01:31:10.507Z","dependency_job_id":"1155bdb2-18e4-45ba-b150-8dd724ee0b50","html_url":"https://github.com/dflook/terraform-fmt-check","commit_stats":{"total_commits":57,"total_committers":1,"mean_commits":57.0,"dds":0.0,"last_synced_commit":"19eefb5181b0a7de8f8198aef270454f4671d15a"},"previous_names":[],"tags_count":331,"template":false,"template_full_name":null,"purl":"pkg:github/dflook/terraform-fmt-check","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflook%2Fterraform-fmt-check","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflook%2Fterraform-fmt-check/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflook%2Fterraform-fmt-check/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflook%2Fterraform-fmt-check/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dflook","download_url":"https://codeload.github.com/dflook/terraform-fmt-check/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dflook%2Fterraform-fmt-check/sbom","scorecard":{"id":339080,"data":{"date":"2025-08-11","repo":{"name":"github.com/dflook/terraform-fmt-check","commit":"10eaa13fa61437aa51be2d12fafe95f152e3512d"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":5,"reason":"7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}}]},"last_synced_at":"2025-08-18T05:22:24.410Z","repository_id":61301415,"created_at":"2025-08-18T05:22:24.411Z","updated_at":"2025-08-18T05:22:24.411Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28482215,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","devops","github-action","github-actions","terraform"],"created_at":"2024-09-24T19:57:39.059Z","updated_at":"2026-01-16T20:01:15.854Z","avatar_url":"https://github.com/dflook.png","language":null,"funding_links":["https://github.com/sponsors/dflook"],"categories":[],"sub_categories":[],"readme":"# terraform-fmt-check action\n\nThis is one of a suite of Terraform related actions - find them at [dflook/terraform-github-actions](https://github.com/dflook/terraform-github-actions).\n\nThis action uses the `terraform fmt` command to check that all files in a Terraform configuration directory are in the canonical format.\nThis can be used to check that files are properly formatted before merging.\n\nIf any files are not correctly formatted a failing GitHub check will be added for the file, and the job failed.\n\n## Inputs\n\n* `path`\n\n  The path containing Terraform files to check the formatting of.\n\n  - Type: string\n  - Optional\n  - Default: The action workspace\n\n* `workspace`\n\n  Terraform workspace to inspect when discovering the Terraform version to use, if the version is not otherwise specified.\n  See [dflook/terraform-version](https://github.com/dflook/terraform-github-actions/tree/main/terraform-version#terraform-version-action) for details.\n\n  - Type: string\n  - Optional\n  - Default: `default`\n\n* `backend_config`\n\n  List of Terraform backend config values, one per line. This is used for discovering the Terraform version to use, if the version is not otherwise specified.\n  See [dflook/terraform-version](https://github.com/dflook/terraform-github-actions/tree/main/terraform-version#terraform-version-action) for details.\n\n  ```yaml\n  with:\n    backend_config: token=${{ secrets.BACKEND_TOKEN }}\n  ```\n\n  - Type: string\n  - Optional\n\n* `backend_config_file`\n\n  List of Terraform backend config files to use, one per line. This is used for discovering the Terraform version to use, if the version is not otherwise specified.\n  See [dflook/terraform-version](https://github.com/dflook/terraform-github-actions/tree/main/terraform-version#terraform-version-action) for details.\n  Paths should be relative to the GitHub Actions workspace\n\n  ```yaml\n  with:\n    backend_config_file: prod.backend.tfvars\n  ```\n\n  - Type: string\n  - Optional\n\n## Outputs\n\n* `failure-reason`\n\n  When the job outcome is `failure` because the format check failed, this will be set to 'check-failed'.\n  If the job fails for any other reason this will not be set.\n  This can be used with the Actions expression syntax to conditionally run a step when the format check fails.\n\n  - Type: string\n\n## Environment Variables\n\n* `GITHUB_DOT_COM_TOKEN`\n\n  This is used to specify a token for GitHub.com when the action is running on a GitHub Enterprise instance.\n  This is only used for downloading OpenTofu binaries from GitHub.com.\n  If this is not set, an unauthenticated request will be made to GitHub.com to download the binary, which may be rate limited.\n\n  - Type: string\n  - Optional\n\n* `TERRAFORM_CLOUD_TOKENS`\n\n  For the purpose of detecting the Terraform version to use from a cloud backend.\n  API tokens for cloud hosts, of the form `\u003chost\u003e=\u003ctoken\u003e`. Multiple tokens may be specified, one per line.\n  These tokens may be used with the `remote` backend and for fetching required modules from the registry.\n\n  e.g:\n\n  ```yaml\n  env:\n    TERRAFORM_CLOUD_TOKENS: app.terraform.io=${{ secrets.TF_CLOUD_TOKEN }}\n  ```\n\n  With other registries:\n\n  ```yaml\n  env:\n    TERRAFORM_CLOUD_TOKENS: |\n      app.terraform.io=${{ secrets.TF_CLOUD_TOKEN }}\n      terraform.example.com=${{ secrets.TF_REGISTRY_TOKEN }}\n  ```\n\n  - Type: string\n  - Optional\n\n## Example usage\n\nThis example workflow runs on every push and fails if any of the\nTerraform files are not formatted correctly.\n\n```yaml\nname: Check file formatting\n\non: [push]\n\njobs:\n  check_format:\n    runs-on: ubuntu-latest\n    name: Check Terraform file are formatted correctly\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n\n      - name: terraform fmt\n        uses: dflook/terraform-fmt-check@v2\n        with:\n          path: my-terraform-config\n```\n\nThis example executes a run step only if the format check failed.\n\n```yaml\nname: Check file formatting\n\non: [push]\n\njobs:\n  check_format:\n    runs-on: ubuntu-latest\n    name: Check Terraform file are formatted correctly\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n\n      - name: terraform fmt\n        uses: dflook/terraform-fmt-check@v2\n        id: fmt-check\n        with:\n          path: my-terraform-config\n\n      - name: Wrong formatting found\n        if: ${{ failure() \u0026\u0026 steps.fmt-check.outputs.failure-reason == 'check-failed' }}\n        run: echo \"formatting check failed\"\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdflook%2Fterraform-fmt-check","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdflook%2Fterraform-fmt-check","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdflook%2Fterraform-fmt-check/lists"}