1.6.5.1. avmfix
avmfix is designed to help you ensure that our Terraform modules comply with the Azure Verified Modules (AVM) specifications. The avmfix tool analyzes our Terraform code, identifies deviations from AVM specifications, and automatically applies fixes to meet the required standards.
1.6.5.1.1. Purpose and Features
The primary purpose of avmfix is to automate the process of remediating Terraform code to make modules compliant with AVM specifications. It addresses common issues such as:
- Sorting within blocks: Ensuring attributes within
resourceanddatablocks are correctly ordered according to AVM specifications. - Variable definitions: Enforcing the correct order for defining variables, as outlined in the specifications.
- Output arrangement: Arranging
outputblocks in alphabetical order. - Moving blocks: Relocating
variableandoutputblocks that are declared in the wrong files tovariables.tfandoutputs.tf, respectively. - Removing unnecessary declarations: Deleting redundant declarations for input variables and output values, such as
nullable = trueandsensitive = false. - Sorting
localblocks: Arranginglocalblocks in alphabetical order. - Sorting in
movedblocks: Ensuring thefromattribute is placed before thetoattribute. moduleblock fixes: Sorting top-level variables. Note that nested fields withinobjecttypes will not be sorted.
By automating these fixes, avmfix reduces the manual effort required to maintain high-quality, compliant Terraform modules.
1.6.5.1.2. Why is avmfix needed?
Maintaining compliance with AVM specifications is crucial for ensuring the consistency, reliability, and best practices of Terraform modules. The specifications provide guidelines for directory structure, naming conventions, documentation standards, and code organization. Adhering to these guidelines enhances the maintainability and credibility of the modules.
However, manually enforcing these standards can be time-consuming and error-prone. We aim to avoid debates regarding code formatting and simplify this process by automatically identifying and correcting common issues, allowing you to focus on the more complex aspects of module development.
1.6.5.1.3. How to Use avmfix
Installation:
Install avmfix using the go install command:
go install github.com/lonegunmanb/avmfix@latest
This command downloads the latest version of avmfix and installs it into your Go workspace.
Running the Tool:
To use avmfix, open a shell or terminal and run the following command:
avmfix -folder /path/to/your/terraform/module
Replace /path/to/your/terraform/module with the actual path to the directory containing your Terraform module.
Analyzing and Applying Fixes:
The tool analyzes the specified directory and automatically applies fixes for any issues identified in the specifications. If the process completes successfully, you will see the message "DirectoryAutoFix completed successfully." If an error occurs, the tool will display an error message.
Manual Intervention:
Please remember that avmfix may not be able to resolve all issues automatically. Some problems may require manual intervention. Regularly review your Terraform modules and update them according to AVM specifications to maintain high-quality modules.
1.6.5.1.4. Supported Providers
avmfix currently supports variable block description generation for the following providers:
- Alibaba Cloud (
alicloud) - AWS (
aws) - AWS Cloud Control (
awscc) - AzAPI (
azapi) - Azure Active Directory (
azuread) - AzureRM (
azurerm) - Google Cloud Platform (
google) - Helm (
helm) - Kubernetes (
kubernetes) - Local (
local) - Modtm (
modtm) - Null (
null) - Random (
random) - Template (
template) - Time (
time) - Tls (
tls)
It also supports fixes for ephemeral resource blocks.
1.6.5.1.5. Notes
While avmfix can automate many common fixes, it is not a substitute for a thorough understanding of the AVM specifications. Regularly review your Terraform modules and manually resolve any issues that the tool cannot handle automatically.
avmfix includes built-in Schema information for supported Providers, but this information is stored as static JSON strings within the source code. Therefore, we need to update the avmfix version periodically to ensure that the version currently in use contains the Schemas for the latest possible Provider versions.
By incorporating avmfix into our Terraform workflow, we can significantly reduce the effort required to maintain AVM compliance and ensure the quality and consistency of our Terraform modules.
1.6.5.1.6. Application of avmfix in AVM CI Pipelines
AVM provides the following script, which can execute automatic format fixes on Terraform code within modules:
#!/usr/bin/env bash
avmfix -folder "$(pwd)"
examples=$(find ./examples -maxdepth 1 -mindepth 1 -type d)
for d in $examples; do
echo "===> Autofix in $d" && avmfix -folder "$d"
done
if [ ! -d modules ]; then
echo "==> Warning - no modules directory found"
else
modules=$(find ./modules -maxdepth 1 -mindepth 1 -type d)
for d in $modules; do
echo "===> Autofix in $d" && avmfix -folder "$d"
done
fi
exit 0
This script is executed when we run make pre-commit or make autofix.
The AVM GitHub Actions pipeline definition includes the following check:
author: AVM
name: avmfix
description: Ensures that avmfix has been run.
runs:
using: composite
steps:
- name: run avmfix
shell: bash
run: |
docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make autofix
- name: detect changes
shell: bash
run: |
if [ -z "$(git status -s)" ]; then
echo "No changes detected"
exit 0
else
echo "AVMfix changes detected, please run:"
echo "> docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make pre-commit"
echo "... or if you have the avm helper script installed:"
echo "> ./avm pre-commit"
echo "> avm.bat pre-commit (on Windows)"
echo
echo "Then commit and push the changes"
exit 1
fi
For submitted Pull Requests, we run make autofix on the branch and subsequently check if any files have changed to determine whether the code in the Pull Request has been properly formatted by avmfix.