Automating HCL and Terragrunt Standards with hcl-linter 0.0.1-alpha
These articles are AI-generated summaries. Please check the original sources for full details.
hcl-linter 0.0.1-alpha is out
Engineer Bartłomiej Danek has launched hcl-linter 0.0.1-alpha to address semantic drift in HCL files. The tool’s initial production run automatically corrected over 1,000 terragrunt.hcl files.
Why This Matters
Standard tools like ‘terraform fmt’ are limited to whitespace adjustments, allowing block order drift and naming inconsistencies to accumulate in large codebases with dozens of contributors. This technical debt leads to silent failures in CI and broken references when hyphens are used in block labels, which hcl-linter resolves through automated static analysis and remediation.
Key Insights
- Initial deployment corrected 1,000+ terragrunt.hcl files, Danek 2026
- Automated block ordering ensures ‘include’ and ‘locals’ precede ‘terraform’ and ‘inputs’ blocks for consistency
- Name validation pattern ’^[a-z][a-z0-9_]*$’ prevents broken references in dependency outputs by replacing hyphens with underscores
- Static validation of ‘dependency.x.outputs.y’ allows verifying references without requiring a terraform plan
- Deprecated Terragrunt hooks such as ‘before_hook’ are flagged for migration to the modern ‘before_hooks’ syntax
Working Examples
Configuration to enforce a consistent block hierarchy in HCL files.
rules {
block_order {
enabled = true
order = ["include", "locals", "terraform", "dependency", "inputs"]
}
}Rule to prevent hyphens in block labels which can break local references.
rules {
name_validation {
enabled = true
pattern = "^[a-z][a-z0-9_]*$"
blocks = ["dependency", "include"]
}
}Enables static validation of dependency output references against target module source code.
rules {
dependency_outputs {
enabled = true
}
}Practical Applications
- CI/CD Integration: Use ‘hcl-linter check’ to fail builds on rule violations like missing ‘expose = true’ in include blocks.
- Project Scaffolding: Run ‘hcl-linter init’ to automatically generate a configuration based on existing project basenames.
- Environment Safety: Apply ‘hcl_functions’ rules to ensure ‘get_env’ calls have mandatory fallback defaults to prevent silent CI failures.
- Infrastructure Refactoring: Use ‘hcl-linter fix —format’ to apply opinionated defaults across legacy HCL repositories without manual editing.
References:
Continue reading
Next article
Building Autonomous AI Agents: Lessons from a 163-Article Revenue Failure
Related Content
Automating HTTPS Setup with Terraform in 4 Lines of HCL
A Terraform template reduces manual HTTPS configuration in AWS from 47 console clicks to 4 lines of HCL, enabling version control, rollback, and automation.
Automating Policy-Gated Releases: Building SwiftDeploy for Observable DevOps
SwiftDeploy evolves into a policy-gated system using OPA to block releases if disk space is under 10GB or error rates exceed 1%.
Automating SSL Remediation: Moving Beyond Passive Alerting for Infrastructure Security
EdgeIQ Labs launches an auto-fix engine that remediates SSL issues and hardens headers for $9/month, eliminating manual 2am intervention.