dasmeta · viktoryathegreat · Oct 13, 2023 · Oct 13, 2023 · Oct 13, 2023 · Oct 13, 2023
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -0,0 +1,17 @@
+version: 2
+
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: feat
+
+  - package-ecosystem: "terraform"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: feat
diff --git a/.github/workflows/branch-name-check.yaml b/.github/workflows/branch-name-check.yaml
@@ -0,0 +1,14 @@
+name: 'Branch Naming Check'
+on: pull_request
+
+jobs:
+  branch-naming-rules:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: deepakputhraya/action-branch-name@master
+        with:
+          regex: 'DMVP-[0-9]*' # Regex the branch should match. This example enforces grouping
+          allowed_prefixes: 'DMVP-' # All branches should start with the given prefix
+          ignore: master,develop # Ignore exactly matching branch names from convention
+          min_length: 5 # Min length of the branch name
+          max_length: 30 # Max length of the branch name
diff --git a/.github/workflows/checkov.yaml b/.github/workflows/checkov.yaml
@@ -16,68 +16,11 @@ jobs:
     strategy:
       matrix:
         path:
-          - modules/api-gateway
-          - modules/alb-logs-to-s3-to-cloudwatch
-          - modules/api-gateway-account-settings
-          - modules/aws-alb-to-cloudwatch-lambda
-          - modules/aws-cloudfront-security-headers
-          - modules/aws-cloudwatch-prometheus-metrics
-          - modules/aws-iam-user
-          - modules/aws-load-balancer-controller
-          - modules/aws-multi-vpc-peering
-          - modules/aws-network
-          - modules/aws-rds-postgres
-          - modules/aws-vpc-peering
-          - modules/aws-vpn-vpnendpoint
-          - modules/budgets
-          - modules/cloudfront-ssl-hsts
-          - modules/cloudfront-to-s3-to-cloudwatch
-          - modules/cloudfront
-          - modules/cloudtrail-s3-to-cloudwatch
-          - modules/cloudtrail
-          - modules/cloudwatch-alarm-notify
-          - modules/cloudwatch-cross-account-share
-          - modules/cloudwatch-log-metric
-          - modules/cloudwatch-metrics
-          - modules/cloudwatch
-          - modules/cognito-identitiy-pool
-          - modules/cognito-identity-pool-final
-          - modules/cognito-identity
-          - modules/cognito-user-pool
-          - modules/complete-eks-cluster
-          - modules/ecr
-          - modules/eks-iam-user-constrain
-          - modules/eks
-          - modules/elastic-search
-          - modules/external-secret-store
-          - modules/external-secrets
-          - modules/fluent-bit-logs-s3-to-cloudwatch
-          - modules/fluent-bit-to-s3
-          - modules/fluent-bit
-          - modules/goldilocks
-          - modules/iam-account-password-policy
-          - modules/iam-group
-          - modules/ingress
-          - modules/metric-filter
-          - modules/metrics-filter-multiple
-          - modules/metrics-server
-          - modules/mongodb-atlas
-          - modules/mongodb
-          - modules/rabbitmq
-          - modules/rds
-          - modules/route53-alerts-notify
-          - modules/s3
-          - modules/secret
-          - modules/service-alerts
-          - modules/sns-cronjob
-          - modules/sqs
-          - modules/ssl-certificate
-          - modules/vpc-flow-logs-to-s3-to-cloudwatch
-          - modules/vpc
-          - modules/waf
-
+          - /
+
     steps:
     - uses: dasmeta/reusable-actions-workflows/[email protected]
       with:
         fetch-depth: 0
         directory: ${{ matrix.path }}
+      continue-on-error: true
diff --git a/.github/workflows/pr-title-checker.yaml b/.github/workflows/pr-title-checker.yaml
@@ -0,0 +1,16 @@
+name: 'PR Title Checker'
+on:
+  pull_request:
+    types: [edited, opened, synchronize, reopened]
+
+jobs:
+  title-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: deepakputhraya/[email protected]
+        with:
+          regex: 'DMVP-[0-9]*:' # Regex the title should match.
+          allowed_prefixes: 'DMVP-' # title should start with the given prefix
+          prefix_case_sensitive: false # title prefix are case insensitive
+          min_length: 5 # Min length of the title
+          max_length: -1 # Max length of the title
diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
@@ -17,4 +17,7 @@ jobs:
       uses: dasmeta/reusable-actions-workflows/[email protected]
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
-        path: modules/
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        path: modules/${{ matrix.path }}
+      continue-on-error: true
diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml
@@ -9,15 +9,14 @@ jobs:
       discussions: write
       pull-requests: write
       id-token: write
-
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Setup Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
           node-version: 16
       - name: Semantic Release
-        uses: cycjimmy/semantic-release-action@v3
+        uses: cycjimmy/semantic-release-action@v4
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/terraform-test.yaml b/.github/workflows/terraform-test.yaml
@@ -15,69 +15,13 @@ jobs:
     strategy:
       matrix:
         path:
-          - modules/api-gateway
-          - modules/alb-logs-to-s3-to-cloudwatch
-          - modules/api-gateway-account-settings
-          - modules/aws-alb-to-cloudwatch-lambda
-          - modules/aws-cloudfront-security-headers
-          - modules/aws-cloudwatch-prometheus-metrics
-          - modules/aws-iam-user
-          - modules/aws-load-balancer-controller
-          - modules/aws-multi-vpc-peering
-          - modules/aws-network
-          - modules/aws-rds-postgres
-          - modules/aws-vpc-peering
-          - modules/aws-vpn-vpnendpoint
-          - modules/budgets
-          - modules/cloudfront-ssl-hsts
-          - modules/cloudfront-to-s3-to-cloudwatch
-          - modules/cloudfront
-          - modules/cloudtrail-s3-to-cloudwatch
-          - modules/cloudtrail
-          - modules/cloudwatch-alarm-notify
-          - modules/cloudwatch-cross-account-share
-          - modules/cloudwatch-log-metric
-          - modules/cloudwatch-metrics
-          - modules/cloudwatch
-          - modules/cognito-identitiy-pool
-          - modules/cognito-identity-pool-final
-          - modules/cognito-identity
-          - modules/cognito-user-pool
-          - modules/complete-eks-cluster
-          - modules/ecr
-          - modules/eks-iam-user-constrain
-          - modules/eks
-          - modules/elastic-search
-          - modules/external-secret-store
-          - modules/external-secrets
-          - modules/fluent-bit-logs-s3-to-cloudwatch
-          - modules/fluent-bit-to-s3
-          - modules/fluent-bit
-          - modules/goldilocks
-          - modules/iam-account-password-policy
-          - modules/iam-group
-          - modules/ingress
-          - modules/metric-filter
-          - modules/metrics-filter-multiple
-          - modules/metrics-server
-          - modules/mongodb-atlas
-          - modules/mongodb
-          - modules/rabbitmq
-          - modules/rds
-          - modules/route53-alerts-notify
-          - modules/s3
-          - modules/secret
-          - modules/service-alerts
-          - modules/sns-cronjob
-          - modules/sqs
-          - modules/ssl-certificate
-          - modules/vpc-flow-logs-to-s3-to-cloudwatch
-          - modules/vpc
-          - modules/waf
+          - /
+
     steps:
     - uses: dasmeta/reusable-actions-workflows/[email protected]
       with:
         aws-region: ${{ secrets.AWS_REGION}}
         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
         path: ${{ matrix.path }}
+      continue-on-error: true
diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml
@@ -17,67 +17,14 @@ jobs:
     strategy:
       matrix:
         path:
-          - modules/api-gateway
-          - modules/alb-logs-to-s3-to-cloudwatch
-          - modules/api-gateway-account-settings
-          - modules/aws-alb-to-cloudwatch-lambda
-          - modules/aws-cloudfront-security-headers
-          - modules/aws-cloudwatch-prometheus-metrics
-          - modules/aws-iam-user
-          - modules/aws-load-balancer-controller
-          - modules/aws-multi-vpc-peering
-          - modules/aws-network
-          - modules/aws-rds-postgres
-          - modules/aws-vpc-peering
-          - modules/aws-vpn-vpnendpoint
-          - modules/budgets
-          - modules/cloudfront-ssl-hsts
-          - modules/cloudfront-to-s3-to-cloudwatch
-          - modules/cloudfront
-          - modules/cloudtrail-s3-to-cloudwatch
-          - modules/cloudtrail
-          - modules/cloudwatch-alarm-notify
-          - modules/cloudwatch-cross-account-share
-          - modules/cloudwatch-log-metric
-          - modules/cloudwatch-metrics
-          - modules/cloudwatch
-          - modules/cognito-identitiy-pool
-          - modules/cognito-identity-pool-final
-          - modules/cognito-identity
-          - modules/cognito-user-pool
-          - modules/complete-eks-cluster
-          - modules/ecr
-          - modules/eks-iam-user-constrain
-          - modules/eks
-          - modules/elastic-search
-          - modules/external-secret-store
-          - modules/external-secrets
-          - modules/fluent-bit-logs-s3-to-cloudwatch
-          - modules/fluent-bit-to-s3
-          - modules/fluent-bit
-          - modules/goldilocks
-          - modules/iam-account-password-policy
-          - modules/iam-group
-          - modules/ingress
-          - modules/metric-filter
-          - modules/metrics-filter-multiple
-          - modules/metrics-server
-          - modules/mongodb-atlas
-          - modules/mongodb
-          - modules/rabbitmq
-          - modules/rds
-          - modules/route53-alerts-notify
-          - modules/s3
-          - modules/secret
-          - modules/service-alerts
-          - modules/sns-cronjob
-          - modules/sqs
-          - modules/ssl-certificate
-          - modules/vpc-flow-logs-to-s3-to-cloudwatch
-          - modules/vpc
-          - modules/waf
+          - /
+
     steps:
     - uses: dasmeta/reusable-actions-workflows/[email protected]
       with:
+        aws-region: ${{ secrets.AWS_REGION}}
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
         path: ${{ matrix.path }}
         repo-token: ${{ secrets.GITHUB_TOKEN }}
+      continue-on-error: true
diff --git a/.github/workflows/tfsec.yaml b/.github/workflows/tfsec.yaml
@@ -17,3 +17,4 @@ jobs:
     - uses: dasmeta/reusable-actions-workflows/[email protected]
       with:
         fetch-depth: 0
+    continue-on-error: true
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -9,6 +9,7 @@ repos:
       - id: trailing-whitespace
         args: [--markdown-linebreak-ext=md]
         exclude: CHANGELOG.md
+      - id: check-yaml
       - id: check-merge-conflict
       - id: check-case-conflict
       - id: mixed-line-ending