From 66b5ca4702e1c1877f9d300910e4504b0e2f0ae3 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Fri, 1 Nov 2024 17:43:02 +0530 Subject: [PATCH] Moved to common workflows --- .github/workflows/lint_clean.yaml | 15 ++-------- .github/workflows/terraform-docs.yaml | 14 ++-------- .github/workflows/terraform-scan.yml | 8 ++++++ .github/workflows/tflint.yaml | 40 --------------------------- 4 files changed, 14 insertions(+), 63 deletions(-) create mode 100644 .github/workflows/terraform-scan.yml delete mode 100644 .github/workflows/tflint.yaml diff --git a/.github/workflows/lint_clean.yaml b/.github/workflows/lint_clean.yaml index a15b694..0676bfd 100644 --- a/.github/workflows/lint_clean.yaml +++ b/.github/workflows/lint_clean.yaml @@ -3,16 +3,7 @@ name: 'Lint and Clean' on: pull_request: - push: - branches: - - main - jobs: - fmt: - name: Terraform FMT - runs-on: ubuntu-latest - container: - image: hashicorp/terraform:latest - steps: - - uses: actions/checkout@v2 - - run: terraform fmt --recursive --diff -check=true \ No newline at end of file + fmt_and_lint: + name: Terraform fmt and tflint + uses: truefoundry/workflows/.github/workflows/terraform-lint-format.yml@iac-scanning diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml index 7a48d79..a250cd0 100644 --- a/.github/workflows/terraform-docs.yaml +++ b/.github/workflows/terraform-docs.yaml @@ -3,14 +3,6 @@ on: - pull_request jobs: - docs: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.event.pull_request.head.ref }} - - - name: Render terraform docs and push changes back to PR - uses: terraform-docs/gh-actions@main - with: - git-push: "true" + terraform-docs-generator: + name: Generate terraform docs + uses: truefoundry/workflows/.github/workflows/terraform-doc-generator.yml@iac-scanning diff --git a/.github/workflows/terraform-scan.yml b/.github/workflows/terraform-scan.yml new file mode 100644 index 0000000..f3c231a --- /dev/null +++ b/.github/workflows/terraform-scan.yml @@ -0,0 +1,8 @@ +name: Vulnerability scanning +on: + - pull_request + +jobs: + terraform-scan: + name: Vulnerability scanning + uses: truefoundry/workflows/.github/workflows/terraform-scan.yml@iac-scanning diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml deleted file mode 100644 index 42620cf..0000000 --- a/.github/workflows/tflint.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Lint -on: - pull_request: - branches: - - main - -jobs: - tflint: - runs-on: ${{ matrix.os }} - - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - - steps: - - uses: actions/checkout@v3 - name: Checkout source code - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - uses: terraform-linters/setup-tflint@v3 - name: Setup TFLint - with: - tflint_version: v0.47.0 - - - name: Show version - run: tflint --version - - - name: Init TFLint - run: tflint --init - env: - # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting - GITHUB_TOKEN: ${{ github.token }} - - - name: Run TFLint - run: tflint --minimum-failure-severity=error -f compact \ No newline at end of file