From 2b2433bc8814ea506e4a4724c27bd1e513c950c4 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Mon, 4 Nov 2024 15:28:02 +0530 Subject: [PATCH 1/3] Moving to common workflows --- .github/workflows/lint_clean.yaml | 15 ++-------- .github/workflows/terraform-docs.yaml | 14 ++-------- .github/workflows/terraform-scan.yaml | 10 +++++++ .github/workflows/tflint.yaml | 40 --------------------------- 4 files changed, 16 insertions(+), 63 deletions(-) create mode 100644 .github/workflows/terraform-scan.yaml delete mode 100644 .github/workflows/tflint.yaml diff --git a/.github/workflows/lint_clean.yaml b/.github/workflows/lint_clean.yaml index a15b694..3aeff98 100644 --- a/.github/workflows/lint_clean.yaml +++ b/.github/workflows/lint_clean.yaml @@ -3,16 +3,7 @@ name: 'Lint and Clean' on: pull_request: - push: - branches: - - main - jobs: - fmt: - name: Terraform FMT - runs-on: ubuntu-latest - container: - image: hashicorp/terraform:latest - steps: - - uses: actions/checkout@v2 - - run: terraform fmt --recursive --diff -check=true \ No newline at end of file + fmt_and_lint: + name: Terraform fmt and tflint + uses: truefoundry/github-workflows-public/.github/workflows/terraform-lint-format.yml@v0.1.0 \ No newline at end of file diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml index 7a48d79..e5dd73e 100644 --- a/.github/workflows/terraform-docs.yaml +++ b/.github/workflows/terraform-docs.yaml @@ -3,14 +3,6 @@ on: - pull_request jobs: - docs: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.event.pull_request.head.ref }} - - - name: Render terraform docs and push changes back to PR - uses: terraform-docs/gh-actions@main - with: - git-push: "true" + terraform-docs-generator: + name: Generate terraform docs + uses: truefoundry/github-workflows-public/.github/workflows/terraform-doc-generator.yml@v0.1.0 \ No newline at end of file diff --git a/.github/workflows/terraform-scan.yaml b/.github/workflows/terraform-scan.yaml new file mode 100644 index 0000000..3e66ecd --- /dev/null +++ b/.github/workflows/terraform-scan.yaml @@ -0,0 +1,10 @@ +name: Vulnerability scanning +on: + - pull_request + +jobs: + terraform-scan: + name: Vulnerability scanning + uses: truefoundry/github-workflows-public/.github/workflows/terraform-scan.yml@v0.1.0 + secrets: + snyk_token: ${{ secrets.SNYK_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml deleted file mode 100644 index 42620cf..0000000 --- a/.github/workflows/tflint.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Lint -on: - pull_request: - branches: - - main - -jobs: - tflint: - runs-on: ${{ matrix.os }} - - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - - steps: - - uses: actions/checkout@v3 - name: Checkout source code - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - uses: terraform-linters/setup-tflint@v3 - name: Setup TFLint - with: - tflint_version: v0.47.0 - - - name: Show version - run: tflint --version - - - name: Init TFLint - run: tflint --init - env: - # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting - GITHUB_TOKEN: ${{ github.token }} - - - name: Run TFLint - run: tflint --minimum-failure-severity=error -f compact \ No newline at end of file From a9258546f42f7e11ac209ad945a216d48b0d6a93 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Mon, 4 Nov 2024 16:00:55 +0530 Subject: [PATCH 2/3] Pull request on --- .github/workflows/lint_clean.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint_clean.yaml b/.github/workflows/lint_clean.yaml index 3aeff98..45fa8ba 100644 --- a/.github/workflows/lint_clean.yaml +++ b/.github/workflows/lint_clean.yaml @@ -1,7 +1,7 @@ name: 'Lint and Clean' on: - pull_request: + - pull_request jobs: fmt_and_lint: From be160d8fb4a070dfabe766ba704bb68ba8ae6a07 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Tue, 5 Nov 2024 00:51:44 +0530 Subject: [PATCH 3/3] Adding commit ref --- .github/workflows/lint_clean.yaml | 2 +- .github/workflows/terraform-docs.yaml | 4 +++- .github/workflows/terraform-scan.yaml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint_clean.yaml b/.github/workflows/lint_clean.yaml index 45fa8ba..3a9bb33 100644 --- a/.github/workflows/lint_clean.yaml +++ b/.github/workflows/lint_clean.yaml @@ -6,4 +6,4 @@ on: jobs: fmt_and_lint: name: Terraform fmt and tflint - uses: truefoundry/github-workflows-public/.github/workflows/terraform-lint-format.yml@v0.1.0 \ No newline at end of file + uses: truefoundry/github-workflows-public/.github/workflows/terraform-lint-format.yml@v0.1.1 \ No newline at end of file diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml index e5dd73e..8b9d05b 100644 --- a/.github/workflows/terraform-docs.yaml +++ b/.github/workflows/terraform-docs.yaml @@ -5,4 +5,6 @@ on: jobs: terraform-docs-generator: name: Generate terraform docs - uses: truefoundry/github-workflows-public/.github/workflows/terraform-doc-generator.yml@v0.1.0 \ No newline at end of file + uses: truefoundry/github-workflows-public/.github/workflows/terraform-doc-generator.yml@v0.1.0 + with: + commit_ref: ${{ github.event.pull_request.head.ref }} \ No newline at end of file diff --git a/.github/workflows/terraform-scan.yaml b/.github/workflows/terraform-scan.yaml index 3e66ecd..afa6279 100644 --- a/.github/workflows/terraform-scan.yaml +++ b/.github/workflows/terraform-scan.yaml @@ -5,6 +5,6 @@ on: jobs: terraform-scan: name: Vulnerability scanning - uses: truefoundry/github-workflows-public/.github/workflows/terraform-scan.yml@v0.1.0 + uses: truefoundry/github-workflows-public/.github/workflows/terraform-scan.yml@v0.1.1 secrets: snyk_token: ${{ secrets.SNYK_TOKEN }} \ No newline at end of file