This is a template for terraform modules. It contains the required CI configuration and .gitignore.
The package.json is required for the semantic-release. This is controlled via a Github Actions workflow.
We rely on pre-commit hooks to ensure the good code quality. This is also checked by a CI pipeline but recommended to use locally. It's also responsible for creating terraform-docs.
We have several default workflows prepared.
checkov scans the terraform manifests for common misconfigurations. By default the root of the repository is scanned but if you have a repo with submodules (like for e.g. makandra/terraform-aws-modules you may want to alter the path of the GitHub action.
We want to enforce conventional commits to ensure our semantic-release works correctly.
We want to ensure that all our rules in the pre-commit configuration are applied.
Whenever new commits are merged into the main branch we want a new release to be created.
Terraform linter for finding possible errors, old syntax, unused declarations etc. Also it enforces best practices. See tflint. By default the root of the respository is scanned but if you have a repo with submodules (like for e.g. makandra/terraform-aws-modules you should add every submodule to the workflow matrix.
We recommend protecting the main branch and to allow new code pushes only via Pull Requests. This way it's ensured that all tests pass before a new release is pushed.