From 7cf7f0ebc94cca3d3145f3522a47f1671f6ceee2 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Tue, 5 Nov 2024 16:40:11 +0530 Subject: [PATCH] Moved to common workflows --- .github/workflows/lint_clean.yaml | 19 ++++--------- .github/workflows/terraform-docs.yaml | 16 ++++------- .github/workflows/terraform-scan.yaml | 10 +++++++ .github/workflows/tflint.yaml | 40 --------------------------- 4 files changed, 20 insertions(+), 65 deletions(-) create mode 100644 .github/workflows/terraform-scan.yaml delete mode 100644 .github/workflows/tflint.yaml diff --git a/.github/workflows/lint_clean.yaml b/.github/workflows/lint_clean.yaml index 68ed677..3a9bb33 100644 --- a/.github/workflows/lint_clean.yaml +++ b/.github/workflows/lint_clean.yaml @@ -1,18 +1,9 @@ -name: 'Terraform formatting' +name: 'Lint and Clean' on: - pull_request: - - push: - branches: - - main + - pull_request jobs: - fmt: - name: Terraform FMT - runs-on: ubuntu-latest - container: - image: hashicorp/terraform:latest - steps: - - uses: actions/checkout@v2 - - run: terraform fmt --recursive --diff -check=true \ No newline at end of file + fmt_and_lint: + name: Terraform fmt and tflint + uses: truefoundry/github-workflows-public/.github/workflows/terraform-lint-format.yml@v0.1.1 \ No newline at end of file diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml index 7a48d79..1c9aab4 100644 --- a/.github/workflows/terraform-docs.yaml +++ b/.github/workflows/terraform-docs.yaml @@ -3,14 +3,8 @@ on: - pull_request jobs: - docs: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.event.pull_request.head.ref }} - - - name: Render terraform docs and push changes back to PR - uses: terraform-docs/gh-actions@main - with: - git-push: "true" + terraform-docs-generator: + name: Generate terraform docs + uses: truefoundry/github-workflows-public/.github/workflows/terraform-doc-generator.yml@v0.1.1 + with: + commit_ref: ${{ github.event.pull_request.head.ref }} \ No newline at end of file diff --git a/.github/workflows/terraform-scan.yaml b/.github/workflows/terraform-scan.yaml new file mode 100644 index 0000000..668ae57 --- /dev/null +++ b/.github/workflows/terraform-scan.yaml @@ -0,0 +1,10 @@ +name: Vulnerability scanning +on: + - pull_request + +jobs: + terraform-scan: + name: Vulnerability scanning + uses: truefoundry/github-workflows-public/.github/workflows/terraform-scan.yml@v0.1.1 + secrets: + snyk_token: ${{ secrets.SNYK_TOKEN }}a \ No newline at end of file diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml deleted file mode 100644 index 42620cf..0000000 --- a/.github/workflows/tflint.yaml +++ /dev/null @@ -1,40 +0,0 @@ -name: Lint -on: - pull_request: - branches: - - main - -jobs: - tflint: - runs-on: ${{ matrix.os }} - - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - - steps: - - uses: actions/checkout@v3 - name: Checkout source code - - - uses: actions/cache@v3 - name: Cache plugin dir - with: - path: ~/.tflint.d/plugins - key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} - - - uses: terraform-linters/setup-tflint@v3 - name: Setup TFLint - with: - tflint_version: v0.47.0 - - - name: Show version - run: tflint --version - - - name: Init TFLint - run: tflint --init - env: - # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting - GITHUB_TOKEN: ${{ github.token }} - - - name: Run TFLint - run: tflint --minimum-failure-severity=error -f compact \ No newline at end of file