Skip to content

Commit

Permalink
Merge pull request #18 from clouddrove/1.0.2
Browse files Browse the repository at this point in the history
update github-action & License update
  • Loading branch information
yadavprakash authored May 18, 2022
2 parents b5651e4 + 295a725 commit 4ec2883
Show file tree
Hide file tree
Showing 15 changed files with 379 additions and 197 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/readme.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
python-version: '3.x'

- name: 'create readme'
uses: 'clouddrove/github-actions@v8.0'
uses: 'clouddrove/github-actions@v9.0.2'
with:
actions_subcommand: 'readme'
github_token: '${{ secrets.GITHUB}}'
Expand All @@ -35,7 +35,7 @@ jobs:
continue-on-error: true

- name: 'push readme'
uses: 'clouddrove/github-actions@v8.0'
uses: 'clouddrove/github-actions@v9.0.2'
continue-on-error: true
with:
actions_subcommand: 'push'
Expand Down
216 changes: 59 additions & 157 deletions .github/workflows/terraform.yml
Original file line number Diff line number Diff line change
@@ -1,129 +1,49 @@
name: 'Terraform GitHub Actions'
name: static-checks

on:
pull_request:
branches:
- master

jobs:
fmt:
name: 'terraform fmt'
versionExtract:
name: Get min/max versions
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master

- name: 'Terraform Format'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'fmt'

multi_node_non_vpc:
name: 'multi_node_non_vpc'
needs: fmt
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: 'Checkout'
uses: actions/checkout@master

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2

- name: 'Terraform init multi_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example/multi_node_non_vpc

- name: 'Terraform validate multi_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'validate'
tf_actions_working_dir: ./_example/multi_node_non_vpc
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/terraform-min-max@main
outputs:
minVersion: ${{ steps.minMax.outputs.minVersion }}
maxVersion: ${{ steps.minMax.outputs.maxVersion }}

- name: 'Terraform plan multi_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example/multi_node_non_vpc

multi_node_vpc:
name: 'multi_node_vpc'
needs: fmt
versionEvaluate:
name: Evaluate Terraform versions
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master
needs: versionExtract
strategy:
fail-fast: false
matrix:
version:
- ${{ needs.versionExtract.outputs.minVersion }}
- ${{ needs.versionExtract.outputs.maxVersion }}
directory:
- _example/multi_node_non_vpc
- _example/multi_node_vpc
- _example/single_node_non_vpc
- _example/single_node_vpc

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2

- name: 'Terraform init multi_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example/multi_node_vpc

- name: 'Terraform validate multi_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'validate'
tf_actions_working_dir: ./_example/multi_node_vpc

- name: 'Terraform plan multi_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example/multi_node_vpc

single_node_non_vpc:
name: 'single_node_non_vpc'
needs: fmt
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master
- name: Checkout
uses: actions/checkout@v2

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
- name: Install Terraform v${{ matrix.version }}
uses: hashicorp/setup-terraform@v1
with:
aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2

- name: 'Terraform init for single_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example/single_node_non_vpc

- name: 'Terraform validate for single_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'validate'
tf_actions_working_dir: ./_example/single_node_non_vpc

- name: 'Terraform plan for single_node_non_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example/single_node_non_vpc

single_node_vpc:
name: 'single_node_non_vpc'
needs: fmt
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/checkout@master
terraform_version: ${{ matrix.version }}

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
Expand All @@ -132,53 +52,35 @@ jobs:
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2

- name: 'Terraform init for single_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example/single_node_vpc

- name: 'Terraform validate for single_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'validate'
tf_actions_working_dir: ./_example/single_node_vpc

- name: 'Terraform plan for single_node_vpc'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example/single_node_vpc


pre-commit:
name: 'Pre-Commit'
needs:
- fmt
- multi_node_non_vpc
- multi_node_vpc
- single_node_non_vpc
- single_node_vpc
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/[email protected]

- name: 'Install Tflint'
- name: Init & validate v${{ matrix.version }}
run: |
curl https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
cd ${{ matrix.directory }}
terraform init
terraform validate
- name: tflint
uses: reviewdog/action-tflint@master
with:
github_token: ${{ secrets.GITHUB }}
working_directory: ${{ matrix.directory }}
fail_on_error: 'true'
filter_mode: 'nofilter'
flags: '--module'

format:
name: Check code format
runs-on: ubuntu-latest
needs: versionExtract

- name: 'Pre-Commit 🔎'
uses: pre-commit/[email protected]
continue-on-error: true
steps:
- name: Checkout
uses: actions/checkout@v2

- name: 'Slack Notification'
uses: clouddrove/action-slack@v2
- name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }}
uses: hashicorp/setup-terraform@v1
with:
status: ${{ job.status }}
fields: repo,author
author_name: 'CloudDrove'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
if: always()
terraform_version: ${{ needs.versionExtract.outputs.maxVersion }}

- name: Check Terraform format changes
run: terraform fmt --recursive
9 changes: 4 additions & 5 deletions .github/workflows/terratest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:

- name: 'Terratest for multi_node_non_vpc'
if: ${{ github.event.label.name == 'terratest' }}
uses: 'clouddrove/github-actions@v8.0'
uses: 'clouddrove/github-actions@v9.0.2'
with:
actions_subcommand: 'terratest'
tf_actions_working_dir: '_test/multi_node_non_vpc'
Expand All @@ -32,8 +32,7 @@ jobs:

- name: 'Terratest for multi_node_vpc'
if: ${{ github.event.label.name == 'terratest' }}
uses: 'clouddrove/[email protected]'
with:
uses: 'clouddrove/[email protected]
actions_subcommand: 'terratest'
tf_actions_working_dir: '_test/multi_node_vpc'
env:
Expand All @@ -42,7 +41,7 @@ jobs:

- name: 'Terratest for single_node_non_vpc'
if: ${{ github.event.label.name == 'terratest' }}
uses: 'clouddrove/github-actions@v8.0'
uses: 'clouddrove/github-actions@v9.0.2'
with:
actions_subcommand: 'terratest'
tf_actions_working_dir: '_test/single_node_non_vpc'
Expand All @@ -52,7 +51,7 @@ jobs:

- name: 'Terratest for single_node_vpc'
if: ${{ github.event.label.name == 'terratest' }}
uses: 'clouddrove/github-actions@v8.0'
uses: 'clouddrove/github-actions@v9.0.2'
with:
actions_subcommand: 'terratest'
tf_actions_working_dir: '_test/single_node_vpc'
Expand Down
25 changes: 25 additions & 0 deletions .github/workflows/tfsec.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
name: tfsec
on:
pull_request:

jobs:
tfsec:
name: tfsec sarif report
runs-on: ubuntu-latest

steps:
- name: Clone repo
uses: actions/checkout@master

- name: tfsec
uses: aquasecurity/[email protected]
with:
sarif_file: tfsec.sarif
working_directory: _example
full_repo_scan: true

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v1
with:
# Path to SARIF file relative to the root of the repository
sarif_file: tfsec.sarif
Loading

0 comments on commit 4ec2883

Please sign in to comment.