From a2a4e094e884e4307fec4d596dbd4b169c9e9946 Mon Sep 17 00:00:00 2001
From: Himanshu Pal <hp.iiita@gmail.com>
Date: Wed, 18 Sep 2024 10:41:48 +0530
Subject: [PATCH] added slo tf file

---
 .github/workflows/app-components-tf-test.yml |  2 +-
 .github/workflows/sdo-tf-test.yml            |  6 +--
 .github/workflows/slo-tf-test.yml            | 50 ++++++++++++++++++++
 3 files changed, 54 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/slo-tf-test.yml

diff --git a/.github/workflows/app-components-tf-test.yml b/.github/workflows/app-components-tf-test.yml
index ba070190..80eec70d 100644
--- a/.github/workflows/app-components-tf-test.yml
+++ b/.github/workflows/app-components-tf-test.yml
@@ -47,4 +47,4 @@ jobs:
           output_format: cli
           output_bc_ids: false
           download_external_modules: true
-          skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
+          # skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
diff --git a/.github/workflows/sdo-tf-test.yml b/.github/workflows/sdo-tf-test.yml
index bcb618a1..877466ea 100644
--- a/.github/workflows/sdo-tf-test.yml
+++ b/.github/workflows/sdo-tf-test.yml
@@ -23,11 +23,11 @@ jobs:
 
     - name: Download and extract the terraform-provider-jira plugin version 0.1.11
       run: |
-        curl -LO https://github.com/fourplusone/terraform-provider-jira/releases/download/v0.1.11/terraform-provider-jira_linux_amd64.zip && unzip terraform-provider-jira_linux_amd64.zip -d /usr/local/bin && rm terraform-provider-jira_linux_amd64.zip
+        curl -LO https://github.com/fourplusone/terraform-provider-jira/releases/download/v0.1.11/terraform-provider-jira_linux_amd64.zip && unzip terraform-provider-jira_linux_amd64.zip -d /home/gitlab-runner/.terraform.d/plugins/linux_amd64/ && rm terraform-provider-jira_linux_amd64.zip
 
     - name: Download and install the terraform-provider-restapi plugin version 1.12.0
       run: |
-        curl -LO https://github.com/Mastercard/terraform-provider-restapi/releases/download/v1.12.0/terraform-provider-restapi_v1.12.0-linux-amd64 && chmod +x terraform-provider-restapi_v1.12.0-linux-amd64 && mv terraform-provider-restapi_v1.12.0-linux-amd64 /usr/local/bin/terraform-provider-restapi
+        curl -LO https://github.com/Mastercard/terraform-provider-restapi/releases/download/v1.12.0/terraform-provider-restapi_v1.12.0-linux-amd64 && chmod +x terraform-provider-restapi_v1.12.0-linux-amd64 && mv terraform-provider-restapi_v1.12.0-linux-amd64 /home/gitlab-runner/.terraform.d/plugins/linux_amd64/terraform-provider-restapi
 
     - name: Terraform fmt
       id: fmt
@@ -57,4 +57,4 @@ jobs:
           output_format: cli
           output_bc_ids: false
           download_external_modules: true
-          skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
+          # skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
diff --git a/.github/workflows/slo-tf-test.yml b/.github/workflows/slo-tf-test.yml
new file mode 100644
index 00000000..c230fc52
--- /dev/null
+++ b/.github/workflows/slo-tf-test.yml
@@ -0,0 +1,50 @@
+name: "App Components TF template tests"
+on:
+  pull_request:
+    paths:
+      - 'slo_packages/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./slo_packages
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'slo_packages/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          # skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2