Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: align addon with latest template #17

Merged
merged 1 commit into from
Sep 15, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 16 additions & 2 deletions .github/RELEASE_DRAFTER.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,25 @@ categories:
- 'enhancement'
- title: 'Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- title: 'Documentation'
label: 'documentation'
- title: 'CI'
label: 'ci'
version-resolver:
major:
labels:
- 'major'
minor:
labels:
- 'feature'
- 'enhancement'
patch:
labels:
- 'ci'
- 'bug'
- 'documentation'
default: patch
change-template: '- $TITLE, by @$AUTHOR (#$NUMBER)'
template: |
# What's changed
Expand Down
65 changes: 37 additions & 28 deletions .github/workflows/pre-commit.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: pre-commit

permissions:
contents: read

on:
workflow_dispatch:
pull_request:
Expand All @@ -8,36 +11,42 @@ on:
- master

env:
PYTHON_VERSION: "3.10"
TERRAFORM_DOCS_VERSION: "v0.16.0"
TFLINT_VERSION: "v0.36.2"
TFLINT_VERSION: "v0.40.1"

jobs:
pre-commit:
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2

- name: Install additional pre-commit hooks
shell: bash
run: |
echo "########### Install Checkov ####################"
pip install checkov

echo "########### Install Terraform-docs #############"
wget https://github.com/terraform-docs/terraform-docs/releases/download/${{ env.TERRAFORM_DOCS_VERSION }}/terraform-docs-${{ env.TERRAFORM_DOCS_VERSION }}-linux-amd64.tar.gz
tar xvzf terraform-docs-${{ env.TERRAFORM_DOCS_VERSION }}-linux-amd64.tar.gz
mkdir -p ~/terraform-docs/bin/
install terraform-docs ~/terraform-docs/bin/
echo '~/terraform-docs/bin/' >> $GITHUB_PATH

echo "########### Install Terraform-linters ##########"
wget https://github.com/terraform-linters/tflint/releases/download/${{ env.TFLINT_VERSION }}/tflint_linux_amd64.zip
unzip tflint_linux_amd64.zip
mkdir -p ~/tflint/bin/
echo '~/tflint/bin/' >> $GITHUB_PATH
install tflint ~/tflint/bin/
~/tflint/bin/tflint --init

- name: Run pre-commit
uses: pre-commit/[email protected]
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
cache: pip

- name: Install Python dependencies
run: pip install -r requirements.txt

- name: Install terraform-docs
uses: jaxxstorm/[email protected]
with:
repo: terraform-docs/terraform-docs
tag: ${{ env.TERRAFORM_DOCS_VERSION }}
cache: enable

- name: TFLint cache
uses: actions/cache@v3
with:
path: ~/.tflint.d/plugins
key: ${{ runner.os }}-tflint-${{ hashFiles('.tflint.hcl') }}

- name: Install TFLint
uses: terraform-linters/setup-tflint@v2
with:
tflint_version: ${{ env.TFLINT_VERSION }}

- name: Run pre-commit
uses: pre-commit/[email protected]
2 changes: 1 addition & 1 deletion .github/workflows/release-drafter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ on:

jobs:
update_release_draft:
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
steps:
- uses: release-drafter/release-drafter@v5
with:
Expand Down
11 changes: 7 additions & 4 deletions .github/workflows/validate.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Terraform validate

permissions:
contents: read

on:
workflow_dispatch:
pull_request:
Expand All @@ -10,11 +13,11 @@ on:
jobs:
versionExtract:
name: Extract min/max Terraform versions
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04

steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v3

- name: Extract Terraform min/max versions
id: minMax
Expand All @@ -26,7 +29,7 @@ jobs:
maxVersion: ${{ steps.minMax.outputs.maxVersion }}

terraform-validate:
runs-on: ubuntu-20.04
runs-on: ubuntu-22.04
needs: versionExtract
strategy:
matrix:
Expand All @@ -35,7 +38,7 @@ jobs:
- ${{ needs.versionExtract.outputs.maxVersion }}

steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ matrix.tf_ver }}
Expand Down
25 changes: 10 additions & 15 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.2.0
rev: v4.3.0
hooks:
- id: trailing-whitespace
- id: check-merge-conflict
Expand All @@ -10,23 +10,18 @@ repos:
- id: end-of-file-fixer

- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.71.0
rev: v1.75.0
hooks:
- id: terraform_fmt
- id: terraform_tflint
- id: terraform_validate
- id: terraform_checkov
- id: terraform_docs
args:
- '--args=--hide providers --sort-by required'

- repo: https://github.com/pecigonzalo/pre-commit-terraform-vars
rev: v1.0.0
hooks:
- id: terraform-vars
- id: terraform_fmt
- id: terraform_tflint
- id: terraform_validate
- id: terraform_checkov
- id: terraform_docs
args:
- '--args=--config=.terraform-docs.yml'

- repo: https://github.com/Yelp/detect-secrets
rev: v1.2.0
rev: v1.3.0
hooks:
- id: detect-secrets
args: ['--baseline', '.secrets.baseline']
Expand Down
82 changes: 64 additions & 18 deletions .secrets.baseline
Original file line number Diff line number Diff line change
@@ -1,20 +1,18 @@
{
"custom_plugin_paths": [],
"exclude": {
"files": null,
"lines": null
},
"generated_at": "2020-09-21T15:31:24Z",
"version": "1.3.0",
"plugins_used": [
{
"name": "ArtifactoryDetector"
},
{
"name": "AWSKeyDetector"
},
{
"name": "ArtifactoryDetector"
"name": "AzureStorageKeyDetector"
},
{
"base64_limit": 4.5,
"name": "Base64HighEntropyString"
"name": "Base64HighEntropyString",
"limit": 4.5
},
{
"name": "BasicAuthDetector"
Expand All @@ -23,8 +21,11 @@
"name": "CloudantDetector"
},
{
"hex_limit": 3,
"name": "HexHighEntropyString"
"name": "GitHubTokenDetector"
},
{
"name": "HexHighEntropyString",
"limit": 3.0
},
{
"name": "IbmCloudIamDetector"
Expand All @@ -36,32 +37,77 @@
"name": "JwtTokenDetector"
},
{
"keyword_exclude": null,
"name": "KeywordDetector"
"name": "KeywordDetector",
"keyword_exclude": ""
},
{
"name": "MailchimpDetector"
},
{
"name": "NpmDetector"
},
{
"name": "PrivateKeyDetector"
},
{
"name": "SendGridDetector"
},
{
"name": "SlackDetector"
},
{
"name": "SoftlayerDetector"
},
{
"name": "SquareOAuthDetector"
},
{
"name": "StripeDetector"
},
{
"name": "TwilioKeyDetector"
}
],
"filters_used": [
{
"path": "detect_secrets.filters.allowlist.is_line_allowlisted"
},
{
"path": "detect_secrets.filters.common.is_baseline_file",
"filename": ".secrets.baseline"
},
{
"path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
"min_level": 2
},
{
"path": "detect_secrets.filters.heuristic.is_indirect_reference"
},
{
"path": "detect_secrets.filters.heuristic.is_likely_id_string"
},
{
"path": "detect_secrets.filters.heuristic.is_lock_file"
},
{
"path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
},
{
"path": "detect_secrets.filters.heuristic.is_potential_uuid"
},
{
"path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
},
{
"path": "detect_secrets.filters.heuristic.is_sequential_string"
},
{
"path": "detect_secrets.filters.heuristic.is_swagger_file"
},
{
"path": "detect_secrets.filters.heuristic.is_templated_secret"
}
],
"results": {},
"version": "0.14.3",
"word_list": {
"file": null,
"hash": null
}
"generated_at": "2022-07-28T10:50:47Z"
}
15 changes: 15 additions & 0 deletions .terraform-docs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
formatter: markdown table

output:
mode: inject
template: |-
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
{{ .Content }}
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

sections:
hide:
- providers

sort:
by: required
11 changes: 11 additions & 0 deletions .tflint.hcl
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
plugin "terraform" {
enabled = true
version = "0.1.1"
source = "github.com/terraform-linters/tflint-ruleset-terraform"
preset = "recommended"
}
plugin "aws" {
enabled = true
version = "0.17.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}
Loading