diff --git a/.github/workflows/terraform-static-analysis.yml b/.github/workflows/terraform-static-analysis.yml index cb1fc1143bd..2689a71daaf 100644 --- a/.github/workflows/terraform-static-analysis.yml +++ b/.github/workflows/terraform-static-analysis.yml @@ -28,13 +28,14 @@ jobs: with: fetch-depth: 0 - name: Run Analysis - uses: ministryofjustice/github-actions/terraform-static-analysis@7c689fe2de15e1692f5cceceb132919ab854081c # v14 + uses: ministryofjustice/github-actions/terraform-static-analysis@433c75e44be4eabb0a6ca573951090b9da4901cf # v15.1.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: scan_type: changed tfsec_exclude: AWS095 tflint_exclude: terraform_unused_declarations + tflint_call_module_type: none terraform-static-analysis-full-scan: permissions: @@ -48,14 +49,15 @@ jobs: with: fetch-depth: 0 - name: Run Analysis - uses: ministryofjustice/github-actions/terraform-static-analysis@7c689fe2de15e1692f5cceceb132919ab854081c # v14 + uses: ministryofjustice/github-actions/terraform-static-analysis@433c75e44be4eabb0a6ca573951090b9da4901cf # v15.1.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: scan_type: full tfsec_exclude: AWS095 tflint_exclude: terraform_unused_declarations - + tflint_call_module_type: none + terraform-static-analysis-scheduled-scan: name: Terraform Static Analysis - scheduled scan of all directories runs-on: ubuntu-latest @@ -66,10 +68,11 @@ jobs: with: fetch-depth: 0 - name: Run Analysis - uses: ministryofjustice/github-actions/terraform-static-analysis@7c689fe2de15e1692f5cceceb132919ab854081c + uses: ministryofjustice/github-actions/terraform-static-analysis@433c75e44be4eabb0a6ca573951090b9da4901cf # v15.1.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: scan_type: full tfsec_exclude: AWS095 tflint_exclude: terraform_unused_declarations + tflint_call_module_type: none