Merge pull request #29 from padok-team/docs/fixes

ci: use workflow from org actions
padok-team · Apr 12, 2024 · bd1b6c4 · bd1b6c4
2 parents 313ba81 + 9db23b2
commit bd1b6c4
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 48 deletions.
diff --git a/.checkov.baseline b/.checkov.baseline
@@ -0,0 +1,48 @@
+{
+    "failed_checks": [
+        {
+            "file": "/main.tf",
+            "findings": [
+                {
+                    "resource": "aws_cloudwatch_log_group.start_stop_scheduler",
+                    "check_ids": [
+                        "CKV_AWS_158",
+                        "CKV_AWS_338"
+                    ]
+                },
+                {
+                    "resource": "aws_iam_policy_document.lambda_autoscalinggroup",
+                    "check_ids": [
+                        "CKV_AWS_111",
+                        "CKV_AWS_356"
+                    ]
+                },
+                {
+                    "resource": "aws_iam_policy_document.lambda_ec2",
+                    "check_ids": [
+                        "CKV_AWS_111",
+                        "CKV_AWS_356"
+                    ]
+                },
+                {
+                    "resource": "aws_iam_policy_document.lambda_rds",
+                    "check_ids": [
+                        "CKV_AWS_111",
+                        "CKV_AWS_356"
+                    ]
+                },
+                {
+                    "resource": "aws_lambda_function.start_stop_scheduler",
+                    "check_ids": [
+                        "CKV_AWS_115",
+                        "CKV_AWS_116",
+                        "CKV_AWS_117",
+                        "CKV_AWS_173",
+                        "CKV_AWS_272",
+                        "CKV_AWS_50"
+                    ]
+                }
+            ]
+        }
+    ]
+}
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -3,12 +3,9 @@ on:
     branches:
       - main
 
-name: release-please
+name: release
 jobs:
-  release-please:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: google-github-actions/release-please-action@db8f2c60ee802b3748b512940dde88eabd7b7e01 # v3
-        with:
-          release-type: terraform-module
-          default-branch: main
+  release:
+    uses: padok-team/github-workflows/.github/workflows/release.yml@v1
+    with:
+      update-major-minor-tags: true
diff --git a/.github/workflows/terraform-docs.yml b/.github/workflows/terraform-docs.yml
@@ -0,0 +1,9 @@
+on:
+  push:
+    branches:
+      - main # your trunk branch
+
+name: terraform-docs
+jobs:
+  terraform-docs:
+    uses: padok-team/github-workflows/.github/workflows/terraform-docs.yml@v1
diff --git a/.github/workflows/terraform-quality.yml b/.github/workflows/terraform-quality.yml
@@ -0,0 +1,11 @@
+on:
+  pull_request:
+    branches:
+      - main
+name: terraform-quality
+jobs:
+  terraform-quality:
+    uses: padok-team/github-workflows/.github/workflows/terraform-quality.yml@v1
+    with:
+      checkov_skip_path: "examples/"
+      checkov_baseline: ".checkov.baseline"
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -1,43 +1,5 @@
 plugin "aws" {
     enabled = true
-}
-
-rule "terraform_unused_declarations" {
-  enabled = true
-}
-
-rule "terraform_typed_variables" {
-  enabled = true
-}
-
-rule "terraform_documented_outputs" {
-  enabled = true
-}
-
-rule "terraform_documented_variables" {
-  enabled = true
-}
-
-rule "terraform_deprecated_index" {
-  enabled = true
-}
-
-rule "terraform_required_version" {
-  enabled = true
-}
-
-rule "terraform_required_providers" {
-  enabled = true
-}
-
-rule "terraform_unused_required_providers" {
-  enabled = true
-}
-
-rule "terraform_standard_module_structure" {
-  enabled = true
-}
-
-rule "terraform_naming_convention" {
-  enabled = true
+    version = "0.30.0"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }