Updated Workflows

DFE-Digital · Apr 17, 2024 · bc2ed62 · bc2ed62
1 parent 88b5c89
commit bc2ed62
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 56 deletions.
diff --git a/.github/workflows/continuous-integration-terraform.yml b/.github/workflows/continuous-integration-terraform.yml
@@ -1,13 +1,16 @@
-name: Continuous integration
+name: Continuous Integration / Terraform
 
 on:
   push:
-    branches: main
+    paths:
+      - '**.tf'
   pull_request:
+    paths:
+      - '**.tf'
 
 jobs:
   terraform-validate:
-    name: Terraform Validate
+    name: Validate
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
@@ -23,38 +26,46 @@ jobs:
             exit 1
           fi
 
+      - name: Validate Terraform docs
+        uses: terraform-docs/[email protected]
+        with:
+          working-dir: terraform
+          config-file: .terraform-docs.yml
+          output-file: README.md
+          output-method: inject
+          fail-on-diff: true
+
+      - name: Remove azure backend
+        run: rm ./terraform/backend.tf
+
       - name: Run a Terraform init
-        uses: docker://hashicorp/terraform:1.8.0
+        uses: docker://hashicorp/terraform:1.8.1
         with:
           entrypoint: terraform
-          args: init
+          args: -chdir=terraform init
 
       - name: Run a Terraform validate
-        uses: docker://hashicorp/terraform:1.8.0
+        uses: docker://hashicorp/terraform:1.8.1
         with:
           entrypoint: terraform
-          args: validate
+          args: -chdir=terraform validate
 
       - name: Run a Terraform format check
-        uses: docker://hashicorp/terraform:1.8.0
+        uses: docker://hashicorp/terraform:1.8.1
         with:
           entrypoint: terraform
-          args: fmt -check=true -diff=true
-  terraform-docs-validation:
-    name: Terraform Docs validation
-    needs: terraform-validate
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v4
+          args: -chdir=terraform fmt -check=true -diff=true
+
+      - name: Setup TFLint
+        uses: terraform-linters/setup-tflint@v4
         with:
-          ref: ${{ github.event.pull_request.head.ref }}
+          tflint_version: v0.44.1
+
+      - name: Run TFLint
+        working-directory: terraform
+        run: tflint -f compact
 
-      - name: Generate Terraform docs
-        uses: terraform-docs/gh-actions@v1.0.0
+      - name: Run TFSec
+        uses: aquasecurity/tfsec-pr-commenter-action@v1.3.1
         with:
-          working-dir: .
-          config-file: .terraform-docs.yml
-          output-file: README.md
-          output-method: inject
-          fail-on-diff: true
+          github_token: ${{ github.token }}
diff --git a/.github/workflows/continuous-integration-tflint.yml b/.github/workflows/continuous-integration-tflint.yml
diff --git a/.github/workflows/continuous-integration-tfsec.yml b/.github/workflows/continuous-integration-tfsec.yml
diff --git a/.terraform-version b/.terraform-version
@@ -1 +1 @@
-1.8.0
+1.8.1