fix: statis analysis -> removed cached folder for terraform (#2741)

* pre-commit fixs * removed cached folder because give more problems that solutions * minor fix
pagopa · Jan 22, 2025 · eedd753 · eedd753
1 parent 2ee84a7
commit eedd753
Showing 13 changed files with 51 additions and 59 deletions.
diff --git a/.github/workflows/static_analysis.yml b/.github/workflows/static_analysis.yml
@@ -1,9 +1,10 @@
-name: Static Analysis
+name: Static Analysis Main
 
 on:
   push:
     branches:
       - main
+  workflow_dispatch:
 
 jobs:
   static_analysis:
@@ -33,13 +34,8 @@ jobs:
         echo    "+ 🔨 CREATE CACHE FOLDER         +"
         echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-\n"
 
-        export TF_PLUGIN_CACHE_DIR="/tmp/.terraform.d/plugin-cache"
-        mkdir -p ${TF_PLUGIN_CACHE_DIR}
-        ls -la ${TF_PLUGIN_CACHE_DIR}
-
         echo "📢 Show space"
         df -h
-        du -h ${TF_PLUGIN_CACHE_DIR}
 
         echo -e "\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-"
         echo    "+ 🏁 INIT TERRAFORM FOLDERS 🏁   +"
@@ -77,9 +73,6 @@ jobs:
         done
 
         echo "📢 Show space 3"
-        df -h
-        ls -la /tmp/.terraform.d/plugin-cache
-        du -h -d 5 ${TF_PLUGIN_CACHE_DIR}
 
     - name: Show precommit version
       shell: bash
@@ -99,8 +92,6 @@ jobs:
         echo    "+- 🚨 PRECOMMIT TERRAFORM 🚨 -+"
         echo -e "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\n"
 
-        export TF_PLUGIN_CACHE_DIR="/tmp/.terraform.d/plugin-cache"
-
         TAG=v1.96.2@sha256:01f870b7689b5a09c1a370914fcddcac42c4b6478c9d369e1d2590dd0a66ffd0
         docker run \
           -v $(pwd):/lint \

diff --git a/.github/workflows/static_analysis_pr.yml b/.github/workflows/static_analysis_pr.yml
@@ -1,4 +1,4 @@
-name: Static Analysis PR
+name: 🛃 Static Analysis PR
 
 on:
   push:

diff --git a/src/domains/fdr-app/README.md b/src/domains/fdr-app/README.md
diff --git a/src/domains/fdr-common/README.md b/src/domains/fdr-common/README.md
diff --git a/src/domains/observability/env/uat/terraform.tfvars b/src/domains/observability/env/uat/terraform.tfvars
@@ -359,7 +359,7 @@ ehns_metric_alerts_gpd = {
       {
         name     = "EntityName"
         operator = "Include"
-        values   = ["gpd-ingestion.apd.payment_option-tx", "gpd-ingestion.apd.payment_position-tx","gpd-ingestion.apd.transfer-tx"]
+        values   = ["gpd-ingestion.apd.payment_option-tx", "gpd-ingestion.apd.payment_position-tx", "gpd-ingestion.apd.transfer-tx"]
       }
     ],
   },

diff --git a/src/domains/payopt-app/05_subkey.tf b/src/domains/payopt-app/05_subkey.tf
@@ -22,13 +22,13 @@ data "azurerm_api_management_user" "user_demo" {
   count = var.env_short != "p" ? 1 : 0
   # DEV -> 99999000001 PSP Signed Direct
   # UAT -> 99999000011 PSP DEMO
-  user_id             = var.env_short == "u" ? "349fab55-1fe5-4b89-92ac-5bdeabe3010e"  : "2d6fe3c6-5656-43c8-afd4-ccf2bb352cec"
+  user_id             = var.env_short == "u" ? "349fab55-1fe5-4b89-92ac-5bdeabe3010e" : "2d6fe3c6-5656-43c8-afd4-ccf2bb352cec"
   api_management_name = data.azurerm_api_management.apim.name
   resource_group_name = data.azurerm_api_management.apim.resource_group_name
 }
 resource "azurerm_api_management_subscription" "service_payment_options_subkey" {
-  depends_on = [ data.azurerm_api_management_user.user_demo ]
-  count = var.env_short != "p" ? 1 : 0
+  depends_on = [data.azurerm_api_management_user.user_demo]
+  count      = var.env_short != "p" ? 1 : 0
 
   api_management_name = data.azurerm_api_management.apim.name
   resource_group_name = data.azurerm_api_management.apim.resource_group_name

diff --git a/src/domains/payopt-app/99_variables.tf b/src/domains/payopt-app/99_variables.tf
@@ -71,10 +71,10 @@ variable "tags" {
 
 variable "is_feature_enabled" {
   type = object({
-    paymentoptions      = bool
+    paymentoptions = bool
   })
   default = {
-    paymentoptions      = false
+    paymentoptions = false
   }
 }
 ### External resources

diff --git a/src/domains/payopt-app/README.md b/src/domains/payopt-app/README.md
@@ -57,6 +57,7 @@
 | [azurerm_api_management.apim](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management) | data source |
 | [azurerm_api_management_product.apim_api_config_product](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management_product) | data source |
 | [azurerm_api_management_product.apim_forwarder_product](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management_product) | data source |
+| [azurerm_api_management_user.user_demo](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management_user) | data source |
 | [azurerm_application_insights.application_insights_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/application_insights) | data source |
 | [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
 | [azurerm_eventhub_authorization_rule.pagopa_weu_core_evh_ns04_nodo_dei_pagamenti_cache_sync_reader](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/eventhub_authorization_rule) | data source |
@@ -88,7 +89,7 @@
 | <a name="input_external_domain"></a> [external\_domain](#input\_external\_domain) | Domain for delegation | `string` | `null` | no |
 | <a name="input_ingress_load_balancer_ip"></a> [ingress\_load\_balancer\_ip](#input\_ingress\_load\_balancer\_ip) | ## Aks | `string` | n/a | yes |
 | <a name="input_instance"></a> [instance](#input\_instance) | One of beta, prod01, prod02 | `string` | n/a | yes |
-| <a name="input_is_feature_enabled"></a> [is\_feature\_enabled](#input\_is\_feature\_enabled) | n/a | <pre>object({<br/>    paymentoptions      = bool<br/>    paymentoptions_mock = bool<br/>  })</pre> | <pre>{<br/>  "paymentoptions": false,<br/>  "paymentoptions_mock": false<br/>}</pre> | no |
+| <a name="input_is_feature_enabled"></a> [is\_feature\_enabled](#input\_is\_feature\_enabled) | n/a | <pre>object({<br/>    paymentoptions = bool<br/>  })</pre> | <pre>{<br/>  "paymentoptions": false<br/>}</pre> | no |
 | <a name="input_k8s_kube_config_path_prefix"></a> [k8s\_kube\_config\_path\_prefix](#input\_k8s\_kube\_config\_path\_prefix) | n/a | `string` | `"~/.kube"` | no |
 | <a name="input_location"></a> [location](#input\_location) | One of westeurope, northeurope | `string` | n/a | yes |
 | <a name="input_location_short"></a> [location\_short](#input\_location\_short) | One of wue, neu | `string` | n/a | yes |

diff --git a/src/domains/payopt-app/env/itn-dev/terraform.tfvars b/src/domains/payopt-app/env/itn-dev/terraform.tfvars
@@ -34,5 +34,5 @@ apim_dns_zone_prefix     = "dev.platform"
 ingress_load_balancer_ip = "10.3.2.250"
 
 is_feature_enabled = {
-  paymentoptions      = true
+  paymentoptions = true
 }
diff --git a/src/domains/payopt-app/env/itn-prod/terraform.tfvars b/src/domains/payopt-app/env/itn-prod/terraform.tfvars
@@ -34,7 +34,7 @@ apim_dns_zone_prefix     = "platform"
 ingress_load_balancer_ip = "10.3.2.250"
 
 is_feature_enabled = {
-  paymentoptions      = true
+  paymentoptions = true
 }
 
 pod_disruption_budgets = {

diff --git a/src/domains/payopt-app/env/itn-uat/terraform.tfvars b/src/domains/payopt-app/env/itn-uat/terraform.tfvars
@@ -34,5 +34,5 @@ apim_dns_zone_prefix     = "uat.platform"
 ingress_load_balancer_ip = "10.3.2.250"
 
 is_feature_enabled = {
-  paymentoptions      = true
+  paymentoptions = true
 }
diff --git a/src/domains/printit-app/README.md b/src/domains/printit-app/README.md
@@ -255,7 +255,7 @@ No outputs.
 | <a name="input_ingress_load_balancer_ip"></a> [ingress\_load\_balancer\_ip](#input\_ingress\_load\_balancer\_ip) | ## Aks | `string` | n/a | yes |
 | <a name="input_instance"></a> [instance](#input\_instance) | One of beta, prod01, prod02 | `string` | n/a | yes |
 | <a name="input_io_backend_base_path"></a> [io\_backend\_base\_path](#input\_io\_backend\_base\_path) | io backend api base path | `string` | `null` | no |
-| <a name="input_is_feature_enabled"></a> [is\_feature\_enabled](#input\_is\_feature\_enabled) | n/a | <pre>object({<br>    pdf_engine = bool<br>    printit    = bool<br>  })</pre> | <pre>{<br>  "pdf_engine": false,<br>  "printit": false<br>}</pre> | no |
+| <a name="input_is_feature_enabled"></a> [is\_feature\_enabled](#input\_is\_feature\_enabled) | n/a | <pre>object({<br/>    pdf_engine = bool<br/>    printit    = bool<br/>  })</pre> | <pre>{<br/>  "pdf_engine": false,<br/>  "printit": false<br/>}</pre> | no |
 | <a name="input_k8s_kube_config_path_prefix"></a> [k8s\_kube\_config\_path\_prefix](#input\_k8s\_kube\_config\_path\_prefix) | n/a | `string` | `"~/.kube"` | no |
 | <a name="input_location"></a> [location](#input\_location) | One of westeurope, northeurope | `string` | n/a | yes |
 | <a name="input_location_short"></a> [location\_short](#input\_location\_short) | One of wue, neu | `string` | n/a | yes |
@@ -269,9 +269,9 @@ No outputs.
 | <a name="input_payment_wallet_migrations_enabled"></a> [payment\_wallet\_migrations\_enabled](#input\_payment\_wallet\_migrations\_enabled) | Payment wallet migrations enabled | `bool` | `false` | no |
 | <a name="input_payment_wallet_with_pm_enabled"></a> [payment\_wallet\_with\_pm\_enabled](#input\_payment\_wallet\_with\_pm\_enabled) | payment wallet using Payment Manager | `bool` | `false` | no |
 | <a name="input_pdv_api_base_path"></a> [pdv\_api\_base\_path](#input\_pdv\_api\_base\_path) | Personal data vault api base path | `string` | `null` | no |
-| <a name="input_pod_disruption_budgets"></a> [pod\_disruption\_budgets](#input\_pod\_disruption\_budgets) | Pod disruption budget for domain namespace | <pre>map(object({<br>    name         = optional(string, null)<br>    minAvailable = optional(number, null)<br>    matchLabels  = optional(map(any), {})<br>  }))</pre> | `{}` | no |
+| <a name="input_pod_disruption_budgets"></a> [pod\_disruption\_budgets](#input\_pod\_disruption\_budgets) | Pod disruption budget for domain namespace | <pre>map(object({<br/>    name         = optional(string, null)<br/>    minAvailable = optional(number, null)<br/>    matchLabels  = optional(map(any), {})<br/>  }))</pre> | `{}` | no |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br>  "CreatedBy": "Terraform"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br/>  "CreatedBy": "Terraform"<br/>}</pre> | no |
 
 ## Outputs
 

diff --git a/src/elk-monitoring/README.md b/src/elk-monitoring/README.md
@@ -203,11 +203,11 @@
 | <a name="input_apim_dns_zone_prefix"></a> [apim\_dns\_zone\_prefix](#input\_apim\_dns\_zone\_prefix) | The dns subdomain for apim. | `string` | `null` | no |
 | <a name="input_dns_zone_internal_prefix"></a> [dns\_zone\_internal\_prefix](#input\_dns\_zone\_internal\_prefix) | The dns subdomain. | `string` | `null` | no |
 | <a name="input_domain"></a> [domain](#input\_domain) | n/a | `string` | n/a | yes |
-| <a name="input_elastic_cold_storage"></a> [elastic\_cold\_storage](#input\_elastic\_cold\_storage) | n/a | <pre>object({<br>    storage_type           = string,<br>    allow_volume_expansion = bool,<br>    initialStorageSize     = string<br>  })</pre> | n/a | yes |
-| <a name="input_elastic_hot_storage"></a> [elastic\_hot\_storage](#input\_elastic\_hot\_storage) | n/a | <pre>object({<br>    storage_type           = string,<br>    allow_volume_expansion = bool,<br>    initialStorageSize     = string<br>  })</pre> | n/a | yes |
-| <a name="input_elastic_node_pool"></a> [elastic\_node\_pool](#input\_elastic\_node\_pool) | AKS node pool user configuration | <pre>object({<br>    enabled               = bool,<br>    name                  = string,<br>    vm_size               = string,<br>    os_disk_type          = string,<br>    os_disk_size_gb       = string,<br>    node_count_min        = number,<br>    node_count_max        = number,<br>    node_labels           = map(any),<br>    node_taints           = list(string),<br>    node_tags             = map(any),<br>    elastic_pool_max_pods = number,<br>  })</pre> | n/a | yes |
-| <a name="input_elastic_warm_storage"></a> [elastic\_warm\_storage](#input\_elastic\_warm\_storage) | n/a | <pre>object({<br>    storage_type           = string,<br>    allow_volume_expansion = bool,<br>    initialStorageSize     = string<br>  })</pre> | n/a | yes |
-| <a name="input_elk_snapshot_sa"></a> [elk\_snapshot\_sa](#input\_elk\_snapshot\_sa) | n/a | <pre>object({<br>    blob_delete_retention_days = number<br>    backup_enabled             = bool<br>    blob_versioning_enabled    = bool<br>    advanced_threat_protection = bool<br>  })</pre> | <pre>{<br>  "advanced_threat_protection": true,<br>  "backup_enabled": false,<br>  "blob_delete_retention_days": 0,<br>  "blob_versioning_enabled": true<br>}</pre> | no |
+| <a name="input_elastic_cold_storage"></a> [elastic\_cold\_storage](#input\_elastic\_cold\_storage) | n/a | <pre>object({<br/>    storage_type           = string,<br/>    allow_volume_expansion = bool,<br/>    initialStorageSize     = string<br/>  })</pre> | n/a | yes |
+| <a name="input_elastic_hot_storage"></a> [elastic\_hot\_storage](#input\_elastic\_hot\_storage) | n/a | <pre>object({<br/>    storage_type           = string,<br/>    allow_volume_expansion = bool,<br/>    initialStorageSize     = string<br/>  })</pre> | n/a | yes |
+| <a name="input_elastic_node_pool"></a> [elastic\_node\_pool](#input\_elastic\_node\_pool) | AKS node pool user configuration | <pre>object({<br/>    enabled               = bool,<br/>    name                  = string,<br/>    vm_size               = string,<br/>    os_disk_type          = string,<br/>    os_disk_size_gb       = string,<br/>    node_count_min        = number,<br/>    node_count_max        = number,<br/>    node_labels           = map(any),<br/>    node_taints           = list(string),<br/>    node_tags             = map(any),<br/>    elastic_pool_max_pods = number,<br/>  })</pre> | n/a | yes |
+| <a name="input_elastic_warm_storage"></a> [elastic\_warm\_storage](#input\_elastic\_warm\_storage) | n/a | <pre>object({<br/>    storage_type           = string,<br/>    allow_volume_expansion = bool,<br/>    initialStorageSize     = string<br/>  })</pre> | n/a | yes |
+| <a name="input_elk_snapshot_sa"></a> [elk\_snapshot\_sa](#input\_elk\_snapshot\_sa) | n/a | <pre>object({<br/>    blob_delete_retention_days = number<br/>    backup_enabled             = bool<br/>    blob_versioning_enabled    = bool<br/>    advanced_threat_protection = bool<br/>  })</pre> | <pre>{<br/>  "advanced_threat_protection": true,<br/>  "backup_enabled": false,<br/>  "blob_delete_retention_days": 0,<br/>  "blob_versioning_enabled": true<br/>}</pre> | no |
 | <a name="input_enable_iac_pipeline"></a> [enable\_iac\_pipeline](#input\_enable\_iac\_pipeline) | If true create the key vault policy to allow used by azure devops iac pipelines. | `bool` | `false` | no |
 | <a name="input_env"></a> [env](#input\_env) | n/a | `string` | n/a | yes |
 | <a name="input_env_short"></a> [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes |
@@ -224,14 +224,14 @@
 | <a name="input_log_analytics_workspace_name"></a> [log\_analytics\_workspace\_name](#input\_log\_analytics\_workspace\_name) | Specifies the name of the Log Analytics Workspace. | `string` | n/a | yes |
 | <a name="input_log_analytics_workspace_resource_group_name"></a> [log\_analytics\_workspace\_resource\_group\_name](#input\_log\_analytics\_workspace\_resource\_group\_name) | The name of the resource group in which the Log Analytics workspace is located in. | `string` | n/a | yes |
 | <a name="input_monitor_resource_group_name"></a> [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes |
-| <a name="input_nginx_helm"></a> [nginx\_helm](#input\_nginx\_helm) | nginx ingress helm chart configuration | <pre>object({<br>    version = string,<br>    controller = object({<br>      image = object({<br>        registry     = string,<br>        image        = string,<br>        tag          = string,<br>        digest       = string,<br>        digestchroot = string,<br>      }),<br>      config = object({<br>        proxy-body-size : string<br>      })<br>    })<br>  })</pre> | n/a | yes |
-| <a name="input_nodeset_config"></a> [nodeset\_config](#input\_nodeset\_config) | n/a | <pre>map(object({<br>    count            = string<br>    roles            = list(string)<br>    storage          = string<br>    storageClassName = string<br>    requestMemory    = string<br>    requestCPU       = string<br>    limitsMemory     = string<br>    limitsCPU        = string<br>  }))</pre> | <pre>{<br>  "default": {<br>    "count": 1,<br>    "limitsCPU": "1",<br>    "limitsMemory": "2Gi",<br>    "requestCPU": "1",<br>    "requestMemory": "2Gi",<br>    "roles": [<br>      "master",<br>      "data",<br>      "data_content",<br>      "data_hot",<br>      "data_warm",<br>      "data_cold",<br>      "data_frozen",<br>      "ingest",<br>      "ml",<br>      "remote_cluster_client",<br>      "transform"<br>    ],<br>    "storage": "5Gi",<br>    "storageClassName": "standard"<br>  }<br>}</pre> | no |
-| <a name="input_opentelemetry_operator_helm"></a> [opentelemetry\_operator\_helm](#input\_opentelemetry\_operator\_helm) | open-telemetry/opentelemetry-operator helm chart configuration | <pre>object({<br>    chart_version = string,<br>    values_file   = string<br>  })</pre> | n/a | yes |
+| <a name="input_nginx_helm"></a> [nginx\_helm](#input\_nginx\_helm) | nginx ingress helm chart configuration | <pre>object({<br/>    version = string,<br/>    controller = object({<br/>      image = object({<br/>        registry     = string,<br/>        image        = string,<br/>        tag          = string,<br/>        digest       = string,<br/>        digestchroot = string,<br/>      }),<br/>      config = object({<br/>        proxy-body-size : string<br/>      })<br/>    })<br/>  })</pre> | n/a | yes |
+| <a name="input_nodeset_config"></a> [nodeset\_config](#input\_nodeset\_config) | n/a | <pre>map(object({<br/>    count            = string<br/>    roles            = list(string)<br/>    storage          = string<br/>    storageClassName = string<br/>    requestMemory    = string<br/>    requestCPU       = string<br/>    limitsMemory     = string<br/>    limitsCPU        = string<br/>  }))</pre> | <pre>{<br/>  "default": {<br/>    "count": 1,<br/>    "limitsCPU": "1",<br/>    "limitsMemory": "2Gi",<br/>    "requestCPU": "1",<br/>    "requestMemory": "2Gi",<br/>    "roles": [<br/>      "master",<br/>      "data",<br/>      "data_content",<br/>      "data_hot",<br/>      "data_warm",<br/>      "data_cold",<br/>      "data_frozen",<br/>      "ingest",<br/>      "ml",<br/>      "remote_cluster_client",<br/>      "transform"<br/>    ],<br/>    "storage": "5Gi",<br/>    "storageClassName": "standard"<br/>  }<br/>}</pre> | no |
+| <a name="input_opentelemetry_operator_helm"></a> [opentelemetry\_operator\_helm](#input\_opentelemetry\_operator\_helm) | open-telemetry/opentelemetry-operator helm chart configuration | <pre>object({<br/>    chart_version = string,<br/>    values_file   = string<br/>  })</pre> | n/a | yes |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
 | <a name="input_snapshot_storage_replication_type"></a> [snapshot\_storage\_replication\_type](#input\_snapshot\_storage\_replication\_type) | (Optional) ELK snapshot storage replication type | `string` | `"LRS"` | no |
 | <a name="input_subscription_name"></a> [subscription\_name](#input\_subscription\_name) | Subscription name | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br>  "CreatedBy": "Terraform"<br>}</pre> | no |
-| <a name="input_tls_cert_check_helm"></a> [tls\_cert\_check\_helm](#input\_tls\_cert\_check\_helm) | tls cert helm chart configuration | <pre>object({<br>    chart_version = string,<br>    image_name    = string,<br>    image_tag     = string<br>  })</pre> | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br/>  "CreatedBy": "Terraform"<br/>}</pre> | no |
+| <a name="input_tls_cert_check_helm"></a> [tls\_cert\_check\_helm](#input\_tls\_cert\_check\_helm) | tls cert helm chart configuration | <pre>object({<br/>    chart_version = string,<br/>    image_name    = string,<br/>    image_tag     = string<br/>  })</pre> | n/a | yes |
 
 ## Outputs