Skip to content

Commit

Permalink
fix linters
Browse files Browse the repository at this point in the history
  • Loading branch information
@imjoseangel
imjoseangel committed Jan 26, 2022
1 parent d214e9a commit bb809cd
Show file tree
Hide file tree
Showing 5 changed files with 198 additions and 74 deletions.
1 change: 1 addition & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
Expand Down
55 changes: 55 additions & 0 deletions .github/linters/.yamllint
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
---
###########################################
# These are the rules used for #
# linting all the yaml files in the stack #
# NOTE: #
# You can disable line with: #
# # yamllint disable-line #
###########################################
rules:
braces:
level: warning
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: 1
max-spaces-inside-empty: 5
brackets:
level: warning
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: 1
max-spaces-inside-empty: 5
colons:
level: warning
max-spaces-before: 0
max-spaces-after: 1
commas:
level: warning
max-spaces-before: 0
min-spaces-after: 1
max-spaces-after: 1
comments: disable
comments-indentation: disable
document-end: disable
document-start:
level: warning
present: true
empty-lines:
level: warning
max: 2
max-start: 0
max-end: 0
hyphens:
level: warning
max-spaces-after: 1
indentation:
level: warning
spaces: consistent
indent-sequences: true
check-multi-line-strings: false
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
55 changes: 55 additions & 0 deletions .github/linters/linters/.yamllint
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
---
###########################################
# These are the rules used for #
# linting all the yaml files in the stack #
# NOTE: #
# You can disable line with: #
# # yamllint disable-line #
###########################################
rules:
braces:
level: warning
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: 1
max-spaces-inside-empty: 5
brackets:
level: warning
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: 1
max-spaces-inside-empty: 5
colons:
level: warning
max-spaces-before: 0
max-spaces-after: 1
commas:
level: warning
max-spaces-before: 0
min-spaces-after: 1
max-spaces-after: 1
comments: disable
comments-indentation: disable
document-end: disable
document-start:
level: warning
present: true
empty-lines:
level: warning
max: 2
max-start: 0
max-end: 0
hyphens:
level: warning
max-spaces-after: 1
indentation:
level: warning
spaces: consistent
indent-sequences: true
check-multi-line-strings: false
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
67 changes: 34 additions & 33 deletions .github/workflows/terraform-release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
on:
push:
# Sequence of patterns matched against refs/tags
Expand All @@ -12,46 +13,46 @@ jobs:
name: Create Release
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Checkout code
uses: actions/checkout@v2

- name: Get current tag
id: currenttag
run: echo ::set-output name=tag::"${GITHUB_REF#refs/*/}"
- name: Get current tag
id: currenttag
run: echo ::set-output name=tag::"${GITHUB_REF#refs/*/}"

- name: Create Release
id: create_release
uses: ncipollo/release-action@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.currenttag.outputs.tag }}
name: Release ${{ steps.currenttag.outputs.tag }}
body: |
# Terraform Module - Azurerm App Service Plan
- name: Create Release
id: create_release
uses: ncipollo/release-action@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.currenttag.outputs.tag }}
name: Release ${{ steps.currenttag.outputs.tag }}
body: |
# Terraform Module - Azurerm App Service Plan
[![Terraform](https://github.com/imjoseangel/terraform-azurerm-appserviceplan/actions/workflows/terraform.yml/badge.svg)](https://github.com/imjoseangel/terraform-azurerm-appserviceplan/actions/workflows/terraform.yml)
[![Terraform](https://github.com/imjoseangel/terraform-azurerm-appserviceplan/actions/workflows/terraform.yml/badge.svg)](https://github.com/imjoseangel/terraform-azurerm-appserviceplan/actions/workflows/terraform.yml)
A [Terraform][2] module to deploys a App Service Plan.
A [Terraform][2] module to deploys a App Service Plan.
By [imjoseangel][3]
By [imjoseangel][3]
Use with:
```bash
export ARM_CLIENT_ID=""
export ARM_CLIENT_SECRET=""
export ARM_SUBSCRIPTION_ID=""
export ARM_TENANT_ID=""
Use with:
```bash
export ARM_CLIENT_ID=""
export ARM_CLIENT_SECRET=""
export ARM_SUBSCRIPTION_ID=""
export ARM_TENANT_ID=""
terraform init
terraform apply
```
terraform init
terraform apply
```
## License
## License
Licensed under [the MIT License][1].
Licensed under [the MIT License][1].
[1]: https://github.com/imjoseangel/terraform-azurerm-appserviceplan/blob/devel/LICENSE
[2]: https://www.terraform.io/
[3]: https://imjoseangel.eu/
draft: false
prerelease: false
[1]: https://github.com/imjoseangel/terraform-azurerm-appserviceplan/blob/devel/LICENSE
[2]: https://www.terraform.io/
[3]: https://imjoseangel.eu/
draft: false
prerelease: false
94 changes: 53 additions & 41 deletions .github/workflows/terraform.yml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
name: 'Terraform'

on:
push:
branches:
- devel
- devel
pull_request:

jobs:
Expand All @@ -17,50 +18,61 @@ jobs:
shell: bash

steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v2
# Checkout the repository to the GitHub Actions runner
- name: Checkout
uses: actions/checkout@v2

# Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
- name: Setup Terraform
id: setup
uses: hashicorp/setup-terraform@v1
# Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token
- name: Setup Terraform
id: setup
uses: hashicorp/setup-terraform@v1

# Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terraform Init
id: init
run: terraform init
# Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
- name: Terraform Init
id: init
run: terraform init

# Checks that all Terraform configuration files adhere to a canonical format
- name: Terraform Format
id: fmt
run: terraform fmt -check
# Checks that all Terraform configuration files adhere to a canonical format
- name: Terraform Format
id: fmt
run: terraform fmt -check

# Validates the configuration files in a directory, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc.
- name: Terraform Validate
id: validate
run: terraform validate
# Validates the configuration files in a directory, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc.
- name: Terraform Validate
id: validate
run: terraform validate

# Run the tfsec sarif check. Uses static analysis of your terraform templates to spot potential security issues.
- name: Terraform Security Analysis
id: tfsec
uses: tfsec/tfsec-sarif-action@master
with:
sarif_file: tfsec.sarif
# Run the tfsec sarif check. Uses static analysis of your terraform templates to spot potential security issues.
- name: Terraform Security Analysis
id: tfsec
uses: tfsec/tfsec-sarif-action@master
with:
sarif_file: tfsec.sarif

# # Uploads results.sarif to GitHub repository using the upload-sarif action
# - name: Terraform Security Report
# id: tfsarif
# uses: github/codeql-action/upload-sarif@v1
# with:
# sarif_file: tfsec.sarif
# Uploads results.sarif to GitHub repository using the upload-sarif action
- name: Terraform Security Report
id: tfsarif
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: tfsec.sarif

# CStatic code analyzer for Infrastructure as Code with terrascan.
- name: Terraform Scan Code Base
uses: github/super-linter@v4
env:
VALIDATE_ALL_CODEBASE: true
DEFAULT_BRANCH: devel
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VALIDATE_TERRAFORM: true
VALIDATE_TERRAFORM_TERRASCAN: true
# Static code analyzer for Infrastructure as Code
- name: Lint Code Base
id: superlinter
uses: github/super-linter@v4
env:
VALIDATE_ALL_CODEBASE: true
DEFAULT_BRANCH: devel
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VALIDATE_TERRAFORM: true
YAML_CONFIG_FILE: .yamllint

# Static code analyzer for Terrascan
- name: Terraform Scan Code Base
id: terrascan
uses: accurics/terrascan-action@v1
with:
iac_type: terraform
iac_version: v14
policy_type: azure
only_warn: false

0 comments on commit bb809cd

Please sign in to comment.