chore: gitpod and workflow setup (#5)

* chore: add gitpod config * docs: add code owners * chore: enable dependabot * chore: add continuos integration workflow * chore: add tflint config and azure plugin
jortfal · Apr 8, 2021 · aa2a561 · aa2a561
1 parent 259b17b
commit aa2a561
Show file tree

Hide file tree

Showing 8 changed files with 241 additions and 0 deletions.
diff --git a/.github/.dependabot b/.github/.dependabot
@@ -0,0 +1,13 @@
+version: 2
+updates:
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    # Check for updates once a week
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "terraform"
+    directory: "/"
+    # Check for updates once a week
+    schedule:
+      interval: "weekly"
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+@jortfal
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,69 @@
+name: Continuos Integration
+
+on:
+  workflow_dispatch:
+  push:
+  pull_request:
+    branches:
+      - master
+  release:
+    types:
+      - prereleased
+      - created
+
+jobs:
+  continuous-integration:
+    name: Continuous Integration
+    runs-on: ubuntu-20.04
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: HashiCorp - Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: 0.14.10
+
+      - name: Terraform fmt
+        id: fmt
+        run: terraform fmt -check
+        continue-on-error: false
+
+      - name: Install TFLint
+        uses: terraform-linters/setup-tflint@v1
+        with:
+          tflint_version: v0.26.0
+
+      - name: Check linting of Terraform files
+        id: lint
+        run: tflint
+
+      - name: Terraform Init
+        id: init
+        run: terraform init
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+
+      - name: Install TFSec
+        run: |
+          curl -L https://github.com/tfsec/tfsec/releases/download/v0.39.20/tfsec-linux-amd64 -o tfsec && \
+          sudo chmod +x tfsec && \
+          sudo mv tfsec /usr/local/bin/tfsec
+
+      - name: TFSec
+        id: sec
+        run: tfsec
+
+      - name: Install Terraform Docs
+        run: |
+          curl -L https://github.com/terraform-docs/terraform-docs/releases/download/v0.12.1/terraform-docs-v0.12.1-$(uname)-amd64.tar.gz -o terraform-docs.tar.gz && \
+          tar -xzf terraform-docs.tar.gz && \
+          sudo chmod +x terraform-docs && \
+          sudo mv terraform-docs /usr/local/bin/terraform-docs
+      
+      #- name: Terraform Docs
+      #  id: docs
+      #  run: #TO DO
diff --git a/.gitpod.Containerfile b/.gitpod.Containerfile
@@ -0,0 +1,57 @@
+FROM debian:buster-20210111-slim
+
+ARG DEBIAN_FRONTEND=noninteractive
+ARG TERRAFORM_VERSION=0.14.10
+ARG TFLINT_VERSION=v0.26.0
+ARG TFSEC_VERSION=v0.39.20
+ARG TERRAFORM_DOCS_VERSION=v0.12.1
+
+# Update Local Repository Index and Install apt-utils
+RUN apt-get update && apt-get -y --no-install-recommends install apt-utils
+
+# Install custom 
+RUN \
+  apt-get -y --no-install-recommends install \
+    sudo \
+    bash \
+    procps \
+    openssl \
+    gnupg \
+    lsb-release \
+    ca-certificates \
+    apt-transport-https \
+    software-properties-common \
+    curl \
+    wget \
+    unzip \
+    python3-pip \
+    vim 
+
+# Install Pre-Commit - A framework for managing and maintaining multi-language pre-commit hooks
+RUN pip3 install pre-commit
+
+# Install Terraform
+RUN curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
+RUN \
+  sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+  sudo apt-get update && \
+  apt-get -y --no-install-recommends install terraform=$TERRAFORM_VERSION
+
+# Install TFLint - A Pluggable Terraform Linter
+RUN curl https://raw.githubusercontent.com/terraform-linters/tflint/$TFLINT_VERSION/install_linux.sh | bash
+
+# Install TFSec - Static analysis of your terraform templates to spot potential security issues. 
+RUN \
+  curl -L https://github.com/tfsec/tfsec/releases/download/$TFSEC_VERSION/tfsec-linux-amd64 -o tfsec && \
+  sudo chmod +x tfsec && \
+  sudo mv tfsec /usr/local/bin/tfsec
+
+# Install Terraform Docs - A utility to generate documentation from Terraform Modules
+RUN \
+  curl -L https://github.com/terraform-docs/terraform-docs/releases/download/$TERRAFORM_DOCS_VERSION/terraform-docs-$TERRAFORM_DOCS_VERSION-$(uname)-amd64.tar.gz -o terraform-docs.tar.gz && \
+  tar -xzf terraform-docs.tar.gz && \
+  sudo chmod +x terraform-docs && \
+  sudo mv terraform-docs /usr/local/bin/terraform-docs
+
+# Install the Azure CLI
+RUN curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
diff --git a/.gitpod.yml b/.gitpod.yml
@@ -0,0 +1,27 @@
+
+image:
+  file: .gitpod.Containerfile
+
+# List the ports you want to expose and what to do when they are served. See https://www.gitpod.io/docs/config-ports/
+# ports:
+#   - port: 3000
+#     onOpen: open-preview
+# List the start up tasks. You can start them in parallel in multiple terminals. See https://www.gitpod.io/docs/config-start-tasks/
+# tasks:
+#   - init: echo 'init script' # runs during prebuild
+#     command: echo 'start script'
+tasks:
+  - name: Set up Git Config
+    openIn: bottom
+    command: git config --global user.name "jortfal" &&
+             git config --global user.email "jortfal@users.noreply.github.com" &&
+             git config --global commit.gpgsign true &&
+             git config --global user.signingkey C62738C0CBE3CDCA &&
+             touch private.gpg &&
+             echo 'WARNING!!! Do not forget to import the private gpg key ;)' &&
+             echo 'use "gpg --import private.gpg" to import private key '
+
+vscode:
+  extensions:
+    - hashicorp.terraform
+    - yzhang.markdown-all-in-one
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,9 @@
+repos:
+- repo: git://github.com/antonbabenko/pre-commit-terraform
+  rev: v1.46.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
+  hooks:
+    - id: terraform_fmt
+    - id: terraform_tflint
+    - id: terraform_validate
+    - id: terraform_tfsec
+    - id: terraform_docs
diff --git a/.tflint.d/plugins/tflint-ruleset-azurerm b/.tflint.d/plugins/tflint-ruleset-azurerm
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -0,0 +1,65 @@
+config {
+  module = false
+  force = true
+  disabled_by_default = true
+}
+
+rule "terraform_deprecated_interpolation" {
+  enabled = true
+}
+
+rule "terraform_deprecated_index" {
+  enabled = true
+}
+
+rule "terraform_unused_declarations" {
+  enabled = false
+}
+
+rule "terraform_comment_syntax" {
+  enabled = true
+}
+
+rule "terraform_documented_outputs" {
+  enabled = false
+}
+
+rule "terraform_documented_variables" {
+  enabled = true
+}
+
+rule "terraform_typed_variables" {
+  enabled = true
+}
+
+rule "terraform_module_pinned_source" {
+  enabled = true
+}
+
+rule "terraform_naming_convention" {
+  enabled = true
+}
+
+rule "terraform_required_version" {
+  enabled = true
+}
+
+rule "terraform_required_providers" {
+  enabled = true
+}
+
+rule "terraform_unused_required_providers" {
+  enabled = true
+}
+
+rule "terraform_standard_module_structure" {
+  enabled = true
+}
+
+rule "terraform_workspace_remote" {
+  enabled = true
+}
+
+plugin "azurerm" {
+    enabled = true
+}