Skip to content

Commit

Permalink
feat: add docs and template files
Browse files Browse the repository at this point in the history
  • Loading branch information
Claus Riegg authored and crigertg committed Dec 9, 2022
1 parent 084b0a4 commit a5b6c4e
Show file tree
Hide file tree
Showing 8 changed files with 161 additions and 0 deletions.
11 changes: 11 additions & 0 deletions .github/workflows/checkov.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: Checkov
on:
pull_request:

jobs:
checkov:
runs-on: ubuntu-latest
steps:
- uses: makandra/github-actions/checkov-terraform@main
with:
path: .
12 changes: 12 additions & 0 deletions .github/workflows/conventional-commits.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Conventional Commits

on:
pull_request:

jobs:
conventional-commits:
name: Conventional Commits
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: webiny/action-conventional-commits@v1.1.0
10 changes: 10 additions & 0 deletions .github/workflows/precommit.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
name: pre-commit

on:
pull_request:

jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: makandra/github-actions/precommit@main
18 changes: 18 additions & 0 deletions .github/workflows/semantic-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
name: "Semantic-Release"
on:
push:
branches:
- master
- main

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
16 changes: 16 additions & 0 deletions .github/workflows/tflint.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
name: Tflint
on:
pull_request:


jobs:
tflint:
runs-on: ubuntu-latest
strategy:
matrix:
path:
- .
steps:
- uses: makandra/github-actions/tflint@main
with:
path: ${{ matrix.path }}
29 changes: 29 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.2.0
hooks:
- id: check-added-large-files
- id: check-merge-conflict
- id: check-vcs-permalinks
- id: end-of-file-fixer
- id: trailing-whitespace
args: [--markdown-linebreak-ext=md]
exclude: CHANGELOG.md
- id: check-yaml
- id: check-merge-conflict
- id: check-executables-have-shebangs
- id: check-case-conflict
- id: mixed-line-ending
args: [--fix=lf]
- id: detect-aws-credentials
args: ['--allow-missing-credentials']
- id: detect-private-key
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.74.1
hooks:
- id: terraform_fmt
- id: terraform_docs
args:
- --hook-config=--path-to-file=README.md
- --hook-config=--add-to-existing-file=true
- --hook-config=--create-file-if-not-exist=true
42 changes: 42 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# Terraform module template

This is a template for terraform modules. It contains the required CI congiguration and `.gitignore`.

# Contents

## package.json

The `package.json` is required for the [semantic-release](https://semantic-release.gitbook.io/semantic-release/). This is controlled via a Github Actions workflow.

## pre-commit-config.yaml

We rely on [pre-commit](https://pre-commit.com/) hooks to ensure the good code quality. This is also checked by a CI pipeline but recommended to use locally. It's also responsible for creating [terraform-docs](https://terraform-docs.io/).

## .github/workflows

We have several default workflows prepared.

### checkov

[checkov](https://www.checkov.io/) scans the terraform manifests for common misconfigurations. By default the root of the respository is scanned but if you have a repo with submodules (like for e.g. [makandra/terraform-aws-modules](https://github.com/makandra/terraform-aws-modules) you may want to alter the path of the github action.

### conventional-commits

We want to enforce [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) to ensure our `semantic-release` works correctly.

### precommit

We want to ensure that all our rules in the `pre-commit` configuration are applied.

### semantic-release

Whenever new commits are merged into the `main` branch we want a new release to be created.

### tflint

Terraform linter for finding possible errors, old syntax, unused declarations etc. Also it enforces best practices. See [tflint](https://github.com/terraform-linters/tflint).
By default the root of the respository is scanned but if you have a repo with submodules (like for e.g. [makandra/terraform-aws-modules](https://github.com/makandra/terraform-aws-modules) you should add every submodule to the workflow matrix.

# Recommended Repo configuration

We recommend protecting the `main` branch and to allow new code pushes only via Pull Requests. This way it's ensured that all tests pass before a new release is pushed.
23 changes: 23 additions & 0 deletions package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
{
"name": "releasetest",
"license": "MIT",
"devDependencies": {
"@semantic-release/github": "^8.0.7",
"git-cz": "^4.9.0",
"semantic-release": "^19.0.5"
},
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/github",
"@semantic-release/npm", {
"npmPublish": false
}
],
"private": true,
"release": {
"branches": [
"main", "master"
]
}
}

0 comments on commit a5b6c4e

Please sign in to comment.