Feat: Add automerge github shared workflow

[vaibhav7797]

what

• Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
• Use bullet points to be concise and to the point.

why

• Provide the justifications for the changes (e.g. business case).
• Describe why these changes were made (e.g. why do these commits fix the problem?)
• Use bullet points to be concise and to the point.

references

• Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow).
• Use closes #123, if this PR closes a Jira issue #123

[clouddrove-ci]

Terraform Security Scan Failed

Show Output

Result #1 HIGH Trail is not encrypted. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:36
────────────────────────────────────────────────────────────────────────────────
   24    resource "aws_cloudtrail" "default" {
   ..  
   36  [   kms_key_id                    = join("", aws_kms_key.cloudtrail[*].arn) # aws_kms_key.cloudtrail[0].arn != null ? aws_kms_key.cloudtrail[0].arn : null ("")
   ..  
   70    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudtrail-enable-at-rest-encryption
      Impact Data can be freely read if compromised
  Resolution Enable encryption at rest

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudtrail/enable-at-rest-encryption/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id
────────────────────────────────────────────────────────────────────────────────


Result #2 MEDIUM Trail is not enabled across all regions. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:32
────────────────────────────────────────────────────────────────────────────────
   24    resource "aws_cloudtrail" "default" {
   ..  
   32  [   is_multi_region_trail         = var.is_multi_region_trail (false)
   ..  
   70    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudtrail-enable-all-regions
      Impact Activity could be happening in your account in a different region
  Resolution Enable Cloudtrail in all regions

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudtrail/enable-all-regions/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail
────────────────────────────────────────────────────────────────────────────────


Result #3 LOW Trail does not have CloudWatch logging configured 
────────────────────────────────────────────────────────────────────────────────
  main.tf:24-70
────────────────────────────────────────────────────────────────────────────────
   24  ┌ resource "aws_cloudtrail" "default" {
   25  │   count = var.enabled_cloudtrail == true ? 1 : 0
   26  │ 
   27  │   name                          = module.labels.id
   28  │   enable_logging                = var.enable_logging
   29  │   s3_bucket_name                = var.s3_bucket_name
   30  │   s3_key_prefix                 = var.s3_key_prefix
   31  │   enable_log_file_validation    = var.enable_log_file_validation
   32  └   is_multi_region_trail         = var.is_multi_region_trail
   ..  
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudtrail-ensure-cloudwatch-integration
      Impact Realtime log analysis is not available without enabling CloudWatch logging
  Resolution Enable logging to CloudWatch

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudtrail/ensure-cloudwatch-integration/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail
────────────────────────────────────────────────────────────────────────────────


Result #4 LOW Log group is not encrypted. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:98
────────────────────────────────────────────────────────────────────────────────
   94    resource "aws_cloudwatch_log_group" "cloudtrail" {
   95      count             = var.enable_cloudwatch && var.enabled_cloudtrail ? 1 : 0
   96      name              = var.cloudwatch_log_group_name
   97      retention_in_days = var.log_retention_days
   98  [   kms_key_id        = join("", aws_kms_key.cloudtrail[*].arn) ("")
   99    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-cloudwatch-log-group-customer-key
      Impact Log data may be leaked if the logs are compromised. No auditing of who have viewed the logs.
  Resolution Enable CMK encryption of CloudWatch Log Groups

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/cloudwatch/log-group-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             98.606µs
  parsing              61.171554ms
  adaptation           204.823µs
  checks               3.156373ms
  total                64.631356ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     48
  files read           4

  results
  ──────────────────────────────────────────
  passed               4
  ignored              0
  critical             0
  high                 1
  medium               1
  low                  2

  4 passed, 4 potential problem(s) detected.