Skip to content

Commit

Permalink
Merge pull request #7 from clouddrove/1.0.1
Browse files Browse the repository at this point in the history 
update LICENSE update github-action
  • Loading branch information
@yadavprakash
yadavprakash authored May 16, 2022
2 parents 00e9c16 + 94e82f9 commit b69910d
Show file tree
Hide file tree
Showing 7 changed files with 95 additions and 83 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/readme.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
python-version: '3.x'

- name: 'create readme'
uses: 'clouddrove/[email protected]'
uses: 'clouddrove/[email protected].2'
with:
actions_subcommand: 'readme'
github_token: '${{ secrets.GITHUB }}'
Expand All @@ -35,7 +35,7 @@ jobs:
continue-on-error: true

- name: 'push readme'
uses: 'clouddrove/[email protected]'
uses: 'clouddrove/[email protected].2'
continue-on-error: true
with:
actions_subcommand: 'push'
Expand Down
126 changes: 54 additions & 72 deletions .github/workflows/terraform.yml
View file
Original file line number Diff line number Diff line change
@@ -1,60 +1,46 @@
name: 'Terraform GitHub Actions'
name: static-checks

on:
pull_request:
branches:
- master

jobs:
fmt:
name: 'terraform fmt'
versionExtract:
name: Get min/max versions
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/[email protected]

- name: 'Terraform Format'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'fmt'

validate:
name: 'terraform validate'
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/[email protected]

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2
- name: Checkout
uses: actions/checkout@v2

- name: 'terraform init'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example
- name: Terraform min/max versions
id: minMax
uses: clowdhaus/terraform-min-max@main
outputs:
minVersion: ${{ steps.minMax.outputs.minVersion }}
maxVersion: ${{ steps.minMax.outputs.maxVersion }}

- name: 'terraform validate'
uses: 'clouddrove/[email protected]'
with:
actions_subcommand: 'validate'
tf_actions_working_dir: ./_example

plan:
name: 'terraform plan'
versionEvaluate:
name: Evaluate Terraform versions
runs-on: ubuntu-latest
needs: versionExtract
strategy:
fail-fast: false
matrix:
version:
- ${{ needs.versionExtract.outputs.minVersion }}
- ${{ needs.versionExtract.outputs.maxVersion }}
directory:
- _example/

steps:
- name: 'Checkout'
uses: actions/checkout@v2.3.4
- name: Checkout
uses: actions/checkout@v2

- name: 'terraform init'
uses: 'clouddrove/[email protected]'
- name: Install Terraform v${{ matrix.version }}
uses: hashicorp/setup-terraform@v1
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example
terraform_version: ${{ matrix.version }}

- name: 'Configure AWS Credentials'
uses: clouddrove/configure-aws-credentials@v1
Expand All @@ -63,38 +49,34 @@ jobs:
aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-2

- name: 'terraform plan'
uses: 'clouddrove/[email protected]'
- name: Init & validate v${{ matrix.version }}
run: |
cd ${{ matrix.directory }}
terraform init
terraform validate
- name: tflint
uses: reviewdog/action-tflint@master
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example
github_token: ${{ secrets.GITHUB }}
working_directory: ${{ matrix.directory }}
fail_on_error: 'true'
filter_mode: 'nofilter'
flags: '--module'

pre-commit:
name: 'Pre-Commit'
needs:
- fmt
- plan
- validate
format:
name: Check code format
runs-on: ubuntu-latest
steps:
- name: 'Checkout'
uses: actions/[email protected]

- name: 'Install Tflint'
run: |
curl https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
needs: versionExtract

- name: 'Pre-Commit 🔎'
uses: pre-commit/[email protected]
continue-on-error: true
steps:
- name: Checkout
uses: actions/checkout@v2

- name: 'Slack Notification'
uses: clouddrove/action-slack@v2
- name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }}
uses: hashicorp/setup-terraform@v1
with:
status: ${{ job.status }}
fields: repo,author
author_name: 'CloudDrove'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
if: always()
terraform_version: ${{ needs.versionExtract.outputs.maxVersion }}

- name: Check Terraform format changes
run: terraform fmt --recursive
25 changes: 25 additions & 0 deletions .github/workflows/tfsec.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
name: tfsec
on:
pull_request:

jobs:
tfsec:
name: tfsec sarif report
runs-on: ubuntu-latest

steps:
- name: Clone repo
uses: actions/checkout@master

- name: tfsec
uses: aquasecurity/[email protected]
with:
sarif_file: tfsec.sarif
working_directory: _example
full_repo_scan: true

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v1
with:
# Path to SARIF file relative to the root of the repository
sarif_file: tfsec.sarif
4 changes: 2 additions & 2 deletions LICENSE
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Apache License
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/

Expand Down Expand Up @@ -198,4 +198,4 @@
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
limitations under the License.
15 changes: 10 additions & 5 deletions README.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,25 @@
name: Terraform AWS karpenter

# License of this project
license: "MIT"
license: "APACHE"

# Canonical GitHub repo
github_repo: clouddrove/terraform-aws-karpenter

# Badges to display
badges:
- name: "Terraform"
image: "https://img.shields.io/badge/Terraform-v0.15-green"
image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
url: "https://www.terraform.io"
- name: "Licence"
image: "https://img.shields.io/badge/License-MIT-blue.svg"
image: "https://img.shields.io/badge/License-APACHE-blue.svg"
url: "LICENSE.md"

- name: "tfsec"
image: "https://github.com/clouddrove/terraform-aws-karpenter/actions/workflows/tfsec.yml/badge.svg"
url: "https://github.com/clouddrove/terraform-aws-karpenter/actions/workflows/tfsec.yml"
- name: "static-checks"
image: "https://github.com/clouddrove/terraform-aws-karpenter/actions/workflows/terraform.yml/badge.svg"
url: "https://github.com/clouddrove/terraform-aws-karpenter/actions/workflows/terraform.yml"
# description of this project
description: |-
Terraform module to create karpenter resource on AWS.
Expand All @@ -40,7 +45,7 @@ usage: |-
module "karpenter" {
source = "clouddrove/karpenter/aws"
version = "1.1.0"
version = "1.0.1"
name = "karpenter"
environment = "test"
label_order = ["environment", "name"]
Expand Down
2 changes: 1 addition & 1 deletion versions.tf → _example/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
terraform {
required_version = ">= 0.14.0"
required_version = ">= 0.14.11"

required_providers {
aws = {
Expand Down
2 changes: 1 addition & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ resource "aws_iam_role_policy" "karpenter_contoller" {
count = var.enabled ? 1 : 0
name = format("%s-%s", module.labels.id, var.cluster_name)
role = join("", aws_iam_role.this.*.name)

#tfsec:ignore:aws-iam-no-policy-wildcards
policy = jsonencode({
Version = "2012-10-17"
Statement = [
Expand Down

0 comments on commit b69910d

Please sign in to comment.