Merge pull request #17 from clouddrove/issue-362

feat: updated tfsec.yml file and bug: updated changelog.yml name and file

.github/workflows/changelog.yaml → .github/workflows/changelog.yml

@@ -1,14 +1,13 @@
 name: changelog
 permissions: write-all
-
 on:
   push:
     tags:
       - "*"
-  # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 jobs:
-  call-workflow-changelog:
+  changelog:
     uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master
+    secrets: inherit
     with:
       branch: 'master'

.github/workflows/tfsec.yml

@@ -1,41 +1,11 @@
 name: tfsec
+permissions: write-all
 on:
   pull_request:
-
+  workflow_dispatch:
 jobs:
   tfsec:
-    name: tfsec sarif report
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repo
-        uses: actions/checkout@master
-
-      - name: tfsec
-        uses: aquasecurity/[email protected]
-        with:
-          sarif_file: tfsec.sarif
-          working_directory: ./_example
-          full_repo_scan: true
-
-      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          # Path to SARIF file relative to the root of the repository
-          sarif_file: tfsec.sarif
-
-      - name: tfsec commenter for PR
-        uses: tfsec/tfsec-pr-commenter-action@main
-        with:
-          GITHUB_TOKEN: ${{ secrets.GITHUB}}
-          working_directory: ./_example
-
-      - name: 'Terraform security scan Advanced'
-        uses: triat/[email protected]
-        if: github.event_name == 'pull_request'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB}}
-          tfsec_actions_working_dir: ./_example
-          tfsec_actions_comment: true
-          tfsec_output_format: sarif
-        continue-on-error: true
+    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master
+    secrets: inherit
+    with:
+      working_directory: '.'