feat: (IAC-1260) Update Dependencies to remediate security vulnerabil… #120
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Linter Analysis | |
on: | |
push: | |
branches: ['**'] # '*' will cause the workflow to run on all commits to all branches. | |
jobs: | |
# Hadolint: Job-1 | |
Hadolint: | |
name: Hadolint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
- name: Run Hadolint Action | |
uses: jbergstroem/[email protected] | |
with: | |
dockerfile: ./Dockerfile | |
config_file: linting-configs/.hadolint.yaml | |
error_level: 1 # Fail CI based on hadolint output (-1: never, 0: error, 1: warning, 2: info) | |
# ShellCheck: Job-2 | |
ShellCheck: | |
name: ShellCheck | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
- name: Run ShellCheck Action | |
uses: ludeeus/action-shellcheck@master | |
with: | |
severity: error | |
# TFLint: Job-3 | |
TFLint: | |
name: TFLint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
- name: Cache Plugin Directory | |
uses: actions/cache@v3 | |
with: | |
path: ~/.tflint.d/plugins | |
key: ubuntu-latest-tflint-${{ hashFiles('.tflint.hcl') }} | |
- name: Setup TFLint | |
uses: terraform-linters/[email protected] | |
with: | |
tflint_version: latest | |
github_token: ${{ secrets.LINTER_TOKEN }} | |
- name: Initializing viya4-iac-azure | |
run: terraform init | |
- name: Initializing TFLint | |
run: TFLINT_LOG=info tflint --init -c "$(pwd)/linting-configs/.tflint.hcl" | |
- name: Run TFLint Action | |
run: TFLINT_LOG=info tflint -c "$(pwd)/linting-configs/.tflint.hcl" --recursive |