Skip to content

Rewrite the README for the modern stack (#72) #71

Rewrite the README for the modern stack (#72)

Rewrite the README for the modern stack (#72) #71

Workflow file for this run

name: ci
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: read
jobs:
terraform:
name: terraform
runs-on: ubuntu-latest
defaults:
run:
working-directory: terraform
steps:
- uses: actions/checkout@v7
- uses: hashicorp/setup-terraform@v4
with:
terraform_version: 1.10.5
- name: fmt
run: terraform fmt -check -recursive
- name: init
run: terraform init -backend=false -input=false
- name: validate
run: terraform validate
tflint:
name: tflint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: terraform-linters/setup-tflint@v6
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- run: tflint --init --config="$GITHUB_WORKSPACE/.tflint.hcl"
working-directory: terraform
- run: tflint --config="$GITHUB_WORKSPACE/.tflint.hcl"
working-directory: terraform
ansible-lint:
name: ansible-lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: actions/setup-python@v6
with:
python-version: "3.12"
- run: pip install ansible-lint
- run: ansible-lint
working-directory: ansible
packer-validate:
name: packer-validate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: hashicorp/setup-packer@v3
- run: packer init . && packer validate .
working-directory: packer
trivy-config:
name: trivy-config
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- uses: actions/checkout@v7
- name: Trivy config scan
uses: aquasecurity/trivy-action@0.35.0
with:
scan-type: config
scan-ref: .
format: sarif
output: trivy.sarif
exit-code: "0"
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: trivy.sarif