File tree Expand file tree Collapse file tree 8 files changed +171
-0
lines changed Expand file tree Collapse file tree 8 files changed +171
-0
lines changed Original file line number Diff line number Diff line change 1+ # This is a comment.
2+ # Each line is a file pattern followed by one or more owners.
3+
4+ # These owners will be the default owners for everything in
5+ # the repo. Unless a later match takes precedence,
6+ # @global-owner1 and @global-owner2 will be requested for
7+ # review when someone opens a pull request.
8+ # * @SPHTech/devops
9+
10+ # Order is important; the last matching pattern takes the most
11+ # precedence. When someone opens a pull request that only
12+ # modifies JS files, only @js-owner and not the global
13+ # owner(s) will be requested for a review.
14+ # *.js @js-owner
15+
16+ # You can also use email addresses if you prefer. They'll be
17+ # used to look up users just like we do for commit author
18+ # emails.
19+ # *.go docs@example.com
20+
21+ # In this example, @doctocat owns any files in the build/logs
22+ # directory at the root of the repository and any of its
23+ # subdirectories.
24+ # /build/logs/ @doctocat
25+
26+ # The `docs/*` pattern will match files like
27+ # `docs/getting-started.md` but not further nested files like
28+ # `docs/build-app/troubleshooting.md`.
29+ # docs/* docs@example.com
30+
31+ # In this example, @octocat owns any file in an apps directory
32+ # anywhere in your repository.
33+ # apps/ @octocat
34+
35+ # In this example, @doctocat owns any file in the `/docs`
36+ # directory in the root of your repository.
37+ # /docs/ @doctocat
Original file line number Diff line number Diff line change 1+ name : terraform-ci
2+ on :
3+ pull_request :
4+ push :
5+ branches :
6+ - main
7+ jobs :
8+ ci :
9+ uses : SPHTech-Platform/reusable-workflows/.github/workflows/terraform.yaml@main
10+ with :
11+ upload_sarif : false
Original file line number Diff line number Diff line change 1+ # ## Terraform ###
2+ # Local .terraform directories
3+ ** /.terraform /*
4+
5+ # Terraform lockfile
6+ .terraform.lock.hcl
7+
8+ # .tfstate files
9+ * .tfstate
10+ * .tfstate. *
11+ * .tfplan
12+
13+ # Crash log files
14+ crash.log
15+ crash. * .log
16+
17+ # Exclude all .tfvars files, which are likely to contain sensitive data, such as
18+ # password, private keys, and other secrets. These should not be part of version
19+ # control as they are data points which are potentially sensitive and subject
20+ # to change depending on the environment.
21+ #
22+ * .tfvars
23+
24+ # Ignore override files as they are usually used to override resources locally and so
25+ # are not checked in
26+ override.tf
27+ override.tf.json
28+ * _override.tf
29+ * _override.tf.json
30+
31+ # Include override files you do wish to add to version control using negated pattern
32+ # !example_override.tf
33+
34+ # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
35+ example: * tfplan *
36+
37+ # Ignore CLI configuration files
38+ .terraformrc
39+ terraform.rc
Original file line number Diff line number Diff line change 1+ repos :
2+ - repo : https://github.com/gruntwork-io/pre-commit
3+ rev : v0.1.17
4+ hooks :
5+ - id : terraform-fmt
6+ - id : terraform-validate
7+ - id : tflint
8+ args :
9+ - " --module"
10+ - " --config=.tflint.hcl"
11+ - id : markdown-link-check
12+ - id : shellcheck
13+
14+ - repo : https://github.com/antonbabenko/pre-commit-terraform
15+ rev : v1.64.0
16+ hooks :
17+ - id : terraform_docs
18+ args :
19+ - " --args=--lockfile=false"
20+ - id : terraform_tfsec
21+ args :
22+ - --args=--exclude-downloaded-modules
23+ - id : checkov
24+ - repo : https://github.com/pre-commit/pre-commit-hooks
25+ rev : v4.1.0
26+ hooks :
27+ # Git style
28+ - id : check-added-large-files
29+ - id : check-merge-conflict
30+ - id : check-merge-conflict
31+ - id : no-commit-to-branch
32+
33+ # Common errors
34+ - id : end-of-file-fixer
35+ - id : trailing-whitespace
36+ - id : check-yaml
37+
38+ # Security
39+ - id : detect-aws-credentials
40+ args : ['--allow-missing-credentials']
41+ - id : detect-private-key
Original file line number Diff line number Diff line change 1+ plugin "aws" {
2+ enabled = true
3+ version = " 0.13.4"
4+ source = " github.com/terraform-linters/tflint-ruleset-aws"
5+ }
6+
7+ rule "terraform_deprecated_interpolation" {
8+ enabled = true
9+ }
10+
11+ rule "terraform_documented_outputs" {
12+ enabled = true
13+ }
14+
15+ rule "terraform_documented_variables" {
16+ enabled = true
17+ }
18+
19+ rule "terraform_typed_variables" {
20+ enabled = true
21+ }
22+
23+ rule "terraform_required_version" {
24+ enabled = true
25+ }
26+
27+ rule "terraform_required_providers" {
28+ enabled = true
29+ }
30+
31+ rule "terraform_unused_required_providers" {
32+ enabled = true
33+ }
34+
35+ rule "terraform_naming_convention" {
36+ enabled = true
37+ format = " none"
38+
39+ locals {
40+ format = " snake_case"
41+ }
42+ }
Original file line number Diff line number Diff line change 1+ # Terraform Modules Template
You can’t perform that action at this time.
0 commit comments