Skip to content

Move Terraform CI/CD to GitHub Actions #79

Move Terraform CI/CD to GitHub Actions

Move Terraform CI/CD to GitHub Actions #79

Workflow file for this run

name: CI
on:
pull_request:
branches: [master]
# Checks if any concurrent jobs under the same pull request or branch are being executed
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
manifests-validation:
runs-on: ubuntu-latest
steps:
- name: Checkout test-infra ⤵️
uses: actions/checkout@v4
- name: Setup Kubeval ⛓️
uses: lra/[email protected]
- name: yaml config validation 🔍
run: kubeval --directories config/prow --ignore-missing-schemas
scan-terraform:
runs-on: ubuntu-latest
steps:
- name: Checkout test-infra ⤵️
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v1
with:
go-version: 1.19
- name: Install deps
run: |
curl -L "$(curl -Ls https://api.github.com/repos/accurics/terrascan/releases/latest | grep -o -E "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz
tar -xf terrascan.tar.gz
install terrascan /usr/local/bin
- name: Scan terrafrom code
run: |
terrascan scan -i terraform -d config/clusters -v \
--skip-rules 'AC_AWS_0214,AC_AWS_0369,AC_AWS_0487,AC_AWS_078,AWS.CloudTrail.Logging.Medium.007,AC_AWS_0447,AC_AWS_0497,AC_AWS_0458,AC_AWS_0320'