From 66d5bd99e9fdc5425594b3a078346d8376a82530 Mon Sep 17 00:00:00 2001
From: Federico Di Pierro <nierro92@gmail.com>
Date: Fri, 20 Jan 2023 09:00:25 +0100
Subject: [PATCH] new(ci): added gha.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
---
 .github/workflows/postsubmit.yaml | 52 +++++++++++++++++++++++++++++++
 .github/workflows/presubmit.yaml  | 29 +++++++++++++++++
 2 files changed, 81 insertions(+)
 create mode 100644 .github/workflows/postsubmit.yaml
 create mode 100644 .github/workflows/presubmit.yaml

diff --git a/.github/workflows/postsubmit.yaml b/.github/workflows/postsubmit.yaml
new file mode 100644
index 00000000000..502866d1df4
--- /dev/null
+++ b/.github/workflows/postsubmit.yaml
@@ -0,0 +1,52 @@
+name: PostSubmit
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy-terraform:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      
+      - id: install-aws-cli
+        uses: unfor19/install-aws-cli-action@v1
+        with:
+          arch: amd64
+
+      - name: Install deps ⛓️
+        run: |
+          apt update && apt install -j jq unzip git
+          
+      - name: Deploy terraform
+        run: |
+          ./tools/deploy_terraform.sh
+          
+  deploy-prow:
+    runs-on: ubuntu-22.04
+    needs: deploy-terraform
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      
+      - id: install-aws-cli
+        uses: unfor19/install-aws-cli-action@v1
+        with:
+          arch: amd64
+
+      - name: Install deps ⛓️
+        run: |
+          apt update && apt install -j jq unzip git wget curl which
+          wget "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" -O /usr/local/bin/kubectl
+          chmod +x /usr/local/bin/kubectl
+       
+      - name: Deploy prow
+        run: |
+          ./tools/deploy_prow.sh 
diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml
new file mode 100644
index 00000000000..da1d637130d
--- /dev/null
+++ b/.github/workflows/presubmit.yaml
@@ -0,0 +1,29 @@
+name: PreSubmit
+on:
+  pull_request:
+
+jobs:
+  scan-terraform:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: 1.19
+
+      - name: Install deps
+        run: |
+          apt update && apt install curl tar
+          curl -L "$(curl -Ls https://api.github.com/repos/accurics/terrascan/releases/latest | grep -o -E "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz
+          tar -xf terrascan.tar.gz
+          install terrascan /usr/local/bin
+        
+      - name: Scan terrafrom code
+        run: |
+          terrascan scan -i terraform -d config/clusters -v \
+              --skip-rules 'AC_AWS_0214,AC_AWS_0369,AC_AWS_0487,AC_AWS_078,AWS.CloudTrail.Logging.Medium.007,AC_AWS_0447,AC_AWS_0497,AC_AWS_0458,AC_AWS_0320'