PRSD-571: Adds correct ci role #8

Workflow file for this run

.github/workflows/check-and-plan.yml at a957f2b

	name: Check and Plan
	on:
	push:

	jobs:
	format:
	name: tf format
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.9.1

	- name: Check formatting of all terraform files
	run: terraform fmt -check -recursive

	validate:
	name: tf validate
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.9.1

	- name: Terraform init integration folder
	working-directory: terraform/integration
	run: terraform init -backend=false

	- name: Terraform validate integration folder
	working-directory: terraform/integration
	run: terraform validate

	- name: Terraform init integration backend folder
	working-directory: terraform/integration/backend
	run: terraform init -backend=false

	- name: Terraform validate integration backend folder
	working-directory: terraform/integration/backend
	run: terraform validate

	tflint:
	name: tflint
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.9.1

	- name: Cache plugin directory for tflint
	uses: actions/cache@v3
	with:
	path: ~/.tflint.d/plugins
	key: ubuntu-latest-tflint-${{ hashFiles('.tflint.hcl') }}

	- name: Set up tflint
	uses: terraform-linters/setup-tflint@v4
	with:
	tflint_version: v0.54.0

	- name: Init tflint
	run: tflint --init

	- name: Run tflint
	run: tflint --recursive --config "$(pwd)/.tflint.hcl" --format=compact --color

	tfsec:
	name: tfsec
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Run tfsec
	uses: aquasecurity/tfsec-action@v1.0.3
	with:
	working_directory: terraform/
	version: v1.28.11

	plan_integration:
	name: Integration Terraform plan
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	env:
	AWS_REGION: "eu-west-2"
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v3
	with:
	role-to-assume: arn:aws:iam::794038239680:role/github-actions-terraform-ci-plan-read-only
	aws-region: ${{ env.AWS_REGION }}
	- name: Set up Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.9.1
	- name: Terraform init
	run: terraform init -input=false
	working-directory: terraform/integration
	- name: Terraform validate
	run: terraform validate
	working-directory: terraform/integration
	- name: Terraform plan
	run: terraform plan -input=false -refresh=false -lock=false
	working-directory: terraform/integration

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PRSD-571: Adds correct ci role #8

Workflow file

PRSD-571: Adds correct ci role #8

Jobs

Run details

Workflow file for this run