init

Author: pythoninthegrass

.github/dependabot.yml

@@ -0,0 +1,7 @@
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/checkov.yml

@@ -0,0 +1,22 @@
+name: Checkov
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  tflint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout source code
+
+      - name: Run Checkov action
+        id: checkov
+        uses: bridgecrewio/checkov-action@v12
+        with:
+          directory: .
+          framework: terraform

.github/workflows/documentation.yml

@@ -0,0 +1,18 @@
+name: Teraform-Docs
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  tflint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout source code
+
+      - name: Run Terraform-Docs
+        run: make test_documentation

.github/workflows/formatting.yml

@@ -0,0 +1,27 @@
+name: Formatting
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  formatting:
+    strategy:
+      matrix:
+        engine: ["opentofu", "terraform"]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@v3
+        if: ${{ matrix.engine == 'terraform' }}
+
+      - name: Install OpenTofu
+        uses: opentofu/setup-opentofu@v1
+        if: ${{ matrix.engine == 'opentofu' }}
+
+      - name: Test Formatting
+        run: make test_formatting TF_ENGINE=${{matrix.engine}}

.github/workflows/terraform_tests.yml

@@ -0,0 +1,42 @@
+name: Terraform Tests
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  terraform_test:
+    strategy:
+      matrix:
+        engine: ["opentofu", "terraform"]
+        version: ["1.6", "1.7"]
+        experimental: [false]
+        include:
+          - version: "1.8"
+            engine: "opentofu"
+            experimental: true
+          - version: "1.8"
+            engine: "terraform"
+            experimental: false
+
+    continue-on-error: ${{ matrix.experimental }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@v3
+        if: ${{ matrix.engine == 'terraform' }}
+        with:
+          terraform_version: ${{ matrix.version }}
+
+      - name: Install OpenTofu
+        uses: opentofu/setup-opentofu@v1
+        if: ${{ matrix.engine == 'opentofu' }}
+        with:
+          tofu_version: ${{ matrix.version }}
+
+      - name: Run Terraform Tests
+        run: make terraform_test TF_ENGINE=${{matrix.engine}}

.github/workflows/terratest.yml

@@ -0,0 +1,44 @@
+name: Terratest
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  terratest:
+    strategy:
+      matrix:
+        engine: ["opentofu", "terraform"]
+        version: ["1.6", "1.7"]
+        experimental: [false]
+        include:
+          - version: "1.8"
+            engine: "opentofu"
+            experimental: true
+          - version: "1.8"
+            engine: "terraform"
+            experimental: false
+
+    continue-on-error: ${{ matrix.experimental }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@v3
+        if: ${{ matrix.engine == 'terraform' }}
+        with:
+          terraform_version: ${{ matrix.version }}
+          terraform_wrapper: false
+
+      - name: Install OpenTofu
+        uses: opentofu/setup-opentofu@v1
+        if: ${{ matrix.engine == 'opentofu' }}
+        with:
+          tofu_version: ${{ matrix.version }}
+          tofu_wrapper: false
+
+      - name: Run Terratest
+        run: make terratest TF_ENGINE=${{matrix.engine}}

.github/workflows/tflint.yml

@@ -0,0 +1,19 @@
+name: Lint
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  tflint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout source code
+
+      - uses: terraform-linters/setup-tflint@v3
+        name: Setup TFLint
+
+      - name: Run TFLint
+        run: make test_tflint

.github/workflows/trivy.yml

@@ -0,0 +1,20 @@
+name: Trivy
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  tflint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout source code
+
+      - name: Trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: "config"
+          hide-progress: true
+          exit-code: "1"

.github/workflows/validation.yml

@@ -0,0 +1,40 @@
+name: Validation
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  validation:
+    strategy:
+      matrix:
+        engine: ["opentofu", "terraform"]
+        version: ["1.6", "1.7"]
+        experimental: [false]
+        include:
+          - version: "1.8"
+            engine: "opentofu"
+            experimental: true
+          - version: "1.8"
+            engine: "terraform"
+            experimental: false
+
+    continue-on-error: ${{ matrix.experimental }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@v3
+        if: ${{ matrix.engine == 'terraform' }}
+        with:
+          terraform_version: ${{ matrix.version }}
+
+      - name: Install OpenTofu
+        uses: opentofu/setup-opentofu@v1
+        if: ${{ matrix.engine == 'opentofu' }}
+        with:
+          tofu_version: ${{ matrix.version }}
+
+      - name: Test Validation
+        run: make test_validation TF_ENGINE=${{matrix.engine}}

.gitignore

@@ -0,0 +1,66 @@
+# ETC
+tfplan
+.terraform.lock.hcl
+
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc