added test tf files github action for sdo and app components

himanshu219 · himanshu219 · commit cf14de255476 · 2024-09-17T20:19:32.000+05:30
diff --git a/.github/workflows/app-components-tf-test.yaml b/.github/workflows/app-components-tf-test.yaml
@@ -0,0 +1,53 @@
+name: "App Components TF template tests"
+on:
+  push:
+    paths:
+      - 'application-components/**'
+  pull_request:
+    paths:
+      - 'application-components/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./software-development-optimization-terraform
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'software-development-optimization-terraform/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
diff --git a/.github/workflows/awso-cf-test.yml b/.github/workflows/awso-cf-test.yml
@@ -1,5 +1,11 @@
-name: "CF template tests"
-on: [workflow_dispatch, pull_request]
+name: "AWSO CF template tests"
+on:
+  push:
+    paths:
+      - 'aws-observability/**'
+  pull_request:
+    paths:
+      - 'aws-observability/**'
 
 jobs:
   ValidateLinting:
@@ -14,7 +20,7 @@ jobs:
 
       - name: Print the Cloud Formation Linter Version & run Linter.
         run: |
-          cfn-lint aws-observability/**/*.yaml --ignore-templates aws-observability/**/*TestTemplate.yaml --ignore-checks W3011
+          cfn-lint aws-observability/**/*.yaml --ignore-templates aws-observability/**/*TestTemplate.yaml --ignore-checks W3011,E8001
 
   CFSecurityChecksCheckovt:
     name: "Security Checks (checkov)"
@@ -47,4 +53,4 @@ jobs:
       - name: Validate with cfn_nag
         run: |
           cfn_nag_scan -i aws-observability --ignore-fatal aws-observability/**/TestTemplate.yaml
-        continue-on-error: true
+        continue-on-error: true
diff --git a/.github/workflows/awso-tf-test.yml b/.github/workflows/awso-tf-test.yml
@@ -1,5 +1,11 @@
-name: "TF template tests"
-on: [workflow_dispatch, pull_request]
+name: "AWSO TF template tests"
+on:
+  push:
+    paths:
+      - 'aws-observability-terraform/**'
+  pull_request:
+    paths:
+      - 'aws-observability-terraform/**'
 
 jobs:
 
diff --git a/.github/workflows/sdo-tf-test.yaml b/.github/workflows/sdo-tf-test.yaml
@@ -0,0 +1,53 @@
+name: "SDO TF template tests"
+on:
+  push:
+    paths:
+      - 'software-development-optimization-terraform/**'
+  pull_request:
+    paths:
+      - 'software-development-optimization-terraform/**'
+
+jobs:
+
+  ValidateTF:
+    runs-on: ubuntu-latest
+    name: "Validatation (format & syntax)"
+    defaults:
+      run:
+        working-directory: ./software-development-optimization-terraform
+    steps:
+    - uses: actions/checkout@v4
+      name: Checkout source code
+
+    - uses: hashicorp/setup-terraform@v3
+      name: Setup Terraform
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check -recursive -diff
+      continue-on-error: true
+
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate
+
+  TFSecurityChecks:
+    name: "Security Checks (checkov)"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: 'software-development-optimization-terraform/'
+          quiet: true
+          framework: terraform
+          output_format: cli
+          output_bc_ids: false
+          download_external_modules: true
+          skip_check: CKV_AWS_18,CKV_AWS_21,CKV_AWS_26,CKV_AWS_27,CKV_AWS_35,CKV_AWS_36,CKV_AWS_50,CKV_AWS_67,CKV_AWS_115,CKV_AWS_117,CKV_AWS_124,CKV_AWS_144,CKV_AWS_145,CKV_AWS_158,CKV_AWS_173,CKV_AWS_240,CKV_AWS_241,CKV_AWS_252,CKV_AWS_272,CKV_AWS_338,CKV2_AWS_6,CKV2_AWS_10,CKV2_AWS_61,CKV2_AWS_62,CKV_TF_1,CKV_TF_2
