Initial commit

Author: tejinder8585

.editorconfig

@@ -0,0 +1,33 @@
+# EditorConfig is awesome: http://EditorConfig.org
+# Uses editorconfig to maintain consistent coding styles
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+max_line_length = 80
+trim_trailing_whitespace = true
+
+[*.{yaml,yml}]
+max_line_length = 120
+
+[*.{tf,tfvars}]
+indent_size = 2
+indent_style = space
+
+[*.md]
+max_line_length = 0
+trim_trailing_whitespace = false
+
+[Makefile]
+tab_width = 2
+indent_style = tab
+
+[COMMIT_EDITMSG]
+max_line_length = 0

.gitattributes

@@ -0,0 +1,14 @@
+# terraform
+*.tf text=auto eol=lf
+
+# dot files
+*.gitattributes text=auto eol=lf
+*.yaml text=auto eol=lf
+*.yml text=auto eol=lf
+*.md text=auto eol=lf
+.gitignore text=auto eol=lf
+.editorconfig text=auto eol=lf
+.terraform-version text=auto eol=lf
+
+# golang
+*.go text=auto eol=lf

.github/workflows/snyk.yaml

@@ -0,0 +1,35 @@
+---
+name: snyk
+
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - '**'     # matches every branch
+      - '!main'  # excludes main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  security:
+    runs-on:
+      - arc
+    name: snyk
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+      - name: Vulnerability scan
+        uses: snyk/actions/iac@master
+        with:
+          command: monitor
+          args: --severity-threshold=low
+      - name: Set up Node 16
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - name: install Snyk CLI
+        run: npm install -g snyk
+      - name: snyk monitor
+        run: snyk iac test --report
+        env:
+          SNYK_TOKEN: ${{ secrets.ARC_SNYK_TOKEN }}

.github/workflows/tag.yml

@@ -0,0 +1,28 @@
+---
+name: Tag
+
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - main
+
+jobs:
+  ## tag
+  tag:
+    runs-on:
+      - arc
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set GIT_TAG
+        run: |
+          echo "VERSION=$(cat .version | tr -d " \t\n\r")" >> $GITHUB_ENV
+
+      - name: git-tag
+        uses: pkgdeps/git-tag-action@v2.0.1
+        with:
+          version: ${{ env.VERSION }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          github_repo: ${{ github.repository }}
+          git_commit_sha: ${{ github.sha }}
+          git_tag_prefix: ""

.github/workflows/test.yml

@@ -0,0 +1,57 @@
+---
+name: Test
+
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - '**'     # matches every branch
+      - '!main'  # excludes main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  tflint:
+    runs-on:
+      - arc
+    name: tflint
+    steps:
+      - uses: actions/checkout@master
+
+      - uses: terraform-linters/setup-tflint@v1
+        with:
+          tflint_version: latest
+
+      - name: Show version
+        run: tflint --version
+
+      - name: Init tflint
+        run: tflint --init
+
+      - name: Run tflint
+        run: tflint -f compact
+
+  checkov:
+    runs-on:
+      - arc
+    name: checkov
+    steps:
+      - uses: actions/checkout@master
+
+      - name: Run Checkov action
+        id: checkov
+        uses: bridgecrewio/checkov-action@master
+        with:
+          directory: .
+          # yamllint disable-line rule:truthy # optional: display only failed checks
+          quiet: true
+          # optional: do not return an error code if there are failed checks.
+          soft_fail: true
+          # optional: run only on a specific infrastructure {cloudformation,terraform,kubernetes,all}
+          framework: terraform
+          # optional: the output format, one of: cli, json, junitxml, github_failed_only
+          output_format: github_failed_only
+          download_external_modules: false
+          log_level: WARNING
+          # optional: Define what UID and / or what GID to run the container under to prevent permission issues
+          container_user: 1000

.gitignore

@@ -0,0 +1,7 @@
+.terraform
+terraform.tfstate
+*.tfstate*
+terraform.tfvars
+*.backup
+.idea
+.external_momdules

.pre-commit-config.yaml

@@ -0,0 +1,33 @@
+---
+repos:
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.32.0
+    hooks:
+      - id: yamllint
+        args:
+          - '-d {extends: default, rules: {line-length: {max: 120}}}'  # override to match .editorconfig
+          - -s
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: check-yaml
+        args:
+          - --allow-multiple-documents
+      - id: check-merge-conflict
+      - id: trailing-whitespace
+        args:
+          - --markdown-linebreak-ext=md
+      - id: end-of-file-fixer
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.83.4
+    hooks:
+      - id: terraform_validate
+      - id: terraform_tflint
+      - id: terraform_fmt
+        args:
+          - --args=-recursive
+      - id: terraform_docs
+  - repo: https://github.com/dnephin/pre-commit-golang
+    rev: v0.5.1
+    hooks:
+      - id: go-fmt

.terraform-version

@@ -0,0 +1 @@
+latest:^1.5

.version

@@ -0,0 +1 @@
+0.0.1