add tflint, pin tf version, update CDCgov/dibbs-ecr-viewer/aws

CDCgov · Nov 12, 2024 · fc38836 · fc38836
1 parent f3eb1a1
commit fc38836
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 1 deletion.
diff --git a/.github/workflows/deployment_apply.yaml b/.github/workflows/deployment_apply.yaml
@@ -41,6 +41,8 @@ jobs:
 
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.9.8"
 
       - name: configure aws credentials
         uses: aws-actions/configure-aws-credentials@v4

diff --git a/.github/workflows/deployment_plan.yaml b/.github/workflows/deployment_plan.yaml
@@ -2,6 +2,7 @@ name: Terraform Plan
 run-name: Terraform plan ${{ inputs.workspace }} by @${{ github.actor }}
 
 on:
+  pull_request:
   workflow_dispatch:
     inputs:
       workspace:
@@ -41,6 +42,8 @@ jobs:
 
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.9.8"
 
       - name: configure aws credentials
         uses: aws-actions/configure-aws-credentials@v4

diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml
@@ -0,0 +1,46 @@
+name: Terraform Linting
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  tflint:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout source code
+
+      - uses: actions/cache@v4
+        name: Cache plugin dir
+        with:
+          path: ~/.tflint.d/plugins
+          key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }}
+
+      - uses: terraform-linters/setup-tflint@v4
+        name: Setup TFLint
+        with:
+          tflint_version: v0.52.0
+
+      - name: Show version
+        run: tflint --version
+
+      - name: Init TFLint
+        run: tflint --init
+        # If rate limiting becomes an issue, setup a GitHub token and enable it as an environment variable
+        # env:
+          # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting
+          # GITHUB_TOKEN: ${{ github.token }}
+
+      - name: Run TFLint
+        run: tflint -f compact
diff --git a/terraform/implementation/ecs/main.tf b/terraform/implementation/ecs/main.tf
@@ -15,7 +15,7 @@ module "vpc" {
 
 module "ecs" {
   source  = "CDCgov/dibbs-ecr-viewer/aws"
-  version = "0.1.1"
+  version = "0.1.3"
   # source = "../../../../terraform-aws-dibbs-ecr-viewer"
 
   public_subnet_ids  = flatten(module.vpc.public_subnets)