fix: add .checkov.yaml ignore file

entur · Oct 3, 2023 · 956f4f3 · 956f4f3
1 parent c761821
commit 956f4f3
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 7 deletions.
diff --git a/.checkov.yaml b/.checkov.yaml
@@ -0,0 +1,3 @@
+skip-check:
+  - CKV_TF_1  # We tag semantic versions, not commits
+
diff --git a/.github/workflows/pr-tests-terraform.yml b/.github/workflows/pr-tests-terraform.yml
@@ -1,16 +1,19 @@
 name: Call Terraform Tests, Docs & Compliance
 
 on:
+  # Triggers the workflow on push or pull request events but only for the "main" branch
+  # This will run the tests twice, one in the PR and one when Commiting to master.
+  #  -> making sure the results appear in the "Security/Code Scan" tab in github.
+  push:
+    branches: [ "main", "master" ]
   pull_request:
-    branches:
-      - master
-    types:
-      - opened
-      - synchronize
-      - ready_for_review
+    branches: [ "main", "master" ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
 
 jobs:
   tf-tests:
     uses: entur/gh-workflows/.github/workflows/pr-tests-terraform.yml@main
     with:
-      module_dirs: '["./modules/bigquery-sink"]'
+      module_dirs: '["./modules/bigquery-sink", "./examples/minimal", "./examples/minimal_test"]'
diff --git a/.gitignore b/.gitignore
@@ -29,3 +29,4 @@ override.tf.json
 # example: *tfplan*
 /.idea/
 results.sarif
+.external_modules