diff --git a/.checkov.yaml b/.checkov.yaml
new file mode 100644
index 0000000..b8d1078
--- /dev/null
+++ b/.checkov.yaml
@@ -0,0 +1,3 @@
+skip-check:
+ - CKV_TF_1 # We tag semantic versions, not commits
+
diff --git a/.github/workflows/pr-tests-terraform.yml b/.github/workflows/pr-tests-terraform.yml
index 02459dc..57618ab 100644
--- a/.github/workflows/pr-tests-terraform.yml
+++ b/.github/workflows/pr-tests-terraform.yml
@@ -1,16 +1,19 @@
name: Call Terraform Tests, Docs & Compliance
on:
+ # Triggers the workflow on push or pull request events but only for the "main" branch
+ # This will run the tests twice, one in the PR and one when Commiting to master.
+ # -> making sure the results appear in the "Security/Code Scan" tab in github.
+ push:
+ branches: [ "main", "master" ]
pull_request:
- branches:
- - master
- types:
- - opened
- - synchronize
- - ready_for_review
+ branches: [ "main", "master" ]
+
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
jobs:
tf-tests:
uses: entur/gh-workflows/.github/workflows/pr-tests-terraform.yml@main
with:
- module_dirs: '["./modules/bigquery-sink"]'
+ module_dirs: '["./modules/bigquery-sink", "./examples/minimal", "./examples/minimal_test"]'
diff --git a/.gitignore b/.gitignore
index 65864e9..51e8d9c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,3 +28,5 @@ override.tf.json
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
/.idea/
+results.sarif
+.external_modules
diff --git a/examples/minimal/README.md b/examples/minimal/README.md
new file mode 100644
index 0000000..fe5b3e2
--- /dev/null
+++ b/examples/minimal/README.md
@@ -0,0 +1,30 @@
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [bigquery-sink](#module\_bigquery-sink) | github.com/entur/terraform-aiven-kafka-connect-bigquery-sink//modules/bigquery-sink | v0.2.1 |
+| [init](#module\_init) | github.com/entur/terraform-aiven-kafka-connect-init//modules/init | v1.1.4 |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [my\_aiven\_access\_token](#input\_my\_aiven\_access\_token) | n/a | `any` | n/a | yes |
+
+## Outputs
+
+No outputs.
+
\ No newline at end of file