Перейти к файлу
hezijie ee34a8622e correct TestRecord path 2024-09-23 16:53:49 +08:00
.devcontainer
.github/workflows
avm_scripts
avm_scripts_canary
scaffold-ci-scripts
scripts
workflows
.gitignore
.terraformrc
.tflint.hcl
.tflint_example.hcl
.tflint_module.hcl
.trivyignore
CODE_OF_CONDUCT.md
Dockerfile
GNUmakefile
LICENSE
README.md
SECURITY.md
avm.tflint.hcl
avm.tflint_example.hcl
avm.tflint_module.hcl
avmmakefile
build-arg-helper.sh
version.env

README.md

Azure Verified Terraform Module Scaffold

Image Build & Scan

This scaffold is a collection of scripts to facilitate Azure Verified Terraform Module CI pipeline. It's designed to work with CI such as GitHub Actions, and provides a Dockerfile to run these steps on your local machine.

Dockerfile

We've provided a docker image at mcr.microsoft.com/azterraform:latest. This image is built by the Dockerfile in this repo. We'll build and push a new image when there's a new tag pushed into this repo.

We maintain all versions of tools that we used in version.env file, if you'd like to build the docker image on your machine, please use the following command (need Linux and awk):

docker build $(sh build-arg-helper.sh version.env) -t localrunner .

Before you commit

To sync versions between version.env and .tflint.hcl and .tflint_example.hcl, we suggest you execute the following command before you commit changes:

docker run --rm -v $(pwd):/src -w /src localrunner sh scaffold-ci-scripts/sync-tflint-plugin-version.sh

On Windows:

docker run --rm -v ${pwd}:/src -w /src localrunner sh scaffold-ci-scripts/sync-tflint-plugin-version.sh

Tools We're Using Now

Name Latest Version
Go
TFLint
TFLint AzureRM Ruleset
TFLint Basic Ruleset Extension
TFLint AzureRM Ruleset Extension
BridgeCrew Checkov
HashiCorp Terraform
GruntWork TerraGrunt
Terraform Docs
Golangci-lint
Terraform Module Breaking Detect
HCLEdit
GoSec
BridgeCrew Yor
tfenv
hclgrep
avmfix
hclgrep
tfsec
grept

To Add CI Pipeline In New Azure Verified Terraform Module

Create a new GNUMakefile in your module's folder:

SHELL := /bin/bash

-include $(shell curl -sSL "https://raw.githubusercontent.com/Azure/tfmod-scaffold/main/scripts/install.sh" | bash -s > /dev/null ; echo tfmod-scaffold/GNUmakefile)

init:
	@sh "$(CURDIR)/scripts/init.sh"

cleanup:
	@sh "$(CURDIR)/scripts/cleanup.sh"

To init Github Action CI yaml files in your module, run:

$ make init