Azure Verified Terraform Module Scaffold

This scaffold is a collection of scripts to facilitate Azure Verified Terraform Module CI pipeline. It's designed to work with CI such as GitHub Actions, and provides a Dockerfile to run these steps on your local machine.

Dockerfile

We've provided a docker image at mcr.microsoft.com/azterraform:latest. This image is built by the Dockerfile in this repo. We'll build and push a new image when there's a new tag pushed into this repo.

We maintain all versions of tools that we used in version.env file, if you'd like to build the docker image on your machine, please use the following command (need Linux and awk):

docker build $(sh build-arg-helper.sh version.env) -t localrunner .

Before you commit

To sync versions between version.env and .tflint.hcl and .tflint_example.hcl, we suggest you execute the following command before you commit changes:

docker run --rm -v $(pwd):/src -w /src localrunner sh scaffold-ci-scripts/sync-tflint-plugin-version.sh

On Windows:

docker run --rm -v ${pwd}:/src -w /src localrunner sh scaffold-ci-scripts/sync-tflint-plugin-version.sh

Tools We're Using Now

Name	Latest Version
Go
TFLint
TFLint AzureRM Ruleset
TFLint Basic Ruleset Extension
TFLint AzureRM Ruleset Extension
BridgeCrew Checkov
HashiCorp Terraform
GruntWork TerraGrunt
Terraform Docs
Golangci-lint
Terraform Module Breaking Detect
HCLEdit
GoSec
BridgeCrew Yor
tfenv
hclgrep
avmfix
hclgrep
tfsec
grept

To Add CI Pipeline In New Azure Verified Terraform Module

Create a new GNUMakefile in your module's folder:

SHELL := /bin/bash

-include $(shell curl -sSL "https://raw.githubusercontent.com/Azure/tfmod-scaffold/main/scripts/install.sh" | bash -s > /dev/null ; echo tfmod-scaffold/GNUmakefile)

init:
	@sh "$(CURDIR)/scripts/init.sh"

cleanup:
	@sh "$(CURDIR)/scripts/cleanup.sh"

To init Github Action CI yaml files in your module, run:

$ make init