chore: upated tflint and added tfsec action

moritzzimmer · moritzzimmer · commit 7b530b58706a · 2022-09-29T09:55:00.000+02:00
diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml
@@ -8,6 +8,10 @@ on:
     branches:
       - master
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   check:
     runs-on: ubuntu-latest
@@ -26,9 +30,13 @@ jobs:
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: setup tools
+      - name: check
         run: |
-          curl -L "$(curl -s https://api.github.com/repos/aquasecurity/tfsec/releases/latest | grep -m 1 -o -E "https://.+?tfsec-linux-amd64")" > tfsec && chmod +x tfsec && sudo mv tfsec /usr/bin/
           tflint --init
+          make init fmt validate tflint
 
-      - run: make
+      - name: tfsec
+        uses: aquasecurity/tfsec-pr-commenter-action@v1.2.0
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          additional_args: --exclude-downloaded-modules
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.72.1
+    rev: v1.75.0
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -4,6 +4,6 @@ config {
 
 plugin "aws" {
   enabled = true
-  version = "0.14.0"
+  version = "0.17.1"
   source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,6 @@ config {`
`4`	`4`
`5`	`5`	`plugin "aws" {`
`6`	`6`	`enabled = true`
`7`		`- version = "0.14.0"`
	`7`	`+ version = "0.17.1"`
`8`	`8`	`source = "github.com/terraform-linters/tflint-ruleset-aws"`
`9`	`9`	`}`