Skip to content

Update .github/workflows/snyk-iac.yml #242

Update .github/workflows/snyk-iac.yml

Update .github/workflows/snyk-iac.yml #242

Workflow file for this run

# This is a Terraform-managed file; manual changes will be overwritten.
# see https://github.com/workloads/github-organization/blob/main/templates/workflows/terraform.tftpl.yml
---
name: "Code Quality: Terraform"
# yamllint disable-line rule:truthy
on:
push:
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions: read-all
jobs:
workflow:
# only run if workflows are enabled
if: ${{ vars.ENABLE_WORKFLOWS == 'true' }}
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
name: Terraform
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
# see https://github.com/actions/checkout/releases/tag/v4.1.6
- name: Checkout Repository
uses: "actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29" # ref: `tags/v4.1.6`
with:
fetch-depth: 1
# see https://github.com/hashicorp/setup-terraform/releases/tag/v3.1.1
- name: Set up Terraform
uses: "hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8" # ref: `tags/v3.1.1`
with:
terraform_wrapper: false
# `TERRAFORM_VERSION` is a GitHub Actions Organization variable
# see https://github.com/organizations/workloads/settings/variables/actions
terraform_version: "${{ vars.TERRAFORM_VERSION }}"
- name: Initialize Terraform
run: terraform init
env:
working-dir: "./"
- name: Format Terraform Code
run: terraform fmt -check -recursive
env:
working-dir: "./"
workflow-inactive:
# only run if workflows are disabled
if: ${{ vars.ENABLE_WORKFLOWS != 'true' }}
name: Workflow Status
runs-on: ubuntu-latest
timeout-minutes: 1
steps:
- name: Display Workflow Status
# shellcheck disable=SC2006
run: echo "::notice title='Workflow is not currently active'::'Check if `ENABLE_WORKFLOWS` is set to `true`.'"