/
taskfile.yml
126 lines (104 loc) · 2.89 KB
/
taskfile.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
version: '3'
silent: true
tasks:
##############################################################################
# Pre-Checks
check-terraform:
desc: Check terraform CLI availability
preconditions:
- sh: which terraform
msg: "terraform CLI not found"
internal: true
run: once
check-checkov:
desc: Check checkov CLI availability
preconditions:
- sh: which checkov
msg: "checkov CLI not found"
internal: true
run: once
check-terraform-docs:
desc: Check terraform-docs CLI availability
preconditions:
- sh: which terraform-docs
msg: "terraform-docs CLI not found"
internal: true
run: once
check-az:
desc: Check az CLI availability
preconditions:
- sh: which az
msg: "az CLI not found"
internal: true
run: once
check-pre-commit:
desc: Check pre-commit CLI availability
preconditions:
- sh: which pre-commit
msg: "pre-commit CLI not found"
internal: true
run: once
##############################################################################
# Terraform
init:
desc: Initialize Terraform workspace
deps: [check-terraform]
cmds:
- terraform init -upgrade
- terraform providers lock
-platform=linux_amd64
-platform=linux_arm64
-platform=darwin_amd64
-platform=darwin_arm64
-platform=windows_amd64
fmt:
desc: Format Terraform configuration
deps: [check-terraform]
cmds:
- terraform fmt -recursive
validate:
desc: Validate Terraform configuration
deps: [check-terraform, fmt]
cmds:
- terraform validate
plan:
desc: Plan Terraform configuration
deps: [check-terraform, fmt]
cmds:
- terraform plan
apply:
desc: Apply Terraform configuration
deps: [check-terraform, fmt]
cmds:
- terraform apply
##############################################################################
# Checkov
analyse:
desc: Analyse Terraform configuration
deps: [check-terraform, check-checkov, fmt]
cmds:
- terraform plan -refresh=false -out=plan.bin
- terraform show -json plan.bin > plan.json
- checkov plan.json --soft-fail
- defer: rm -rf plan.bin plan.json
##############################################################################
# Terraform Docs
docs:
desc: Generate OpenTofu documentation
deps: [check-terraform-docs, fmt]
cmds:
- terraform-docs team
##############################################################################
# Azure
login:
desc: Login to Azure
deps: [check-az]
cmds:
- az login --tenant "${AZURE_TENANT_ID}
##############################################################################
# Pre-Commit Hooks
pre-commit:
desc: Install pre-commit hooks
deps: [check-pre-commit]
cmds:
- pre-commit install