This repository was archived by the owner on May 12, 2026. It is now read-only.
Deployment of 2025-09-04 #8478
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Terraform Validation | |
| on: | |
| pull_request: | |
| branches: | |
| - production | |
| - main | |
| - test | |
| paths: | |
| - '**.tf' | |
| - '.github/workflows/validate_terraform.yml' | |
| jobs: | |
| pre_job: | |
| name: Pre Job | |
| runs-on: ubuntu-latest | |
| outputs: | |
| has_operations_change: ${{ steps.build_vars.outputs.has_terraform_change }} | |
| steps: | |
| - name: Check Out Changes | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 | |
| - name: Build vars | |
| id: build_vars | |
| uses: ./.github/actions/build-vars | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| validate_terraform_yaml: | |
| name: Validate Terraform YAML | |
| needs: pre_job | |
| if: ${{ needs.pre_job.outputs.has_operations_change == 'true' }} | |
| environment: staging | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check Out Changes | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 | |
| - name: Use specific version of Terraform | |
| uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd | |
| with: | |
| terraform_version: 1.7.4 | |
| terraform_wrapper: false | |
| - name: Verify Terraform Formatting | |
| run: terraform -chdir=operations/app/terraform/vars/staging fmt -check -recursive ../../ | |
| checkov-job: | |
| name: Run Checkov On Terraform Code | |
| needs: validate_terraform_yaml | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 | |
| - name: Run Checkov action | |
| uses: bridgecrewio/checkov-action@d0e41abbcc8c1103c6ae7e451681d071f05e1c20 | |
| with: | |
| directory: operations/app/terraform | |
| skip_check: CKV_AZURE_139,CKV_AZURE_137,CKV_AZURE_103,CKV_AZURE_104,CKV_AZURE_102,CKV_AZURE_130,CKV_AZURE_121,CKV_AZURE_67,CKV_AZURE_56,CKV_AZURE_17,CKV_AZURE_63,CKV_AZURE_18,CKV_AZURE_88,CKV_AZURE_65,CKV_AZURE_13,CKV_AZURE_66,CKV_AZURE_33,CKV_AZURE_35,CKV_AZURE_36,CKV_AZURE_98,CKV2_AZURE_1,CKV2_AZURE_15,CKV2_AZURE_21,CKV_AZURE_213,CKV_AZURE_59,CKV2_AZURE_33,CKV2_AZURE_32,CKV2_AZURE_28,CKV_AZURE_206,CKV_AZURE_42,CKV_AZURE_110,CKV_AZURE_109,CKV_AZURE_166,CKV2_AZURE_38,CKV2_AZURE_40,CKV2_AZURE_41,CKV_AZURE_235,CKV_AZURE_244 |