Skip to content

Commit

Permalink
another example
Browse files Browse the repository at this point in the history
  • Loading branch information
JamesWoolfenden committed Apr 18, 2023
1 parent 2ce525d commit e3602d2
Show file tree
Hide file tree
Showing 5 changed files with 104 additions and 0 deletions.
77 changes: 77 additions & 0 deletions example/frommodule/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# Makefile
ifdef OS
BLAT = $(powershell -noprofile rm .\.terraform\ -force -recurse)
RM = $(powershell -noprofile rm .\.terraform\ -force -recurse)
else
ifeq ($(shell uname), Linux)
RM = rm .terraform/modules/ -fr
BLAT= rm .terraform/ -fr
endif
endif

.PHONY: all

all: init plan build

init:
$(RM)
terraform init -reconfigure -upgrade

plan:
terraform plan --out tfplan.binary -refresh=true

planned: init
terraform plan -out tf.plan
terraform show -json tf.plan > tf.json
checkov -f tf.json

p:
terraform plan -refresh=true

apply: build

build:
terraform apply -auto-approve

convert:
terraform show -json tfplan.binary > tfplan.json

check: init
terraform plan -detailed-exitcode

destroy: init
terraform destroy -force

docs:
terraform-docs md . > README.md

valid:
-terraform fmt -recursive
-checkov -d . --external-checks-dir ../../checkov
-tfsec . --tfvars-file examples.auto.tfvars
-terrascan scan
docker pull checkmarx/kics:latest
docker run -v $(CURDIR):/path checkmarx/kics:latest scan --path /path

compare:
-checkov -d . --external-checks-dir ../../checkov -o json >../../output/checkov.json
-terrascan scan -o json -x json >../../output/terrascan.json
-tfsec . --out ../../output/tfsec.json -f json -s
docker pull checkmarx/kics:latest
docker run -v $(CURDIR):/path -v $(CURDIR)/../../output:/output checkmarx/kics:latest scan --path "/path" -o "/output/kics.json"

conftest: plan convert
conftest test ./tfplan.json -p ../../policies

opa: plan convert
opa eval --format pretty --data terraform.rego --input tfplan.json "data.terraform.analysis.authz"

target:
@read -p "Enter Module to target:" MODULE;
terraform apply -target $$MODULE

purge:
$(BLAT)

cost:
infracost breakdown --path . --usage-file infracost-usage.yml --sync-usage-file --show-skipped
5 changes: 5 additions & 0 deletions example/frommodule/module.adblock.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
module "adblock" {
source = "JamesWoolfenden/adblock/cloudflare"
version = "0.0.2"
team_name = "woolfenden"
}
3 changes: 3 additions & 0 deletions example/frommodule/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "adblock" {
value = module.adblock
}
3 changes: 3 additions & 0 deletions example/frommodule/provider.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
provider "cloudflare" {

}
16 changes: 16 additions & 0 deletions example/frommodule/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
terraform {
required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "3.33.1"
}
}
backend "s3" {
profile = "personal"
encrypt = true
bucket = "680235478471-terraform-state"
key = "cloudflare/team/terraform.tfstate"
dynamodb_table = "dynamodb-state-lock"
region = "eu-west-2"
}
}

0 comments on commit e3602d2

Please sign in to comment.