-
Notifications
You must be signed in to change notification settings - Fork 6
/
buildspec-terrascan.yml
30 lines (25 loc) · 1.06 KB
/
buildspec-terrascan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
version: 0.2
env:
variables:
TF_VERSION: "1.0.6"
TERRASCAN_VERSION: "1.9.0"
phases:
install:
runtime-versions:
python: latest
commands:
- cd /usr/bin
- "curl -s -qL -o terraform.zip https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip"
- unzip -o terraform.zip
# Can't use latest Terrascan because of https://github.com/accurics/terrascan/issues/1036 bug
#- 'curl -L "$(curl -s https://api.github.com/repos/accurics/terrascan/releases/latest | grep -o -E "https://.+?_Linux_x86_64.tar.gz")" > terrascan.tar.gz'
- "curl -L -o terrascan_${TERRASCAN_VERSION}_Linux_x86_64.tar.gz https://github.com/accurics/terrascan/releases/download/v${TERRASCAN_VERSION}/terrascan_${TERRASCAN_VERSION}_Linux_x86_64.tar.gz"
- "tar -xf terrascan_${TERRASCAN_VERSION}_Linux_x86_64.tar.gz terrascan"
build:
commands:
- cd "$CODEBUILD_SRC_DIR"
- terrascan init
- terrascan scan -i terraform
post_build:
commands:
- echo "Terrascan test is completed on `date`"