generated from appvia/terraform-aws-module-template
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Makefile
165 lines (143 loc) · 5.37 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
.PHONY: all security lint format documentation documentation-examples validate-all validate validate-examples init examples tests
default: all
all:
$(MAKE) init
$(MAKE) validate
$(MAKE) tests
$(MAKE) lint
$(MAKE) security
$(MAKE) format
$(MAKE) documentation
examples:
$(MAKE) validate-examples
$(MAKE) tests
$(MAKE) lint-examples
$(MAKE) lint
$(MAKE) security
$(MAKE) format
$(MAKE) documentation
documentation:
@echo "--> Generating documentation"
@terraform-docs .
$(MAKE) documentation-modules
$(MAKE) documentation-examples
documentation-modules:
@echo "--> Generating documentation for modules"
@find . -type d -regex '.*/modules/[a-za-z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Generating documentation for module: $$dir"; \
terraform-docs $$dir; \
done;
documentation-examples:
@echo "--> Generating documentation for examples"
@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null| while read -r dir; do \
echo "--> Generating documentation for example: $$dir"; \
terraform-docs $$dir; \
done;
upgrade-terraform-providers:
@printf "%s Upgrading Terraform providers for %-24s" "-->" "."
@terraform init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"
@$(MAKE) upgrade-terraform-example-providers
upgrade-terraform-example-providers:
@if [ -d examples ]; then \
find examples -type d -mindepth 1 -maxdepth 1 2>/dev/null | while read -r dir; do \
printf "%s Upgrading Terraform providers for %-24s" "-->" "$$dir"; \
terraform -chdir=$$dir init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"; \
done; \
fi
init:
@echo "--> Running terraform init"
@terraform init -backend=false
@find . -type f -name "*.tf" -not -path '*.terraform*' -exec dirname {} \; | sort -u | while read -r dir; do \
echo "--> Running terraform init in $$dir"; \
terraform -chdir=$$dir init -backend=false; \
done;
security: init
@echo "--> Running Security checks"
@trivy config .
$(MAKE) security-modules
$(MAKE) security-examples
security-modules:
@echo "--> Running Security checks on modules"
@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Validating $$dir"; \
terraform init -backend=false; \
trivy config --format table --exit-code 1 --severity CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
done;
security-examples:
@echo "--> Running Security checks on examples"
@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Validating $$dir"; \
terraform init -backend=false; \
trivy config --format table --exit-code 1 --severity CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
done;
tests:
@echo "--> Running Terraform Tests"
@terraform test
validate:
@echo "--> Running terraform validate"
@terraform init -backend=false
@terraform validate
$(MAKE) validate-modules
$(MAKE) validate-examples
$(MAKE) validate-commits
validate-modules:
@echo "--> Running terraform validate on modules"
@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Validating Module $$dir"; \
terraform -chdir=$$dir init -backend=false; \
terraform -chdir=$$dir validate; \
done;
validate-examples:
@echo "--> Running terraform validate on examples"
@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Validating $$dir"; \
terraform -chdir=$$dir init -backend=false; \
terraform -chdir=$$dir validate; \
done;
validate-commits:
@echo "--> Running commitlint against the main branch"
@command -v commitlint >/dev/null 2>&1 || { echo "commitlint is not installed. Please install it by running 'npm install -g commitlint'"; exit 1; }
@git log --pretty=format:"%s" origin/main..HEAD | commitlint --from=origin/main
lint:
@echo "--> Running tflint"
@tflint --init
@tflint -f compact
$(MAKE) lint-modules
$(MAKE) lint-examples
lint-modules:
@echo "--> Running tflint on modules"
@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Linting $$dir"; \
tflint --chdir=$$dir --init; \
tflint --chdir=$$dir -f compact; \
done;
lint-examples:
@echo "--> Running tflint on examples"
@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
echo "--> Linting $$dir"; \
tflint --chdir=$$dir --init; \
tflint --chdir=$$dir -f compact; \
done;
format:
@echo "--> Running terraform fmt"
@terraform fmt -recursive -write=true
clean:
@echo "--> Cleaning up"
@find . -type d -name ".terraform" 2>/dev/null | while read -r dir; do \
echo "--> Removing $$dir"; \
rm -rf $$dir; \
done