terraform aws github action workflow example with tests
Contains an example workflow for terraform and github actions incorporating:
- terrascan for security scanning before running terraform
- inspec for testing after running terraform
This provides a simple terraform workflow that includes tests. Example uses terraform workspaces and AWS assume roles.
The approach is on a pull request the workflow is run without the terraform apply and when it is merged with main branch the terraform apply is also run.
NOTE: It is recommended to run this on your hosted github runners rather than github's runners so you keep your AWS credentials out of github.
Contains an example inspec test against AWS. you need to be authenticated against a valid AWS account to run the tests
Contains a test project with known bad terraform to run tfsec against.
Uses S3 buckets for testing example
This project has a number of issues that are known to fail tfsec checks.
- git clone repo
- create a new branch
- push changes to github
- Create Pull Request and see github action CI workflow run