real: promote 1.0.2 (#3)

Author: serdigital64

.dev.env

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+#
+# Development environment variables
+#
+# * Used by DevBin64 to define project wide variables
+# * Automatically loaded by dev-set
+# * Do not include local variables (workstation specific) and secrets. Use .local.env and .secrets.env instead
+# * Version: 1.0.1
+# * Template: 5.0.0
+#
+
+#
+# DevBin64 variables
+#
+# * Use to customize devbin64 module variables
+# * Module variables are defined in bin/dev-env-MODULE
+#
+
+# Env / GIT / Upstream URL
+export DEV_GIT_REMOTE_UPSTREAM_URL='https://github.com/automation64/terraform-iac64-hello-world.git'
+
+# Lint / TFLint / Target
+export DEV_LINT_TFLINT_TARGET="$DEV_BUILD_OPENTOFU_STAGING"
+
+# SAST /TFSec / Target
+export DEV_SAST_TFSEC_TARGET="$DEV_BUILD_OPENTOFU_STAGING"
+
+# Test / Act / List of workflows. Format: job-id, separated by spaces
+export DEV_TEST_ACT_WORKFLOWS='lint-opentofu lint-tflint sast-gitleaks sast-tfsec test-opentofu'
+
+#
+# Project variables
+#

.devbin64

@@ -1 +1 @@
-8.0.0
+10.3.0

.devbin64-modules

@@ -1,10 +1,7 @@
 act
-bash
 git
 github
 gitleaks
-iac64
 opentofu
-testmansh
 tflint
 tfsec

.env

@@ -0,0 +1,46 @@
+---
+# template: 1.0.0
+name: "Lint / OpenTofu"
+
+env:
+  DEV_CICD_DEBUG: ""
+  BL64_LIB_CICD: "YES"
+
+on:
+  pull_request:
+    branches:
+      - "main"
+  push:
+    branches:
+      - "feature/**"
+    paths:
+      - "src/**"
+
+jobs:
+  lint-opentofu:
+    runs-on: "ubuntu-latest"
+    steps:
+
+      - name: "Check out repository code"
+        uses: "actions/checkout@main"
+
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
+      - name: "Prepare environment"
+        run: "./bin/dev-lib-base"
+
+      - name: "Download tools"
+        run: "./bin/dev-lib-opentofu"
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
+
+      - name: "Run Linter"
+        run: "./bin/dev-lint-opentofu"
+...

.github/workflows/lint_opentofu.yaml

@@ -1,11 +1,10 @@
 ---
-# Template: 1.1.0
-name: "SAST / TFSec"
+# template: 1.1.1
+name: "Lint / TFLint"
 
 env:
   DEV_CICD_DEBUG: ""
   BL64_LIB_CICD: "YES"
-  DEV_TEST_BASH_RUNNER_ENVIRONMENT: "ON"
 
 on:
   pull_request:
@@ -18,19 +17,32 @@ on:
       - "src/**"
 
 jobs:
-  sast:
+  lint-tflint:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
       - name: "Download tools"
-        run: "./bin/dev-lib-tfsec"
+        run: |
+          ./bin/dev-lib-opentofu
+          ./bin/dev-lib-tflint
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
 
-      - name: "Run SAST"
-        run: "./bin/dev-sast-tfsec"
+      - name: "Run Linter"
+        run: "./bin/dev-lint-tflint"
 ...

.github/workflows/lint_tflint.yaml

@@ -1,5 +1,5 @@
 ---
-# Template: 1.1.0
+# template: 1.2.0
 name: "SAST / GitLeaks"
 
 env:
@@ -23,6 +23,14 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 

.github/workflows/sast_gitleaks.yaml

@@ -1,6 +1,6 @@
 ---
-# Template: 1.1.0
-name: "Lint / TFLint"
+# template: 1.1.1
+name: "SAST / TFSec"
 
 env:
   DEV_CICD_DEBUG: ""
@@ -18,19 +18,32 @@ on:
       - "src/**"
 
 jobs:
-  lint:
+  sast-tfsec:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
       - name: "Download tools"
-        run: "./bin/dev-lib-tflint"
+        run: |
+          ./bin/dev-lib-opentofu
+          ./bin/dev-lib-tfsec
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
 
       - name: "Run Lint"
-        run: "./bin/dev-lint-tflint"
+        run: "./bin/dev-sast-tfsec"
 ...

.github/workflows/sast_tfsec.yaml

@@ -1,5 +1,5 @@
 ---
-# Template: 1.2.0
+# template: 1.0.0
 name: "Test / OpenTofu"
 
 env:
@@ -16,15 +16,24 @@ on:
       - "feature/**"
     paths:
       - "src/**"
+      - "test/**"
 
 jobs:
-  test:
+  test-opentofu:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
@@ -34,6 +43,6 @@ jobs:
       - name: "Prepare Source"
         run: "./bin/dev-build-opentofu"
 
-      - name: "Run Test"
+      - name: "Run tests"
         run: "./bin/dev-test-opentofu"
 ...

.github/workflows/test_opentofu.yaml

@@ -23,5 +23,8 @@
 # Project specific exclusions
 #
 
+# OpenTofu / Staging
+var/opentofu/
+
 # Keep placeholder for empty directories
 !/**/.gitkeep