automation64 · serdigital64 · Nov 5, 2025 · Nov 5, 2025 · Nov 5, 2025
diff --git a/.dev.env b/.dev.env
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+#
+# Development environment variables
+#
+# * Used by DevBin64 to define project wide variables
+# * Automatically loaded by dev-set
+# * Do not include local variables (workstation specific) and secrets. Use .local.env and .secrets.env instead
+# * Version: 1.0.1
+# * Template: 5.0.0
+#
+
+#
+# DevBin64 variables
+#
+# * Use to customize devbin64 module variables
+# * Module variables are defined in bin/dev-env-MODULE
+#
+
+# Env / GIT / Upstream URL
+export DEV_GIT_REMOTE_UPSTREAM_URL='https://github.com/automation64/terraform-iac64-hello-world.git'
+
+# Lint / TFLint / Target
+export DEV_LINT_TFLINT_TARGET="$DEV_BUILD_OPENTOFU_STAGING"
+
+# SAST /TFSec / Target
+export DEV_SAST_TFSEC_TARGET="$DEV_BUILD_OPENTOFU_STAGING"
+
+# Test / Act / List of workflows. Format: job-id, separated by spaces
+export DEV_TEST_ACT_WORKFLOWS='lint-opentofu lint-tflint sast-gitleaks sast-tfsec test-opentofu'
+
+#
+# Project variables
+#
diff --git a/.devbin64 b/.devbin64
@@ -1 +1 @@
-8.0.0
+10.3.0
diff --git a/.devbin64-modules b/.devbin64-modules
@@ -1,10 +1,7 @@
 act
-bash
 git
 github
 gitleaks
-iac64
 opentofu
-testmansh
 tflint
 tfsec
diff --git a/.env b/.env
diff --git a/.github/workflows/lint_opentofu.yaml b/.github/workflows/lint_opentofu.yaml
@@ -0,0 +1,46 @@
+---
+# template: 1.0.0
+name: "Lint / OpenTofu"
+
+env:
+  DEV_CICD_DEBUG: ""
+  BL64_LIB_CICD: "YES"
+
+on:
+  pull_request:
+    branches:
+      - "main"
+  push:
+    branches:
+      - "feature/**"
+    paths:
+      - "src/**"
+
+jobs:
+  lint-opentofu:
+    runs-on: "ubuntu-latest"
+    steps:
+
+      - name: "Check out repository code"
+        uses: "actions/checkout@main"
+
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
+      - name: "Prepare environment"
+        run: "./bin/dev-lib-base"
+
+      - name: "Download tools"
+        run: "./bin/dev-lib-opentofu"
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
+
+      - name: "Run Linter"
+        run: "./bin/dev-lint-opentofu"
+...
diff --git a/.github/workflows/lint_tflint.yaml b/.github/workflows/lint_tflint.yaml
@@ -1,11 +1,10 @@
 ---
-# Template: 1.1.0
-name: "SAST / TFSec"
+# template: 1.1.1
+name: "Lint / TFLint"
 
 env:
   DEV_CICD_DEBUG: ""
   BL64_LIB_CICD: "YES"
-  DEV_TEST_BASH_RUNNER_ENVIRONMENT: "ON"
 
 on:
   pull_request:
@@ -18,19 +17,32 @@ on:
       - "src/**"
 
 jobs:
-  sast:
+  lint-tflint:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
       - name: "Download tools"
-        run: "./bin/dev-lib-tfsec"
+        run: |
+          ./bin/dev-lib-opentofu
+          ./bin/dev-lib-tflint
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
 
-      - name: "Run SAST"
-        run: "./bin/dev-sast-tfsec"
+      - name: "Run Linter"
+        run: "./bin/dev-lint-tflint"
 ...
diff --git a/.github/workflows/sast_gitleaks.yaml b/.github/workflows/sast_gitleaks.yaml
@@ -1,5 +1,5 @@
 ---
-# Template: 1.1.0
+# template: 1.2.0
 name: "SAST / GitLeaks"
 
 env:
@@ -23,6 +23,14 @@ jobs:
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 

diff --git a/.github/workflows/sast_tfsec.yaml b/.github/workflows/sast_tfsec.yaml
@@ -1,6 +1,6 @@
 ---
-# Template: 1.1.0
-name: "Lint / TFLint"
+# template: 1.1.1
+name: "SAST / TFSec"
 
 env:
   DEV_CICD_DEBUG: ""
@@ -18,19 +18,32 @@ on:
       - "src/**"
 
 jobs:
-  lint:
+  sast-tfsec:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
       - name: "Download tools"
-        run: "./bin/dev-lib-tflint"
+        run: |
+          ./bin/dev-lib-opentofu
+          ./bin/dev-lib-tfsec
+
+      - name: "Prepare for testing"
+        run: "./bin/dev-build-opentofu"
 
       - name: "Run Lint"
-        run: "./bin/dev-lint-tflint"
+        run: "./bin/dev-sast-tfsec"
 ...
diff --git a/.github/workflows/test_opentofu.yaml b/.github/workflows/test_opentofu.yaml
@@ -1,5 +1,5 @@
 ---
-# Template: 1.2.0
+# template: 1.0.0
 name: "Test / OpenTofu"
 
 env:
@@ -16,15 +16,24 @@ on:
       - "feature/**"
     paths:
       - "src/**"
+      - "test/**"
 
 jobs:
-  test:
+  test-opentofu:
     runs-on: "ubuntu-latest"
     steps:
 
       - name: "Check out repository code"
         uses: "actions/checkout@main"
 
+      - name: "Cache local tools"
+        uses: "actions/cache@v4"
+        with:
+          path: ./lib
+          key: ${{ runner.os }}-lib-cache
+          restore-keys: |
+            ${{ runner.os }}-lib-cache
+
       - name: "Prepare environment"
         run: "./bin/dev-lib-base"
 
@@ -34,6 +43,6 @@ jobs:
       - name: "Prepare Source"
         run: "./bin/dev-build-opentofu"
 
-      - name: "Run Test"
+      - name: "Run tests"
         run: "./bin/dev-test-opentofu"
 ...
diff --git a/.gitignore b/.gitignore
@@ -23,5 +23,8 @@
 # Project specific exclusions
 #
 
+# OpenTofu / Staging
+var/opentofu/
+
 # Keep placeholder for empty directories
 !/**/.gitkeep
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 ## Purpose
 
-Simple hello-world
+OpenTofu hello world using the local provider
 
 ## License
 

diff --git a/bin/dev-auth-github b/bin/dev-auth-github
@@ -18,10 +18,10 @@
 
 # shellcheck source=bin/dev-set
 source ./bin/dev-set || { echo 'dev-set:Error: unable to load dev environment' 2>&1 && exit 1; }
+# shellcheck source-path=/opt/bl64
+source "${DEV_LIB_BASHLIB64_TARGET}/bashlib64-core.bash" || exit 1
 # shellcheck source-path=bin
 source ./bin/dev-env-github || exit 1
-# shellcheck source-path=lib/bl64
-source "${DEV_LIB_BASHLIB64_TARGET}/bashlib64-core.bash" || exit 1
 
 #
 # Globals
@@ -56,7 +56,7 @@ function dev_auth_initialize() {
 
 [[ -n "$DEV_CICD_DEBUG" ]] && bl64_dbg_all_enable
 bl64_lib_script_version_set '1.2.1'
-bl64_msg_all_enable_verbose
+bl64_msg_set_format "$DEV_VERBOSE" && bl64_msg_all_enable_verbose
 
 bl64_msg_show_batch_start "$BL64_SCRIPT_ID"
 dev_auth_initialize &&