balltrev
commented
1 year ago Hey @txsutton thank you for the request. AFT isn't intended to be used as CI/CD, but rather a deployment tool. My recommendation would be to implement these checks in your process before the code is committed to the AFT Customization repositories.
Describe the outcome you'd like Apologies if I have missed this but is there a way of adding checkov, terraform fmt, tflint, etc. into the pipelines, ideally it would be a simple true/false option in a variable file but if not a documented method on how to add them
Is your feature request related to a problem you are currently experiencing? If so, please describe. During a security review we have been asked what security controls are around the AFT Code Pipelines and so I am after a definitive answer or if there is none a documented process or procedure to add some in
A clear and concise description of what the problem is.
Additional context
Add any other context or screenshots about the feature request here.