Closed Nihisil closed 1 year ago
tfsec is not working correctly because of that bug: https://github.com/nimblehq/infrastructure-templates/issues/179
I have moved this PR to draft and will revise it after 179 will be fixed.
@malparty It's a great idea! I included a ticket to address an issue that was previously ignored: https://github.com/nimblehq/infrastructure-templates/issues/189.
As for the other issues, some simply don't make sense to address, for instance, forcing encryption for ALB S3 bucket. In other cases, there's some uncertainty whether they should be addressed, such as using a custom KMS key for ECR images.
What happened 👀
tfsec
GH action into the generated project template.TFSEC_VERSION
specified with the requiredv
prefix, astfsec
uses this format for release tags.tfsec
is included in the.tool-versions
file for asdf, so that developers can run checks locally during the development process.Insight 📝
Our template had multiple warnings listed by tfsec. A few of these warnings were addressed and resolved accordingly, while others were silenced since they don't have much sense.
Proof Of Work 📹
tfsec
action was initiated and the CI passed.CI for newly generated project: