Merge pull request #21 from ajschofield/feature/ci-tests

pr: initial ci/cd setup

2 files changed, 87 insertions, 0 deletions

diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml
new file mode 100644
index 0000000..7d5b5b1
--- /dev/null
+++ b/.github/workflows/python.yml
@@ -0,0 +1,50 @@
+name: python-quality-checks
+
+on:
+    push:
+        branches: [development]
+    pull_request:
+        branches: [development, staging]
+
+jobs:
+
+    check-if-py-files-exist:
+        runs-on: ubuntu-latest
+        outputs:
+            py_files_exist: ${{ steps.check.outputs.py_files_exist }}
+        steps:
+            - uses: actions/checkout@v2
+            - id: check_files
+              run: |
+                if [ -n "$(find . -name '*.py')" ]; then
+                    echo "::set-output name=py_files_exist::true"
+                else
+                    echo "::set-output name=py_files_exist::false"
+                fi
+
+    quality-checks:
+        needs: check-if-py-files-exist
+        if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }}
+        runs-on: ubuntu-latest
+        steps:
+            - uses : actions/checkout@v2
+            - name : Setup
+              uses : actions/setup-python@v2
+              with:
+                python-version: 3.11
+            - name : Dependencies
+              run: |
+                python -m pip install --upgrade pip
+                pip install flake8 pylint black bandit safety
+            - name : Linting
+              run: |
+                flake8 .
+                find . -name "*.py" | xargs pylint
+            - name : Formatting
+              run: |
+                black --check .
+            - name: Security
+              run: |
+                bandit -r .
+                safety check
+                
\ No newline at end of file
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
new file mode 100644
index 0000000..c349756
--- /dev/null
+++ b/.github/workflows/terraform.yml
@@ -0,0 +1,37 @@
+name: terraform-quality-checks
+
+on:
+    push:
+        branches: [development]
+        paths:
+            - 'terraform/**.tf'
+            - 'terraform/**.tfvars'
+    pull_request:
+        branches: [development, staging]
+        paths:
+            - 'terraform/**.tf'
+            - 'terraform/**.tfvars'
+jobs:
+    terraform-validation:
+        runs-on: ubuntu-latest
+        defaults:
+            run:
+                working-directory: ./terraform
+        steps:
+            - uses: actions/checkout@v2
+            - name: Setup Terraform
+              uses: hashicorp/setup-terraform@v1
+              with:
+                  terraform_version: latest # Using the latest version, but not sure if it's the best practice
+            - name: Format
+              run: terraform fmt -check -recursive
+            - name: Init
+              run: terraform init -backend=false
+            - name: Validate
+              run: terraform validate
+            - name: Setup TFLint
+              uses: terraform-linters/setup-tflint@v2
+              with:
+                  tflint_version: latest
+            - name: Run TFLint
+              run: tflint -f compact
\ No newline at end of file