bug: update dependabot.yml (#24)

theprashantyadav · web-flow · commit 2aaedbf4c17b · 2023-05-08T14:04:44.000-04:00
* bug: update dependabot.yml

* bug: update changelog.yml file and use shared-workflows

* bug: update tfsec.yml file workflow with shared-workflows
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -10,6 +10,14 @@ updates:
     schedule:
       interval: "weekly"
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "_example/" # Location of package manifests
+    directory: "_example/generate-certificate-dns" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "_example/generate-certificate-email" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "_example/import-certificate" # Location of package manifests
     schedule:
       interval: "weekly"
diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml
@@ -1,14 +1,13 @@
 name: changelog
 permissions: write-all
-
 on:
   push:
     tags:
       - "*"
-  # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 jobs:
-  call-workflow-changelog:
+  changelog:
     uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master
+    secrets: inherit
     with:
       branch: 'master'
diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml
@@ -1,41 +1,11 @@
 name: tfsec
+permissions: write-all
 on:
   pull_request:
-
+  workflow_dispatch:
 jobs:
   tfsec:
-    name: Terraform Security Scan
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repo
-        uses: actions/checkout@master
-
-      - name: tfsec Basic
-        uses: aquasecurity/tfsec-sarif-action@v0.1.0
-        with:
-          sarif_file: tfsec.sarif
-          working_directory: ./_example/
-          full_repo_scan: true
-
-      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          # Path to SARIF file relative to the root of the repository
-          sarif_file: tfsec.sarif
-
-      - name: tfsec commenter for PR
-        uses: tfsec/tfsec-pr-commenter-action@main
-        with:
-          GITHUB_TOKEN: ${{ secrets.GITHUB}}
-          working_directory: ./_example/
-
-      - name: 'Terraform security scan Advanced'
-        uses: triat/terraform-security-scan@v3.0.3
-        if: github.event_name == 'pull_request'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB}}
-          tfsec_actions_working_dir: ./_example/
-          tfsec_actions_comment: true
-          tfsec_output_format: sarif
-        continue-on-error: true
+    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master
+    secrets: inherit
+    with:
+      working_directory: '.'
