base files

Author: samir-gandhi

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,73 @@
+---
+name: Bug report
+about: If something isn't working as expected or documented
+labels: type/bug,status/needs-triage
+assignees: ''
+
+---
+
+---
+name: 🐛 Bug Report
+about: If something isn't working as expected or documented
+
+---
+
+## Description
+
+[Provide a clear and concise description of the bug.]
+
+## Steps to Reproduce
+
+1. [First step]
+2. [Second step]
+3. [Third step]
+   - [Any sub-steps if applicable]
+
+## Expected Behavior
+
+[Describe what you expected to happen.]
+
+## Actual Behavior
+
+[Describe what actually happened.]
+
+## Screenshots or Videos (if applicable)
+
+[If applicable, add screenshots or videos to help explain the problem.]
+
+## Environment
+
+- Operating System: [e.g. Windows 10, macOS Big Sur, Linux Ubuntu 20.04]
+- Browser (if applicable): [e.g. Chrome, Firefox, Safari]
+- Version/Commit: [If applicable, specify the version or commit hash where the issue occurred.]
+
+## Additional Information
+
+[Any additional information that may be relevant to the issue. This could include error messages, logs, or any workaround attempted.]
+
+## Reproducibility
+
+[Rate the reproducibility of the bug based on your attempts:
+- [ ] Always
+- [ ] Sometimes
+- [ ] Rarely
+- [ ] Unable to Reproduce]
+
+## Priority
+
+[Set the priority of this bug:
+- [ ] High
+- [ ] Medium
+- [ ] Low]
+
+## Related Issues/PRs
+
+[If there are any related issues or pull requests, mention them here.]
+
+## Assignees
+
+[Tag anyone who should be assigned to address this issue.]
+
+## Labels
+
+[Add any relevant labels to categorize this issue.]

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,61 @@
+---
+name: Feature request
+about: Ask for an enhancement
+labels: type/feature,status/needs-triage
+assignees: ''
+
+---
+
+---
+name: Feature Request
+about: Ask for an enhancement
+
+---
+
+## Description
+
+[Provide a clear and concise description of the new feature you are requesting.]
+
+## Use Case
+
+[Describe the specific use case or scenario where this feature would be beneficial.]
+
+## Proposed Solution
+
+[Outline your proposed solution to implement this feature. If you have any specific ideas or suggestions, include them here.]
+
+## Alternatives Considered
+
+[Discuss any alternative approaches or solutions that were considered, if any.]
+
+## Benefits
+
+[Explain the benefits and advantages of implementing this feature.]
+
+## Drawbacks
+
+[Discuss any potential drawbacks or challenges associated with implementing this feature.]
+
+## Additional Context
+
+[Provide any additional context, background information, or references that may be helpful in understanding and evaluating this feature request.]
+
+## Priority
+
+[Set the priority of this feature request:
+- [ ] High
+- [ ] Medium
+- [ ] Low]
+
+## Related Issues/PRs
+
+[If there are any related issues or pull requests, mention them here.]
+
+## Assignees
+
+[Tag anyone who should be assigned to address this feature request.]
+
+## Labels
+
+[Add any relevant labels to categorize this feature request.]
+

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

.github/workflows/pull_request.yml

@@ -0,0 +1,133 @@
+name: Pull Request Validation
+on: 
+  pull_request:
+    paths:
+      - 'terraform/**'
+      - '.github/**'
+
+jobs:
+  fmt:
+    runs-on: ubuntu-latest
+    env:
+      TERRAFORM_ENV_BASE64: ${{ secrets.TERRAFORM_ENV_BASE64 }}
+    steps:
+    - uses: actions/checkout@v4
+    - name: fmt-check
+      run: |
+        terraform fmt -recursive -check .
+
+  lint:
+    needs: [fmt]
+    runs-on: ubuntu-latest
+    env:
+      TERRAFORM_ENV_BASE64: ${{ secrets.TERRAFORM_ENV_BASE64 }}
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: terraform-linters/setup-tflint@v4
+      name: Setup TFLint
+      with:
+        tflint_version: latest
+
+    - name: tflint
+      run: |
+        _branch="${GITHUB_BASE_REF}"
+        case "${_branch}" in
+          "prod")
+            _tfdir=terraform
+            ;;
+          "qa")
+            _tfdir=terraform
+            ;;
+          *)
+            echo "ERROR: Unknown target branch: ${_branch}"
+            exit 1
+        esac
+        cd ${_tfdir}
+        echo "***Running terraform lint***"
+        tflint
+
+  validate:
+    needs: [lint]
+    name: validate
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    env:
+      TERRAFORM_ENV_BASE64: ${{ secrets.TERRAFORM_ENV_BASE64 }}
+    steps:
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v4
+    - uses: hashicorp/setup-terraform@v3
+    - run: |-
+        echo $TERRAFORM_ENV_BASE64 | base64 -d > tfvars
+        source tfvars
+        _branch="${GITHUB_BASE_REF}"
+        _tfdir=terraform
+        export TF_VAR_pingone_environment_name="${_branch}"
+        case "${_branch}" in
+          "prod")
+            _stateKey=${TF_VAR_tf_state_key_prefix}/prod/terraform.tfstate
+            ;;
+          "qa")
+            _stateKey=${TF_VAR_tf_state_key_prefix}/qa/terraform.tfstate
+            ;;
+          *)
+            echo "ERROR: Unknown target branch: ${_branch}"
+            exit 1
+        esac
+        terraform -chdir=${_tfdir} init \
+          -backend-config="bucket=$TF_VAR_tf_state_bucket" \
+          -backend-config="region=$TF_VAR_tf_state_region" \
+          -backend-config="key=${_stateKey}"
+        echo "***Running terraform validate***"
+        terraform -chdir=${_tfdir} validate
+        
+  trivy:
+    needs: [validate]
+    runs-on: ubuntu-latest
+    env:
+      TERRAFORM_ENV_BASE64: ${{ secrets.TERRAFORM_ENV_BASE64 }}
+    steps:
+    - uses: actions/checkout@v4
+    - name: Trivy
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: 'config'
+        hide-progress: false
+        exit-code: '1'
+
+
+  tfplan:
+    needs: [validate]
+    runs-on: ubuntu-latest
+    env:
+      TERRAFORM_ENV_BASE64: ${{ secrets.TERRAFORM_ENV_BASE64 }}
+    steps:
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v4
+    - uses: hashicorp/setup-terraform@v3
+    - run: |-
+        echo $TERRAFORM_ENV_BASE64 | base64 -d > tfvars
+        source tfvars
+        _branch="${GITHUB_BASE_REF}"
+        _tfdir=terraform
+        export TF_VAR_pingone_environment_name="${_branch}"
+        case "${_branch}" in
+          "prod")
+            _stateKey="${TF_VAR_tf_state_key_prefix}/prod/terraform.tfstate"
+            export TF_VAR_pingone_target_environment_id="${PINGONE_TARGET_ENVIRONMENT_ID_PROD}"
+            ;;
+          "qa")
+            _stateKey="${TF_VAR_tf_state_key_prefix}/qa/terraform.tfstate"
+            export TF_VAR_pingone_target_environment_id="${PINGONE_TARGET_ENVIRONMENT_ID_QA}"
+            ;;
+          *)
+            echo "ERROR: Unknown target branch: ${_branch}"
+            exit 1
+        esac
+        terraform -chdir=${_tfdir} init \
+          -backend-config="bucket=$TF_VAR_tf_state_bucket" \
+          -backend-config="region=$TF_VAR_tf_state_region" \
+          -backend-config="key=${_stateKey}"
+        echo "***Running terraform plan***"
+        terraform -chdir=${_tfdir} plan