---
kind: pipeline
type: docker
name: terraform validate

platform:
  os: linux
  arch: amd64

steps:
- name: validate
  pull: always
  image: hashicorp/terraform:1.1.0-alpha20210616
  commands:
  - terraform -version
  - cd vms
  - terraform init -backend=false
  - terraform validate
  - terraform fmt --check

- name: fmt
  pull: always
  image: hashicorp/terraform:1.1.0-alpha20210616
  depends_on: [clone]
  commands:
  - terraform -version
  - cd vms
  - terraform init -backend=false
  - terraform fmt -check -recursive -diff

- name: "tfsec: project root"
  pull: always
  image: tfsec/tfsec-ci:v0.45.2
  depends_on: [validate]
  commands:
  - tfsec --version
  - tfsec

- name: "tfsec: vms folder"
  pull: always
  image: tfsec/tfsec-ci:v0.45.2
  depends_on: [validate]
  commands:
  - tfsec --version
  - tfsec ./vms

- name: "tfsec: terraform.tfvars"
  pull: always
  image: tfsec/tfsec-ci:v0.45.2
  depends_on: [validate]
  commands:
  - tfsec --version
  - tfsec --tfvars-file vms/terraform.tfvars

- name: checkov libvirt.tf
  pull: always
  image: bridgecrew/checkov:2.0.263
  depends_on: [validate]
  commands:
  - checkov --version
  - checkov -f libvirt.tf

- name: checkov main.tf
  pull: always
  image: bridgecrew/checkov:2.0.263
  depends_on: [validate]
  commands:
  - checkov --version
  - checkov -f vms/main.tf