Add TFLint as first pipeline step

- Added TFLint job to catch Terraform errors and best practices
- TFLint runs before Checkov for early error detection
- Uses latest TFLint version with automatic initialization
- Pipeline flow: TFLint -> Checkov -> SonarQube

.gitea/workflows/sonarqube.yaml

@@ -7,9 +7,30 @@ on:
 
 name: Code Quality & Security Scan
 jobs:
+  tflint:
+    name: TFLint
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Setup TFLint
+      uses: terraform-linters/setup-tflint@v4
+      with:
+        tflint_version: latest
+
+    - name: Initialize TFLint
+      run: tflint --init
+
+    - name: Run TFLint
+      run: tflint --format compact
+
   checkov:
     name: Checkov Security Scan
     runs-on: ubuntu-latest
+    needs: tflint
     steps:
     - name: Checking out
       uses: actions/checkout@v4