terraform-vsphere-resourcegroups

Author	SHA1	Message	Date
Patrick de Ruiter	0089d060cf	Add Tfsec security scanning before Checkov All checks were successful Code Quality & Security Scan / Checkov Security Scan (push) Successful in 36s Details Code Quality & Security Scan / TFLint (push) Successful in 19s Details Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 1m4s Details Code Quality & Security Scan / SonarQube Trigger (push) Successful in 40s Details - Added Tfsec job for Terraform security analysis - Tfsec specializes in detecting security issues in Terraform code - Pipeline flow: TFLint -> Tfsec -> Checkov -> SonarQube - Tfsec focuses on cloud security misconfigurations - Complements Checkov with different security rule sets	2025-11-01 23:10:13 +01:00
Patrick de Ruiter	f4be04dce1	Add TFLint as first pipeline step Some checks failed Code Quality & Security Scan / TFLint (push) Failing after 28s Details Code Quality & Security Scan / Checkov Security Scan (push) Has been skipped Details Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped Details - Added TFLint job to catch Terraform errors and best practices - TFLint runs before Checkov for early error detection - Uses latest TFLint version with automatic initialization - Pipeline flow: TFLint -> Checkov -> SonarQube	2025-11-01 22:56:34 +01:00
Patrick de Ruiter	d7bc88ced2	Fix Checkov workflow for Gitea compatibility All checks were successful Code Quality & Security Scan / Checkov Security Scan (push) Successful in 30s Details Code Quality & Security Scan / SonarQube Trigger (push) Successful in 44s Details - Removed upload-artifact step (not supported in Gitea) - Simplified output to CLI format only - Checkov results will be displayed in pipeline logs	2025-11-01 22:51:19 +01:00
Patrick de Ruiter	1262a96f93	Add Checkov compliance scanning to CI pipeline Some checks failed Code Quality & Security Scan / Checkov Security Scan (push) Failing after 1m58s Details Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped Details - Added Checkov security scan job that runs before SonarQube - Configured for Terraform-specific IaC compliance checks - Outputs results in CLI and SARIF formats - Uploads scan results as artifacts for review - SonarQube job now depends on Checkov passing - Renamed workflow to reflect both quality and security scanning	2025-11-01 22:36:25 +01:00
Patrick de Ruiter	dcc7aaa091	Update SonarQube action to v6 for security patches All checks were successful SonarQube Scan / SonarQube Trigger (push) Successful in 47s Details	2025-11-01 20:39:05 +01:00
Patrick de Ruiter	bcb3110e03	Fix SonarQube scan Java version mismatch Some checks failed SonarQube Scan / SonarQube Trigger (push) Has been cancelled Details - Updated SonarQube action from kitabisa/sonarqube-action@v1.2.0 to sonarsource/sonarqube-scan-action@v4 - Official action uses Java 17, compatible with SonarQube 25.10 - Added sonar-project.properties with Terraform-specific exclusions - Fixes: java.lang.UnsupportedClassVersionError (class file version 61.0 vs 55.0)	2025-11-01 20:36:15 +01:00
Patrick de Ruiter	171d476941	Added gitea action pipeline Some checks failed SonarQube Scan / SonarQube Trigger (push) Failing after 20s Details	2025-11-01 19:47:36 +01:00
Patrick de Ruiter	dd088b4d17	Added gitea action pipeline	2025-11-01 19:45:34 +01:00

8 Commits