From 3ad1fb727966cb2c0971b77fdaf2d97c9ac1c0b4 Mon Sep 17 00:00:00 2001
From: William Guilherme <wguilherme@securitygeek.io>
Date: Mon, 19 Aug 2024 22:53:43 -0700
Subject: [PATCH] feat: Updated all modules to new Zscaler RHEL9 Images

---
 .github/workflows/ci.yml | 127 +++++++++++++++++++++++----------------
 scripts/install.sh       |  55 -----------------
 scripts/requirements.txt |  83 -------------------------
 scripts/run.sh           |  12 ----
 4 files changed, 76 insertions(+), 201 deletions(-)
 delete mode 100755 scripts/install.sh
 delete mode 100644 scripts/requirements.txt
 delete mode 100755 scripts/run.sh

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d920a0c..51518dd 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,64 +1,89 @@
-
----
-name: CI/CD
-on:
-  push:
-    branches:
-      - main
-      - develop
-  pull_request:
+name: Terraform checks
+on: [push, pull_request]
 
 jobs:
-  pre-commit:
-    name: Verify the pre-commit framework was used properly by developers
+  terraform-linter:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Check out source
-        uses: actions/checkout@v4
+      - name: Checkout
+        uses: actions/checkout@v3
 
-      - name: Set up Python
-        uses: actions/setup-python@v4
-        with:
-          # Semantic version range syntax (like 3.x) or the exact Python version
-          python-version: '3.11.0'
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
 
-      - name: Run pre-commit framework as the developer should run it
-        run: sudo ./scripts/install.sh && sudo ./scripts/run.sh
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check -recursive
 
-      - name: The `git diff` showing whether the pre-commit mandated extra changes to the repository files
-        if: failure()
-        run: git diff
+      - name: Terraform Init
+        id: init-zpa-service-edge-group
+        run: |
+          cd modules/terraform-zpa-service-edge-group
+          terraform init
 
-  validate:
-    name: Validate
-    runs-on: ubuntu-latest
+      - name: Terraform Validate
+        id: validate-zpa-service-edge-group
+        run: |
+          cd modules/terraform-zpa-service-edge-group
+          terraform validate -no-color
 
-    steps:
-      - name: Check out source
-        uses: actions/checkout@v4
+      - name: Terraform Init
+        id: init-zpa-provisioning-key
+        run: |
+          cd modules/terraform-zpa-provisioning-key
+          terraform init
 
-      - name: Set up Terraform
-        uses: hashicorp/setup-terraform@v3
-        with:
-          terraform_version: 0.15.3
+      - name: Terraform Validate
+        id: validate-zpa-provisioning-key
+        run: |
+          cd modules/terraform-zpa-provisioning-key
+          terraform validate -no-color
+
+      - name: Terraform Init
+        id: init-zpse-vm-azure
+        run: |
+          cd modules/terraform-zpse-vm-azure
+          terraform init
+
+      - name: Terraform Validate
+        id: validate-zpse-vm-azure
+        run: |
+          cd modules/terraform-zpse-vm-azure
+          terraform validate -no-color
+
+      - name: Terraform Init
+        id: init-zpse-bastion-azure
+        run: |
+          cd modules/terraform-zpse-bastion-azure
+          terraform init
+
+      - name: Terraform Validate
+        id: validate-zpse-bastion-azure
+        run: |
+          cd modules/terraform-zpse-bastion-azure
+          terraform validate -no-color
+
+      - name: Terraform Init
+        id: init-zpse-network-azure
+        run: |
+          cd modules/terraform-zpse-network-azure
+          terraform init
+
+      - name: Terraform Validate
+        id: validate-zpse-network-azure
+        run: |
+          cd modules/terraform-zpse-network-azure
+          terraform validate -no-color
+
+      - name: Terraform Init
+        id: init-zpse-nsg-azure
+        run: |
+          cd modules/terraform-zpse-nsg-azure
+          terraform init
 
-      - name: terraform validate
-        env:
-          AWS_DEFAULT_REGION: us-west-2
+      - name: Terraform Validate
+        id: validate-zpse-nsg-azure
         run: |
-          cd "$GITHUB_WORKSPACE"
-          for dir in $(find modules examples -type d -not \( -name ".?*" \) -maxdepth 1 -mindepth 1);
-          do
-            if [[ "$dir" == "modules/transit_gateway_peering" ]];
-            then
-              echo "Skipping directory: $dir"
-              echo "Terraform does not support validating a module which uses an aliased provider (module-specific; validating an entire configuration works fine)."
-              continue
-            fi
-
-            echo "Processing directory: $dir"
-            cd "$GITHUB_WORKSPACE/$dir"
-            terraform init -backend=false
-            terraform validate
-          done
+          cd modules/terraform-zpse-nsg-azure
+          terraform validate -no-color
diff --git a/scripts/install.sh b/scripts/install.sh
deleted file mode 100755
index 32bfa09..0000000
--- a/scripts/install.sh
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/usr/bin/bash
-
-# install.sh - prepare the dependencies for the run.sh
-#
-# It only handles installing from scratch and will probably fail on a subsequent run.
-# It overuses the &&, &, and backslash line continuation so it could be easily converted
-# into a Dockerfile, just by adding `RUN` directives (and `COPY requirements.txt .`).
-
-set -euo pipefail
-
-cd "$(dirname $0)"
-
-curl -sL https://github.com/terraform-docs/terraform-docs/releases/download/v0.16.0/terraform-docs-v0.16.0-linux-amd64.tar.gz > terraform-docs.tar.gz    & \
-curl -sL https://github.com/tfsec/tfsec/releases/download/v0.34.0/tfsec-linux-amd64 > tfsec    & \
-curl -sL https://github.com/terraform-linters/tflint/releases/download/v0.29.0/tflint_linux_amd64.zip > tflint.zip    & \
-# curl -sL https://releases.hashicorp.com/terraform/0.12.29/terraform_0.12.29_linux_amd64.zip > terraform-0.12.29.zip    & \
-# curl -sL https://releases.hashicorp.com/terraform/0.13.7/terraform_0.13.7_linux_amd64.zip > terraform-0.13.7.zip    & \
-# curl -sL https://releases.hashicorp.com/terraform/0.14.9/terraform_0.14.9_linux_amd64.zip > terraform-0.14.9.zip    & \
-wait
-echo Finished successfully all parallel downloads ------------------------------------------------------------------
-
-tar zxf terraform-docs.tar.gz
-rm terraform-docs.tar.gz
-mv terraform-docs /usr/local/bin/
-
-chmod +x tfsec
-mv tfsec /usr/local/bin/
-
-unzip tflint.zip
-rm tflint.zip
-mv tflint /usr/local/bin/
-
-# unzip terraform-0.12.29.zip
-# rm terraform-0.12.29.zip
-# mv terraform /usr/local/bin/terraform
-
-# unzip terraform-0.13.7.zip
-# rm terraform-0.13.7.zip
-# mv terraform /usr/local/bin/terraform-0.13.7
-
-# unzip terraform-0.14.9.zip
-# rm terraform-0.14.9.zip
-# mv terraform /usr/local/bin/terraform-0.14.9
-
-git --version
-terraform-docs --version
-tfsec --version
-tflint --version
-terraform version
-
-echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E "https://.+?-linux-amd64")"
-echo "Also, the newest release: $(curl -s https://api.github.com/repos/tfsec/tfsec/releases/latest | grep -o -E "https://.+?tfsec-linux-amd64")"
-echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")"
-
-python3 -m pip install -r requirements.txt
diff --git a/scripts/requirements.txt b/scripts/requirements.txt
deleted file mode 100644
index 5c461f2..0000000
--- a/scripts/requirements.txt
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# This file is autogenerated by pip-compile
-# To update, run:
-#
-#    pip-compile requirements.txt
-#
-appdirs==1.4.4
-    # via
-    #   -r requirements.txt
-    #   virtualenv
-cfgv==3.2.0
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-click==7.1.2
-    # via
-    #   -r requirements.txt
-    #   pip-tools
-distlib==0.3.1
-    # via
-    #   -r requirements.txt
-    #   virtualenv
-filelock==3.0.12
-    # via
-    #   -r requirements.txt
-    #   virtualenv
-identify==2.2.4
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-importlib-metadata==4.0.1
-    # via
-    #   -r requirements.txt
-    #   pep517
-    #   pre-commit
-    #   virtualenv
-importlib-resources==5.1.2
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-    #   virtualenv
-nodeenv==1.6.0
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-pep517==0.10.0
-    # via
-    #   -r requirements.txt
-    #   pip-tools
-pip-tools==6.1.0
-    # via -r requirements.txt
-pre-commit==2.7.1
-    # via -r requirements.txt
-pyyaml==5.4.1
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-six==1.16.0
-    # via
-    #   -r requirements.txt
-    #   virtualenv
-toml==0.10.2
-    # via
-    #   -r requirements.txt
-    #   pep517
-    #   pre-commit
-typing-extensions==3.10.0.0
-    # via
-    #   -r requirements.txt
-    #   importlib-metadata
-virtualenv==20.4.6
-    # via
-    #   -r requirements.txt
-    #   pre-commit
-zipp==3.4.1
-    # via
-    #   -r requirements.txt
-    #   importlib-metadata
-    #   importlib-resources
-    #   pep517
-
-# The following packages are considered to be unsafe in a requirements file:
-# pip
diff --git a/scripts/run.sh b/scripts/run.sh
deleted file mode 100755
index c2cd967..0000000
--- a/scripts/run.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/bash
-
-# run.sh - Run the usual pre-commit checks.
-
-set -euo pipefail
-
-pre-commit autoupdate
-pre-commit run --all-files terraform_fmt
-pre-commit run --all-files terraform_docs
-pre-commit run --all-files terraform_tflint
-pre-commit run --all-files check-merge-conflict
-pre-commit run --all-files end-of-file-fixer