ci.yml

name: Continuous Integration

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

  workflow_dispatch:

jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
            
      - name: YAML lint on Ansible
        continue-on-error: true
        run: yamllint -c ./tests/ymllint/config.yml ./ansible 
        
      - name: PSScriptAnalyzer on Ansible
        continue-on-error: true
        run: pwsh -Command Invoke-ScriptAnalyzer -Path "./ansible/*" -Setting "./tests/psscript/config.psd1" -EnableExit
      
      - name: TFLint for Terraform
        continue-on-error: true
        run: |
          curl -s https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
          tflint --format junit --recursive > tflint-result.xml
      
      - name: Checkov for Terraform
        continue-on-error: true
        run: |
          pip3 install checkov
          checkov --directory ./terraform -o junitxml > checkov-results.xml

      - name: Publish test results
        uses: EnricoMi/publish-unit-test-result-action@v2
        if: always()
        with:
          files: |
            *-result.xml