Init TF Scanner (#34)

Signed-off-by: Justin Brooks <[email protected]>

.env.example

@@ -7,12 +7,10 @@
 # The database URL is used to connect to your Supabase database.
 POSTGRES_URL="postgres://postgres.[USERNAME]:[PASSWORD]@aws-0-eu-central-1.pooler.supabase.com:6543/postgres?workaround=supabase-pooler.vercel"
 
-
 # You can generate the secret via 'openssl rand -base64 32' on Unix
 # @see https://next-auth.js.org/configuration/options#secret
 AUTH_SECRET='supersecret'
 
-
 JOB_AGENT_WORKSPACE="ctrlplane"
 JOB_AGENT_NAME="agent"
-JOB_AGENT_API_KEY=
+JOB_AGENT_API_KEY=

.github/workflows/ci.yaml

@@ -31,6 +31,18 @@ jobs:
       - name: Lint
         run: pnpm lint && pnpm lint:ws
 
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup
+        uses: ./tooling/github/setup
+
+      - name: Run Tests
+        run: turbo test
+
   format:
     name: Format
     runs-on: ubuntu-latest

.github/workflows/providers-terraform-cloud-scanner.yaml

@@ -0,0 +1,60 @@
+name: Providers / Terraform Cloud Scanner
+
+on:
+  pull_request:
+    branches: ["*"]
+    paths:
+      - providers/terraform-cloud-scanner/**
+      - .github/workflows/providers-terraform-cloud-scanner.yaml
+      - pnpm-lock.yaml
+  push:
+    branches: ["main"]
+    paths:
+      - providers/terraform-cloud-scanner/**
+      - .github/workflows/providers-terraform-cloud-scanner.yaml
+      - pnpm-lock.yaml
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ctrlplane/terraform-cloud-scanner
+          tags: |
+            type=sha,format=short,prefix=
+
+      - name: Build
+        uses: docker/build-push-action@v6
+        if: github.ref != 'refs/heads/main'
+        with:
+          push: false
+          file: providers/terraform-cloud-scanner/Dockerfile
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - name: Build and Push
+        uses: docker/build-push-action@v6
+        if: github.ref == 'refs/heads/main'
+        with:
+          push: true
+          file: providers/terraform-cloud-scanner/Dockerfile
+          tags: ${{ steps.meta.outputs.tags }}

.vscode/settings.json

@@ -4,5 +4,10 @@
       "mode": "auto"
     }
   ],
-  "cSpell.words": ["deployables"]
+  "cSpell.words": ["deployables"],
+  "[markdown]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.formatOnSave": true,
+    "prettier.printWidth": 80
+  }
 }

apps/docs/Dockerfile

@@ -1,14 +1,12 @@
 ARG NODE_VERSION=22
 FROM node:${NODE_VERSION}-alpine AS base
 
-
 FROM base AS builder
 RUN apk add --no-cache libc6-compat
 RUN apk update
 
 RUN npm install -g turbo
 
-
 FROM base AS installer
 
 RUN apk add --no-cache libc6-compat
@@ -47,7 +45,6 @@ COPY . .
 
 RUN turbo build --filter=...@ctrlplane/docs
 
-
 FROM base AS runner
 WORKDIR /app
 
@@ -63,4 +60,4 @@ EXPOSE 3000
 ENV PORT=3000
 ENV NODE_ENV=production
 
-CMD HOSTNAME="0.0.0.0" node apps/docs/server.js
+CMD ["HOSTNAME=0.0.0.0", "node", "apps/docs/server.js"]

apps/event-worker/Dockerfile

@@ -42,4 +42,4 @@ USER nodejs
 
 ENV NODE_ENV=production
 
-CMD node apps/event-worker/dist/index.js
+CMD ["node", "apps/event-worker/dist/index.js"]

apps/job-policy-checker/Dockerfile

@@ -41,4 +41,4 @@ USER nodejs
 
 ENV NODE_ENV=production
 
-CMD node apps/job-policy-checker/dist/index.js
+CMD ["node", "apps/job-policy-checker/dist/index.js"]

apps/webservice/Dockerfile

@@ -1,7 +1,6 @@
 ARG NODE_VERSION=20
 FROM node:${NODE_VERSION}-alpine AS base
 
-
 FROM base AS builder
 
 RUN apk add --no-cache libc6-compat python3 make g++
@@ -12,7 +11,6 @@ ENV PATH="$PNPM_HOME:$PATH"
 RUN npm install -g turbo
 RUN corepack enable pnpm
 
-
 FROM builder AS installer
 
 WORKDIR /app
@@ -44,7 +42,6 @@ COPY . .
 
 RUN turbo build --filter=...@ctrlplane/webservice
 
-
 FROM base AS runner
 WORKDIR /app
 
@@ -62,4 +59,4 @@ ENV PORT=3000
 ENV AUTH_TRUST_HOST=true
 ENV NODE_ENV=production
 
-CMD HOSTNAME="0.0.0.0" node apps/webservice/server.js
+CMD ["HOSTNAME=0.0.0.0", "node", "apps/webservice/server.js"]

apps/webshell-router/Dockerfile

@@ -36,4 +36,4 @@ RUN adduser --system --uid 1001 expressjs
 USER expressjs
 
 COPY --from=installer /app .
-CMD node apps/webshell-router/dist/index.js
+CMD ["node", "apps/webshell-router/dist/index.js"]

package.json

@@ -9,6 +9,7 @@
   "scripts": {
     "build": "turbo build",
     "build:digitalocean": "pnpm install --production=false && pnpm build",
+    "test": "turbo test",
     "clean": "git clean -xdf node_modules",
     "clean:workspaces": "turbo clean && find . -type d -name 'dist' -exec rm -rf {} +",
     "db:push": "pnpm -F db push",

packages/db/Dockerfile

@@ -38,4 +38,4 @@ COPY ./packages/db/drizzle ./packages/db/dist/drizzle
 
 ENV NODE_ENV=production
 
-CMD node packages/db/dist/migrate.js
+CMD ["node", "packages/db/dist/migrate.js"]