Timothy O'Brien obrientimothya

## GHA02-push-main.yaml
# GHA02 runs on push to the main branch
name: GHA02-push-main
on:
  push:
    branches:
      - main

# env defines global variables for versioning and configuration
env:
  IMAGE_NAME: secureimage

## GHA01-pull-request.yaml
# GHA01 runs on pull request to the main branch
name: GHA01-pull-request
on:
  pull_request:
    branches:
      - main

# env defines global variables for versioning and configuration
env:
  IMAGE_NAME: secureimage

## goss_files.yaml
file:
  # T01 terraform binary must be valid
  /usr/local/bin/terraform:
    exists: true
    mode: "0755"
    owner: root
    group: root
    filetype: file
    sha256: 278a0f66c7404ceb426e6f2db7f0f3a1b5b3d8373e7024640e7bc238389bab74
  # T02 tfsec binary must be valid

## goss.yaml
# gossfile loads all goss tests from goss.d
gossfile:
  ./goss.d/*.yaml: {}

## Makefile
RUNNER = docker-compose run --rm
RUNNER-HADOLINT = $(RUNNER) hadolint
PWD = $(shell pwd)

# check_defined determines if an environment variable is defined
check_defined = \
	$(strip $(foreach 1,$1, \
	$(call __check_defined,$1,$(strip $(value 2)))))
__check_defined = \
	$(if $(value $1),, \

## .hadolint.yaml
ignored:
  - DL3059  # Multiple consecutive RUN statements

trustedRegistries:
  - docker.io
  - ghcr.io

## docker-compose.yaml
version: '3'

services:
  hadolint:
    image: docker.io/hadolint/hadolint:v2.4.1-alpine
    working_dir: /opt/app
    volumes:
      - .:/opt/app
  localbuild:
    image: localbuild/${IMAGE_NAME}:latest

## Dockerfile
# The following digest is alpine:3.10.6
# This image has known security issues.
# Therefore, it can be used to test the scan in the GitHub Actions pipeline.
FROM alpine@sha256:abd435b2a549002f78ec235cca4677237e6b8cfa9f7d15a2ea1e644596ff71d2

ARG GOSS_VERSION
ARG TF_VERSION
ARG TFLINT_VERSION
ARG TFSEC_VERSION

## .vimrc
" vim-plug
call plug#begin('~/.vim/plugged')

" plugin section

Plug 'pangloss/vim-javascript'
Plug 'leafgarland/typescript-vim'
Plug 'maxmellon/vim-jsx-pretty'

" end vim-plug

## .vimrc
" vim-plug
call plug#begin('~/.vim/plugged')

" plugin section

" end vim-plug
call plug#end()
	# GHA02 runs on push to the main branch
	name: GHA02-push-main
	on:
	push:
	branches:
	- main

	# env defines global variables for versioning and configuration
	env:
	IMAGE_NAME: secureimage
	# GHA01 runs on pull request to the main branch
	name: GHA01-pull-request
	on:
	pull_request:
	branches:
	- main

	# env defines global variables for versioning and configuration
	env:
	IMAGE_NAME: secureimage
	file:
	# T01 terraform binary must be valid
	/usr/local/bin/terraform:
	exists: true
	mode: "0755"
	owner: root
	group: root
	filetype: file
	sha256: 278a0f66c7404ceb426e6f2db7f0f3a1b5b3d8373e7024640e7bc238389bab74
	# T02 tfsec binary must be valid
	# gossfile loads all goss tests from goss.d
	gossfile:
	./goss.d/*.yaml: {}
	RUNNER = docker-compose run --rm
	RUNNER-HADOLINT = $(RUNNER) hadolint
	PWD = $(shell pwd)

	# check_defined determines if an environment variable is defined
	check_defined = \
	$(strip $(foreach 1,$1, \
	$(call __check_defined,$1,$(strip $(value 2)))))
	__check_defined = \
	$(if $(value $1),, \
	ignored:
	- DL3059 # Multiple consecutive RUN statements

	trustedRegistries:
	- docker.io
	- ghcr.io
	version: '3'

	services:
	hadolint:
	image: docker.io/hadolint/hadolint:v2.4.1-alpine
	working_dir: /opt/app
	volumes:
	- .:/opt/app
	localbuild:
	image: localbuild/${IMAGE_NAME}:latest
	# The following digest is alpine:3.10.6
	# This image has known security issues.
	# Therefore, it can be used to test the scan in the GitHub Actions pipeline.
	FROM alpine@sha256:abd435b2a549002f78ec235cca4677237e6b8cfa9f7d15a2ea1e644596ff71d2

	ARG GOSS_VERSION
	ARG TF_VERSION
	ARG TFLINT_VERSION
	ARG TFSEC_VERSION
	" vim-plug
	call plug#begin('~/.vim/plugged')

	" plugin section

	Plug 'pangloss/vim-javascript'
	Plug 'leafgarland/typescript-vim'
	Plug 'maxmellon/vim-jsx-pretty'

	" end vim-plug