Initial commit

.forgejo/workflows/default-ci.yaml

@@ -3,6 +3,26 @@ name: CI
 on: [push]
 
 jobs:
+  license-check:
+    name: Check License Header
+    runs-on: docker
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Verify license header in Terraform files
+        run: |
+          set -e
+          # Only checks for the presence of the word "Copyright" in the first line.
+          KEYWORD="Copyright"
+          for file in $(find . -maxdepth 1 -name "*.tf"); do
+            if ! head -n 1 "$file" | grep -q "$KEYWORD"; then
+              echo "::error file=$file,line=1::A copyright header is missing or incorrect in the first line."
+              exit 1
+            fi
+          done
+          echo "✔ Copyright header check passed for all .tf files."
+
   secrets-scan:
     name: TruffleHog Secrets Scan
     runs-on: docker
@@ -14,15 +34,23 @@ jobs:
         uses: https://github.com/edplato/trufflehog-actions-scan@master
 
   terraform:
-    name: Terraform Format & Validate
+    name: Terraform CI
     runs-on: docker
+    needs: license-check
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      - name: Setup Terraform
       - uses: https://github.com/hashicorp/setup-terraform@v3
         with:
           terraform_version: "1.5.7"
 
-      - name: Format Terraform Code
+      - name: Terraform Init
-        run: terraform fmt -recursive -check
+        run: terraform init
+
+      - name: Terraform Format Check
+        run: terraform fmt -recursive -check
+
+      - name: Terraform Validate
+        run: terraform validate