name: CI

on: [push]

jobs:
  secrets-scan:
    name: TruffleHog Secrets Scan
    runs-on: docker
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: trufflehog-actions-scan
        uses: https://github.com/edplato/trufflehog-actions-scan@master

  terraform:
    name: Terraform Format & Validate
    runs-on: docker
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - uses: https://github.com/hashicorp/setup-terraform@v3
        with:
          terraform_version: "1.5.7"

      - name: Format Terraform Code
        run: terraform fmt -recursive -check