update template to pass pre-check

sixtus · sixtus · commit 531d1cbfc020 · 2024-12-05T16:21:39.000+01:00
diff --git a/.checkov.yml b/.checkov.yml
@@ -29,3 +29,5 @@ skip-check:
   - CKV_GCP_35
   # base64 high entropy check causes too many false positives
   - CKV_SECRET_6
+  # allow usage of default namespace in kubernetes
+  - CKV_K8S_21
diff --git a/.copier-answers.yml b/.copier-answers.yml
@@ -1,10 +1,11 @@
 ---
 # Changes here will be overwritten by Copier
-_commit: v2.31.1
+_commit: v2.42.0
 _src_path: gh:remerge/template
 project_id: terraform-modules
 project_license: apache-2.0
 project_name: Terraform Modules
 project_owner: core
 project_type: terraform-module
 use_python: false
+use_ruby: false
diff --git a/.envrc b/.envrc
@@ -1,3 +1,5 @@
+# shellcheck shell=bash
+
 # Turns on shell execution strictness. This will force the .envrc
 # evaluation context to exit immediately if:
 #
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 ---
 default_stages:
-  - commit
+  - pre-commit
 
 default_install_hook_types:
   - commit-msg
@@ -10,18 +10,15 @@ default_install_hook_types:
 repos:
   # https://github.com/pre-commit/pre-commit-hooks/tags
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: "v4.6.0"
+    rev: "v5.0.0"
     hooks:
       - id: check-added-large-files
       - id: check-case-conflict
       - id: check-executables-have-shebangs
       - id: check-merge-conflict
       - id: check-shebang-scripts-are-executable
       - id: check-symlinks
-      - id: check-toml
       - id: check-vcs-permalinks
-      - id: check-xml
-      - id: check-yaml
       - id: destroyed-symlinks
       - id: detect-private-key
       - id: end-of-file-fixer
@@ -44,7 +41,7 @@ repos:
 
   # https://github.com/igorshubovych/markdownlint-cli/tags
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: "v0.41.0"
+    rev: "v0.42.0"
     hooks:
       - id: markdownlint-fix
         name: markdownlint
@@ -71,18 +68,18 @@ repos:
 
   # https://github.com/rhysd/actionlint/tags
   - repo: https://github.com/rhysd/actionlint
-    rev: "v1.7.1"
+    rev: "v1.7.3"
     hooks:
       - id: actionlint-docker
         name: actionlint
 
   # https://github.com/bridgecrewio/checkov/tags
   - repo: https://github.com/bridgecrewio/checkov
-    rev: "3.2.241"
+    rev: "3.2.267"
     hooks:
       - id: checkov
         name: checkov
-        args: [--config-file=.checkov.yml]
+        args: [--config-file=.checkov.yml, --skip-path=vendor]
 
   # https://github.com/jorisroovers/gitlint/tags
   - repo: https://github.com/jorisroovers/gitlint
@@ -99,7 +96,7 @@ repos:
 
   # https://github.com/antonbabenko/pre-commit-terraform/tags
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: "v1.94.1"
+    rev: "v1.96.1"
     hooks:
       - id: terraform_fmt
         name: terraform-fmt
diff --git a/.yamllint.yaml b/.yamllint.yaml
@@ -14,3 +14,8 @@ rules:
   truthy:
     allowed-values: ["true", "false"]
     check-keys: false
+  braces:
+    max-spaces-inside: 1
+  octal-values:
+    forbid-implicit-octal: true
+    forbid-explicit-octal: true

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# shellcheck shell=bash`
	`2`	`+`
`1`	`3`	`# Turns on shell execution strictness. This will force the .envrc`
`2`	`4`	`# evaluation context to exit immediately if:`
`3`	`5`	`#`