Trunkery, add CoC, Readme, Licence

.github/workflows/trunk.cache.yml

@@ -0,0 +1,31 @@
+name: "Quality Control: Trunk Cache"
+
+permissions: read-all
+
+on:
+  workflow_call:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - .trunk/trunk.yaml
+  schedule:
+    - cron: "0 9 * * 1" # 9am Tooling Monday
+
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  trunk-cache:
+    name: Trunk Cache
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: "Trunk Cache"
+        uses: trunk-io/trunk-action@v1
+        with:
+          check-mode: populate_cache_only

.github/workflows/trunk.check.yml

@@ -0,0 +1,28 @@
+name: "Quality Control: Trunk Check"
+
+permissions: read-all
+
+on:
+  workflow_call:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: "0 11 * * 2" # 11am Patch Tuesday
+
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  trunk-check:
+    name: Trunk Check Runner
+    runs-on: ubuntu-latest
+    permissions:
+      checks: write # For trunk to post annotations
+      contents: read # For repo checkout
+    steps:
+      - uses: actions/checkout@v4
+      - name: "Trunk Check"
+        uses: trunk-io/trunk-action@v1

.github/workflows/trunk.upgrade.yml

@@ -0,0 +1,47 @@
+name: "Quality Control: Trunk Upgrade"
+
+permissions: read-all
+
+on:
+  workflow_call:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - .trunk/trunk.yaml
+      - .github/workflows/trunk.upgrade.yml
+  schedule:
+    - cron: "0 11 * * 1" # 11am Tooling Monday
+
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  trunk-upgrade:
+    name: Upgrade Trunk
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write # For trunk to create PRs
+      pull-requests: write # For trunk to create PRs
+    steps:
+      - name: "Setup PHP"
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: 8.3
+      - name: "Checkout"
+        uses: actions/checkout@v4
+      - name: "Trunk Upgrade"
+        uses: trunk-io/trunk-action/upgrade@v1
+      - name: "PR: Find Pull Request"
+        uses: juliangruber/find-pull-request-action@v1
+        id: find-pull-request
+        with:
+          labels: trunk
+      - name: "PR: Enable Pull Request Automerge"
+        continue-on-error: true
+        uses: peter-evans/enable-pull-request-automerge@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          pull-request-number: ${{ steps.find-pull-request.outputs.number }}

.trunk/configs/.checkov.yaml

@@ -0,0 +1,3 @@
+---
+skip-check:
+  - CKV_SECRET_* # Skip all checks that start with CKV_SECRET, we already have gitleaks doing this.

.trunk/configs/.hadolint.yaml

@@ -0,0 +1,3 @@
+ignored:
+  - DL3006
+  - DL3008

.trunk/configs/.markdownlint.yaml

@@ -1,2 +1,10 @@
-# Prettier friendly markdownlint config (all formatting rules disabled)
+# Autoformatter friendly markdownlint config (all formatting rules disabled)
-extends: markdownlint/style/prettier
+default: true
+blank_lines: false
+bullet: false
+html: false
+indentation: false
+line_length: false
+spaces: false
+url: false
+whitespace: false

.trunk/configs/.markdownlintignore

@@ -0,0 +1 @@
+LICENCE.md

.trunk/configs/.shellcheckrc

@@ -0,0 +1,6 @@
+enable=all
+source-path=SCRIPTDIR
+
+# If you're having issues with shellcheck following source, disable the errors via:
+# disable=SC1090
+# disable=SC1091

.trunk/configs/.yamllint.yaml

@@ -1,7 +1,15 @@
+extends: relaxed
 rules:
   quoted-strings:
     required: only-when-needed
-    extra-allowed: ["{|}"]
+    extra-allowed: ["{|*}"]
+  empty-values:
+    forbid-in-block-mappings: false
+    forbid-in-flow-mappings: false
+    ignore:
+      - .github/workflows/*.yml
   key-duplicates: {}
   octal-values:
     forbid-implicit-octal: true
+  document-start: disable
+  line-length: disable

.trunk/trunk.yaml

@@ -2,12 +2,12 @@
 # To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
 version: 0.1
 cli:
-  version: 1.22.0
+  version: 1.22.2
 # Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
 plugins:
   sources:
     - id: trunk
-      ref: v1.5.0
+      ref: v1.6.1
       uri: https://github.com/trunk-io/plugins
 # Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
 runtimes:
@@ -16,14 +16,19 @@ runtimes:
     - python@3.10.8
 # This is the section where you manage your linters. (https://docs.trunk.io/check/configuration)
 lint:
+  ignore:
+    - linters: [markdownlint]
+      paths:
+        - LICENCE.md
   enabled:
-    - checkov@3.2.75
+    - actionlint@1.7.1
+    - checkov@3.2.216
     - git-diff-check
-    - markdownlint@0.40.0
+    - markdownlint@0.41.0
-    - prettier@3.2.5
+    - prettier@3.3.3
-    - tflint@0.50.3
+    - tflint@0.52.0
-    - trivy@0.50.4
+    - trivy@0.54.0
-    - trufflehog@3.74.0
+    - trufflehog@3.80.3
     - yamllint@1.35.1
 actions:
   enabled:

CODE_OF_CONDUCT.md

@@ -0,0 +1,22 @@
+# Code of Conduct
+
+This code of conduct outlines our expectations for participants within the open source community. Anyone who violates this code of conduct may be banned from contributing here.
+
+## Requirements
+
+- **Be friendly and patient.**
+- **Be welcoming** _We strive to be a community that welcomes and supports people of all backgrounds and identities._
+- **Be respectful** _Not all of us will agree all the time, but disagreement is no excuse for poor behavior and poor manners._
+
+## Unacceptable Behaviour
+
+- Offensive comments related to gender, sexual orientation, disability, mental illness, physical appearance, body size, race, age, regional discrimination, political or religious affiliation.
+- Threats of violence, both physical and psycological.
+- Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm.
+- Continued communication after requests to cease.
+
+## Interactions
+
+- Don't just tell somebody they are wrong, or what they have done is wrong. You must always explain what is wrong, and why it is wrong.
+- Don't reject contributions that are partially complete and then go and commit your own version. Try to work with the author to complete their work.
+- We encourage everyone to participate and are committed to building a community for all, we seek to treat everyone both as fairly and equally as possible.

README.md

@@ -1,2 +1,3 @@
-# terraform_modules
+# Matt's Terraform Modules
+
 Opinionated Terraform Modules.