From e9ffdd7264fb848d4ee29942c4fa10cfb160bce5 Mon Sep 17 00:00:00 2001
From: Daniel Butler <dannyeb@gmail.com>
Date: Wed, 7 Jun 2023 10:54:41 +0100
Subject: [PATCH] ci: update pipeline (#310)

---
 .github/settings.yml              | 10 ++--------
 .github/workflows/ci.yml          | 19 +++++++++----------
 .github/workflows/release.yml     | 15 +++++----------
 README.md                         |  2 +-
 cra-tf-validate-ignore-rules.json |  3 +++
 5 files changed, 20 insertions(+), 29 deletions(-)
 create mode 100644 cra-tf-validate-ignore-rules.json

diff --git a/.github/settings.yml b/.github/settings.yml
index ceeb7bbf..216b3858 100644
--- a/.github/settings.yml
+++ b/.github/settings.yml
@@ -5,17 +5,11 @@
 # any change of this settings.yml file is detected by the GitHub App and
 # the settings of this repository are updated immediately.
 #
-_extends: repo-settings:.github/common-settings.yml
+_extends: repo-settings:.github/common-settings-v2.yml
 
 # repo-specific settings
 #
 repository:
   name: "terraform-ibm-vpe-module"
   description: "Create Virtual Private Endpoint Gateways across VPC subnets."
-
-  # The description is displayed under the repository name on the
-  # organization page and in the 'About' section of the repository.
-
-  # Uncomment this description property
-  # and update the description to the current repo description.
-  # description: ""
+  topics: core-team, terraform, ibm-cloud, terraform-module, virtual-private-endpoint, vpe
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d3ff63db..3ee9ea73 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,17 +1,16 @@
 name: CI-Pipeline
 
-# Controls when the workflow will run
+# Controls when the workflow will run, when comment is created
 on:
-  # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-  # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
+  issue_comment:
+    types:
+      - created
 
 jobs:
   call-terraform-ci-pipeline:
-    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci.yml@v1.13.0
+    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci.yml@v1.14.0
     secrets: inherit
+    with:
+      craSCCv2: true
+      craTarget: "examples/default"
+      craRuleIgnoreFile: "cra-tf-validate-ignore-rules.json"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fd1dd706..33b16345 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,17 +1,12 @@
 name: Release-Pipeline
 
+# Trigger on push(merge) to main branch
 on:
-  workflow_run:
-    workflows: [CI-Pipeline]
-    branches: [main]
-    types:
-      - completed
-
-  # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
+  push:
+    branches:
+      - main
 
 jobs:
   call-terraform-release-pipeline:
-    if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') }}
-    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.13.0
+    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.14.0
     secrets: inherit
diff --git a/README.md b/README.md
index 97391498..9246b2bd 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,10 @@
 # IBM Virtual Private Endpoints module
 
 [![Stable (With quality checks)](https://img.shields.io/badge/Status-Stable%20(With%20quality%20checks)-green)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
-[![Build status](https://github.com/terraform-ibm-modules/terraform-ibm-vpe-module/actions/workflows/ci.yml/badge.svg)](https://github.com/terraform-ibm-modules/terraform-ibm-vpe-module/actions/workflows/ci.yml)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
 [![latest release](https://img.shields.io/github/v/release/terraform-ibm-modules/terraform-ibm-vpe-module?logo=GitHub&sort=semver)](https://github.com/terraform-ibm-modules/terraform-ibm-vpe-module/releases/latest)
+[![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://renovatebot.com/)
 
 This module creates and configures virtual private endpoint gateways (https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway) for an IBM Cloud service.
 
diff --git a/cra-tf-validate-ignore-rules.json b/cra-tf-validate-ignore-rules.json
new file mode 100644
index 00000000..8ff2fd8e
--- /dev/null
+++ b/cra-tf-validate-ignore-rules.json
@@ -0,0 +1,3 @@
+{
+  "scc_rules": []
+}