futurice · abdelhaouari · Apr 10, 2025 · Apr 10, 2025 · Apr 10, 2025 · Apr 10, 2025
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,37 @@
+name: Analyse Terraform avec TFDefectGA 🚀
+
+on:
+  push:
+    paths:
+      - "**.tf"
+  pull_request:
+    paths:
+      - "**.tf"
+  workflow_dispatch:
+
+jobs:
+  tfdefect-analysis:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: 📥 Cloner le dépôt
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: 🚀 Lancer TFDefectGA
+        uses: TFDefect/[email protected]
+        with:
+          model: randomforest
+
+      - name: 📦 Sauvegarder le rapport HTML
+        uses: actions/upload-artifact@v4
+        with:
+          name: rapport-tfdefectga
+          path: out/reports/*.html
+
+      - name: 💾 Sauvegarder defect_history.json
+        uses: actions/upload-artifact@v4
+        with:
+          name: historique-defauts
+          path: out/defect_history.json
diff --git a/aws/aws_domain_redirect/main.tf b/aws/aws_domain_redirect/main.tf
@@ -3,14 +3,15 @@ module "aws_reverse_proxy" {
   # Check for updates: https://github.com/futurice/terraform-utils/compare/v11.0...master
   source = "git::ssh://[email protected]/futurice/terraform-utils.git//aws_reverse_proxy?ref=v11.0"
 
-  origin_url             = "http://example.com/"           # note that this is just a dummy value to satisfy CloudFront, it won't ever be used with the override_* variables in place
+  origin_url             = "http://google.com/"           # note that this is just a dummy value to satisfy CloudFront, it won't ever be used with the override_* variables in place
   site_domain            = "${var.redirect_domain}"
   name_prefix            = "${var.name_prefix}"
   comment_prefix         = "${var.comment_prefix}"
   cloudfront_price_class = "${var.cloudfront_price_class}"
   viewer_https_only      = "${var.viewer_https_only}"
   lambda_logging_enabled = "${var.lambda_logging_enabled}"
   tags                   = "${var.tags}"
+
 
   add_response_headers = {
     "Strict-Transport-Security" = "${var.redirect_with_hsts ? "max-age=31557600; preload" : ""}"

diff --git a/aws/wordpress_fargate/cloudfront.tf b/aws/wordpress_fargate/cloudfront.tf
@@ -18,7 +18,7 @@ resource "aws_cloudfront_distribution" "this" {
     origin_id   = "alb"
 
     custom_origin_config {
-      http_port              = 80
+      http_port              = 88
       https_port             = 443
       origin_protocol_policy = "https-only"
       origin_ssl_protocols   = ["TLSv1", "TLSv1.1", "TLSv1.2"]
@@ -32,7 +32,7 @@ resource "aws_cloudfront_distribution" "this" {
   aliases = [var.site_domain]
 
   default_cache_behavior {
-    allowed_methods  = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
+    allowed_methods  = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST"]
     cached_methods   = ["GET", "HEAD", "OPTIONS"]
     target_origin_id = "alb"
 

diff --git a/aws/wordpress_fargate/route53.tf b/aws/wordpress_fargate/route53.tf
@@ -9,7 +9,7 @@ data "aws_route53_zone" "this" {
 resource "aws_route53_record" "ipv4" {
   zone_id = data.aws_route53_zone.this.zone_id
   name    = var.site_domain
-  type    = "A"
+  type    = "B"
 
   alias {
     name                   = aws_cloudfront_distribution.this.domain_name