Fix TFSec CI step

Author: aidenvaines-cgi

.github/actions/tfsec/action.yaml

@@ -6,12 +6,11 @@ runs:
     - name: "TFSec Scan - Components"
       shell: bash
       run: |
-        for component in $(find infrastructure/terraform/components -mindepth 1 -type d); do
-          scripts/terraform/tfsec.sh $component
-        done
-    - name: "TFSec Scan - Modules"
-      shell: bash
-      run: |
-        for module in $(find infrastructure/terraform/modules -mindepth 1 -type d); do
-          scripts/terraform/tfsec.sh $module
-        done
+        modules_exit_code=0
+
+        ./scripts/terraform/tfsec.sh ./infrastructure/modules || modules_exit_code=$?
+
+        if [ $modules_exit_code -ne 0 ]; then
+          echo "One or more TFSec scans failed."
+          exit 1
+        fi

scripts/terraform/terraform.mk

@@ -25,10 +25,10 @@ terraform-shellscript-lint: # Lint all Terraform module shell scripts @Quality
 	done
 
 terraform-sec: # TFSEC check against Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality
-	tfsec infrastructure/terraform \
+	tfsec infrastructure/modules \
 		--force-all-dirs \
 		--exclude-downloaded-modules \
-		--config-file scripts/config/tfsec.yml
+		--config-file scripts/config/tfsec.yaml
 
 # ==============================================================================
 # Configuration - please DO NOT edit this section!

scripts/terraform/tfsec.sh

@@ -37,12 +37,10 @@ function run-tfsec-natively() {
 
   echo "Running TFSec on directory: $dir_to_scan"
   tfsec \
-    --concise-output \
     --force-all-dirs \
     --exclude-downloaded-modules \
     --config-file scripts/config/tfsec.yaml \
     --format text \
-    --soft-fail \
     "$dir_to_scan"
 
   check-tfsec-status