Untitled

on:
  workflow_call:
    inputs:
      aws-environment:
        description: The account to use for prod scan
        type: string
        default: prod
      aws-primary-region:
        description: The primary AWS region to deploy stacks for
        type: string
        default: us-east-1

jobs:
  predeploy-scan:
    runs-on: ubuntu-latest
    name: predeploy-scan
    steps:
        - name: checkout
          uses: actions/checkout@v3

        - name: Download CDK Artifacts
          uses: actions/download-artifact@v4.1.8
          with:
            name: cdk-${{ inputs.aws-environment }}-synth-output

        - name: Unzip CDK Artifacts
          run: unzip cdk-${{ inputs.aws-environment }}.zip

        - name: PFG IaC Predeploy Scan
          uses: principalinformationservices-emu/pfg-iac-predeploy-scan@v3
          with:
            iac-directory: ${{ github.workspace }}/cdk.out/${{ inputs.aws-environment }}/${{ inputs.aws-primary-region }}
            ppc-username: ${{ secrets.PFG_ARTIFACTORY_USERNAME }}
            ppc-password: ${{ secrets.PFG_ARTIFACTORY_PASSWORD }}
            gh-token: ${{ secrets.GITHUB_TOKEN }}