From af35310da95ec9f854b9c0cf94febe326604b50d Mon Sep 17 00:00:00 2001
From: Derek Morgan <79756941+morethancertified@users.noreply.github.com>
Date: Fri, 18 Oct 2024 18:10:06 +0000
Subject: [PATCH] added opa policy to infracost

---
 .github/workflows/infracost.yml |  1 +
 policies/cost.rego              | 17 +++++++++++++++++
 terraform/terraform.tfvars      |  2 +-
 3 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 policies/cost.rego

diff --git a/.github/workflows/infracost.yml b/.github/workflows/infracost.yml
index db07ea9..40c42a1 100644
--- a/.github/workflows/infracost.yml
+++ b/.github/workflows/infracost.yml
@@ -52,5 +52,6 @@ jobs:
                                      --github-token=${{ github.token }} \
                                      --pull-request=${{ github.event.pull_request.number }} \
                                      --behavior=update
+                                     --policy-path cost.rego
 
   
\ No newline at end of file
diff --git a/policies/cost.rego b/policies/cost.rego
new file mode 100644
index 0000000..291ce7d
--- /dev/null
+++ b/policies/cost.rego
@@ -0,0 +1,17 @@
+package infracost 
+
+deny[out] {
+  # maxDiff defines the threshold that you require the cost estimate to be below
+  maxDiff = 10.0
+
+  msg := sprintf(
+    "Total monthly cost diff must be less than $%.2f (actual diff is $%.2f)",
+    [maxDiff, to_number(input.diffTotalMonthlyCost)],
+  )
+
+  out := {
+    # the msg you want to display in your PR comment, must be a string
+    "msg": msg,
+    "failed": to_number(input.diffTotalMonthlyCost) >= maxDiff
+  }
+}
\ No newline at end of file
diff --git a/terraform/terraform.tfvars b/terraform/terraform.tfvars
index db778da..95f46bb 100644
--- a/terraform/terraform.tfvars
+++ b/terraform/terraform.tfvars
@@ -1,2 +1,2 @@
 region        = "us-east-1"
-instance_type = "t3.small"
\ No newline at end of file
+instance_type = "t3.large"
\ No newline at end of file