feat(gh): introduce reusable workflows (#7)

<!-- Provide a general summary of your changes in the Title above -->

## Description
<!-- Describe your changes in detail -->

## Motivation and Context
<!-- Why is this change required? What problem does it solve? -->
<!-- If it fixes an open issue, please link to the issue here. -->

## How has this been tested?
<!-- Please describe in detail how you tested your changes. -->
<!-- Include details of your testing environment, tests ran to see how
-->
<!-- your change affects other areas of the code, etc. -->

## Are there any related PR?
<!-- Please mention related PRs here. -->
<!-- Include PR queue priority here. -->

## Types of changes
<!-- What types of changes does your code introduce? Put an `x` in all
the boxes that apply: -->
- [x] Bug fix / Chore (PATCH) (non-breaking change which fixes an issue
or does not add functionality)
- [ ] New feature (MINOR) (non-breaking change which adds functionality)
- [ ] Breaking change (MAJOR) (fix or feature that would cause existing
functionality to not work as expected)

.github/workflows/reusable_assign_label.yml

@@ -0,0 +1,20 @@
+name: "Reusable"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+    types:
+      - labeled
+      - unlabeled
+      - opened
+      - reopened
+      - synchronize
+
+jobs:
+  assign:
+    name: "Assign"
+    uses: Inetum-Poland/.github/.github/workflows/assign_label.yml@main

.github/workflows/reusable_assign_tag.yml

@@ -0,0 +1,24 @@
+name: "Reusable"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+    types:
+      - labeled
+      - unlabeled
+      - opened
+      - reopened
+      - synchronize
+
+jobs:
+  assign:
+    name: "Assign"
+    uses: Inetum-Poland/.github/.github/workflows/assign_tag.yml@main
+    with:
+      bump_fail_if_no_level: true
+      bump_latest: true
+      bump_semver: true

.github/workflows/reusable_verify.yml

@@ -0,0 +1,15 @@
+name: "Reusable"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  verify:
+    name: "Verify"
+    uses: Inetum-Poland/.github/.github/workflows/verify.yml@main
+    secrets: inherit

.github/workflows/reusable_verify_semantic_pr.yml

@@ -0,0 +1,15 @@
+name: "Reusable"
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - edited
+
+jobs:
+  verify:
+    name: "Verify"
+    uses: Inetum-Poland/.github/.github/workflows/verify_semantic_pr.yml@main
+    secrets: inherit

.mise.toml

@@ -4,15 +4,7 @@ pre-commit      = 'latest'
 python          = '3.12'
 terraform       = "1.8"
 terraform-docs  = 'latest'
-trivy           = 'latest'
-trufflehog      = 'latest'
-
-[plugins]
-trufflehog = 'https://github.com/Inetum-Poland/asdf-trufflehog.git'
 
 [settings]
 legacy_version_file_disable_tools = ['terraform']
 not_found_auto_install            = true
-
-[alias]
-python = 'asdf:asdf-community/asdf-python'

.pre-commit-config.yaml

@@ -1,79 +1,71 @@
 ---
 # https://github.com/antonbabenko/pre-commit-terraform
-# brew install pre-commit terraform-docs tflint tfsec trivy checkov terrascan infracost tfupdate minamijoyo/hcledit/hcledit jq
-
 # https://github.com/pre-commit/pre-commit-hooks
 # https://github.com/python-jsonschema/check-jsonschema/
 
-# https://github.com/trufflesecurity/trufflehog
+fail_fast: true
 
 repos:
 - repo: https://github.com/compilerla/conventional-pre-commit
-  rev: v3.1.0
+  rev: v3.6.0
   hooks:
     - id: conventional-pre-commit
       name: Check Conventional Commit
       stages: [commit-msg]
       args: [--strict, --force-scope]
 
-- repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.88.2
-  hooks:
-    - id: terraform_fmt
-      name: Check Terraform FMT
-      stages: [pre-commit]
-    - id: terraform_trivy
-      name: Check Terraform Trivy
-      stages: [pre-commit]
-    - id: terraform_validate
-      name: Check Terraform Validate
-      stages: [pre-commit]
-    - id: terraform_docs
-      name: Check Terraform Docs
-      stages: [pre-commit]
-      args:
-        - --args=--config=.tfdocs-config.yml
-    # - id: tfupdate
-
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.5.0
+  rev: v5.0.0
   hooks:
     - id: check-yaml
       name: Check YAML
       stages: [pre-commit]
-    # - id: check-json
-    #   name: Check JSON
+
+    - id: mixed-line-ending
+      name: Check Mixed Line Endings
+      stages: [pre-commit]
+      args: [--fix=lf]
+
     - id: end-of-file-fixer
       name: Check End of Files
       stages: [pre-commit]
+
     - id: trailing-whitespace
       name: Check Trailing Whitespace
       stages: [pre-commit]
-      args: [
-        --markdown-linebreak-ext=.md
-      ]
+      args: [--markdown-linebreak-ext=md]
+
     - id: check-merge-conflict
       name: Check for Merge Conflicts
       stages: [pre-commit]
+
     - id: detect-private-key
       name: Check Private Keys
       stages: [pre-commit]
 
+- repo: https://github.com/antonbabenko/pre-commit-terraform
+  rev: v1.96.2
+  hooks:
+    - id: terraform_validate
+      name: Check Terraform Validate
+      stages: [manual]
+
+    - id: terraform_fmt
+      name: Check Terraform FMT
+      stages: [pre-commit]
+      args:
+        - --hook-config=--parallelism-limit=1
+
+    - id: terraform_docs
+      name: Check Terraform Docs
+      stages: [pre-commit]
+      args:
+        - --args=--config=.tfdocs-config.yml
+
 - repo: https://github.com/python-jsonschema/check-jsonschema
-  rev: 0.28.0
+  rev: 0.29.4
   hooks:
-    # - id: check-github-actions
-    #   name: Check GitHub Actions
-    #   args: ["--verbose"]
     - id: check-github-workflows
       name: Check GitHub Workflows
       stages: [pre-commit]
       args: ["--verbose"]
-
-- repo: local
-  hooks:
-    - id: trufflehog
-      name: Check TruffleHog
-      entry: bash -c 'trufflehog git file://. --since-commit HEAD --only-verified --fail --no-update'
-      language: system
-      stages: ["pre-commit", "push"]