fix: re-org checks

Author: hjfbynara

.github/workflows/checks.yaml

@@ -9,25 +9,3 @@ name: checks
 jobs:
   conventional-commits:
     uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
-  terraform-docs:
-    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
-    with:
-      working_directory: "./deployment/prod/"
-  linting-dev:
-    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
-    with:
-      working_directory: "./deployment/dev/"
-  validation-dev:
-    uses: broadinstitute/shared-workflows/.github/workflows/terraform-validate.yaml@hf_use_tfenv
-    with:
-      working_directory: "./deployment/dev/"
-# NOTE: using tfsec because trivy tries to scan remote terraform modules and trivy-ignores
-#   at root level do not work for remote terraform modules
-  static_analysis-dev:
-    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
-    secrets:
-      wf_github_token: ${{ secrets.github_token }}
-    with:
-      working_directory: "./deployment/dev/"
-      run_tfsec: true
-      run_trivy: false

.github/workflows/dev-checks.yaml

@@ -0,0 +1,31 @@
+---
+name: dev-checks
+
+"on":
+  pull_request:
+    branches:
+      - main
+    paths:
+      - "deployment/dev/**"
+
+defaults:
+  run:
+    working_directory: "./deployment/dev/"
+
+
+jobs:
+  conventional-commits:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+  linting:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+  validation:
+    uses: broadinstitute/shared-workflows/.github/workflows/terraform-validate.yaml@hf_use_tfenv
+# NOTE: using tfsec because trivy tries to scan remote terraform modules and trivy-ignores
+#   at root level do not work for remote terraform modules
+  static_analysis:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+    secrets:
+      wf_github_token: ${{ secrets.github_token }}
+    with:
+      run_tfsec: true
+      run_trivy: false

.github/workflows/prod-checks.yaml

@@ -0,0 +1,30 @@
+---
+name: prod-checks
+
+"on":
+  pull_request:
+    branches:
+      - main
+    paths:
+      - "deployment/prod/**"
+
+defaults:
+  run:
+    working_directory: "./deployment/prod/"
+
+jobs:
+  terraform-docs:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+  linting:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+  validation:
+    uses: broadinstitute/shared-workflows/.github/workflows/terraform-validate.yaml@hf_use_tfenv
+# NOTE: using tfsec because trivy tries to scan remote terraform modules and trivy-ignores
+#   at root level do not work for remote terraform modules
+  static_analysis:
+    uses: broadinstitute/shared-workflows/.github/workflows/[email protected]
+    secrets:
+      wf_github_token: ${{ secrets.github_token }}
+    with:
+      run_tfsec: true
+      run_trivy: false