FY25 Q3 Dependabot Updates

[stdavis]

Benefit

UGRC applications have dependencies that are constantly updating to add new features, improve performance, and patch security issues. Keeping applications current with dependencies improves our security posture and allows for easier future enhancements since the amount of breaking changes is smaller and more trivial.

Acceptance Criteria

Close out the org-wide dependency PRs and merge the pending release pr's

• check terraform drift
• add to github repos in tf?
• Migrate to google v6 terraform provider #460
• Add customer ELCID's to non UGRC projects #463

Notes

Insecure applications using deprecated services

Risks

The deployment breaks the application

Issue Reference

• Dependabot Updates (FY25 Q2) #479

[steveoh]

terraform drift

I took care of 99% of this. I didn't apply every change because I wasn't sure the situation.

• firebase updated it's free tier and the default storage bucket has moved. electrofishing will want this update but i wasn't sure if that was ok or not.
• the gis website had some iam policies and workload federation changes i wasn't ready to apply
• honeycomb is missing a backup and patching entry for the compute engine module
• portal had some compute engine metadata drift i'm not sure about
• roadkill had github federation diffs
• uic has federation and monitoring drift
• vista dev and prod had a lot of drift

I believe we will need to update the github federation as the release action updates have broken some runs. Here is a running list while creating dbot updates

• kitchen sink documentation deployment
• spills prod deployment

[stdavis]

@steveoh I'm going to need your help with honeycomb.

[stdavis]

The roadkill fed diffs can't be handled until this issue is completed.