Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IRSA to airflow dev environment #4455

Merged
merged 5 commits into from
Jun 4, 2024
Merged

Add IRSA to airflow dev environment #4455

merged 5 commits into from
Jun 4, 2024

Conversation

AntFMoJ
Copy link
Contributor

@AntFMoJ AntFMoJ commented Jun 4, 2024
edited
Loading

Pull Request Objective

This piece of work is being tracked in this GitHub Issue.

This PR adds IRSA to airflow dev environment. This is to initially test with the airflow monitoring DAG here.

Note: SCA overridden due to historic issues leading to failures, not from changes in this PR.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 4, 2024
edited
Loading

Terraform Component 🧱: aws-analytical-platform-data-production-airflow

Checkov 🛂: failure

Trivy 🛂: failure

Static Analysis Override Label 🏷️: true

Pusher: @jacobwoffenden, Action: pull_request, Working Directory: terraform/aws/analytical-platform-data-production/airflow, Workflow: Terraform, Marker: aws-analytical-platform-data-production-airflow_static_analysis

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 4, 2024
edited
Loading

Terraform Component 🧱: aws-analytical-platform-data-production-airflow

Terraform Initialization ⚙️: success

Terraform Validation 🤖: success

Terraform Plan 🛠️: success

Pusher: @jacobwoffenden, Action: pull_request, Working Directory: terraform/aws/analytical-platform-data-production/airflow, Workflow: Terraform, Marker: aws-analytical-platform-data-production-airflow_plan

@AntFMoJ AntFMoJ marked this pull request as ready for review June 4, 2024 12:21
@AntFMoJ AntFMoJ requested a review from a team as a code owner June 4, 2024 12:21
@jacobwoffenden jacobwoffenden added the do-not-merge Don't merge yet! label Jun 4, 2024
julialawrence
julialawrence requested changes Jun 4, 2024
View reviewed changes
Copy link
Contributor

@julialawrence julialawrence left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good start! A few fixes needed.

terraform/aws/analytical-platform-data-production/airflow/iam-policies.tf Outdated Show resolved Hide resolved
terraform/aws/analytical-platform-data-production/airflow/kubernetes-service-accounts.tf Outdated Show resolved Hide resolved
@AntFMoJ AntFMoJ requested a review from julialawrence June 4, 2024 13:31
julialawrence
julialawrence requested changes Jun 4, 2024
View reviewed changes
Copy link
Contributor

@julialawrence julialawrence left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few more general thoughts/questions that might not lead to any changes:

  • Namespaces are defined in eks.tf. Should service account definitions live in that file as well? Or the reverse. Should namespace definitions be split out into their own separate file? Would love to hear your thoughts on that.
  • What's the plan on removing existing kube2iam annotations. In a future PR?

terraform/aws/analytical-platform-data-production/airflow/iam-policies.tf Outdated Show resolved Hide resolved
julialawrence
julialawrence approved these changes Jun 4, 2024
View reviewed changes
Copy link
Contributor

@julialawrence julialawrence left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nicely done! Please hold off merging until discussing with @Gary-H9

@jacobwoffenden jacobwoffenden removed the do-not-merge Don't merge yet! label Jun 4, 2024
jacobwoffenden

This comment was marked as outdated.

Sign in to view

@jacobwoffenden jacobwoffenden merged commit eb999b3 into main Jun 4, 2024
14 checks passed
@jacobwoffenden jacobwoffenden deleted the airflow-dev-irsa branch June 4, 2024 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julialawrence julialawrence julialawrence approved these changes

@jacobwoffenden jacobwoffenden jacobwoffenden approved these changes

Assignees

@AntFMoJ AntFMoJ

Labels
override-static-analysis
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AntFMoJ @jacobwoffenden @julialawrence