Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Laws 3462 #3362

Closed
wants to merge 57 commits into from
Closed

Laws 3462 #3362

wants to merge 57 commits into from

Conversation

vladimir-kovalyov
Copy link
Contributor

No description provided.

vladimir-kovalyov and others added 30 commits September 14, 2023 16:29
@vladimir-kovalyov
LAWS-3462: changed values with new snapshot id's
0abd430
@robertsweetman @vladimir-kovalyov
add rdp port access back into the web and app sg rules (#3319)
1c29e1d
@dependabot @vladimir-kovalyov
Bump bridgecrewio/checkov-action from 12.2486.0 to 12.2491.0
6974422 
Bumps [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) from 12.2486.0 to 12.2491.0.
- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](bridgecrewio/checkov-action@8e27188...91d83a1)

---
updated-dependencies:
- dependency-name: bridgecrewio/checkov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@wullub @vladimir-kovalyov
oasys pp cert
fa8906b 
oasys pp cert
@wullub @vladimir-kovalyov
Update locals_preproduction.tf
7bee853
@vladimir-kovalyov
Add production configuration
3c2eb5d 
Signed-off-by: Jacob Woffenden <[email protected]>
@vladimir-kovalyov
Update local reference
71b0b0b 
Signed-off-by: Jacob Woffenden <[email protected]>
@wullub @vladimir-kovalyov
oasys pp correct sans
898f7f9 
oasys pp correct sans
@wullub @vladimir-kovalyov
Update locals_preproduction.tf
39ae883
@wullub @vladimir-kovalyov
oasys cert whoops mistake
835aa26 
oasys cert whoops mistake
@vladimir-kovalyov
Prefix infra team owner files with infra_
21eccbe 
Refactor DNS for delegation

Signed-off-by: Jacob Woffenden <[email protected]>
@vladimir-kovalyov
Move root zone to top
172e813 
Address count issue

Signed-off-by: Jacob Woffenden <[email protected]>
@vladimir-kovalyov
Add data-platform-apps-and-tools-production
27ed362 
Signed-off-by: Jacob Woffenden <[email protected]>
@vladimir-kovalyov
fix resource naming
9ed36c0 
Signed-off-by: Jacob Woffenden <[email protected]>
@robertsweetman @vladimir-kovalyov
Csr/install ssm (#3292)
66d9bc2 
* install ssm agent as first step

* install ssm agent and start it

* set group defaults

* add a lot more guardrails around ssm start, add runcommand permissions

* remove user-data file

* don't interact with ssm in user-data

* sacrificing chickens to the gods of ssm agent

* execute ssm command added

* add debug

* add more debug and re-run

* debug and timings to SSM agent

* add a timeout on user-data script

* use schema version 1 so ssmStart runs BEFORE user-data

* use latest EC2LaunchV2 2012 R2 ami

* fix syntax

* pull interpolated value

* substitute ALL the values

* tidy up
@dependabot @vladimir-kovalyov
Bump aws-actions/configure-aws-credentials from 3.0.1 to 3.0.2
3bfd06d 
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@04b98b3...50ac8dd)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @vladimir-kovalyov
Bump actions/upload-artifact from 3.1.2 to 3.1.3
1fa6651 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@0b7f8ab...a8a3f3a)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@vladimir-kovalyov
Add preproduction and test zones
e8e3c81 
Signed-off-by: Jacob Woffenden <[email protected]>
@dependabot @vladimir-kovalyov
Bump ec2_test_autoscaling_group::modernisation-platform-terraform-ec2…
329e67f 
…-autoscaling-group

Bumps [ec2_test_autoscaling_group::modernisation-platform-terraform-ec2-autoscaling-group](https://github.com/ministryofjustice/modernisation-platform-terraform-ec2-autoscaling-group) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/ministryofjustice/modernisation-platform-terraform-ec2-autoscaling-group/releases)
- [Commits](ministryofjustice/modernisation-platform-terraform-ec2-autoscaling-group@v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: ec2_test_autoscaling_group::github::ministryofjustice/modernisation-platform-terraform-ec2-autoscaling-group::v2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @vladimir-kovalyov
Bump ec2_test_instance::modernisation-platform-terraform-ec2-instance
469a4f8 
Bumps [ec2_test_instance::modernisation-platform-terraform-ec2-instance](https://github.com/ministryofjustice/modernisation-platform-terraform-ec2-instance) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/ministryofjustice/modernisation-platform-terraform-ec2-instance/releases)
- [Commits](ministryofjustice/modernisation-platform-terraform-ec2-instance@v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: ec2_test_instance::github::ministryofjustice/modernisation-platform-terraform-ec2-instance::v2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@robertsweetman @vladimir-kovalyov
create domain-controller related security-group (#3320)
0aa70ed 
* create domain-controller related security-group

* remove duplicates

* allow all egress

* add new sg to test

* fix terraform issue with protocols in ports

* let's apply this to something when it actually works
@vladimir-kovalyov
Add tech docs CNAME
31892c2 
Signed-off-by: Jacob Woffenden <[email protected]>
@LavMatt @vladimir-kovalyov
upversion-docs
12f6c75
@wullub @vladimir-kovalyov
pp-oasys cert 2
f35242f 
pp-oasys cert 2
@georgepstaylor @vladimir-kovalyov
NIT-833: add and rename all ssm params (#3333)
a0fd5d8 
* add and rename all ssm params

* rm duplicate

* lowercase

* remove copilotisms
@crvgilbertson @vladimir-kovalyov
Modifying ssm parameters
18ee0f5
@crvgilbertson @vladimir-kovalyov
Modifying ssm parameters
8a9fac5
@crvgilbertson @vladimir-kovalyov
Modifying ssm parameters
148abc5
@crvgilbertson @vladimir-kovalyov
Modifying ssm parameters
11d7517
@crvgilbertson @vladimir-kovalyov
Modifying ssm parameters
a469820
@vladimir-kovalyov vladimir-kovalyov requested review from a team as code owners September 14, 2023 15:32
@vladimir-kovalyov vladimir-kovalyov requested review from a team September 14, 2023 15:32
@vladimir-kovalyov vladimir-kovalyov requested review from a team as code owners September 14, 2023 15:32
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Sep 14, 2023
@vladimir-kovalyov vladimir-kovalyov had a problem deploying to nomis-combined-reporting-test September 14, 2023 15:34 — with GitHub Actions Failure
@vladimir-kovalyov vladimir-kovalyov had a problem deploying to nomis-data-hub-development September 14, 2023 15:34 — with GitHub Actions Failure
@vladimir-kovalyov vladimir-kovalyov had a problem deploying to corporate-staff-rostering-development September 14, 2023 15:34 — with GitHub Actions Failure
@vladimir-kovalyov vladimir-kovalyov had a problem deploying to hmpps-domain-services-development September 14, 2023 15:34 — with GitHub Actions Failure
@vladimir-kovalyov vladimir-kovalyov had a problem deploying to hmpps-domain-services-test September 14, 2023 15:35 — with GitHub Actions Failure
@github-actions
Copy link
Contributor

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:
terraform/environments/corporate-staff-rostering/templates terraform/environments/hmpps-domain-services/templates terraform/environments/hmpps-oem/templates terraform/environments/nomis-combined-reporting/templates terraform/environments/nomis-data-hub/templates terraform/environments/nomis/templates terraform/environments/oasys/templates terraform/environments/planetfm/templates

*****************************

Running TFSEC in terraform/environments/corporate-staff-rostering/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/hmpps-domain-services/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/hmpps-oem/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/nomis-data-hub/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/nomis/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/oasys/templates
Skipping folder as path name contains *templates*

*****************************

Running TFSEC in terraform/environments/planetfm/templates
Skipping folder as path name contains *templates*

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering/templates terraform/environments/hmpps-domain-services/templates terraform/environments/hmpps-oem/templates terraform/environments/nomis-combined-reporting/templates terraform/environments/nomis-data-hub/templates terraform/environments/nomis/templates terraform/environments/oasys/templates terraform/environments/planetfm/templates

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/hmpps-domain-services/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/hmpps-oem/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/nomis-data-hub/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/nomis/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/oasys/templates
Skipping folder as path name contains *templates*

*****************************

Running Checkov in terraform/environments/planetfm/templates
Skipping folder as path name contains *templates*

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering/templates terraform/environments/hmpps-domain-services/templates terraform/environments/hmpps-oem/templates terraform/environments/nomis-combined-reporting/templates terraform/environments/nomis-data-hub/templates terraform/environments/nomis/templates terraform/environments/oasys/templates terraform/environments/planetfm/templates

*****************************

Running tflint in terraform/environments/corporate-staff-rostering/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/hmpps-domain-services/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/hmpps-oem/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/nomis-combined-reporting/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/nomis-data-hub/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/nomis/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/oasys/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/planetfm/templates
Skipping folder as path name contains *templates*
tflint_exitcode=0

@dms1981 dms1981 deleted the LAWS-3462 branch November 27, 2024 22:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@vladimir-kovalyov @robertsweetman @wullub @LavMatt @georgepstaylor @crvgilbertson @nbuckingham72 @murdo-moj @drobinson-moj