Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GitHub Actions Code Formatter workflow #6707

Merged
merged 1 commit into from
Jun 24, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Updates from GitHub Actions Format Code workflow
modernisation-platform-ci committed Jun 24, 2024
commit 89b75fca5e60cc81910226b9882481f24b9a7960
Original file line number Diff line number Diff line change
@@ -52,8 +52,8 @@ locals {
target_buckets = ["mojap-land"]

/* Transfer Server */
transfer_server_hostname = "sftp.ingestion.analytical-platform.service.justice.gov.uk"
transfer_server_sftp_users = {}
transfer_server_hostname = "sftp.ingestion.analytical-platform.service.justice.gov.uk"
transfer_server_sftp_users = {}
transfer_server_sftp_users_with_egress = {
"essex-police" = {
ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCpNyYzfbqmy4QkViLRyASRqxrEK7G34o3Bc6Jdp8vK555/oBuAUXUxfavtenZnxuxdxsrBYBSCBFcU4+igeXN/nN2kVfaUlt1xBZBCRUaajinhmt+3CLbr8bWmHR/5vL/DhxHH+j/+gDH5A244XN/ybZQvCGX/ilgKiae8s0tiOZD2hmX0fhRTCohQFG/DIu06gqKIyxUQoHBoBJxjzaDvjqioJgqmD9893DN+Gx1KozmaQWHM+0f7iK1UFp8BkdeFBVkj8TOfx60o/EmAjWQ/U+WSHblaXo0nI+LQKZYkW52uTEnfSkbkyvs/vj8E8+vagwYi0noyTVmb5qReSuk1kyuqEP2ycKIaWKt+Z4LnwxHm7KO51SMMeBgpiFHaUTQWXZHYuU2aXVfFIgJkCtHdEjG7Qe2P8K5XU5rG+CrQ/Y9PxPrKQHk+2nox9dLfCWo2Eho1N85z9/rA7A0oNwsHkjWAl3k87lWdpg7y3VNLzqsMNF4M4HjpQV60MH73dUU= essex-police@kpvmshift04app.netr.ecis.police.uk"
54 changes: 27 additions & 27 deletions terraform/environments/apex/ecs.tf
Original file line number Diff line number Diff line change
@@ -6,33 +6,33 @@ module "apex-ecs" {

source = "./modules/ecs"

subnet_set_name = local.subnet_set_name
vpc_all = local.vpc_all
app_name = local.application_name
container_instance_type = local.application_data.accounts[local.environment].container_instance_type
ami_image_id = local.application_data.accounts[local.environment].ami_image_id
instance_type = local.application_data.accounts[local.environment].instance_type
user_data = local.user_data
key_name = local.application_data.accounts[local.environment].key_name
task_definition = local.task_definition
ec2_desired_capacity = local.application_data.accounts[local.environment].ec2_desired_capacity
ec2_max_size = local.application_data.accounts[local.environment].ec2_max_size
ec2_min_size = local.application_data.accounts[local.environment].ec2_min_size
task_definition_volume = local.application_data.accounts[local.environment].task_definition_volume
network_mode = local.application_data.accounts[local.environment].network_mode
server_port = local.application_data.accounts[local.environment].server_port
app_count = local.application_data.accounts[local.environment].app_count
ec2_ingress_rules = local.ec2_ingress_rules
ec2_egress_rules = local.ec2_egress_rules
lb_tg_arn = module.alb.target_group_arn
tags_common = local.tags
appscaling_min_capacity = local.application_data.accounts[local.environment].appscaling_min_capacity
appscaling_max_capacity = local.application_data.accounts[local.environment].appscaling_max_capacity
ecs_scaling_cpu_threshold = local.application_data.accounts[local.environment].ecs_scaling_cpu_threshold
ecs_scaling_mem_threshold = local.application_data.accounts[local.environment].ecs_scaling_mem_threshold
ecs_target_capacity = local.ecs_target_capacity
subnet_set_name = local.subnet_set_name
vpc_all = local.vpc_all
app_name = local.application_name
container_instance_type = local.application_data.accounts[local.environment].container_instance_type
ami_image_id = local.application_data.accounts[local.environment].ami_image_id
instance_type = local.application_data.accounts[local.environment].instance_type
user_data = local.user_data
key_name = local.application_data.accounts[local.environment].key_name
task_definition = local.task_definition
ec2_desired_capacity = local.application_data.accounts[local.environment].ec2_desired_capacity
ec2_max_size = local.application_data.accounts[local.environment].ec2_max_size
ec2_min_size = local.application_data.accounts[local.environment].ec2_min_size
task_definition_volume = local.application_data.accounts[local.environment].task_definition_volume
network_mode = local.application_data.accounts[local.environment].network_mode
server_port = local.application_data.accounts[local.environment].server_port
app_count = local.application_data.accounts[local.environment].app_count
ec2_ingress_rules = local.ec2_ingress_rules
ec2_egress_rules = local.ec2_egress_rules
lb_tg_arn = module.alb.target_group_arn
tags_common = local.tags
appscaling_min_capacity = local.application_data.accounts[local.environment].appscaling_min_capacity
appscaling_max_capacity = local.application_data.accounts[local.environment].appscaling_max_capacity
ecs_scaling_cpu_threshold = local.application_data.accounts[local.environment].ecs_scaling_cpu_threshold
ecs_scaling_mem_threshold = local.application_data.accounts[local.environment].ecs_scaling_mem_threshold
ecs_target_capacity = local.ecs_target_capacity
ec2_instance_warmup_period = local.application_data.accounts[local.environment].ec2_instance_warmup_period
log_group_kms_key = aws_kms_key.cloudwatch_logs_key.arn
environment = local.environment
log_group_kms_key = aws_kms_key.cloudwatch_logs_key.arn
environment = local.environment

}
8 changes: 4 additions & 4 deletions terraform/environments/apex/modules/ecs/main.tf
Original file line number Diff line number Diff line change
@@ -501,7 +501,7 @@ resource "aws_appautoscaling_policy" "ecs_target_cpu" {
predefined_metric_specification {
predefined_metric_type = "ECSServiceAverageCPUUtilization"
}
target_value = var.ecs_scaling_cpu_threshold
target_value = var.ecs_scaling_cpu_threshold
scale_in_cooldown = 300
scale_out_cooldown = 300
}
@@ -517,7 +517,7 @@ resource "aws_appautoscaling_policy" "ecs_target_memory" {
predefined_metric_specification {
predefined_metric_type = "ECSServiceAverageMemoryUtilization"
}
target_value = var.ecs_scaling_mem_threshold
target_value = var.ecs_scaling_mem_threshold
scale_in_cooldown = 300
scale_out_cooldown = 300
}
@@ -533,8 +533,8 @@ resource "aws_ecs_capacity_provider" "apex" {
managed_scaling {
# maximum_scaling_step_size = 1000
# minimum_scaling_step_size = 1
status = "ENABLED"
target_capacity = var.ecs_target_capacity
status = "ENABLED"
target_capacity = var.ecs_target_capacity
instance_warmup_period = var.ec2_instance_warmup_period
}
managed_draining = "ENABLED"
Original file line number Diff line number Diff line change
@@ -54,7 +54,7 @@ module "bps_instance" {
availability_zone = "eu-west-2a"
subnet_id = var.account_config.private_subnet_ids[count.index]
tags = var.tags

cloudwatch_metric_alarms = merge(
local.cloudwatch_metric_alarms.ec2
)
Original file line number Diff line number Diff line change
@@ -54,7 +54,7 @@ module "bws_instance" {
availability_zone = "eu-west-2a"
subnet_id = var.account_config.private_subnet_ids[count.index]
tags = var.tags

cloudwatch_metric_alarms = merge(
local.cloudwatch_metric_alarms.ec2
)
Original file line number Diff line number Diff line change
@@ -54,7 +54,7 @@ module "dis_instance" {
availability_zone = "eu-west-2a"
subnet_id = var.account_config.private_subnet_ids[count.index]
tags = var.tags

cloudwatch_metric_alarms = merge(
local.cloudwatch_metric_alarms.ec2
)
Original file line number Diff line number Diff line change
@@ -14,13 +14,13 @@ resource "aws_glue_connection" "glue_operational_datastore_connection" {
}

physical_connection_requirements {
availability_zone = data.aws_subnet.private_subnets_a.availability_zone
availability_zone = data.aws_subnet.private_subnets_a.availability_zone
security_group_id_list = [aws_security_group.glue_operational_datastore_connection_sg[0].id]
subnet_id = data.aws_subnet.private_subnets_a.id
subnet_id = data.aws_subnet.private_subnets_a.id
}
}

resource aws_security_group "glue_operational_datastore_connection_sg" {
resource "aws_security_group" "glue_operational_datastore_connection_sg" {
count = (local.environment == "development" ? 1 : 0)
name = "${local.project}-operational-datastore-connection_sg"
description = "Security group to allow glue access to Operational Datastore via JDBC Connection"
@@ -31,18 +31,18 @@ resource aws_security_group "glue_operational_datastore_connection_sg" {

# A self-referencing inbound rule for all TCP ports to enable AWS Glue to communicate between its components
ingress {
from_port = 0
to_port = 65535
protocol = "TCP"
self = true
from_port = 0
to_port = 65535
protocol = "TCP"
self = true
description = "Security Group can Ingress to itself on all ports - required for Glue to communicate with itself"
}

# Allow all traffic out
egress {
from_port = 0
to_port = 0
protocol = "-1"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
description = "Allow all traffic out from this Security Group"
}
Original file line number Diff line number Diff line change
@@ -701,7 +701,7 @@ data "aws_iam_policy_document" "glue_catalog_readonly" {
"arn:aws:glue:${local.current_account_region}:${local.current_account_id}:database/raw",
"arn:aws:glue:${local.current_account_region}:${local.current_account_id}:table/raw/*",
"arn:aws:glue:${local.current_account_region}:${local.current_account_id}:database/structured",
"arn:aws:glue:${local.current_account_region}:${local.current_account_id}:table/structured/*"
"arn:aws:glue:${local.current_account_region}:${local.current_account_id}:table/structured/*"
]
}
}
6 changes: 3 additions & 3 deletions terraform/environments/digital-prison-reporting/secrets.tf
Original file line number Diff line number Diff line change
@@ -69,12 +69,12 @@ resource "aws_secretsmanager_secret" "operational_datastore" {
}

resource "aws_secretsmanager_secret_version" "operational_datastore" {
count = (local.environment == "development" ? 1 : 0)
secret_id = aws_secretsmanager_secret.operational_datastore[0].id
count = (local.environment == "development" ? 1 : 0)
secret_id = aws_secretsmanager_secret.operational_datastore[0].id
secret_string = jsonencode(local.operational_datastore_secrets_placeholder)

lifecycle {
ignore_changes = [secret_string,]
ignore_changes = [secret_string, ]
}
}

Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
module "dms_task" {
source = "./modules/dms"

for_each = toset(local.is-production? [
for_each = toset(local.is-production ? [
"g4s_cap_dw",
"g4s_emsys_mvp"
] : ["test"])
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
module "ecr_lambda_repo" {
source = "./modules/ecr"
ecr_name = "lambdas/update_log_table"
source = "./modules/ecr"
ecr_name = "lambdas/update_log_table"
}

module "ecr_lambdas_repo" {
source = "./modules/ecr"
ecr_name = "lambda-functions-repo"
source = "./modules/ecr"
ecr_name = "lambda-functions-repo"
}
34 changes: 17 additions & 17 deletions terraform/environments/electronic-monitoring-data/lambdas_iam.tf
Original file line number Diff line number Diff line change
@@ -324,13 +324,13 @@ resource "aws_iam_role_policy_attachment" "send_table_to_ap_get_parquet_files" {
# ------------------------------------------------

resource "aws_iam_role" "query_output_to_list" {
name = "query_output_to_list"
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role.json
name = "query_output_to_list"
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role.json
}

resource "aws_iam_role_policy_attachment" "query_output_to_list_lambda_sqs_queue_access_execution" {
role = aws_iam_role.query_output_to_list.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole"
role = aws_iam_role.query_output_to_list.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole"
}


@@ -375,13 +375,13 @@ resource "aws_iam_role_policy_attachment" "get_file_keys_for_table_list_target_s
# ------------------------------------------

resource "aws_iam_role" "update_log_table" {
name = "update_log_table"
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role.json
name = "update_log_table"
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role.json
}

resource "aws_iam_role_policy_attachment" "update_log_table_lambda_sqs_queue_access_execution" {
role = aws_iam_role.update_log_table.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole"
role = aws_iam_role.update_log_table.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole"
}

data "aws_iam_policy_document" "get_log_s3_files" {
@@ -393,29 +393,29 @@ data "aws_iam_policy_document" "get_log_s3_files" {
"s3:PutObject",
"s3:GetBucketLocation",
"s3:DeleteObject"
]
]
resources = [
aws_s3_bucket.dms_dv_parquet_s3_bucket.arn,
"${aws_s3_bucket.dms_dv_parquet_s3_bucket.arn}/*"
]
]
}
}

resource "aws_iam_policy" "get_log_s3_files" {
name = "get_log_s3_files"
name = "get_log_s3_files"
policy = data.aws_iam_policy_document.get_log_s3_files.json
}
resource "aws_iam_role_policy_attachment" "update_log_table_get_log_s3_files" {
role = aws_iam_role.update_log_table.name
policy_arn = aws_iam_policy.get_log_s3_files.arn
role = aws_iam_role.update_log_table.name
policy_arn = aws_iam_policy.get_log_s3_files.arn
}

# ------------------------------------------
# output_file_structure_as_json_from_zip
# ------------------------------------------

resource "aws_iam_role" "output_fs_json_lambda" {
name = "output_fs_json_lambda"
name = "output_fs_json_lambda"
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role.json
managed_policy_arns = ["arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"]
}
@@ -434,9 +434,9 @@ data "aws_iam_policy_document" "output_fs_json_lambda_s3_policy_document" {
}

resource "aws_iam_policy" "output_fs_json_lambda_s3_policy" {
name = "output-fs-json-lambda-s3-policy"
description = "Policy for Lambda to use S3 for ${local.output_fs_json_lambda}"
policy = data.aws_iam_policy_document.output_fs_json_lambda_s3_policy_document.json
name = "output-fs-json-lambda-s3-policy"
description = "Policy for Lambda to use S3 for ${local.output_fs_json_lambda}"
policy = data.aws_iam_policy_document.output_fs_json_lambda_s3_policy_document.json
}

resource "aws_iam_role_policy_attachment" "output_fs_json_lambda_s3_policy_attachment" {
Loading