Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🚀 Deploy ollamate #7177

Merged
merged 7 commits into from
Jul 23, 2024
Merged

🚀 Deploy ollamate #7177

merged 7 commits into from
Jul 23, 2024

Conversation

Gary-H9
Copy link
Contributor

@Gary-H9 Gary-H9 commented Jul 22, 2024

No description provided.

@Gary-H9 Gary-H9 requested review from a team as code owners July 22, 2024 16:01
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Jul 22, 2024
@Gary-H9 Gary-H9 mentioned this pull request Jul 22, 2024
Closed
3 tasks
@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-22T16:03:55Z INFO Need to update DB
2024-07-22T16:03:55Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-22T16:03:57Z INFO Vulnerability scanning is enabled
2024-07-22T16:03:57Z INFO Misconfiguration scanning is enabled
2024-07-22T16:03:57Z INFO Need to update the built-in policies
2024-07-22T16:03:57Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-22T16:03:57Z INFO Secret scanning is enabled
2024-07-22T16:03:57Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-22T16:03:57Z INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-22T16:04:06Z INFO Number of language-specific files num=0
2024-07-22T16:04:06Z INFO Detected config files num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=73b752a1e365808a7214f064845e958e65c548bd/main.tf (terraform)

Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)

git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=25322b6b6be69db6cca7f167d7b0e5327156a595/vpc-flow-logs.tf (terraform)

Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)

Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Checkov in terraform/environments/analytical-platform-compute
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.14.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws//modules/karpenter:20.14.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks-pod-identity/aws:1.2.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:5.8.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/s3-bucket/aws:4.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,383 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:6.7.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.4.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.3.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.39.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/route53/aws//modules/zones:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:5.39.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,384 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.39.1 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,385 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,385 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,385 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,385 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:5.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-22 16:04:08,385 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:5.8.1 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 87, Failed checks: 0, Skipped checks: 96


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running tflint in terraform/environments/analytical-platform-compute
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-22T16:03:55Z	INFO	Need to update DB
2024-07-22T16:03:55Z	INFO	Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-22T16:03:57Z	INFO	Vulnerability scanning is enabled
2024-07-22T16:03:57Z	INFO	Misconfiguration scanning is enabled
2024-07-22T16:03:57Z	INFO	Need to update the built-in policies
2024-07-22T16:03:57Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-22T16:03:57Z	INFO	Secret scanning is enabled
2024-07-22T16:03:57Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-22T16:03:57Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-22T16:04:06Z	INFO	Number of language-specific files	num=0
2024-07-22T16:04:06Z	INFO	Detected config files	num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=73b752a1e365808a7214f064845e958e65c548bd/main.tf (terraform)
===============================================================================================================================
Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)


git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=25322b6b6be69db6cca7f167d7b0e5327156a595/vpc-flow-logs.tf (terraform)
========================================================================================================================================
Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)


terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)
===================================================================
Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T13:56:11Z INFO Need to update DB
2024-07-23T13:56:11Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T13:56:13Z INFO Vulnerability scanning is enabled
2024-07-23T13:56:13Z INFO Misconfiguration scanning is enabled
2024-07-23T13:56:13Z INFO Need to update the built-in policies
2024-07-23T13:56:13Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T13:56:14Z INFO Secret scanning is enabled
2024-07-23T13:56:14Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T13:56:14Z INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T13:56:27Z INFO Number of language-specific files num=0
2024-07-23T13:56:27Z INFO Detected config files num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)

Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)

git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)

Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)

Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Checkov in terraform/environments/analytical-platform-compute
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws//modules/karpenter:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks-pod-identity/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:5.9.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/s3-bucket/aws:4.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:6.8.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.4.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,100 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.3.1 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/route53/aws//modules/zones:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,101 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,102 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:5.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:56:30,102 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:5.9.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 87, Failed checks: 0, Skipped checks: 96


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running tflint in terraform/environments/analytical-platform-compute
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T13:56:11Z	INFO	Need to update DB
2024-07-23T13:56:11Z	INFO	Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T13:56:13Z	INFO	Vulnerability scanning is enabled
2024-07-23T13:56:13Z	INFO	Misconfiguration scanning is enabled
2024-07-23T13:56:13Z	INFO	Need to update the built-in policies
2024-07-23T13:56:13Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T13:56:14Z	INFO	Secret scanning is enabled
2024-07-23T13:56:14Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T13:56:14Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T13:56:27Z	INFO	Number of language-specific files	num=0
2024-07-23T13:56:27Z	INFO	Detected config files	num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)
===============================================================================================================================
Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)


git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)
========================================================================================================================================
Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)


terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)
===================================================================
Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T13:58:05Z INFO Need to update DB
2024-07-23T13:58:05Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T13:58:07Z INFO Vulnerability scanning is enabled
2024-07-23T13:58:07Z INFO Misconfiguration scanning is enabled
2024-07-23T13:58:07Z INFO Need to update the built-in policies
2024-07-23T13:58:07Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T13:58:07Z INFO Secret scanning is enabled
2024-07-23T13:58:07Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T13:58:07Z INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T13:58:17Z INFO Number of language-specific files num=0
2024-07-23T13:58:17Z INFO Detected config files num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)

Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)

git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)

Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)

Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Checkov in terraform/environments/analytical-platform-compute
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-07-23 13:58:19,832 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,832 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws//modules/karpenter:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,832 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks-pod-identity/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,832 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:5.9.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,832 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/s3-bucket/aws:4.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:6.8.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.4.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.3.1 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/route53/aws//modules/zones:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,833 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:5.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 13:58:19,834 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:5.9.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 87, Failed checks: 0, Skipped checks: 96


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running tflint in terraform/environments/analytical-platform-compute
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T13:58:05Z	INFO	Need to update DB
2024-07-23T13:58:05Z	INFO	Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T13:58:07Z	INFO	Vulnerability scanning is enabled
2024-07-23T13:58:07Z	INFO	Misconfiguration scanning is enabled
2024-07-23T13:58:07Z	INFO	Need to update the built-in policies
2024-07-23T13:58:07Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T13:58:07Z	INFO	Secret scanning is enabled
2024-07-23T13:58:07Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T13:58:07Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T13:58:17Z	INFO	Number of language-specific files	num=0
2024-07-23T13:58:17Z	INFO	Detected config files	num=26

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)
===============================================================================================================================
Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)


git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)
========================================================================================================================================
Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)


terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)
===================================================================
Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

@Gary-H9 Gary-H9 temporarily deployed to analytical-platform-compute-development July 23, 2024 13:58 — with GitHub Actions Inactive
@Gary-H9 Gary-H9 temporarily deployed to analytical-platform-compute-test July 23, 2024 13:58 — with GitHub Actions Inactive
@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T15:04:16Z INFO Need to update DB
2024-07-23T15:04:16Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T15:04:18Z INFO Vulnerability scanning is enabled
2024-07-23T15:04:18Z INFO Misconfiguration scanning is enabled
2024-07-23T15:04:18Z INFO Need to update the built-in policies
2024-07-23T15:04:18Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T15:04:18Z INFO Secret scanning is enabled
2024-07-23T15:04:18Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T15:04:18Z INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T15:04:29Z INFO Number of language-specific files num=0
2024-07-23T15:04:29Z INFO Detected config files num=27

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)

Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)

git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)

Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)

Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Checkov in terraform/environments/analytical-platform-compute
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-07-23 15:04:32,091 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws//modules/karpenter:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks-pod-identity/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:5.9.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/s3-bucket/aws:4.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:6.8.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,092 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.4.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.3.1 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/route53/aws//modules/zones:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,093 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,094 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,094 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:5.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:04:32,094 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:5.9.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 87, Failed checks: 0, Skipped checks: 96


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running tflint in terraform/environments/analytical-platform-compute
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T15:04:16Z	INFO	Need to update DB
2024-07-23T15:04:16Z	INFO	Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T15:04:18Z	INFO	Vulnerability scanning is enabled
2024-07-23T15:04:18Z	INFO	Misconfiguration scanning is enabled
2024-07-23T15:04:18Z	INFO	Need to update the built-in policies
2024-07-23T15:04:18Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T15:04:18Z	INFO	Secret scanning is enabled
2024-07-23T15:04:18Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T15:04:18Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T15:04:29Z	INFO	Number of language-specific files	num=0
2024-07-23T15:04:29Z	INFO	Detected config files	num=27

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)
===============================================================================================================================
Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)


git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)
========================================================================================================================================
Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)


terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)
===================================================================
Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

@Gary-H9 Gary-H9 temporarily deployed to analytical-platform-compute-development July 23, 2024 15:09 — with GitHub Actions Inactive
@Gary-H9 Gary-H9 temporarily deployed to analytical-platform-compute-test July 23, 2024 15:09 — with GitHub Actions Inactive
@github-actions GitHub Actions
Copy link
Contributor

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T15:09:09Z INFO Need to update DB
2024-07-23T15:09:09Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T15:09:11Z INFO Vulnerability scanning is enabled
2024-07-23T15:09:11Z INFO Misconfiguration scanning is enabled
2024-07-23T15:09:11Z INFO Need to update the built-in policies
2024-07-23T15:09:11Z INFO Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T15:09:12Z INFO Secret scanning is enabled
2024-07-23T15:09:12Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T15:09:12Z INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T15:09:30Z INFO Number of language-specific files num=0
2024-07-23T15:09:30Z INFO Detected config files num=27

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)

Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)

git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)

Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)

Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Checkov in terraform/environments/analytical-platform-compute
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-07-23 15:09:33,292 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,292 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws//modules/karpenter:20.20.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,292 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks-pod-identity/aws:1.3.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,292 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:5.9.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/s3-bucket/aws:4.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:6.8.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.4.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:5.3.1 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,293 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/route53/aws//modules/zones:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-github-oidc-role:5.41.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:3.1.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/secrets-manager/aws:1.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.2.0 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:5.1.2 (for external modules, the --download-external-modules flag is required)
2024-07-23 15:09:33,294 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:5.9.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 87, Failed checks: 0, Skipped checks: 96


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running tflint in terraform/environments/analytical-platform-compute
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/analytical-platform-compute

*****************************

Running Trivy in terraform/environments/analytical-platform-compute
2024-07-23T15:09:09Z	INFO	Need to update DB
2024-07-23T15:09:09Z	INFO	Downloading DB...	repository="ghcr.io/aquasecurity/trivy-db:2"
2024-07-23T15:09:11Z	INFO	Vulnerability scanning is enabled
2024-07-23T15:09:11Z	INFO	Misconfiguration scanning is enabled
2024-07-23T15:09:11Z	INFO	Need to update the built-in policies
2024-07-23T15:09:11Z	INFO	Downloading the built-in policies...
74.86 KiB / 74.86 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-07-23T15:09:12Z	INFO	Secret scanning is enabled
2024-07-23T15:09:12Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-07-23T15:09:12Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-07-23T15:09:30Z	INFO	Number of language-specific files	num=0
2024-07-23T15:09:30Z	INFO	Detected config files	num=27

git::https:/github.com/terraform-aws-modules/terraform-aws-eks?ref=705eb80cfacf563f74f760261c2154d2fd9f1d87/main.tf (terraform)
===============================================================================================================================
Tests: 5 (SUCCESSES: 1, FAILURES: 0, EXCEPTIONS: 4)
Failures: 0 (HIGH: 0, CRITICAL: 0)


git::https:/github.com/terraform-aws-modules/terraform-aws-vpc?ref=2e417ad0ce830893127476436179ef483485ae84/vpc-flow-logs.tf (terraform)
========================================================================================================================================
Tests: 2 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)


terraform-aws-modules/eks/aws/modules/karpenter/main.tf (terraform)
===================================================================
Tests: 4 (SUCCESSES: 2, FAILURES: 0, EXCEPTIONS: 2)
Failures: 0 (HIGH: 0, CRITICAL: 0)

trivy_exitcode=0

@jacobwoffenden jacobwoffenden merged commit d09ff03 into main Jul 23, 2024
14 checks passed
@jacobwoffenden jacobwoffenden deleted the deploy-ollamate branch July 23, 2024 15:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jacobwoffenden jacobwoffenden jacobwoffenden approved these changes

Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Gary-H9 @jacobwoffenden