Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1 in /terraform/environments/data-platform-apps-and-tools #9031

dependabot · 2024-12-10T00:36:10Z

Bumps terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1.

Release notes

Sourced from terraform-aws-modules/eks/aws's releases.

v20.31.1

20.31.1 (2024-12-09)

Bug Fixes

Create EKS Auto Mode role when Auto Mode is enabled, regardless of built-in node pool use (#3234) (e2846be)

v20.31.0

20.31.0 (2024-12-04)

Features

Add support for EKS Auto Mode and EKS Hybrid nodes (#3225) (3b974d3)

v20.30.1

20.30.1 (2024-11-26)

Bug Fixes

Coalesce local resolve_conflicts_on_create_default value to a boolean since default is null (#3221) (35388bb)

v20.30.0

20.30.0 (2024-11-26)

Features

Improve addon dependency chain and decrease time to provision addons (due to retries) (#3218) (ab2207d)

v20.29.0

20.29.0 (2024-11-08)

Features

Add support for pod identity association on EKS addons (#3203) (a224334)

v20.28.0

20.28.0 (2024-11-02)

Features

Add support for creating efa-only network interfaces (#3196) (c6da22c)

v20.27.0

20.27.0 (2024-11-01)

... (truncated)

Changelog

Sourced from terraform-aws-modules/eks/aws's changelog.

20.31.1 (2024-12-09)

Bug Fixes

Create EKS Auto Mode role when Auto Mode is enabled, regardless of built-in node pool use (#3234) (e2846be)

20.31.0 (2024-12-04)

Features

Add support for EKS Auto Mode and EKS Hybrid nodes (#3225) (3b974d3)

20.30.1 (2024-11-26)

Bug Fixes

Coalesce local resolve_conflicts_on_create_default value to a boolean since default is null (#3221) (35388bb)

20.30.0 (2024-11-26)

Features

Improve addon dependency chain and decrease time to provision addons (due to retries) (#3218) (ab2207d)

20.29.0 (2024-11-08)

Features

Add support for pod identity association on EKS addons (#3203) (a224334)

20.28.0 (2024-11-02)

Features

Add support for creating efa-only network interfaces (#3196) (c6da22c)

20.27.0 (2024-11-01)

Features

Add support for zonal shift (#3195) (1b0ac83)

20.26.1 (2024-10-27)

... (truncated)

Commits

5583604 chore(release): version 20.31.1 [skip ci]
e2846be fix: Create EKS Auto Mode role when Auto Mode is enabled, regardless of built...
6168518 chore: Add TODO to turn off detailed monitoring by default at next breaking...
c63a579 chore(release): version 20.31.0 [skip ci]
3b974d3 feat: Add support for EKS Auto Mode and EKS Hybrid nodes (#3225)
6866b40 chore(release): version 20.30.1 [skip ci]
35388bb fix: Coalesce local resolve_conflicts_on_create_default value to a boolean ...
b468ead chore(release): version 20.30.0 [skip ci]
ab2207d feat: Improve addon dependency chain and decrease time to provision addons (d...
97a08c8 chore(release): version 20.29.0 [skip ci]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [terraform-aws-modules/eks/aws](https://github.com/terraform-aws-modules/terraform-aws-eks) from 19.21.0 to 20.31.1. - [Release notes](https://github.com/terraform-aws-modules/terraform-aws-eks/releases) - [Changelog](https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md) - [Commits](terraform-aws-modules/terraform-aws-eks@v19.21.0...v20.31.1) --- updated-dependencies: - dependency-name: terraform-aws-modules/eks/aws dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2024-12-10T00:38:53Z

`Trivy Scan` Failed

Show Output

```hcl

Trivy will check the following folders:
terraform/environments/data-platform-apps-and-tools

Running Trivy in terraform/environments/data-platform-apps-and-tools
2024-12-10T00:38:35Z INFO [vulndb] Need to update DB
2024-12-10T00:38:35Z INFO [vulndb] Downloading vulnerability DB...
2024-12-10T00:38:35Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-10T00:38:37Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-10T00:38:37Z INFO [vuln] Vulnerability scanning is enabled
2024-12-10T00:38:37Z INFO [misconfig] Misconfiguration scanning is enabled
2024-12-10T00:38:37Z INFO [misconfig] Need to update the built-in checks
2024-12-10T00:38:37Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2024-12-10T00:38:39Z INFO [secret] Secret scanning is enabled
2024-12-10T00:38:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-10T00:38:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.58/docs/scanner/secret#recommendation for faster secret detection
2024-12-10T00:38:41Z INFO [terraform scanner] Scanning root module file_path="."
2024-12-10T00:38:41Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
panic: value is null

goroutine 1 [running]:
github.com/zclconf/go-cty/cty.Value.AsString({{{0x58f5110?, 0xc00029d301?}}, {0x0?, 0x0?}})
/home/runner/go/pkg/mod/github.com/zclconf/[email protected]/cty/value_ops.go:1390 +0x10b
github.com/aquasecurity/trivy/pkg/iac/terraform.postProcessValues(0xc008aa0fc0, 0xc00b4aa720)
/home/runner/work/trivy/trivy/pkg/iac/terraform/presets.go:52 +0x393
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Block).Values(0xc008aa0fc0)
/home/runner/work/trivy/trivy/pkg/iac/terraform/block.go:580 +0x185
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).getResources(0xc001b78780)
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:581 +0x18e
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateStep(0xc001b78780)
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:99 +0x195
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSteps(0xc001b78780)
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:246 +0x152
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc001b78780, {0x58f3078, 0xc00b8b83f0})
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:135 +0x1eb
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodule(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0}, 0xc00fd41240)
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:228 +0x1bc
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodules(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0}, 0xc008002ae0)
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:164 +0x43f
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0})
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:142 +0x294
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).EvaluateAll(0xc0112750e0, {0x58f3078, 0xc00b8b83f0})
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/parser.go:342 +0x90
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform.(*Scanner).ScanFS(0xc0016d1560, {0x58f3078, 0xc00b8b83f0}, {0x58b12c0, 0xc006758780}, {0x58959e8, 0x1})
/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/scanner.go:132 +0x726
github.com/aquasecurity/trivy/pkg/misconf.(*Scanner).Scan(0xc0016b9740, {0x58f3120, 0xc000173490}, {0x58b12c0, 0xc000747d40})
/home/runner/work/trivy/trivy/pkg/misconf/scanner.go:151 +0x297
github.com/aquasecurity/trivy/pkg/fanal/analyzer/config.(*Analyzer).PostAnalyze(0xc001697100, {0x58f3120?, 0xc000173490?}, {{0x58b12c0?, 0xc000747d40?}, {0x9?, 0x0?}})
/home/runner/work/trivy/trivy/pkg/fanal/analyzer/config/config.go:44 +0x46
github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.PostAnalyze({0xc00144a0d0, {0xc001109000, 0x1f, 0x20}, {0xc000e4ee00, 0x16, 0x20}, 0xc00144ca80, {0x47ad91d, 0x7}}, ...)
/home/runner/work/trivy/trivy/pkg/fanal/analyzer/analyzer.go:505 +0x2e2
github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect({{0x7ffda0f1cad4, 0x45}, {0x7fe9cf1890c8, 0xc000f98280}, {0x58b11e0, 0x827fc80}, {0xc00144a0d0, {0xc001109000, 0x1f, 0x20}, ...}, ...}, ...)
/home/runner/work/trivy/trivy/pkg/fanal/artifact/local/fs.go:121 +0x4c9
github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact({{, }, {, }}, {, }, {{0xc001097780, 0x2, 0x2}, {0xc000d86900, ...}, ...})
/home/runner/work/trivy/trivy/pkg/scanner/scan.go:156 +0x103
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan(, {, }, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:620 +0x32b
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact(, {, }, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:259 +0xb1
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanFS(, {, }, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:204 +0xc5
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).ScanFilesystem(, {_, }, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:184 +0x211
github.com/aquasecurity/trivy/pkg/commands/artifact.Run({, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, {0xc000718d40, ...}, ...}, ...}, ...)
/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:385 +0x8cb
github.com/aquasecurity/trivy/pkg/commands.NewFilesystemCommand.func2(0xc000775b08, {0xc000ca2960, 0x1, 0xa})
/home/runner/work/trivy/trivy/pkg/commands/app.go:383 +0x19c
github.com/spf13/cobra.(*Command).execute(0xc000775b08, {0xc000ca2820, 0xa, 0xa})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:985 +0xaca
github.com/spf13/cobra.(*Command).ExecuteC(0xc000775208)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:1117 +0x3ff
github.com/spf13/cobra.(*Command).Execute(0x48176bb?)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:1041 +0x13
main.run()
/home/runner/work/trivy/trivy/cmd/trivy/main.go:39 +0x113
main.main()
/home/runner/work/trivy/trivy/cmd/trivy/main.go:19 +0x1f
trivy_exitcode=2

</details> #### `Checkov Scan` Failed
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/data-platform-apps-and-tools

*****************************

Running Checkov in terraform/environments/data-platform-apps-and-tools
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/cloudwatch/aws//modules/log-group:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module ministryofjustice/observability-platform-tenant/aws:1.0.1 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/eks/aws:20.31.1 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:~> 2.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/rds/aws:~> 6.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-assumable-role:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,249 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws//modules/vpc-endpoints:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-policy:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/lambda/aws:~> 6.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-user:~> 5 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/efs/aws:~> 1.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v7.1.0:None (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/security-group/aws:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,250 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/ec2-instance/aws:None (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,251 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/vpc/aws:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,251 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks:~> 5.0 (for external modules, the --download-external-modules flag is required)
2024-12-10 00:38:49,251 [MainThread  ] [WARNI]  Failed to download module terraform-aws-modules/kms/aws:2.2.0 (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 170, Failed checks: 20, Skipped checks: 43

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.powerbi_gateway_reg_credentials
	File: /powerbi-gateway-secret.tf:1-3
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		1 | resource "aws_secretsmanager_secret" "powerbi_gateway_reg_credentials" {
		2 |   name = "${local.environment_configuration.powerbi_gateway_ec2.instance_name}-credentials"
		3 | }

Check: CKV_AWS_23: "Ensure every security group and rule has a description"
	FAILED for resource: aws_security_group.powerbi_gateway
	File: /powerbi-gateway-security-group.tf:2-30
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-networking-policies/networking-31

		2  | resource "aws_security_group" "powerbi_gateway" {
		3  |   name        = local.environment_configuration.powerbi_gateway_ec2.instance_name
		4  |   description = local.environment_configuration.powerbi_gateway_ec2.instance_name
		5  |   vpc_id      = data.aws_vpc.shared.id
		6  | 
		7  |   # https://learn.microsoft.com/en-us/data-integration/gateway/service-gateway-communication#ports
		8  |   egress {
		9  |     from_port   = 443
		10 |     to_port     = 443
		11 |     protocol    = "tcp"
		12 |     cidr_blocks = ["0.0.0.0/0"]
		13 |   }
		14 | 
		15 |   egress {
		16 |     from_port   = 5671
		17 |     to_port     = 5672
		18 |     protocol    = "tcp"
		19 |     cidr_blocks = ["0.0.0.0/0"]
		20 |   }
		21 | 
		22 |   egress {
		23 |     from_port   = 9352
		24 |     to_port     = 9354
		25 |     protocol    = "tcp"
		26 |     cidr_blocks = ["0.0.0.0/0"]
		27 |   }
		28 | 
		29 |   tags = local.tags
		30 | }

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: powerbi_gateway
	File: /powerbi-gateway-server.tf:14-59
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		14 | module "powerbi_gateway" {
		15 |   source  = "terraform-aws-modules/ec2-instance/aws"
		16 |   version = "v5.6.0"
		17 | 
		18 |   name = local.environment_configuration.powerbi_gateway_ec2.instance_name
		19 |   # ami                         = data.aws_ami.windows_server_2022.id
		20 |   ami                         = "ami-00ffeb610527f540b" # Hardcoded AMI ID for Windows Server 2022
		21 |   instance_type               = local.environment_configuration.powerbi_gateway_ec2.instance_type
		22 |   key_name                    = aws_key_pair.powerbi_gateway_keypair.key_name
		23 |   monitoring                  = true
		24 |   create_iam_instance_profile = true
		25 |   iam_role_description        = "IAM role for PowerBI Gateway Instance"
		26 |   ignore_ami_changes          = false
		27 |   enable_volume_tags          = false
		28 |   associate_public_ip_address = false
		29 |   iam_role_policies = {
		30 |     SSMCore            = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
		31 |     PowerBI_DataAccess = aws_iam_policy.powerbi_gateway_data_access.arn
		32 |   }
		33 |   root_block_device = [
		34 |     {
		35 |       encrypted   = true
		36 |       volume_type = "gp3"
		37 |       volume_size = 100
		38 |       tags = merge({
		39 |         Name = "${local.environment_configuration.powerbi_gateway_ec2.instance_name}-root-volume"
		40 |       }, local.tags)
		41 |     },
		42 |   ]
		43 | 
		44 |   ebs_block_device = [
		45 |     {
		46 |       volume_type = "gp3"
		47 |       device_name = "/dev/sdf"
		48 |       volume_size = 300
		49 |       encrypted   = true
		50 |       tags = merge({
		51 |         Name = "${local.environment_configuration.powerbi_gateway_ec2.instance_name}-data-volume"
		52 |       }, local.tags)
		53 |     }
		54 |   ]
		55 |   vpc_security_group_ids = [aws_security_group.powerbi_gateway.id]
		56 |   subnet_id              = data.aws_subnet.private_subnets_a.id
		57 | 
		58 |   tags = local.tags
		59 | }

Check: CKV_TF_1: "Ensure Terraform module sources use a commit hash"
	FAILED for resource: airflow_s3_bucket
	File: /s3.tf:5-15
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/supply-chain-policies/terraform-policies/ensure-terraform-module-sources-use-git-url-with-commit-hash-revision

		5  | module "airflow_s3_bucket" {
		6  |   source = "github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v7.1.0"
		7  | 
		8  |   providers = {
		9  |     aws.bucket-replication = aws
		10 |   }
		11 | 
		12 |   bucket_prefix = "moj-data-platform-airflow-${local.environment}"
		13 | 
		14 |   tags = local.tags
		15 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.openmetadata_entra_id_client_id
	File: /secrets.tf:7-11
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		7  | resource "aws_secretsmanager_secret" "openmetadata_entra_id_client_id" {
		8  |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		9  | 
		10 |   name = "openmetadata/entra-id/client-id"
		11 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.openmetadata_entra_id_tenant_id
	File: /secrets.tf:13-17
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		13 | resource "aws_secretsmanager_secret" "openmetadata_entra_id_tenant_id" {
		14 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		15 | 
		16 |   name = "openmetadata/entra-id/tenant-id"
		17 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_app_id
	File: /secrets.tf:19-23
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		19 | resource "aws_secretsmanager_secret" "github_app_arc_app_id" {
		20 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		21 | 
		22 |   name = "github/arc/app-id"
		23 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_install_id
	File: /secrets.tf:25-29
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		25 | resource "aws_secretsmanager_secret" "github_app_arc_install_id" {
		26 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		27 | 
		28 |   name = "github/arc/install-id"
		29 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_private_key
	File: /secrets.tf:31-35
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		31 | resource "aws_secretsmanager_secret" "github_app_arc_private_key" {
		32 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		33 | 
		34 |   name = "github/arc/private-key"
		35 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.govuk_notify_api_key
	File: /secrets.tf:38-42
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		38 | resource "aws_secretsmanager_secret" "govuk_notify_api_key" {
		39 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		40 | 
		41 |   name = "gov-uk-notify/production/api-key"
		42 | }

Check: CKV_AWS_149: "Ensure that Secrets Manager secret is encrypted using KMS CMK"
	FAILED for resource: aws_secretsmanager_secret.jml_email
	File: /secrets.tf:45-49
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/ensure-that-secrets-manager-secret-is-encrypted-using-kms

		45 | resource "aws_secretsmanager_secret" "jml_email" {
		46 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		47 | 
		48 |   name = "jml/email"
		49 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.powerbi_gateway_reg_credentials
	File: /powerbi-gateway-secret.tf:1-3
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		1 | resource "aws_secretsmanager_secret" "powerbi_gateway_reg_credentials" {
		2 |   name = "${local.environment_configuration.powerbi_gateway_ec2.instance_name}-credentials"
		3 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.openmetadata_entra_id_client_id
	File: /secrets.tf:7-11
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		7  | resource "aws_secretsmanager_secret" "openmetadata_entra_id_client_id" {
		8  |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		9  | 
		10 |   name = "openmetadata/entra-id/client-id"
		11 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.openmetadata_entra_id_tenant_id
	File: /secrets.tf:13-17
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		13 | resource "aws_secretsmanager_secret" "openmetadata_entra_id_tenant_id" {
		14 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		15 | 
		16 |   name = "openmetadata/entra-id/tenant-id"
		17 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_app_id
	File: /secrets.tf:19-23
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		19 | resource "aws_secretsmanager_secret" "github_app_arc_app_id" {
		20 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		21 | 
		22 |   name = "github/arc/app-id"
		23 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_install_id
	File: /secrets.tf:25-29
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		25 | resource "aws_secretsmanager_secret" "github_app_arc_install_id" {
		26 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		27 | 
		28 |   name = "github/arc/install-id"
		29 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.github_app_arc_private_key
	File: /secrets.tf:31-35
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		31 | resource "aws_secretsmanager_secret" "github_app_arc_private_key" {
		32 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		33 | 
		34 |   name = "github/arc/private-key"
		35 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.govuk_notify_api_key
	File: /secrets.tf:38-42
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		38 | resource "aws_secretsmanager_secret" "govuk_notify_api_key" {
		39 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		40 | 
		41 |   name = "gov-uk-notify/production/api-key"
		42 | }

Check: CKV2_AWS_57: "Ensure Secrets Manager secrets should have automatic rotation enabled"
	FAILED for resource: aws_secretsmanager_secret.jml_email
	File: /secrets.tf:45-49
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-general-policies/bc-aws-2-57

		45 | resource "aws_secretsmanager_secret" "jml_email" {
		46 |   count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0
		47 | 
		48 |   name = "jml/email"
		49 | }

Check: CKV2_AWS_5: "Ensure that Security Groups are attached to another resource"
	FAILED for resource: aws_security_group.powerbi_gateway
	File: /powerbi-gateway-security-group.tf:2-30
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/aws-policies/aws-networking-policies/ensure-that-security-groups-are-attached-to-ec2-instances-or-elastic-network-interfaces-enis

		2  | resource "aws_security_group" "powerbi_gateway" {
		3  |   name        = local.environment_configuration.powerbi_gateway_ec2.instance_name
		4  |   description = local.environment_configuration.powerbi_gateway_ec2.instance_name
		5  |   vpc_id      = data.aws_vpc.shared.id
		6  | 
		7  |   # https://learn.microsoft.com/en-us/data-integration/gateway/service-gateway-communication#ports
		8  |   egress {
		9  |     from_port   = 443
		10 |     to_port     = 443
		11 |     protocol    = "tcp"
		12 |     cidr_blocks = ["0.0.0.0/0"]
		13 |   }
		14 | 
		15 |   egress {
		16 |     from_port   = 5671
		17 |     to_port     = 5672
		18 |     protocol    = "tcp"
		19 |     cidr_blocks = ["0.0.0.0/0"]
		20 |   }
		21 | 
		22 |   egress {
		23 |     from_port   = 9352
		24 |     to_port     = 9354
		25 |     protocol    = "tcp"
		26 |     cidr_blocks = ["0.0.0.0/0"]
		27 |   }
		28 | 
		29 |   tags = local.tags
		30 | }


checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/data-platform-apps-and-tools

*****************************

Running tflint in terraform/environments/data-platform-apps-and-tools
Excluding the following checks: terraform_unused_declarations
4 issue(s) found:

Warning: Duplicate key: "airflow_execution_role_name", first defined at terraform/environments/data-platform-apps-and-tools/environment-configuration.tf:31,7-34 (terraform_map_duplicate_keys)

  on terraform/environments/data-platform-apps-and-tools/environment-configuration.tf line 35:
  35:       airflow_execution_role_name   = "${local.application_name}-${local.environment}-airflow-execution"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_map_duplicate_keys.md

Warning: Duplicate key: "eks_cluster_name", first defined at terraform/environments/data-platform-apps-and-tools/environment-configuration.tf:17,7-23 (terraform_map_duplicate_keys)

  on terraform/environments/data-platform-apps-and-tools/environment-configuration.tf line 68:
  68:       eks_cluster_name               = "apps-tools-development"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_map_duplicate_keys.md

Warning: Duplicate key: "eks_cluster_name", first defined at terraform/environments/data-platform-apps-and-tools/environment-configuration.tf:105,7-23 (terraform_map_duplicate_keys)

  on terraform/environments/data-platform-apps-and-tools/environment-configuration.tf line 169:
 169:       eks_cluster_name               = "apps-tools-production"

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_map_duplicate_keys.md

Warning: Missing version constraint for provider "random" in `required_providers` (terraform_required_providers)

  on terraform/environments/data-platform-apps-and-tools/random.tf line 24:
  24: resource "random_password" "datahub_rds" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

`Trivy Scan` Failed

Show Output

*****************************

Trivy will check the following folders:
terraform/environments/data-platform-apps-and-tools

*****************************

Running Trivy in terraform/environments/data-platform-apps-and-tools
2024-12-10T00:38:35Z	INFO	[vulndb] Need to update DB
2024-12-10T00:38:35Z	INFO	[vulndb] Downloading vulnerability DB...
2024-12-10T00:38:35Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-10T00:38:37Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2024-12-10T00:38:37Z	INFO	[vuln] Vulnerability scanning is enabled
2024-12-10T00:38:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2024-12-10T00:38:37Z	INFO	[misconfig] Need to update the built-in checks
2024-12-10T00:38:37Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2024-12-10T00:38:39Z	INFO	[secret] Secret scanning is enabled
2024-12-10T00:38:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-12-10T00:38:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.58/docs/scanner/secret#recommendation for faster secret detection
2024-12-10T00:38:41Z	INFO	[terraform scanner] Scanning root module	file_path="."
2024-12-10T00:38:41Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
panic: value is null

goroutine 1 [running]:
github.com/zclconf/go-cty/cty.Value.AsString({{{0x58f5110?, 0xc00029d301?}}, {0x0?, 0x0?}})
	/home/runner/go/pkg/mod/github.com/zclconf/go-cty@v1.15.0/cty/value_ops.go:1390 +0x10b
github.com/aquasecurity/trivy/pkg/iac/terraform.postProcessValues(0xc008aa0fc0, 0xc00b4aa720)
	/home/runner/work/trivy/trivy/pkg/iac/terraform/presets.go:52 +0x393
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Block).Values(0xc008aa0fc0)
	/home/runner/work/trivy/trivy/pkg/iac/terraform/block.go:580 +0x185
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).getResources(0xc001b78780)
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:581 +0x18e
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateStep(0xc001b78780)
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:99 +0x195
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSteps(0xc001b78780)
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:246 +0x152
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc001b78780, {0x58f3078, 0xc00b8b83f0})
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:135 +0x1eb
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodule(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0}, 0xc00fd41240)
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:228 +0x1bc
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodules(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0}, 0xc008002ae0)
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:164 +0x43f
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xc00c4e5220, {0x58f3078, 0xc00b8b83f0})
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:142 +0x294
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).EvaluateAll(0xc0112750e0, {0x58f3078, 0xc00b8b83f0})
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/parser/parser.go:342 +0x90
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform.(*Scanner).ScanFS(0xc0016d1560, {0x58f3078, 0xc00b8b83f0}, {0x58b12c0, 0xc006758780}, {0x58959e8, 0x1})
	/home/runner/work/trivy/trivy/pkg/iac/scanners/terraform/scanner.go:132 +0x726
github.com/aquasecurity/trivy/pkg/misconf.(*Scanner).Scan(0xc0016b9740, {0x58f3120, 0xc000173490}, {0x58b12c0, 0xc000747d40})
	/home/runner/work/trivy/trivy/pkg/misconf/scanner.go:151 +0x297
github.com/aquasecurity/trivy/pkg/fanal/analyzer/config.(*Analyzer).PostAnalyze(0xc001697100, {0x58f3120?, 0xc000173490?}, {{0x58b12c0?, 0xc000747d40?}, {0x9?, 0x0?}})
	/home/runner/work/trivy/trivy/pkg/fanal/analyzer/config/config.go:44 +0x46
github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.PostAnalyze({0xc00144a0d0, {0xc001109000, 0x1f, 0x20}, {0xc000e4ee00, 0x16, 0x20}, 0xc00144ca80, {0x47ad91d, 0x7}}, ...)
	/home/runner/work/trivy/trivy/pkg/fanal/analyzer/analyzer.go:505 +0x2e2
github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect({{0x7ffda0f1cad4, 0x45}, {0x7fe9cf1890c8, 0xc000f98280}, {0x58b11e0, 0x827fc80}, {0xc00144a0d0, {0xc001109000, 0x1f, 0x20}, ...}, ...}, ...)
	/home/runner/work/trivy/trivy/pkg/fanal/artifact/local/fs.go:121 +0x4c9
github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact({{_, _}, {_, _}}, {_, _}, {{0xc001097780, 0x2, 0x2}, {0xc000d86900, ...}, ...})
	/home/runner/work/trivy/trivy/pkg/scanner/scan.go:156 +0x103
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan(_, {_, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:620 +0x32b
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact(_, {_, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:259 +0xb1
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanFS(_, {_, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
	/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:204 +0xc5
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).ScanFilesystem(_, {_, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, ...}, ...})
	/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:184 +0x211
github.com/aquasecurity/trivy/pkg/commands/artifact.Run({_, _}, {{{0x47c4a2d, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x45d964b800, {0xc000718d40, ...}, ...}, ...}, ...)
	/home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:385 +0x8cb
github.com/aquasecurity/trivy/pkg/commands.NewFilesystemCommand.func2(0xc000775b08, {0xc000ca2960, 0x1, 0xa})
	/home/runner/work/trivy/trivy/pkg/commands/app.go:383 +0x19c
github.com/spf13/cobra.(*Command).execute(0xc000775b08, {0xc000ca2820, 0xa, 0xa})
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:985 +0xaca
github.com/spf13/cobra.(*Command).ExecuteC(0xc000775208)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1117 +0x3ff
github.com/spf13/cobra.(*Command).Execute(0x48176bb?)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.8.1/command.go:1041 +0x13
main.run()
	/home/runner/work/trivy/trivy/cmd/trivy/main.go:39 +0x113
main.main()
	/home/runner/work/trivy/trivy/cmd/trivy/main.go:19 +0x1f
trivy_exitcode=2

dependabot · 2024-12-13T00:15:32Z

Superseded by #9071.

dependabot bot requested a review from a team as a code owner December 10, 2024 00:36

dependabot bot added dependencies Pull requests that update a dependency file terraform Pull requests that update Terraform code labels Dec 10, 2024

dependabot bot mentioned this pull request Dec 10, 2024

Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.0 in /terraform/environments/data-platform-apps-and-tools #8985

Closed

github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Dec 10, 2024

dependabot bot closed this Dec 13, 2024

dependabot bot deleted the dependabot/terraform/terraform/environments/data-platform-apps-and-tools/terraform-aws-modules/eks/aws-20.31.1 branch December 13, 2024 00:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1 in /terraform/environments/data-platform-apps-and-tools #9031

Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1 in /terraform/environments/data-platform-apps-and-tools #9031

dependabot bot commented on behalf of github Dec 10, 2024

github-actions bot commented Dec 10, 2024

dependabot bot commented on behalf of github Dec 13, 2024

Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1 in /terraform/environments/data-platform-apps-and-tools #9031

Bump terraform-aws-modules/eks/aws from 19.21.0 to 20.31.1 in /terraform/environments/data-platform-apps-and-tools #9031

Conversation

dependabot bot commented on behalf of github Dec 10, 2024

v20.31.1

20.31.1 (2024-12-09)

Bug Fixes

v20.31.0

20.31.0 (2024-12-04)

Features

v20.30.1

20.30.1 (2024-11-26)

Bug Fixes

v20.30.0

20.30.0 (2024-11-26)

Features

v20.29.0

20.29.0 (2024-11-08)

Features

v20.28.0

20.28.0 (2024-11-02)

Features

v20.27.0

20.27.0 (2024-11-01)

20.31.1 (2024-12-09)

Bug Fixes

20.31.0 (2024-12-04)

Features

20.30.1 (2024-11-26)

Bug Fixes

20.30.0 (2024-11-26)

Features

20.29.0 (2024-11-08)

Features

20.28.0 (2024-11-02)

Features

20.27.0 (2024-11-01)

Features

20.26.1 (2024-10-27)

github-actions bot commented Dec 10, 2024

Trivy Scan Failed

CTFLint Scan Failed

Trivy Scan Failed

dependabot bot commented on behalf of github Dec 13, 2024

`Trivy Scan` Failed

`CTFLint Scan` Failed

`Trivy Scan` Failed