Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: disable health check until maintenance mode implementation is finalized #538

Merged
merged 1 commit into from
Nov 16, 2023
Merged

feat: disable health check until maintenance mode implementation is finalized #538

merged 1 commit into from
Nov 16, 2023

Conversation

craigzour
Copy link
Contributor

Summary | Résumé

  • Disable health check until maintenance mode implementation is finalized

@craigzour craigzour self-assigned this Nov 16, 2023
@github-actions GitHub Actions
Copy link

⚠ Terrform update available

Terraform: 1.6.4 (using 1.4.2)
Terragrunt: 0.53.3 (using 0.46.3)

@github-actions GitHub Actions
Copy link

Staging: load_balancer

✅   Terraform Init: success
✅   Terraform Validate: success
✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

Plan: 0 to add, 2 to change, 0 to destroy
Show summary
CHANGE NAME
update aws_s3_bucket.maintenance_mode
aws_s3_bucket_policy.allow_cloudfront_to_access_static_website_in_s3
Show plan 
Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # data.aws_iam_policy_document.allow_cloudfront_to_access_static_website_in_s3 will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "allow_cloudfront_to_access_static_website_in_s3" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "s3:GetObject",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:s3:::gc-forms-application-maintenance-page",
              + "arn:aws:s3:::gc-forms-application-maintenance-page/*",
            ]

          + principals {
              + identifiers = [
                  + "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2PGE1KRH6OS33",
                ]
              + type        = "AWS"
            }
        }
    }

  # aws_s3_bucket.maintenance_mode will be updated in-place
  ~ resource "aws_s3_bucket" "maintenance_mode" {
        id                          = "gc-forms-application-maintenance-page"
        tags                        = {
            "CostCentre" = "forms-platform-staging"
            "Terraform"  = "true"
        }
        # (13 unchanged attributes hidden)

      - website {
          - index_document = "index.html" -> null
        }

        # (2 unchanged blocks hidden)
    }

  # aws_s3_bucket_policy.allow_cloudfront_to_access_static_website_in_s3 will be updated in-place
  ~ resource "aws_s3_bucket_policy" "allow_cloudfront_to_access_static_website_in_s3" {
        id     = "gc-forms-application-maintenance-page"
      ~ policy = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "s3:GetObject"
                      - Effect    = "Allow"
                      - Principal = {
                          - AWS = "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2PGE1KRH6OS33"
                        }
                      - Resource  = [
                          - "arn:aws:s3:::gc-forms-application-maintenance-page/*",
                          - "arn:aws:s3:::gc-forms-application-maintenance-page",
                        ]
                      - Sid       = ""
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        # (1 unchanged attribute hidden)
    }

Plan: 0 to add, 2 to change, 0 to destroy.

Warning: Argument is deprecated

  with aws_s3_bucket.firehose_waf_logs,
  on kinesis.tf line 30, in resource "aws_s3_bucket" "firehose_waf_logs":
  30: resource "aws_s3_bucket" "firehose_waf_logs" {

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

(and 5 more similar warnings elsewhere)

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"
Show Conftest results 
WARN - plan.json - main - Missing Common Tags: ["aws_s3_bucket_object.maintenance_static_page"]
WARN - plan.json - main - Missing Common Tags: ["aws_wafv2_regex_pattern_set.forms_base_url"]
WARN - plan.json - main - Missing Common Tags: ["aws_wafv2_regex_pattern_set.valid_app_uri_paths"]

22 tests, 19 passed, 3 warnings, 0 failures, 0 exceptions

@craigzour craigzour merged commit 41c7d0a into develop Nov 16, 2023
4 checks passed
@craigzour craigzour deleted the feature/disable-health-check-for-now branch November 16, 2023 16:55
@sre-read-write sre-read-write bot mentioned this pull request Nov 16, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bryan-robitaille bryan-robitaille bryan-robitaille approved these changes

Assignees

@craigzour craigzour

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@craigzour @bryan-robitaille