Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/deployment issue regarding alarms rework 2 #430

Merged
merged 1 commit into from
Jul 11, 2023

Conversation

craigzour
Copy link
Contributor

Summary | Résumé

1-3 sentence description of the changed you're proposing, including a link to
a GitHub Issue # or Trello card if applicable.


Description en 1 à 3 phrases de la modification proposée, avec un lien vers le
problème (« issue ») GitHub ou la fiche Trello, le cas échéant.

Test instructions | Instructions pour tester la modification

Sequential steps (1., 2., 3., ...) that describe how to test this change. This
will help a developer test things out without too much detective work. Also,
include any environmental setup steps that aren't in the normal README steps
and/or any time-based elements that this requires.


Étapes consécutives (1., 2., 3., …) qui décrivent la façon de tester la
modification. Elles aideront les développeurs à faire des tests sans avoir à
jouer au détective. Veuillez aussi inclure toutes les étapes de configuration
de l’environnement qui ne font pas partie des étapes normales dans le fichier
README et tout élément temporel requis.

@craigzour craigzour self-assigned this Jul 11, 2023
@craigzour craigzour force-pushed the fix/deployment-issue-regarding-alarms-rework-2 branch from cb00435 to dce1ea4 Compare July 11, 2023 20:25
@craigzour craigzour force-pushed the fix/deployment-issue-regarding-alarms-rework-2 branch from dce1ea4 to 0006d04 Compare July 11, 2023 20:33
@github-actions
Copy link

⚠ Terrform update available

Terraform: 1.5.2 (using 1.4.2)
Terragrunt: 0.48.1 (using 0.46.3)

@github-actions
Copy link

Staging: alarms

✅   Terraform Init: success
✅   Terraform Validate: success
✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

⚠️   Warning: resources will be destroyed by this change!

Plan: 21 to add, 0 to change, 12 to destroy
Show summary
CHANGE NAME
recreate aws_lambda_function.notify_slack
aws_lambda_permission.allow_cloudwatch_to_run_lambda
aws_lambda_permission.notify_slack_critical
aws_lambda_permission.notify_slack_ok
aws_lambda_permission.notify_slack_ok_us_east
aws_lambda_permission.notify_slack_warning
aws_lambda_permission.notify_slack_warning_us_east
aws_sns_topic_subscription.topic_critical
aws_sns_topic_subscription.topic_ok
aws_sns_topic_subscription.topic_ok_us_east
aws_sns_topic_subscription.topic_warning
aws_sns_topic_subscription.topic_warning_us_east
add aws_cloudwatch_log_group.notify_slack
aws_cloudwatch_log_subscription_filter.archiver_log_stream
aws_cloudwatch_log_subscription_filter.audit_log_stream
aws_cloudwatch_log_subscription_filter.dlq_consumer_log_stream
aws_cloudwatch_log_subscription_filter.forms_app_log_stream
aws_cloudwatch_log_subscription_filter.forms_unhandled_error_steam
aws_cloudwatch_log_subscription_filter.nagware_log_stream
aws_cloudwatch_log_subscription_filter.reliability_log_stream
aws_cloudwatch_log_subscription_filter.template_archiver_log_stream
Show plan
Resource actions are indicated with the following symbols:
  + create
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # aws_cloudwatch_log_group.notify_slack will be created
  + resource "aws_cloudwatch_log_group" "notify_slack" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + kms_key_id        = "arn:aws:kms:ca-central-1:687401027353:key/c5c2a1c2-c092-4fa1-8daf-3414f3511b1d"
      + name              = "/aws/lambda/NotifySlack"
      + retention_in_days = 90
      + tags_all          = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.archiver_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "archiver_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/Archiver"
      + name            = "archiver_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.audit_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "audit_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/AuditLogs"
      + name            = "audit_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.dlq_consumer_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "dlq_consumer_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/DeadLetterQueueConsumer"
      + name            = "dql_consumer_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.forms_app_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "forms_app_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "Forms"
      + name            = "forms_app_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.forms_unhandled_error_steam will be created
  + resource "aws_cloudwatch_log_subscription_filter" "forms_unhandled_error_steam" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "Error -level"
      + id              = (known after apply)
      + log_group_name  = "Forms"
      + name            = "forms_unhandled_error_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.nagware_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "nagware_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/Nagware"
      + name            = "nagware_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.reliability_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "reliability_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/Reliability"
      + name            = "reliability_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_cloudwatch_log_subscription_filter.template_archiver_log_stream will be created
  + resource "aws_cloudwatch_log_subscription_filter" "template_archiver_log_stream" {
      + destination_arn = (known after apply)
      + distribution    = "ByLogStream"
      + filter_pattern  = "{($.level = \"warn\") || ($.level = \"error\")}"
      + id              = (known after apply)
      + log_group_name  = "/aws/lambda/ArchiveFormTemplates"
      + name            = "template_archiver_log_stream"
      + role_arn        = (known after apply)
    }

  # aws_lambda_function.notify_slack must be replaced
-/+ resource "aws_lambda_function" "notify_slack" {
      ~ architectures                  = [
          - "x86_64",
        ] -> (known after apply)
      ~ arn                            = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" -> (known after apply)
      ~ function_name                  = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id                             = "NotifySlackSNS" -> (known after apply)
      ~ invoke_arn                     = "arn:aws:apigateway:ca-central-1:lambda:path/2015-03-31/functions/arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS/invocations" -> (known after apply)
      ~ last_modified                  = "2023-07-11T20:15:07.539+0000" -> (known after apply)
      - layers                         = [] -> null
      ~ qualified_arn                  = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS:$LATEST" -> (known after apply)
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      ~ source_code_size               = 1608 -> (known after apply)
        tags                           = {
            "CostCentre" = "forms-platform-staging"
            "Terraform"  = "true"
        }
      ~ version                        = "$LATEST" -> (known after apply)
        # (11 unchanged attributes hidden)

        # (2 unchanged blocks hidden)
    }

  # aws_lambda_permission.allow_cloudwatch_to_run_lambda must be replaced
-/+ resource "aws_lambda_permission" "allow_cloudwatch_to_run_lambda" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromCloudWatch" -> (known after apply)
      ~ principal     = "events.amazonaws.com" -> "logs.amazonaws.com" # forces replacement
        # (3 unchanged attributes hidden)
    }

  # aws_lambda_permission.notify_slack_critical must be replaced
-/+ resource "aws_lambda_permission" "notify_slack_critical" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromSNSCriticalAlert" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # aws_lambda_permission.notify_slack_ok must be replaced
-/+ resource "aws_lambda_permission" "notify_slack_ok" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromSNSOkAlert" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # aws_lambda_permission.notify_slack_ok_us_east must be replaced
-/+ resource "aws_lambda_permission" "notify_slack_ok_us_east" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromSNSOkAlertUSEast" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # aws_lambda_permission.notify_slack_warning must be replaced
-/+ resource "aws_lambda_permission" "notify_slack_warning" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromSNSWarningAlert" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # aws_lambda_permission.notify_slack_warning_us_east must be replaced
-/+ resource "aws_lambda_permission" "notify_slack_warning_us_east" {
      ~ function_name = "NotifySlackSNS" -> "NotifySlack" # forces replacement
      ~ id            = "AllowExecutionFromSNSWarningAlertUSEast" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # aws_sns_topic_subscription.topic_critical must be replaced
-/+ resource "aws_sns_topic_subscription" "topic_critical" {
      ~ arn                             = "arn:aws:sns:ca-central-1:687401027353:alert-critical:2f618f4f-fb22-4d75-9b9e-eb790a180e3e" -> (known after apply)
      ~ confirmation_was_authenticated  = true -> (known after apply)
      ~ endpoint                        = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" # forces replacement -> (known after apply)
      ~ id                              = "arn:aws:sns:ca-central-1:687401027353:alert-critical:2f618f4f-fb22-4d75-9b9e-eb790a180e3e" -> (known after apply)
      ~ owner_id                        = "687401027353" -> (known after apply)
      ~ pending_confirmation            = false -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # aws_sns_topic_subscription.topic_ok must be replaced
-/+ resource "aws_sns_topic_subscription" "topic_ok" {
      ~ arn                             = "arn:aws:sns:ca-central-1:687401027353:alert-ok:674ef27d-9dec-442c-b7f3-fa4a3b7d4328" -> (known after apply)
      ~ confirmation_was_authenticated  = true -> (known after apply)
      ~ endpoint                        = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" # forces replacement -> (known after apply)
      ~ id                              = "arn:aws:sns:ca-central-1:687401027353:alert-ok:674ef27d-9dec-442c-b7f3-fa4a3b7d4328" -> (known after apply)
      ~ owner_id                        = "687401027353" -> (known after apply)
      ~ pending_confirmation            = false -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # aws_sns_topic_subscription.topic_ok_us_east must be replaced
-/+ resource "aws_sns_topic_subscription" "topic_ok_us_east" {
      ~ arn                             = "arn:aws:sns:us-east-1:687401027353:alert-ok:e34cabe2-edd7-445c-a2b9-afee99493a22" -> (known after apply)
      ~ confirmation_was_authenticated  = true -> (known after apply)
      ~ endpoint                        = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" # forces replacement -> (known after apply)
      ~ id                              = "arn:aws:sns:us-east-1:687401027353:alert-ok:e34cabe2-edd7-445c-a2b9-afee99493a22" -> (known after apply)
      ~ owner_id                        = "687401027353" -> (known after apply)
      ~ pending_confirmation            = false -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # aws_sns_topic_subscription.topic_warning must be replaced
-/+ resource "aws_sns_topic_subscription" "topic_warning" {
      ~ arn                             = "arn:aws:sns:ca-central-1:687401027353:alert-warning:e44a57ea-2a97-48fa-9e4f-63ef3fb0c630" -> (known after apply)
      ~ confirmation_was_authenticated  = true -> (known after apply)
      ~ endpoint                        = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" # forces replacement -> (known after apply)
      ~ id                              = "arn:aws:sns:ca-central-1:687401027353:alert-warning:e44a57ea-2a97-48fa-9e4f-63ef3fb0c630" -> (known after apply)
      ~ owner_id                        = "687401027353" -> (known after apply)
      ~ pending_confirmation            = false -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # aws_sns_topic_subscription.topic_warning_us_east must be replaced
-/+ resource "aws_sns_topic_subscription" "topic_warning_us_east" {
      ~ arn                             = "arn:aws:sns:us-east-1:687401027353:alert-warning:ddcaa6db-dda0-4a69-8e01-2a85f79a56c2" -> (known after apply)
      ~ confirmation_was_authenticated  = true -> (known after apply)
      ~ endpoint                        = "arn:aws:lambda:ca-central-1:687401027353:function:NotifySlackSNS" # forces replacement -> (known after apply)
      ~ id                              = "arn:aws:sns:us-east-1:687401027353:alert-warning:ddcaa6db-dda0-4a69-8e01-2a85f79a56c2" -> (known after apply)
      ~ owner_id                        = "687401027353" -> (known after apply)
      ~ pending_confirmation            = false -> (known after apply)
        # (5 unchanged attributes hidden)
    }

Plan: 21 to add, 0 to change, 12 to destroy.

Warning: Argument is deprecated

  with module.athena_bucket.aws_s3_bucket.this,
  on .terraform/modules/athena_bucket/S3/main.tf line 8, in resource "aws_s3_bucket" "this":
   8: resource "aws_s3_bucket" "this" {

Use the aws_s3_bucket_server_side_encryption_configuration resource instead

(and 8 more similar warnings elsewhere)

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"
Show Conftest results
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.notify_slack"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.alb_ddos"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.route53_ddos"]

20 tests, 17 passed, 3 warnings, 0 failures, 0 exceptions

@craigzour craigzour merged commit 4c77f00 into develop Jul 11, 2023
@craigzour craigzour deleted the fix/deployment-issue-regarding-alarms-rework-2 branch July 11, 2023 20:44
bryan-robitaille added a commit that referenced this pull request Aug 16, 2023
* chore: new workflow for full infrastructure plan against staging (#424)

* feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)

* add cloudwatch logs expiry

* rename slack lambda function

* add cloudwatch expiry to cognito lambdas

* update lambda for new streams

* remove redundant alarms

* create log subscriptions for all lambdas

* reliability and submission lambda error processing

* add error property

* Nagware updates

* archive form responses updates

* dlq consumer

* update yarn lock for archive form responses

* update slack messaging to include more info

* archive form templates updates

* audit logs processor lambda updates

* formatting

* fix cloudwatch block scope

* removed included file in lib package for nagware lambda because it does not exist anymore

* fix security issues and add permissions

* missed kms entry on resource

* add missing input var

* Add missing vars on alarm module

* typo in module def for alarms

* fix typo

* fixed few issues

---------

Co-authored-by: Bryan Robitaille <[email protected]>

* Revert "feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)" (#426)

This reverts commit 7f502df.

* Revert "Revert "feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)" (#426)" (#428)

This reverts commit 063e411.

* fix: permission for Cloudwatch to run Notify Slack lambda (#429)

* fix: permission for Cloudwatch to run Notify Slack lambda (second attempt) (#430)

* fix: Terraform module version reference (#427)

Update the Terraform module version references so
they are in the correct format.  This will allow Renovate
dependency PRs to update them module versions
without stripping the `//sub-directory` path.

* feat: added missing cloudwatch subscription filter for submission logs (#431)

* feat: added missing cloudwatch subscription filter for submission logs

* chore: remove reliability queue alarm that is not needed anymore

* chore: format all console logs in JSON (#432)

* fix: multiple issues with NotifySlack lambda (#434)

* chore(deps): update all non-major github action dependencies (#418)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update all non-major docker images (#417)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update WAF rules to support newly added URIs (#433)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* disabled waf regex till provider is merged (#435)

* Attempt to fix waf limit exceeded error (#437)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* Fix/add missing regex comp (#438)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* add missing regex component to match path

* removed duplicated expression

* removed duplicate expression

* Fix WAF InvalidParameterException (#439)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* add missing regex component to match path

* removed duplicated expression

* removed duplicate expression

* refactor capture group, and restricted capture for home page

* fix invalid syntax (#441)

* Restore missing output for lambda function name (#443)

* feat: nagware sends email to all template associated users (#442)

* feat: nagware sends email to all template associated users

* fix: spelling

* Feature/alarm for privileges (#445)

* Remove unknown error ref

* Add events to listen for by subscriber

* fix destructuring

* Feat/dontnagtestresponse (#449)

* feat: delete overdue draft form responses and dont nag

Signed-off-by: Daine Trinidad <[email protected]>

* chore: reverting some changes for lockfile

Signed-off-by: Daine Trinidad <[email protected]>

* chore: some cleanup

Signed-off-by: Daine Trinidad <[email protected]>

* chore: re-adding template file that got lost during merge

Signed-off-by: Daine Trinidad <[email protected]>

* chore: removing file again for cleaner diff and history

Signed-off-by: Daine Trinidad <[email protected]>

* chore: fixed file refactor

Signed-off-by: Daine Trinidad <[email protected]>

* fix: refactor missed the terraform file; fixed the new name for the file

Signed-off-by: Daine Trinidad <[email protected]>

* fix: horrible typo, missing 's'

Signed-off-by: Daine Trinidad <[email protected]>

* fix: move var declaration inside try catch & comment cleanup

Signed-off-by: Daine Trinidad <[email protected]>

---------

Signed-off-by: Daine Trinidad <[email protected]>

* doc: update readme to inform about signed commits on this repo (#450)

* feat: added severity level to alarms being sent to Slack (#451)

* add path for profile (#453)

* chore(deps): update all non-major github action dependencies (#447)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update all non-major docker images (#446)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): lock file maintenance (#419)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Bump version

* update version

* refactor: rework Nagware warning message being sent to Slack (#457)

* fix: nagware notification layout (#460)

* Host header fix (#461)

---------

Signed-off-by: Daine Trinidad <[email protected]>
Co-authored-by: Clément JANIN <[email protected]>
Co-authored-by: Pat Heard <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Raphael <[email protected]>
Co-authored-by: Dave Samojlenko <[email protected]>
Co-authored-by: Daine Trinidad <[email protected]>
Co-authored-by: Tim Arney <[email protected]>
craigzour added a commit that referenced this pull request Aug 17, 2023
* chore: new workflow for full infrastructure plan against staging (#424)

* feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)

* add cloudwatch logs expiry

* rename slack lambda function

* add cloudwatch expiry to cognito lambdas

* update lambda for new streams

* remove redundant alarms

* create log subscriptions for all lambdas

* reliability and submission lambda error processing

* add error property

* Nagware updates

* archive form responses updates

* dlq consumer

* update yarn lock for archive form responses

* update slack messaging to include more info

* archive form templates updates

* audit logs processor lambda updates

* formatting

* fix cloudwatch block scope

* removed included file in lib package for nagware lambda because it does not exist anymore

* fix security issues and add permissions

* missed kms entry on resource

* add missing input var

* Add missing vars on alarm module

* typo in module def for alarms

* fix typo

* fixed few issues

---------

Co-authored-by: Bryan Robitaille <[email protected]>

* Revert "feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)" (#426)

This reverts commit 7f502df.

* Revert "Revert "feat: use Lambda and Cloudwatch Logs to send reviewed alarms to Slack channels (#421)" (#426)" (#428)

This reverts commit 063e411.

* fix: permission for Cloudwatch to run Notify Slack lambda (#429)

* fix: permission for Cloudwatch to run Notify Slack lambda (second attempt) (#430)

* fix: Terraform module version reference (#427)

Update the Terraform module version references so
they are in the correct format.  This will allow Renovate
dependency PRs to update them module versions
without stripping the `//sub-directory` path.

* feat: added missing cloudwatch subscription filter for submission logs (#431)

* feat: added missing cloudwatch subscription filter for submission logs

* chore: remove reliability queue alarm that is not needed anymore

* chore: format all console logs in JSON (#432)

* fix: multiple issues with NotifySlack lambda (#434)

* chore(deps): update all non-major github action dependencies (#418)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update all non-major docker images (#417)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update WAF rules to support newly added URIs (#433)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* disabled waf regex till provider is merged (#435)

* Attempt to fix waf limit exceeded error (#437)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* Fix/add missing regex comp (#438)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* add missing regex component to match path

* removed duplicated expression

* removed duplicate expression

* Fix WAF InvalidParameterException (#439)

* updated regex pattern to support newly added uris

* add page

* fix typo in resource name

* fix undo introduced typo

* try updating resource type to wafv1 where regex_pattern_strings is supported else will fallback on regular regex_string template

* reset staging state:disabled regex till the provider upgrade is merged

* attempt to fix waf limit exceeded error

* renamed rule

* fix undeclared resource name

* attempt to fix resource name mismatch

* add missing regex component to match path

* removed duplicated expression

* removed duplicate expression

* refactor capture group, and restricted capture for home page

* fix invalid syntax (#441)

* Restore missing output for lambda function name (#443)

* feat: nagware sends email to all template associated users (#442)

* feat: nagware sends email to all template associated users

* fix: spelling

* Feature/alarm for privileges (#445)

* Remove unknown error ref

* Add events to listen for by subscriber

* fix destructuring

* Feat/dontnagtestresponse (#449)

* feat: delete overdue draft form responses and dont nag

Signed-off-by: Daine Trinidad <[email protected]>

* chore: reverting some changes for lockfile

Signed-off-by: Daine Trinidad <[email protected]>

* chore: some cleanup

Signed-off-by: Daine Trinidad <[email protected]>

* chore: re-adding template file that got lost during merge

Signed-off-by: Daine Trinidad <[email protected]>

* chore: removing file again for cleaner diff and history

Signed-off-by: Daine Trinidad <[email protected]>

* chore: fixed file refactor

Signed-off-by: Daine Trinidad <[email protected]>

* fix: refactor missed the terraform file; fixed the new name for the file

Signed-off-by: Daine Trinidad <[email protected]>

* fix: horrible typo, missing 's'

Signed-off-by: Daine Trinidad <[email protected]>

* fix: move var declaration inside try catch & comment cleanup

Signed-off-by: Daine Trinidad <[email protected]>

---------

Signed-off-by: Daine Trinidad <[email protected]>

* doc: update readme to inform about signed commits on this repo (#450)

* feat: added severity level to alarms being sent to Slack (#451)

* add path for profile (#453)

* chore(deps): update all non-major github action dependencies (#447)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update all non-major docker images (#446)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): lock file maintenance (#419)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* refactor: rework Nagware warning message being sent to Slack (#457)

* fix: nagware notification layout (#460)

* Host header fix (#461)

* release: 3.2.0 (#458)

* fix: use valid ReCaptcha site key for production environment (#462)

* release 3.2.1

---------

Signed-off-by: Daine Trinidad <[email protected]>
Co-authored-by: Bryan Robitaille <[email protected]>
Co-authored-by: Bryan Robitaille <[email protected]>
Co-authored-by: Pat Heard <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Raphael <[email protected]>
Co-authored-by: Dave Samojlenko <[email protected]>
Co-authored-by: Daine Trinidad <[email protected]>
Co-authored-by: Tim Arney <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants