Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add P&E database credentials, update dependencies, upgrade aws terraform provider #1428

Merged
merged 30 commits into from
Apr 6, 2022

Conversation

aloftus23
Copy link
Contributor

@aloftus23 aloftus23 commented Apr 4, 2022

Fixes:

  • Added PE db creds
  • Updated mitmproxy to version 8.0.0 and cryptography to 36.0.2
  • Updated terraform config for Terraform AWS Provider Version 4 Error shown below:

Screen Shot 2022-04-04 at 2 38 26 PM

Solution (update configurations to their own resources):
hashicorp/terraform-provider-aws#23125 (comment)
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade

Copy link
Contributor

@epicfaace epicfaace left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

amazing! nice work fixing the terraform 🙌🏽, I had no idea what was happening 😄

@aloftus23 aloftus23 temporarily deployed to production April 6, 2022 13:31 Inactive
@aloftus23 aloftus23 temporarily deployed to staging April 6, 2022 13:31 Inactive
@aloftus23
Copy link
Contributor Author

aloftus23 commented Apr 6, 2022

@aloftus23 see https://stackoverflow.com/questions/61821567/how-do-i-obtain-a-default-value-when-a-tuple-is-empty-in-my-terraform-template

@epicfaace I added the conditional output for db-accessor so prod doesn't fail. Unfortunately, prevent_destroy doesn't have the functionality to actually ignore a resource replacement; just logs an error.
So I had to take it out. Any issues with the db_accessor resource getting destroyed in prod?

@epicfaace
Copy link
Contributor

So I had to take it out. Any issues with the db_accessor resource getting destroyed in prod?

We should be fine. We should just inspect the output of terraform plan to ensure nothing gets destroyed accidentally. It seems good: https://github.com/cisagov/crossfeed/runs/5851725992?check_suite_focus=true

@epicfaace epicfaace changed the title Fix issues with P&E scans Fix issues with P&E scans, upgrade aws terraform provider Apr 6, 2022
@epicfaace epicfaace changed the title Fix issues with P&E scans, upgrade aws terraform provider Fix issues with P&E scans, update dependencies, upgrade aws terraform provider Apr 6, 2022
@epicfaace epicfaace changed the title Fix issues with P&E scans, update dependencies, upgrade aws terraform provider Add P&E database credentials, update dependencies, upgrade aws terraform provider Apr 6, 2022
@epicfaace epicfaace merged commit 1275efd into master Apr 6, 2022
@epicfaace epicfaace deleted the AL-terraform-updates branch April 6, 2022 15:39
value = aws_instance.db_accessor[0].id
}
# output "db_accessor_instance_id" {
# value = try(aws_instance.db_accessor[0].id, null)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aloftus23 I think we should uncomment this out, could you do that in a separate PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants