From 490aa4e0d154a61db10606bce23ad82123b780fe Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Tue, 7 Jan 2025 12:22:35 +0000 Subject: [PATCH 1/3] :wrench: Update image versions --- .../environment-configuration.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/terraform/environments/analytical-platform-ingestion/environment-configuration.tf b/terraform/environments/analytical-platform-ingestion/environment-configuration.tf index 516cc0f9fa7..faa96ea33c4 100644 --- a/terraform/environments/analytical-platform-ingestion/environment-configuration.tf +++ b/terraform/environments/analytical-platform-ingestion/environment-configuration.tf @@ -20,9 +20,9 @@ locals { ] /* Image Versions */ - scan_image_version = "0.1.3" - transfer_image_version = "0.0.18" - notify_image_version = "0.0.19" + scan_image_version = "0.1.4" + transfer_image_version = "0.0.19" + notify_image_version = "0.0.20" /* Target Buckets */ target_buckets = ["mojap-land-dev"] @@ -65,9 +65,9 @@ locals { ] /* Image Versions */ - scan_image_version = "0.1.3" - transfer_image_version = "0.0.18" - notify_image_version = "0.0.19" + scan_image_version = "0.1.4" + transfer_image_version = "0.0.19" + notify_image_version = "0.0.20" /* Target Buckets */ target_buckets = ["mojap-land", "mojap-ingestion-${local.environment}-ext-2024-target"] From 55cba8c5bb8cf6f8372335fa13dd3c1642daf3e4 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Tue, 7 Jan 2025 16:13:15 +0000 Subject: [PATCH 2/3] Remove JML Lambda and dependencies --- .../cloudwatch-event-rules.tf | 6 -- .../cloudwatch-event-targets.tf | 7 -- .../data-platform-apps-and-tools/data.tf | 16 ----- .../lambda-functions.tf | 65 ------------------- .../data-platform-apps-and-tools/secrets.tf | 13 ---- 5 files changed, 107 deletions(-) delete mode 100644 terraform/environments/data-platform-apps-and-tools/cloudwatch-event-rules.tf delete mode 100644 terraform/environments/data-platform-apps-and-tools/cloudwatch-event-targets.tf delete mode 100644 terraform/environments/data-platform-apps-and-tools/lambda-functions.tf diff --git a/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-rules.tf b/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-rules.tf deleted file mode 100644 index 4c7bd8e8fa1..00000000000 --- a/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-rules.tf +++ /dev/null @@ -1,6 +0,0 @@ -resource "aws_cloudwatch_event_rule" "jml_lambda_trigger" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - name = "jml-lambda-trigger" - schedule_expression = "cron(0 2 1 * ? *)" -} diff --git a/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-targets.tf b/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-targets.tf deleted file mode 100644 index a7cd1a490a3..00000000000 --- a/terraform/environments/data-platform-apps-and-tools/cloudwatch-event-targets.tf +++ /dev/null @@ -1,7 +0,0 @@ -resource "aws_cloudwatch_event_target" "jml_lambda_trigger" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - rule = aws_cloudwatch_event_rule.jml_lambda_trigger[0].name - target_id = "jml-lambda-trigger" - arn = module.jml_extract_lambda[0].lambda_function_arn -} diff --git a/terraform/environments/data-platform-apps-and-tools/data.tf b/terraform/environments/data-platform-apps-and-tools/data.tf index ac3e45e1363..0672166494a 100644 --- a/terraform/environments/data-platform-apps-and-tools/data.tf +++ b/terraform/environments/data-platform-apps-and-tools/data.tf @@ -82,19 +82,3 @@ data "aws_secretsmanager_secret_version" "openmetadata_entra_id_client_id" { data "aws_secretsmanager_secret_version" "openmetadata_entra_id_tenant_id" { secret_id = "openmetadata/entra-id/tenant-id" } - -################################################## -# Data Platform Apps and Tools JML -################################################## - -data "aws_secretsmanager_secret_version" "govuk_notify_api_key" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - secret_id = aws_secretsmanager_secret.govuk_notify_api_key[0].id -} - -data "aws_secretsmanager_secret_version" "jml_email" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - secret_id = aws_secretsmanager_secret.jml_email[0].id -} diff --git a/terraform/environments/data-platform-apps-and-tools/lambda-functions.tf b/terraform/environments/data-platform-apps-and-tools/lambda-functions.tf deleted file mode 100644 index c78a1a6afae..00000000000 --- a/terraform/environments/data-platform-apps-and-tools/lambda-functions.tf +++ /dev/null @@ -1,65 +0,0 @@ -module "jml_extract_lambda" { - #checkov:skip=CKV_TF_1:Module is from Terraform registry - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - source = "terraform-aws-modules/lambda/aws" - version = "~> 6.0" - - publish = true - create_package = false - - function_name = "data_platform_jml_extract" - description = "Generates a JML report and sends it to JMLv4" - package_type = "Image" - memory_size = 512 - timeout = 120 - image_uri = "374269020027.dkr.ecr.eu-west-2.amazonaws.com/data-platform-jml-extract-lambda-ecr-repo:1.0.3" - - environment_variables = { - SECRET_ID = data.aws_secretsmanager_secret_version.govuk_notify_api_key[0].id - LOG_GROUP_NAMES = module.auth0_log_streams["alpha-analytics-moj"].cloudwatch_log_group_name - EMAIL_SECRET = data.aws_secretsmanager_secret_version.jml_email[0].id - TEMPLATE_ID = "de618989-db86-4d9a-aa55-4724d5485fa5" - } - - attach_policy_statements = true - policy_statements = { - "cloudwatch" = { - sid = "CloudWatch" - effect = "Allow" - actions = [ - "cloudwatch:GenerateQuery", - "logs:DescribeLogStreams", - "logs:DescribeLogGroups", - "logs:GetLogEvents", - "logs:StartQuery", - "logs:StopQuery", - "logs:GetQueryExecution", - "logs:GetQueryResults" - ] - resources = [ - "${module.auth0_log_streams["alpha-analytics-moj"].cloudwatch_log_group_arn}:*" - ] - } - "secretsmanager" = { - sid = "SecretsManager" - effect = "Allow" - actions = [ - "secretsmanager:DescribeSecret", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecrets" - ] - resources = [ - aws_secretsmanager_secret.govuk_notify_api_key[0].arn, - aws_secretsmanager_secret.jml_email[0].arn - ] - } - } - - allowed_triggers = { - "eventbridge" = { - principal = "events.amazonaws.com" - source_arn = aws_cloudwatch_event_rule.jml_lambda_trigger[0].arn - } - } -} diff --git a/terraform/environments/data-platform-apps-and-tools/secrets.tf b/terraform/environments/data-platform-apps-and-tools/secrets.tf index 6b85dcdadb2..2162ce78455 100644 --- a/terraform/environments/data-platform-apps-and-tools/secrets.tf +++ b/terraform/environments/data-platform-apps-and-tools/secrets.tf @@ -34,16 +34,3 @@ resource "aws_secretsmanager_secret" "github_app_arc_private_key" { name = "github/arc/private-key" } -# Create a new secret in AWS SecretsManager for Gov.UK Notify API key -resource "aws_secretsmanager_secret" "govuk_notify_api_key" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - name = "gov-uk-notify/production/api-key" -} - -# Email secret for Lambda function -resource "aws_secretsmanager_secret" "jml_email" { - count = terraform.workspace == "data-platform-apps-and-tools-production" ? 1 : 0 - - name = "jml/email" -} From a63701f1c5ea04f567d61a5366bb87ce6b86cbfe Mon Sep 17 00:00:00 2001 From: dms1981 Date: Thu, 9 Jan 2025 09:10:48 +0000 Subject: [PATCH 3/3] Reinstate missing ecosystem for devcontainers (#9265) reinstated missing ecosystem for devcontainers --- scripts/generate-dependabot-file.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/generate-dependabot-file.sh b/scripts/generate-dependabot-file.sh index 3ba123fd2cf..3f8313430b7 100755 --- a/scripts/generate-dependabot-file.sh +++ b/scripts/generate-dependabot-file.sh @@ -27,6 +27,12 @@ updates: directory: "/" schedule: interval: "daily" + - package-ecosystem: "devcontainers" + directory: "/" + schedule: + interval: "daily" + reviewers: + - "ministryofjustice/devcontainer-community" EOL echo "Generating entry for Terraform ecosystem"