Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

circle ci to yjaf #8882

Merged
merged 8 commits into from
Jan 9, 2025
Merged

circle ci to yjaf #8882

merged 8 commits into from
Jan 9, 2025

Conversation

ep-93
Copy link
Contributor

@ep-93 ep-93 commented Jan 9, 2025
edited
Loading

A reference to the issue / Description of it

Circle CI integration is required for YJAF migration

How does this PR fix the problem?

It adds it.

How has this been tested?

Ive deployed it to DPR with no issues, so have copied the same approach

Deployment Plan / Instructions

Nothing is live yet, no impact.

Checklist (check x in [ ] of list items)

  • I have performed a self-review of my own code
  • All checks have passed
  • Plan and discussed how it should be deployed to PROD (If needed)

@ep-93 ep-93 requested a review from a team as a code owner January 9, 2025 10:26
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:28:55Z INFO [vulndb] Need to update DB
2025-01-09T10:28:55Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T10:28:55Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:28:57Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:28:57Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T10:28:57Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T10:28:57Z INFO [misconfig] Need to update the built-in checks
2025-01-09T10:28:57Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T10:28:57Z INFO [secret] Secret scanning is enabled
2025-01-09T10:28:57Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:28:57Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:28:58Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T10:28:58Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T10:28:58Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:28:58Z INFO Number of language-specific files num=0
2025-01-09T10:28:58Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:28:55Z	INFO	[vulndb] Need to update DB
2025-01-09T10:28:55Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T10:28:55Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:28:57Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:28:57Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T10:28:57Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T10:28:57Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T10:28:57Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T10:28:57Z	INFO	[secret] Secret scanning is enabled
2025-01-09T10:28:57Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:28:57Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:28:58Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T10:28:58Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T10:28:58Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:28:58Z	INFO	Number of language-specific files	num=0
2025-01-09T10:28:58Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:35:24Z INFO [vulndb] Need to update DB
2025-01-09T10:35:24Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T10:35:24Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:35:26Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:35:26Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T10:35:26Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T10:35:26Z INFO [misconfig] Need to update the built-in checks
2025-01-09T10:35:26Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T10:35:27Z INFO [secret] Secret scanning is enabled
2025-01-09T10:35:27Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:35:27Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:35:28Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T10:35:28Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T10:35:28Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:35:28Z INFO Number of language-specific files num=0
2025-01-09T10:35:28Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:35:24Z	INFO	[vulndb] Need to update DB
2025-01-09T10:35:24Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T10:35:24Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:35:26Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:35:26Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T10:35:26Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T10:35:26Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T10:35:26Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T10:35:27Z	INFO	[secret] Secret scanning is enabled
2025-01-09T10:35:27Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:35:27Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:35:28Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T10:35:28Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T10:35:28Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:35:28Z	INFO	Number of language-specific files	num=0
2025-01-09T10:35:28Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:59:35Z INFO [vulndb] Need to update DB
2025-01-09T10:59:35Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T10:59:35Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:59:37Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:59:37Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T10:59:37Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T10:59:37Z INFO [misconfig] Need to update the built-in checks
2025-01-09T10:59:37Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T10:59:37Z INFO [secret] Secret scanning is enabled
2025-01-09T10:59:37Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:59:37Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:59:38Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T10:59:38Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T10:59:38Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:59:38Z INFO Number of language-specific files num=0
2025-01-09T10:59:38Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T10:59:35Z	INFO	[vulndb] Need to update DB
2025-01-09T10:59:35Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T10:59:35Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:59:37Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T10:59:37Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T10:59:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T10:59:37Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T10:59:37Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T10:59:37Z	INFO	[secret] Secret scanning is enabled
2025-01-09T10:59:37Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T10:59:37Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T10:59:38Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T10:59:38Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T10:59:38Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T10:59:38Z	INFO	Number of language-specific files	num=0
2025-01-09T10:59:38Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:30:35Z INFO [vulndb] Need to update DB
2025-01-09T15:30:35Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T15:30:35Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:30:37Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:30:37Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:30:37Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:30:37Z INFO [misconfig] Need to update the built-in checks
2025-01-09T15:30:37Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:30:39Z INFO [secret] Secret scanning is enabled
2025-01-09T15:30:39Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:30:39Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:30:40Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:30:40Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:30:40Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:30:40Z INFO Number of language-specific files num=0
2025-01-09T15:30:40Z INFO Detected config files num=2
trivy_exitcode=0

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:30:40Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:30:40Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:30:40Z INFO [secret] Secret scanning is enabled
2025-01-09T15:30:40Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:30:40Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:30:41Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:30:41Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:30:41Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:30:42Z INFO Number of language-specific files num=0
2025-01-09T15:30:42Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:30:35Z	INFO	[vulndb] Need to update DB
2025-01-09T15:30:35Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T15:30:35Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:30:37Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:30:37Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:30:37Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:30:37Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T15:30:37Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:30:39Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:30:39Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:30:39Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:30:40Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:30:40Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:30:40Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:30:40Z	INFO	Number of language-specific files	num=0
2025-01-09T15:30:40Z	INFO	Detected config files	num=2
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:30:40Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:30:40Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:30:40Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:30:40Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:30:40Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:30:41Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:30:41Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:30:41Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:30:42Z	INFO	Number of language-specific files	num=0
2025-01-09T15:30:42Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:38:22Z INFO [vulndb] Need to update DB
2025-01-09T15:38:22Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T15:38:22Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:38:24Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:38:24Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:38:24Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:38:24Z INFO [misconfig] Need to update the built-in checks
2025-01-09T15:38:24Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:38:24Z INFO [secret] Secret scanning is enabled
2025-01-09T15:38:24Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:38:24Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:38:25Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:38:25Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:38:25Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:38:26Z INFO Number of language-specific files num=0
2025-01-09T15:38:26Z INFO Detected config files num=2
trivy_exitcode=0

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:38:26Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:38:26Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:38:26Z INFO [secret] Secret scanning is enabled
2025-01-09T15:38:26Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:38:26Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:38:27Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:38:27Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:38:27Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:38:27Z INFO Number of language-specific files num=0
2025-01-09T15:38:27Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:38:22Z	INFO	[vulndb] Need to update DB
2025-01-09T15:38:22Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T15:38:22Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:38:24Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:38:24Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:38:24Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:38:24Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T15:38:24Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:38:24Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:38:24Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:38:24Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:38:25Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:38:25Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:38:25Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:38:26Z	INFO	Number of language-specific files	num=0
2025-01-09T15:38:26Z	INFO	Detected config files	num=2
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:38:26Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:38:26Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:38:26Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:38:26Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:38:26Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:38:27Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:38:27Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:38:27Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:38:27Z	INFO	Number of language-specific files	num=0
2025-01-09T15:38:27Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:39:10Z INFO [vulndb] Need to update DB
2025-01-09T15:39:10Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T15:39:10Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:39:12Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:39:12Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:39:12Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:39:12Z INFO [misconfig] Need to update the built-in checks
2025-01-09T15:39:12Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T15:39:12Z INFO [secret] Secret scanning is enabled
2025-01-09T15:39:12Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:39:12Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:39:13Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:39:13Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:39:13Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:39:13Z INFO Number of language-specific files num=0
2025-01-09T15:39:13Z INFO Detected config files num=2
trivy_exitcode=0

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:39:13Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:39:13Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:39:13Z INFO [secret] Secret scanning is enabled
2025-01-09T15:39:13Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:39:13Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:39:14Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:39:14Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:39:14Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:39:14Z INFO Number of language-specific files num=0
2025-01-09T15:39:14Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 7:
   7: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:39:10Z	INFO	[vulndb] Need to update DB
2025-01-09T15:39:10Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T15:39:10Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:39:12Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:39:12Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:39:12Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:39:12Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T15:39:12Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T15:39:12Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:39:12Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:39:12Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:39:13Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:39:13Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:39:13Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:39:13Z	INFO	Number of language-specific files	num=0
2025-01-09T15:39:13Z	INFO	Detected config files	num=2
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:39:13Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:39:13Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:39:13Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:39:13Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:39:13Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:39:14Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:39:14Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:39:14Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:39:14Z	INFO	Number of language-specific files	num=0
2025-01-09T15:39:14Z	INFO	Detected config files	num=2
trivy_exitcode=0

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:43:52Z INFO [vulndb] Need to update DB
2025-01-09T15:43:52Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T15:43:52Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:43:54Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:43:54Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:43:54Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:43:54Z INFO [misconfig] Need to update the built-in checks
2025-01-09T15:43:54Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:43:54Z INFO [secret] Secret scanning is enabled
2025-01-09T15:43:54Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:43:54Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:43:55Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:43:55Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:43:55Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:43:55Z INFO Number of language-specific files num=0
2025-01-09T15:43:55Z INFO Detected config files num=2
trivy_exitcode=0

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:43:55Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:43:55Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:43:55Z INFO [secret] Secret scanning is enabled
2025-01-09T15:43:55Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:43:55Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:43:56Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:43:56Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:43:56Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:43:57Z INFO Number of language-specific files num=0
2025-01-09T15:43:57Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "tls" in `required_providers` (terraform_required_providers)

  on terraform/environments/youth-justice-app-framework/data.tf line 8:
   8: data "tls_certificate" "circleci" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.9.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:43:52Z	INFO	[vulndb] Need to update DB
2025-01-09T15:43:52Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T15:43:52Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:43:54Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:43:54Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:43:54Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:43:54Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T15:43:54Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2025-01-09T15:43:54Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:43:54Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:43:54Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:43:55Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:43:55Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:43:55Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:43:55Z	INFO	Number of language-specific files	num=0
2025-01-09T15:43:55Z	INFO	Detected config files	num=2
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:43:55Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:43:55Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:43:55Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:43:55Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:43:55Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:43:56Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:43:56Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:43:56Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:43:57Z	INFO	Number of language-specific files	num=0
2025-01-09T15:43:57Z	INFO	Detected config files	num=2
trivy_exitcode=0

@ep-93 ep-93 deployed to development January 9, 2025 15:46 — with GitHub Actions Active
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 9, 2025

Trivy Scan Success

Show Output ```hcl

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:47:05Z INFO [vulndb] Need to update DB
2025-01-09T15:47:05Z INFO [vulndb] Downloading vulnerability DB...
2025-01-09T15:47:05Z INFO [vulndb] Downloading artifact... repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:47:07Z INFO [vulndb] Artifact successfully downloaded repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:47:07Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:47:07Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:47:07Z INFO [misconfig] Need to update the built-in checks
2025-01-09T15:47:07Z INFO [misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T15:47:09Z INFO [secret] Secret scanning is enabled
2025-01-09T15:47:09Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:47:09Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:47:10Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:47:10Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:47:10Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:47:10Z INFO Number of language-specific files num=0
2025-01-09T15:47:10Z INFO Detected config files num=2
trivy_exitcode=0

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:47:10Z INFO [vuln] Vulnerability scanning is enabled
2025-01-09T15:47:10Z INFO [misconfig] Misconfiguration scanning is enabled
2025-01-09T15:47:10Z INFO [secret] Secret scanning is enabled
2025-01-09T15:47:10Z INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:47:10Z INFO [secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:47:11Z INFO [terraform scanner] Scanning root module file_path="."
2025-01-09T15:47:11Z WARN [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly. module="root" variables="networking"
2025-01-09T15:47:11Z ERROR [terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable. block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:47:11Z INFO Number of language-specific files num=0
2025-01-09T15:47:11Z INFO Detected config files num=2
trivy_exitcode=0

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Checkov in terraform/environments/digital-prison-reporting
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/youth-justice-app-framework
Excluding the following checks: CKV_GIT_1,CKV_AWS_126,CKV2_AWS_38,CKV2_AWS_39
terraform scan results:

Passed checks: 19, Failed checks: 0, Skipped checks: 5


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.9.1)
tflint will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running tflint in terraform/environments/digital-prison-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/youth-justice-app-framework
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Trivy Scan Success

Show Output 
*****************************

Trivy will check the following folders:
terraform/environments/digital-prison-reporting
terraform/environments/youth-justice-app-framework

*****************************

Running Trivy in terraform/environments/digital-prison-reporting
2025-01-09T15:47:05Z	INFO	[vulndb] Need to update DB
2025-01-09T15:47:05Z	INFO	[vulndb] Downloading vulnerability DB...
2025-01-09T15:47:05Z	INFO	[vulndb] Downloading artifact...	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:47:07Z	INFO	[vulndb] Artifact successfully downloaded	repo="public.ecr.aws/aquasecurity/trivy-db:2"
2025-01-09T15:47:07Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:47:07Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:47:07Z	INFO	[misconfig] Need to update the built-in checks
2025-01-09T15:47:07Z	INFO	[misconfig] Downloading the built-in checks...
160.80 KiB / 160.80 KiB [---------------------------------------------------------] 100.00% ? p/s 0s2025-01-09T15:47:09Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:47:09Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:47:09Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:47:10Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:47:10Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:47:10Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:47:10Z	INFO	Number of language-specific files	num=0
2025-01-09T15:47:10Z	INFO	Detected config files	num=2
trivy_exitcode=0

*****************************

Running Trivy in terraform/environments/youth-justice-app-framework
2025-01-09T15:47:10Z	INFO	[vuln] Vulnerability scanning is enabled
2025-01-09T15:47:10Z	INFO	[misconfig] Misconfiguration scanning is enabled
2025-01-09T15:47:10Z	INFO	[secret] Secret scanning is enabled
2025-01-09T15:47:10Z	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-09T15:47:10Z	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.57/docs/scanner/secret#recommendation for faster secret detection
2025-01-09T15:47:11Z	INFO	[terraform scanner] Scanning root module	file_path="."
2025-01-09T15:47:11Z	WARN	[terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.	module="root" variables="networking"
2025-01-09T15:47:11Z	ERROR	[terraform evaluator] Failed to expand block. Invalid "for-each" argument. Must be known and iterable.	block="module.ram-ec2-retagging[0].data.aws_subnet.host" value="cty.NilVal"
2025-01-09T15:47:11Z	INFO	Number of language-specific files	num=0
2025-01-09T15:47:11Z	INFO	Detected config files	num=2
trivy_exitcode=0

markgov
markgov approved these changes Jan 9, 2025
View reviewed changes
Copy link
Contributor

@markgov markgov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ep-93 ep-93 added this pull request to the merge queue Jan 9, 2025
Merged via the queue into main with commit ad1e347 Jan 9, 2025
12 checks passed
@ep-93 ep-93 deleted the feature/yjaf-circle-ci branch January 9, 2025 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markgov markgov markgov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ep-93 @markgov