Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add data-product endpoint and rename data product register components #3515

Merged
merged 5 commits into from
Oct 2, 2023
Merged

Add data-product endpoint and rename data product register components #3515

merged 5 commits into from
Oct 2, 2023

Conversation

tom-webber
Copy link
Contributor

@tom-webber tom-webber commented Sep 29, 2023
edited
Loading

This brings the register data-product endpoint in line with our API specs

@tom-webber tom-webber requested review from a team September 29, 2023 15:49
@tom-webber tom-webber requested review from a team as code owners September 29, 2023 15:49
@github-actions github-actions bot added the environments-repository Used to exclude PRs from this repo in our Slack PR update label Sep 29, 2023
@tom-webber tom-webber changed the title Add data-product endprename data product register components Add data-product endpoint and rename data product register components Sep 29, 2023
@github-actions
Copy link
Contributor

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:
terraform/environments/corporate-staff-rostering terraform/environments/hmpps-oem terraform/environments/nomis-combined-reporting terraform/environments/nomis-data-hub terraform/environments/oasys terraform/environments/planetfm

*****************************

Running TFSEC in terraform/environments/corporate-staff-rostering
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.85641ms
  parsing              241.560496ms
  adaptation           154.7µs
  checks               8.570239ms
  total                252.141845ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     266
  files read           70

  results
  ──────────────────────────────────────────
  passed               1
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/environments/hmpps-oem
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.575907ms
  parsing              185.295341ms
  adaptation           147.7µs
  checks               14.057964ms
  total                201.076912ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     265
  files read           70

  results
  ──────────────────────────────────────────
  passed               1
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/environments/nomis-combined-reporting
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.759216ms
  parsing              252.456548ms
  adaptation           156.301µs
  checks               8.254137ms
  total                262.626202ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     266
  files read           73

  results
  ──────────────────────────────────────────
  passed               4
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/environments/nomis-data-hub
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.477007ms
  parsing              266.042709ms
  adaptation           156.301µs
  checks               9.269242ms
  total                276.945259ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     263
  files read           68

  results
  ──────────────────────────────────────────
  passed               4
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/environments/oasys
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             1.763204ms
  parsing              316.406739ms
  adaptation           240.101µs
  checks               8.566039ms
  total                326.976083ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     264
  files read           69

  results
  ──────────────────────────────────────────
  passed               7
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/environments/planetfm
Excluding the following checks: AWS095

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             3.025909ms
  parsing              212.878841ms
  adaptation           149.001µs
  checks               13.691367ms
  total                229.745118ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    5
  blocks processed     264
  files read           69

  results
  ──────────────────────────────────────────
  passed               1
  ignored              0
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

Checkov Scan Failed

Show Output 
*****************************

Checkov will check the following folders:
terraform/environments/corporate-staff-rostering terraform/environments/hmpps-oem terraform/environments/nomis-combined-reporting terraform/environments/nomis-data-hub terraform/environments/oasys terraform/environments/planetfm

*****************************

Running Checkov in terraform/environments/corporate-staff-rostering
terraform scan results:

Passed checks: 92, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/hmpps-oem
terraform scan results:

Passed checks: 90, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/nomis-combined-reporting
terraform scan results:

Passed checks: 90, Failed checks: 0, Skipped checks: 19


checkov_exitcode=0

*****************************

Running Checkov in terraform/environments/nomis-data-hub
terraform scan results:

Passed checks: 102, Failed checks: 12, Skipped checks: 19

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_admin_pass"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_host_os_version"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_admin_user"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_app_host_b"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_ems_port_1"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_app_host_a"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_ems_port_2"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_ems_host_b"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_domain_name"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_harkemsadmin_ssl_pass"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_ems_host_a"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }

Check: CKV_AWS_337: "Ensure SSM parameters are using KMS CMK"
	FAILED for resource: aws_ssm_parameter.ndh_secrets["ndh_host_os"]
	File: /main.tf:93-103

		93  | resource "aws_ssm_parameter" "ndh_secrets" {
		94  |   for_each = toset(local.ndh_secrets)
		95  |   name     = each.value
		96  |   type     = "SecureString"
		97  |   value    = random_password.random_value.result
		98  |   lifecycle {
		99  |     ignore_changes = [
		100 |       value,
		101 |     ]
		102 |   }
		103 | }


checkov_exitcode=1

*****************************

Running Checkov in terraform/environments/oasys
terraform scan results:

Passed checks: 90, Failed checks: 0, Skipped checks: 19


checkov_exitcode=1

*****************************

Running Checkov in terraform/environments/planetfm
terraform scan results:

Passed checks: 90, Failed checks: 0, Skipped checks: 19


checkov_exitcode=1

CTFLint Scan Failed

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
terraform/environments/corporate-staff-rostering terraform/environments/hmpps-oem terraform/environments/nomis-combined-reporting terraform/environments/nomis-data-hub terraform/environments/oasys terraform/environments/planetfm

*****************************

Running tflint in terraform/environments/corporate-staff-rostering
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/hmpps-oem
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/nomis-combined-reporting
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

*****************************

Running tflint in terraform/environments/nomis-data-hub
Excluding the following checks: terraform_unused_declarations
1 issue(s) found:

Warning: Missing version constraint for provider "random" in "required_providers" (terraform_required_providers)

  on terraform/environments/nomis-data-hub/main.tf line 88:
  88: resource "random_password" "random_value" {

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.2.1/docs/rules/terraform_required_providers.md

tflint_exitcode=2

*****************************

Running tflint in terraform/environments/oasys
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=2

*****************************

Running tflint in terraform/environments/planetfm
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=2

@tom-webber tom-webber had a problem deploying to data-platform-development October 2, 2023 09:08 — with GitHub Actions Failure
@github-actions
Copy link
Contributor

github-actions bot commented Oct 2, 2023

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:

@tom-webber tom-webber temporarily deployed to data-platform-development October 2, 2023 10:22 — with GitHub Actions Inactive
@tom-webber tom-webber temporarily deployed to data-platform-test October 2, 2023 10:22 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

github-actions bot commented Oct 2, 2023

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:

@tom-webber tom-webber merged commit a8208f4 into main Oct 2, 2023
@tom-webber tom-webber deleted the define-data-product-register-components branch October 2, 2023 13:02
@tom-webber tom-webber mentioned this pull request Oct 2, 2023
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LavMatt LavMatt LavMatt approved these changes

Assignees
No one assigned
Labels
environments-repository Used to exclude PRs from this repo in our Slack PR update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tom-webber @LavMatt @mitchdawson1982