Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: synced file(s) with cds-snc/site-reliability-engineering #328

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

sre-read-write[bot]
Copy link
Contributor

@sre-read-write sre-read-write bot commented Jan 8, 2025

synced local file(s) with cds-snc/site-reliability-engineering.

SRE Workflow Sync

Description

Hello this is an automated PR from the Internal SRE Team.

This PR will sync some workflows that fill perform some important organizational requirements so that you don't have to.

Workflows being synced

The following is a list of workflows that are being synced by this action.

s3-backup.yml

This workflow will take shallow copy of the current state of your repo, zip that up and upload it to an s3 bucket in the SRE Tools AWS Account. This is a disaster recovery action that we are taking in the very slim chance that Github dissapears along with all of the copies of your repo on developer machines.

ossf-scorecard.yml

This workflow measures a set of security metrics and criteria designed to assess the security posture and practices of your repo and sends that information to Azure Sentinel.

export_github_data.yml

This workflow collects metadata about your repository and sends it to Azure Sentinel.

backstage-catalog-helper.yml

This workflow calls the Backstage Catalog Info Helper Action which is used to help teams get started with a basic Backstage catalog-info.yml file for their repository. This file is used to populate the Backstage Software Catalog and provides teams with the ability to keep track of key metadata related to their project.

Important Information

This PR should have zero impact on the functionality of your system and should be safe to merge without testing your application.

Please Note: You do not have to merge this PR if you wish to be exempt from this sync please contact internal sre through slack and we will remove your repo from the list of repos to sync. Be aware however that if you do this you will need to implement this functionality yourself.

Changed files
  • synced local .github/workflows/s3-backup.yml with remote tools/sre_file_sync/s3-backup.yml
  • synced local .github/workflows/export_github_data.yml with remote tools/sre_file_sync/export_github_data.yml
  • synced local .github/workflows/ossf-scorecard.yml with remote tools/sre_file_sync/ossf-scorecard.yml

This PR was created automatically by the repo-file-sync-action workflow run #12789553349

@sre-read-write sre-read-write bot added the sync label Jan 8, 2025
@sre-read-write sre-read-write bot force-pushed the repo-sync/site-reliability-engineering/default branch from 8c160d8 to d4ba493 Compare January 8, 2025 13:48
@sre-read-write sre-read-write bot force-pushed the repo-sync/site-reliability-engineering/default branch 13 times, most recently from a555320 to 1df5e89 Compare January 15, 2025 13:40
@sre-read-write sre-read-write bot force-pushed the repo-sync/site-reliability-engineering/default branch from 1df5e89 to ed24275 Compare January 15, 2025 13:48
Copy link

Plan for org_account/roles

✅   Terraform Init: success
✅   Terraform Validate: success
✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

Plan: 0 to add, 1 to change, 0 to destroy
Show summary
CHANGE NAME
update aws_iam_role.sre_bot
Show plan
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_iam_role.sre_bot will be updated in-place
  ~ resource "aws_iam_role" "sre_bot" {
      ~ assume_role_policy    = (sensitive value)
        id                    = "sre_bot_role"
        name                  = "sre_bot_role"
        tags                  = {
            "CostCentre" = "cds-aws-lz-production"
            "Terraform"  = "true"
        }
        # (9 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"
Show Conftest results
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.org_account_list_in_sandbox"]
WARN - plan.json - main - Missing Common Tags: ["aws_iam_policy.org_allow_policy_toggle"]

21 tests, 19 passed, 2 warnings, 0 failures, 0 exceptions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants