update(config/config.yaml): switch default branch to `main` for `plugins` repo #1432

leogr · 2024-03-28T09:59:01Z

/hold until we switch the default branch in falcosecurity/plugins

…ins` repo Signed-off-by: Leonardo Grasso <[email protected]>

FedeDP

Most probably we will also need to bump iam roles config: https://github.com/falcosecurity/test-infra/blob/master/config/clusters/iam.tf#L197

…ugins` repo Signed-off-by: Leonardo Grasso <[email protected]>

Signed-off-by: Leonardo Grasso <[email protected]>

FedeDP · 2024-03-28T10:30:49Z

I think https://github.com/falcosecurity/test-infra/blob/master/config/jobs/build-plugins/build-plugins.yaml#L8 must be updated too.

Signed-off-by: Leonardo Grasso <[email protected]>

FedeDP

/approve

poiana · 2024-03-28T10:37:05Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, leogr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [FedeDP,leogr]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

leogr · 2024-03-28T14:20:49Z

/unhold

poiana · 2024-03-28T14:21:54Z

@leogr: Updated the following 2 configmaps:

job-config configmap in namespace default at cluster default using the following files:
- key build-plugins.yaml using file config/jobs/build-plugins/build-plugins.yaml
config configmap in namespace default at cluster default using the following files:
- key config.yaml using file config/config.yaml

In response to this:

/hold until we switch the default branch in falcosecurity/plugins

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

github-actions · 2024-03-29T09:55:02Z

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Validation Output


Success! The configuration is valid.

Terraform Plan 📖`success`

Show Plan


terraform
module.iam_github_oidc_provider.data.tls_certificate.this[0]: Reading...
module.iam_github_oidc_provider.data.tls_certificate.this[0]: Read complete after 0s [id=43add1749d6d9832e0a8fca0784941273380c63a]
module.load_balancer_controller.data.aws_caller_identity.current: Reading...
module.falco_ecr_role.data.aws_caller_identity.current: Reading...
module.iam_github_oidc_provider.data.aws_partition.current: Reading...
data.aws_iam_policy_document.plugins_s3_access: Reading...
aws_ecr_repository.update_deployment_files: Refreshing state... [id=test-infra/update-falco-k8s-manifests]
module.eks.data.aws_partition.current: Reading...
data.aws_iam_policy_document.plugins_s3_access: Read complete after 0s [id=3299842136]
data.aws_iam_policy_document.rules_s3_access: Reading...
module.eks.data.aws_partition.current: Read complete after 0s [id=aws]
module.iam_github_oidc_provider.data.aws_partition.current: Read complete after 0s [id=aws]
module.falco_playground_s3_role.data.aws_partition.current: Reading...
data.aws_iam_policy_document.rules_s3_access: Read complete after 0s [id=46917358]
module.falco_playground_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.falcosidekick_ecr_access: Reading...
aws_iam_policy.plugins_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-plugins-s320230413152829770200000001]
aws_ecr_repository.update_jobs: Refreshing state... [id=test-infra/update-jobs]
data.aws_iam_policy_document.falcosidekick_ecr_access: Read complete after 0s [id=315517080]
module.falcosidekick_ecr_role.data.aws_partition.current: Reading...
module.iam_github_oidc_provider.aws_iam_openid_connect_provider.this[0]: Refreshing state... [id=arn:aws:iam::292999226676:oidc-provider/token.actions.githubusercontent.com]
aws_acm_certificate.deck: Refreshing state... [id=arn:aws:acm:eu-west-1:292999226676:certificate/ba966f87-e470-4638-90ba-a2e9a34d5677]
module.eks.data.aws_caller_identity.current: Reading...
module.falcosidekick_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0654bc7f6f794e1a2]
module.test-infra_s3_role.data.aws_partition.current: Reading...
module.test-infra_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Reading...
module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Read complete after 0s [id=2764486067]
module.plugins_s3_role.data.aws_caller_identity.current: Reading...
module.load_balancer_controller.data.aws_caller_identity.current: Read complete after 1s [id=292999226676]
module.falco_s3_role.data.aws_caller_identity.current: Reading...
module.falco_ecr_role.data.aws_caller_identity.current: Read complete after 1s [id=292999226676]
module.load_balancer_controller.data.aws_partition.current: Reading...
module.load_balancer_controller.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.loadbalancer_controller: Reading...
data.aws_iam_policy_document.loadbalancer_controller: Read complete after 0s [id=1297636145]
module.falcosidekick_ui_ecr_role.data.aws_caller_identity.current: Reading...
module.eks.data.aws_caller_identity.current: Read complete after 1s [id=292999226676]
data.aws_iam_policy_document.ebs_controller_policy_doc: Reading...
data.aws_iam_policy_document.ebs_controller_policy_doc: Read complete after 0s [id=1584698932]
module.falco_playground_s3_role.data.aws_caller_identity.current: Reading...
module.plugins_s3_role.data.aws_caller_identity.current: Read complete after 1s [id=292999226676]
module.iam_assumable_role_admin.data.aws_caller_identity.current: Reading...
module.falco_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.eks.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: Reading...
module.eks.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: Read complete after 0s [id=3709839417]
data.aws_iam_policy_document.falco_dev_s3_access: Reading...
data.aws_iam_policy_document.falco_dev_s3_access: Read complete after 0s [id=3316268599]
module.test-infra_cluster_role.data.aws_partition.current: Reading...
module.test-infra_cluster_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.falcosidekick_ui_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.falco_dev_s3_role.data.aws_caller_identity.current: Reading...
module.falco_playground_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.falco_ecr_role.data.aws_partition.current: Reading...
module.falco_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.falco_ecr_access: Reading...
data.aws_iam_policy_document.falco_ecr_access: Read complete after 0s [id=931847752]
data.aws_iam_policy_document.cluster_autoscaler_policy_doc: Reading...
aws_s3_bucket.prow_storage: Refreshing state... [id=falco-prow-logs]
module.iam_assumable_role_admin.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
data.aws_iam_policy_document.cluster_autoscaler_policy_doc: Read complete after 0s [id=1342303187]
data.aws_iam_policy_document.test-infra_s3_access: Reading...
aws_ecr_repository.docker_dind: Refreshing state... [id=test-infra/docker-dind]
data.aws_iam_policy_document.test-infra_s3_access: Read complete after 0s [id=532751175]
aws_ecr_repository.update_rules_index: Refreshing state... [id=test-infra/update-rules-index]
module.iam_assumable_role_admin.data.aws_partition.current: Reading...
module.iam_assumable_role_admin.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_caller_identity.current: Reading...
module.falco_dev_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.test-infra_reader.data.aws_partition.current: Reading...
module.test-infra_reader.data.aws_partition.current: Read complete after 0s [id=aws]
module.rules_s3_role.data.aws_partition.current: Reading...
module.rules_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
aws_ecr_repository.update_dbg: Refreshing state... [id=test-infra/update-dbg]
data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
aws_kms_key.falco-test-infra-state: Refreshing state... [id=ebaa575e-cf32-4f88-a3ae-2d9e6dc7a32e]
aws_ecr_repository.golang: Refreshing state... [id=test-infra/golang]
data.aws_iam_policy_document.falco_playground_s3_access: Reading...
data.aws_iam_policy_document.falco_playground_s3_access: Read complete after 0s [id=1908753999]
aws_s3_bucket.falco-test-infra-state: Refreshing state... [id=falco-test-infra-state]
module.eks.aws_cloudwatch_log_group.this[0]: Refreshing state... [id=/aws/eks/falco-prow-test-infra/cluster]
module.test-infra_cluster_role.data.aws_caller_identity.current: Reading...
module.falcoctl_ecr_role.data.aws_caller_identity.current: Reading...
module.test-infra_cluster_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.test-infra_s3_role.data.aws_caller_identity.current: Reading...
module.falcoctl_ecr_role.data.aws_partition.current: Reading...
module.falcoctl_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.test-infra_cluster_access: Reading...
module.falcoctl_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
data.aws_iam_policy_document.test-infra_cluster_access: Read complete after 0s [id=3038031340]
data.aws_availability_zones.available: Reading...
aws_dynamodb_table.falco-test-infra-state-lock: Refreshing state... [id=falco-test-infra-state-lock]
module.test-infra_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.falcosidekick_ecr_role.data.aws_caller_identity.current: Reading...
module.falcosidekick_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
data.aws_iam_policy_document.test-infra_state_lock: Reading...
data.aws_iam_policy_document.test-infra_state_lock: Read complete after 0s [id=3171549464]
aws_ecr_repository.build_drivers: Refreshing state... [id=test-infra/build-drivers]
data.aws_iam_policy_document.driverkit_s3_access: Reading...
data.aws_iam_policy_document.driverkit_s3_access: Read complete after 0s [id=795073047]
module.falco_dev_s3_role.data.aws_partition.current: Reading...
module.rules_s3_role.data.aws_caller_identity.current: Reading...
module.falco_dev_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.falcosidekick_ui_ecr_access: Reading...
data.aws_iam_policy_document.falcosidekick_ui_ecr_access: Read complete after 0s [id=2521239600]
data.aws_canonical_user_id.current_user: Reading...
module.rules_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
data.aws_iam_policy_document.falcoctl_ecr_access: Reading...
data.aws_iam_policy_document.falcoctl_ecr_access: Read complete after 0s [id=2545128901]
aws_kms_key.prow_storage: Refreshing state... [id=0ec47d8c-dbda-4e3a-8007-0246997e62d5]
module.driver_kit_s3_role.data.aws_caller_identity.current: Reading...
module.driver_kit_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
aws_acm_certificate.monitor_prow: Refreshing state... [id=arn:aws:acm:eu-west-1:292999226676:certificate/87aa77e9-dceb-480b-8873-8532f02f5813]
data.aws_availability_zones.available: Read complete after 0s [id=eu-west-1]
aws_ecr_repository.build_plugins: Refreshing state... [id=test-infra/build-plugins]
module.falco_s3_role.data.aws_partition.current: Reading...
module.falco_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.plugins_s3_role.data.aws_partition.current: Reading...
module.plugins_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.driver_kit_s3_role.data.aws_partition.current: Reading...
module.driver_kit_s3_role.data.aws_partition.current: Read complete after 0s [id=aws]
data.aws_iam_policy_document.falco_s3_access: Reading...
data.aws_iam_policy_document.falco_s3_access: Read complete after 0s [id=3637981268]
module.test-infra_reader.data.aws_caller_identity.current: Reading...
module.test-infra_reader.data.aws_caller_identity.current: Read complete after 0s [id=292999226676]
module.falcosidekick_ui_ecr_role.data.aws_partition.current: Reading...
module.falcosidekick_ui_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws]
module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Reading...
module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Read complete after 0s [id=3778018924]
aws_iam_policy.falcosidekick_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcosidekick-ecr20230308175813643500000001]
aws_iam_policy.rules_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-rules-s320230120142903094100000001]
module.eks.aws_iam_role.cluster[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003]
aws_iam_policy.ebs_controller_policy: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-ebs-csi-driver20201105152818548300000001]
module.eks.aws_iam_policy.cluster_elb_sl_role_creation[0]: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-elb-sl-role-creation20201105152818552700000002]
aws_iam_policy.falco_dev_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-dev-s320230427085324265100000001]
data.aws_canonical_user_id.current_user: Read complete after 1s [id=6e179ab6a522e9123d39ace0dace05f83ca531f9e778367bb90199a80786c709]
aws_iam_policy.falco_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-ecr20230427091417611700000001]
aws_iam_policy.cluster_autoscaler_policy: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-cluster-autoscaler20201120161034370800000001]
aws_iam_policy.test-infra_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-s320230405135707027100000001]
data.aws_iam_policy_document.ecr_standard: Reading...
data.aws_iam_policy_document.ecr_standard: Read complete after 0s [id=490672708]
aws_iam_policy.falco_playground_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-playground-s320240311212715659700000001]
aws_iam_policy.test-infra_cluster_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-cluster20240220093903726400000001]
aws_iam_policy.test-infra_state_lock: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-cluster20240325081408031400000001]
aws_iam_policy.falcosidekick_ui_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcosidekick-ui-ecr20230913155739228400000001]
aws_iam_policy.falcoctl_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcoctl-ecr20240220101903926000000001]
aws_iam_policy.falco_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-s320230427085324265200000002]
module.falco_playground_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.falco_playground_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2845281180]
module.falco_ecr_role.data.aws_iam_policy_document.this[0]: Reading...
module.falco_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2088837448]
aws_ecr_repository_policy.update_jobs: Refreshing state... [id=test-infra/update-jobs]
aws_ecr_repository_policy.build_drivers: Refreshing state... [id=test-infra/build-drivers]
aws_ecr_repository_policy.build_plugins: Refreshing state... [id=test-infra/build-plugins]
aws_ecr_repository_policy.update_deployment_files: Refreshing state... [id=test-infra/update-falco-k8s-manifests]
aws_ecr_repository_policy.update_dbg: Refreshing state... [id=test-infra/update-dbg]
aws_ecr_repository_policy.docker_dind: Refreshing state... [id=test-infra/docker-dind]
aws_ecr_repository_policy.golang: Refreshing state... [id=test-infra/golang]
module.test-infra_cluster_role.data.aws_iam_policy_document.this[0]: Reading...
module.test-infra_cluster_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=3682994372]
module.falcoctl_ecr_role.data.aws_iam_policy_document.this[0]: Reading...
module.falcoctl_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2227282869]
module.test-infra_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.falcosidekick_ecr_role.data.aws_iam_policy_document.this[0]: Reading...
module.test-infra_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=3682994372]
module.falcosidekick_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2934820887]
module.falco_dev_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.rules_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.falco_dev_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2088837448]
module.rules_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=4063866326]
module.falco_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.plugins_s3_role.data.aws_iam_policy_document.this[0]: Reading...
module.falco_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=771382233]
module.plugins_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2396550039]
module.test-infra_reader.data.aws_iam_policy_document.this[0]: Reading...
module.falcosidekick_ui_ecr_role.data.aws_iam_policy_document.this[0]: Reading...
module.test-infra_reader.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=1426862736]
module.falcosidekick_ui_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=4162468877]
module.falco_playground_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-playground-s3]
module.falco_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-ecr]
module.test-infra_cluster_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-cluster]
module.falcoctl_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcoctl-ecr]
module.test-infra_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-s3]
module.falcosidekick_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcosidekick-ecr]
module.falco_dev_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-dev-s3]
module.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-0cd240b1070debefa]
module.rules_s3_role.aws_iam_role.this[0]: Refreshing state... [id=terraform-20230120142903096000000002]
module.falco_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-s3]
module.plugins_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-plugins-s3]
module.test-infra_reader.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-reader]
module.falcosidekick_ui_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcosidekick-ui-ecr]
aws_s3_bucket_lifecycle_configuration.prow_storage_lifecycle_configuration: Refreshing state... [id=falco-prow-logs]
aws_s3_bucket_acl.prow_storage_acl: Refreshing state... [id=falco-prow-logs,private]
aws_s3_bucket_server_side_encryption_configuration.prow_storage_server_side_encryption_configuration: Refreshing state... [id=falco-prow-logs]
data.aws_iam_policy_document.s3_access: Reading...
data.aws_iam_policy_document.s3_access: Read complete after 0s [id=278244951]
aws_s3_bucket_versioning.prow_storage_versioning: Refreshing state... [id=falco-prow-logs]
module.falco_ecr_role.aws_iam_role_policy_attachment.this["falco_ecr_access"]: Refreshing state... [id=github_actions-falco-ecr-20230427091418182800000002]
module.falco_playground_s3_role.aws_iam_role_policy_attachment.this["falco_playground_s3_access"]: Refreshing state... [id=github_actions-falco-playground-s3-20240311212716930200000002]
module.test-infra_cluster_role.aws_iam_role_policy_attachment.this["test-infra_cluster_access"]: Refreshing state... [id=github_actions-test-infra-cluster-20240220093904349300000002]
module.test-infra_s3_role.aws_iam_role_policy_attachment.this["test-infra_s3_access"]: Refreshing state... [id=github_actions-test-infra-s3-20230405135707795800000002]
module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819898000000005]
module.eks.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152820341400000007]
module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819867600000004]
module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819990700000006]
aws_security_group.worker_group_mgmt_one: Refreshing state... [id=sg-0cc7b1677349c65ce]
aws_security_group.all_worker_mgmt: Refreshing state... [id=sg-0e16b80a3ed5cf816]
module.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-07f1775c2de8ec969]
module.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-0abe8636ec65c0206]
module.vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-0a0fe757bebcaf795]
module.vpc.aws_subnet.public[2]: Refreshing state... [id=subnet-02e57666a36d1545a]
module.vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-0f325c0242d048d8f]
module.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-02d6ff228997829f9]
module.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-09361e94faa3fa8eb]
module.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-0dccb91c994a313fd]
module.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-0fdfd32f4524c8dc8]
module.falcoctl_ecr_role.aws_iam_role_policy_attachment.this["falcoctl_ecr_access"]: Refreshing state... [id=github_actions-falcoctl-ecr-20240220101904532000000002]
module.falcosidekick_ecr_role.aws_iam_role_policy_attachment.this["falcosidekick_ecr_access"]: Refreshing state... [id=github_actions-falcosidekick-ecr-20230308175814271600000002]
module.falco_dev_s3_role.aws_iam_role_policy_attachment.this["falco_s3_access"]: Refreshing state... [id=github_actions-falco-dev-s3-20230427085324972500000003]
aws_s3_bucket_versioning.falco-test-infra-state_versioning: Refreshing state... [id=falco-test-infra-state]
aws_s3_bucket_server_side_encryption_configuration.falco-test-infra-state_server_side_encryption_configuration: Refreshing state... [id=falco-test-infra-state]
data.aws_iam_policy_document.falco-test-infra-state: Reading...
data.aws_iam_policy_document.falco-test-infra-state: Read complete after 0s [id=3883224714]
aws_s3_bucket_acl.falco-test-infra-state_acl: Refreshing state... [id=falco-test-infra-state,private]
module.eks.aws_security_group.cluster[0]: Refreshing state... [id=sg-05d3ba5e703e1c5f1]
module.rules_s3_role.aws_iam_role_policy_attachment.this["rules_s3_access"]: Refreshing state... [id=terraform-20230120142903096000000002-20230120142903785300000003]
module.eks.aws_security_group.workers[0]: Refreshing state... [id=sg-0d2304cab1b3957b1]
module.falco_s3_role.aws_iam_role_policy_attachment.this["falco_s3_access"]: Refreshing state... [id=github_actions-falco-s3-20230427085324980000000004]
module.plugins_s3_role.aws_iam_role_policy_attachment.this["plugins_s3_access"]: Refreshing state... [id=github_actions-plugins-s3-20230413152830383900000002]
module.test-infra_reader.aws_iam_role_policy_attachment.this["test-infra_read_access"]: Refreshing state... [id=github_actions-test-infra-reader-20240321163504745700000001]
module.test-infra_reader.aws_iam_role_policy_attachment.this["test-infra_state_lock"]: Refreshing state... [id=github_actions-test-infra-reader-20240325081409156900000002]
module.falcosidekick_ui_ecr_role.aws_iam_role_policy_attachment.this["falcosidekick_ui_ecr_access"]: Refreshing state... [id=github_actions-falcosidekick-ui-ecr-20230913155739870800000002]
aws_s3_bucket_policy.falco-test-infra-state: Refreshing state... [id=falco-test-infra-state]
module.vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-0069c2978d157c4cd]
module.vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-0fdfd32f4524c8dc81080289494]
module.vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-0e9f749c7d12e3267]
module.vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-0f5df778686c05fe5]
module.vpc.aws_route_table_association.public[2]: Refreshing state... [id=rtbassoc-0e9e855baf7cd1212]
module.vpc.aws_route_table_association.private[2]: Refreshing state... [id=rtbassoc-034c965b472c568fd]
module.vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-003d282252839a3b9]
module.vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-03ad0749fbe6f1117]
module.vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-07f1775c2de8ec9691080289494]
module.eks.aws_security_group_rule.cluster_egress_internet[0]: Refreshing state... [id=sgrule-280492479]
module.eks.aws_security_group_rule.workers_ingress_self[0]: Refreshing state... [id=sgrule-2377827212]
module.eks.aws_security_group_rule.cluster_https_worker_ingress[0]: Refreshing state... [id=sgrule-1969485948]
module.eks.aws_security_group_rule.workers_egress_internet[0]: Refreshing state... [id=sgrule-1247502868]
module.eks.aws_security_group_rule.workers_ingress_cluster_https[0]: Refreshing state... [id=sgrule-341689192]
module.eks.aws_security_group_rule.workers_ingress_cluster[0]: Refreshing state... [id=sgrule-36459906]
module.eks.aws_eks_cluster.this[0]: Refreshing state... [id=falco-prow-test-infra]
module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Refreshing state... [id=arn:aws:iam::292999226676:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/352DA0E4F639E76F92BD99E5683F0478]
module.eks.local_file.kubeconfig[0]: Refreshing state... [id=9709b49e9fb9768ceb0d46920a5878052ab40ab6]
module.eks.aws_iam_role.workers[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001]
module.eks.data.http.wait_for_cluster[0]: Reading...
module.load_balancer_controller.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading...
module.driver_kit_s3_role.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading...
module.iam_assumable_role_admin.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading...
module.load_balancer_controller.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=4091739281]
module.driver_kit_s3_role.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=440209149]
module.iam_assumable_role_admin.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=1787711474]
module.load_balancer_controller.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-loadbalancer-controller]
module.iam_assumable_role_admin.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-prow_s3_access]
module.driver_kit_s3_role.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-drivers_s3_access]
module.eks.data.http.wait_for_cluster[0]: Read complete after 1s [id=https://352DA0E4F639E76F92BD99E5683F0478.gr7.eu-west-1.eks.amazonaws.com/healthz]
data.aws_eks_cluster_auth.cluster: Reading...
aws_iam_policy.s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-prow-s320201105155512012300000006]
data.aws_eks_cluster.cluster: Reading...
data.aws_eks_cluster_auth.cluster: Read complete after 0s [id=falco-prow-test-infra]
aws_iam_policy.loadbalancer_controller: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-lb-controller20201112211541650900000001]
aws_iam_policy.driverkit_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-driverkit-s320201213215323984400000001]
data.aws_eks_cluster.cluster: Read complete after 0s [id=falco-prow-test-infra]
module.driver_kit_s3_role.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-drivers_s3_access-20201213222658154700000001]
module.load_balancer_controller.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-loadbalancer-controller-20201112211541903700000002]
module.iam_assumable_role_admin.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-prow_s3_access-20201213222417722400000001]
module.eks.aws_iam_role_policy_attachment.workers_additional_policies[1]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201120161034700700000003]
module.eks.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240059700000003]
module.eks.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240056800000002]
module.eks.aws_iam_role_policy_attachment.workers_additional_policies[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240151600000005]
data.aws_iam_policy_document.prow_storage: Reading...
data.aws_iam_policy_document.prow_storage: Read complete after 0s [id=1314906468]
module.eks.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240120500000004]
aws_s3_bucket_policy.prow_storage: Refreshing state... [id=falco-prow-logs]
module.eks.kubernetes_config_map.aws_auth[0]: Refreshing state... [id=kube-system/aws-auth]
module.eks.module.node_groups.aws_eks_node_group.workers["default"]: Refreshing state... [id=falco-prow-test-infra:prow-worker-group]
module.eks.module.node_groups.aws_eks_node_group.workers["jobs"]: Refreshing state... [id=falco-prow-test-infra:jobs-worker-group]
module.eks.module.node_groups.aws_eks_node_group.workers["jobs_arm"]: Refreshing state... [id=falco-prow-test-infra:jobs-arm-worker-group]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # module.eks.local_file.kubeconfig[0] will be created
  + resource "local_file" "kubeconfig" {
      + content              = <<-EOT
            apiVersion: v1
            preferences: {}
            kind: Config
            
            clusters:
            - cluster:
                server: https://352DA0E4F639E76F92BD99E5683F0478.gr7.eu-west-1.eks.amazonaws.com
                certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01URXdOVEUxTkRjME9Gb1hEVE13TVRFd016RTFORGMwT0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTjFPCjI3Qmk3TkZZV091a0lKZDNzU0NsczdneUpqdnZ3WE9PNkNyTlhqbnlYZVNlamRvMGEzOGFkMlJjcTB2ckttWXEKRkNWLzB5Ky9vVjhnblpWTEhIa0VhcGwwTTZOcldQakRWOHE5cnJ6dkZWUVBWZnFUYlFjSGluNEQ4Wi9DZ2JibwpsYTJZMFozdHhjYzkxT1cyYWtuOWg5eHlEZFZFekJjMjJXQ0ViUWVabVdtTDZ4Uzd0ekJxZi9JTGlpcTgwVlZsCjdWaXRiNS95OU04WWVxOFNMeDI3U214OFJBc2ZSSjJQZ3J1SC9WUWhNMXM2TkhjS3lZd1JaVytFREMzVyt2MDIKUGJCL1VnVDkrQTZocllUOWFhOGt4dWhYc2xPMzEzQWFmbkY2ZFhScUd3clkweGxsdTM2WHhTU2thZkc3MDhBYgp0UzgzWkV6ZGZQeU56Z3UvV2JNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJalpNTnYzdytxYjdGbzBKZzYxWFRwdTljM3QKYTJFYXoyRzFCc0ZVSnlZTm1kcVIzNldxT0pLU0w3Nk1YemlLZXY1cUlySHZuK0gvNTZpODNDblZFQ2F1YWlYaQpvcThObFZVNmJqeVlWZm5LWDNoVU0xN0Z5MjM1VjNkU0FZRGJZaG5iZWhuZm1UNWVEamRnbEhKanlzbEMvWnYzCnVVNHJEdkE4V3FWR2pHZGpKTk5qNFJvbmhFT3FpTElnNjgvQVU4K3VoelRYTVpIbytZVVhOMEVIajRHaGdaWUIKejFhUWxZbjJ3dGpXZkVNMDlqdjRsVWdmVnJCeDMyZStzTzVtN3JZS2ZrWUhudEZTa2VlaTNXMFI5N1ZCNEtsRwpUMUVTa0hVYlNuWk1NWGdxLzVJWVpyUTNDRXMxMWEwZ0MzNDhqYm1KSHkyQnVja2NTTnU0em83Zmc1QT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
              name: eks_falco-prow-test-infra
            
            contexts:
            - context:
                cluster: eks_falco-prow-test-infra
                user: eks_falco-prow-test-infra
              name: eks_falco-prow-test-infra
            
            current-context: eks_falco-prow-test-infra
            
            users:
            - name: eks_falco-prow-test-infra
              user:
                exec:
                  apiVersion: client.authentication.k8s.io/v1alpha1
                  command: aws-iam-authenticator
                  args:
                    - "token"
                    - "-i"
                    - "falco-prow-test-infra"
        EOT
      + directory_permission = "0755"
      + file_permission      = "0600"
      + filename             = "./kubeconfig_falco-prow-test-infra"
      + id                   = (known after apply)
    }

  # module.test-infra_reader.aws_iam_role.this[0] will be updated in-place
  ~ resource "aws_iam_role" "this" {
      ~ assume_role_policy    = jsonencode(
          ~ {
              ~ Statement = [
                  ~ {
                      ~ Condition = {
                          ~ StringLike                  = {
                              ~ "token.actions.githubusercontent.com:sub" = "repo:falcosecurity/test-infra:pull_request" -> "repo:falcosecurity/test-infra:ref:*"
                            }
                            # (1 unchanged attribute hidden)
                        }
                        # (4 unchanged attributes hidden)
                    },
                ]
                # (1 unchanged attribute hidden)
            }
        )
        id                    = "github_actions-test-infra-reader"
        name                  = "github_actions-test-infra-reader"
        tags                  = {}
        # (8 unchanged attributes hidden)
    }

Plan: 1 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pusher: @leogr, Action: pull_request, Working Directory: ``, Workflow: Terraform plan

update(config/config.yaml): switch default branch to main for `plug…

8a8d877

…ins` repo Signed-off-by: Leonardo Grasso <[email protected]>

poiana added do-not-merge/hold dco-signoff: yes size/XS labels Mar 28, 2024

poiana requested review from jonahjon and maxgio92 March 28, 2024 09:59

poiana added approved dco-signoff: no and removed dco-signoff: yes labels Mar 28, 2024

FedeDP reviewed Mar 28, 2024

View reviewed changes

leogr added 2 commits March 28, 2024 11:24

update(images/build-plugins): switch default branch to main for `pl…

8311903

…ugins` repo Signed-off-by: Leonardo Grasso <[email protected]>

update(config/clusters): switch branch to main for plugins repo

1d79241

Signed-off-by: Leonardo Grasso <[email protected]>

leogr force-pushed the update/config/plugins-to-main branch from adc150f to 1d79241 Compare March 28, 2024 10:26

poiana added dco-signoff: yes and removed dco-signoff: no labels Mar 28, 2024

update(build-plugins): switch branch to main for plugins repo

85a6830

Signed-off-by: Leonardo Grasso <[email protected]>

poiana added size/S and removed size/XS labels Mar 28, 2024

FedeDP approved these changes Mar 28, 2024

View reviewed changes

poiana assigned FedeDP Mar 28, 2024

poiana added the lgtm label Mar 28, 2024

poiana removed the do-not-merge/hold label Mar 28, 2024

poiana merged commit 921ecf8 into master Mar 28, 2024
6 of 7 checks passed

poiana deleted the update/config/plugins-to-main branch March 28, 2024 14:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update(config/config.yaml): switch default branch to `main` for `plugins` repo #1432

update(config/config.yaml): switch default branch to `main` for `plugins` repo #1432

leogr commented Mar 28, 2024

FedeDP left a comment

FedeDP commented Mar 28, 2024

FedeDP left a comment

poiana commented Mar 28, 2024

leogr commented Mar 28, 2024

poiana commented Mar 28, 2024

github-actions bot commented Mar 29, 2024 •

edited

Loading

update(config/config.yaml): switch default branch to main for plugins repo #1432

update(config/config.yaml): switch default branch to main for plugins repo #1432

Conversation

leogr commented Mar 28, 2024

FedeDP left a comment

Choose a reason for hiding this comment

FedeDP commented Mar 28, 2024

FedeDP left a comment

Choose a reason for hiding this comment

poiana commented Mar 28, 2024

leogr commented Mar 28, 2024

poiana commented Mar 28, 2024

github-actions bot commented Mar 29, 2024 • edited Loading

Terraform Format and Style 🖌failure

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

update(config/config.yaml): switch default branch to `main` for `plugins` repo #1432

update(config/config.yaml): switch default branch to `main` for `plugins` repo #1432

github-actions bot commented Mar 29, 2024 •

edited

Loading

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`