Skip to content

Commit a1e1e99

Browse files
eddalmond1eddalmond1
committed
Merge branch 'main' into bugfix/eja-eli-579-fixing-non-standard-names
2 parents c92d8c6 + 12f4e1f commit a1e1e99

6 files changed

Lines changed: 12 additions & 5 deletions

File tree

.github/workflows/base-deploy.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -203,6 +203,7 @@ jobs:
203203
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
204204
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
205205
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
206+
TF_VAR_PROXYGEN_PRIVATE_KEY: ${{ secrets.PROXYGEN_PRIVATE_KEY_PROD }}
206207

207208
working-directory: ./infrastructure
208209
shell: bash

.github/workflows/cicd-2-publish.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,7 @@ jobs:
103103
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
104104
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
105105
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
106+
TF_VAR_PROXYGEN_PRIVATE_KEY: ${{ secrets.PROXYGEN_PRIVATE_KEY_PROD }}
106107

107108
run: |
108109
mkdir -p ./build

.github/workflows/cicd-3-test-deploy.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ jobs:
9090
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
9191
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
9292
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
93+
TF_VAR_PROXYGEN_PRIVATE_KEY: ${{ secrets.PROXYGEN_PRIVATE_KEY_PROD }}
9394

9495
run: |
9596
mkdir -p ./build

.github/workflows/release-candidate.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -237,6 +237,8 @@ jobs:
237237
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
238238
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
239239
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
240+
TF_VAR_PROXYGEN_PRIVATE_KEY: ${{ secrets.PROXYGEN_PRIVATE_KEY_PROD }}
241+
240242
run: |
241243
mkdir -p ./build
242244
echo "🚀 Deploying ${{ needs.validate.outputs.dev_tag }} to TEST"
@@ -353,8 +355,9 @@ jobs:
353355
id: release
354356
env:
355357
DEV_TAG: ${{ needs.validate.outputs.dev_tag }}
356-
RELEASE_TYPE: ${{ inputs.release_type }}
358+
INPUT_RELEASE_TYPE: ${{ inputs.release_type }}
357359
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
360+
ENVIRONMENT: preprod
358361
run: |
359362
pip install requests
360363
python scripts/workflow/tag_and_release.py

infrastructure/stacks/iams-developer-roles/github_actions_policies.tf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -209,16 +209,16 @@ resource "aws_iam_policy" "s3_management" {
209209
Resource = [
210210
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-rules",
211211
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-rules/*",
212-
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-consumer-map",
213-
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-consumer-map/*",
212+
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-consumer-map",
213+
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-consumer-map/*",
214214
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-audit",
215215
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-audit/*",
216216
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-rules-access-logs",
217217
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-rules-access-logs/*",
218218
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-audit-access-logs",
219219
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-audit-access-logs/*",
220-
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-consumer-map-access-logs",
221-
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-eli-consumer-map-access-logs/*",
220+
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-consumer-map-access-logs",
221+
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-consumer-map-access-logs/*",
222222
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-truststore",
223223
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-truststore/*",
224224
"arn:aws:s3:::*eligibility-signposting-api-${var.environment}-truststore-access-logs",

infrastructure/stacks/networking/ssm.tf

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
resource "aws_ssm_parameter" "proxygen_private_key" {
2+
count = var.environment == "dev" ? 1 : 0
23
name = "/${var.environment}/proxygen/private_key"
34
type = "SecureString"
45
key_id = aws_kms_key.networking_ssm_key.id

0 commit comments

Comments
 (0)