Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgraded terraform modules version for citizen_auth_app fast_login function #947

Closed
wants to merge 6 commits into from
Closed

Upgraded terraform modules version for citizen_auth_app fast_login function #947

wants to merge 6 commits into from

Conversation

christian-calabrese
Copy link
Contributor

List of changes

In the scope of citizen_auth_app:
Upgraded the version of the terraform-azurerm-v3 terraform modules employed in the fast_login function app from v6.19.1 to v7.77.0

Motivation and context

When executing a terraform plan in the citizen_auth_app domain, changes on some proprietary resource tags called hidden-link are detected. The intention is to avoid displaying such changes to reduce chaos.

The newer version (v7.77.0) of the function_app and function_app_slot modules allows to ignore those changes and avoid displaying them.

Type of changes

  • Add new resources
  • Update configuration to existing resources
  • Remove existing resources

Env to apply

  • DEV
  • UAT
  • PROD

Does this introduce a change to production resources with possible user impact?

  • Yes, users may be impacted applying this change
  • No

Does this introduce an unwanted change on infrastructure? Check terraform plan execution result

  • Yes
  • No

Other information

If PR is partially applied, why? (reserved to mantainers)

How to apply

After PR is approved

  1. run deploy pipeline from Azure DevOps io-platform-iac-projects
  2. select PR branch
  3. wait for approval

@christian-calabrese christian-calabrese requested review from a team as code owners April 11, 2024 08:57
gunzip
gunzip previously approved these changes Apr 11, 2024
View reviewed changes
@christian-calabrese christian-calabrese force-pushed the EC-261-nascondere-hidden-tags-dai-log-terraform branch from b760d07 to 868e599 Compare April 18, 2024 15:24
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@gunzip
Copy link
Contributor

gunzip commented Apr 18, 2024

It looks like a check does not pass, consider keeping PR in draft until all checks pass.

gunzip
gunzip reviewed Apr 18, 2024
View reviewed changes
src/domains/citizen-auth-app/07_function_fast_login.tf
access_tier = "Hot"
advanced_threat_protection_enable = true
use_legacy_defender_version = true
public_network_access_enabled = true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this right? (publicily accessible storage?)

Copy link
Contributor Author

@christian-calabrese christian-calabrese Apr 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, it can be removed because it's hardcoded to true in the module itself:

EDIT: It cannot be removed cause it's a required variable

module "storage_account" {
  source = "github.com/pagopa/terraform-azurerm-v3.git//storage_account?ref=v7.76.0"

  name                          = coalesce(var.storage_account_name, format("%sst", replace(var.name, "-", "")))
  account_kind                  = var.storage_account_info.account_kind
  account_tier                  = var.storage_account_info.account_tier
  account_replication_type      = var.storage_account_info.account_replication_type
  access_tier                   = var.storage_account_info.account_kind != "Storage" ? var.storage_account_info.access_tier : null
  resource_group_name           = var.resource_group_name
  location                      = var.location
  advanced_threat_protection    = var.storage_account_info.advanced_threat_protection_enable
  use_legacy_defender_version   = var.storage_account_info.use_legacy_defender_version
  public_network_access_enabled = true

  tags = var.tags
}

@christian-calabrese christian-calabrese marked this pull request as draft April 19, 2024 06:35
@arcogabbo arcogabbo deleted the EC-261-nascondere-hidden-tags-dai-log-terraform branch June 25, 2024 12:18
@arcogabbo
Copy link
Contributor

closed because it was a duplicate of #963

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gunzip gunzip gunzip left review comments

@arcogabbo arcogabbo Awaiting requested review from arcogabbo arcogabbo is a code owner automatically assigned from pagopa/io-backend-contributors

@pagopa-github-bot pagopa-github-bot Awaiting requested review from pagopa-github-bot pagopa-github-bot is a code owner automatically assigned from pagopa/io-backend-contributors

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@christian-calabrese @gunzip @arcogabbo