2024-07-13 | MAIN --> PROD | DEV (f28d196) --> STAGING #4083
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add a NIST control review to our onboarding for engineers.
jadudm
added
autogenerated
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
Terraform plan for production Plan: 1 to add, 4 to change, 0 to destroy.Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
!~ update in-place
Terraform will perform the following actions:
# module.production.cloudfoundry_app.postgrest will be updated in-place
!~ resource "cloudfoundry_app" "postgrest" {
!~ docker_image = "ghcr.io/gsa-tts/fac/postgrest@sha256:08852a35ccf68490cf974e2b1a47d19480457c24b2244fa9f302ed785bd89462" -> "ghcr.io/gsa-tts/fac/postgrest@sha256:6b814f0e80d28a3a32a376c79dac1e26e6434ad47096f8c03dca1d8c195b409b"
id = "70ac44be-3507-4867-a75f-c2d1ab12ee89"
name = "postgrest"
# (17 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.production.module.clamav.cloudfoundry_app.clamav_api will be updated in-place
!~ resource "cloudfoundry_app" "clamav_api" {
!~ docker_image = "ghcr.io/gsa-tts/fac/clamav@sha256:ba95b2eab2464f762071de942b60190be73c901a17a143b234ac3a53dc947d68" -> "ghcr.io/gsa-tts/fac/clamav@sha256:0223624d99f6c90bd9f375bcca01ec00dc7d68eb9f075d602dd9e71cbb5224b9"
id = "5d0afa4f-527b-472a-8671-79a60335417f"
name = "fac-av-production"
# (17 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.production.module.file_scanner_clamav.cloudfoundry_app.clamav_api will be updated in-place
!~ resource "cloudfoundry_app" "clamav_api" {
!~ docker_image = "ghcr.io/gsa-tts/fac/clamav@sha256:ba95b2eab2464f762071de942b60190be73c901a17a143b234ac3a53dc947d68" -> "ghcr.io/gsa-tts/fac/clamav@sha256:0223624d99f6c90bd9f375bcca01ec00dc7d68eb9f075d602dd9e71cbb5224b9"
id = "6b0ce685-a80c-4feb-9ed6-49c6427efdb8"
name = "fac-av-production-fs"
# (17 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.production.module.https-proxy.cloudfoundry_app.egress_app will be updated in-place
!~ resource "cloudfoundry_app" "egress_app" {
id = "5e81ca8b-99cf-41f8-ae42-76652d51a44c"
name = "https-proxy"
!~ source_code_hash = "9fcf4a7f6abfc9a220de2b8bb97591ab490a271ac0933b984f606f645319e1a4" -> "9b63bf9766c73480bf1c2385e259b1321988ede71a7b68ebe5c451d9ff6bf1c1"
# (21 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.production.module.newrelic.newrelic_one_dashboard.log_review_dashboard will be created
+ resource "newrelic_one_dashboard" "log_review_dashboard" {
+ account_id = (known after apply)
+ guid = (known after apply)
+ id = (known after apply)
+ name = "FAC Log Review (production)"
+ permalink = (known after apply)
+ permissions = "public_read_only"
+ page {
+ guid = (known after apply)
+ name = "FAC Log Review"
+ widget_billboard {
+ column = 1
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 1
+ title = "Submission Count"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "From Transaction SELECT count(*) as 'Submissions' WHERE appName = 'gsa-fac-production' and request.method = 'POST' and request.uri like '/audit/submission/%' since 1 week ago"
}
}
+ widget_billboard {
+ column = 4
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 1
+ title = "Excel Uploads"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "FROM Metric SELECT count(*) AS 'Total uploads', average(apm.service.transaction.duration) AS 'Average time (s)' WHERE appName = 'gsa-fac-production' AND path LIKE 'audit.views.views:ExcelFileHandlerView.post'"
}
}
+ widget_billboard {
+ column = 7
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 1
+ title = "Single Audit Report Uploads"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "FROM Metric SELECT count(*) AS 'Total uploads', average(apm.service.transaction.duration) AS 'Average time (s)' WHERE appName = 'gsa-fac-production' AND path LIKE 'audit.views.upload_report_view:UploadReportView.post'"
}
}
+ widget_billboard {
+ column = 10
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 1
+ title = "Global Requests (Non-Upload)"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "FROM Metric SELECT count(*) AS 'Total requests', average(apm.service.transaction.duration) * 1000 AS 'Average time (ms)' WHERE appName = 'gsa-fac-production' AND path NOT LIKE '%ExcelFileHandlerView.post' AND path NOT LIKE '%UploadReportView.post'"
}
}
+ widget_billboard {
+ column = 9
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 4
+ title = "Infected Files Detected"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) AS 'Infected Files' FROM Log WHERE tags.space_name = 'production' and message LIKE '%ScanResult.INFECTED%'"
}
}
+ widget_billboard {
+ column = 9
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 5
+ title = "Django /admin/login/ Count"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(`message` as `/admin/login/ hits`) FROM Log WHERE `message` LIKE 'app.fac.gov%/admin/login%' SINCE 7 days ago"
}
}
+ widget_billboard {
+ column = 9
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 6
+ title = "production api.sam.gov Connection Count"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) AS 'api.sam.gov connections' FROM Log WHERE `entity.name` = 'gsa-fac-production' AND allColumnSearch('api.sam.gov', insensitive: true) SINCE 7 DAYS AGO"
}
}
+ widget_billboard {
+ column = 9
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 7
+ title = "production login.gov Connection Count"
+ width = 3
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) AS 'login.gov connections' FROM Log WHERE `entity.name` = 'gsa-fac-production' AND allColumnSearch('/api/openid_connect/userinfo', insensitive: true) SINCE 7 DAYS AGO"
}
}
+ widget_log_table {
+ column = 1
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 6
+ title = "production api.sam.gov Connections"
+ width = 8
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT `message` FROM Log WHERE `entity.name` = 'gsa-fac-production' AND allColumnSearch('api.sam.gov', insensitive: true) SINCE 7 DAYS AGO"
}
}
+ widget_log_table {
+ column = 1
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 7
+ title = "production login.gov Connections"
+ width = 8
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT `message` FROM Log WHERE `entity.name` = 'gsa-fac-production' AND allColumnSearch('/api/openid_connect/userinfo', insensitive: true) SINCE 7 DAYS AGO"
}
}
+ widget_stacked_bar {
+ column = 1
+ height = 4
+ id = (known after apply)
+ legend_enabled = true
+ row = 3
+ title = "500 Error Code"
+ width = 12
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE response.status = '500' and appName = 'gsa-fac-production' SINCE 1 week AGO TIMESERIES"
}
}
+ widget_stacked_bar {
+ column = 1
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 4
+ title = "Login Requests"
+ width = 8
+ colors {
+ color = "#00ff04"
+ series_overrides {
+ color = "#00ff04"
+ series_name = "/openid/login/"
}
}
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE request.uri = '/openid/login/' and appName = 'gsa-fac-production' SINCE 1 week AGO TIMESERIES"
}
}
+ widget_stacked_bar {
+ column = 1
+ height = 3
+ id = (known after apply)
+ legend_enabled = true
+ row = 5
+ title = "Logout Requests"
+ width = 8
+ colors {
+ color = "#ff0000"
+ series_overrides {
+ color = "#ff0000"
+ series_name = "/openid/logout/"
}
}
+ nrql_query {
+ account_id = (known after apply)
+ query = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE request.uri = '/openid/logout/' and appName = 'gsa-fac-production' SINCE 1 week AGO TIMESERIES"
}
}
}
}
Plan: 1 to add, 4 to change, 0 to destroy.
Warning: Argument is deprecated
with module.domain.cloudfoundry_service_instance.external_domain_instance,
on /tmp/terraform-data-dir/modules/domain/domain/main.tf line 45, in resource "cloudfoundry_service_instance" "external_domain_instance":
45: recursive_delete = var.recursive_delete
Since CF API v3, recursive delete is always done on the cloudcontroller side.
This will be removed in future releases
(and 6 more similar warnings elsewhere)📝 Plan generated in Pull Request Checks #3321 |
|
Terraform plan for staging No changes. Your infrastructure matches the configuration.✅ Plan applied in Deploy to Staging Environment #236 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an auto-generated pull request to merge main into prod for a staging release on 2024-07-13 with the last commit being merged as f28d196