Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test → val (26 July 2024) #11813

Merged
merged 28 commits into from
Jul 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
4de35ea
[Snyk] Upgrade sass from 1.77.4 to 1.77.6 (#11781)
mdct-github-service-account Jul 10, 2024
45b59d1
Deploy Runner - handle Serverless Compose errors (#11779)
BearHanded Jul 10, 2024
4e0a1b3
delete 'as' prop in createElementWithChildren
Gome510 Jul 11, 2024
f37ac92
[Snyk] Upgrade @aws-sdk/client-s3 from 3.592.0 to 3.600.0 (#11786)
mdct-github-service-account Jul 11, 2024
52b02bc
[Snyk] Upgrade @aws-sdk/util-dynamodb from 3.592.0 to 3.602.0 (#11788)
mdct-github-service-account Jul 12, 2024
d044674
[Snyk] Upgrade @aws-sdk/lib-dynamodb from 3.592.0 to 3.602.0 (#11787)
mdct-github-service-account Jul 12, 2024
f942f74
CMDCT-3763: ILOS PDF Update (#11784)
karla-vm Jul 12, 2024
a8f6d9f
[Snyk] Upgrade react-bootstrap from 2.10.2 to 2.10.3 (#11790)
mdct-github-service-account Jul 16, 2024
579a8be
[Snyk] Upgrade react-hook-form from 7.51.5 to 7.52.0 (#11791)
mdct-github-service-account Jul 16, 2024
1209d10
CMDCT-3792: delete 'as' prop in createElementWithChildren (#11785)
karla-vm Jul 16, 2024
1b7cbca
Topic audit (#11792)
berryd Jul 16, 2024
03da510
Use spies for console output in tests (#11795)
bangbay-bluetiger Jul 16, 2024
5e907b0
[Snyk] Upgrade react-router-dom from 6.23.1 to 6.24.0 (#11798)
mdct-github-service-account Jul 17, 2024
9267968
[Snyk] Upgrade zustand from 4.5.2 to 4.5.3 (#11799)
mdct-github-service-account Jul 17, 2024
8f4b227
fix page width 360 on get started page (#11793)
gmrabian Jul 17, 2024
e25351c
cmdct-3793 validateDOMnesting console error fix (#11797)
britt-mo Jul 17, 2024
ec7c97f
add new s3 lib tools; add script to remove malformed mlr data (#11794)
gmrabian Jul 17, 2024
d54655f
Refactor ui-src tests to remove console messages (#11796)
bangbay-bluetiger Jul 19, 2024
ec15f42
make app-api destroy first (#11802)
gmrabian Jul 22, 2024
dd312f6
remove bootstrap (#11805)
braxex Jul 22, 2024
05b1117
upgrade jsdom to resolve ws vulnerability (#11806)
braxex Jul 22, 2024
b8cb76f
Cmdct 3802 - PDF banner button should not be displayed if the PDF has…
britt-mo Jul 23, 2024
d6ca968
Audit topics (#11807)
berryd Jul 24, 2024
9c4d779
CMDCT-3867: Parity and Sanctions Content Updates (MCPAR) (#11810)
karla-vm Jul 25, 2024
4b8f766
CMDCT-3866: Content Updates to MCPAR Section D (#11809)
karla-vm Jul 25, 2024
45864a6
Cmdct 3801 - Error Banner on MLR Report Dashboard (#11808)
britt-mo Jul 25, 2024
96ed3b5
Cmdct 3865 - ILOS content changes (#11811)
britt-mo Jul 25, 2024
c27e15d
MLR: Cleanup HTML Content (#11812)
karla-vm Jul 26, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 29 additions & 5 deletions .github/audit-account.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,32 +4,33 @@ git fetch --all > /dev/null

#Parse inputs
case ${1-} in
"ci_active"|"ci_inactive"|"cf_other"|"untagged")
"ci_active"|"ci_inactive"|"cf_other"|"untagged"|"orphaned_topics")
OP=${1-}
;;
*)
echo "Error: unkown operation"
echo "Usage: ${0} [ci_active|ci_inactive|cf_other|untagged] [resource_tagging_response|null]" && exit 1
echo "Usage: ${0} [ci_active|ci_inactive|cf_other|untagged|orphaned_topics] [resource_tagging_response|null]" && exit 1
;;
esac

shift
if [ ! -z "${1-}" ]; then
if [ -f "${1-}" ]; then
RESOURCES=$(<"${1-}")
else
else
RESOURCES="${@-}"
fi
jq empty <<< "${RESOURCES}"
[ "$?" != 0 ] && echo "Error: supplied JSON is invalid." && echo ${RESOURCES} && exit 1
else
export REGION=us-east-1
RESOURCES=$(aws resourcegroupstaggingapi get-resources)
fi

#Create array of objects with the branch name and the interpolated branch name (for bot created branches)
get_branches () {
RAW_BRANCHES=$(git for-each-ref --format='%(refname)' refs/remotes/origin | sed 's|^.\+\/||g')
BRANCHES=()
local RAW_BRANCHES=$(git for-each-ref --format='%(refname)' refs/remotes/origin | sed 's|^.\+\/||g')
local BRANCHES=()
for B in $RAW_BRANCHES; do
[ "${B}" == "HEAD" ] && continue
IBRANCH=$(./setBranchName.sh ${B})
Expand Down Expand Up @@ -73,5 +74,28 @@ untagged () {
jq -r '[{ResourceARN:.ResourceTagMappingList[] | select((.Tags? | length) < 1).ResourceARN}] | sort' <<< "${1}"
}

#Create array of objects with the topic name and parsed topic namespace
get_topics () {
pushd ../services/topics > /dev/null
local RAW_TOPICS="$(sls invoke --stage main --function listTopics | jq -r '.[]')"
popd > /dev/null
local TOPICS=()
for T in $RAW_TOPICS; do
STAGE=$(echo "${T}" | sed 's/--/ /g' | cut -f3 -d' ')
TOPICS+=($(echo '{"TOPIC":"'${T}'","STAGE":"'${STAGE}'"}'))
done

jq -s '{TOPICS:.}' <<< ${TOPICS[*]}
}

#Produce a report with all topics and associated resource tags
orphaned_topics () {
local STAGES=$(ci_inactive "${1}" | jq -r '[.[].STAGE] | sort | unique | {STAGES: [{"STAGE":.[]}]}')
local TOPICS=$(get_topics)
jq -rs '.[0] * .[1] | [[.STAGES[].STAGE] as $stages | .TOPICS[] |
select( . as $topics | $stages | index($topics.STAGE) | not)] |
sort_by(.STAGE)' <<< $(echo ${TOPICS}${STAGES})
}

#Execute operation
$OP "${RESOURCES}"
25 changes: 23 additions & 2 deletions .github/workflows/audit-account.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: set variable values
- uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
- name: set variable values
run: ./.github/build-vars.sh set_values
env:
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
Expand All @@ -27,6 +30,19 @@ jobs:
with:
role-to-assume: ${{ env.AWS_OIDC_ROLE_TO_ASSUME }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- uses: actions/cache@v4
with:
path: |
**/node_modules
~/.cache/Cypress
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock', 'plugins/**') }}
- name: set path
run: |
echo "PATH=$(pwd)/node_modules/.bin/:$PATH" >> $GITHUB_ENV
- name: List all topics for project
run: |
#Executing the run command is required to assemble all the dependencies in the topics service
./run list-topics
- name: Collect resources from account
run: pushd .github && aws resourcegroupstaggingapi get-resources > resources.json
- name: List active resources created by CI pipeline
Expand All @@ -36,7 +52,9 @@ jobs:
- name: List resources created by Cloudformation but not from CI pipeline
run: pushd .github && ./audit-account.sh cf_other resources.json
- name: List untagged resources
run: pushd .github && ./audit-account.sh untagged resources.json
run: pushd .github && ./audit-account.sh untagged resources.json
- name: List orphaned topics
run: pushd .github && ./audit-account.sh orphaned_topics
- name: Create reports dir
run: pushd .github && mkdir -p reports
- name: Assemble CSV files
Expand All @@ -56,6 +74,9 @@ jobs:
UNTAGGED="$(./audit-account.sh untagged resources.json)"
[[ $(jq -r 'length' <<< "${UNTAGGED}") -gt 0 ]] && jq -r '(.[0]
| keys_unsorted) as $keys | $keys, map([.[ $keys[] ]])[] | @csv' <<< "${UNTAGGED}" > reports/untagged.csv
TOPICS="$(./audit-account.sh orphaned_topics)"
[[ $(jq -r 'length' <<< "${TOPICS}") -gt 0 ]] && jq -r '(.[0]
| keys_unsorted) as $keys | $keys, map([.[ $keys[] ]])[] | @csv' <<< "${TOPICS}" > reports/orphaned_topics.csv
- name: Upload reports
uses: actions/upload-artifact@v4
with:
Expand Down
5 changes: 4 additions & 1 deletion .github/workflows/destroy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,4 +54,7 @@ jobs:
role-to-assume: ${{ env.AWS_OIDC_ROLE_TO_ASSUME }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Destroy
run: ./run destroy --stage $STAGE_PREFIX$branch_name --verify false
# destroy app-api first due to a dependency between it and database
run: |
./run destroy --stage $STAGE_PREFIX$branch_name --verify false --service app-api
./run destroy --stage $STAGE_PREFIX$branch_name --verify false
Loading
Loading