From cff6e67b2657b9aff8ed45fc63e3556b71bbd3d5 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Thu, 1 May 2025 17:28:20 +0100 Subject: [PATCH 1/3] [NRL-774] Update Terraform to 1.9.8 --- .tool-versions | 2 +- README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.tool-versions b/.tool-versions index b25c0d9cf..8f5193658 100644 --- a/.tool-versions +++ b/.tool-versions @@ -2,7 +2,7 @@ awscli 2.15.11 poetry 1.8.2 jq 1.7.1 python 3.12.2 -terraform 1.3.4 +terraform 1.9.8 java zulu-jre-17.42.19 yq 4.35.2 allure 2.27.0 diff --git a/README.md b/README.md index 6eb9758d1..e5afa7bb4 100644 --- a/README.md +++ b/README.md @@ -36,8 +36,8 @@ For an easy way to make sure your local system matches the requirements needed y - [poetry](https://python-poetry.org/docs/) (this repository uses poetry ^1.5.1) - [pyenv](https://github.com/pyenv/pyenv) (this repository uses python ^3.9.15) - jq -- terraform (this repository uses terraform ^1.3.4) -- [tfenv](https://github.com/tfutils/tfenv) (this repository uses terraform 1.3.4) +- terraform +- [tfenv](https://github.com/tfutils/tfenv) - coreutils Swagger generation requirements. From 47b5bcceb573c588b65f0be693f66840c007b3cc Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Tue, 6 May 2025 14:12:30 +0100 Subject: [PATCH 2/3] [NRL-774] Add uncommitted comment to account-wide-infra README about codebuild errors --- .../account-wide-infrastructure/README.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/terraform/account-wide-infrastructure/README.md b/terraform/account-wide-infrastructure/README.md index 06d0159ed..5efb6f79b 100644 --- a/terraform/account-wide-infrastructure/README.md +++ b/terraform/account-wide-infrastructure/README.md @@ -43,6 +43,30 @@ Once you're happy with your planned changes, you can apply them with: terraform apply ``` +### If you get "Error: creating CodeBuild Webhook" + +If you see this erro: + +``` +│ Error: creating CodeBuild Webhook (nhsd-nrlf-ci-build-project): operation error CodeBuild: CreateWebhook, https response error StatusCode: 400, RequestID: , ResourceNotFoundException: Access token not found in CodeBuild project for server type github +│ +│ with aws_codebuild_webhook.github_workflow, +│ on codebuild.tf line 113, in resource "aws_codebuild_webhook" "github_workflow": +│ 113: resource "aws_codebuild_webhook" "github_workflow" { +``` + +You will need to add the Github PAT credential for codebuild to connect to Github. To fix this: + +1. Go to the AWS console and find the Codebuild service +2. Select the created nhsd-nrlf-ci-build-project project +3. Press the "Edit" button (in the top-bar) +4. Where it says "You have not connected to Github", press the "Manage account credentials" link +5. At the "Manage default source credential" page, choose "Personal Access Token" type, "Secrets Manager" service, and "Existing Secret" secret. +6. In the "Connection" drop-down, choose the "nhsd-nrlf--codebuild-github-pat" secret +7. Press the "Save" button + +If that has worked, you should see: "Your account is successfully connected through Secrets Manager secret" + ### Build and publish the container image for CI build Once all the mgmt infra has been deployed, you need to build and publish the CI image to the ECR repo. From 1b0e0755575439031c5afa8029a29553066c2300 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Tue, 6 May 2025 14:50:30 +0100 Subject: [PATCH 3/3] [NRL-774] Update .terraform-version files in all infra dirs --- terraform/account-wide-infrastructure/dev/.terraform-version | 2 +- terraform/account-wide-infrastructure/mgmt/.terraform-version | 2 +- terraform/account-wide-infrastructure/prod/.terraform-version | 2 +- terraform/account-wide-infrastructure/test/.terraform-version | 2 +- terraform/infrastructure/.terraform-version | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/terraform/account-wide-infrastructure/dev/.terraform-version b/terraform/account-wide-infrastructure/dev/.terraform-version index d0149fef7..66beabb57 100644 --- a/terraform/account-wide-infrastructure/dev/.terraform-version +++ b/terraform/account-wide-infrastructure/dev/.terraform-version @@ -1 +1 @@ -1.3.4 +1.9.8 diff --git a/terraform/account-wide-infrastructure/mgmt/.terraform-version b/terraform/account-wide-infrastructure/mgmt/.terraform-version index d0149fef7..66beabb57 100644 --- a/terraform/account-wide-infrastructure/mgmt/.terraform-version +++ b/terraform/account-wide-infrastructure/mgmt/.terraform-version @@ -1 +1 @@ -1.3.4 +1.9.8 diff --git a/terraform/account-wide-infrastructure/prod/.terraform-version b/terraform/account-wide-infrastructure/prod/.terraform-version index d0149fef7..66beabb57 100644 --- a/terraform/account-wide-infrastructure/prod/.terraform-version +++ b/terraform/account-wide-infrastructure/prod/.terraform-version @@ -1 +1 @@ -1.3.4 +1.9.8 diff --git a/terraform/account-wide-infrastructure/test/.terraform-version b/terraform/account-wide-infrastructure/test/.terraform-version index d0149fef7..66beabb57 100644 --- a/terraform/account-wide-infrastructure/test/.terraform-version +++ b/terraform/account-wide-infrastructure/test/.terraform-version @@ -1 +1 @@ -1.3.4 +1.9.8 diff --git a/terraform/infrastructure/.terraform-version b/terraform/infrastructure/.terraform-version index d0149fef7..66beabb57 100644 --- a/terraform/infrastructure/.terraform-version +++ b/terraform/infrastructure/.terraform-version @@ -1 +1 @@ -1.3.4 +1.9.8