From 16deebe1b87beb783726c5b4d77de877185dbfea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Dec 2023 07:53:00 -0500 Subject: [PATCH 1/3] chore(deps): Bump github/codeql-action from 2.22.10 to 3.22.11 (#1847) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 55702a2259..7b785c8bc4 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@305f6546310b9203e892c28c1484e82977f4f63d # v2.22.10 + uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 with: sarif_file: results.sarif From f4dc93e796c00b37cc6012bede46c7a6a178e165 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Dec 2023 07:29:13 -0500 Subject: [PATCH 2/3] chore(deps): Bump actions/upload-artifact from 3.1.3 to 4.0.0 (#1848) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 7b785c8bc4..a79ba35311 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: SARIF file path: results.sarif From 7305cd57dc356e8594924447b1575f218472c4e5 Mon Sep 17 00:00:00 2001 From: Sourav Paul Date: Sat, 16 Dec 2023 21:01:51 +0000 Subject: [PATCH 3/3] fix: Add uninstall before destroy (#1843) (#1844) --- patterns/istio/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/patterns/istio/README.md b/patterns/istio/README.md index 57bb0f5e3d..22855de34e 100644 --- a/patterns/istio/README.md +++ b/patterns/istio/README.md @@ -295,6 +295,25 @@ kubectl port-forward svc/jaeger 16686:16686 -n istio-system ## Destroy +The AWS Load Balancer Controller add-on asynchronously reconciles resource deletions. +During stack destruction, the istio ingress resource and the load balancer controller +add-on are deleted in quick succession, preventing the removal of some of the AWS +resources associated with the ingress gateway load balancer like, the frontend and the +backend security groups. +This causes the final `terraform destroy -auto-approve` command to timeout and fail with VPC dependency errors like below: + +```text +│ Error: deleting EC2 VPC (vpc-XXXX): operation error EC2: DeleteVpc, https response error StatusCode: 400, RequestID: XXXXX-XXXX-XXXX-XXXX-XXXXXX, api error DependencyViolation: The vpc 'vpc-XXXX' has dependencies and cannot be deleted. +``` + +A possible workaround is to manually uninstall the `istio-ingress` helm chart. + +```sh +terraform destroy -target='module.eks_blueprints_addons.helm_release.this["istio-ingress"]' -auto-approve +``` + +Once the chart is uninstalled move on to destroy the stack. + {% include-markdown "../../docs/_partials/destroy.md" %}