🇫🇷 😢 Unbootstrapping France. #6959

julialawrence · 2024-05-09T08:54:01Z

A reference to the issue / Description of it

ministryofjustice/analytical-platform#4222
The code enabling Paris region is breaking secure baseline job for Sprinkler because the account isn't enrolled in eu-west-3 security hub. Once that is fixed, the Paris changes can be reapplied in full.

How does this PR fix the problem?

The Paris region has been removed from the list of bootstrapped regions but because some of the resources have been created, the provider region change needs to persist as switching it back to the eu-west-2 region will stop them being found and destroyed.

Once sprinkler apply ran once, this should be revertable too.

How has this been tested?

It hasn't been unfortunately.

Deployment Plan / Instructions

An apply on sprinkler should be enough to see if this undid the damage. This PR does not need merging.

Checklist (check `x` in `[ ]` of list items)

I have performed a self-review of my own code
All checks have passed
I have made corresponding changes to the documentation
Plan and discussed how it should be deployed to PROD (If needed)

Additional comments (if any)

{Please write here}

… resources.

github-actions · 2024-05-09T08:55:58Z

`Trivy Scan` Success

Show Output

```hcl

Trivy will check the following folders:

</details> #### `Checkov Scan` Success
<details><summary>Show Output</summary>

```hcl

*****************************

Checkov will check the following folders:

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing "terraform" plugin...
Installed "terraform" (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.5.0)
tflint will check the following folders:

`Trivy Scan` Success

Show Output

*****************************

Trivy will check the following folders:

github-actions · 2024-05-09T09:09:26Z

`Trivy Scan` Failed

Show Output

```hcl

Trivy will check the following folders:
terraform/environments/bootstrap/secure-baselines

Running Trivy in terraform/environments/bootstrap/secure-baselines
2024-05-09T09:09:14Z INFO Need to update DB
2024-05-09T09:09:14Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-05-09T09:09:16Z INFO Vulnerability scanning is enabled
2024-05-09T09:09:16Z INFO Misconfiguration scanning is enabled
2024-05-09T09:09:16Z INFO Need to update the built-in policies
2024-05-09T09:09:16Z INFO Downloading the built-in policies...
50.41 KiB / 50.41 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-05-09T09:09:17Z INFO Secret scanning is enabled
2024-05-09T09:09:17Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-05-09T09:09:17Z INFO Please see also https://aquasecurity.github.io/trivy/v0.51/docs/scanner/secret/#recommendation for faster secret detection
2024-05-09T09:09:19Z INFO Number of language-specific files num=0
2024-05-09T09:09:19Z INFO Detected config files num=8

github.com/ministryofjustice/modernisation-platform-terraform-baselines?ref=b5ae2be29aaa29d644b6909af51acefdfaa80e14/config.tf (terraform)

Tests: 1 (SUCCESSES: 0, FAILURES: 0, EXCEPTIONS: 1)
Failures: 0 (HIGH: 0, CRITICAL: 0)

github.com/ministryofjustice/modernisation-platform-terraform-baselines?ref=b5ae2be29aaa29d644b6909af51acefdfaa80e14/modules/backup/main.tf (terraform)

Tests: 8 (SUCCESSES: 4, FAILURES: 4, EXCEPTIONS: 0)
Failures: 4 (HIGH: 4, CRITICAL: 0)