tweak perf test variables #1768
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| PERF_TEST_EMAIL_WITH_LINK_TEMPLATE_ID = var.perf_test_email_with_link_template_id | ||
| PERF_TEST_AWS_S3_BUCKET = var.perf_test_aws_s3_bucket | ||
| PERF_TEST_CSV_DIRECTORY_PATH = var.perf_test_csv_directory_path | ||
| PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR = var.perf_test_email_template_id_one_var |
There was a problem hiding this comment.
The variable PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR is introduced, but it is not clear if it replaces an existing variable or if it is a new addition. Ensure that this change is consistent with the rest of the codebase and that any references to the old variable are updated accordingly.
| PERF_TEST_AWS_S3_BUCKET = var.perf_test_aws_s3_bucket | ||
| PERF_TEST_CSV_DIRECTORY_PATH = var.perf_test_csv_directory_path | ||
| PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR = var.perf_test_email_template_id_one_var | ||
| PERF_TEST_SMS_TEMPLATE_ID_ONE_VAR = var.perf_test_sms_template_id_one_var |
There was a problem hiding this comment.
The variable PERF_TEST_SMS_TEMPLATE_ID_ONE_VAR is introduced, but it is not clear if it replaces an existing variable or if it is a new addition. Ensure that this change is consistent with the rest of the codebase and that any references to the old variable are updated accordingly.
| @@ -16,7 +16,7 @@ resource "random_string" "perf_test_domain_postfix" { | |||
| special = false | |||
| } | |||
|
|
|||
| resource "random_string" "perf_test_auth_header_postfix" { | |||
| resource "random_string" "perf_test_api_key_postfix" { | |||
There was a problem hiding this comment.
Consider updating the variable name in the count condition to match the new name perf_test_api_key_postfix for consistency.
| @@ -529,7 +529,7 @@ variable "perf_test_email" { | |||
| type = string | |||
| } | |||
|
|
|||
| variable "perf_test_auth_header" { | |||
| variable "perf_test_api_key" { | |||
There was a problem hiding this comment.
The variable name change from perf_test_auth_header to perf_test_api_key should be reflected in all the places where this variable is used to avoid any inconsistencies.
| } | ||
|
|
||
| variable "perf_test_bulk_email_template_id" { | ||
| variable "perf_test_sms_template_id_one_var" { |
There was a problem hiding this comment.
The variable name perf_test_sms_template_id_one_var is not consistent with the naming convention used in the rest of the file. Consider renaming it to perf_test_sms_template_id for consistency.
| } | ||
|
|
||
| variable "perf_test_email_with_link_template_id" { | ||
| variable "perf_test_email_template_id_one_var" { |
There was a problem hiding this comment.
The variable name perf_test_email_template_id_one_var is not very descriptive. Consider renaming it to something more meaningful to improve code readability.
sastels
force-pushed
the
tweak-perf-test-variable
branch
from
ff6d478 to
092ab81
Compare
4 tasks
ben851
requested changes
Feb 19, 2025
|
Staging and dev don't have these variables in their tfvar files... Maybe because they're coming from 1Password? 🤔 |
…ation-terraform into tweak-perf-test-variable
sastels
force-pushed
the
tweak-perf-test-variable
branch
from
c41c4d1 to
c9c919d
Compare
sastels
force-pushed
the
tweak-perf-test-variable
branch
from
c9c919d to
bbaa4e3
Compare
staging: heartbeat✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.heartbeat.aws_lambda_function.this will be updated in-place
~ resource "aws_lambda_function" "this" {
- description = "2025-02-24T19:11:57Z" -> null
id = "heartbeat"
tags = {
"CostCentre" = "notification-canada-ca-staging"
"Terraform" = "true"
}
# (27 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_event_rule.heartbeat_testing[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.heartbeat_log_group[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.logs-1-500-error-1-minute-warning-heartbeat-api[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.logs-10-500-error-5-minutes-critical-heartbeat-api[0]"]
23 tests, 19 passed, 4 warnings, 0 failures, 0 exceptions
|
staging: eks✅ Terraform Init: Plan: 3 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# aws_security_group.perf-test will be created
+ resource "aws_security_group" "perf-test" {
+ arn = (known after apply)
+ description = "Performance Test Security Group"
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = "performance_test"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = "vpc-097508d1f5e243195"
}
# aws_security_group_rule.notification-canada-ca-alb-perf-test-ingress will be created
+ resource "aws_security_group_rule" "notification-canada-ca-alb-perf-test-ingress" {
+ description = "Access to performance test access through its security group"
+ from_port = 5432
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = "sg-0e2c3ef6c5c75b74c"
+ security_group_rule_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 5432
+ type = "ingress"
}
# aws_security_group_rule.perf-test-access-rds-eks will be created
+ resource "aws_security_group_rule" "perf-test-access-rds-eks" {
+ description = "Connect performance test to RDS"
+ from_port = 5432
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ self = false
+ source_security_group_id = "sg-0e2c3ef6c5c75b74c"
+ to_port = 5432
+ type = "egress"
}
# module.sentinel_forwarder.aws_lambda_function.sentinel_forwarder will be updated in-place
~ resource "aws_lambda_function" "sentinel_forwarder" {
id = "sentinel-cloud-watch-forwarder"
~ layers = [
~ (sensitive value),
]
tags = {
"CostCentre" = "notification-canada-ca-staging"
}
# (28 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
Plan: 3 to add, 1 to change, 0 to destroy.
Changes to Outputs:
+ perf_test_security_group_id = (known after apply)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Cloudwatch log metric pattern is invalid: ["aws_cloudwatch_log_metric_filter.celery-error[0]"]
WARN - plan.json - main - Cloudwatch log metric pattern is invalid: ["aws_cloudwatch_log_metric_filter.scanfiles-timeout[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.client_vpn"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.notification-canada-ca"]
WARN - plan.json - main - Missing Common Tags: ["aws_acm_certificate.notification-canada-ca-alt[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb.notification-canada-ca"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener.internal_alb_tls"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_listener.notification-canada-ca"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.internal_nginx_http"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.notification-canada-ca-admin"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.notification-canada-ca-api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.notification-canada-ca-document"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.notification-canada-ca-document-api"]
WARN - plan.json - main - Missing Common Tags: ["aws_alb_target_group.notification-canada-ca-documentation"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.blazer[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.notification-canada-ca-eks-application-logs[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.notification-canada-ca-eks-cluster-logs[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.notification-canada-ca-eks-prometheus-logs[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.admin-evicted-pods[0]"]
WARN - plan.json - main - Missing Common Tags:... |
staging: aws-auth✅ Terraform Init: Plan: 1 to add, 0 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.eks[0].kubernetes_config_map_v1_data.aws_auth[0] will be created
+ resource "kubernetes_config_map_v1_data" "aws_auth" {
+ data = {
+ "mapAccounts" = (sensitive value)
+ "mapRoles" = (sensitive value)
+ "mapUsers" = jsonencode([])
}
+ field_manager = "Terraform"
+ force = true
+ id = (known after apply)
+ metadata {
+ name = "aws-auth"
+ namespace = "kube-system"
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest results20 tests, 20 passed, 0 warnings, 0 failures, 0 exceptions
|
staging: system_status✅ Terraform Init: Plan: 0 to add, 1 to change, 0 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.system_status.aws_lambda_function.this will be updated in-place
~ resource "aws_lambda_function" "this" {
- description = "2025-02-24T19:12:06Z" -> null
id = "system_status"
tags = {
"CostCentre" = "notification-canada-ca-staging"
"Terraform" = "true"
}
# (27 unchanged attributes hidden)
# (5 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_event_rule.system_status_testing[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.system_status_log_group[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.logs-1-500-error-1-minute-warning-system_status-api[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.logs-10-500-error-5-minutes-critical-system_status-api[0]"]
23 tests, 19 passed, 4 warnings, 0 failures, 0 exceptions
|
staging: performance-test✅ Terraform Init: Plan: 8 to add, 3 to change, 7 to destroyShow summary
Show planResource actions are indicated with the following symbols:
+ create
~ update in-place
- destroy
-/+ destroy and then create replacement
<= read (data resources)
Terraform will perform the following actions:
# data.aws_iam_policy_document.perf_test_secretsmanager will be read during apply
# (config refers to values not yet known)
<= data "aws_iam_policy_document" "perf_test_secretsmanager" {
+ id = (known after apply)
+ json = (known after apply)
+ minified_json = (known after apply)
+ statement {
+ actions = [
+ "secretsmanager:GetSecretValue",
]
+ effect = "Allow"
+ resources = [
+ "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_domain-WSUpwW",
+ "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_email-sWnA9Z",
+ "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_phone_number-DWkOGY",
+ (known after apply),
+ (known after apply),
]
}
}
# data.aws_iam_policy_document.scheduled_task_perf_test_event_role_cloudwatch_policy will be read during apply
# (config refers to values not yet known)
<= data "aws_iam_policy_document" "scheduled_task_perf_test_event_role_cloudwatch_policy" {
+ id = (known after apply)
+ json = (known after apply)
+ minified_json = (known after apply)
+ statement {
+ actions = [
+ "ecs:RunTask",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
]
}
+ statement {
+ actions = [
+ "iam:PassRole",
]
+ resources = [
+ "arn:aws:iam::239043911459:role/container_execution_role",
+ "arn:aws:iam::239043911459:role/performance_test_cluster-ecs-task",
]
}
}
# data.template_file.perf_test_container_definition will be read during apply
# (config refers to values not yet known)
<= data "template_file" "perf_test_container_definition" {
+ id = (known after apply)
+ rendered = (known after apply)
+ template = jsonencode(
[
+ {
+ cpu = 0
+ environment = [
+ {
+ name = "PERF_TEST_AWS_S3_BUCKET"
+ value = "${PERF_TEST_AWS_S3_BUCKET}"
},
+ {
+ name = "PERF_TEST_CSV_DIRECTORY_PATH"
+ value = "${PERF_TEST_CSV_DIRECTORY_PATH}"
},
+ {
+ name = "PERF_TEST_SMS_TEMPLATE_ID_ONE_VAR"
+ value = "${PERF_TEST_SMS_TEMPLATE_ID_ONE_VAR}"
},
+ {
+ name = "PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR"
+ value = "${PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR}"
},
]
+ essential = true
+ image = "${ECR_REPOSITORY_URL}"
+ logConfiguration = {
+ logDriver = "awslogs"
+ options = {
+ awslogs-group = "${AWS_LOGS_GROUP}"
+ awslogs-region = "${AWS_LOGS_REGION}"
+ awslogs-stream-prefix = "${AWS_LOGS_STREAM_PREFIX}"
}
}
+ name = "performance-tests-container"
+ secrets = [
+ {
+ name = "PERF_TEST_PHONE_NUMBER"
+ valueFrom = "${PERF_TEST_PHONE_NUMBER_ARN}"
},
+ {
+ name = "PERF_TEST_EMAIL_ADDRESS"
+ valueFrom = "${PERF_TEST_EMAIL_ARN}"
},
+ {
+ name = "PERF_TEST_DOMAIN"
+ valueFrom = "${PERF_TEST_DOMAIN_ARN}"
},
+ {
+ name = "PERF_TEST_API_KEY"
+ valueFrom = "${PERF_TEST_API_KEY_ARN}"
},
+ {
+ name = "DATABASE_READER_URI"
+ valueFrom = "${DATABASE_READER_URI_ARN}"
},
]
+ ulimits = [
+ {
+ hardLimit = 98304
+ name = "nofile"
+ softLimit = 98304
},
]
+ volumesFrom = []
},
]
)
+ vars = {
+ "AWS_LOGS_GROUP" = "performance_test_cluster"
+ "AWS_LOGS_REGION" = "ca-central-1"
+ "AWS_LOGS_STREAM_PREFIX" = "performance_test_cluster-task"
+ "DATABASE_READER_URI_ARN" = (known after apply)
+ "ECR_REPOSITORY_URL" = "239043911459.dkr.ecr.ca-central-1.amazonaws.com/notify/performance-test"
+ "PERF_TEST_API_KEY_ARN" = (known after apply)
+ "PERF_TEST_AWS_S3_BUCKET" = "notify-performance-test-results-staging"
+ "PERF_TEST_CSV_DIRECTORY_PATH" = "/tmp/notify_performance_test"
+ "PERF_TEST_DOMAIN_ARN" = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_domain-WSUpwW"
+ "PERF_TEST_EMAIL_ARN" = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_email-sWnA9Z"
+ "PERF_TEST_EMAIL_TEMPLATE_ID_ONE_VAR" = "9fb324a5-821d-4b54-9d52-d9ba1fa8373a"
+ "PERF_TEST_PHONE_NUMBER_ARN" = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_phone_number-DWkOGY"
+ "PERF_TEST_SMS_TEMPLATE_ID_ONE_VAR" = "8048cc75-dfcf-45a0-984c-1585fe6e9880"
}
}
# aws_cloudwatch_event_target.ecs_scheduled_task[0] will be updated in-place
~ resource "aws_cloudwatch_event_target" "ecs_scheduled_task" {
id = "perf_test_event_rule-terraform-20211129205416437200000001"
# (8 unchanged attributes hidden)
~ ecs_target {
tags = {
"CostCenter" = "notification-canada-ca-staging"
}
~ task_definition_arn = "arn:aws:ecs:ca-central-1:239043911459:task-definition/performance_test_cluster:9" -> (known after apply)
# (7 unchanged attributes hidden)
~ network_configuration {
~ security_groups = [
- "sg-0d33ba06ed2e11092",
+ null,
]
# (2 unchanged attributes hidden)
}
}
}
# aws_ecs_task_definition.perf_test_task must be replaced
-/+ resource "aws_ecs_task_definition" "perf_test_task" {
~ arn = "arn:aws:ecs:ca-central-1:239043911459:task-definition/performance_test_cluster:9" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:ca-central-1:239043911459:task-definition/performance_test_cluster" -> (known after apply)
~ container_definitions = jsonencode(
[
- {
- environment = [
- {
- name = "PERF_TEST_AWS_S3_BUCKET"
- value = "notify-performance-test-results-staging"
},
- {
- name = "PERF_TEST_BULK_EMAIL_TEMPLATE_ID"
- value = "fa759679-30f2-4666-94e2-bd4921329c46"
},
- {
- name = "PERF_TEST_CSV_DIRECTORY_PATH"
- value = "/tmp/notify_performance_test"
},
- {
- name = "PERF_TEST_EMAIL_TEMPLATE_ID"
- value = "fa759679-30f2-4666-94e2-bd4921329c46"
},
- {
- name = "PERF_TEST_EMAIL_WITH_ATTACHMENT_TEMPLATE_ID"
- value = "fa759679-30f2-4666-94e2-bd4921329c46"
},
- {
- name = "PERF_TEST_EMAIL_WITH_LINK_TEMPLATE_ID"
- value = "9fb324a5-821d-4b54-9d52-d9ba1fa8373a"
},
- {
- name = "PERF_TEST_SMS_TEMPLATE_ID"
- value = "d5fea9f3-f69d-481e-9186-b7f4eaa5cf63"
},
]
- essential = true
- image = "239043911459.dkr.ecr.ca-central-1.amazonaws.com/notify/performance-test"
- logConfiguration = {
- logDriver = "awslogs"
- options = {
- awslogs-group = "performance_test_cluster"
- awslogs-region = "ca-central-1"
- awslogs-stream-prefix = "performance_test_cluster-task"
}
}
- mountPoints = []
- name = "performance-tests-container"
- portMappings = []
- secrets = [
- {
- name = "PERF_TEST_AUTH_HEADER"
- valueFrom = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL"
},
- {
- name = "PERF_TEST_DOMAIN"
- valueFrom = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_domain-WSUpwW"
},
- {
- name = "PERF_TEST_EMAIL"
- valueFrom = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_email-sWnA9Z"
},
- {
- name = "PERF_TEST_PHONE_NUMBER"
- valueFrom = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_phone_number-DWkOGY"
},
]
- systemControls = []
- ulimits = [
- {
- hardLimit = 98304
- name = "nofile"
- softLimit = 98304
},
]
- volumesFrom = []
},
] # forces replacement
) -> (known after apply) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "performance_test_cluster" -> (known after apply)
~ revision = 9 -> (known after apply)
tags = {
"CostCenter" = "notification-canada-ca-staging"
}
# (12 unchanged attributes hidden)
}
# aws_iam_policy.perf_test_secretsmanager will be updated in-place
~ resource "aws_iam_policy" "perf_test_secretsmanager" {
id = "arn:aws:iam::239043911459:policy/PerfTestEcsTaskGetSecretValue"
name = "PerfTestEcsTaskGetSecretValue"
~ policy = jsonencode(
{
- Statement = [
- {
- Action = "secretsmanager:GetSecretValue"
- Effect = "Allow"
- Resource = [
- "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_phone_number-DWkOGY",
- "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_email-sWnA9Z",
- "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_domain-WSUpwW",
- "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL",
]
- Sid = ""
},
]
- Version = "2012-10-17"
}
) -> (known after apply)
tags = {}
# (7 unchanged attributes hidden)
}
# aws_iam_role_policy.scheduled_task_perf_test_event_role_cloudwatch_policy will be updated in-place
~ resource "aws_iam_role_policy" "scheduled_task_perf_test_event_role_cloudwatch_policy" {
id = "perf_test_scheduled_task_role:performance_test_cluster-ecs-scheduled-policy"
name = "performance_test_cluster-ecs-scheduled-policy"
~ policy = jsonencode(
{
- Statement = [
- {
- Action = "ecs:RunTask"
- Effect = "Allow"
- Resource = "arn:aws:ecs:ca-central-1:239043911459:task-definition/performance_test_cluster:9"
},
- {
- Action = "iam:PassRole"
- Effect = "Allow"
- Resource = [
- "arn:aws:iam::239043911459:role/performance_test_cluster-ecs-task",
- "arn:aws:iam::239043911459:role/container_execution_role",
]
},
]
- Version = "2012-10-17"
}
) -> (known after apply)
# (2 unchanged attributes hidden)
}
# aws_secretsmanager_secret.perf_test_api_key[0] will be created
+ resource "aws_secretsmanager_secret" "perf_test_api_key" {
+ arn = (known after apply)
+ force_overwrite_replica_secret = false
+ id = (known after apply)
+ name = "perf_test_api_key"
+ name_prefix = (known after apply)
+ policy = (known after apply)
+ recovery_window_in_days = 0
+ tags_all = (known after apply)
+ replica (known after apply)
}
# aws_secretsmanager_secret.perf_test_auth_header[0] will be destroyed
# (because aws_secretsmanager_secret.perf_test_auth_header is not in configuration)
- resource "aws_secretsmanager_secret" "perf_test_auth_header" {
- arn = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL" -> null
- force_overwrite_replica_secret = false -> null
- id = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL" -> null
- name = "perf_test_auth_header" -> null
- recovery_window_in_days = 0 -> null
- tags = {} -> null
- tags_all = {} -> null
# (4 unchanged attributes hidden)
}
# aws_secretsmanager_secret.perf_test_database_uri[0] will be created
+ resource "aws_secretsmanager_secret" "perf_test_database_uri" {
+ arn = (known after apply)
+ force_overwrite_replica_secret = false
+ id = (known after apply)
+ name = "perf_test_database_uri"
+ name_prefix = (known after apply)
+ policy = (known after apply)
+ recovery_window_in_days = 0
+ tags_all = (known after apply)
+ replica (known after apply)
}
# aws_secretsmanager_secret_version.perf_test_api_key[0] will be created
+ resource "aws_secretsmanager_secret_version" "perf_test_api_key" {
+ arn = (known after apply)
+ has_secret_string_wo = (known after apply)
+ id = (known after apply)
+ secret_id = (known after apply)
+ secret_string = (sensitive value)
+ version_id = (known after apply)
+ version_stages = (known after apply)
}
# aws_secretsmanager_secret_version.perf_test_auth_header[0] will be destroyed
# (because aws_secretsmanager_secret_version.perf_test_auth_header is not in configuration)
- resource "aws_secretsmanager_secret_version" "perf_test_auth_header" {
- arn = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL" -> null
- id = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL|terraform-20240404205110719800000001" -> null
- secret_id = "arn:aws:secretsmanager:ca-central-1:239043911459:secret:perf_test_auth_header-PxFUOL" -> null
- secret_string = (sensitive value) -> null
- version_id = "terraform-20240404205110719800000001" -> null
- version_stages = [
- "AWSCURRENT",
] -> null
# (1 unchanged attribute hidden)
}
# aws_secretsmanager_secret_version.perf_test_database_uri[0] will be created
+ resource "aws_secretsmanager_secret_version" "perf_test_database_uri" {
+ arn = (known after apply)
+ has_secret_string_wo = (known after apply)
+ id = (known after apply)
+ secret_id = (known after apply)
+ secret_string = (sensitive value)
+ version_id = (known after apply)
+ version_stages = (known after apply)
}
# aws_security_group.perf_test will be destroyed
# (because aws_security_group.perf_test is not in configuration)
- resource "aws_security_group" "perf_test" {
- arn = "arn:aws:ec2:ca-central-1:239043911459:security-group/sg-0d33ba06ed2e11092" -> null
- description = "Performance Test Security Group" -> null
- egress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- description = "Egress to the internet from perftest"
- from_port = 443
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 443
},
- {
- cidr_blocks = []
- description = "Internal egress to VPC PrivateLink endpoints from perftest"
- from_port = 443
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = [
- "sg-0287512b67e098d3c",
]
- self = false
- to_port = 443
},
- {
- cidr_blocks = []
- description = "Security group rule for perftest to S3 gateway"
- from_port = 443
- ipv6_cidr_blocks = []
- prefix_list_ids = [
- "pl-7da54014",
]
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 443
},
] -> null
- id = "sg-0d33ba06ed2e11092" -> null
- ingress = [] -> null
- name = "perf_test" -> null
- owner_id = "239043911459" -> null
- revoke_rules_on_delete = false -> null
- tags = {} -> null
- tags_all = {} -> null
- vpc_id = "vpc-097508d1f5e243195" -> null
# (1 unchanged attribute hidden)
}
# aws_security_group_rule.notification-worker-egress-private-endpoints must be replaced
-/+ resource "aws_security_group_rule" "notification-worker-egress-private-endpoints" {
- cidr_blocks = [] -> null
~ id = "sgrule-3355452194" -> (known after apply)
- ipv6_cidr_blocks = [] -> null
- prefix_list_ids = [] -> null
- security_group_id = "sg-0d33ba06ed2e11092" -> null # forces replacement
~ security_group_rule_id = "sgr-0a0ec162aa972ffa0" -> (known after apply)
# (7 unchanged attributes hidden)
}
# aws_security_group_rule.perftest-egress-endpoints-gateway must be replaced
-/+ resource "aws_security_group_rule" "perftest-egress-endpoints-gateway" {
- cidr_blocks = [] -> null
~ id = "sgrule-3393353228" -> (known after apply)
- ipv6_cidr_blocks = [] -> null
- security_group_id = "sg-0d33ba06ed2e11092" -> null # forces replacement
~ security_group_rule_id = "sgr-0562b0c5fb9d8f811" -> (known after apply)
+ source_security_group_id = (known after apply)
# (7 unchanged attributes hidden)
}
# aws_security_group_rule.perftest-egress-internet must be replaced
-/+ resource "aws_security_group_rule" "perftest-egress-internet" {
~ id = "sgrule-3070059477" -> (known after apply)
- ipv6_cidr_blocks = [] -> null
- prefix_list_ids = [] -> null
- security_group_id = "sg-0d33ba06ed2e11092" -> null # forces replacement
~ security_group_rule_id = "sgr-042937b7eedcf54db" -> (known after apply)
+ source_security_group_id = (known after apply)
# (7 unchanged attributes hidden)
}
Plan: 8 to add, 3 to change, 7 to destroy.
Warning: Argument is deprecated
with module.notify_performance_test_results.aws_s3_bucket.this,
on .terraform/modules/notify_performance_test_results/S3/main.tf line 7, in resource "aws_s3_bucket" "this":
7: resource "aws_s3_bucket" "this" {
Use the aws_s3_bucket_server_side_encryption_configuration resource instead
(and 3 more similar warnings elsewhere)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary | Résumé
New perf test variables to go along with cds-snc/notification-api#2461
Related Issues | Cartes liées
Before merging this PR
Read code suggestions left by the
cds-ai-codereviewer bot. Address
valid suggestions and shortly write down reasons to not address others. To help
with the classification of the comments, please use these reactions on each of the
comments made by the AI review:
The classifications will be extracted and summarized into an analysis of how helpful
or not the AI code review really is.
Test instructions | Instructions pour tester la modification
See if the new api branch works!
Release Instructions | Instructions pour le déploiement
None.
Reviewer checklist | Liste de vérification du réviseur