CME-121 ITHC update from master #2387
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[DTSAM-611](https://tools.hmcts.net/jira/browse/DTSAM-611) Refactor S2S token secrets and environment variables used in FTAs.
…2364) * DTSAM-571 Audit byPassOrgDroolRule when receiving ORG roles from ORM * process included in log * () added to log properties * do not log if client id = am_org_role_mapping_service * not ORM log filter fixed by using .equals() * logging made null safe * FTAs with ref S-*_Org_Role_Creation added ORM request header to remove from the KQL report * ServiceAuthorization header moved to Test_Data_Base file * ServiceAuthorization header added to requests in common dir
* DTSAM-571 Audit byPassOrgDroolRule when receiving ORG roles from ORM * process included in log * () added to log properties * do not log if client id = am_org_role_mapping_service * not ORM log filter fixed by using .equals() * DTSAM-572 Audit use of case-allocator rules for CCD case-roles - conditional logInfoMsg() added * temp removal of conditional for report dev in aat * temp removal of conditional for report dev in aat * space added to log * logging made null safe * RoleCategory filter uncommented * logging made null safe * FTAs with ref S-*_Org_Role_Creation added ORM request header to remove from the KQL report * ServiceAuthorization header moved to Test_Data_Base file * ServiceAuthorization header added to requests in common dir * logged rule corrected to case_allocator_approve_delete_case_role_all_wa_services * RoleCategory comparisons made null safe
* Update dependency org.pitest:pitest to v1.17.1 * Update versions.tomcat to v9.0.97 * DTSAM-610 Renovate review W/C 2024-11-18 - pitest reverted 1.17.1 -> 1.17.0 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Mike Brown <michael.brown@hmcts.net> Co-authored-by: mikebrownccd <104495891+mikebrownccd@users.noreply.github.com>
Plan Result (aat)
Change Result (Click me) # module.role-assignment-database-v15.azurerm_monitor_action_group.db-alerts-action-group[0] will be created
+ resource "azurerm_monitor_action_group" "db-alerts-action-group" {
+ enabled = true
+ id = (known after apply)
+ location = "global"
+ name = "db_alerts_action_group_name"
+ resource_group_name = "am-role-assignment-service-postgres-db-v15-data-aat"
+ short_name = "db_alerts_ac"
+ tags = {
+ "application" = "access-management"
+ "autoShutdown" = "true"
+ "builtFrom" = "https://github.com/HMCTS/am-role-assignment-service.git"
+ "businessArea" = "CFT"
+ "contactSlackChannel" = "#am-master-builds"
+ "environment" = "staging"
+ "managedBy" = "AM"
}
+ email_receiver {
+ email_address = (sensitive value)
+ name = "Email Receiver"
+ use_common_alert_schema = true
}
}
# module.role-assignment-database-v15.azurerm_monitor_metric_alert.db_alert_cpu[0] will be created
+ resource "azurerm_monitor_metric_alert" "db_alert_cpu" {
+ auto_mitigate = true
+ description = "Whenever the cpu utilization is greater than 80"
+ enabled = true
+ frequency = "PT1H"
+ id = (known after apply)
+ name = "db_cpu_percent_am-role-assignment-service-postgres-db-v15-aat"
+ resource_group_name = "am-role-assignment-service-postgres-db-v15-data-aat"
+ scopes = [
+ "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/am-role-assignment-service-postgres-db-v15-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/am-role-assignment-service-postgres-db-v15-aat",
]
+ severity = 1
+ tags = {
+ "application" = "access-management"
+ "autoShutdown" = "true"
+ "builtFrom" = "https://github.com/HMCTS/am-role-assignment-service.git"
+ "businessArea" = "CFT"
+ "contactSlackChannel" = "#am-master-builds"
+ "environment" = "staging"
+ "managedBy" = "AM"
}
+ target_resource_location = (known after apply)
+ target_resource_type = (known after apply)
+ window_size = "P1D"
+ action {
+ action_group_id = (known after apply)
}
+ criteria {
+ aggregation = "Average"
+ metric_name = "cpu_percent"
+ metric_namespace = "Microsoft.DBforPostgreSQL/flexibleServers"
+ operator = "GreaterThan"
+ skip_metric_validation = false
+ threshold = 80
}
}
# module.role-assignment-database-v15.azurerm_monitor_metric_alert.db_alert_memory[0] will be created
+ resource "azurerm_monitor_metric_alert" "db_alert_memory" {
+ auto_mitigate = true
+ description = "Whenever the memory utilization is greater than 80"
+ enabled = true
+ frequency = "PT1H"
+ id = (known after apply)
+ name = "db_memory_percent_am-role-assignment-service-postgres-db-v15-aat"
+ resource_group_name = "am-role-assignment-service-postgres-db-v15-data-aat"
+ scopes = [
+ "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/am-role-assignment-service-postgres-db-v15-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/am-role-assignment-service-postgres-db-v15-aat",
]
+ severity = 1
+ tags = {
+ "application" = "access-management"
+ "autoShutdown" = "true"
+ "builtFrom" = "https://github.com/HMCTS/am-role-assignment-service.git"
+ "businessArea" = "CFT"
+ "contactSlackChannel" = "#am-master-builds"
+ "environment" = "staging"
+ "managedBy" = "AM"
}
+ target_resource_location = (known after apply)
+ target_resource_type = (known after apply)
+ window_size = "P1D"
+ action {
+ action_group_id = (known after apply)
}
+ criteria {
+ aggregation = "Average"
+ metric_name = "memory_percent"
+ metric_namespace = "Microsoft.DBforPostgreSQL/flexibleServers"
+ operator = "GreaterThan"
+ skip_metric_validation = false
+ threshold = 80
}
}
# module.role-assignment-database-v15.azurerm_monitor_metric_alert.db_alert_storage_utilization[0] will be created
+ resource "azurerm_monitor_metric_alert" "db_alert_storage_utilization" {
+ auto_mitigate = true
+ description = "Whenever the storage utilization is greater than 80"
+ enabled = true
+ frequency = "PT1H"
+ id = (known after apply)
+ name = "db_storage_utilization_am-role-assignment-service-postgres-db-v15-aat"
+ resource_group_name = "am-role-assignment-service-postgres-db-v15-data-aat"
+ scopes = [
+ "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/am-role-assignment-service-postgres-db-v15-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/am-role-assignment-service-postgres-db-v15-aat",
]
+ severity = 1
+ tags = {
+ "application" = "access-management"
+ "autoShutdown" = "true"
+ "builtFrom" = "https://github.com/HMCTS/am-role-assignment-service.git"
+ "businessArea" = "CFT"
+ "contactSlackChannel" = "#am-master-builds"
+ "environment" = "staging"
+ "managedBy" = "AM"
}
+ target_resource_location = (known after apply)
+ target_resource_type = (known after apply)
+ window_size = "P1D"
+ action {
+ action_group_id = (known after apply)
}
+ criteria {
+ aggregation = "Average"
+ metric_name = "storage_percent"
+ metric_namespace = "Microsoft.DBforPostgreSQL/flexibleServers"
+ operator = "GreaterThan"
+ skip_metric_validation = false
+ threshold = 80
}
}
Plan: 4 to add, 0 to change, 0 to destroy. |
Plan Result (ithc)
Change Result (Click me) # module.role-assignment-database-v15.azurerm_monitor_action_group.db-alerts-action-group[0] will be updated in-place
~ resource "azurerm_monitor_action_group" "db-alerts-action-group" {
id = "/subscriptions/7a4e3bd5-ae3a-4d0c-b441-2188fee3ff1c/resourceGroups/am-role-assignment-service-postgres-db-v15-data-ithc/providers/Microsoft.Insights/actionGroups/db_alerts_action_group_name"
name = "db_alerts_action_group_name"
tags = {
"application" = "access-management"
"autoShutdown" = "true"
"builtFrom" = "https://github.com/HMCTS/am-role-assignment-service.git"
"businessArea" = "CFT"
"contactSlackChannel" = "#am-master-builds"
"environment" = "ithc"
"managedBy" = "AM"
}
# (4 unchanged attributes hidden)
~ email_receiver {
~ email_address = (sensitive value)
name = "Email Receiver"
# (1 unchanged attribute hidden)
}
}
Plan: 0 to add, 1 to change, 0 to destroy. |
hmcts-jenkins-a-to-c
bot
added
ns:am
prd:am
rel:am-role-assignment-service-pr-2387
labels
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
JIRA link (if applicable)
https://tools.hmcts.net/jira/browse/CME-121
Change description
'Manually' sync ITHC back into line with master as auto sync is currently disabled, see #2379.
Does this PR introduce a breaking change? (check one with "x")