Skip to content

PLT-1253: Remove legacy terraform backends #283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Aug 18, 2025
Merged

PLT-1253: Remove legacy terraform backends #283

merged 13 commits into from
Aug 18, 2025

Conversation

christopher-maboh
Copy link
Contributor

@christopher-maboh christopher-maboh commented Aug 13, 2025
edited by gsf
Loading

🎫 Ticket

https://jira.cms.gov/browse/PLT-1253

🛠 Changes

legacy terraform backends were removed

ℹ️ Context

With legacy accounts deleted, the is the need to remove terraform backends for this legacy accounts

🧪 Validation

See checks.

@christopher-maboh christopher-maboh requested a review from a team as a code owner August 13, 2025 16:06
gsf
gsf reviewed Aug 13, 2025
View reviewed changes
Copy link
Member

@gsf gsf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR should update backends to drop the -gf suffix and update workflows to point at non-gf backends.

@christopher-maboh
Copy link
Contributor Author

This PR should update backends to drop the -gf suffix and update workflows to point at non-gf backends.

@christopher-maboh
Copy link
Contributor Author

All checks now passing. got a .terraform/modules/iam_github_oidc_provider/modules/iam-github-oi…
…dc-provider does not exist earlier. checked documentation and seems source has to be source = "terraform-aws-modules/iam/aws//modules/iam-oidc-provider" and not source = "terraform-aws-modules/iam/aws//modules/iam-github-oidc-provider"

@gsf
Copy link
Member

gsf commented Aug 15, 2025

All checks now passing. got a .terraform/modules/iam_github_oidc_provider/modules/iam-github-oi… …dc-provider does not exist earlier. checked documentation and seems source has to be source = "terraform-aws-modules/iam/aws//modules/iam-oidc-provider" and not source = "terraform-aws-modules/iam/aws//modules/iam-github-oidc-provider"

Looks like that rename was merged a couple of days ago terraform-aws-modules/terraform-aws-iam#585

gsf
gsf reviewed Aug 15, 2025
View reviewed changes
Copy link
Member

@gsf gsf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the api_customers IP set for AB2D is now handled in their app repo, so modify the api-waf service and remove it from that state.

gsf
gsf reviewed Aug 15, 2025
View reviewed changes
Copy link
Member

@gsf gsf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm seeing other changes to the WAF rules in the api-waf plan on AB2D environments. Let's remove ab2d from the tf-api-waf workflow matrix and undo the changes made to the api-waf service.

gsf
gsf reviewed Aug 15, 2025
View reviewed changes
Copy link
Member

@gsf gsf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The file at terraform/services/github-actions-oidc-provider/.terraform.lock.hcl should be removed from version control.

@christopher-maboh
Copy link
Contributor Author

The file at terraform/services/github-actions-oidc-provider/.terraform.lock.hcl should be removed from version control.

.terraform.lock.hcl from version control has been dropped

gsf
gsf approved these changes Aug 18, 2025
View reviewed changes
Copy link
Member

@gsf gsf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Thanks for working in changes

@christopher-maboh christopher-maboh merged commit 0b026c6 into main Aug 18, 2025
43 checks passed
@christopher-maboh christopher-maboh deleted the PLT-1253 branch August 18, 2025 21:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gsf gsf gsf approved these changes

@juliareynolds-nava juliareynolds-nava juliareynolds-nava approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@christopher-maboh @gsf @juliareynolds-nava