feat: github stargizer rewards and devcontainer update

42atomys commented 6 months ago

Describe the pull request

A rework of Github Stargizer mechanism to give badge to everyone have star the project

Checklist

[ ] I have made the modifications or added tests related to my PR
[ ] I have run the tests and linters locally and they pass
[ ] I have added/updated the documentation for my RP

Additional context

This pull request improve also the management of somepart of the devcontainer

github-actions[bot] commented 6 months ago

Terraform data for `apps` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` module.webhooked.module.webhooked.kubernetes_config_map.app["config"]: Refreshing state... [id=production/webhooked-config] module.webhooked.module.webhooked.kubernetes_service.app[0]: Refreshing state... [id=production/webhooked] module.s42.kubernetes_config_map.stud42_config: Refreshing state... [id=production/stud42-config] module.s42.random_password.postgres: Refreshing state... [id=none] module.s42.module.dragonfly.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/dragonfly-data] module.s42.module.interface.kubernetes_service.app[0]: Refreshing state... [id=production/interface] module.s42.module.crawler_campus.kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-campus] module.s42.module.api.kubernetes_deployment.app[0]: Refreshing state... [id=production/api] module.s42.module.meilisearch_clean_tasks.kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/meilisearch-clean-tasks] module.s42.random_password.meilisearch_token: Refreshing state... [id=none] module.s42.module.postgres.kubernetes_config_map.app["config"]: Refreshing state... [id=production/postgres-config] module.s42.module.istio.kubectl_manifest.virtual_services["app-s42"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/production/virtualservices/app-s42] module.s42.module.webhooks_processor.kubernetes_deployment.app[0]: Refreshing state... [id=production/webhooks-processor] module.s42.random_password.dragonfly: Refreshing state... [id=none] module.s42.module.meilisearch.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/meilisearch-data] module.s42.module.interface.kubernetes_deployment.app[0]: Refreshing state... [id=production/interface] module.s42.module.postgres.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/postgres-data] module.s42.module.postgres.kubernetes_service.app[0]: Refreshing state... [id=production/postgres] module.s42.module.auth_service.kubernetes_deployment.app[0]: Refreshing state... [id=production/auth-service] module.s42.random_password.next_auth_secret: Refreshing state... [id=none] module.s42.module.meilisearch.kubernetes_service.app[0]: Refreshing state... [id=production/meilisearch] module.s42.module.dragonfly.kubernetes_service.app[0]: Refreshing state... [id=production/dragonfly] module.s42.module.auth_service.kubernetes_service.app[0]: Refreshing state... [id=production/auth-service] module.s42.module.api.kubernetes_service.app[0]: Refreshing state... [id=production/api] module.s42.module.crawler_locations["vienna"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-vienna] module.s42.module.crawler_locations["helsinki"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-helsinki] module.s42.module.crawler_locations["lausanne"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-lausanne] module.s42.module.crawler_locations["malaga"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-malaga] module.s42.module.crawler_locations["mulhouse"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-mulhouse] module.s42.module.crawler_locations["tokyo"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-tokyo] module.s42.module.crawler_locations["seoul"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-seoul] module.s42.module.crawler_locations["paris"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-paris] module.s42.kubernetes_manifest.rabbitmq_queue_webhooks_processing: Refreshing state... module.s42.kubernetes_manifest.rabbitmq_binding_webhooks_dlq: Refreshing state... module.s42.kubernetes_manifest.rabbitmq_queue_webhooks_dlq: Refreshing state... module.s42.kubernetes_manifest.rabbitmq: Refreshing state... module.webhooked.module.secrets.kubernetes_manifest.sealed_secret["s42-webhooked-secrets"]: Refreshing state... module.s42.kubernetes_manifest.rabbitmq_policy_webhooks_dlq: Refreshing state... module.s42.module.api.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/api] module.s42.module.webhooks_processor.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/webhooks-processor] module.s42.kubernetes_secret.next_auth_secret: Refreshing state... [id=production/next-auth-secret] module.s42.module.interface.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/interface] module.s42.module.service-token.kubernetes_manifest.sealed_secret["discord-token"]: Refreshing state... module.s42.module.postgres.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/postgres] module.s42.module.service-token.kubernetes_manifest.sealed_secret["sentry-dsns"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["s42-service-token"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["oauth2-providers"]: Refreshing state... module.s42.module.auth_service.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/auth-service] module.s42.module.meilisearch.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/meilisearch] module.s42.module.dragonfly.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/dragonfly] module.s42.module.postgres.kubernetes_secret.app["credentials"]: Refreshing state... [id=production/postgres-credentials] module.s42.module.service-token.kubernetes_manifest.sealed_secret["auth-service-certs-jwk"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["github-token"]: Refreshing state... module.s42.module.meilisearch.kubernetes_secret.app["token"]: Refreshing state... [id=production/meilisearch-token] module.s42.module.dragonfly.kubernetes_secret.app["credentials"]: Refreshing state... [id=production/dragonfly-credentials] module.webhooked.module.webhooked.kubernetes_deployment.app[0]: Refreshing state... [id=production/webhooked] module.s42.module.service-token.kubernetes_manifest.sealed_secret["ovh-s3-credentials"]: Refreshing state... module.webhooked.module.webhooked.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/webhooked] module.s42.kubernetes_pod_disruption_budget_v1.rabbitmq: Refreshing state... [id=production/rabbitmq] module.s42.kubernetes_manifest.rabbitmq_exchange_webhooks: Refreshing state... Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.s42.module.api.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/api" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "api" # (8 unchanged attributes hidden) # (24 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.api.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/api" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.api.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/api" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.auth_service.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/auth-service" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "auth-service" # (8 unchanged attributes hidden) # (8 unchanged blocks hidden) } # (4 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.auth_service.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/auth-service" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.auth_service.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/auth-service" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.crawler_campus.kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-campus" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-campus" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-campus" # (8 unchanged attributes hidden) # (12 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["helsinki"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-helsinki" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-helsinki" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-helsinki" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["lausanne"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-lausanne" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-lausanne" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-lausanne" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["malaga"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-malaga" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-malaga" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-malaga" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["mulhouse"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-mulhouse" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-mulhouse" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-mulhouse" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["paris"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-paris" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-paris" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-paris" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["seoul"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-seoul" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-seoul" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-seoul" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["tokyo"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-tokyo" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-tokyo" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-tokyo" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["vienna"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-vienna" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-vienna" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-vienna" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.interface.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/interface" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "interface" # (8 unchanged attributes hidden) # (32 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.interface.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/interface" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.interface.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/interface" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.webhooks_processor.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/webhooks-processor" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "webhooks-processor" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.31.1" -> "ghcr.io/42atomys/stud42:latest" name = "webhooks-processor" # (8 unchanged attributes hidden) # (20 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.webhooks_processor.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/webhooks-processor" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.31.1" -> "latest" ~ "version" = "v0.31.1" -> "latest" # (5 unchanged elements hidden) } name = "webhooks-processor" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.webhooked.module.webhooked.kubernetes_config_map.app["config"] will be updated in-place ~ resource "kubernetes_config_map" "app" { ~ data = { + "github_template.tpl" = <<-EOT { "metadata" : { "specName": "{{ .Spec.Name }}", "event": "{{ .Request.Header | getHeader "x-github-event" }}", }, "payload": {{ .Payload }} } EOT ~ "webhooks.yaml" = <<-EOT apiVersion: v1alpha1 observability: metricsEnabled: true specs: - - name: users-create + - name: duo-users-create entrypointUrl: /users/create security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: users-update + - name: duo-users-update entrypointUrl: /users/update security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: locations-create + - name: duo-locations-create entrypointUrl: /locations/create security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: locations-close + - name: duo-locations-close entrypointUrl: /locations/close security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: locations-destroy + - name: duo-locations-destroy entrypointUrl: /locations/destroy security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: campus-users-create + - name: duo-campus-users-create entrypointUrl: /campus_users/create security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: campus-users-update + - name: duo-campus-users-update entrypointUrl: /campus_users/update security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - - name: campus-users-destroy + - name: duo-campus-users-destroy entrypointUrl: /campus_users/destroy security: - header: inputs: - name: headerName value: X-Secret - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second valueFrom: envRef: WEBHOOK_SECRET_HEADER formatting: templatePath: /config/template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true - name: github-sponsorships entrypointUrl: /github/sponsors security: - generateHmac256: inputs: - name: payload value: "{{ .Inputs.payload }}" - name: secret valueFrom: envRef: GITHUB_WEBHOOK_SECRET - header: inputs: - name: headerName value: X-Hub-Signature-256 - compare: inputs: - name: first value: "{{ .Outputs.header.value }}" - name: second value: "sha256={{ .Outputs.generate_hmac_256.value }}" formatting: - templatePath: /config/template.tpl + templatePath: /config/github_template.tpl storage: - type: rabbitmq specs: databaseUrl: valueFrom: envRef: RABBITMQ_DATABASE_URL queueName: webhooks.processing contentType: application/json durable: true + - name: github-repository-dispatch + entrypointUrl: /github/repository/dispatch + security: + - generateHmac256: + inputs: + - name: payload + value: "{{ .Inputs.payload }}" + - name: secret + valueFrom: + envRef: GITHUB_WEBHOOK_SECRET + - header: + inputs: + - name: headerName + value: X-Hub-Signature-256 + - compare: + inputs: + - name: first + value: "{{ .Outputs.header.value }}" + - name: second + value: "sha256={{ .Outputs.generate_hmac_256.value }}" + formatting: + templatePath: /config/github_template.tpl + storage: + - type: rabbitmq + specs: + databaseUrl: + valueFrom: + envRef: RABBITMQ_DATABASE_URL + queueName: webhooks.processing + contentType: application/json + durable: true EOT # (1 unchanged element hidden) } id = "production/webhooked-config" # (2 unchanged attributes hidden) # (1 unchanged block hidden) } # module.webhooked.module.webhooked.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/webhooked" # (1 unchanged attribute hidden) ~ spec { # (5 unchanged attributes hidden) ~ template { ~ spec { # (12 unchanged attributes hidden) ~ container { name = "webhooked" # (9 unchanged attributes hidden) ~ env { name = "CONFIG_MAPS_HASH" ~ value = "cead1c5a9f73bd4d75ed92ed8e3385be-0b7051c94f8fe100f59c467f14678393" -> "1fd6b148f45d9c0587403f981da80581-0b7051c94f8fe100f59c467f14678393" } + volume_mount { + mount_path = "/config/github_template.tpl" + mount_propagation = "None" + name = "configuration" + read_only = true + sub_path = "github_template.tpl" } # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } # (1 unchanged block hidden) } # (2 unchanged blocks hidden) } # (1 unchanged block hidden) } Plan: 0 to add, 22 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: apps-tfplan To perform exactly these actions, run the following command to apply: terraform apply "apps-tfplan" ```

github-actions[bot] commented 6 months ago

Terraform data for `cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` module.tempo.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/tempo-config] kubernetes_service_account.promtail: Refreshing state... [id=monitoring/promtail] kubernetes_service_account.loki: Refreshing state... [id=monitoring/loki] module.prometheus.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/prometheus-data] module.loki.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/loki-config] kubernetes_service_account.prometheus: Refreshing state... [id=monitoring/prometheus] kubernetes_cluster_role.prometheus: Refreshing state... [id=prometheus] module.grafana.kubernetes_service.app[0]: Refreshing state... [id=monitoring/grafana] kubernetes_cluster_role.promtail: Refreshing state... [id=promtail] module.grafana.kubernetes_deployment.app[0]: Refreshing state... [id=monitoring/grafana] kubernetes_role.loki: Refreshing state... [id=monitoring/loki] kubernetes_service_account.tempo: Refreshing state... [id=monitoring/tempo] module.prometheus.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/prometheus-config] module.grafana.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/grafana-data] module.loki.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/loki-data] module.promtail.kubernetes_service.app[0]: Refreshing state... [id=monitoring/promtail] module.tempo.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/tempo-data] module.tempo.kubernetes_service.app[0]: Refreshing state... [id=monitoring/tempo] module.prometheus.kubernetes_service.app[0]: Refreshing state... [id=monitoring/prometheus] module.loki.kubernetes_service.app[0]: Refreshing state... [id=monitoring/loki] module.promtail.kubernetes_daemonset.app[0]: Refreshing state... [id=monitoring/promtail] module.promtail.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/promtail-config] module.cert_manager.null_resource.cert_manager_ovh_source: Refreshing state... [id=6901452211892208863] module.cert_manager.helm_release.cert_manager: Refreshing state... [id=cert-manager] module.monitoring_routing.kubectl_manifest.virtual_services["app-s42-dashboards"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/monitoring/virtualservices/app-s42-dashboards] module.istio.kubectl_manifest.gateways["app-s42-dashboards"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/monitoring/gateways/app-s42-dashboards] module.istio.kubectl_manifest.gateways["app-s42-next"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/staging/gateways/app-s42-next] module.istio.kubectl_manifest.gateways["dev-s42-previews"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/previews/gateways/dev-s42-previews] module.istio.kubectl_manifest.gateways["app-s42"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/production/gateways/app-s42] kubernetes_cluster_role_binding.promtail: Refreshing state... [id=promtail] kubernetes_cluster_role_binding.prometheus: Refreshing state... [id=prometheus] kubernetes_role_binding.loki: Refreshing state... [id=monitoring/loki] module.tempo.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/tempo] module.prometheus.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/prometheus] module.loki.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/loki] module.cert_manager.kubernetes_role.cert_manager_webhook_ovh_secret_reader: Refreshing state... [id=cert-manager/cert-manager-webhook-ovh:secret-reader] module.cert_manager.kubectl_manifest.certificates["app-s42-dashboards"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42-dashboards] module.cert_manager.kubectl_manifest.certificates["dev-s42-previews"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/dev-s42-previews] module.cert_manager.kubectl_manifest.certificates["app-s42-next"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42-next] module.cert_manager.kubectl_manifest.certificates["app-s42"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42] module.cert_manager.kubectl_manifest.certificates["dev-s42-sandbox"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/dev-s42-sandbox] module.cert_manager.kubernetes_role_binding.cert_manager_webhook_ovh_secret_reader: Refreshing state... [id=cert-manager/cert-manager-webhook-ovh:secret-reader] module.secrets.kubernetes_manifest.sealed_secret["ovh-credentials"]: Refreshing state... module.secrets.kubernetes_manifest.sealed_secret["ghcr-creds"]: Refreshing state... module.cert_manager.helm_release.cert_manager_ovh: Refreshing state... [id=cert-manager-webhook-ovh] module.cert_manager.kubectl_manifest.issuers["ovh-staging-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/ovh-staging-issuer] module.cert_manager.kubectl_manifest.self_signed_issuers["selfsigned-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/selfsigned-issuer] module.cert_manager.kubectl_manifest.issuers["ovh-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/ovh-issuer] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # module.istio.kubectl_manifest.gateways["app-s42-next"] will be created + resource "kubectl_manifest" "gateways" { + api_version = "networking.istio.io/v1alpha3" + apply_only = false + force_conflicts = false + force_new = false + id = (known after apply) + kind = "Gateway" + live_manifest_incluster = (sensitive value) + live_uid = (known after apply) + name = "app-s42-next" + namespace = "staging" + server_side_apply = false + uid = (known after apply) + validate_schema = true + wait_for_rollout = true + yaml_body = (sensitive value) + yaml_body_parsed = <<-EOT apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: app-s42-next namespace: staging spec: selector: istio: ingressgateway servers: - hosts: - next.s42.app port: name: https number: 443 protocol: HTTPS tls: credentialName: app-s42-next-tls mode: SIMPLE - hosts: - next.s42.app port: name: http number: 80 protocol: HTTP tls: httpsRedirect: true EOT + yaml_incluster = (sensitive value) } Plan: 1 to add, 0 to change, 0 to destroy. Warning: "default_secret_name" is no longer applicable for Kubernetes v1.24.0 and above with kubernetes_service_account.prometheus, on monitoring.tf line 73, in resource "kubernetes_service_account" "prometheus": 73: resource "kubernetes_service_account" "prometheus" { Starting from version 1.24.0 Kubernetes does not automatically generate a token for service accounts, in this case, "default_secret_name" will be empty (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Saved the plan to: cluster-tfplan To perform exactly these actions, run the following command to apply: terraform apply "cluster-tfplan" ```

github-actions[bot] commented 6 months ago

Terraform data for `pre-cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` kubernetes_namespace.namespace["permission-manager"]: Refreshing state... [id=permission-manager] kubernetes_namespace.namespace["istio-system"]: Refreshing state... [id=istio-system] kubernetes_namespace.namespace["previews"]: Refreshing state... [id=previews] kubernetes_namespace.namespace["production"]: Refreshing state... [id=production] kubernetes_namespace.namespace["monitoring"]: Refreshing state... [id=monitoring] kubernetes_namespace.namespace["sandbox"]: Refreshing state... [id=sandbox] kubernetes_namespace.namespace["staging"]: Refreshing state... [id=staging] kubernetes_namespace.namespace["cert-manager"]: Refreshing state... [id=cert-manager] helm_release.rabbitmq_operator: Refreshing state... [id=primary] helm_release.reflector: Refreshing state... [id=reflector] helm_release.istio_base: Refreshing state... [id=istio-base] helm_release.sealed_secret: Refreshing state... [id=sealed-secret] helm_release.istiod: Refreshing state... [id=istiod] helm_release.gateway: Refreshing state... [id=istio-ingressgateway] No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. ```

42atomys / stud42