fix: 42 token rotation - Githubissues

42atomys commented 1 month ago

Describe the pull request

The 42 token rotation are not work correctly and block the auth service to allow login of any users

Checklist

[x] I have made the modifications or added tests related to my PR
[x] I have run the tests and linters locally and they pass
[x] I have added/updated the documentation for my RP

github-actions[bot] commented 1 month ago

Terraform data for `pre-cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` kubernetes_namespace.namespace["staging"]: Refreshing state... [id=staging] kubernetes_namespace.namespace["sandbox"]: Refreshing state... [id=sandbox] kubernetes_namespace.namespace["previews"]: Refreshing state... [id=previews] kubernetes_namespace.namespace["cert-manager"]: Refreshing state... [id=cert-manager] kubernetes_namespace.namespace["permission-manager"]: Refreshing state... [id=permission-manager] kubernetes_namespace.namespace["istio-system"]: Refreshing state... [id=istio-system] kubernetes_namespace.namespace["monitoring"]: Refreshing state... [id=monitoring] kubernetes_namespace.namespace["production"]: Refreshing state... [id=production] helm_release.reflector: Refreshing state... [id=reflector] helm_release.istio_base: Refreshing state... [id=istio-base] helm_release.rabbitmq_operator: Refreshing state... [id=primary] helm_release.sealed_secret: Refreshing state... [id=sealed-secret] helm_release.istiod: Refreshing state... [id=istiod] helm_release.gateway: Refreshing state... [id=istio-ingressgateway] No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. ```

github-actions[bot] commented 1 month ago

Terraform data for `cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` kubernetes_cluster_role.prometheus: Refreshing state... [id=prometheus] module.cert_manager.null_resource.cert_manager_ovh_source: Refreshing state... [id=6901452211892208863] module.istio.kubectl_manifest.gateways["app-s42"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/production/gateways/app-s42] module.cert_manager.helm_release.cert_manager: Refreshing state... [id=cert-manager] module.istio.kubectl_manifest.gateways["dev-s42-previews"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/previews/gateways/dev-s42-previews] module.istio.kubectl_manifest.gateways["app-s42-dashboards"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/monitoring/gateways/app-s42-dashboards] module.istio.kubectl_manifest.gateways["app-s42-next"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/staging/gateways/app-s42-next] module.monitoring_routing.kubectl_manifest.virtual_services["app-s42-dashboards"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/monitoring/virtualservices/app-s42-dashboards] module.tempo.kubernetes_service.app[0]: Refreshing state... [id=monitoring/tempo] module.loki.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/loki-data] kubernetes_service_account.loki: Refreshing state... [id=monitoring/loki] kubernetes_service_account.prometheus: Refreshing state... [id=monitoring/prometheus] kubernetes_cluster_role.promtail: Refreshing state... [id=promtail] module.loki.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/loki-config] module.grafana.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/grafana-data] kubernetes_role.loki: Refreshing state... [id=monitoring/loki] module.loki.kubernetes_service.app[0]: Refreshing state... [id=monitoring/loki] kubernetes_service_account.promtail: Refreshing state... [id=monitoring/promtail] module.grafana.kubernetes_service.app[0]: Refreshing state... [id=monitoring/grafana] module.grafana.kubernetes_deployment.app[0]: Refreshing state... [id=monitoring/grafana] module.promtail.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/promtail-config] module.prometheus.kubernetes_service.app[0]: Refreshing state... [id=monitoring/prometheus] module.prometheus.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/prometheus-data] module.promtail.kubernetes_daemonset.app[0]: Refreshing state... [id=monitoring/promtail] module.promtail.kubernetes_service.app[0]: Refreshing state... [id=monitoring/promtail] module.prometheus.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/prometheus-config] module.tempo.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=monitoring/tempo-data] module.tempo.kubernetes_config_map.app["config"]: Refreshing state... [id=monitoring/tempo-config] kubernetes_service_account.tempo: Refreshing state... [id=monitoring/tempo] kubernetes_cluster_role_binding.prometheus: Refreshing state... [id=prometheus] kubernetes_role_binding.loki: Refreshing state... [id=monitoring/loki] module.loki.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/loki] module.tempo.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/tempo] kubernetes_cluster_role_binding.promtail: Refreshing state... [id=promtail] module.cert_manager.kubernetes_role.cert_manager_webhook_ovh_secret_reader: Refreshing state... [id=cert-manager/cert-manager-webhook-ovh:secret-reader] module.prometheus.kubernetes_stateful_set.app[0]: Refreshing state... [id=monitoring/prometheus] module.cert_manager.kubectl_manifest.certificates["app-s42"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42] module.cert_manager.kubectl_manifest.certificates["dev-s42-previews"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/dev-s42-previews] module.cert_manager.kubectl_manifest.certificates["app-s42-next"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42-next] module.cert_manager.kubectl_manifest.certificates["dev-s42-sandbox"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/dev-s42-sandbox] module.cert_manager.kubectl_manifest.certificates["app-s42-dashboards"]: Refreshing state... [id=/apis/cert-manager.io/v1/namespaces/istio-system/certificates/app-s42-dashboards] module.cert_manager.kubernetes_role_binding.cert_manager_webhook_ovh_secret_reader: Refreshing state... [id=cert-manager/cert-manager-webhook-ovh:secret-reader] module.cert_manager.helm_release.cert_manager_ovh: Refreshing state... [id=cert-manager-webhook-ovh] module.cert_manager.kubectl_manifest.issuers["ovh-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/ovh-issuer] module.cert_manager.kubectl_manifest.issuers["ovh-staging-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/ovh-staging-issuer] module.cert_manager.kubectl_manifest.self_signed_issuers["selfsigned-issuer"]: Refreshing state... [id=/apis/cert-manager.io/v1/clusterissuers/selfsigned-issuer] module.secrets.kubernetes_manifest.sealed_secret["ghcr-creds"]: Refreshing state... module.secrets.kubernetes_manifest.sealed_secret["ovh-credentials"]: Refreshing state... No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. Warning: "default_secret_name" is no longer applicable for Kubernetes v1.24.0 and above with kubernetes_service_account.prometheus, on monitoring.tf line 73, in resource "kubernetes_service_account" "prometheus": 73: resource "kubernetes_service_account" "prometheus" { Starting from version 1.24.0 Kubernetes does not automatically generate a token for service accounts, in this case, "default_secret_name" will be empty (and 3 more similar warnings elsewhere) ```

github-actions[bot] commented 1 month ago

Terraform data for `apps` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Show Validation

``` Success! The configuration is valid. ```

Terraform Plan 📖 `success`

Show Plan

``` module.s42.module.istio.kubectl_manifest.virtual_services["app-s42"]: Refreshing state... [id=/apis/networking.istio.io/v1alpha3/namespaces/production/virtualservices/app-s42] module.s42.random_password.meilisearch_token: Refreshing state... [id=none] module.s42.random_password.postgres: Refreshing state... [id=none] module.s42.module.dragonfly.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/dragonfly-data] module.s42.module.meilisearch.kubernetes_service.app[0]: Refreshing state... [id=production/meilisearch] module.s42.module.interface.kubernetes_service.app[0]: Refreshing state... [id=production/interface] module.s42.module.postgres.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/postgres-data] module.webhooked.module.webhooked.kubernetes_config_map.app["config"]: Refreshing state... [id=production/webhooked-config] module.s42.module.meilisearch_clean_tasks.kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/meilisearch-clean-tasks] module.s42.module.postgres.kubernetes_config_map.app["config"]: Refreshing state... [id=production/postgres-config] module.webhooked.module.webhooked.kubernetes_service.app[0]: Refreshing state... [id=production/webhooked] module.s42.random_password.dragonfly: Refreshing state... [id=none] module.s42.random_password.next_auth_secret: Refreshing state... [id=none] module.s42.module.interface.kubernetes_deployment.app[0]: Refreshing state... [id=production/interface] module.s42.module.api.kubernetes_deployment.app[0]: Refreshing state... [id=production/api] module.s42.module.meilisearch.kubernetes_persistent_volume_claim.app["data"]: Refreshing state... [id=production/meilisearch-data] module.s42.module.crawler_campus.kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-campus] module.s42.module.dragonfly.kubernetes_service.app[0]: Refreshing state... [id=production/dragonfly] module.s42.kubernetes_config_map.stud42_config: Refreshing state... [id=production/stud42-config] module.s42.module.webhooks_processor.kubernetes_deployment.app[0]: Refreshing state... [id=production/webhooks-processor] module.s42.module.auth_service.kubernetes_service.app[0]: Refreshing state... [id=production/auth-service] module.s42.module.api.kubernetes_service.app[0]: Refreshing state... [id=production/api] module.s42.module.postgres.kubernetes_service.app[0]: Refreshing state... [id=production/postgres] module.s42.module.crawler_locations["seoul"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-seoul] module.s42.module.auth_service.kubernetes_deployment.app[0]: Refreshing state... [id=production/auth-service] module.s42.module.crawler_locations["madrid"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-madrid] module.s42.module.crawler_locations["urduliz"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-urduliz] module.s42.module.crawler_locations["malaga"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-malaga] module.s42.module.crawler_locations["sao-paulo"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-sao-paulo] module.s42.module.crawler_locations["wolfsburg"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-wolfsburg] module.s42.module.crawler_locations["angouleme"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-angouleme] module.s42.module.crawler_locations["paris"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-paris] module.s42.module.crawler_locations["helsinki"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-helsinki] module.s42.module.crawler_locations["tokyo"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-tokyo] module.s42.module.crawler_locations["lausanne"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-lausanne] module.s42.kubernetes_manifest.rabbitmq_policy_webhooks_dlq: Refreshing state... module.s42.kubernetes_manifest.rabbitmq_queue_webhooks_processing: Refreshing state... module.s42.module.crawler_locations["vienna"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-vienna] module.s42.kubernetes_manifest.rabbitmq_queue_webhooks_dlq: Refreshing state... module.s42.module.crawler_locations["mulhouse"].kubernetes_cron_job_v1.app[0]: Refreshing state... [id=production/crawler-locations-mulhouse] module.s42.kubernetes_manifest.rabbitmq_binding_webhooks_dlq: Refreshing state... module.s42.kubernetes_manifest.rabbitmq: Refreshing state... module.webhooked.module.secrets.kubernetes_manifest.sealed_secret["s42-webhooked-secrets"]: Refreshing state... module.s42.module.meilisearch.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/meilisearch] module.s42.module.meilisearch.kubernetes_secret.app["token"]: Refreshing state... [id=production/meilisearch-token] module.s42.kubernetes_secret.next_auth_secret: Refreshing state... [id=production/next-auth-secret] module.s42.module.postgres.kubernetes_secret.app["credentials"]: Refreshing state... [id=production/postgres-credentials] module.s42.module.api.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/api] module.s42.module.interface.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/interface] module.s42.module.dragonfly.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/dragonfly] module.s42.module.webhooks_processor.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/webhooks-processor] module.s42.module.postgres.kubernetes_stateful_set.app[0]: Refreshing state... [id=production/postgres] module.s42.module.auth_service.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/auth-service] module.s42.module.dragonfly.kubernetes_secret.app["credentials"]: Refreshing state... [id=production/dragonfly-credentials] module.s42.kubernetes_pod_disruption_budget_v1.rabbitmq: Refreshing state... [id=production/rabbitmq] module.webhooked.module.webhooked.kubernetes_deployment.app[0]: Refreshing state... [id=production/webhooked] module.webhooked.module.webhooked.kubernetes_horizontal_pod_autoscaler_v2.app[0]: Refreshing state... [id=production/webhooked] module.s42.kubernetes_manifest.rabbitmq_exchange_webhooks: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["auth-service-certs-jwk"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["s42-service-token"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["oauth2-providers"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["ovh-s3-credentials"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["sentry-dsns"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["discord-token"]: Refreshing state... module.s42.module.service-token.kubernetes_manifest.sealed_secret["github-token"]: Refreshing state... Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place -/+ destroy and then create replacement Terraform will perform the following actions: # module.s42.module.api.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/api" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "api" # (8 unchanged attributes hidden) # (24 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.api.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/api" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.api.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/api" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "api" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.auth_service.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/auth-service" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "auth-service" # (8 unchanged attributes hidden) # (8 unchanged blocks hidden) } # (4 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.auth_service.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/auth-service" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.auth_service.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/auth-service" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "auth-service" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.crawler_campus.kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-campus" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-campus" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-campus" # (8 unchanged attributes hidden) # (12 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["angouleme"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-angouleme" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-angouleme" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-angouleme" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["helsinki"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-helsinki" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-helsinki" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-helsinki" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["lausanne"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-lausanne" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-lausanne" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-lausanne" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["madrid"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-madrid" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-madrid" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-madrid" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["malaga"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-malaga" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-malaga" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-malaga" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["mulhouse"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-mulhouse" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-mulhouse" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-mulhouse" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["paris"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-paris" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-paris" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-paris" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["sao-paulo"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-sao-paulo" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-sao-paulo" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-sao-paulo" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["seoul"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-seoul" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-seoul" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-seoul" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["tokyo"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-tokyo" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-tokyo" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-tokyo" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["urduliz"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-urduliz" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-urduliz" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-urduliz" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["vienna"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-vienna" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-vienna" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-vienna" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.crawler_locations["wolfsburg"].kubernetes_cron_job_v1.app[0] will be updated in-place ~ resource "kubernetes_cron_job_v1" "app" { id = "production/crawler-locations-wolfsburg" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "crawler-locations-wolfsburg" # (5 unchanged attributes hidden) } ~ spec { # (6 unchanged attributes hidden) ~ job_template { ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (7 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "crawler-locations-wolfsburg" # (8 unchanged attributes hidden) # (14 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } } } } } # module.s42.module.interface.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/interface" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (4 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "interface" # (8 unchanged attributes hidden) # (32 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.interface.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/interface" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.interface.kubernetes_service.app[0] will be updated in-place ~ resource "kubernetes_service" "app" { id = "production/interface" # (2 unchanged attributes hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "interface" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } # module.s42.module.service-token.kubernetes_manifest.sealed_secret["oauth2-providers"] must be replaced -/+ resource "kubernetes_manifest" "sealed_secret" { ~ manifest = { ~ spec = { ~ encryptedData = { # forces replacement ~ "FORTY_TWO_SECRET" = "AgCo7oVoViooII7UvHKR4AG02oxQEKKo6JxBMuNi0Ws75oGwX8vtNxK+2cGPrPBlRyKWj66zlX6U2Ydx1uRYif/JGZTcjZLqM09Xe7lqht6QCCEMr66PoFtmq+gTW0VygSxmgeWuQ6UiqVB2Rp1s+ryWw5oARIuWvxQenPrCR7kzSxuCz7kSos66WUDI3RYp8dkkCmGOqfOu0eOaDdWKIvCCoKWD2ZJ1IRqPCgajJvVt13YvlcqhMfiPxr7Kis3nIidljVyKJLp028V+wCwwSCnP94bpvW4yI7TSpTg6FbR3s6RE3dGGpTIyNZwzLDBkG8hmu3Oe28pDPw3DcCIHjS7GxdKLeKxnseRCdi4qXyZyC4eONpfr2NSJeqZMPiL4IZ1hcdGhea4PfNVgt13j3xgjDJHxOEcbQOlyT8JEsnUqGY70qPKrFlNda+JzMKXRnInkmAevopZVDS0NAXi+4bcxUBiAe4uBELP9UGNBiabcOqy0Mo1A77BUIKgHjmH6BaW5h23vOsKlBJ7EbBoWYlP39C0GXO8nzEGH92AsZbA+O2kWGo0Rjs4L/ChrBTFNhpXIK+X+PEK83nqgunS93U5M87aEivBc+z509SLNjz6FiDxhBF3RojOu0Hid6ik9xaI0hpGiwD2Lgh5P6AMozbcx8J10yMod1n8sg/vyNOhU3hfgsdx4DFJNO/CXvJR7g4WKBExT6FLb//UIktd/0xLk7slrkaoyoLJVAJnX1YWStEsJuYfQKxqg1tOB+nH7L1APUlCZq/NHVQsXMeXPoGQ4SczgWLUWpCOh" -> "AgCCgy22tRwWHhbM4ddWdgfP1kOMyGlQ+9Fl0vmvm8GceC2dGVH9TyvizU+IBBJ+w3OGFKOa50RRUu+SEZ2vdFMr1ckjTayVyfMfIZgw+J0BgIG0zoQStK+OuD9wtSdCPRWZYZTly9gTQwwagxyIQODJnZPBN9GPIJAOOFa5ovxEI2tDvK5tg4HgSVHDn/2l4WwFSQJ+wD4rd4Risj3r1eSnd1oCM9hOKT+VWPqm1g28cf4xxKBqrmaQB/w5SVEyWMVWVlX6GHwVQt7/dEfxZZdzxwVRqZJlw4lQ5C7Lp64HnIVYw6aKVAyXXRum+xBH/rPHdykxC93uZ7O4SOlIUjtcHyvgAcXrve2EBiZRfOBXU8Dio4200ZkUWgnvDacwa5fhsUFDr/p1me7w/zP/AHkwaxYN+vASpSaJ97k80RYD5grQTfAGnJNjFmQH5Ixv3GnjA4DMAzezkWL30g2Gcn5WURUREhTFzOAHtbIZsAde1/sV4tTeQdGbIjmIGT2pVExdaYTtfuNsO+5eTVrf9zqZ7l0xegcl2N6MQS339LcEw4fSZIU4rLwm1wHov72GG9+Ci+ABwbKPTR3FdyDK1zcdpXmvH4WHFQy8uiB0bGO+VE6MZ8GDkEhkweiJTTgQiuTlsi9But7ytnmWfICHv2O9fNsQWjlCS9YpNo7sfNfSwZiZ5xLb9fhk6SgUldahLBvO+FbyDsx7dm/567uqV72uEToJ0TT8oqeG1CAbz6lrY3OVLv91WV0nENjpvGYz+em3YLKS/kC2GpkeY2N0z2zOc17lxTZO/Bgy" # (19 unchanged elements hidden) } # (1 unchanged element hidden) } # (3 unchanged elements hidden) } ~ object = { ~ metadata = { ~ annotations = { - "sealedsecrets.bitnami.com/cluster-wide" = "false" - "sealedsecrets.bitnami.com/namespace-wide" = "true" } -> (known after apply) ~ creationTimestamp = null -> (known after apply) ~ deletionGracePeriodSeconds = null -> (known after apply) ~ deletionTimestamp = null -> (known after apply) ~ finalizers = null -> (known after apply) ~ generateName = null -> (known after apply) ~ generation = null -> (known after apply) ~ labels = null -> (known after apply) ~ managedFields = null -> (known after apply) name = "oauth2-providers" ~ ownerReferences = null -> (known after apply) ~ resourceVersion = null -> (known after apply) ~ selfLink = null -> (known after apply) ~ uid = null -> (known after apply) # (1 unchanged element hidden) } ~ spec = { ~ data = null -> (known after apply) ~ template = { ~ data = null -> (known after apply) # (2 unchanged elements hidden) } # (1 unchanged element hidden) } # (2 unchanged elements hidden) } } # module.s42.module.webhooks_processor.kubernetes_deployment.app[0] will be updated in-place ~ resource "kubernetes_deployment" "app" { id = "production/webhooks-processor" # (1 unchanged attribute hidden) ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "webhooks-processor" # (5 unchanged attributes hidden) } ~ spec { # (5 unchanged attributes hidden) ~ template { ~ metadata { ~ labels = { ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } # (2 unchanged attributes hidden) } ~ spec { # (12 unchanged attributes hidden) ~ container { ~ image = "ghcr.io/42atomys/stud42:v0.33.2" -> "ghcr.io/42atomys/stud42:latest" name = "webhooks-processor" # (8 unchanged attributes hidden) # (20 unchanged blocks hidden) } # (3 unchanged blocks hidden) } } # (2 unchanged blocks hidden) } } # module.s42.module.webhooks_processor.kubernetes_horizontal_pod_autoscaler_v2.app[0] will be updated in-place ~ resource "kubernetes_horizontal_pod_autoscaler_v2" "app" { id = "production/webhooks-processor" ~ metadata { ~ labels = { ~ "app.kubernetes.io/version" = "v0.33.2" -> "latest" ~ "version" = "v0.33.2" -> "latest" # (5 unchanged elements hidden) } name = "webhooks-processor" # (5 unchanged attributes hidden) } # (1 unchanged block hidden) } Plan: 1 to add, 25 to change, 1 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: apps-tfplan To perform exactly these actions, run the following command to apply: terraform apply "apps-tfplan" ```

42atomys / stud42

fix: 42 token rotation #621

Terraform data for `pre-cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`

Terraform data for `cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`

Terraform data for `apps` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`

42atomys / stud42

fix: 42 token rotation #621

Terraform data for pre-cluster stack

Terraform Initialization ⚙️ success

Terraform Validation 🤖 success

Terraform Plan 📖 success

Terraform data for cluster stack

Terraform Initialization ⚙️ success

Terraform Validation 🤖 success

Terraform Plan 📖 success

Terraform data for apps stack

Terraform Initialization ⚙️ success

Terraform Validation 🤖 success

Terraform Plan 📖 success

Terraform data for `pre-cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`

Terraform data for `cluster` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`

Terraform data for `apps` stack

Terraform Initialization ⚙️ `success`

Terraform Validation 🤖 `success`

Terraform Plan 📖 `success`