Closed nnti closed 2 years ago
@nnti now that we are moving this to serverless v3, can you please try removing this line where I was specifying the v3 variable resolver? variablesResolutionMode: "20210326"
@nnti the reason deploy-support failed after you merged this before is that we don't have a few variables set in SSM, and now in v3 it fails instead of warning on this issue.
@mdial89f do we use a Github PAT for this? https://github.com/CMSgov/macpro-platform-doc-conversion/blob/master/services/.sechub/serverless.yml#L51
@nnti the reason deploy-support failed after you merged this before is that we don't have a few variables set in SSM, and now in v3 it fails instead of warning on this issue.
@mdial89f do we use a Github PAT for this? https://github.com/CMSgov/macpro-platform-doc-conversion/blob/master/services/.sechub/serverless.yml#L51
Yep
@nnti the reason deploy-support failed after you merged this before is that we don't have a few variables set in SSM, and now in v3 it fails instead of warning on this issue. Mike Dial do we use a Github PAT for this? https://github.com/CMSgov/macpro-platform-doc-conversion/blob/master/services/.sechub/serverless.yml#L51
Yep
Thank you sir. @nnti can you try generating a PAT and adding these vars in SSM in the platform dev account please?
@nnti I've finished the review. Please make the requested changes and re-test they example py script is giving us a good pdf.
Thanks!
@kenrickveit for the pat, what scopes and expiration timeframe am I am I selecting? Also, should I add githubAccessToken, githubRepository, githubRepositoryProjects, githubOrganizationProjects, and severity values to ssm?
ok I've added the values for githubRepository, githubRepositoryProjects, and githubOrganizationProjects in ssm. Let me know the expiration timeframe and scopes for the PAT. Also, I'm not sure what value I need for severity.
@kenrickveit Requested updates have been made. Let me know what to do for the githubAccessToken
@kenrickveit Requested updates have been made. Let me know what to do for the githubAccessToken
Nathan, On the token expiration, this will be your token, so it is up to you. I'd prefer no expiration or at least one year, as we'll need to rotate it.
On scope, I'm not certain, I'd try repo
and we could adjust it re-run deploy-support after.
@mdial89f since you originally created this in the quickstart, do you happen to know what scope we need here for the PAT to be sufficient for the .sechub
service?
https://github.com/CMSgov/macpro-quickstart-serverless/pull/319
@nnti please confirm you have re-tested the Python generation of the pdf since the last changes, and I'll approve. We can always re-run deploy-support with the correct params in SSM after the fact.
@kenrickveit Requested updates have been made. Let me know what to do for the githubAccessToken
Nathan, On the token expiration, this will be your token, so it is up to you. I'd prefer no expiration or at least one year, as we'll need to rotate it.
On scope, I'm not certain, I'd try
repo
and we could adjust it re-run deploy-support after.@mdial89f since you originally created this in the quickstart, do you happen to know what scope we need here for the PAT to be sufficient for the
.sechub
service? CMSgov/macpro-quickstart-serverless#319@nnti please confirm you have re-tested the Python generation of the pdf since the last changes, and I'll approve. We can always re-run deploy-support with the correct params in SSM after the fact.
@kenrickveit Done. I've generated the githubAccessToken and stored its value in ssm. Also, the python gen command successfully generated the pdf.
I don't remember the required scope, no.
Purpose
Upgraded 508 to serverless version 3 and upgraded the runtime node 14.
Linked Issues to Close
https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/216?modal=detail&selectedIssue=OY2-17896 https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/216?modal=detail&selectedIssue=OY2-18071
Approach
Pull Request Creator Checklist
Pull Request Reviewer/Assignee Checklist