ccostino
commented
9 months ago There are several things at play here, though the likely culprit is a recent update to the dflook/terraform-check@v1 action. This pulled in an update to Terraform itself (1.6.6 to 1.7.0), which may have exposed an undocumented AWS provider change. What ended up happening was the profile attribute being set wasn't being found because that needed to be set to a credentials file instead of just falling back on the environment variables for AWS credentials as it had been up until the point of the failures starting.
Removing the profile attribute has fixed the issue and now the Terraform commands and actions run again.
As a part of this work though, we also updated all of our references of the cloudfoundry-community/cloudfoundry module to the latest release (0.53.0) and we updated references to the 18F/terraform-cloudgov module to its latest release (0.7.1).
Our daily infrastructure verification checks are starting to fail consistently and we suspect that the cause is the pinned version of the Cloud Foundry Terraform module we're using.
You can see an example of the failed infrastructure verification check here, and the module in question can be found by searching through the code for it.
The module itself lives here in the Terraform Registry and at the time of writing this issue, it's at version
0.52.0; most of the ones in our code are around0.15.x; a little out of date!Implementation Sketch and Acceptance Criteria
terraform/folder in root of the project.Security Considerations