JesusFilm / core

JFP DS Engineering Monorepo
https://docs.core.jesusfilm.org/
19 stars 12 forks source link

feat: visitor by journey endpoints #1542

Closed mikeallisonJS closed 1 year ago

mikeallisonJS commented 1 year ago

Description

🤖 Generated by Copilot at 1ed025b

This pull request migrates the api-journeys service from ArangoDB to PostgreSQL as the database provider. It updates the codebase, the infrastructure, and the tests to use Prisma, a tool for managing PostgreSQL schemas and migrations. It also adds a new feature for querying and paginating journey visitors by various sorting and filtering options. It affects the following files: seed.ts, graphql.ts, button.resolver.spec.ts, button.resolver.ts, event.module.ts, event.resolver.spec.ts, event.resolver.ts, event.service.spec.ts, settings.json, Dockerfile, migration.sql, migration_lock.toml, schema.prisma, psMigrate.ts, locals.tf, main.tf, variables.tf, project.json, and prisma.service.ts.

https://3.basecamp.com/3105655/buckets/32387047/todos/6067395788

How should this PR be QA Tested?

Please describe the QA tests that you ran to verify your changes. Please also note any relevant details for your test configuration.

Walkthrough

🤖 Generated by Copilot at 1ed025b

github-actions[bot] commented 1 year ago
Warnings
:warning: :exclamation: Big PR (2828 changes)

(change count - 2828): Pull Request size seems relatively large. If Pull Request contains multiple changes, split each into separate PR will helps faster, easier review.

Generated by :no_entry_sign: dangerJS against 3be16eb26a7490c4c4598638b90d74d660716db7

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

Show Output ``` running "/home/atlantis/.atlantis/bin/terraform1.4.6 plan -input=false -refresh -out \"/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure/default.tfplan\"" in "/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure": exit status 1 ╷ │ Error: Missing required argument │ │ on environments/prod/main.tf line 54, in module "api-journeys": │ 54: module "api-journeys" { │ │ The argument "subnet_group_name" is required, but no definition was found. ╵ ╷ │ Error: Missing required argument │ │ on environments/prod/main.tf line 54, in module "api-journeys": │ 54: module "api-journeys" { │ │ The argument "vpc_security_group_id" is required, but no definition was │ found. ╵ ```
infracost[bot] commented 1 year ago

💰 Infracost estimate: monthly cost will not change

Project Previous New Diff
JesusFilm/core/infrastructure $543 $543 $0
All projects $571 $571 $0

3 projects have no code changes.

Infracost output ``` ────────────────────────────────── Project: JesusFilm/core/infrastructure Module path: infrastructure + module.prod.module.api-journeys.module.database.aws_rds_cluster.default Monthly cost depends on usage + Aurora serverless Monthly cost depends on usage +$0.06 per ACU-hours + Storage Monthly cost depends on usage +$0.10 per GB + I/O requests Monthly cost depends on usage +$0.20 per 1M requests + Backup storage Monthly cost depends on usage +$0.021 per GB + Snapshot export Monthly cost depends on usage +$0.01 per GB + module.stage.module.api-journeys.module.database.aws_rds_cluster.default Monthly cost depends on usage + Aurora serverless Monthly cost depends on usage +$0.06 per ACU-hours + Storage Monthly cost depends on usage +$0.10 per GB + I/O requests Monthly cost depends on usage +$0.20 per 1M requests + Backup storage Monthly cost depends on usage +$0.021 per GB + Snapshot export Monthly cost depends on usage +$0.01 per GB Monthly cost change for JesusFilm/core/infrastructure (Module path: infrastructure) Amount: $0.00 ($543 → $543) Percent: 0% ────────────────────────────────── Key: ~ changed, + added, - removed The following projects have no cost estimate changes: JesusFilm/core/infrastructure/resources/atlantis (Module path: infrastructure/resources/atlantis), JesusFilm/core/infrastructure/resources/doppler (Module path: infrastructure/resources/doppler), JesusFilm/core/infrastructure/resources/terraform (Module path: infrastructure/resources/terraform) Run the following command to see their breakdown: infracost breakdown --path=/path/to/code ────────────────────────────────── 612 cloud resources were detected: ∙ 124 were estimated, 90 of which include usage-based costs, see https://infracost.io/usage-file ∙ 488 were free: ∙ 159 x aws_ssm_parameter ∙ 64 x aws_route_table_association ∙ 64 x aws_subnet ∙ 28 x aws_appautoscaling_policy ∙ 28 x aws_ecs_task_definition ∙ 27 x aws_ecr_lifecycle_policy ∙ 18 x aws_alb_listener ∙ 14 x aws_alb_listener_rule ∙ 14 x aws_alb_target_group ∙ 13 x aws_security_group ∙ 8 x aws_security_group_rule ∙ 6 x aws_iam_role_policy_attachment ∙ 5 x aws_iam_role ∙ 4 x aws_route ∙ 4 x aws_route_table ∙ 3 x aws_ecs_cluster ∙ 2 x aws_acm_certificate ∙ 2 x aws_acm_certificate_validation ∙ 2 x aws_db_subnet_group ∙ 2 x aws_eip ∙ 2 x aws_iam_policy ∙ 2 x aws_internet_gateway ∙ 2 x aws_lb_listener ∙ 2 x aws_lb_listener_rule ∙ 2 x aws_vpc ∙ 1 x aws_cloudwatch_event_rule ∙ 1 x aws_cloudwatch_event_target ∙ 1 x aws_efs_mount_target ∙ 1 x aws_iam_access_key ∙ 1 x aws_iam_role_policy ∙ 1 x aws_iam_user ∙ 1 x aws_iam_user_policy ∙ 1 x aws_lb_target_group ∙ 1 x aws_s3_bucket_public_access_block ∙ 1 x aws_s3_bucket_server_side_encryption_configuration ∙ 1 x aws_s3_bucket_versioning ```

This comment will be updated when the cost estimate changes.

Is this comment useful? Yes, No, Other

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


mikeallisonJS commented 1 year ago

atlantis apply

jesus-film-bot commented 1 year ago

Ran Apply for dir: infrastructure workspace: default

Apply Failed: Pull request must be mergeable before running apply.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place -/+ destroy and then create replacement +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-prod" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "prod" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "prod" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-0b9f71dd648b7ccdd", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.prod.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "prd" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.prod.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:32" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 32 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-prod:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-prod" - dd_source = "node" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/prod/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:jfp-api-journeys-seed-prod" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-prod" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/prod/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.aws_rds_cluster.default will be created + resource "aws_rds_cluster" "default" { + allocated_storage = (known after apply) + apply_immediately = true + arn = (known after apply) + availability_zones = [ + "us-east-2a", + "us-east-2b", + "us-east-2c", ] + backup_retention_period = 5 + cluster_identifier = "api-journeys-stage" + cluster_identifier_prefix = (known after apply) + cluster_members = (known after apply) + cluster_resource_id = (known after apply) + copy_tags_to_snapshot = false + database_name = "stage" + db_cluster_parameter_group_name = (known after apply) + db_subnet_group_name = "stage" + enable_global_write_forwarding = false + enable_http_endpoint = false + endpoint = (known after apply) + engine = "aurora-postgresql" + engine_mode = "serverless" + engine_version = (known after apply) + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + iam_roles = (known after apply) + id = (known after apply) + kms_key_id = (known after apply) + master_password = (sensitive value) + master_username = "root" + network_type = (known after apply) + port = (known after apply) + preferred_backup_window = "07:00-09:00" + preferred_maintenance_window = (known after apply) + reader_endpoint = (known after apply) + skip_final_snapshot = false + storage_encrypted = (known after apply) + tags_all = (known after apply) + vpc_security_group_ids = [ + "sg-030e79e5f9dcbb65c", ] + scaling_configuration { + auto_pause = true + max_capacity = 16 + min_capacity = 2 + seconds_until_auto_pause = 300 + timeout_action = "RollbackCapacityChange" } } # module.stage.module.api-journeys.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_password will be created + resource "doppler_secret" "rds_password" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_PASSWORD" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.doppler_secret.rds_url will be created + resource "doppler_secret" "rds_url" { + computed = (sensitive value) + config = "stg" + id = (known after apply) + name = "PG_DATABASE_URL" + project = "api-journeys" + value = (sensitive value) } # module.stage.module.api-journeys.module.database.random_password.password will be created + resource "random_password" "password" { + bcrypt_hash = (sensitive value) + id = (known after apply) + length = 16 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + numeric = true + override_special = "!$%&*?" + result = (sensitive value) + special = true + upper = true } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:21" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 21 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.seed.aws_ecs_task_definition.ecs_task_definition must be replaced -/+ resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-seed-stage:4" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 256 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-seed-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - dd_service = "jfp-api-journeys-seed-stage" - dd_source = "node" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 512 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-app" - portMappings = [] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys-seed/stage/DATABASE_USER" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:jfp-api-journeys-seed-stage" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-seed-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-seed-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-seed-stage" -> (known after apply) ~ revision = 4 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-tags.module.database.aws_ssm_parameter.parameter will be created + resource "aws_ssm_parameter" "parameter" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-tags/stage/PG_DATABASE_URL" + overwrite = true + tags = { + "name" = "PG_DATABASE_URL" } + tags_all = { + "name" = "PG_DATABASE_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 20 to add, 2 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 20 to add, 2 to change, 4 to destroy.


mikeallisonJS commented 1 year ago

atlantis apply

jesus-film-bot commented 1 year ago

Ran Apply for dir: infrastructure workspace: default

Apply Failed: Pull request must be mergeable before running apply.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

Show Output ``` running "/home/atlantis/.atlantis/bin/terraform1.4.6 plan -input=false -refresh -out \"/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure/default.tfplan\"" in "/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure": exit status 1 ╷ │ Error: Error acquiring the state lock │ │ Error message: ConditionalCheckFailedException: The conditional request │ failed │ Lock Info: │ ID: df7d1d80-8c70-8a13-3821-2e4a0740ab98 │ Path: jfp-terraform-state/core.tfstate │ Operation: OperationTypeApply │ Who: node@b5b4c95aaa67 │ Version: 1.4.5 │ Created: 2023-05-12 17:31:03.452214728 +0000 UTC │ Info: │ │ │ Terraform acquires a state lock to protect the state from being written │ by multiple users at the same time. Please resolve the issue above and try │ again. For most commands, you can disable locking with the "-lock=false" │ flag, but this is not recommended. ╵ ```
mikeallisonJS commented 1 year ago

atlantis plan

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } Plan: 0 to add, 2 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 2 to change, 0 to destroy.


stage-branch-merger[bot] commented 1 year ago

I see you added the "on stage" label, I'll get this merged to the stage branch!

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } Plan: 0 to add, 2 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 2 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/prod/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.seed.aws_ssm_parameter.parameters["PG_DATABASE_URL"] will be updated in-place ~ resource "aws_ssm_parameter" "parameters" { id = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" + insecure_value = (known after apply) name = "/ecs/api-journeys-seed/stage/PG_DATABASE_URL" tags = { "name" = "PG_DATABASE_URL" } ~ value = (sensitive value) ~ version = 1 -> (known after apply) # (7 unchanged attributes hidden) } Plan: 0 to add, 2 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 2 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

running "/home/atlantis/.atlantis/bin/terraform1.4.6 plan -input=false -refresh -out \"/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure/default.tfplan\"" in "/home/atlantis/.atlantis/repos/JesusFilm/core/1542/default/infrastructure": exit status 1
â•·
│ Error: failed to read provider configuration schema for registry.terraform.io/dopplerhq/doppler: failed to instantiate provider "registry.terraform.io/dopplerhq/doppler" to obtain schema: could not read package directory: open .terraform/providers/registry.terraform.io/dopplerhq/doppler/1.1.6/linux_amd64: no such file or directory
│ 
│ 
╵
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

The default workspace at path infrastructure is currently locked by another command that is running for this pull request.
Wait until the previous command is complete and try again.
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

github-actions[bot] commented 1 year ago

The latest updates on your projects.

Name Status Preview Updated (UTC)
journeys-admin ✅ Ready Visit Preview Thu May 25 22:36:54 UTC 2023
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

tataihono commented 1 year ago

atlantis plan

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

The default workspace at path infrastructure is currently locked by another command that is running for this pull request.
Wait until the previous command is complete and try again.
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place +/- create replacement and then destroy Terraform will perform the following actions: # module.prod.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-journeys-prod-service" name = "api-journeys-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:33" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-prod:33" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-prod-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "PG_DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/PG_DATABASE_URL" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/prod/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-prod" -> (known after apply) ~ revision = 33 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_ACCOUNT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/CLOUDFLARE_ACCOUNT_ID" + overwrite = true + tags = { + "name" = "CLOUDFLARE_ACCOUNT_ID" } + tags_all = { + "name" = "CLOUDFLARE_ACCOUNT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_STREAM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/prod/CLOUDFLARE_STREAM_TOKEN" + overwrite = true + tags = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tags_all = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.api-media.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/api-media-prod-service" name = "api-media-prod-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-media-prod:8" -> (known after apply) # (15 unchanged attributes hidden) # (5 unchanged blocks hidden) } # module.prod.module.api-media.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-media-prod:8" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 512 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-media-prod:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-media" - dd_source = "nestjs" - dd_tags = "env:prod" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 1024 - mountPoints = [] - name = "jfp-api-media-prod-app" - portMappings = [ - { - containerPort = 4005 - hostPort = 4005 - protocol = "tcp" }, ] - secrets = [ - { - name = "CLOUDFLARE_ACCOUNT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/CLOUDFLARE_ACCOUNT_ID" }, - { - name = "CLOUDFLARE_IMAGES_TOKEN" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/CLOUDFLARE_IMAGES_TOKEN" }, - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/DATABASE_USER" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/GOOGLE_APPLICATION_JSON" }, - { - name = "UNSPLASH_ACCESS_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/prod/UNSPLASH_ACCESS_KEY" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:prod app:api-media" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-media-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-media-prod-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-media-prod-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-media-prod-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-media-prod" -> (known after apply) ~ revision = 8 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.prod.module.api-media.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_STREAM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-media/prod/CLOUDFLARE_STREAM_TOKEN" + overwrite = true + tags = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tags_all = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-journeys-stage-service" name = "api-journeys-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:22" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-journeys-stage:22" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 1024 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-journeys-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-journeys" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 2048 - mountPoints = [] - name = "jfp-api-journeys-stage-app" - portMappings = [ - { - containerPort = 4001 - hostPort = 4001 - protocol = "tcp" }, ] - secrets = [ - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/DATABASE_USER" }, - { - name = "FIREBASE_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/FIREBASE_API_KEY" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "PG_DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/PG_DATABASE_URL" }, - { - name = "POWER_BI_CLIENT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_ID" }, - { - name = "POWER_BI_CLIENT_SECRET" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_CLIENT_SECRET" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_MULTIPLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_FULL_REPORT_ID" }, - { - name = "POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_JOURNEYS_SINGLE_SUMMARY_REPORT_ID" }, - { - name = "POWER_BI_TENANT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_TENANT_ID" }, - { - name = "POWER_BI_WORKSPACE_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-journeys/stage/POWER_BI_WORKSPACE_ID" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-journeys" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-journeys-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-journeys-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-journeys-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-journeys-stage" -> (known after apply) ~ revision = 22 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_ACCOUNT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/CLOUDFLARE_ACCOUNT_ID" + overwrite = true + tags = { + "name" = "CLOUDFLARE_ACCOUNT_ID" } + tags_all = { + "name" = "CLOUDFLARE_ACCOUNT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-journeys.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_STREAM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-journeys/stage/CLOUDFLARE_STREAM_TOKEN" + overwrite = true + tags = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tags_all = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.api-media.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place ~ resource "aws_ecs_service" "ecs_service" { id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-stage/api-media-stage-service" name = "api-media-stage-service" tags = {} ~ task_definition = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-media-stage:5" -> (known after apply) # (15 unchanged attributes hidden) # (4 unchanged blocks hidden) } # module.stage.module.api-media.module.ecs-task.aws_ecs_task_definition.ecs_task_definition must be replaced +/- resource "aws_ecs_task_definition" "ecs_task_definition" { ~ arn = "arn:aws:ecs:us-east-2:410965620680:task-definition/jfp-api-media-stage:5" -> (known after apply) ~ container_definitions = jsonencode( [ - { - cpu = 512 - environment = [ - { - name = "NODE_ENV" - value = "production" }, ] - essential = true - image = "410965620680.dkr.ecr.us-east-2.amazonaws.com/jfp-api-media-stage:latest" - logConfiguration = { - logDriver = "awsfirelens" - options = { - Host = "http-intake.logs.datadoghq.com" - Name = "datadog" - TLS = "on" - compress = "gzip" - dd_service = "api-media" - dd_source = "nestjs" - dd_tags = "env:stage" - provider = "ecs" - retry_limit = "2" } - secretOptions = [ - { - name = "apikey" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] } - memory = 1024 - mountPoints = [] - name = "jfp-api-media-stage-app" - portMappings = [ - { - containerPort = 4005 - hostPort = 4005 - protocol = "tcp" }, ] - secrets = [ - { - name = "CLOUDFLARE_ACCOUNT_ID" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/CLOUDFLARE_ACCOUNT_ID" }, - { - name = "CLOUDFLARE_IMAGES_TOKEN" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/CLOUDFLARE_IMAGES_TOKEN" }, - { - name = "DATABASE_DB" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/DATABASE_DB" }, - { - name = "DATABASE_PASS" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/DATABASE_PASS" }, - { - name = "DATABASE_URL" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/DATABASE_URL" }, - { - name = "DATABASE_USER" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/DATABASE_USER" }, - { - name = "GOOGLE_APPLICATION_JSON" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/GOOGLE_APPLICATION_JSON" }, - { - name = "UNSPLASH_ACCESS_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/ecs/api-media/stage/UNSPLASH_ACCESS_KEY" }, - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [ - { - name = "DD_APM_ENABLED" - value = "true" }, - { - name = "DD_APM_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - value = "true" }, - { - name = "DD_LOGS_INJECTION" - value = "true" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - value = "0.0.0.0:4317" }, - { - name = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - value = "0.0.0.0:4318" }, - { - name = "DD_PROCESS_AGENT_ENABLED" - value = "true" }, - { - name = "DD_PROFILING_ENABLED" - value = "true" }, - { - name = "DD_RUNTIME_METRICS_ENABLED" - value = "true" }, - { - name = "DD_TAGS" - value = "env:stage app:api-media" }, - { - name = "DD_TRACE_ANALYTICS_ENABLED" - value = "true" }, - { - name = "ECS_FARGATE" - value = "true" }, ] - essential = true - image = "public.ecr.aws/datadog/agent:latest" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-media-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 128 - mountPoints = [] - name = "jfp-api-media-stage-datadog-agent" - portMappings = [ - { - containerPort = 8125 - hostPort = 8125 - protocol = "udp" }, ] - secrets = [ - { - name = "DD_API_KEY" - valueFrom = "arn:aws:ssm:us-east-2:410965620680:parameter/terraform/prd/DATADOG_API_KEY" }, ] - volumesFrom = [] }, - { - cpu = 0 - environment = [] - essential = true - firelensConfiguration = { - options = { - config-file-type = "file" - config-file-value = "/fluent-bit/configs/parse-json.conf" - enable-ecs-log-metadata = "true" } - type = "fluentbit" } - image = "amazon/aws-for-fluent-bit:stable" - logConfiguration = { - logDriver = "awslogs" - options = { - awslogs-group = "api-media-stage-logs" - awslogs-region = "us-east-2" - awslogs-stream-prefix = "core" } } - memoryReservation = 100 - mountPoints = [] - name = "jfp-api-media-stage-log-router" - portMappings = [] - user = "0" - volumesFrom = [] }, ] # forces replacement ) -> (known after apply) # forces replacement ~ id = "jfp-api-media-stage" -> (known after apply) ~ revision = 5 -> (known after apply) - tags = {} -> null ~ tags_all = {} -> (known after apply) # (7 unchanged attributes hidden) } # module.stage.module.api-media.module.ecs-task.aws_ssm_parameter.parameters["CLOUDFLARE_STREAM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/api-media/stage/CLOUDFLARE_STREAM_TOKEN" + overwrite = true + tags = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tags_all = { + "name" = "CLOUDFLARE_STREAM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } Plan: 10 to add, 4 to change, 4 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 10 to add, 4 to change, 4 to destroy.


tataihono commented 1 year ago

atlantis apply

jesus-film-bot commented 1 year ago

Ran Apply for dir: infrastructure workspace: default

Apply Failed: Pull request must be mergeable before running apply.

mikeallisonJS commented 1 year ago

atlantis unlock

jesus-film-bot commented 1 year ago

All Atlantis locks for this PR have been unlocked and plans discarded