search

SeaGL / seagl-terraform

Terraform used to maintain SeaGL's VMs, RDS database, DNS, etc.
GNU Affero General Public License v3.0
1 stars 2 forks source link

Atlantis test with credentials 2 #59

Closed strugee closed 8 months ago

seagl-atlantis[bot] commented 8 months ago

Ran Plan for dir: . workspace: default

Plan Error

Show Output ``` running "/usr/local/bin/terraform init -input=false" in "/home/atlantis/.atlantis/repos/SeaGL/seagl-terraform/59/default": exit status 1 Initializing the backend... Initializing modules... - prod_db in osem_rds - production_env in env - production_env.mailu-vm in simple_vm - production_env.nc-office-vm in simple_vm ╷ │ Error: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 403, RequestID: a5bdeb25-351e-4a86-9c22-9a17cee50217, api error SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. │ │ ╵ ```
github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] module.production_env.module.nc-office-vm.openstack_networking_secgroup_v2.main-sg: Refreshing state... [id=4d84c1c5-484b-45a1-a23f-b32d367f41b4] module.production_env.module.mailu-vm.openstack_networking_secgroup_v2.main-sg: Refreshing state... [id=ca23c054-f7fd-434e-ae5e-529242766ba3] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] module.production_env.aws_route53_zone.apex: Refreshing state... [id=Z0173878287JIU5M4KB8R] data.aws_vpc.vpc: Reading... module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] module.production_env.aws_ses_domain_identity.main: Refreshing state... [id=seagl.org] aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] module.production_env.aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] module.production_env.aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] module.production_env.aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] module.production_env.aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] module.production_env.aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] module.production_env.aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] module.production_env.aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] module.production_env.aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] module.production_env.aws_route53_record.dokku_wildcard: Refreshing state... [id=Z0173878287JIU5M4KB8R_*.seagl.org_CNAME] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] module.production_env.aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.ipv4-egress: Refreshing state... [id=b4c16127-ae56-48c8-aa65-ca37c49c9c79] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.ipv6-egress: Refreshing state... [id=cb85269b-39fc-4169-8fd2-ba7e360b16e5] data.aws_vpc.vpc: Read complete after 2s [id=vpc-231ecb46] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress: Refreshing state... [id=2373bb0c-08d7-4d05-9101-8194e7a86b50] module.production_env.module.nc-office-vm.openstack_compute_instance_v2.instance: Refreshing state... [id=321fae7f-cbe4-4237-a44e-49c748d82dba] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["80"]: Refreshing state... [id=5b266c7d-c72b-4395-a8fe-43ed8df1aa6f] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["22"]: Refreshing state... [id=b88334fc-505c-4849-824c-11f03eb59e75] module.production_env.module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["443"]: Refreshing state... [id=f9de80b9-a92e-4629-96a6-4a896cbf9f9e] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress: Refreshing state... [id=536162a0-b5d8-40f4-a1e5-62327d031c34] module.production_env.module.mailu-vm.openstack_compute_instance_v2.instance: Refreshing state... [id=c388c80b-fa29-40fe-ae0b-e93803e87b22] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv6-egress: Refreshing state... [id=bc3215ca-0357-4914-877c-93bd69071fb2] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv4-egress: Refreshing state... [id=8fa82fbe-3b58-4f1d-beb3-a371cd7006a1] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["110"]: Refreshing state... [id=ea335d3e-b5c9-4606-bd8d-238afafe2210] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["443"]: Refreshing state... [id=4122edd4-dc37-46dd-8f6e-2e4db2e79dc3] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["143"]: Refreshing state... [id=2643a76b-3fbd-44cc-aebf-58a1e982d69f] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["587"]: Refreshing state... [id=60dca189-4b69-4838-b9b7-47e25f9822cd] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["993"]: Refreshing state... [id=20cea76b-b319-474f-97ed-1f609c5c6e0d] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["22"]: Refreshing state... [id=145b0c38-a81b-4d83-ac82-3cf680eced41] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["25"]: Refreshing state... [id=e44bcd67-f3e4-4399-a243-40f611c305ac] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["465"]: Refreshing state... [id=87d006c0-aec4-4ae4-8999-b156e40950e4] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["995"]: Refreshing state... [id=05bbe377-1579-4e54-a92f-88b6cca34449] module.production_env.module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["80"]: Refreshing state... [id=4abb1ded-c162-4de8-b90d-6c40a9061c09] module.production_env.aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] module.production_env.aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] module.production_env.aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] module.production_env.module.nc-office-vm.aws_route53_record.dns-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_nc-office.host.seagl.org_A] module.production_env.module.mailu-vm.aws_route53_record.dns-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mailu.host.seagl.org_A] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: -/+ destroy and then create replacement Terraform will perform the following actions: # aws_instance.dokku must be replaced -/+ resource "aws_instance" "dokku" { ~ arn = "arn:aws:ec2:us-west-2:663166083306:instance/i-02ee81d4bd0860d30" -> (known after apply) ~ associate_public_ip_address = true -> false # forces replacement ~ availability_zone = "us-west-2d" -> (known after apply) ~ cpu_core_count = 1 -> (known after apply) ~ cpu_threads_per_core = 2 -> (known after apply) ~ disable_api_termination = true -> (known after apply) ~ ebs_optimized = false -> (known after apply) - hibernation = false -> null + host_id = (known after apply) ~ id = "i-02ee81d4bd0860d30" -> (known after apply) ~ instance_initiated_shutdown_behavior = "stop" -> (known after apply) ~ instance_state = "running" -> (known after apply) ~ ipv6_address_count = 0 -> (known after apply) ~ ipv6_addresses = [] -> (known after apply) ~ monitoring = false -> (known after apply) + outpost_arn = (known after apply) + password_data = (known after apply) + placement_group = (known after apply) + placement_partition_number = (known after apply) ~ primary_network_interface_id = "eni-002a8247cd4d25be3" -> (known after apply) ~ private_dns = "ip-172-31-52-88.us-west-2.compute.internal" -> (known after apply) ~ private_ip = "172.31.52.88" -> (known after apply) ~ public_dns = "ec2-52-41-43-100.us-west-2.compute.amazonaws.com" -> (known after apply) ~ public_ip = "52.41.43.100" -> (known after apply) ~ secondary_private_ips = [] -> (known after apply) ~ security_groups = [ - "launch-wizard-5", ] -> (known after apply) ~ subnet_id = "subnet-973c19bf" -> (known after apply) tags = { "Name" = "dokku.seagl.org" } ~ tenancy = "default" -> (known after apply) + user_data = (known after apply) + user_data_base64 = (known after apply) # (7 unchanged attributes hidden) - capacity_reservation_specification { - capacity_reservation_preference = "open" -> null } - credit_specification { - cpu_credits = "unlimited" -> null } - enclave_options { - enabled = false -> null } - metadata_options { - http_endpoint = "enabled" -> null - http_put_response_hop_limit = 1 -> null - http_tokens = "optional" -> null - instance_metadata_tags = "disabled" -> null } - root_block_device { - delete_on_termination = false -> null - device_name = "/dev/sda1" -> null - encrypted = false -> null - iops = 3000 -> null - tags = { - "Name" = "dokku.seagl.org /dev/sda1" } -> null - throughput = 125 -> null - volume_id = "vol-054279bca553e1704" -> null - volume_size = 40 -> null - volume_type = "gp3" -> null } } Plan: 1 to add, 0 to change, 1 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_versioning resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request