[devops-deploys] Cleanup the slack alert message for expiring certs

department-of-veterans-affairs / va.gov-team

Public resources for building on and in support of VA.gov. Visit complete Knowledge Hub:

https://depo-platform-documentation.scrollhelp.site/index.html

284 stars 206 forks source link

[devops-deploys] Cleanup the slack alert message for expiring certs #64460

Open npeterson54 opened 1 year ago

npeterson54 commented 1 year ago

Description

Currently the alerts message that goes out in the #devops-deploys slack channel is displaying certs that have already been renewed and no longer need attention.

Resources

Here is the slack Channel

Acceptance Criteria

[ ] The alert no longer tells us of expired certs that have already been fixed
[ ] Convert this to an epic once additional stories are created
[ ] Get out of the repo, and into the param store
[ ] Have a github action that is scanning the files being actually used

nfpappas-oddball commented 1 week ago

Looking into this, I found that this job was in jenkins. So in favor of moving this to GHA I converted the code to a GHA that uses marketplace tools to perform the same check. We may need to review my domains that I use because I did not fully understand what is our duty to scan. This also performs the check as the GHA runner, which im assuming is not over socks on the VA network. This may limit the check in the future but should be good enough for our purposes.