search

falcosecurity / test-infra

Falco workflow & testing infrastructure
https://prow.falco.org
Apache License 2.0
30 stars 109 forks source link

update(config): add Aldo Lacuku to cluster maintainers #1522

Closed LucaGuerra closed 1 month ago

LucaGuerra commented 1 month ago

After a discussion with @alacuku (Falco Core Maintainer) I learned that he is interested in helping with maintenance of our cluster, incl. adding monitoring and other things. Given his expertise with Kubernetes I'm very happy about that interest 😁 . Also, considering that he is a core maintainer he can be a cluster admin (see governance)

Please confirm @alacuku 🙏

github-actions[bot] commented 1 month ago

Terraform Format and Style 🖌failure

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Validation Output ``` Success! The configuration is valid. ```

Terraform Plan 📖success

Show Plan ``` terraform module.iam_github_oidc_provider.data.tls_certificate.this[0]: Reading... module.iam_github_oidc_provider.data.tls_certificate.this[0]: Read complete after 0s [id=43add1749d6d9832e0a8fca0784941273380c63a] module.load_balancer_controller.data.aws_caller_identity.current: Reading... module.eks.data.aws_partition.current: Reading... module.test-infra_s3_role.data.aws_partition.current: Reading... module.plugins_s3_role.data.aws_partition.current: Reading... module.falcosidekick_ecr_role.data.aws_caller_identity.current: Reading... module.eks.data.aws_partition.current: Read complete after 0s [id=aws] module.falcoctl_ecr_role.data.aws_caller_identity.current: Reading... module.test-infra_reader.data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.falcosidekick_ui_ecr_access: Reading... module.test-infra_s3_role.data.aws_caller_identity.current: Reading... module.test-infra_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] module.plugins_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] data.aws_iam_policy_document.falcosidekick_ui_ecr_access: Read complete after 0s [id=2521239600] module.plugins_s3_role.data.aws_caller_identity.current: Reading... aws_kms_key.falco-test-infra-state: Refreshing state... [id=ebaa575e-cf32-4f88-a3ae-2d9e6dc7a32e] module.driver_kit_s3_role.data.aws_caller_identity.current: Reading... aws_acm_certificate.deck: Refreshing state... [id=arn:aws:acm:eu-west-1:292999226676:certificate/ba966f87-e470-4638-90ba-a2e9a34d5677] data.aws_iam_policy_document.falco_s3_access: Reading... data.aws_iam_policy_document.falco_s3_access: Read complete after 0s [id=3637981268] module.test-infra_reader.data.aws_partition.current: Reading... module.test-infra_reader.data.aws_partition.current: Read complete after 0s [id=aws] aws_dynamodb_table.falco-test-infra-state-lock: Refreshing state... [id=falco-test-infra-state-lock] module.test-infra_reader.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.falcosidekick_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.plugins_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.test-infra_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.falco_ecr_role.data.aws_caller_identity.current: Reading... module.driver_kit_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.falcosidekick_ecr_role.data.aws_partition.current: Reading... aws_ecr_repository.build_drivers: Refreshing state... [id=test-infra/build-drivers] module.falcosidekick_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws] module.iam_assumable_role_admin.data.aws_caller_identity.current: Reading... module.falcoctl_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] aws_acm_certificate.monitor_prow: Refreshing state... [id=arn:aws:acm:eu-west-1:292999226676:certificate/87aa77e9-dceb-480b-8873-8532f02f5813] data.aws_iam_policy_document.test-infra_s3_access: Reading... aws_ecr_repository.update_dbg: Refreshing state... [id=test-infra/update-dbg] data.aws_iam_policy_document.test-infra_s3_access: Read complete after 0s [id=532751175] module.load_balancer_controller.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.eks.data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.ebs_controller_policy_doc: Reading... data.aws_iam_policy_document.ebs_controller_policy_doc: Read complete after 0s [id=1584698932] module.falco_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.falco_ecr_role.data.aws_partition.current: Reading... data.aws_iam_policy_document.falco_ecr_access: Reading... module.falco_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws] module.falco_s3_role.data.aws_partition.current: Reading... data.aws_iam_policy_document.falco_ecr_access: Read complete after 0s [id=931847752] module.falco_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] module.iam_assumable_role_admin.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.rules_s3_role.data.aws_partition.current: Reading... module.falcosidekick_ui_ecr_role.data.aws_partition.current: Reading... module.rules_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] aws_ecr_repository.golang: Refreshing state... [id=test-infra/golang] module.falcosidekick_ui_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws] module.falco_s3_role.data.aws_caller_identity.current: Reading... module.eks.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] aws_s3_bucket.falco-test-infra-state: Refreshing state... [id=falco-test-infra-state] module.falco_playground_s3_role.data.aws_caller_identity.current: Reading... module.falco_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] aws_ecr_repository.update_jobs: Refreshing state... [id=test-infra/update-jobs] module.falco_playground_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0654bc7f6f794e1a2] module.falcosidekick_ui_ecr_role.data.aws_caller_identity.current: Reading... module.falcosidekick_ui_ecr_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] aws_ecr_repository.update_deployment_files: Refreshing state... [id=test-infra/update-falco-k8s-manifests] data.aws_iam_policy_document.test-infra_state_lock: Reading... data.aws_iam_policy_document.test-infra_state_lock: Read complete after 0s [id=3171549464] module.test-infra_cluster_role.data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.falcosidekick_ecr_access: Reading... module.test-infra_cluster_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.falcoctl_ecr_role.data.aws_partition.current: Reading... data.aws_iam_policy_document.falcosidekick_ecr_access: Read complete after 0s [id=315517080] module.falcoctl_ecr_role.data.aws_partition.current: Read complete after 0s [id=aws] module.load_balancer_controller.data.aws_partition.current: Reading... module.load_balancer_controller.data.aws_partition.current: Read complete after 0s [id=aws] module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Reading... data.aws_iam_policy_document.plugins_s3_access: Reading... data.aws_availability_zones.available: Reading... module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Read complete after 0s [id=2764486067] data.aws_iam_policy_document.plugins_s3_access: Read complete after 1s [id=3299842136] data.aws_iam_policy_document.rules_s3_access: Reading... data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.rules_s3_access: Read complete after 0s [id=46917358] aws_ecr_repository.docker_dind: Refreshing state... [id=test-infra/docker-dind] data.aws_iam_policy_document.falco_playground_s3_access: Reading... data.aws_iam_policy_document.falco_playground_s3_access: Read complete after 0s [id=1908753999] data.aws_iam_policy_document.test-infra_cluster_access: Reading... data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.iam_github_oidc_provider.data.aws_partition.current: Reading... data.aws_iam_policy_document.test-infra_cluster_access: Read complete after 0s [id=3038031340] module.iam_github_oidc_provider.data.aws_partition.current: Read complete after 0s [id=aws] aws_ecr_repository.update_rules_index: Refreshing state... [id=test-infra/update-rules-index] aws_kms_key.prow_storage: Refreshing state... [id=0ec47d8c-dbda-4e3a-8007-0246997e62d5] aws_s3_bucket.prow_storage: Refreshing state... [id=falco-prow-logs] module.falco_playground_s3_role.data.aws_partition.current: Reading... module.falco_playground_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] module.falco_dev_s3_role.data.aws_partition.current: Reading... module.falco_dev_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] aws_ecr_repository.build_plugins: Refreshing state... [id=test-infra/build-plugins] data.aws_iam_policy_document.cluster_autoscaler_policy_doc: Reading... data.aws_iam_policy_document.cluster_autoscaler_policy_doc: Read complete after 0s [id=1342303187] data.aws_canonical_user_id.current_user: Reading... data.aws_iam_policy_document.falco_dev_s3_access: Reading... data.aws_availability_zones.available: Read complete after 1s [id=eu-west-1] module.falco_dev_s3_role.data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.falco_dev_s3_access: Read complete after 0s [id=3316268599] module.falco_dev_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] data.aws_iam_policy_document.falcoctl_ecr_access: Reading... data.aws_iam_policy_document.falcoctl_ecr_access: Read complete after 0s [id=2545128901] data.aws_iam_policy_document.loadbalancer_controller: Reading... module.driver_kit_s3_role.data.aws_partition.current: Reading... module.driver_kit_s3_role.data.aws_partition.current: Read complete after 0s [id=aws] module.eks.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: Reading... module.eks.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: Read complete after 0s [id=3709839417] data.aws_iam_policy_document.loadbalancer_controller: Read complete after 0s [id=1297636145] module.rules_s3_role.data.aws_caller_identity.current: Reading... data.aws_iam_policy_document.driverkit_s3_access: Reading... data.aws_iam_policy_document.driverkit_s3_access: Read complete after 0s [id=795073047] aws_iam_policy.falcosidekick_ui_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcosidekick-ui-ecr20230913155739228400000001] module.test-infra_cluster_role.data.aws_partition.current: Reading... module.test-infra_cluster_role.data.aws_partition.current: Read complete after 0s [id=aws] module.eks.aws_cloudwatch_log_group.this[0]: Refreshing state... [id=/aws/eks/falco-prow-test-infra/cluster] module.rules_s3_role.data.aws_caller_identity.current: Read complete after 0s [id=292999226676] module.iam_assumable_role_admin.data.aws_partition.current: Reading... module.iam_assumable_role_admin.data.aws_partition.current: Read complete after 0s [id=aws] aws_iam_policy.falco_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-s320230427085324265200000002] aws_iam_policy.test-infra_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-s320230405135707027100000001] aws_iam_policy.ebs_controller_policy: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-ebs-csi-driver20201105152818548300000001] aws_iam_policy.falco_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-ecr20230427091417611700000001] aws_iam_policy.test-infra_state_lock: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-cluster20240325081408031400000001] module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Reading... aws_iam_policy.falcosidekick_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcosidekick-ecr20230308175813643500000001] module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Read complete after 0s [id=3778018924] aws_iam_policy.plugins_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-plugins-s320230413152829770200000001] module.eks.aws_iam_role.cluster[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003] data.aws_canonical_user_id.current_user: Read complete after 0s [id=6e179ab6a522e9123d39ace0dace05f83ca531f9e778367bb90199a80786c709] aws_iam_policy.rules_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-rules-s320230120142903094100000001] aws_iam_policy.falco_playground_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-playground-s320240311212715659700000001] data.aws_iam_policy_document.ecr_standard: Reading... data.aws_iam_policy_document.ecr_standard: Read complete after 0s [id=490672708] aws_iam_policy.test-infra_cluster_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-test-infra-cluster20240220093903726400000001] module.iam_github_oidc_provider.aws_iam_openid_connect_provider.this[0]: Refreshing state... [id=arn:aws:iam::292999226676:oidc-provider/token.actions.githubusercontent.com] aws_iam_policy.cluster_autoscaler_policy: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-cluster-autoscaler20201120161034370800000001] aws_iam_policy.falco_dev_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falco-dev-s320230427085324265100000001] aws_iam_policy.falcoctl_ecr_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/github_actions-falcoctl-ecr20240220101903926000000001] module.eks.aws_iam_policy.cluster_elb_sl_role_creation[0]: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-elb-sl-role-creation20201105152818552700000002] module.plugins_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.test-infra_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.plugins_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2396550039] module.test-infra_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=3682994372] module.test-infra_reader.data.aws_iam_policy_document.this[0]: Reading... module.falcosidekick_ecr_role.data.aws_iam_policy_document.this[0]: Reading... module.test-infra_reader.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2077266412] module.falcosidekick_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2934820887] module.falco_ecr_role.data.aws_iam_policy_document.this[0]: Reading... module.falco_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.falco_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2088837448] module.falco_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=771382233] module.falcosidekick_ui_ecr_role.data.aws_iam_policy_document.this[0]: Reading... module.falcosidekick_ui_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=4162468877] module.falcoctl_ecr_role.data.aws_iam_policy_document.this[0]: Reading... module.falcoctl_ecr_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2227282869] aws_ecr_repository_policy.golang: Refreshing state... [id=test-infra/golang] aws_ecr_repository_policy.update_jobs: Refreshing state... [id=test-infra/update-jobs] aws_ecr_repository_policy.update_deployment_files: Refreshing state... [id=test-infra/update-falco-k8s-manifests] aws_ecr_repository_policy.build_plugins: Refreshing state... [id=test-infra/build-plugins] aws_ecr_repository_policy.docker_dind: Refreshing state... [id=test-infra/docker-dind] aws_ecr_repository_policy.update_dbg: Refreshing state... [id=test-infra/update-dbg] aws_ecr_repository_policy.build_drivers: Refreshing state... [id=test-infra/build-drivers] module.falco_playground_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.falco_playground_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2845281180] module.falco_dev_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.falco_dev_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=2088837448] module.test-infra_cluster_role.data.aws_iam_policy_document.this[0]: Reading... module.test-infra_cluster_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=3682994372] module.rules_s3_role.data.aws_iam_policy_document.this[0]: Reading... module.plugins_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-plugins-s3] module.rules_s3_role.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=4063866326] module.test-infra_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-s3] module.test-infra_reader.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-reader] module.falcosidekick_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcosidekick-ecr] module.falco_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-ecr] module.falco_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-s3] module.falcosidekick_ui_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcosidekick-ui-ecr] module.falcoctl_ecr_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falcoctl-ecr] module.falco_playground_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-playground-s3] module.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-0cd240b1070debefa] module.falco_dev_s3_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-falco-dev-s3] module.test-infra_cluster_role.aws_iam_role.this[0]: Refreshing state... [id=github_actions-test-infra-cluster] module.rules_s3_role.aws_iam_role.this[0]: Refreshing state... [id=terraform-20230120142903096000000002] module.test-infra_s3_role.aws_iam_role_policy_attachment.this["test-infra_s3_access"]: Refreshing state... [id=github_actions-test-infra-s3-20230405135707795800000002] module.plugins_s3_role.aws_iam_role_policy_attachment.this["plugins_s3_access"]: Refreshing state... [id=github_actions-plugins-s3-20230413152830383900000002] aws_s3_bucket_versioning.falco-test-infra-state_versioning: Refreshing state... [id=falco-test-infra-state] aws_s3_bucket_acl.falco-test-infra-state_acl: Refreshing state... [id=falco-test-infra-state,private] aws_s3_bucket_server_side_encryption_configuration.falco-test-infra-state_server_side_encryption_configuration: Refreshing state... [id=falco-test-infra-state] data.aws_iam_policy_document.falco-test-infra-state: Reading... module.test-infra_reader.aws_iam_role_policy_attachment.this["test-infra_read_access"]: Refreshing state... [id=github_actions-test-infra-reader-20240321163504745700000001] data.aws_iam_policy_document.falco-test-infra-state: Read complete after 0s [id=3883224714] module.test-infra_reader.aws_iam_role_policy_attachment.this["test-infra_state_lock"]: Refreshing state... [id=github_actions-test-infra-reader-20240325081409156900000002] module.falco_ecr_role.aws_iam_role_policy_attachment.this["falco_ecr_access"]: Refreshing state... [id=github_actions-falco-ecr-20230427091418182800000002] module.falco_s3_role.aws_iam_role_policy_attachment.this["falco_s3_access"]: Refreshing state... [id=github_actions-falco-s3-20230427085324980000000004] module.falcosidekick_ecr_role.aws_iam_role_policy_attachment.this["falcosidekick_ecr_access"]: Refreshing state... [id=github_actions-falcosidekick-ecr-20230308175814271600000002] module.eks.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152820341400000007] module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819990700000006] module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819867600000004] module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105152818554200000003-20201105152819898000000005] aws_security_group.all_worker_mgmt: Refreshing state... [id=sg-0e16b80a3ed5cf816] aws_security_group.worker_group_mgmt_one: Refreshing state... [id=sg-0cc7b1677349c65ce] module.vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-0a0fe757bebcaf795] module.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-0abe8636ec65c0206] module.vpc.aws_subnet.public[2]: Refreshing state... [id=subnet-02e57666a36d1545a] module.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-02d6ff228997829f9] module.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-09361e94faa3fa8eb] module.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-0dccb91c994a313fd] module.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-07f1775c2de8ec969] module.vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-0f325c0242d048d8f] module.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-0fdfd32f4524c8dc8] module.falcosidekick_ui_ecr_role.aws_iam_role_policy_attachment.this["falcosidekick_ui_ecr_access"]: Refreshing state... [id=github_actions-falcosidekick-ui-ecr-20230913155739870800000002] aws_s3_bucket_policy.falco-test-infra-state: Refreshing state... [id=falco-test-infra-state] module.eks.aws_security_group.workers[0]: Refreshing state... [id=sg-0d2304cab1b3957b1] module.eks.aws_security_group.cluster[0]: Refreshing state... [id=sg-05d3ba5e703e1c5f1] module.falcoctl_ecr_role.aws_iam_role_policy_attachment.this["falcoctl_ecr_access"]: Refreshing state... [id=github_actions-falcoctl-ecr-20240220101904532000000002] module.falco_playground_s3_role.aws_iam_role_policy_attachment.this["falco_playground_s3_access"]: Refreshing state... [id=github_actions-falco-playground-s3-20240311212716930200000002] module.test-infra_cluster_role.aws_iam_role_policy_attachment.this["test-infra_cluster_access"]: Refreshing state... [id=github_actions-test-infra-cluster-20240220093904349300000002] module.rules_s3_role.aws_iam_role_policy_attachment.this["rules_s3_access"]: Refreshing state... [id=terraform-20230120142903096000000002-20230120142903785300000003] module.falco_dev_s3_role.aws_iam_role_policy_attachment.this["falco_s3_access"]: Refreshing state... [id=github_actions-falco-dev-s3-20230427085324972500000003] data.aws_iam_policy_document.s3_access: Reading... data.aws_iam_policy_document.s3_access: Read complete after 0s [id=278244951] aws_s3_bucket_versioning.prow_storage_versioning: Refreshing state... [id=falco-prow-logs] aws_s3_bucket_acl.prow_storage_acl: Refreshing state... [id=falco-prow-logs,private] aws_s3_bucket_server_side_encryption_configuration.prow_storage_server_side_encryption_configuration: Refreshing state... [id=falco-prow-logs] aws_s3_bucket_lifecycle_configuration.prow_storage_lifecycle_configuration: Refreshing state... [id=falco-prow-logs] module.vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-0069c2978d157c4cd] module.vpc.aws_route_table_association.private[2]: Refreshing state... [id=rtbassoc-034c965b472c568fd] module.vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-003d282252839a3b9] module.vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-03ad0749fbe6f1117] module.vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-0f5df778686c05fe5] module.vpc.aws_route_table_association.public[2]: Refreshing state... [id=rtbassoc-0e9e855baf7cd1212] module.vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-0e9f749c7d12e3267] module.vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-0fdfd32f4524c8dc81080289494] module.vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-07f1775c2de8ec9691080289494] module.eks.aws_security_group_rule.cluster_egress_internet[0]: Refreshing state... [id=sgrule-280492479] module.eks.aws_security_group_rule.workers_ingress_self[0]: Refreshing state... [id=sgrule-2377827212] module.eks.aws_security_group_rule.workers_ingress_cluster_https[0]: Refreshing state... [id=sgrule-341689192] module.eks.aws_security_group_rule.workers_egress_internet[0]: Refreshing state... [id=sgrule-1247502868] module.eks.aws_security_group_rule.workers_ingress_cluster[0]: Refreshing state... [id=sgrule-36459906] module.eks.aws_security_group_rule.cluster_https_worker_ingress[0]: Refreshing state... [id=sgrule-1969485948] module.eks.aws_eks_cluster.this[0]: Refreshing state... [id=falco-prow-test-infra] module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Refreshing state... [id=arn:aws:iam::292999226676:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/352DA0E4F639E76F92BD99E5683F0478] module.load_balancer_controller.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading... module.eks.aws_iam_role.workers[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001] module.eks.local_file.kubeconfig[0]: Refreshing state... [id=9709b49e9fb9768ceb0d46920a5878052ab40ab6] module.load_balancer_controller.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=4091739281] module.driver_kit_s3_role.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading... module.eks.data.http.wait_for_cluster[0]: Reading... module.driver_kit_s3_role.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=440209149] module.load_balancer_controller.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-loadbalancer-controller] module.iam_assumable_role_admin.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading... module.iam_assumable_role_admin.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=1787711474] module.driver_kit_s3_role.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-drivers_s3_access] module.iam_assumable_role_admin.aws_iam_role.this[0]: Refreshing state... [id=falco-prow-test-infra-prow_s3_access] module.eks.data.http.wait_for_cluster[0]: Read complete after 0s [id=https://352DA0E4F639E76F92BD99E5683F0478.gr7.eu-west-1.eks.amazonaws.com/healthz] data.aws_eks_cluster_auth.cluster: Reading... aws_iam_policy.driverkit_s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-driverkit-s320201213215323984400000001] aws_iam_policy.s3_access: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-prow-s320201105155512012300000006] aws_iam_policy.loadbalancer_controller: Refreshing state... [id=arn:aws:iam::292999226676:policy/falco-prow-test-infra-lb-controller20201112211541650900000001] data.aws_eks_cluster_auth.cluster: Read complete after 0s [id=falco-prow-test-infra] data.aws_eks_cluster.cluster: Reading... module.iam_assumable_role_admin.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-prow_s3_access-20201213222417722400000001] data.aws_iam_policy_document.prow_storage: Reading... module.load_balancer_controller.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-loadbalancer-controller-20201112211541903700000002] data.aws_iam_policy_document.prow_storage: Read complete after 0s [id=1314906468] aws_s3_bucket_policy.prow_storage: Refreshing state... [id=falco-prow-logs] module.driver_kit_s3_role.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=falco-prow-test-infra-drivers_s3_access-20201213222658154700000001] module.eks.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240059700000003] module.eks.aws_iam_role_policy_attachment.workers_additional_policies[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240151600000005] module.eks.aws_iam_role_policy_attachment.workers_additional_policies[1]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201120161034700700000003] module.eks.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240120500000004] module.eks.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0]: Refreshing state... [id=falco-prow-test-infra20201105155238686500000001-20201105155240056800000002] data.aws_eks_cluster.cluster: Read complete after 0s [id=falco-prow-test-infra] module.eks.kubernetes_config_map.aws_auth[0]: Refreshing state... [id=kube-system/aws-auth] module.eks.module.node_groups.aws_eks_node_group.workers["jobs_arm"]: Refreshing state... [id=falco-prow-test-infra:jobs-arm-worker-group] module.eks.module.node_groups.aws_eks_node_group.workers["jobs"]: Refreshing state... [id=falco-prow-test-infra:jobs-worker-group] module.eks.module.node_groups.aws_eks_node_group.workers["default"]: Refreshing state... [id=falco-prow-test-infra:prow-worker-group] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.eks.kubernetes_config_map.aws_auth[0] will be updated in-place ~ resource "kubernetes_config_map" "aws_auth" { ~ data = { ~ "mapUsers" = <<-EOT - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/jonah.jones" "username": "jonah.jones" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/fontanalorenz@gmail.com" "username": "fontanalorenz@gmail.com" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/leodidonato@gmail.com" "username": "leodidonato@gmail.com" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/leonardo.grasso" "username": "leonardo.grasso" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/massimiliano.giovagnoli" "username": "massimiliano.giovagnoli" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/michele@zuccala.com" "username": "michele@zuccala.com" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/federico.dipierro" "username": "federico.dipierro" - "groups": - "system:masters" "userarn": "arn:aws:iam::292999226676:user/luca.guerra" "username": "luca.guerra" + - "groups": + - "system:masters" + "userarn": "arn:aws:iam::292999226676:user/aldo.lacuku" + "username": "aldo.lacuku" EOT # (2 unchanged elements hidden) } id = "kube-system/aws-auth" # (2 unchanged attributes hidden) # (1 unchanged block hidden) } # module.eks.local_file.kubeconfig[0] will be created + resource "local_file" "kubeconfig" { + content = <<-EOT apiVersion: v1 preferences: {} kind: Config clusters: - cluster: server: https://352DA0E4F639E76F92BD99E5683F0478.gr7.eu-west-1.eks.amazonaws.com certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01URXdOVEUxTkRjME9Gb1hEVE13TVRFd016RTFORGMwT0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTjFPCjI3Qmk3TkZZV091a0lKZDNzU0NsczdneUpqdnZ3WE9PNkNyTlhqbnlYZVNlamRvMGEzOGFkMlJjcTB2ckttWXEKRkNWLzB5Ky9vVjhnblpWTEhIa0VhcGwwTTZOcldQakRWOHE5cnJ6dkZWUVBWZnFUYlFjSGluNEQ4Wi9DZ2JibwpsYTJZMFozdHhjYzkxT1cyYWtuOWg5eHlEZFZFekJjMjJXQ0ViUWVabVdtTDZ4Uzd0ekJxZi9JTGlpcTgwVlZsCjdWaXRiNS95OU04WWVxOFNMeDI3U214OFJBc2ZSSjJQZ3J1SC9WUWhNMXM2TkhjS3lZd1JaVytFREMzVyt2MDIKUGJCL1VnVDkrQTZocllUOWFhOGt4dWhYc2xPMzEzQWFmbkY2ZFhScUd3clkweGxsdTM2WHhTU2thZkc3MDhBYgp0UzgzWkV6ZGZQeU56Z3UvV2JNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJalpNTnYzdytxYjdGbzBKZzYxWFRwdTljM3QKYTJFYXoyRzFCc0ZVSnlZTm1kcVIzNldxT0pLU0w3Nk1YemlLZXY1cUlySHZuK0gvNTZpODNDblZFQ2F1YWlYaQpvcThObFZVNmJqeVlWZm5LWDNoVU0xN0Z5MjM1VjNkU0FZRGJZaG5iZWhuZm1UNWVEamRnbEhKanlzbEMvWnYzCnVVNHJEdkE4V3FWR2pHZGpKTk5qNFJvbmhFT3FpTElnNjgvQVU4K3VoelRYTVpIbytZVVhOMEVIajRHaGdaWUIKejFhUWxZbjJ3dGpXZkVNMDlqdjRsVWdmVnJCeDMyZStzTzVtN3JZS2ZrWUhudEZTa2VlaTNXMFI5N1ZCNEtsRwpUMUVTa0hVYlNuWk1NWGdxLzVJWVpyUTNDRXMxMWEwZ0MzNDhqYm1KSHkyQnVja2NTTnU0em83Zmc1QT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= name: eks_falco-prow-test-infra contexts: - context: cluster: eks_falco-prow-test-infra user: eks_falco-prow-test-infra name: eks_falco-prow-test-infra current-context: eks_falco-prow-test-infra users: - name: eks_falco-prow-test-infra user: exec: apiVersion: client.authentication.k8s.io/v1alpha1 command: aws-iam-authenticator args: - "token" - "-i" - "falco-prow-test-infra" EOT + directory_permission = "0755" + file_permission = "0600" + filename = "./kubeconfig_falco-prow-test-infra" + id = (known after apply) } Plan: 1 to add, 1 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pusher: @LucaGuerra, Action: pull_request, Working Directory: `, Workflow:Terraform plan`

poiana commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, LucaGuerra

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[config/OWNERS](https://github.com/falcosecurity/test-infra/blob/master/config/OWNERS)~~ [FedeDP] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
poiana commented 1 month ago

LGTM label has been added.

Git tree hash: 5879c81ea311dd79e73338f9bfd96d3db37ef6fe