Manual approval required for workflow run 6287518103: Terraform apply -> company-product (production)

[github-actions[bot]]

Terraform Format and Style 🖌failure

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Validation Output

``` Success! The configuration is valid.  ```

Terraform Plan 📖success

Show Plan

```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create <= read (data resources) Terraform will perform the following actions: # module.cluster.module.aks_cluster.azurerm_kubernetes_cluster.aks will be created + resource "azurerm_kubernetes_cluster" "aks" { + api_server_authorized_ip_ranges = (known after apply) + dns_prefix = "aks-production-tfpoc" + fqdn = (known after apply) + http_application_routing_zone_name = (known after apply) + id = (known after apply) + image_cleaner_enabled = false + image_cleaner_interval_hours = 48 + kube_admin_config = (sensitive value) + kube_admin_config_raw = (sensitive value) + kube_config = (sensitive value) + kube_config_raw = (sensitive value) + kubernetes_version = (known after apply) + location = "eastus" + name = "aks-production-tfpoc" + node_resource_group = (known after apply) + node_resource_group_id = (known after apply) + oidc_issuer_url = (known after apply) + portal_fqdn = (known after apply) + private_cluster_enabled = false + private_cluster_public_fqdn_enabled = false + private_dns_zone_id = (known after apply) + private_fqdn = (known after apply) + public_network_access_enabled = true + resource_group_name = "rg-production-tfpoc-cluster" + role_based_access_control_enabled = true + run_command_enabled = true + sku_tier = "Free" + workload_identity_enabled = false + default_node_pool { + kubelet_disk_type = (known after apply) + max_pods = (known after apply) + name = "default" + node_count = 1 + node_labels = (known after apply) + orchestrator_version = (known after apply) + os_disk_size_gb = (known after apply) + os_disk_type = "Managed" + os_sku = (known after apply) + scale_down_mode = "Delete" + type = "VirtualMachineScaleSets" + ultra_ssd_enabled = false + vm_size = "Standard_D2_v2" + workload_runtime = (known after apply) } + identity { + principal_id = (known after apply) + tenant_id = (known after apply) + type = "SystemAssigned" } } # module.cluster.module.aks_cluster.azurerm_resource_group.aks will be created + resource "azurerm_resource_group" "aks" { + id = (known after apply) + location = "eastus" + name = "rg-production-tfpoc-cluster" } # module.feature.module.feature.data.azurerm_key_vault_secret.test_secret will be read during apply # (depends on a resource or a module with changes pending) <= data "azurerm_key_vault_secret" "test_secret" { + content_type = (known after apply) + expiration_date = (known after apply) + id = (known after apply) + key_vault_id = "/subscriptions/8f09f7f4-7b25-4d6f-88a5-847b1751c4ce/resourceGroups/rg-production-tfpoc-bootstrap/providers/Microsoft.KeyVault/vaults/kv-prod-tfpoc-bootstrap" + name = "Test--Secret" + not_before_date = (known after apply) + resource_id = (known after apply) + resource_versionless_id = (known after apply) + tags = (known after apply) + value = (sensitive value) + versionless_id = (known after apply) } # module.feature.module.feature.azurerm_cosmosdb_account.feature will be created + resource "azurerm_cosmosdb_account" "feature" { + access_key_metadata_writes_enabled = true + analytical_storage_enabled = false + connection_strings = (sensitive value) + create_mode = (known after apply) + default_identity_type = "FirstPartyIdentity" + enable_automatic_failover = false + enable_free_tier = false + enable_multiple_write_locations = false + endpoint = (known after apply) + id = (known after apply) + is_virtual_network_filter_enabled = false + kind = "GlobalDocumentDB" + local_authentication_disabled = false + location = "eastus" + mongo_server_version = (known after apply) + name = "cdb-production-tfpoc-feature" + network_acl_bypass_for_azure_services = false + offer_type = "Standard" + primary_key = (sensitive value) + primary_mongodb_connection_string = (sensitive value) + primary_readonly_key = (sensitive value) + primary_readonly_mongodb_connection_string = (sensitive value) + primary_readonly_sql_connection_string = (sensitive value) + primary_sql_connection_string = (sensitive value) + public_network_access_enabled = true + read_endpoints = (known after apply) + resource_group_name = "rg-production-tfpoc-feature" + secondary_key = (sensitive value) + secondary_mongodb_connection_string = (sensitive value) + secondary_readonly_key = (sensitive value) + secondary_readonly_mongodb_connection_string = (sensitive value) + secondary_readonly_sql_connection_string = (sensitive value) + secondary_sql_connection_string = (sensitive value) + write_endpoints = (known after apply) + consistency_policy { + consistency_level = "Session" + max_interval_in_seconds = (known after apply) + max_staleness_prefix = (known after apply) } + geo_location { + failover_priority = 0 + id = (known after apply) + location = "eastus" + zone_redundant = false } } # module.feature.module.feature.azurerm_resource_group.feature will be created + resource "azurerm_resource_group" "feature" { + id = (known after apply) + location = "eastus" + name = "rg-production-tfpoc-feature" } # module.feature.module.feature.kubernetes_namespace.secret_namespace will be created + resource "kubernetes_namespace" "secret_namespace" { + id = (known after apply) + wait_for_default_service_account = false + metadata { + generation = (known after apply) + name = "production" + resource_version = (known after apply) + uid = (known after apply) } } # module.feature.module.feature.kubernetes_secret.cosmosdb-secret will be created + resource "kubernetes_secret" "cosmosdb-secret" { + data = (sensitive value) + id = (known after apply) + type = "Opaque" + wait_for_service_account_token = true + metadata { + generation = (known after apply) + name = "feature-secrets" + namespace = "production" + resource_version = (known after apply) + uid = (known after apply) } } Plan: 6 to add, 0 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tf.plan To perform exactly these actions, run the following command to apply: terraform apply "tf.plan" ```

Pusher: @spencerr Action: workflow_dispatch Working Directory: /home/runner/work/tf-poc/tf-poc/company-product/environments/production Workflow: Company:Product -> Terraform

Workflow is pending manual review. URL: https://github.com/spencerr/tf-poc/actions/runs/6287518103

Required approvers: [spencerr]

Respond "approved", "approve", "lgtm", "yes" to continue workflow or "denied", "deny", "no" to cancel.

[spencerr]

yes

[github-actions[bot]]

All approvers have approved, continuing workflow and closing this issue.