From 1486225a8c84cb9350f02d302551314174ef125e Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Tue, 4 Oct 2022 21:29:14 -0400
Subject: [PATCH 01/19] adding bento ref

---
 .../common/roles/build_backend/tasks/main.yml | 36 -------------------
 1 file changed, 36 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 3f5db23f..a0408573 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -2,47 +2,11 @@
 #     Backend Build
 ############################################################################################################################
 
-- name: remove the application_example.properties file
-  file:
-    path: "{{ workspace }}/src/main/resources/application_example.properties"
-    state: absent
-
 - name: copy application.properties file to /src/main/resources/
   template:
     src: "{{ workspace }}/src/main/resources/application.properties.j2"
     dest: "{{ workspace }}/src/main/resources/application.properties"
 
-- name: create graphql directory in backend
-  file:
-    state: directory
-    path: "{{ workspace }}/src/main/resources/graphql"
-
-- name: create yaml directory in backend
-  file:
-    state: directory
-    path: "{{ workspace }}/src/main/resources/yaml"
-
-- name: copy schema from frontend to resources
-  template:
-    remote_src: yes
-    src: "{{item.src}}"
-    dest: "{{item.dest}}"
-  loop:
-    - { src: "{{ workspace }}/{{ project_name }}-frontend/graphql/{{ schema_file}}",dest: "{{ workspace }}/src/main/resources/graphql/{{ schema_file}}"}
-    - { src: "{{ workspace }}/{{ project_name }}-frontend/graphql/{{ public_schema_file}}",dest: "{{ workspace }}/src/main/resources/graphql/{{ public_schema_file}}"}
-
-- name: verify test queries file exists
-  stat:
-    path: "{{ workspace }}/{{ project_name }}-frontend/yaml/{{ test_queries_file }}"
-  register: test_queries
-
-- name: copy test queries from frontend to resources
-  template:
-    remote_src: yes
-    src: "{{ workspace }}/{{ project_name }}-frontend/yaml/{{ test_queries_file }}"
-    dest: "{{ workspace }}/src/main/resources/yaml/{{ test_queries_file }}"
-  when: test_queries.stat.exists
-
 - name: build springboot code
   command: mvn package -DskipTests
   args:

From 9e9b66fad39cea9d05581873fc3767c43bbf0601 Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Wed, 25 Jan 2023 13:45:24 -0500
Subject: [PATCH 02/19] changed trivy timeout ?

---
 .../collections/bento/common/roles/build_backend/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index a0408573..1af20a4a 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -37,7 +37,7 @@
   block:
     - name: run trivy scanner on 
       #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
-      command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+      command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
       register: vuln_results
   always:
     - name: echo vulnerability results

From e04e3f1f99f14c76bf9b47c2ad62f30382e59304 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Fri, 24 Mar 2023 11:56:31 -0400
Subject: [PATCH 03/19] testing multi-stage

---
 .../common/roles/build_backend/tasks/main.yml      | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 1af20a4a..0b1de116 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -7,24 +7,12 @@
     src: "{{ workspace }}/src/main/resources/application.properties.j2"
     dest: "{{ workspace }}/src/main/resources/application.properties"
 
-- name: build springboot code
-  command: mvn package -DskipTests
-  args:
-    chdir: "{{ workspace }}"
-
-- name: copy Bento-0.0.1.war to ROOT.war
-  copy:
-    remote_src: yes
-    src: "{{ workspace }}/target/Bento-0.0.1.war"
-    dest: "{{ workspace }}/target/ROOT.war"
-
 - name: build {{ project_name }}-{{ container_name }} image
   community.docker.docker_image:
     build:
       args:
         ECR_REPO: "{{ container_registry_url }}"
-      path: "{{ workspace }}"
-      dockerfile: "{{ dockerfile_path }}"
+      path: "{{ workspace }}/{{ project_name }}-{{ container_name }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

From e4ce171c0c8f0cf86902742a492b201559670df2 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Fri, 24 Mar 2023 12:10:57 -0400
Subject: [PATCH 04/19] testing multi-stage

---
 .../bento/common/roles/build_backend/tasks/main.yml          | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 0b1de116..869b6bb2 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -12,7 +12,7 @@
     build:
       args:
         ECR_REPO: "{{ container_registry_url }}"
-      path: "{{ workspace }}/{{ project_name }}-{{ container_name }}"
+      path: "{{ workspace }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"
@@ -23,8 +23,7 @@
 
 - name: test image for vulnerabilities
   block:
-    - name: run trivy scanner on 
-      #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
+    - name: run trivy scanner on
       command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
       register: vuln_results
   always:

From 30d8f818702791d6d4d36f992d63efaa3ae6cfc1 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Fri, 24 Mar 2023 13:31:40 -0400
Subject: [PATCH 05/19] testing multi-stage

---
 .../roles/build_frontend/tasks/main.yml       | 80 +++++++++----------
 1 file changed, 40 insertions(+), 40 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
index a9bd4c08..ff0b9621 100644
--- a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
@@ -1,56 +1,56 @@
-- name: create docker build directory
-  file: 
-    path: "{{workspace}}/build"
-    state : directory
+#- name: create docker build directory
+#  file:
+#    path: "{{workspace}}/build"
+#    state : directory
 
-- name: copy  nginx conf
-  copy:
-    remote_src: yes
-    src: '{{workspace}}/icdc-devops/docker/dockerfiles/nginx.conf'
-    dest: '{{workspace}}/build/nginx.conf'
+#- name: copy  nginx conf
+#  copy:
+#    remote_src: yes
+#    src: '{{workspace}}/icdc-devops/docker/dockerfiles/nginx.conf'
+#    dest: '{{workspace}}/build/nginx.conf'
 
-- name: copy entrypoint.sh to workspace
-  copy:
-    src: "nginx-entrypoint.sh"
-    dest: "{{workspace}}/build/nginx-entrypoint.sh"
-    mode: 0755
+#- name: copy entrypoint.sh to workspace
+#  copy:
+#    src: "nginx-entrypoint.sh"
+#    dest: "{{workspace}}/build/nginx-entrypoint.sh"
+#    mode: 0755
 
 
-- name: run npm install in {{ workspace }}/{{ project_name }}-frontend/
-  command: "{{ item }}"
-  args:
-    chdir: "{{ container_build_path }}"
-    warn: false
-  loop:
-    - npm set progress=false
-    - npm install --silent
-    - npm run build --silent
+#- name: run npm install in {{ workspace }}/{{ project_name }}-frontend/
+#  command: "{{ item }}"
+#  args:
+#    chdir: "{{ container_build_path }}"
+#    warn: false
+#  loop:
+#    - npm set progress=false
+#    - npm install --silent
+#    - npm run build --silent
 
-- name: move dist from frontend to temp build
-  copy: 
-    src: "{{ container_build_path }}/dist" 
-    dest: "{{workspace}}/build" 
-    remote_src: yes 
-    directory_mode: yes
+#- name: move dist from frontend to temp build
+#  copy:
+#    src: "{{ container_build_path }}/dist"
+#    dest: "{{workspace}}/build"
+#    remote_src: yes
+#    directory_mode: yes
 
-- name: copy env to dist
-  copy:
-    src: inject.template.js
-    dest: "{{workspace}}/build/dist/inject.template.js"
-    mode: 0755
+#- name: copy env to dist
+#  copy:
+#    src: inject.template.js
+#    dest: "{{workspace}}/build/dist/inject.template.js"
+#    mode: 0755
 
-- name: copy docker file to build path
-  copy:
-    remote_src: yes
-    src: '{{ dockerfile_path }}'
-    dest: '{{workspace}}/build/Dockerfile'
+#- name: copy docker file to build path
+#  copy:
+#    remote_src: yes
+#    src: '{{ dockerfile_path }}'
+#    dest: '{{workspace}}/build/Dockerfile'
 
 - name: build {{ project_name }}-{{container_name}} image
   community.docker.docker_image:
     build:
       args:
         ECR_REPO: "{{ container_registry_url }}"
-      path: "{{workspace}}/build"
+      path: "{{workspace}}/{{ project_name }}-{{ container_name }}"
       pull: yes
 #      nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

From 066fab6e43aa0931a2c45e45af0c119b95e1a8b5 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Fri, 24 Mar 2023 17:00:42 -0400
Subject: [PATCH 06/19] testing multi-stage

---
 .../roles/build_frontend/tasks/main.yml       | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
index ff0b9621..5bf3a122 100644
--- a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
@@ -61,16 +61,15 @@
   environment:
     DOCKER_BUILDKIT: 1
 
-- name: test image for vulnerabilities
-  block:
-    - name: run trivy scanner on 
-      #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
-      command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
-      register: vuln_results
-  always:
-    - name: echo vulnerability results
-      debug:
-        msg: "{{ vuln_results.stdout_lines }}"
+#- name: test image for vulnerabilities
+#  block:
+#    - name: run trivy scanner on
+#      command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+#      register: vuln_results
+#  always:
+#    - name: echo vulnerability results
+#      debug:
+#        msg: "{{ vuln_results.stdout_lines }}"
 
 - name: debug
   debug:

From 64a6e2e2e79d1a3dbaa597c03dc1db65ce253ffd Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Mon, 27 Mar 2023 13:00:14 -0400
Subject: [PATCH 07/19] added enable ecs exec command

---
 ansible/collections/bento/common/roles/ecs/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index 762ac9e9..e3247496 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -33,6 +33,8 @@
             value: "{{ newrelic_license_key }}"
       - name: "{{ container_name }}"
         essential: true
+        linuxParameters:
+          initProcessEnabled: "true"
         image: "{{ container_image_url }}:{{ image_version }}"
         environment: "{{ container_env }}"
         entryPoint: "{% if container_entrypoint is defined %}{{ container_entrypoint }}{% else %}[]{% endif %}"

From 87c46f4c8f4779fb377f2d105cc39d1bd243a7c7 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Mon, 27 Mar 2023 14:59:16 -0400
Subject: [PATCH 08/19] testing ecs exec

---
 ansible/collections/bento/common/roles/ecs/tasks/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index e3247496..c50221d4 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -54,6 +54,9 @@
             Retry_Limit: "2"
     launch_type: FARGATE
     network_mode: awsvpc
+    network_configuration:
+      awsvpc_configuration:
+        enable_exec: true
     execution_role_arn: "arn:aws:iam::{{ account }}:role/{{ execution_role }}"
     task_role_arn: "arn:aws:iam::{{ account }}:role/{{ task_role }}"
     family: "{{ project_name }}-{{ tier }}-{{ container_name }}"

From 46c7678c454fbc8885267d2e1ea7af21bb6cf030 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Tue, 28 Mar 2023 13:28:09 -0400
Subject: [PATCH 09/19] testing ecs exec

---
 ansible/collections/bento/common/roles/ecs/tasks/main.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index c50221d4..e3247496 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -54,9 +54,6 @@
             Retry_Limit: "2"
     launch_type: FARGATE
     network_mode: awsvpc
-    network_configuration:
-      awsvpc_configuration:
-        enable_exec: true
     execution_role_arn: "arn:aws:iam::{{ account }}:role/{{ execution_role }}"
     task_role_arn: "arn:aws:iam::{{ account }}:role/{{ task_role }}"
     family: "{{ project_name }}-{{ tier }}-{{ container_name }}"

From 58a0903041357e62e735dc5fb7cfcc74118815f6 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Tue, 28 Mar 2023 13:40:52 -0400
Subject: [PATCH 10/19] testing ecs exec

---
 .../collections/bento/common/roles/ecs/tasks/main.yml  | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index e3247496..e3ef2cf2 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -34,10 +34,18 @@
       - name: "{{ container_name }}"
         essential: true
         linuxParameters:
-          initProcessEnabled: "true"
+          initProcessEnabled: true
         image: "{{ container_image_url }}:{{ image_version }}"
         environment: "{{ container_env }}"
         entryPoint: "{% if container_entrypoint is defined %}{{ container_entrypoint }}{% else %}[]{% endif %}"
+        overrides:
+          containerOverrides:
+            - name: my-container
+              command:
+                - /bin/sh
+                - -c
+                - 'echo "Hello world!"'
+              enable_execute_command: true
         portMappings:
           - containerPort: "{{ container_port }}"
             hostPort: "{{ container_port }}"

From 280579e319f96bcab0001b356cd9a774187888dc Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Tue, 28 Mar 2023 13:49:52 -0400
Subject: [PATCH 11/19] updated nginx image

---
 ansible/collections/bento/common/roles/ecs/tasks/main.yml | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index e3ef2cf2..37891aa3 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -38,14 +38,6 @@
         image: "{{ container_image_url }}:{{ image_version }}"
         environment: "{{ container_env }}"
         entryPoint: "{% if container_entrypoint is defined %}{{ container_entrypoint }}{% else %}[]{% endif %}"
-        overrides:
-          containerOverrides:
-            - name: my-container
-              command:
-                - /bin/sh
-                - -c
-                - 'echo "Hello world!"'
-              enable_execute_command: true
         portMappings:
           - containerPort: "{{ container_port }}"
             hostPort: "{{ container_port }}"

From e97a9581fd1034873050d80b40eeea21c1421964 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Tue, 4 Apr 2023 16:07:05 -0400
Subject: [PATCH 12/19] added docker files

---
 .../collections/bento/common/roles/build_files/tasks/main.yml    | 1 -
 1 file changed, 1 deletion(-)

diff --git a/ansible/collections/bento/common/roles/build_files/tasks/main.yml b/ansible/collections/bento/common/roles/build_files/tasks/main.yml
index 0ef4767b..962fad5b 100644
--- a/ansible/collections/bento/common/roles/build_files/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_files/tasks/main.yml
@@ -4,7 +4,6 @@
       args:
         ECR_REPO: "{{ container_registry_url }}"
       path: "{{ container_build_path }}"
-      dockerfile: "{{ dockerfile_path }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

From d10e98b41c538ce313310c7e63aeaac6f0d86db8 Mon Sep 17 00:00:00 2001
From: Vincent Donkor <vincent.donkor@gmail.com>
Date: Tue, 4 Apr 2023 16:19:28 -0400
Subject: [PATCH 13/19] added docker files

---
 .../collections/bento/common/roles/build_auth/tasks/main.yml    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/collections/bento/common/roles/build_auth/tasks/main.yml b/ansible/collections/bento/common/roles/build_auth/tasks/main.yml
index 0ef4767b..34cafeae 100644
--- a/ansible/collections/bento/common/roles/build_auth/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_auth/tasks/main.yml
@@ -4,7 +4,7 @@
       args:
         ECR_REPO: "{{ container_registry_url }}"
       path: "{{ container_build_path }}"
-      dockerfile: "{{ dockerfile_path }}"
+      # dockerfile: "{{ dockerfile_path }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

From b1122e984be2065dd07b91ddc82f3776d2aa87e2 Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Wed, 6 Sep 2023 08:00:37 -0400
Subject: [PATCH 14/19] updated ref

---
 .../collections/bento/common/roles/build_backend/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 869b6bb2..0cdfa7d4 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -12,7 +12,7 @@
     build:
       args:
         ECR_REPO: "{{ container_registry_url }}"
-      path: "{{ workspace }}"
+      path: "{{ dockerfile_path | default(workspace) }}"
       pull: yes
       nocache: yes
     name: "{{ project_name }}-{{ container_name }}"

From e9f0e76935f6490b312ab0b9b152faa8415dedb6 Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Wed, 11 Oct 2023 11:38:43 -0400
Subject: [PATCH 15/19] removed latest

---
 .../common/roles/build_backend/tasks/main.yml      | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 0cdfa7d4..0357967f 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -40,10 +40,10 @@
     push: yes
     source: local
 
-- name: Add tag latest to {{ project_name }}-{{container_name}} image
-  community.docker.docker_image:
-    name: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:{{ image_version }}.{{build_number}}"
-    repository: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:latest"
-    force_tag: yes
-    push: yes
-    source: local
+# - name: Add tag latest to {{ project_name }}-{{container_name}} image
+#   community.docker.docker_image:
+#     name: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:{{ image_version }}.{{build_number}}"
+#     repository: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:latest"
+#     force_tag: yes
+#     push: yes
+#     source: local

From fc161847f6d35085a488f47b5d8efaa1fbe17e34 Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Fri, 13 Oct 2023 13:35:23 -0400
Subject: [PATCH 16/19] fixing permissions

---
 terraform/modules/opensearch/data.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/modules/opensearch/data.tf b/terraform/modules/opensearch/data.tf
index c484724e..c2afbe71 100644
--- a/terraform/modules/opensearch/data.tf
+++ b/terraform/modules/opensearch/data.tf
@@ -15,8 +15,8 @@ data "aws_iam_policy_document" "os" {
       identifiers = ["es.amazonaws.com"]
     }
     resources = [
-      aws_cloudwatch_log_group.os.arn,
-      "${aws_cloudwatch_log_group.os.arn}:*"
+      "${aws_cloudwatch_log_group.os.arn}:*:*:*"
     ]
   }
 }
+arn:aws:logs:us-east-1:339649878709:log-group:cds-dev2-opensearch-logs:*
\ No newline at end of file

From e115179a749bd6304f216376805b059168fd155d Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Fri, 13 Oct 2023 13:36:15 -0400
Subject: [PATCH 17/19] fixing permissions

---
 terraform/modules/opensearch/data.tf | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/terraform/modules/opensearch/data.tf b/terraform/modules/opensearch/data.tf
index c2afbe71..208b0e3e 100644
--- a/terraform/modules/opensearch/data.tf
+++ b/terraform/modules/opensearch/data.tf
@@ -18,5 +18,4 @@ data "aws_iam_policy_document" "os" {
       "${aws_cloudwatch_log_group.os.arn}:*:*:*"
     ]
   }
-}
-arn:aws:logs:us-east-1:339649878709:log-group:cds-dev2-opensearch-logs:*
\ No newline at end of file
+}
\ No newline at end of file

From 233eb95ac8cfb70fbb603b92d4beebd9e410e5be Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Fri, 7 Jun 2024 16:46:59 -0400
Subject: [PATCH 18/19] remove trivy

---
 .../common/roles/build_backend/tasks/main.yml  | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 0357967f..31c96f3a 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -21,15 +21,15 @@
     force_source: yes
     source: build
 
-- name: test image for vulnerabilities
-  block:
-    - name: run trivy scanner on
-      command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
-      register: vuln_results
-  always:
-    - name: echo vulnerability results
-      debug:
-        msg: "{{ vuln_results.stdout_lines }}"
+# - name: test image for vulnerabilities
+#   block:
+#     - name: run trivy scanner on
+#       command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+#       register: vuln_results
+#   always:
+#     - name: echo vulnerability results
+#       debug:
+#         msg: "{{ vuln_results.stdout_lines }}"
 
 - name: Add {{ project_name }}-{{ container_name }} image to ECR
   docker_image:

From 578f49402fcdfaade444266b32fa3f06e5332fde Mon Sep 17 00:00:00 2001
From: cloudprofessionals <mycloudprofessionals@gmail.com>
Date: Fri, 7 Jun 2024 17:06:27 -0400
Subject: [PATCH 19/19] undo trivy update

---
 .../common/roles/build_backend/tasks/main.yml  | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 31c96f3a..0357967f 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -21,15 +21,15 @@
     force_source: yes
     source: build
 
-# - name: test image for vulnerabilities
-#   block:
-#     - name: run trivy scanner on
-#       command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
-#       register: vuln_results
-#   always:
-#     - name: echo vulnerability results
-#       debug:
-#         msg: "{{ vuln_results.stdout_lines }}"
+- name: test image for vulnerabilities
+  block:
+    - name: run trivy scanner on
+      command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+      register: vuln_results
+  always:
+    - name: echo vulnerability results
+      debug:
+        msg: "{{ vuln_results.stdout_lines }}"
 
 - name: Add {{ project_name }}-{{ container_name }} image to ECR
   docker_image: