From dff5538b2bd9bbf7eaa24a239e48563ce6e2a093 Mon Sep 17 00:00:00 2001 From: aidenvaines-cgi Date: Tue, 10 Feb 2026 14:29:04 +0000 Subject: [PATCH 1/2] CCM-14510 Fix Test and TF Make Targets --- .github/actions/lint-terraform/action.yaml | 11 +- .github/workflows/stage-1-commit.yaml | 2 + lambdas/core-notifier-lambda/package.json | 2 +- .../move-scanned-files-lambda/package.json | 2 +- lambdas/pdm-uploader-lambda/package.json | 2 +- .../refresh-apim-access-token/package.json | 2 +- package-lock.json | 117 +++++---- scripts/githooks/check-terraform-format.sh | 6 +- scripts/terraform/terraform.mk | 237 +++++++++++------- scripts/tests/test.mk | 14 +- utils/utils/package.json | 2 +- 11 files changed, 235 insertions(+), 162 deletions(-) diff --git a/.github/actions/lint-terraform/action.yaml b/.github/actions/lint-terraform/action.yaml index 28d990cd7..6957a0370 100644 --- a/.github/actions/lint-terraform/action.yaml +++ b/.github/actions/lint-terraform/action.yaml @@ -7,6 +7,11 @@ inputs: runs: using: "composite" steps: + - name: "Install Terraform binary" + shell: bash + run: | + asdf plugin add terraform || true + asdf install terraform || true - name: "Check Terraform format" shell: bash run: | @@ -14,8 +19,4 @@ runs: - name: "Validate Terraform" shell: bash run: | - stacks=${{ inputs.root-modules }} - for dir in $(find infrastructure/environments -maxdepth 1 -mindepth 1 -type d; echo ${stacks//,/$'\n'}); do - dir=$dir opts='-backend=false' make terraform-init - dir=$dir make terraform-validate - done + make terraform-validate-all diff --git a/.github/workflows/stage-1-commit.yaml b/.github/workflows/stage-1-commit.yaml index de2f3e6b9..6c5f91d7c 100644 --- a/.github/workflows/stage-1-commit.yaml +++ b/.github/workflows/stage-1-commit.yaml @@ -140,6 +140,8 @@ jobs: steps: - name: "Checkout code" uses: actions/checkout@v5 + - name: "Setup ASDF" + uses: asdf-vm/actions/setup@b7bcd026f18772e44fe1026d729e1611cc435d47 # v4 - name: "Lint Terraform" uses: ./.github/actions/lint-terraform trivy-iac: diff --git a/lambdas/core-notifier-lambda/package.json b/lambdas/core-notifier-lambda/package.json index f3d1a6950..a1b79e2aa 100644 --- a/lambdas/core-notifier-lambda/package.json +++ b/lambdas/core-notifier-lambda/package.json @@ -1,7 +1,7 @@ { "dependencies": { "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "sender-management": "^0.0.1", "utils": "^0.0.1" diff --git a/lambdas/move-scanned-files-lambda/package.json b/lambdas/move-scanned-files-lambda/package.json index 923a6a412..8324535e4 100644 --- a/lambdas/move-scanned-files-lambda/package.json +++ b/lambdas/move-scanned-files-lambda/package.json @@ -1,7 +1,7 @@ { "dependencies": { "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "utils": "^0.0.1" }, diff --git a/lambdas/pdm-uploader-lambda/package.json b/lambdas/pdm-uploader-lambda/package.json index dec75b995..0efbfecbb 100644 --- a/lambdas/pdm-uploader-lambda/package.json +++ b/lambdas/pdm-uploader-lambda/package.json @@ -1,6 +1,6 @@ { "dependencies": { - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "utils": "^0.0.1" }, diff --git a/lambdas/refresh-apim-access-token/package.json b/lambdas/refresh-apim-access-token/package.json index 59450065e..ed63abed5 100644 --- a/lambdas/refresh-apim-access-token/package.json +++ b/lambdas/refresh-apim-access-token/package.json @@ -2,7 +2,7 @@ "dependencies": { "@aws-sdk/client-ssm": "^3.840.0", "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "esbuild": "^0.25.9", "jsonwebtoken": "^9.0.2", "qs": "^6.14.1", diff --git a/package-lock.json b/package-lock.json index d70f8efd7..b21fb0a88 100644 --- a/package-lock.json +++ b/package-lock.json @@ -72,7 +72,7 @@ "version": "0.0.1", "dependencies": { "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "sender-management": "^0.0.1", "utils": "^0.0.1" @@ -175,6 +175,17 @@ "pretty-format": "^29.0.0" } }, + "lambdas/core-notifier-lambda/node_modules/axios": { + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^1.1.0" + } + }, "lambdas/core-notifier-lambda/node_modules/expect": { "version": "29.7.0", "dev": true, @@ -194,7 +205,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -487,7 +497,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -790,7 +799,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -962,7 +970,7 @@ "version": "0.0.1", "dependencies": { "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "utils": "^0.0.1" }, @@ -1072,6 +1080,17 @@ "pretty-format": "^29.0.0" } }, + "lambdas/move-scanned-files-lambda/node_modules/axios": { + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^1.1.0" + } + }, "lambdas/move-scanned-files-lambda/node_modules/expect": { "version": "29.7.0", "resolved": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", @@ -1095,7 +1114,6 @@ "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -1415,7 +1433,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -1712,7 +1729,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -1883,7 +1899,7 @@ "name": "nhs-notify-digital-letters-pdm-uploader", "version": "0.0.1", "dependencies": { - "axios": "^1.13.2", + "axios": "^1.13.5", "digital-letters-events": "^0.0.1", "utils": "^0.0.1" }, @@ -1984,6 +2000,17 @@ "pretty-format": "^29.0.0" } }, + "lambdas/pdm-uploader-lambda/node_modules/axios": { + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^1.1.0" + } + }, "lambdas/pdm-uploader-lambda/node_modules/expect": { "version": "29.7.0", "dev": true, @@ -2283,7 +2310,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -2577,7 +2603,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -2749,7 +2774,7 @@ "dependencies": { "@aws-sdk/client-ssm": "^3.840.0", "aws-lambda": "^1.0.7", - "axios": "^1.13.2", + "axios": "^1.13.5", "esbuild": "^0.25.9", "jsonwebtoken": "^9.0.2", "qs": "^6.14.1", @@ -2864,6 +2889,17 @@ "undici-types": "~7.16.0" } }, + "lambdas/refresh-apim-access-token/node_modules/axios": { + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^1.1.0" + } + }, "lambdas/refresh-apim-access-token/node_modules/expect": { "version": "29.7.0", "dev": true, @@ -2883,7 +2919,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -3187,7 +3222,6 @@ "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -4075,7 +4109,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -4373,7 +4406,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -4952,6 +4984,7 @@ "resolved": "https://registry.npmjs.org/@aws-sdk/client-dynamodb/-/client-dynamodb-3.980.0.tgz", "integrity": "sha512-1rGhAx4cHZy3pMB3R3r84qMT5WEvQ6ajr2UksnD48fjQxwaUcpI6NsPvU5j/5BI5LqGiUO6ThOrMwSMm95twQA==", "license": "Apache-2.0", + "peer": true, "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", @@ -5005,6 +5038,7 @@ "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.980.0.tgz", "integrity": "sha512-AjKBNEc+rjOZQE1HwcD9aCELqg1GmUj1rtICKuY8cgwB73xJ4U/kNyqKKpN2k9emGqlfDY2D8itIp/vDc6OKpw==", "license": "Apache-2.0", + "peer": true, "dependencies": { "@aws-sdk/types": "^3.973.1", "@smithy/types": "^4.12.0", @@ -5147,7 +5181,6 @@ "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.981.0.tgz", "integrity": "sha512-zX3Xqm7V30J1D2II7WBL23SyqIIMD0wMzpiE+VosBxH6fAeXgrjIwSudCypNgnE1EK9OZoZMT3mJtkbUqUDdaA==", "license": "Apache-2.0", - "peer": true, "dependencies": { "@aws-crypto/sha1-browser": "5.2.0", "@aws-crypto/sha256-browser": "5.2.0", @@ -6730,7 +6763,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" }, @@ -6754,7 +6786,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" } @@ -8688,7 +8719,6 @@ "integrity": "sha512-b63wmnKPaK+6ZZfpYhz9K61oybvbI1aMcIs80++JI1O1rR1vaxHUCNqo3ITu6NU0d4V34yZFoHMn/uoKr/Rwfw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/environment": "30.2.0", "@jest/expect": "30.2.0", @@ -9200,7 +9230,6 @@ "integrity": "sha512-tS/HYQOjIoX9ZNDQitba/baS8sTvo3ekY6Vgdx5lmhN4jov082bdApIChXr94qhMZHvEciz9DZglFFnhguQp/A==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "fast-glob": "3.3.1" } @@ -10183,7 +10212,6 @@ "integrity": "sha512-pA6VOrOqk0+S8toJYhQGv2MWpQQR0QpeUo9AhNkC49Y26nxBQ/nH1rta9bUU1rPw2fJ1zZEMV5oCX5AazT7J2g==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@typescript-eslint/utils": "^8.13.0", "eslint-visitor-keys": "^4.2.0", @@ -10478,7 +10506,6 @@ "integrity": "sha512-DZ8VwRFUNzuqJ5khrvwMXHmvPe+zGayJhr2CDNiKB1WBE1ST8Djl00D0IC4vvNmHMdj6DlbYRIaFE7WHjlDl5w==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "undici-types": "~7.16.0" } @@ -11115,7 +11142,6 @@ "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -11546,7 +11572,6 @@ "integrity": "sha512-h/tOYTkXEsAcV3//6C1/7U4ifSpKyJvb6auveAepqqNJl6TdZaPFEtKjBQNf8UxQdDP850knB2i/whq4zlsxJw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@types/sinon": "^17.0.3", "sinon": "^18.0.1", @@ -11619,17 +11644,6 @@ "node": ">=4" } }, - "node_modules/axios": { - "version": "1.13.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.4.tgz", - "integrity": "sha512-1wVkUaAO6WyaYtCkcYCOx12ZgpGf9Zif+qXa4n+oYzK558YryKqiL6UWwd5DqiH3VRW0GYhTZQ/vlgJrCoNQlg==", - "license": "MIT", - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.4", - "proxy-from-env": "^1.1.0" - } - }, "node_modules/axobject-query": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/axobject-query/-/axobject-query-4.1.0.tgz", @@ -11860,7 +11874,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.9.0", "caniuse-lite": "^1.0.30001759", @@ -13131,7 +13144,6 @@ "integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", @@ -13334,7 +13346,6 @@ "integrity": "sha512-82GZUjRS0p/jganf6q1rEO25VSoHH0hKPCTrgillPjdI/3bgBhAE1QzHrHTizjpRvy6pGAvKjDJtk2pF9NDq8w==", "dev": true, "license": "MIT", - "peer": true, "bin": { "eslint-config-prettier": "bin/cli.js" }, @@ -13398,7 +13409,6 @@ "integrity": "sha512-1iM2zeBvrYmUNTj2vSC/90JTHDth+dfOfiNKkxApWRsTJYNrc8rOdxxIf5vazX+BiAXTeOT0UvWpGI/7qIWQOw==", "dev": true, "license": "ISC", - "peer": true, "dependencies": { "debug": "^4.4.1", "eslint-import-context": "^0.1.8", @@ -13475,7 +13485,6 @@ "integrity": "sha512-whOE1HFo/qJDyX4SnXzP4N6zOWn79WhnCUY/iDR0mPfQZO8wcYE4JClzI2oZrhBnnMUCBCHZhO6VQyoBU95mZA==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@rtsao/scc": "^1.1.0", "array-includes": "^3.1.9", @@ -13510,7 +13519,6 @@ "integrity": "sha512-vPZZsiOKaBAIATpFE2uMI4w5IRwdv/FpQ+qZZMR4E+PeOcM4OeoEbqxRMnywdxP19TyB/3h6QBB0EWon7letSQ==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@typescript-eslint/types": "^8.35.0", "comment-parser": "^1.4.1", @@ -13636,7 +13644,6 @@ "integrity": "sha512-scB3nz4WmG75pV8+3eRUQOHZlNSUhFNq37xnpgRkCCELU3XMvXAxLk1eqWWyE22Ki4Q01Fnsw9BA3cJHDPgn2Q==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "aria-query": "^5.3.2", "array-includes": "^3.1.8", @@ -13729,7 +13736,6 @@ "integrity": "sha512-Qteup0SqU15kdocexFNAJMvCJEfa2xUKNV4CC1xsVMrIIqEy3SQ/rqyxCWNzfrd3/ldy6HMlD2e0JDVpDg2qIA==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "array-includes": "^3.1.8", "array.prototype.findlast": "^1.2.5", @@ -13763,7 +13769,6 @@ "integrity": "sha512-+f15FfK64YQwZdJNELETdn5ibXEUQmW1DZL6KXhNnc2heoy/sg9VJJeT7n8TlMWouzWqSWavFkIhHyIbIAEapg==", "dev": true, "license": "MIT", - "peer": true, "engines": { "node": ">=10" }, @@ -15849,7 +15854,6 @@ "integrity": "sha512-F26gjC0yWN8uAA5m5Ss8ZQf5nDHWGlN/xWZIh8S5SRbsEKBovwZhxGd6LJlbZYxBgCYOtreSUyb8hpXyGC5O4A==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "30.2.0", "@jest/types": "30.2.0", @@ -19254,7 +19258,6 @@ "integrity": "sha512-Cvc9WUhxSMEo4McES3P7oK3QaXldCfNWp7pl2NNeiIFlCoLr3kfq9kb1fxftiwk1FLV7CvpvDfonxtzUDeSOPg==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "cssstyle": "^4.2.1", "data-urls": "^5.0.0", @@ -19294,7 +19297,6 @@ "resolved": "https://registry.npmjs.org/jsep/-/jsep-1.4.0.tgz", "integrity": "sha512-B7qPcEVE3NVkmSJbaYxvv4cHkVW7DQsZz13pUMrfS8z8Q/BuShN+gcTXrUlPiGqM2/t/EEaI030bpxMqY8gMlw==", "license": "MIT", - "peer": true, "engines": { "node": ">= 10.16.0" } @@ -20949,7 +20951,6 @@ "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz", "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==", "license": "MIT", - "peer": true, "bin": { "prettier": "bin/prettier.cjs" }, @@ -22414,7 +22415,6 @@ "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@cspotcode/source-map-support": "^0.8.0", "@tsconfig/node10": "^1.0.7", @@ -23091,7 +23091,6 @@ "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -23106,7 +23105,6 @@ "integrity": "sha512-CKsJ+g53QpsNPqbzUsfKVgd3Lny4yKZ1pP4qN3jdMOg/sisIDLGyDMezycquXLE5JsEU0wp3dGNdzig0/fmSVQ==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@typescript-eslint/eslint-plugin": "8.54.0", "@typescript-eslint/parser": "8.54.0", @@ -24655,7 +24653,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -24834,7 +24831,7 @@ "@aws-sdk/lib-dynamodb": "^3.914.0", "@aws-sdk/lib-storage": "^3.914.0", "async-mutex": "^0.4.0", - "axios": "^1.13.2", + "axios": "^1.13.5", "date-fns": "^4.1.0", "node-jose": "^2.2.0", "winston": "^3.17.0", @@ -24951,6 +24948,17 @@ "undici-types": "~7.16.0" } }, + "utils/utils/node_modules/axios": { + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^1.1.0" + } + }, "utils/utils/node_modules/expect": { "version": "29.7.0", "dev": true, @@ -24970,7 +24978,6 @@ "version": "29.7.0", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", diff --git a/scripts/githooks/check-terraform-format.sh b/scripts/githooks/check-terraform-format.sh index 7255e5126..569e54c6b 100755 --- a/scripts/githooks/check-terraform-format.sh +++ b/scripts/githooks/check-terraform-format.sh @@ -29,11 +29,11 @@ function main() { # check_only=[do not format, run check only] function terraform-fmt() { - local opts= if is-arg-true "$check_only"; then - opts="-check" + make terraform-fmt-check + else + make terraform-fmt fi - opts=$opts make terraform-fmt } # ============================================================================== diff --git a/scripts/terraform/terraform.mk b/scripts/terraform/terraform.mk index 518dcf020..bb8552ad6 100644 --- a/scripts/terraform/terraform.mk +++ b/scripts/terraform/terraform.mk @@ -1,112 +1,173 @@ -# This file is for you! Edit it to implement your own Terraform make targets. +# Terraform Make Targets for TFScaffold +# NHS Notify standard for production infrastructure +# Requires infrastructure/terraform/bin/terraform.sh # ============================================================================== -# Custom implementation - implementation of a make target should not exceed 5 lines of effective code. -# In most cases there should be no need to modify the existing make targets. - -terraform-init: # Initialise Terraform - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform init command, default is none/empty] @Development - make _terraform cmd="init" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -terraform-plan: # Plan Terraform changes - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform plan command, default is none/empty] @Development - make _terraform cmd="plan" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -terraform-apply: # Apply Terraform changes - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform apply command, default is none/empty] @Development - make _terraform cmd="apply" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -terraform-destroy: # Destroy Terraform resources - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform destroy command, default is none/empty] @Development - make _terraform \ - cmd="destroy" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -terraform-fmt: # Format Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality - make _terraform cmd="fmt" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -terraform-validate: # Validate Terraform configuration - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform validate command, default is none/empty] @Quality - make _terraform cmd="validate" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -clean:: # Remove Terraform files (terraform) - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set] @Operations - make _terraform cmd="clean" \ - dir=$(or ${terraform_dir}, ${dir}) \ - opts=$(or ${terraform_opts}, ${opts}) - -_terraform: # Terraform command wrapper - mandatory: cmd=[command to execute]; optional: dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], opts=[options to pass to the Terraform command, default is none/empty] - # 'TERRAFORM_STACK' is passed to the functions as environment variable - TERRAFORM_STACK=$(or ${TERRAFORM_STACK}, $(or ${terraform_stack}, $(or ${STACK}, ${stack}))) - dir=$(or ${dir}, ${TERRAFORM_STACK}) - . "scripts/terraform/terraform.lib.sh"; \ - terraform-${cmd} # 'dir' and 'opts' are accessible by the function as environment variables, if set +# TFScaffold Terraform Operations + +terraform-plan: # Plan Terraform changes - mandatory: component=[component_name], environment=[environment]; optional: project=[default: nhs], region=[default: eu-west-2], group=[default: dev], opts=[additional options] @Development + # Example: make terraform-plan component=mycomp environment=myenv group=mygroup + # Args: --project nhs --region eu-west-2 --component mycomp --environment myenv --group mygroup --action plan + make _terraform-scaffold action=plan \ + component=$(component) \ + environment=$(environment) \ + project=$(or ${project}, nhs) \ + region=$(or ${region}, eu-west-2) \ + group=$(or ${group}, dev) \ + opts=$(or ${opts}, ) + +terraform-plan-destroy: # Plan Terraform destroy - mandatory: component=[component_name], environment=[environment]; optional: project, region, group, opts @Development + # Example: make terraform-plan-destroy component=mycomp environment=myenv group=mygroup + # Args: --project nhs --region eu-west-2 --component mycomp --environment myenv --group mygroup --action plan-destroy + make _terraform-scaffold action=plan-destroy \ + component=$(component) \ + environment=$(environment) \ + project=$(or ${project}, nhs) \ + region=$(or ${region}, eu-west-2) \ + group=$(or ${group}, dev) \ + opts=$(or ${opts}, ) + +terraform-apply: # Apply Terraform changes - mandatory: component=[component_name], environment=[environment]; optional: project, region, group, build_id, opts @Development + # Example: make terraform-apply component=mycomp environment=myenv group=mygroup + # Args: --project nhs --region eu-west-2 --component mycomp --environment myenv --group mygroup --action apply + make _terraform-scaffold action=apply \ + component=$(component) \ + environment=$(environment) \ + project=$(or ${project}, nhs) \ + region=$(or ${region}, eu-west-2) \ + group=$(or ${group}, dev) \ + build_id=$(or ${build_id}, ) \ + opts=$(or ${opts}, ) + +terraform-destroy: # Destroy Terraform resources - mandatory: component=[component_name], environment=[environment]; optional: project, region, group, opts @Development + # Example: make terraform-destroy component=mycomp environment=myenv group=mygroup + # Args: --project nhs --region eu-west-2 --component mycomp --environment myenv --group mygroup --action destroy + make _terraform-scaffold action=destroy \ + component=$(component) \ + environment=$(environment) \ + project=$(or ${project}, nhs) \ + region=$(or ${region}, eu-west-2) \ + group=$(or ${group}, dev) \ + opts=$(or ${opts}, ) + +terraform-output: # Get Terraform outputs - mandatory: component=[component_name], environment=[environment]; optional: project, region, group @Development + # Example: make terraform-output component=mycomp environment=myenv group=mygroup + # Args: --project nhs --region eu-west-2 --component mycomp --environment myenv --group mygroup --action output + make _terraform-scaffold action=output \ + component=$(component) \ + environment=$(environment) \ + project=$(or ${project}, nhs) \ + region=$(or ${region}, eu-west-2) \ + group=$(or ${group}, dev) + +_terraform-scaffold: # Internal wrapper for terraform.sh - mandatory: action=[terraform action]; optional: component, environment, project, region, group, bootstrap, build_id, opts + cd infrastructure/terraform && \ + if [ "$(bootstrap)" = "true" ]; then \ + ./bin/terraform.sh \ + --bootstrap \ + --project $(project) \ + --region $(region) \ + --group $(group) \ + --action $(action) \ + $(if $(opts),-- $(opts),); \ + else \ + ./bin/terraform.sh \ + --project $(project) \ + --region $(region) \ + --component $(component) \ + --environment $(environment) \ + --group $(group) \ + $(if $(build_id),--build-id $(build_id),) \ + --action $(action) \ + $(if $(opts),-- $(opts),); \ + fi # ============================================================================== -# Quality checks - please DO NOT edit this section! - -terraform-shellscript-lint: # Lint all Terraform module shell scripts @Quality - for file in $$(find scripts/terraform -type f -name "*.sh"); do - file=$${file} scripts/shellscript-linter.sh - done - -terraform-sec: # TFSEC check against Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality - tfsec infrastructure/terraform \ - --force-all-dirs \ - --exclude-downloaded-modules \ - --tfvars-file infrastructure/terraform/etc/global.tfvars \ - --tfvars-file infrastructure/terraform/etc/env_eu-west-2_main.tfvars \ - --config-file scripts/config/tfsec.yaml - -terraform-docs: # Terraform-docs check against Terraform files - optional: terraform_dir|dir=[path to a directory where the command will be executed, relative to the project's top-level directory, default is one of the module variables or the example directory, if not set], terraform_opts|opts=[options to pass to the Terraform fmt command, default is '-recursive'] @Quality - for dir in ./infrastructure/terraform/components/* ./infrastructure/terraform/modules/*; do \ +# Formatting and Validation + +terraform-fmt: # Format Terraform files in components/ and modules/ (excludes etc/) @Quality + # Example: make terraform-fmt + @cd infrastructure/terraform && \ + for dir in components modules; do \ + [ -d "$$dir" ] && terraform fmt -recursive "$$dir"; \ + done + +terraform-fmt-check: # Check Terraform formatting in components/ and modules/ (excludes etc/) @Quality + # Example: make terraform-fmt-check + @cd infrastructure/terraform && \ + for dir in components modules; do \ + [ -d "$$dir" ] && terraform fmt -check -recursive "$$dir"; \ + done + +terraform-validate: # Validate Terraform configuration - mandatory: component=[component_name] @Quality + # Example: make terraform-validate component=mycomp + # Note: Validation does not require environment/group as it checks syntax only + cd infrastructure/terraform/components/$(component) && \ + terraform init -backend=false && \ + terraform validate + +terraform-validate-all: # Validate all Terraform components @Quality + # Example: make terraform-validate-all + for dir in infrastructure/terraform/components/*; do \ if [ -d "$$dir" ]; then \ - ./scripts/terraform/terraform-docs.sh $$dir; \ - fi \ + echo "Validating $$(basename $$dir)..."; \ + cd $$dir && \ + terraform init -backend=false && \ + terraform validate && \ + cd - > /dev/null; \ + fi; \ done -# ============================================================================== -# Module tests and examples - please DO NOT edit this section! +terraform-sec: # Run Trivy IaC security scanning on Terraform code @Quality + # Example: make terraform-sec + ./scripts/terraform/trivy-scan.sh --mode iac infrastructure/terraform + +terraform-docs: # Generate Terraform documentation - optional: component=[specific component, or all if omitted] @Quality + # Example: make terraform-docs component=mycomp + # Example: make terraform-docs (generates for all components) + @if [ -n "$(component)" ]; then \ + ./scripts/terraform/terraform-docs.sh infrastructure/terraform/components/$(component); \ + else \ + for dir in infrastructure/terraform/components/* infrastructure/terraform/modules/*; do \ + if [ -d "$$dir" ]; then \ + ./scripts/terraform/terraform-docs.sh $$dir; \ + fi; \ + done; \ + fi -terraform-example-provision-aws-infrastructure: # Provision example of AWS infrastructure @ExamplesAndTests - make terraform-init - make terraform-plan opts="-out=terraform.tfplan" - make terraform-apply opts="-auto-approve terraform.tfplan" - -terraform-example-destroy-aws-infrastructure: # Destroy example of AWS infrastructure @ExamplesAndTests - make terraform-destroy opts="-auto-approve" +# ============================================================================== +# Cleanup -terraform-example-clean: # Remove Terraform example files @ExamplesAndTests - dir=$(or ${dir}, ${TERRAFORM_STACK}) - . "scripts/terraform/terraform.lib.sh"; \ - terraform-clean - rm -f ${TERRAFORM_STACK}/.terraform.lock.hcl +clean:: # Remove Terraform build artifacts and cache @Operations + # Example: make clean + rm -rf infrastructure/terraform/components/*/build + rm -rf infrastructure/terraform/components/*/.terraform + rm -rf infrastructure/terraform/components/*/.terraform.lock.hcl + rm -rf infrastructure/terraform/bootstrap/.terraform + rm -rf infrastructure/terraform/bootstrap/.terraform.lock.hcl + rm -rf infrastructure/terraform/plugin-cache/* # ============================================================================== -# Configuration - please DO NOT edit this section! +# Installation -terraform-install: # Install Terraform @Installation +terraform-install: # Install Terraform using asdf @Installation + # Example: make terraform-install make _install-dependency name="terraform" # ============================================================================== ${VERBOSE}.SILENT: \ - _terraform \ + _terraform-scaffold \ clean \ terraform-apply \ terraform-destroy \ - terraform-example-clean \ - terraform-example-destroy-aws-infrastructure \ - terraform-example-provision-aws-infrastructure \ - terraform-fmt \ terraform-docs \ - terraform-init \ + terraform-fmt \ + terraform-fmt-check \ terraform-install \ + terraform-output \ terraform-plan \ - terraform-shellscript-lint \ + terraform-plan-destroy \ + terraform-sec \ terraform-validate \ + terraform-validate-all \ diff --git a/scripts/tests/test.mk b/scripts/tests/test.mk index 742d123e9..2615cfe30 100644 --- a/scripts/tests/test.mk +++ b/scripts/tests/test.mk @@ -69,12 +69,14 @@ test: # Run all the test tasks @Testing test-load _test: - set -e - script="./scripts/tests/${name}.sh" - if [ -e "$${script}" ]; then - exec $${script} - else - echo "make test-${name} not implemented: $${script} not found" >&2 + set -e; \ + script="./scripts/tests/${name}.sh"; \ + if [ -e "$${script}" ]; then \ + exec $${script}; \ + else \ + echo "test-${name}: Not currently implemented"; \ + echo "Create $${script} to implement this test target"; \ + exit 0; \ fi ${VERBOSE}.SILENT: \ diff --git a/utils/utils/package.json b/utils/utils/package.json index 5669cae8e..7f873bcc2 100644 --- a/utils/utils/package.json +++ b/utils/utils/package.json @@ -9,7 +9,7 @@ "@aws-sdk/lib-dynamodb": "^3.914.0", "@aws-sdk/lib-storage": "^3.914.0", "async-mutex": "^0.4.0", - "axios": "^1.13.2", + "axios": "^1.13.5", "date-fns": "^4.1.0", "node-jose": "^2.2.0", "winston": "^3.17.0", From 147b10f01191291cbc5ca05579157eaff67245ad Mon Sep 17 00:00:00 2001 From: aidenvaines-cgi Date: Tue, 10 Feb 2026 15:39:25 +0000 Subject: [PATCH 2/2] CCM-14510 Fix install deps target --- scripts/init.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/init.mk b/scripts/init.mk index e12255c34..885d2d338 100644 --- a/scripts/init.mk +++ b/scripts/init.mk @@ -47,7 +47,7 @@ _install-dependency: # Install asdf dependency - mandatory: name=[listed in the _install-dependencies: # Install all the dependencies listed in .tool-versions for plugin in $$(grep ^[a-z] .tool-versions | sed 's/[[:space:]].*//'); do - make _install-dependency name="$${plugin}" + $(MAKE) _install-dependency name=$${plugin}; \ done clean:: # Remove all generated and temporary files (common) @Operations