fix: ensure we ignore microsoft safe links requests #2430
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
bug
QA Summary
Test CoverageCoverage report for `packages/client`
Coverage report for `packages/server`
Pusher: @as1729, Action: |
Terraform Summary
Hint: If "Terraform Format & Style" failed, run OutputValidation OutputPlan OutputNote: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:
# module.api.aws_ecs_task_definition.default[0] has changed
~ resource "aws_ecs_task_definition" "default" {
id = "gost-staging-api"
+ tags = {}
# (13 unchanged attributes hidden)
+ volume {
+ name = "data"
+ efs_volume_configuration {
+ file_system_id = "fs-08f95063c1cdbe191"
+ root_directory = "/"
+ transit_encryption = "ENABLED"
+ transit_encryption_port = 0
+ authorization_config {
+ access_point_id = "fsap-03bc0296928aade4f"
}
}
}
- volume {
- name = "data" -> null
- efs_volume_configuration {
- file_system_id = "fs-08f95063c1cdbe191" -> null
- root_directory = "/" -> null
- transit_encryption = "ENABLED" -> null
- authorization_config {
- access_point_id = "fsap-03bc0296928aade4f" -> null
}
}
}
# (1 unchanged block hidden)
}
# module.api.aws_iam_role.execution[0] has changed
~ resource "aws_iam_role" "execution" {
id = "gost-staging-api-ECSTaskExecution-20230217010414321500000009"
name = "gost-staging-api-ECSTaskExecution-20230217010414321500000009"
~ role_last_used = [
~ {
~ last_used_date = "2023-12-21T19:34:44Z" -> "2024-01-05T19:11:02Z"
# (1 unchanged element hidden)
},
]
tags = {}
# (11 unchanged attributes hidden)
# (2 unchanged blocks hidden)
}
# module.api.aws_iam_role.task[0] has changed
~ resource "aws_iam_role" "task" {
id = "gost-staging-api-ECSTask-2023021701041477300000000a"
name = "gost-staging-api-ECSTask-2023021701041477300000000a"
~ role_last_used = [
~ {
~ last_used_date = "2023-12-21T19:34:44Z" -> "2024-01-05T19:27:57Z"
# (1 unchanged element hidden)
},
]
tags = {}
# (11 unchanged attributes hidden)
# (6 unchanged blocks hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
- destroy
+/- create replacement and then destroy
Terraform will perform the following actions:
# module.api.aws_ecs_service.default[0] will be updated in-place
~ resource "aws_ecs_service" "default" {
id = "arn:aws:ecs:us-west-2:357150818708:service/gost-staging/gost-staging-api"
name = "gost-staging-api"
tags = {}
~ task_definition = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-api:89" -> (known after apply)
# (15 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
# module.api.aws_ecs_task_definition.default[0] must be replaced
+/- resource "aws_ecs_task_definition" "default" {
~ arn = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-api:89" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-api" -> (known after apply)
~ container_definitions = jsonencode(
~ [ # forces replacement
~ {
~ dockerLabels = {
~ "com.datadoghq.tags.version" = "cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5" -> "31e722912c3682b7aec2083a3b22530b85b2db90"
# (2 unchanged elements hidden)
}
~ environment = [
# (7 unchanged elements hidden)
{
name = "DD_SERVICE"
value = "gost"
},
~ {
name = "DD_VERSION"
~ value = "cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5" -> "31e722912c3682b7aec2083a3b22530b85b2db90"
},
{
name = "ENABLE_GRANTS_DIGEST"
value = "false"
},
# (11 unchanged elements hidden)
]
~ image = "ghcr.io/usdigitalresponse/usdr-gost-api:cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5@sha256:6ca9161dbeaf5d32b4a086d47ce4a7f5d88e958abb6d33f299a5db411f103ae7" -> "ghcr.io/usdigitalresponse/usdr-gost-api:31e722912c3682b7aec2083a3b22530b85b2db90@sha256:63dc5183d92edf64b4b5fd04ee294a3c4efb2a6ea1892c00feab766188f47c98"
name = "api"
- volumesFrom = [] -> null
# (9 unchanged elements hidden)
} # forces replacement,
~ {
~ dockerLabels = {
~ "com.datadoghq.tags.version" = "cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5" -> "31e722912c3682b7aec2083a3b22530b85b2db90"
# (2 unchanged elements hidden)
}
~ environment = [
# (3 unchanged elements hidden)
{
name = "DD_SERVICE"
value = "gost"
},
~ {
name = "DD_VERSION"
~ value = "cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5" -> "31e722912c3682b7aec2083a3b22530b85b2db90"
},
{
name = "ECS_FARGATE"
value = "true"
},
]
- mountPoints = [] -> null
name = "datadog"
- portMappings = [] -> null
- volumesFrom = [] -> null
# (6 unchanged elements hidden)
} # forces replacement,
]
)
~ id = "gost-staging-api" -> (known after apply)
~ revision = 89 -> (known after apply)
- tags = {} -> null
# (9 unchanged attributes hidden)
- volume {
- name = "data" -> null
- efs_volume_configuration {
- file_system_id = "fs-08f95063c1cdbe191" -> null
- root_directory = "/" -> null
- transit_encryption = "ENABLED" -> null
- transit_encryption_port = 0 -> null
- authorization_config {
- access_point_id = "fsap-03bc0296928aade4f" -> null
}
}
}
+ volume {
+ name = "data"
+ efs_volume_configuration {
+ file_system_id = "fs-08f95063c1cdbe191"
+ root_directory = "/"
+ transit_encryption = "ENABLED"
+ authorization_config {
+ access_point_id = "fsap-03bc0296928aade4f"
}
}
}
# (1 unchanged block hidden)
}
# module.arpa_audit_report.aws_ecs_service.default will be updated in-place
~ resource "aws_ecs_service" "default" {
id = "arn:aws:ecs:us-west-2:357150818708:service/gost-staging/gost-staging-arpa_audit_report"
name = "gost-staging-arpa_audit_report"
tags = {}
~ task_definition = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-arpa_audit_report:58" -> (known after apply)
# (15 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.arpa_audit_report.aws_ecs_task_definition.consumer must be replaced
+/- resource "aws_ecs_task_definition" "consumer" {
~ arn = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-arpa_audit_report:58" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-arpa_audit_report" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ id = "gost-staging-arpa_audit_report" -> (known after apply)
- ipc_mode = "" -> null
- pid_mode = "" -> null
~ revision = 58 -> (known after apply)
- tags = {} -> null
# (9 unchanged attributes hidden)
- volume {
- name = "data" -> null
- efs_volume_configuration {
- file_system_id = "fs-08f95063c1cdbe191" -> null
- root_directory = "/" -> null
- transit_encryption = "ENABLED" -> null
- transit_encryption_port = 0 -> null
- authorization_config {
- access_point_id = "fsap-03bc0296928aade4f" -> null
}
}
}
+ volume {
+ name = "data"
+ efs_volume_configuration {
+ file_system_id = "fs-08f95063c1cdbe191"
+ root_directory = "/"
+ transit_encryption = "ENABLED"
+ authorization_config {
+ access_point_id = "fsap-03bc0296928aade4f"
}
}
}
# (1 unchanged block hidden)
}
# module.arpa_treasury_report.aws_ecs_service.default will be updated in-place
~ resource "aws_ecs_service" "default" {
id = "arn:aws:ecs:us-west-2:357150818708:service/gost-staging/gost-staging-treasury_report"
name = "gost-staging-treasury_report"
tags = {}
~ task_definition = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-treasury_report:47" -> (known after apply)
# (15 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.arpa_treasury_report.aws_ecs_task_definition.consumer must be replaced
+/- resource "aws_ecs_task_definition" "consumer" {
~ arn = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-treasury_report:47" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-treasury_report" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ id = "gost-staging-treasury_report" -> (known after apply)
- ipc_mode = "" -> null
- pid_mode = "" -> null
~ revision = 47 -> (known after apply)
- tags = {} -> null
# (9 unchanged attributes hidden)
- volume {
- name = "data" -> null
- efs_volume_configuration {
- file_system_id = "fs-08f95063c1cdbe191" -> null
- root_directory = "/" -> null
- transit_encryption = "ENABLED" -> null
- transit_encryption_port = 0 -> null
- authorization_config {
- access_point_id = "fsap-03bc0296928aade4f" -> null
}
}
}
+ volume {
+ name = "data"
+ efs_volume_configuration {
+ file_system_id = "fs-08f95063c1cdbe191"
+ root_directory = "/"
+ transit_encryption = "ENABLED"
+ authorization_config {
+ access_point_id = "fsap-03bc0296928aade4f"
}
}
}
# (1 unchanged block hidden)
}
# module.consume_grants.aws_ecs_service.default will be updated in-place
~ resource "aws_ecs_service" "default" {
id = "arn:aws:ecs:us-west-2:357150818708:service/gost-staging/gost-staging-consume_grants"
name = "gost-staging-consume_grants"
tags = {}
~ task_definition = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-consume_grants:74" -> (known after apply)
# (15 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.consume_grants.aws_ecs_task_definition.consume_grants must be replaced
+/- resource "aws_ecs_task_definition" "consume_grants" {
~ arn = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-consume_grants:74" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-west-2:357150818708:task-definition/gost-staging-consume_grants" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ id = "gost-staging-consume_grants" -> (known after apply)
- ipc_mode = "" -> null
- pid_mode = "" -> null
~ revision = 74 -> (known after apply)
- tags = {} -> null
# (9 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.website.aws_s3_object.deploy-config[0] will be updated in-place
~ resource "aws_s3_object" "deploy-config" {
~ content = <<-EOT
window.APP_CONFIG = window.APP_CONFIG || {};
window.APP_CONFIG.apiURLForGOST = 'https://api.staging.grants.usdr.dev/';
window.apiURLForGOST = window.APP_CONFIG.apiURLForGOST; // Legacy
window.APP_CONFIG.DD_RUM_ENABLED = true;
- window.APP_CONFIG.DD_RUM_CONFIG = {"allowedTracingUrls":["https://api.staging.grants.usdr.dev"],"applicationId":"15db471e-2ccb-4d3c-a6bf-99b750d748f5","clientToken":"pub50834fcc1999d53e546519b1a0f03934","defaultPrivacyLevel":"mask","env":"staging","service":"gost","sessionReplaySampleRate":1,"sessionSampleRate":10,"site":"datadoghq.com","trackLongTasks":true,"trackResources":true,"trackUserInteractions":true,"version":"cc2eaa09f437cdad98f3ddd6a8c74bcc9b99b3a5"};
+ window.APP_CONFIG.DD_RUM_CONFIG = {"allowedTracingUrls":["https://api.staging.grants.usdr.dev"],"applicationId":"15db471e-2ccb-4d3c-a6bf-99b750d748f5","clientToken":"pub50834fcc1999d53e546519b1a0f03934","defaultPrivacyLevel":"mask","env":"staging","service":"gost","sessionReplaySampleRate":1,"sessionSampleRate":10,"site":"datadoghq.com","trackLongTasks":true,"trackResources":true,"trackUserInteractions":true,"version":"31e722912c3682b7aec2083a3b22530b85b2db90"};
window.APP_CONFIG.featureFlags = {"categoryOfFundingActivitySearchFieldEnabled":false,"myProfileEnabled":true,"newGrantsDetailPageEnabled":false,"newTerminologyEnabled":true};
window.APP_CONFIG.overrideFeatureFlag = (flagName, overrideValue) => {
const storageKey = 'featureFlags';
let overrides = {};
try {
overrides = JSON.parse(window.sessionStorage.getItem(storageKey)) || {};
} catch (e) {
console.error(`Error parsing window.sessionStorage.${storageKey} as JSON:`, e);
console.warn(`window.sessionStorage.${storageKey} will be replaced.`);
}
overrides[flagName] = overrideValue;
window.sessionStorage.setItem(storageKey, JSON.stringify(overrides));
console.log('New feature flag overrides in page session:',
window.sessionStorage.getItem(storageKey));
};
EOT
~ etag = "e35177f6f31064e8e6b634782769caa7" -> "526bb5b366290e52bac83ae45929de4c"
id = "/config/deploy-config.js"
tags = {}
~ version_id = "CSpouJOPdHjpd1G2LPEjN5MwPa32KqAN" -> (known after apply)
# (10 unchanged attributes hidden)
}
# module.website.aws_s3_object.origin_dist_artifact["arpa_reporter/index.html"] will be updated in-place
~ resource "aws_s3_object" "origin_dist_artifact" {
~ etag = "6e5f95644f29c1121887e092a2667476" -> "5bcf1d853dd97494d2c45358e9bffa56"
id = "dist/arpa_reporter/index.html"
~ source_hash = "6e5f95644f29c1121887e092a2667476" -> "5bcf1d853dd97494d2c45358e9bffa56"
tags = {}
~ version_id = "6RSQdaYbFoZ0mLH2E4QG.34s9jsJ8k6l" -> (known after apply)
# (11 unchanged attributes hidden)
}
# module.website.aws_s3_object.origin_dist_artifact["index.html"] will be updated in-place
~ resource "aws_s3_object" "origin_dist_artifact" {
~ etag = "77ee860d87ce3aeeb1b1182620a73658" -> "62e892a46f6cbe85124520688d4417be"
id = "dist/index.html"
~ source_hash = "77ee860d87ce3aeeb1b1182620a73658" -> "62e892a46f6cbe85124520688d4417be"
tags = {}
~ version_id = "4pbLOdlew9v04PiI4bR6LYt1gm81MFOa" -> (known after apply)
# (11 unchanged attributes hidden)
}
# module.website.aws_s3_object.origin_dist_artifact["js/120.72b21d7b.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "e9eacecbbae8901433e09aa06e0c37a3"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/120.72b21d7b.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/120.72b21d7b.js"
+ source_hash = "e9eacecbbae8901433e09aa06e0c37a3"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/120.72b21d7b.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "1fa091c792dcaa212c30b4d7697f9c86"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/120.72b21d7b.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/120.72b21d7b.js.map"
+ source_hash = "1fa091c792dcaa212c30b4d7697f9c86"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/120.8f17d291.js"] will be destroyed
# (because key ["js/120.8f17d291.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "d7850fd3aabdd86c3f437239faaab189" -> null
- force_destroy = false -> null
- id = "dist/js/120.8f17d291.js" -> null
- key = "dist/js/120.8f17d291.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/120.8f17d291.js" -> null
- source_hash = "d7850fd3aabdd86c3f437239faaab189" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "PJ4jPXRFKxBJskn2F26FdYcUyTpnoiqX" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/120.8f17d291.js.map"] will be destroyed
# (because key ["js/120.8f17d291.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "d79707003cb17c6fc56e0f476084d6c0" -> null
- force_destroy = false -> null
- id = "dist/js/120.8f17d291.js.map" -> null
- key = "dist/js/120.8f17d291.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/120.8f17d291.js.map" -> null
- source_hash = "d79707003cb17c6fc56e0f476084d6c0" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "iAIfNQLNGBkpobCvB.LVuAj5EK8U2tAd" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/157.51c7dff6.js"] will be destroyed
# (because key ["js/157.51c7dff6.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "f4e726f6876abe93707dd14406b8a471" -> null
- force_destroy = false -> null
- id = "dist/js/157.51c7dff6.js" -> null
- key = "dist/js/157.51c7dff6.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/157.51c7dff6.js" -> null
- source_hash = "f4e726f6876abe93707dd14406b8a471" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "Qs8rjkNnhP_kdmpcu3seNYB9825uzIjo" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/157.51c7dff6.js.map"] will be destroyed
# (because key ["js/157.51c7dff6.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "905d6149e3f220ebf21cf99f5a0205fa" -> null
- force_destroy = false -> null
- id = "dist/js/157.51c7dff6.js.map" -> null
- key = "dist/js/157.51c7dff6.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/157.51c7dff6.js.map" -> null
- source_hash = "905d6149e3f220ebf21cf99f5a0205fa" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "PRPbdZF4DcktQWpwSML4VMbky73GqyKJ" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/157.fa8d9bd4.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "f56f412092eb9d6c5fc86e01345fa9ae"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/157.fa8d9bd4.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/157.fa8d9bd4.js"
+ source_hash = "f56f412092eb9d6c5fc86e01345fa9ae"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/157.fa8d9bd4.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "c2c9ecb1726416b4277868bd573638b2"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/157.fa8d9bd4.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/157.fa8d9bd4.js.map"
+ source_hash = "c2c9ecb1726416b4277868bd573638b2"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/21.bf290716.js"] will be destroyed
# (because key ["js/21.bf290716.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "2ff37a5d62a8cac54c3092d740240fae" -> null
- force_destroy = false -> null
- id = "dist/js/21.bf290716.js" -> null
- key = "dist/js/21.bf290716.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/21.bf290716.js" -> null
- source_hash = "2ff37a5d62a8cac54c3092d740240fae" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "3ghNgOP1s.3mLczAkkRFYFSEYYMtbD.X" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/21.bf290716.js.map"] will be destroyed
# (because key ["js/21.bf290716.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "a643f4947e37e5f7c3d7952b374a087e" -> null
- force_destroy = false -> null
- id = "dist/js/21.bf290716.js.map" -> null
- key = "dist/js/21.bf290716.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/21.bf290716.js.map" -> null
- source_hash = "a643f4947e37e5f7c3d7952b374a087e" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "H2RIoEYXquDFN_kWBQdw_gNf3PbQYxSP" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/21.ce60407a.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "5b3ac1d6954d29010ca1fec040834e2d"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/21.ce60407a.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/21.ce60407a.js"
+ source_hash = "5b3ac1d6954d29010ca1fec040834e2d"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/21.ce60407a.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "c88d84568ffadba4da15963a9cbe5ba5"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/21.ce60407a.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/21.ce60407a.js.map"
+ source_hash = "c88d84568ffadba4da15963a9cbe5ba5"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/409.34349a56.js"] will be destroyed
# (because key ["js/409.34349a56.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "e9c88a37e1cddbd586b256cdde0a19e4" -> null
- force_destroy = false -> null
- id = "dist/js/409.34349a56.js" -> null
- key = "dist/js/409.34349a56.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/409.34349a56.js" -> null
- source_hash = "e9c88a37e1cddbd586b256cdde0a19e4" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "caP4eY.jXfCZHkfBUDP8l2y3V.7bmebY" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/409.34349a56.js.map"] will be destroyed
# (because key ["js/409.34349a56.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "62a224f8de8ef963ee95c1fb2bbc823d" -> null
- force_destroy = false -> null
- id = "dist/js/409.34349a56.js.map" -> null
- key = "dist/js/409.34349a56.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/409.34349a56.js.map" -> null
- source_hash = "62a224f8de8ef963ee95c1fb2bbc823d" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "_44TROewUBeyCKX2Os4vTKcH1FMCD0iU" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/409.423e4e79.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "c5502113d9555efd2352a87ef5785f31"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/409.423e4e79.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/409.423e4e79.js"
+ source_hash = "c5502113d9555efd2352a87ef5785f31"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/409.423e4e79.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "aee13925fdaa6488d492a69b8c193a85"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/409.423e4e79.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/409.423e4e79.js.map"
+ source_hash = "aee13925fdaa6488d492a69b8c193a85"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/474.2db6ad2f.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "a4d5f1be3579ddbd241f901d1a2df41b"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/474.2db6ad2f.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/474.2db6ad2f.js"
+ source_hash = "a4d5f1be3579ddbd241f901d1a2df41b"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/474.2db6ad2f.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "ce9edc9f92183545760abac3919a8bb4"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/474.2db6ad2f.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/474.2db6ad2f.js.map"
+ source_hash = "ce9edc9f92183545760abac3919a8bb4"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/474.f9a24bf7.js"] will be destroyed
# (because key ["js/474.f9a24bf7.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "a2a566c3350ecbd98c71c13fca5d0356" -> null
- force_destroy = false -> null
- id = "dist/js/474.f9a24bf7.js" -> null
- key = "dist/js/474.f9a24bf7.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/474.f9a24bf7.js" -> null
- source_hash = "a2a566c3350ecbd98c71c13fca5d0356" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "PTmukaadQvEh9HqoVb9Fvw.yNNGbr0tp" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/474.f9a24bf7.js.map"] will be destroyed
# (because key ["js/474.f9a24bf7.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "a8588b8bf0673667fb2cea899936cff6" -> null
- force_destroy = false -> null
- id = "dist/js/474.f9a24bf7.js.map" -> null
- key = "dist/js/474.f9a24bf7.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/474.f9a24bf7.js.map" -> null
- source_hash = "a8588b8bf0673667fb2cea899936cff6" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "ZmBG1ZkjLNId2gLuEa9OTwMPVkRoasaZ" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/757.306d647f.js"] will be destroyed
# (because key ["js/757.306d647f.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "863baaaecf7452a7c07ab2b74bce63a4" -> null
- force_destroy = false -> null
- id = "dist/js/757.306d647f.js" -> null
- key = "dist/js/757.306d647f.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/757.306d647f.js" -> null
- source_hash = "863baaaecf7452a7c07ab2b74bce63a4" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "w0j1T38hmQ4BnDGh2ZA5EgiOgyI9Ls9q" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/757.306d647f.js.map"] will be destroyed
# (because key ["js/757.306d647f.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "ad1b2b38902e21295aace82a7bb873e2" -> null
- force_destroy = false -> null
- id = "dist/js/757.306d647f.js.map" -> null
- key = "dist/js/757.306d647f.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/757.306d647f.js.map" -> null
- source_hash = "ad1b2b38902e21295aace82a7bb873e2" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "StXtFauflY5WGlLdJFJ_sxKufhN8tl_t" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/757.ea6bf668.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "a2ae14e84ee93e518f893be6bf32650b"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/757.ea6bf668.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/757.ea6bf668.js"
+ source_hash = "a2ae14e84ee93e518f893be6bf32650b"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/757.ea6bf668.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "574a7a022c106aaa9b4370437f98f08d"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/757.ea6bf668.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/757.ea6bf668.js.map"
+ source_hash = "574a7a022c106aaa9b4370437f98f08d"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/993.19aedbb6.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "d2034929687d6ebed9c786e01568ea85"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/993.19aedbb6.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/993.19aedbb6.js"
+ source_hash = "d2034929687d6ebed9c786e01568ea85"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/993.19aedbb6.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "461cf80028221a4d56174b6139e539b7"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/993.19aedbb6.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/993.19aedbb6.js.map"
+ source_hash = "461cf80028221a4d56174b6139e539b7"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/993.ac6c952a.js"] will be destroyed
# (because key ["js/993.ac6c952a.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "ec1ce58300aefbaa38e689165aedaeff" -> null
- force_destroy = false -> null
- id = "dist/js/993.ac6c952a.js" -> null
- key = "dist/js/993.ac6c952a.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/993.ac6c952a.js" -> null
- source_hash = "ec1ce58300aefbaa38e689165aedaeff" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "JTsZk8yun7H1lCVY6.wVn9ZoSkKF_4u7" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/993.ac6c952a.js.map"] will be destroyed
# (because key ["js/993.ac6c952a.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "09b9f2ec9cbe7d2672b80d515c30f1b4" -> null
- force_destroy = false -> null
- id = "dist/js/993.ac6c952a.js.map" -> null
- key = "dist/js/993.ac6c952a.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/993.ac6c952a.js.map" -> null
- source_hash = "09b9f2ec9cbe7d2672b80d515c30f1b4" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "6HsC8jVHB6FurmOsfyFTY0m0wchTzByW" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/arpaReporter.44549ca1.js"] will be destroyed
# (because key ["js/arpaReporter.44549ca1.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "40def10a579d0f484dd2365acf6d3b3d" -> null
- force_destroy = false -> null
- id = "dist/js/arpaReporter.44549ca1.js" -> null
- key = "dist/js/arpaReporter.44549ca1.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/arpaReporter.44549ca1.js" -> null
- source_hash = "40def10a579d0f484dd2365acf6d3b3d" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "yUV1t1DRDPaz28bXxkJumFV9t1kQDfVo" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/arpaReporter.44549ca1.js.map"] will be destroyed
# (because key ["js/arpaReporter.44549ca1.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "92511913c0f1951cc5992686e2035c9a" -> null
- force_destroy = false -> null
- id = "dist/js/arpaReporter.44549ca1.js.map" -> null
- key = "dist/js/arpaReporter.44549ca1.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/arpaReporter.44549ca1.js.map" -> null
- source_hash = "92511913c0f1951cc5992686e2035c9a" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "c.E.B2Hl1bzGZee.E0b8AldKFkZe_StU" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/arpaReporter.dcec1ad8.js"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/javascript"
+ etag = "241c8d8141ec52791d65d5a217bc16ea"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/arpaReporter.dcec1ad8.js"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/arpaReporter.dcec1ad8.js"
+ source_hash = "241c8d8141ec52791d65d5a217bc16ea"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/arpaReporter.dcec1ad8.js.map"] will be created
+ resource "aws_s3_object" "origin_dist_artifact" {
+ acl = "private"
+ bucket = "gost-staging-origin-357150818708-us-west-2-website"
+ bucket_key_enabled = (known after apply)
+ content_type = "application/json"
+ etag = "e1d5d67fd2db1853974121c7eb511de2"
+ force_destroy = false
+ id = (known after apply)
+ key = "dist/js/arpaReporter.dcec1ad8.js.map"
+ kms_key_id = (known after apply)
+ server_side_encryption = "AES256"
+ source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/arpaReporter.dcec1ad8.js.map"
+ source_hash = "e1d5d67fd2db1853974121c7eb511de2"
+ storage_class = (known after apply)
+ tags_all = {
+ "env" = "staging"
+ "management" = "terraform"
+ "owner" = "grants"
+ "repo" = "usdr-gost"
+ "service" = "gost"
+ "usage" = "workload"
}
+ version_id = (known after apply)
}
# module.website.aws_s3_object.origin_dist_artifact["js/chunk-common.55241a55.js"] will be destroyed
# (because key ["js/chunk-common.55241a55.js"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "text/javascript" -> null
- etag = "4e7804e3a75691eebaccb75bf836c690" -> null
- force_destroy = false -> null
- id = "dist/js/chunk-common.55241a55.js" -> null
- key = "dist/js/chunk-common.55241a55.js" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/chunk-common.55241a55.js" -> null
- source_hash = "4e7804e3a75691eebaccb75bf836c690" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- "owner" = "grants"
- "repo" = "usdr-gost"
- "service" = "gost"
- "usage" = "workload"
} -> null
- version_id = "GaBSh2D5BRSqUx4u9c4RC8ffJER5z8pC" -> null
}
# module.website.aws_s3_object.origin_dist_artifact["js/chunk-common.55241a55.js.map"] will be destroyed
# (because key ["js/chunk-common.55241a55.js.map"] is not in for_each map)
- resource "aws_s3_object" "origin_dist_artifact" {
- acl = "private" -> null
- bucket = "gost-staging-origin-357150818708-us-west-2-website" -> null
- bucket_key_enabled = false -> null
- content_type = "application/json" -> null
- etag = "aa670885425598182d8cfba85b5d0fbd" -> null
- force_destroy = false -> null
- id = "dist/js/chunk-common.55241a55.js.map" -> null
- key = "dist/js/chunk-common.55241a55.js.map" -> null
- metadata = {} -> null
- server_side_encryption = "AES256" -> null
- source = "/home/runner/work/usdr-gost/usdr-gost/packages/client/dist/js/chunk-common.55241a55.js.map" -> null
- source_hash = "aa670885425598182d8cfba85b5d0fbd" -> null
- storage_class = "STANDARD" -> null
- tags = {} -> null
- tags_all = {
- "env" = "staging"
- "management" = "terraform"
- ...*[Comment body truncated]* |
tzinckgraf
reviewed
Jan 4, 2024
|
|
||
| // the validation URL is sent in the authentication email: | ||
| // http://localhost:8080/api/sessions/?passcode=97fa7091-77ae-4905-b62e-97a7b4699abd | ||
| // | ||
| router.get('/', async (req, res) => { | ||
| const userAgent = req.headers['user-agent'] || ''; |
There was a problem hiding this comment.
I would recommend moving this out to a different function. It would be easy enough to test, and then we could add to it if we see this same issue with another service.
tzinckgraf
approved these changes
Jan 5, 2024
tzinckgraf
approved these changes
Jan 5, 2024
| const MAX_ACCESS_TOKEN_USES = 1; | ||
| // Increasing the max-uses to ensure users are able to log-in even if their email client/security provider has clicked on the link already. | ||
| // Specifically the issue was identified with Microsoft Safe Links, which clicks on the link to check if it is safe. | ||
| const MAX_ACCESS_TOKEN_USES = 4; |
There was a problem hiding this comment.
@as1729 I'm a bit late to the party, but I'm curious why this is necessary alongside the isMicrosoftSafeLinksRequest middleware. If it's not, I think a follow-up PR is warranted to turn this back down.
My reading of the middleware is that it will always emit a 200 status response and stop handling the request before the actual router handler function is called, and therefore the token won't have actually be used to authenticate a session. If that's accurate, then it doesn't seem like increasing the MAX_ACCESS_TOKEN_USES limit is necessary. Preventing token reuse (for actually authenticating a session) would be much preferred from a security standpoint.
In other words, it seems like the route should be accessible without any limit as long as isMicrosoftSafeLinksRequest returns early, because we're not actually establishing a new session for the user. But once a magic link token has authenticated a user, it should not be able to do so a second time.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ticket #2377
Description
This PR adds the following:
Screenshots / Demo Video
Testing
Automated and Unit Tests
Manual tests for Reviewer
Checklist