Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Combine LZ and DMZ develop branches #221

Draft
wants to merge 107 commits into
base: develop
Choose a base branch
from
Draft

Combine LZ and DMZ develop branches #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
107 commits
Select commit Hold shift + click to select a range
cd25a90
Move over the lz-infra branch and capture updates
aloftus23 Mar 13, 2024
1ccfbb1
revert users.ts and app.ts
aloftus23 Mar 13, 2024
951fde2
Deployment updates
aloftus23 Mar 15, 2024
9ae3b5c
Add email bucket and take out unnecessary allow origin list
aloftus23 Mar 27, 2024
b0871be
Merge .github/ and . files from develop
aloftus23 May 2, 2024
8739ab2
Merge more unrelated files from develop
aloftus23 May 2, 2024
8eed1d2
Merge new models and more unproblematic files
aloftus23 May 2, 2024
34b7653
Merge playwright
aloftus23 May 2, 2024
06756ef
unrelated file merge
aloftus23 May 2, 2024
e5eef8c
merge easy backend changes
aloftus23 May 2, 2024
fb85e93
Merge docs
aloftus23 May 2, 2024
1dd517a
merge frontend that aren't different b/w LZ and DMZ
aloftus23 May 2, 2024
2fc55f9
merge infrastructure
aloftus23 May 2, 2024
082fa51
Merge backend
aloftus23 May 2, 2024
83a17eb
add staging-cd and prod-ls to env.yml
aloftus23 May 2, 2024
5310092
Remove pe-source from dockerfile.worker and fix env.yml
aloftus23 May 2, 2024
4d89031
Conditionalize the serverless backend for DMZ vs PROD
aloftus23 May 2, 2024
e3f1f1c
Fix backend/src/api files
aloftus23 May 2, 2024
3f7f25a
Remove log changes in backend/src/tasks
aloftus23 May 2, 2024
233b2cf
fix docs
aloftus23 May 2, 2024
9b777df
fix frontend
aloftus23 May 2, 2024
5c42d0f
Merge terraform DMZ and LZ
aloftus23 May 7, 2024
4f214cf
Format terraform
aloftus23 May 7, 2024
3da1302
run linters
aloftus23 May 9, 2024
260c2cc
Fix stage.config
aloftus23 May 9, 2024
9ee3651
remove logger from helpers
aloftus23 May 9, 2024
0ec5091
Fix variables in tfvars
aloftus23 May 9, 2024
b073b73
Fix var files
aloftus23 May 9, 2024
3978099
Add region to .github infra actions
aloftus23 May 9, 2024
9ecb68b
Update vpc_dmz to use 0 instead of count.index
aloftus23 May 9, 2024
89722ad
fix vpc_dmz cidrblock referance
aloftus23 May 9, 2024
15f876b
Make the allow worker_kms decrypt conditional
aloftus23 May 9, 2024
11e8e93
Fix terraform policy
aloftus23 May 9, 2024
18611b7
fix policy
aloftus23 May 9, 2024
020699c
fix lint
aloftus23 May 9, 2024
dd6b0d0
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 9, 2024
2b79943
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 9, 2024
178435f
update package-lock.json
aloftus23 May 9, 2024
842aefe
fix lint
aloftus23 May 9, 2024
507fbba
fix infrastructure count.index
aloftus23 May 9, 2024
d84396f
Fix matomo terraform config
aloftus23 May 9, 2024
f29aa69
take out logger in search.ts
aloftus23 May 9, 2024
2ba1c16
update logger to a require instead of import
aloftus23 May 9, 2024
1d28d5b
fix logger
aloftus23 May 9, 2024
af50818
fix logger
aloftus23 May 10, 2024
9d01459
fix lambda logger
aloftus23 May 10, 2024
9a0de2f
Fix backend serverless
aloftus23 May 10, 2024
d86fe1a
fix env.yml
aloftus23 May 10, 2024
79996ba
Fix serverless framework
aloftus23 May 10, 2024
2d9b69e
Fix backend test
aloftus23 May 10, 2024
aaf3a63
fix env.yml
aloftus23 May 10, 2024
42babd2
Revert serverless changes back
aloftus23 May 10, 2024
ca80984
Add region to dev env
aloftus23 May 10, 2024
ed886c3
Fix serverless deployment and run lint
aloftus23 May 10, 2024
9c57f86
Fix xss and privacy violations
aloftus23 May 13, 2024
d251bdb
Merge branch 'AL-checkmarx-fix-2' into 20-merge-lz-infra
aloftus23 May 13, 2024
6d55207
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 13, 2024
200f2dd
Update packages
aloftus23 May 15, 2024
af68221
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 17, 2024
4547c00
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 29, 2024
745c2da
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 30, 2024
c4bd750
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 May 30, 2024
b2d9030
Update jwks
aloftus23 May 31, 2024
d7cfae8
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Jun 13, 2024
f7844ab
commit latest changes
aloftus23 Jun 13, 2024
99e31f5
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Jul 9, 2024
b23294e
make sure sqs is only in dmz
aloftus23 Jul 9, 2024
0cdf69c
Add material views as temporary cache
aloftus23 Jul 16, 2024
395e972
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Jul 29, 2024
3a1b087
remove python POC PR
aloftus23 Jul 29, 2024
b218909
fix package lock files by running npm i
aloftus23 Jul 29, 2024
5fb071a
Update requirements for LZ
aloftus23 Aug 2, 2024
59a27b0
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Aug 12, 2024
4464068
Remove hibp
aloftus23 Aug 20, 2024
77d9bad
Remove webscraper
aloftus23 Aug 20, 2024
0638648
Fix lint
aloftus23 Aug 20, 2024
606f20b
Remove testProxy
aloftus23 Aug 20, 2024
7c35b32
Fix bug fixes for 0.3.7
aloftus23 Sep 10, 2024
c4eda34
Add useUserLevel
aloftus23 Sep 13, 2024
646c542
Update bastion.ts
aloftus23 Sep 24, 2024
37c2fd3
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Oct 2, 2024
208f11f
Revert hot fix PR
aloftus23 Oct 2, 2024
f7ca272
Revert "Merge pull request #663 from cisagov/revert-662-dj-cidr_hot_f…
aloftus23 Oct 2, 2024
bda678d
Revert hotfix PR
aloftus23 Oct 2, 2024
63ecd92
Revert "delete flagFloatingIps in order to rename it"
aloftus23 Oct 2, 2024
1a175b6
Revert logging
aloftus23 Oct 2, 2024
650f353
Revert "Merge pull request #648 from cisagov/crasm-621"
aloftus23 Oct 2, 2024
50f6247
Revert "Merge pull request #637 from cisagov/686-nvd-image-fix-vuln-d…
aloftus23 Oct 2, 2024
b452c68
Revert "Merge pull request #641 from cisagov/skip-to-main-content"
aloftus23 Oct 2, 2024
829fef4
update stats.py
aloftus23 Oct 2, 2024
a3c0434
dleete flagfloatingips
aloftus23 Oct 2, 2024
8658d8b
Update package locks
aloftus23 Oct 2, 2024
a419c33
Add Dane hotfix. Filer domains by Fceb or from Cidr
DJensen94 Oct 2, 2024
1337696
fix material views and mdl in env.yml
aloftus23 Oct 3, 2024
41c23a4
Enhance flagFloatingIps (#667)
DJensen94 Oct 3, 2024
40e340b
Revert "Enhance flagFloatingIps (#667)"
aloftus23 Oct 4, 2024
8d9023b
update vulns
aloftus23 Oct 4, 2024
879b8b3
update memory
aloftus23 Oct 4, 2024
f72f521
revert back flagFloatingIps
aloftus23 Oct 4, 2024
324186c
Allow regionAdmins to approve their users
aloftus23 Oct 10, 2024
21fad1d
Fix flag floating ips
aloftus23 Oct 10, 2024
f2371fa
Merge branch 'develop' into 20-merge-lz-infra
aloftus23 Oct 17, 2024
f7dc1ec
Update app.ts and lambda_logger
aloftus23 Oct 17, 2024
4c96fa1
Unrevert Sprint 13 solutions
aloftus23 Oct 17, 2024
a2a9d7e
Fix filename should be logs
aloftus23 Oct 21, 2024
ee45812
Fix stats for material views - revert to last solution
aloftus23 Oct 21, 2024
b06ccb6
re-add the logHeader calls
aloftus23 Oct 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/frontend.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ jobs:
run: npm run build
- name: Test
run: npm run test
- name: Package
run: npx sls package
env:
SLS_DEBUG: '*'
deploy_staging:
needs: [lint, test]
runs-on: ubuntu-latest
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/infrastructure.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ jobs:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- name: Terraform validation
run: terraform validate
Expand All @@ -66,13 +67,15 @@ jobs:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- name: Terraform apply
if: github.ref == 'refs/heads/develop'
run: terraform apply stage.plan
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- if: ${{ always() }}
run: rm stage.plan || true
Expand All @@ -96,25 +99,29 @@ jobs:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- name: Terraform validation
run: terraform validate
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- name: Terraform plan
run: terraform plan -var-file=prod.tfvars -out prod.plan
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- name: Terraform apply
if: github.ref == 'refs/heads/production'
run: terraform apply prod.plan
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-1

- if: ${{ always() }}
run: rm prod.plan || true
2 changes: 0 additions & 2 deletions backend/Dockerfile.worker
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,6 @@ RUN pip3.10 install --upgrade pip

RUN apt remove dav1d && apt autoclean && apt autoremove

# Python dependencies

COPY worker/requirements.txt worker/requirements.txt

RUN pip install -r worker/requirements.txt
Expand Down
167 changes: 165 additions & 2 deletions backend/env.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,26 @@
---
dev:
DUMMY:
RESOURCE_POLICY:
- Effect: Allow
Principal: '*'
Action: execute-api:Invoke
Resource: execute-api:/${self:provider.stage}/*/*
ENDPOINT_TYPE: REGIONAL
VPC_ENDPOINT: dummy
REGION: us-east-1

staging:
staging-dmz:
REGION: us-east-1
ENDPOINT_TYPE: REGIONAL
RESOURCE_POLICY:
- Effect: Allow
Principal: '*'
Action: execute-api:Invoke
Resource: execute-api:/staging/*/*
COGNITO_URL: https://cognito-idp.us-east-1.amazonaws.com
BACKEND_DOMAIN: https://api.staging-cd.crossfeed.cyber.dhs.gov
EMAIL_REGION: us-east-1
DB_DIALECT: postgres
DB_PORT: 5432
DB_HOST: ${ssm:/crossfeed/staging/DATABASE_HOST}
Expand All @@ -27,6 +45,7 @@ staging:
LOGIN_GOV_JWT_KEY: ${ssm:/crossfeed/staging/LOGIN_GOV_JWT_KEY}
LOGIN_GOV_ISSUER: ${ssm:/crossfeed/staging/LOGIN_GOV_ISSUER}
DOMAIN: ${ssm:/crossfeed/staging/DOMAIN}
CERT_DOMAIN: api.staging-cd.crossfeed.cyber.dhs.gov
FARGATE_SG_ID: ${ssm:/crossfeed/staging/WORKER_SG_ID}
FARGATE_SUBNET_ID: ${ssm:/crossfeed/staging/WORKER_SUBNET_ID}
DMZ_CIDR: ${ssm:/crossfeed/staging/DMZ_CIDR}
Expand Down Expand Up @@ -61,7 +80,17 @@ staging:
REACT_APP_COGNITO_USER_POOL_ID: us-east-1_iWciADuOe
REACT_APP_COGNITO_CALLBACK_URL: https://staging-cd.crossfeed.cyber.dhs.gov/okta-callback

prod:
prod-dmz:
REGION: us-east-1
ENDPOINT_TYPE: REGIONAL
RESOURCE_POLICY:
- Effect: Allow
Principal: '*'
Action: execute-api:Invoke
Resource: execute-api:/prod/*/*
COGNITO_URL: https://cognito-idp.us-east-1.amazonaws.com
BACKEND_DOMAIN: https://api.crossfeed.cyber.dhs.gov
EMAIL_REGION: us-east-1
DB_DIALECT: postgres
DB_PORT: 5432
DB_HOST: ${ssm:/crossfeed/prod/DATABASE_HOST}
Expand All @@ -79,6 +108,7 @@ prod:
LOGIN_GOV_JWT_KEY: ${ssm:/crossfeed/prod/LOGIN_GOV_JWT_KEY}
LOGIN_GOV_ISSUER: ${ssm:/crossfeed/prod/LOGIN_GOV_ISSUER}
DOMAIN: ${ssm:/crossfeed/prod/DOMAIN}
CERT_DOMAIN: crossfeed.cyber.dhs.gov
FARGATE_SG_ID: ${ssm:/crossfeed/prod/WORKER_SG_ID}
FARGATE_SUBNET_ID: ${ssm:/crossfeed/prod/WORKER_SUBNET_ID}
FARGATE_MAX_CONCURRENCY: 300
Expand Down Expand Up @@ -112,6 +142,123 @@ prod:
REACT_APP_COGNITO_USER_POOL_ID: us-gov-west-1_L1ZjQdUKA
REACT_APP_COGNITO_CALLBACK_URL: https://crossfeed.cyber.dhs.gov/okta-callback

staging:
REGION: us-gov-east-1
ENDPOINT_TYPE: PRIVATE
API_GATEWAY_NAME: staging-crossfeed
LAMBDA_ROLE: crossfeed-staging-us-gov-east-1-lambdaRole
STACK_NAME: crossfeed-staging
COGNITO_URL: https://cognito-idp.us-gov-west-1.amazonaws.com
BACKEND_DOMAIN: https://api.staging.crossfeed.cyber.dhs.gov
EMAIL_REGION: us-gov-west-1
DB_DIALECT: postgres
DB_PORT: 5432
DB_HOST: ${ssm:/crossfeed/staging/DATABASE_HOST}
DB_NAME: ${ssm:/crossfeed/staging/DATABASE_NAME}
DB_USERNAME: ${ssm:/crossfeed/staging/DATABASE_USER}
DB_PASSWORD: ${ssm:/crossfeed/staging/DATABASE_PASSWORD}
JWT_SECRET: ${ssm:/crossfeed/staging/APP_JWT_SECRET}
LOGIN_GOV_REDIRECT_URI: ${ssm:/crossfeed/staging/LOGIN_GOV_REDIRECT_URI}
LOGIN_GOV_BASE_URL: ${ssm:/crossfeed/staging/LOGIN_GOV_BASE_URL}
LOGIN_GOV_JWT_KEY: ${ssm:/crossfeed/staging/LOGIN_GOV_JWT_KEY}
LOGIN_GOV_ISSUER: ${ssm:/crossfeed/staging/LOGIN_GOV_ISSUER}
DOMAIN: ${ssm:/crossfeed/staging/DOMAIN}
CERT_DOMAIN: staging.crossfeed.cyber.dhs.gov
FARGATE_SG_ID: ${ssm:/crossfeed/staging/WORKER_SG_ID}
FARGATE_SUBNET_ID: ${ssm:/crossfeed/staging/WORKER_SUBNET_ID}
FARGATE_MAX_CONCURRENCY: 100
SCHEDULER_ORGS_PER_SCANTASK: 10
FARGATE_CLUSTER_NAME: crossfeed-staging-worker
FARGATE_TASK_DEFINITION_NAME: crossfeed-staging-worker
FARGATE_LOG_GROUP_NAME: crossfeed-staging-worker
CROSSFEED_SUPPORT_EMAIL_SENDER: noreply@staging.crossfeed.cyber.dhs.gov
CROSSFEED_SUPPORT_EMAIL_REPLYTO: vulnerability@cisa.dhs.gov
FRONTEND_DOMAIN: https://staging.crossfeed.cyber.dhs.gov
SLS_LAMBDA_PREFIX: '${self:service}-${self:provider.stage}'
USE_COGNITO: 1
REACT_APP_USER_POOL_ID: ${ssm:/crossfeed/staging/USER_POOL_ID}
REACT_APP_USER_POOL_KEY: ${ssm(raw):/crossfeed/staging/OKTA_USER_POOL_KEY}
WORKER_USER_AGENT: ${ssm:/crossfeed/staging/WORKER_USER_AGENT}
WORKER_SIGNATURE_PUBLIC_KEY: ${ssm:/crossfeed/staging/WORKER_SIGNATURE_PUBLIC_KEY}
ELASTICSEARCH_ENDPOINT: ${ssm:/crossfeed/staging/ELASTICSEARCH_ENDPOINT}
REACT_APP_TERMS_VERSION: ${ssm:/crossfeed/staging/REACT_APP_TERMS_VERSION}
MATOMO_URL: http://matomo.cfs.lz.us-cert.gov
EXPORT_BUCKET_NAME: cisa-crossfeed-staging-exports
PE_API_URL: ${ssm:/crossfeed/staging/PE_API_URL}
REPORTS_BUCKET_NAME: cisa-crossfeed-staging-reports
VPC_ENDPOINT: ${ssm:/crossfeed/staging/BACKEND_VPC_ENDPOINT}
CLOUDWATCH_BUCKET_NAME: cisa-crossfeed-staging-cloudwatch
STAGE: staging
PE_FARGATE_CLUSTER_NAME: pe-staging-worker
PE_FARGATE_TASK_DEFINITION_NAME: pe-staging-worker
EMAIL_BUCKET_NAME: cisa-crossfeed-staging-html-email
REACT_APP_COGNITO_DOMAIN: crossfeed-staging-okta-idp.auth-fips.us-gov-west-1.amazoncognito.com
REACT_APP_COGNITO_CLIENT_ID: 3vd67chnkk7dg3jt3nkoidf94e
REACT_APP_COGNITO_USER_POOL_ID: us-gov-west-1_N84vh2cq2
REACT_APP_COGNITO_CALLBACK_URL: https://staging.crossfeed.cyber.dhs.gov/okta-callback
MDL_USERNAME: ${ssm:/crossfeed/staging/MDL_USERNAME}
MDL_PASSWORD: ${ssm:/crossfeed/staging/MDL_PASSWORD}
MDL_NAME: ${ssm:/crossfeed/staging/MDL_NAME}

prod:
REGION: us-gov-east-1
ENDPOINT_TYPE: PRIVATE
COGNITO_URL: https://cognito-idp.us-gov-west-1.amazonaws.com
BACKEND_DOMAIN: https://api.crossfeed.cyber.dhs.gov
EMAIL_REGION: us-gov-west-1
DB_DIALECT: postgres
DB_PORT: 5432
DB_HOST: ${ssm:/crossfeed/prod/DATABASE_HOST}
DB_NAME: ${ssm:/crossfeed/prod/DATABASE_NAME}
DB_USERNAME: ${ssm:/crossfeed/prod/DATABASE_USER}
DB_PASSWORD: ${ssm:/crossfeed/prod/DATABASE_PASSWORD}
MDL_USERNAME: ${ssm:/crossfeed/prod/MDL_USERNAME}
MDL_PASSWORD: ${ssm:/crossfeed/prod/MDL_PASSWORD}
MDL_NAME: ${ssm:/crossfeed/prod/MDL_NAME}
JWT_SECRET: ${ssm:/crossfeed/prod/APP_JWT_SECRET}
LOGIN_GOV_REDIRECT_URI: ${ssm:/crossfeed/prod/LOGIN_GOV_REDIRECT_URI}
LOGIN_GOV_BASE_URL: ${ssm:/crossfeed/prod/LOGIN_GOV_BASE_URL}
LOGIN_GOV_JWT_KEY: ${ssm:/crossfeed/prod/LOGIN_GOV_JWT_KEY}
LOGIN_GOV_ISSUER: ${ssm:/crossfeed/prod/LOGIN_GOV_ISSUER}
DOMAIN: ${ssm:/crossfeed/prod/DOMAIN}
CERT_DOMAIN: staging.crossfeed.cyber.dhs.gov
FARGATE_SG_ID: ${ssm:/crossfeed/prod/WORKER_SG_ID}
FARGATE_SUBNET_ID: ${ssm:/crossfeed/prod/WORKER_SUBNET_ID}
FARGATE_MAX_CONCURRENCY: 300
SCHEDULER_ORGS_PER_SCANTASK: 50
FARGATE_CLUSTER_NAME: crossfeed-prod-worker
FARGATE_TASK_DEFINITION_NAME: crossfeed-prod-worker
FARGATE_LOG_GROUP_NAME: crossfeed-prod-worker
CROSSFEED_SUPPORT_EMAIL_SENDER: noreply@crossfeed.cyber.dhs.gov
CROSSFEED_SUPPORT_EMAIL_REPLYTO: vulnerability@cisa.dhs.gov
FRONTEND_DOMAIN: https://crossfeed.cyber.dhs.gov
SLS_LAMBDA_PREFIX: '${self:service}-${self:provider.stage}'
USE_COGNITO: 1
REACT_APP_USER_POOL_ID: ${ssm:/crossfeed/prod/USER_POOL_ID}
REACT_APP_USER_POOL_KEY: ${ssm(raw):/crossfeed/prod/OKTA_USER_POOL_KEY}
WORKER_USER_AGENT: ${ssm:/crossfeed/prod/WORKER_USER_AGENT}
WORKER_SIGNATURE_PUBLIC_KEY: ${ssm:/crossfeed/prod/WORKER_SIGNATURE_PUBLIC_KEY}
ELASTICSEARCH_ENDPOINT: ${ssm:/crossfeed/prod/ELASTICSEARCH_ENDPOINT}
REACT_APP_TERMS_VERSION: ${ssm:/crossfeed/prod/REACT_APP_TERMS_VERSION}
MATOMO_URL: http://matomo.cfs.lz.us-cert.gov
EXPORT_BUCKET_NAME: cisa-crossfeed-prod-exports
PE_API_URL: ${ssm:/crossfeed/prod/PE_API_URL}
REPORTS_BUCKET_NAME: cisa-crossfeed-prod-reports
VPC_ENDPOINT: ${ssm:/crossfeed/prod/BACKEND_VPC_ENDPOINT}
CLOUDWATCH_BUCKET_NAME: cisa-crossfeed-prod-cloudwatch
STAGE: prod
PE_FARGATE_CLUSTER_NAME: pe-prod-worker
PE_FARGATE_TASK_DEFINITION_NAME: pe-prod-worker
EMAIL_BUCKET_NAME: cisa-crossfeed-prod-html-email
REACT_APP_COGNITO_DOMAIN: crossfeed-prod-okta-idp.auth-fips.us-gov-west-1.amazoncognito.com
REACT_APP_COGNITO_CLIENT_ID: 1nacnjc6sejbala9uf97eeq9o1
REACT_APP_COGNITO_USER_POOL_ID: us-gov-west-1_L1ZjQdUKA
REACT_APP_COGNITO_CALLBACK_URL: https://crossfeed.cyber.dhs.gov/okta-callback


## added dev option for vpc to remove the warning
## from 'npx sls package' during backend 'test' github action
## Warning: Invalid configuration encountered at 'provider.vpc': must be object
dev-vpc:
securityGroupIds:
- dummy
Expand All @@ -130,6 +277,22 @@ prod-vpc:
subnetIds:
- ${ssm:/crossfeed/prod/SUBNET_ID}

staging-lz-vpc:
securityGroupIds:
- ${ssm:/crossfeed/staging/SG_ID}
subnetIds:
- ${ssm:/crossfeed/staging/SUBNET_ID}

prod-lz-vpc:
securityGroupIds:
- ${ssm:/crossfeed/prod/SG_ID}
subnetIds:
- ${ssm:/crossfeed/prod/SUBNET_ID}

staging-ecs-cluster: ${ssm:/crossfeed/staging/WORKER_CLUSTER_ARN}

prod-ecs-cluster: ${ssm:/crossfeed/prod/WORKER_CLUSTER_ARN}

staging-lz-ecs-cluster: ${ssm:/crossfeed/staging/WORKER_CLUSTER_ARN}

prod-lz-ecs-cluster: ${ssm:/crossfeed/prod/WORKER_CLUSTER_ARN}
Loading
Loading