infrastructure-as-code

Describe the solution you'd like
It would be nice to have a way to control whether a VM starts on boot or not. Maybe a new autostart option to salt.states.virt.running and/or salt.states.virt.defined? Or maybe a new function?

Describe alternatives you've considered
I'll probably use salt.modules.virt.set_autostart for now.

Remove PodSecurityPolicy in the helm manifest

helm install trivy . --namespace trivy --create-namespace

W1018 19:47:44.637292   21571 warnings.go:70] policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+
W1018 19:47:44.745250   21571 warnings.go:70] policy/v1beta1 PodSecurityPolicy is de

What is the problem?

Looks like the SqlServerEngineVersion.VER_14_00_3192_2_V1 is no longer supported?

I discovered this while trying to run the s3-instance integration test.

To get passed the problem in our pipeline I switched the test to use SqlServerEngineVersion.VER_14, but we

Change infracost --help "Generate completion script" > "Generate shell completion script"
Could $SHELL be used to automatically choose the shell when not specified? If not, then running infracost completion should show the help text as well as the existing error message. In the same way that infracost diff does.

Hello Team,
Here is the my current checkov_scan.yml file
name: Run Checkov action serverless
id: checkov1
uses: bridgecrewio/checkov-action@master
with:
#skip_check: CKV_AWS_23 # optional: skip a specific check_id
#quiet: true # optional: display only failed checks
#log_level: DEBUG # optional: set log level. Default WARNING

terrascan version: 1.9.0
terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira

Copilot doesn't seem to have correct error behavior when I try to create a Scheduled Job with the same name as an existing service.

For example, in my app right now I have the following:

❯ copilot svc ls
Name                Type
----                ----
fe                  Load Balanced Web Service

I can see this in SSM:

❯ aws ssm get-parameter --name /copilot/applicatio

Description

Add GCE support for google_project_iam_custom_role (TF)

Sources

Garbage collection works by listing everything with the gc-tag. In a busy cluster, we really want that filter to happen server-side and ideally using an index of some sort.

That means we should use a Kubernetes label, not an annotation.

I think this will require a two-step migration plan (write both but continue to read annotation; release; drop support for annotation; release).

infrastructure-as-code

Here are 1,291 public repositories matching this topic...

hashicorp / terraform

saltstack / salt

pulumi / pulumi

aquasecurity / trivy

aws / aws-cdk

What is the problem?

gocd / gocd

GoogleCloudPlatform / terraformer

aelsabbahy / goss

infracost / infracost

aquasecurity / tfsec

bridgecrewio / checkov

accurics / terrascan

Enhancement Request

shuaibiyy / awesome-terraform

octodns / octodns

StackExchange / dnscontrol

pytest-dev / pytest-testinfra

Artemmkin / infrastructure-as-code-tutorial

architect / architect

aws / copilot-cli

cloudskiff / driftctl

camptocamp / terraboard

FredericHeem / starhackit

ozbillwang / terraform-best-practices

kubernetes-retired / kube-aws

nsriram / lambda-the-terraform-way

itamae-kitchen / itamae

Checkmarx / kics

cycloidio / terracognita

bitnami / kubecfg

kz8s / tack

Improve this page

Add this topic to your repo