Update dynamo endpoint for aws (#413)

bcgov · Aug 28, 2024 · 010d3d0 · 010d3d0
1 parent 297b787
commit 010d3d0
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 42 deletions.
diff --git a/.github/workflows/analysis.yaml b/.github/workflows/analysis.yaml
@@ -1,43 +1,43 @@
-# name: Analysis
+name: Analysis
 
-# on:
-#   push:
-#     branches: [main]
-#   pull_request:
-#     types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
-#   schedule:
-#     - cron: "29 22 * * 4"
+on:
+  push:
+    branches: [main]
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
+  schedule:
+    - cron: "29 22 * * 4"
 
-# permissions:
-#   contents: read
+permissions:
+  contents: read
 
-# jobs:
-#   trivy:
-#     permissions:
-#       contents: read
-#       security-events: write
-#     name: Trivy Security Scan
-#     if: ${{ ! github.event.pull_request.draft }}
-#     runs-on: ubuntu-22.04
-#     timeout-minutes: 1
-#     steps:
-#       - name: Checkout code
-#         uses: actions/checkout@v3
+jobs:
+  trivy:
+    permissions:
+      contents: read
+      security-events: write
+    name: Trivy Security Scan
+    if: ${{ ! github.event.pull_request.draft }}
+    runs-on: ubuntu-22.04
+    timeout-minutes: 1
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
 
-#       - name: Run Trivy vulnerability scanner
-#         uses: aquasecurity/trivy-action@0.22.0
-#         with:
-#           format: "sarif"
-#           output: "trivy-results.sarif"
-#           ignore-unfixed: true
-#           scan-type: "fs"
-#           scanners: "vuln,secret,config"
-#           severity: "CRITICAL,HIGH"
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.22.0
+        with:
+          format: "sarif"
+          output: "trivy-results.sarif"
+          ignore-unfixed: true
+          scan-type: "fs"
+          scanners: "vuln,secret,config"
+          severity: "CRITICAL,HIGH"
 
-#       - name: Print SARIF file
-#         run: cat trivy-results.sarif
+      - name: Print SARIF file
+        run: cat trivy-results.sarif
 
-#       - name: Upload Trivy scan results to GitHub Security tab
-#         uses: github/codeql-action/upload-sarif@v3
-#         with:
-#           sarif_file: "trivy-results.sarif"
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,2 @@
+# Ignore possible issue with empty URI
+AVD-AWS-0112
diff --git a/samNode/template.yaml b/samNode/template.yaml
@@ -15,7 +15,6 @@ Globals:
         AWSREGION: !Ref AWSDefaultRegion
         DYNAMODB_ENDPOINT_URL: "https://dynamodb.ca-central-1.amazonaws.com"
 
-
 Parameters:
   Algorithm:
     Type: String
@@ -1490,10 +1489,10 @@ Resources:
   ############ 
   # S3 Bucket
   ############
-  ParksAssetsS3BucketSAM:
-    Type: 'AWS::S3::Bucket'
-    Properties:
-      BucketName: !Ref S3BucketData
+  # ParksAssetsS3BucketSAM:
+  #   Type: 'AWS::S3::Bucket'
+  #   Properties:
+  #     BucketName: !Ref S3BucketData
 
   #############
   # SQS Queues
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Ignore possible issue with empty URI
		AVD-AWS-0112