From 010d3d0177d0e32ea59c61371bcccdc0316e3295 Mon Sep 17 00:00:00 2001
From: Christopher-walsh22
 <106549296+Christopher-walsh22@users.noreply.github.com>
Date: Wed, 28 Aug 2024 13:34:34 -0700
Subject: [PATCH] Update dynamo endpoint for aws (#413)

---
 .github/workflows/analysis.yaml | 74 ++++++++++++++++-----------------
 .trivyignore                    |  2 +
 samNode/template.yaml           |  9 ++--
 3 files changed, 43 insertions(+), 42 deletions(-)
 create mode 100644 .trivyignore

diff --git a/.github/workflows/analysis.yaml b/.github/workflows/analysis.yaml
index e5ccd78..276fff9 100644
--- a/.github/workflows/analysis.yaml
+++ b/.github/workflows/analysis.yaml
@@ -1,43 +1,43 @@
-# name: Analysis
+name: Analysis
 
-# on:
-#   push:
-#     branches: [main]
-#   pull_request:
-#     types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
-#   schedule:
-#     - cron: "29 22 * * 4"
+on:
+  push:
+    branches: [main]
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review, converted_to_draft]
+  schedule:
+    - cron: "29 22 * * 4"
 
-# permissions:
-#   contents: read
+permissions:
+  contents: read
 
-# jobs:
-#   trivy:
-#     permissions:
-#       contents: read
-#       security-events: write
-#     name: Trivy Security Scan
-#     if: ${{ ! github.event.pull_request.draft }}
-#     runs-on: ubuntu-22.04
-#     timeout-minutes: 1
-#     steps:
-#       - name: Checkout code
-#         uses: actions/checkout@v3
+jobs:
+  trivy:
+    permissions:
+      contents: read
+      security-events: write
+    name: Trivy Security Scan
+    if: ${{ ! github.event.pull_request.draft }}
+    runs-on: ubuntu-22.04
+    timeout-minutes: 1
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
 
-#       - name: Run Trivy vulnerability scanner
-#         uses: aquasecurity/trivy-action@0.22.0
-#         with:
-#           format: "sarif"
-#           output: "trivy-results.sarif"
-#           ignore-unfixed: true
-#           scan-type: "fs"
-#           scanners: "vuln,secret,config"
-#           severity: "CRITICAL,HIGH"
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.22.0
+        with:
+          format: "sarif"
+          output: "trivy-results.sarif"
+          ignore-unfixed: true
+          scan-type: "fs"
+          scanners: "vuln,secret,config"
+          severity: "CRITICAL,HIGH"
 
-#       - name: Print SARIF file
-#         run: cat trivy-results.sarif
+      - name: Print SARIF file
+        run: cat trivy-results.sarif
 
-#       - name: Upload Trivy scan results to GitHub Security tab
-#         uses: github/codeql-action/upload-sarif@v3
-#         with:
-#           sarif_file: "trivy-results.sarif"
\ No newline at end of file
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"
\ No newline at end of file
diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..4034e1a
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,2 @@
+# Ignore possible issue with empty URI
+AVD-AWS-0112
\ No newline at end of file
diff --git a/samNode/template.yaml b/samNode/template.yaml
index 872ae86..221a841 100644
--- a/samNode/template.yaml
+++ b/samNode/template.yaml
@@ -15,7 +15,6 @@ Globals:
         AWSREGION: !Ref AWSDefaultRegion
         DYNAMODB_ENDPOINT_URL: "https://dynamodb.ca-central-1.amazonaws.com"
 
-
 Parameters:
   Algorithm:
     Type: String
@@ -1490,10 +1489,10 @@ Resources:
   ############ 
   # S3 Bucket
   ############
-  ParksAssetsS3BucketSAM:
-    Type: 'AWS::S3::Bucket'
-    Properties:
-      BucketName: !Ref S3BucketData
+  # ParksAssetsS3BucketSAM:
+  #   Type: 'AWS::S3::Bucket'
+  #   Properties:
+  #     BucketName: !Ref S3BucketData
 
   #############
   # SQS Queues