Skip to content
Open in github.dev Open in a new github.dev tab Open in codespace

Post attestation#5095

Merged
Girdhar, Vikas (V.) (VGIRDHAR_ford) merged 21 commits intoford-cloud:masterfrom
ford-forks:post-attestation
Mar 12, 2026
Merged

Post attestation#5095
Girdhar, Vikas (V.) (VGIRDHAR_ford) merged 21 commits intoford-cloud:masterfrom
ford-forks:post-attestation

Conversation

@VGIRDHAR_ford

@VGIRDHAR_ford Girdhar, Vikas (V.) (VGIRDHAR_ford) commented Mar 3, 2026

Breaking Changes

Features

Fixes

  • update the post attestation code

Change Type

standard

Change Request Number

BYPASS

Change Engineers

vgirdhar@ford.com,sgopal49@ford.com

Monitoring Plan

monitor the plan

Rollback Plan

revert the changes

CRQ Data

{
    "Assignment_Group": "SNO-Hybrid-Cloud-Automation",
    "CAB_Manager_CDSID": "mlavany6",
    "Service_CI": "53207 [gust]::PROD" 
}

@creta-app

creta-app bot commented Mar 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

Change Request Check successfully bypassed

@creta-app

creta-app bot commented Mar 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@creta-app

creta-app bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

The Change Request Check has already been bypassed.

@tkn-pac-pd1031

tkn-pac-pd1031 bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

Pipeline Results - hca-apps-ranger-build-pipelinerun-pull-request

Namespace PipelineRun Name Status Runtime Log File
hca-automations hca-apps-ranger-build-pipelinerun-5sm4m Succeeded ✅ 1m20s Log File
Expand for fetch-repository Results Succeeded ✅

Name Status Start Completed Total Time
fetch-repository Succeeded ✅ 2026-03-11 16:36:07 +0000 UTC 2026-03-11 16:36:25 +0000 UTC 18s

Tasks details below may be truncated. If so, refer to full log above.

HTTPS_PROXY=http://internet.gcp.ford.com:83
2026-03-11T16:36:15.896413946Z + HTTPS_PROXY=http://internet.gcp.ford.com:83
2026-03-11T16:36:15.896428015Z + test -z localhost,127.0.0.0/8,19.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.ford.com,.appspot.com,.cloudfunctions.net,.cloudproxy.app,.composer.cloud.google.com,.composer.googleusercontent.com,.datafusion.cloud.google.com,.datafusion.googleusercontent.com,.gcr.io,.internal,.googleadapis.com,.googleapis.com,.gstatic.com,.ltsapis.goog,.packages.cloud.google.com,.pkg.dev,.pki.goog,.run.app,.source.developers.google.com,.gcp.cloud.es.io,.smt-gce.susecloud.net
2026-03-11T16:36:15.896485446Z + export NO_PROXY=localhost,127.0.0.0/8,19.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.ford.com,.appspot.com,.cloudfunctions.net,.cloudproxy.app,.composer.cloud.google.com,.composer.googleusercontent.com,.datafusion.cloud.google.com,.datafusion.googleusercontent.com,.gcr.io,.internal,.googleadapis.com,.googleapis.com,.gstatic.com,.ltsapis.goog,.packages.cloud.google.com,.pkg.dev,.pki.goog,.run.app,.source.developers.google.com,.gcp.cloud.es.io,.smt-gce.susecloud.net
2026-03-11T16:36:15.896485446Z + NO_PROXY=localhost,127.0.0.0/8,19.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.ford.com,.appspot.com,.cloudfunctions.net,.cloudproxy.app,.composer.cloud.google.com,.composer.googleusercontent.com,.datafusion.cloud.google.com,.datafusion.googleusercontent.com,.gcr.io,.internal,.googleadapis.com,.googleapis.com,.gstatic.com,.ltsapis.goog,.packages.cloud.google.com,.pkg.dev,.pki.goog,.run.app,.source.developers.google.com,.gcp.cloud.es.io,.smt-gce.susecloud.net
2026-03-11T16:36:15.896485446Z + git config --global --add safe.directory /workspace/output
2026-03-11T16:36:15.899736085Z + [[ https://github.com/ford-cloud/hca-apps =~ git@github.com ]]
2026-03-11T16:36:15.899801495Z + /ko-app/git-init -url=https://github.com/ford-cloud/hca-apps -revision=2681ac820cf7022a572f48ba2746fd74794dad6b -refspec= -path=/workspace/output/ -sslVerify=true -submodules=true -depth=1 -sparseCheckoutDirectories=
2026-03-11T16:36:15.990428174Z {"level":"warn","ts":1773246975.9902864,"caller":"git/git.go:317","msg":"SSH credentials have been provided but the URL(\"https://github.com/ford-cloud/hca-apps\") is not a valid SSH URL. This warning can be safely ignored if the URL is for a public repo or you are using basic auth"}
2026-03-11T16:36:16.087881693Z {"level":"info","ts":1773246976.087754,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"}
2026-03-11T16:36:24.705688011Z {"level":"info","ts":1773246984.7055128,"caller":"git/git.go:217","msg":"Successfully cloned https://github.com/ford-cloud/hca-apps @ 2681ac820cf7022a572f48ba2746fd74794dad6b (grafted, HEAD) in path /workspace/output/"}
2026-03-11T16:36:24.705688011Z {"level":"info","ts":1773246984.7056599,"caller":"git/git.go:380","msg":"Retrying operation (attempt 1)"}
2026-03-11T16:36:25.003409846Z {"level":"info","ts":1773246985.0032642,"caller":"git/git.go:263","msg":"Successfully initialized and updated submodules in path /workspace/output/"}
2026-03-11T16:36:25.097690364Z + cd /workspace/output/
2026-03-11T16:36:25.098246134Z ++ git rev-parse HEAD
2026-03-11T16:36:25.100786614Z + RESULT_SHA=2681ac820cf7022a572f48ba2746fd74794dad6b
2026-03-11T16:36:25.100818394Z + EXIT_CODE=0
2026-03-11T16:36:25.100818394Z + '[' 0 '!=' 0 ']'
2026-03-11T16:36:25.101465354Z ++ git log -1 --pretty=%ct
2026-03-11T16:36:25.104791193Z + RESULT_COMMITTER_DATE=1773246835
2026-03-11T16:36:25.104820313Z + printf %s 1773246835
2026-03-11T16:36:25.105094783Z + printf %s 2681ac820cf7022a572f48ba2746fd74794dad6b
2026-03-11T16:36:25.105251073Z + printf %s https://github.com/ford-cloud/hca-apps

Expand for check-app-input-change Results Succeeded ✅

Name Status Start Completed Total Time
check-app-input-change Succeeded ✅ 2026-03-11 16:36:25 +0000 UTC 2026-03-11 16:36:48 +0000 UTC 23s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-check-files-changed
====================================================================================================
2026-03-11T16:36:46.575890555Z Running entrypoint script
2026-03-11T16:36:46.675335015Z /usr/bin/bash: /usr/bin/entrypoint: No such file or directory
2026-03-11T16:36:46.973487993Z subDirectory: 
2026-03-11T16:36:46.973748113Z regex: ^app\.json$
2026-03-11T16:36:46.973867313Z notMatchregex: 
2026-03-11T16:36:46.974579933Z verbose: True
2026-03-11T16:36:46.974666263Z 
2026-03-11T16:36:46.979133613Z Changed files:
2026-03-11T16:36:46.980152213Z app.json
2026-03-11T16:36:46.980152213Z exceptions/images/build-input
2026-03-11T16:36:46.980207043Z exceptions/images/post_attestation_api/app/main.py
2026-03-11T16:36:46.980217973Z exceptions/images/post_attestation_api/app/send_mail.py
2026-03-11T16:36:46.980276583Z exceptions/images/post_attestation_api/app/spanner.py
2026-03-11T16:36:46.980276583Z exceptions/infra/envs/preprod/main_preprod.tf
2026-03-11T16:36:46.980314613Z exceptions/infra/input.json
2026-03-11T16:36:46.984285003Z 
2026-03-11T16:36:46.985171843Z Matched changed file 'app.json'
2026-03-11T16:36:46.985251423Z

Expand for get-app-input Results Succeeded ✅

Name Status Start Completed Total Time
get-app-input Succeeded ✅ 2026-03-11 16:36:48 +0000 UTC 2026-03-11 16:37:06 +0000 UTC 18s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-get-app-name
====================================================================================================
2026-03-11T16:37:04.967498759Z {'Application': 'exceptions', 'Description': 'Update your application name above(case-sensitive)', 'build-image': 'false', 'build-infra': 'true', 'apigee': 'false'}
2026-03-11T16:37:04.967498759Z app-name:exceptions
2026-03-11T16:37:04.967663909Z build-image:false
2026-03-11T16:37:04.967680909Z build-infra:true
2026-03-11T16:37:04.967787149Z apigee:false

Expand for validate-application Results Succeeded ✅

Name Status Start Completed Total Time
validate-application Succeeded ✅ 2026-03-11 16:37:07 +0000 UTC 2026-03-11 16:37:26 +0000 UTC 19s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-validate-pg-app
====================================================================================================
2026-03-11T16:37:24.755842517Z {'bronco': ['quota', 'os_config_compliance', 'gce-dashboard', 'gce-installed-available-packages', 'cis-policy-compliance', 'schedule-data', 'pd-inventory', 'gce-vm-vulnerability', 'osconfig', 'inventory-dashboard', 'vm-patch-deployment', 'image-notification-api', 'gce-vm', 'gce-patching', 'service-canaries', 'centralised-communication', 'dashboard-trendchart', 'gce-osconfig-policies', 'gce-patching-reporting', 'gce-ui', 'gce_inventory', 'canary-diy-patch', 'ccs-cloud-manage', 'gce_queries', 'read-github', 'hugo-rss-feed'], 'ranger': ['gcs_recommendations', 'gcs-usage', 'spanner', 'groupquery', 'gcp_users_webex', 'gcs-objects', 'spanner-image', 'everyone2db', 'ssl-automation', 'cloud_stream', 'cloud-workstations', 'crq_automation', 'servicenow-automation', 'exceptions', 'packages', 'vm-pool-rhdh'], 'mustang': ['central-shutdown', 'csa', 'cloudmindset', 'webex-api', 'auth', 'dashboard', 'ops-stack', 'ccab', 'nodejs16', 'backup_data', 'project-api', 'gcp_feeds', 'csapi-mvp2', 'csapi', 'common-images', 'msteams-graphapi', 'csa-mvp2', 'gce-recommendations', 'jit', 'gce_mandiant', 'gce_snapshots', 'proactive-incidents', 'ford-blocked-sites'], 'escape': ['hello-world', 'google-maps', 'chatgpt', 'cloud_run_monitoring_example', 'dynatracecanary', 'genapp-ai-chatbot', 'docssite-assistant', 'vmpool', 'buildah-image', 'python-image', 'vmo', 'itconnect-automation', 'genapp-ai-chatbot', 'angularMSAL', 'log-and-registry-buckets', 'send-email', 'googlemaps_APIs']}
2026-03-11T16:37:24.755842517Z App Name :  exceptions
2026-03-11T16:37:24.755842517Z PG Name :  ranger
2026-03-11T16:37:24.756019897Z validation success

@tkn-pac-pd1031

tkn-pac-pd1031 bot commented Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more about hiding comments.

Pipeline Results - hca-apps-terraform-cd-pipelinerun-pull-request

Namespace PipelineRun Name Status Runtime Log File
hca-automations hca-apps-terraform-cd-pipelinerun-b2m4b Succeeded ✅ 6m41s Log File
Expand for get-app-input Results Succeeded ✅

Name Status Start Completed Total Time
get-app-input Succeeded ✅ 2026-03-11 16:37:58 +0000 UTC 2026-03-11 16:38:20 +0000 UTC 22s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-get-app-name
====================================================================================================
2026-03-11T16:38:18.781938404Z {'Application': 'exceptions', 'Description': 'Update your application name above(case-sensitive)', 'build-image': 'false', 'build-infra': 'true', 'apigee': 'false'}
2026-03-11T16:38:18.781938404Z app-name:exceptions
2026-03-11T16:38:18.782076584Z build-image:false
2026-03-11T16:38:18.782134364Z build-infra:true
2026-03-11T16:38:18.782208864Z apigee:false

Expand for check-changed-files Results Succeeded ✅

Name Status Start Completed Total Time
check-changed-files Succeeded ✅ 2026-03-11 16:38:20 +0000 UTC 2026-03-11 16:38:42 +0000 UTC 22s

Tasks details below may be truncated. If so, refer to full log above.

============================================
STEP: step-check-files-changed
====================================================================================================
2026-03-11T16:38:40.872306713Z Running entrypoint script
2026-03-11T16:38:40.971803483Z /usr/bin/bash: /usr/bin/entrypoint: No such file or directory
2026-03-11T16:38:41.095662692Z subDirectory: 
2026-03-11T16:38:41.095925672Z regex: ^(\w|-)+\/(\w|-)+\/envs\/|^(\w|-)+\.tf$|^pipeline\.json$
2026-03-11T16:38:41.170585372Z notMatchregex: 
2026-03-11T16:38:41.171844272Z verbose: True
2026-03-11T16:38:41.171887512Z 
2026-03-11T16:38:41.176182742Z Changed files:
2026-03-11T16:38:41.177098461Z app.json
2026-03-11T16:38:41.177098461Z exceptions/images/build-input
2026-03-11T16:38:41.177098461Z exceptions/images/post_attestation_api/app/main.py
2026-03-11T16:38:41.177162032Z exceptions/images/post_attestation_api/app/send_mail.py
2026-03-11T16:38:41.177162032Z exceptions/images/post_attestation_api/app/spanner.py
2026-03-11T16:38:41.177162032Z exceptions/infra/envs/preprod/main_preprod.tf
2026-03-11T16:38:41.177177801Z exceptions/infra/input.json
2026-03-11T16:38:41.181154952Z 
2026-03-11T16:38:41.182043252Z Matched changed file 'exceptions/infra/envs/preprod/main_preprod.tf'
2026-03-11T16:38:41.182043252Z

Expand for changed-files-validation Results Succeeded ✅

Name Status Start Completed Total Time
changed-files-validation Succeeded ✅ 2026-03-11 16:38:42 +0000 UTC 2026-03-11 16:38:59 +0000 UTC 17s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-check-files-changed
====================================================================================================
2026-03-11T16:38:58.006440447Z 
2026-03-11T16:38:58.006440447Z Starting Change Files Validation.
2026-03-11T16:38:58.006440447Z 
2026-03-11T16:38:58.043229433Z -Validation successful!

Expand for get-global-pipeline-params Results Succeeded ✅

Name Status Start Completed Total Time
get-global-pipeline-params Succeeded ✅ 2026-03-11 16:39:00 +0000 UTC 2026-03-11 16:39:22 +0000 UTC 22s

Tasks details below may be truncated. If so, refer to full log above.

L_ON_ERROR to /tekton/results/TF_VALIDATOR_FAIL_ON_ERROR with value true
2026-03-11T16:39:20.977804182Z Writing results for CHECKOV_PASS_ON_ERROR to /tekton/results/CHECKOV_PASS_ON_ERROR with value False
2026-03-11T16:39:20.982400482Z Writing results for TASK_NAMES_TO_LOG to /tekton/results/TASK_NAMES_TO_LOG with value 
2026-03-11T16:39:20.986341272Z Writing results for GCP_PROJECT_ID to /tekton/results/GCP_PROJECT_ID with value 
2026-03-11T16:39:21.087319532Z Writing results for CHECKOV_CONFIG to /tekton/results/CHECKOV_CONFIG with value checkov_config
2026-03-11T16:39:21.091851382Z Writing results for GCS_LOGS_BUCKET_NAME to /tekton/results/GCS_LOGS_BUCKET_NAME with value 
2026-03-11T16:39:21.172169411Z Writing results for GCS_PLAN_BUCKET_NAME to /tekton/results/GCS_PLAN_BUCKET_NAME with value 
2026-03-11T16:39:21.176672331Z Writing results for FAIL_WITH_MULTI_COMP_ENV_CHANGE to /tekton/results/FAIL_WITH_MULTI_COMP_ENV_CHANGE with value false
2026-03-11T16:39:21.180714101Z Writing results for TERRAFORM_IMAGE to /tekton/results/TERRAFORM_IMAGE with value fcr.ford.com/hybrid_cloud/tf-redhat9:v2.0.0
2026-03-11T16:39:21.273957771Z Writing results for ADD_SECRETS to /tekton/results/ADD_SECRETS with value False
2026-03-11T16:39:21.279406861Z Result is 197/4000 characters long

Expand for get-changed-env Results Succeeded ✅

Name Status Start Completed Total Time
get-changed-env Succeeded ✅ 2026-03-11 16:39:22 +0000 UTC 2026-03-11 16:39:53 +0000 UTC 31s

Tasks details below may be truncated. If so, refer to full log above.

====================================================================================================
STEP: step-get-env
====================================================================================================
2026-03-11T16:39:37.202369436Z {'Environments': ['preprod'], 'Description': 'Add the environments in the above field,where you need to run terraform in', 'Accepted_Values': 'prod,preprod or sandbox as an array of strings'}
====================================================================================================
STEP: step-copy-to-one
====================================================================================================
2026-03-11T16:39:37.447253151Z /workspace/dest-2
====================================================================================================
STEP: step-copy-to-two
====================================================================================================
2026-03-11T16:39:47.669052862Z /workspace/dest-3

Expand for check-spanner-ddl-changes Results Succeeded ✅

Name Status Start Completed Total Time
check-spanner-ddl-changes Succeeded ✅ 2026-03-11 16:39:54 +0000 UTC 2026-03-11 16:40:10 +0000 UTC 16s

Tasks details below may be truncated. If so, refer to full log above.

==================================================================================================
STEP: step-check-files-changed
====================================================================================================
2026-03-11T16:40:09.168428106Z Running entrypoint script
2026-03-11T16:40:09.257959091Z /usr/bin/bash: /usr/bin/entrypoint: No such file or directory
2026-03-11T16:40:09.462357760Z subDirectory: exceptions/infra
2026-03-11T16:40:09.462538520Z regex: \/spanner_ddl\.json$
2026-03-11T16:40:09.462636809Z notMatchregex: 
2026-03-11T16:40:09.463179669Z verbose: True
2026-03-11T16:40:09.463261799Z 
2026-03-11T16:40:09.552960095Z Changed files:
2026-03-11T16:40:09.554061265Z app.json
2026-03-11T16:40:09.554197945Z exceptions/images/build-input
2026-03-11T16:40:09.554291655Z exceptions/images/post_attestation_api/app/main.py
2026-03-11T16:40:09.554416135Z exceptions/images/post_attestation_api/app/send_mail.py
2026-03-11T16:40:09.554509025Z exceptions/images/post_attestation_api/app/spanner.py
2026-03-11T16:40:09.554600545Z exceptions/infra/envs/preprod/main_preprod.tf
2026-03-11T16:40:09.554680425Z exceptions/infra/input.json
2026-03-11T16:40:09.558533994Z 
2026-03-11T16:40:09.558562165Z None of the changed files matched!
2026-03-11T16:40:09.558652545Z

Expand for get-env-pipeline-params-preprod Results Succeeded ✅

Name Status Start Completed Total Time
get-env-pipeline-params-preprod Succeeded ✅ 2026-03-11 16:40:10 +0000 UTC 2026-03-11 16:40:29 +0000 UTC 19s

Tasks details below may be truncated. If so, refer to full log above.

/TASK_NAMES_TO_LOG with value 
2026-03-11T16:40:28.769890510Z Writing results for DEFAULT_ENVIRONMENT to /tekton/results/DEFAULT_ENVIRONMENT with value 
2026-03-11T16:40:28.772724140Z Writing results for BUSINESS_CODE to /tekton/results/BUSINESS_CODE with value hca-internal
2026-03-11T16:40:28.868162765Z Writing results for TERRAFORM_VALIDATOR_IMAGE to /tekton/results/TERRAFORM_VALIDATOR_IMAGE with value fcr.ford.com/hybrid_cloud/tf-redhat9:v2.0.0
2026-03-11T16:40:28.871857745Z Writing results for CHECKOV_PASS_ON_ERROR to /tekton/results/CHECKOV_PASS_ON_ERROR with value False
2026-03-11T16:40:28.875149514Z Writing results for TERRAFORM_IMAGE to /tekton/results/TERRAFORM_IMAGE with value fcr.ford.com/hybrid_cloud/tf-redhat9:v2.0.0
2026-03-11T16:40:28.955046122Z Writing results for ADD_SECRETS to /tekton/results/ADD_SECRETS with value False
2026-03-11T16:40:28.958512581Z Writing results for TERRAFORM_ACTION to /tekton/results/TERRAFORM_ACTION with value apply
2026-03-11T16:40:28.961623271Z Writing results for GCS_LOGS_BUCKET_NAME to /tekton/results/GCS_LOGS_BUCKET_NAME with value prj-hca-internal-pp-log-bucket
2026-03-11T16:40:28.964800350Z Writing results for TF_LOG to /tekton/results/TF_LOG with value ERROR
2026-03-11T16:40:29.056366046Z Result is 296/4000 characters long

Expand for terraform-init-preprod Results Succeeded ✅

Name Status Start Completed Total Time
terraform-init-preprod Succeeded ✅ 2026-03-11 16:40:30 +0000 UTC 2026-03-11 16:40:52 +0000 UTC 22s

Tasks details below may be truncated. If so, refer to full log above.

made above. Include this file in your version control repository
2026-03-11T16:40:51.986758343Z so that Terraform can guarantee to make the same selections by default when
2026-03-11T16:40:51.986758343Z you run "terraform init" in the future.
2026-03-11T16:40:51.987008063Z 
2026-03-11T16:40:51.987008063Z Terraform has been successfully initialized!
2026-03-11T16:40:51.987008063Z 
2026-03-11T16:40:51.987008063Z You may now begin working with Terraform. Try running "terraform plan" to see
2026-03-11T16:40:51.987008063Z any changes that are required for your infrastructure. All Terraform commands
2026-03-11T16:40:51.987008063Z should now work.
2026-03-11T16:40:51.987008063Z 
2026-03-11T16:40:51.987008063Z If you ever set or change modules or backend configuration for Terraform,
2026-03-11T16:40:51.987008063Z rerun this command to reinitialize your working directory. If you forget, other
2026-03-11T16:40:51.987008063Z commands will detect it and remind you to do so if necessary.
====================================================================================================
STEP: step-seed-gcp-secrets
====================================================================================================
2026-03-11T16:40:52.297565403Z Terraform Init or Plan run, exiting task.

Expand for terraform-plan-preprod Results Succeeded ✅

Name Status Start Completed Total Time
terraform-plan-preprod Succeeded ✅ 2026-03-11 16:40:53 +0000 UTC 2026-03-11 16:41:22 +0000 UTC 29s

Tasks details below may be truncated. If so, refer to full log above.

"ford-9f92819b58bb1cc56b26b3fa"
2026-03-11T16:41:21.307070259Z       + role     = "roles/run.invoker"
2026-03-11T16:41:21.307070259Z       + service  = "post-attestation"
2026-03-11T16:41:21.307070259Z     }
2026-03-11T16:41:21.307070259Z 
2026-03-11T16:41:21.307070259Z Plan: 12 to add, 1 to change, 0 to destroy.
2026-03-11T16:41:21.307084049Z 
2026-03-11T16:41:21.307084049Z ─────────────────────────────────────────────────────────────────────────────
2026-03-11T16:41:21.307095099Z 
2026-03-11T16:41:21.307095099Z Saved the plan to: 2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tfplan
2026-03-11T16:41:21.307095099Z 
2026-03-11T16:41:21.307095099Z To perform exactly these actions, run the following command to apply:
2026-03-11T16:41:21.307095099Z     terraform apply "2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tfplan"
====================================================================================================
STEP: step-seed-gcp-secrets
====================================================================================================
2026-03-11T16:41:21.766028627Z Terraform Init or Plan run, exiting task.

Expand for checkov-scan-preprod Results Succeeded ✅

Name Status Start Completed Total Time
checkov-scan-preprod Succeeded ✅ 2026-03-11 16:41:22 +0000 UTC 2026-03-11 16:43:46 +0000 UTC 2m24s

Tasks details below may be truncated. If so, refer to full log above.

33.442879388Z }
2026-03-11T16:43:35.358136417Z Sending Results to GCS
2026-03-11T16:43:37.285796336Z Copying file://checkov_results_03_11_2026_16_43_35_ford-9f92819b58bb1cc56b26b3fa.json to gs://bkt-tfstate-hca-internal-pp/checkov-logs/checkov_results_03_11_2026_16_43_35_ford-9f92819b58bb1cc56b26b3fa.json
2026-03-11T16:43:37.298463315Z   
2026-03-11T16:43:37.417043573Z 
====================================================================================================
STEP: step-mondoo
====================================================================================================
2026-03-11T16:43:39.639889936Z APP_NAME_LABEL: hca-apps-pipelines
2026-03-11T16:43:39.648746365Z basic-auth directory is bound.  Copying git credentials to home directory
2026-03-11T16:43:39.759629783Z Using credentials_config.json from /var/run/secrets/google/credentials_config.json
2026-03-11T16:43:39.760125233Z Terraform plan json file found at tf.json, using existing file
2026-03-11T16:43:39.762427683Z Space ID was not supplied via parameter, resolving via datasource and hca-apps-pipelines
2026-03-11T16:43:45.837228373Z WARNING: Failed to resolve space id for app name label hca-apps-pipelines.  Please ensure the app registration datasource is available and the app name label is correct.

Expand for upload-terraform-plan-preprod Results Succeeded ✅

Name Status Start Completed Total Time
upload-terraform-plan-preprod Succeeded ✅ 2026-03-11 16:43:47 +0000 UTC 2026-03-11 16:44:12 +0000 UTC 25s

Tasks details below may be truncated. If so, refer to full log above.

================================================
STEP: step-tar-and-upload
====================================================================================================
2026-03-11T16:44:05.732357496Z Executing tar -cf 2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tar exceptions/infra/envs/preprod/.terraform exceptions/infra/envs/preprod/.terraform.lock.hcl exceptions/infra/envs/preprod/2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tfplan
2026-03-11T16:44:07.710131926Z Executing rclone sync /workspace/source/2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tar gcs:bkt-tfstate-hca-internal-pp/plan/ford-cloud/hca-apps/5095/ --modify-window=1s --log-level=INFO --log-file ./rclone_upload.log --error-on-no-transfer
2026-03-11T16:44:07.710131926Z 
2026-03-11T16:44:11.405016567Z Rclone exit code: 0
2026-03-11T16:44:11.405016567Z 
2026-03-11T16:44:11.408528287Z 2026/03/11 16:44:11 INFO  : 2681ac820cf7022a572f48ba2746fd74794dad6b-preprod.tar: Copied (new)
2026-03-11T16:44:11.408528287Z 2026/03/11 16:44:11 INFO  : 
2026-03-11T16:44:11.408528287Z Transferred:   	  156.426 MiB / 156.426 MiB, 100%, 55.998 MiB/s, ETA 0s
2026-03-11T16:44:11.408528287Z Transferred:            1 / 1, 100%
2026-03-11T16:44:11.408528287Z Elapsed time:         2.8s
2026-03-11T16:44:11.408528287Z

MNAVEENP_ford
Naveen Prakash, Maddu (M.) (MNAVEENP_ford) approved these changes Mar 12, 2026
View reviewed changes

@MNAVEENP_ford Naveen Prakash, Maddu (M.) (MNAVEENP_ford) left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@VGIRDHAR_ford Girdhar, Vikas (V.) (VGIRDHAR_ford) merged commit a2701f0 into ford-cloud:master Mar 12, 2026
6 checks passed
Loading
@VGIRDHAR_ford

Add a comment

Mention Copilot
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Saved replies
Slash commands

Select a reply

Loading
Create a new saved reply
Slash commands
Preview
Loading
Slash commands
Preview

An unexpected error has occurred
Markdown is supported
Remember, contributions to this repository should follow its code of conduct.
ProTip! Add .patch or .diff to the end of URLs for Git’s plaintext views.
Reviewers
Request up to 100 reviewers

@SGOPAL49_ford Selvam, Gopalakrishnan (S.) (SGOPAL49_ford) SGOPAL49_ford approved these changes

@MNAVEENP_ford Naveen Prakash, Maddu (M.) (MNAVEENP_ford) MNAVEENP_ford approved these changes

Assignees
Assign up to 10 people to this pull request
No one—
Labels
Apply labels to this pull request
None yet
Projects
Projects
None yet
Milestone
Set milestone
No milestone
Development
Link an issue from this repository

Successfully merging this pull request may close these issues.

Notification settings

You’re receiving notifications because you modified the open/close state.

3 participants

@VGIRDHAR_ford @SGOPAL49_ford @MNAVEENP_ford
Lock conversation

Lock conversation on this pull request

  • Other users can’t add new comments to this pull request.
  • You and other members of teams with write access to this repository can still leave comments that others can see.
  • You can always unlock this pull request again in the future.

Optionally, choose a reason for locking that others can see. Learn more about when it’s appropriate to lock conversations.