[UNSAFE] Update dependency securetrading-gl/st-server-project/project-infrastructure-cicd to v67
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
securetrading-gl/st-server-project/project-infrastructure-cicd | repository | major |
64.3.15 -> 67.1.4
|
⚠ ️ WarningSome dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
securetrading-gl/st-server-project/project-infrastructure-cicd (securetrading-gl/st-server-project/project-infrastructure-cicd)
v67.1.4
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1232 - SI-2207: PyPI Change "index-url" to private "gitlab" registry.
Changes
For
.py-unit-tests-package-installed-review
and.py-unit-tests-package-installed-release
jobs:
- No longer set
https://pypi.org/simple
as the mainindex-url
inpip.conf
. Instead usehttps://token:${GITLAB_API_TOKEN}@​gitlab.com/api/v4/projects/26595653/packages/pypi/simple
. This is to mitigate the "CVE" described in this ticket https://securetrading.atlassian.net/browse/SI-2207Fixes
Disable job
validate-merge-request-description
that is not required when triggeringinfra
pipeline. It caused issues when last commit for a new branch taken from master was renovate's commit.
Commit history
- eab48f26 SI-2207: PyPI Change "index-url" to private "gitlab" registry.
v67.1.3
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1234 - Change default branch for jpc-merge-to-master job
Hotfix
Change branch used in
jpc-merge-to-master
job for JS Payments Card project as it's usingdev-1
instead ofdevelop
.
Commit history
- fdb4cc2f Change default branch for jpc-merge-to-master job
v67.1.2
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1231 - Fix issue with merge to master creating conflicts for projects using branches...
Hotfix
- Fix
*-merge-to-master
jobs so target branch can be adjusted based on the git branching strategy. This is an internal fix - does not affect feature teams.- Fix TFLint logs output by exposing them as artifacts. This can be helpful when we need to debug TFLint activity by passing
TFLINT_LOG
variable and settings its value todebug
ortrace
which can produce a lot of output (more than 100MB), which cuts off job output and prevents proper debugging. See example output: https://gitlab.com/securetrading-gl/st-server-project/st-python-service-template/-/jobs/6814517419.
Commit history
- 6ebf346 Fix issue with merge to master creating conflicts for projects using branches...
v67.1.1
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1228 - Amplify Review Envs: Prevent recursive SRC triggering INFRA
Hotfix
Amplify Review Envs: Check if the last commit message was the automatic commit, if so do not add another. Prevents recursive loop
Commit history
- e9bc539 Amplify Review Envs: Prevent recursive SRC triggering INFRA
v67.1.0
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1212 - SI-1669: Skip ecr scan option
New features
If
SKIP_ECR_SCAN
is set totrue
in the.service-images-build:
job, we skip the ECR image scanner step as sometimes we want to use newer images that are not supported by AWS ECR image scanning. A few examples would be Datadog and Envoy.
Commit history
- 8080dcbe SI-1669: Skip ecr scan option
v67.0.5
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1225 - SI-2205 Added logic to handle CICD releases (Amplify)
Fixes
Updated Amplify review environments to correctly handle CICD releases and template checks, as before CICD would trigger amplify with a trigger token causing the INFRA for amplify to never get created (expected behaviour when the project was trigged via a trigger token). However we want INFRA to be created when a template check happens.
We do this by passing a new variable called
AMPLIFY_REVIEW_FORCE_INFRA
to the amplify template repo when we trigger it.
Commit history
- ff0d8996 SI-2205 Added logic to handle CICD releases (Amplify)
v67.0.4
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1226 - Hotfix - Fix Assume Role on scheduled hotfix
Hotfix
- Assume role fix on scheduled hotfix for SI-2179.
Commit history
- 61d05d4 Hotfix - Fix Assume Role on scheduled hotfix
v67.0.2
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1219 - SI-2166 disable amplify-service-check-template-release to unblock PI-CICD releases
Hotfix
disable
amplify-service-check-template-release
to unblock pi-cicd releases
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1216 - [UNSAFE] Update TP Projects - Major to v10 (major)
Commit history
- 479870cf SI-2166 disable amplify-service-check-template-release to unblock PI-CICD releases
- c54e1fc6 [UNSAFE] Update TP Projects - Major to v10 (major)
v67.0.0
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1184 - SI-1722: AWS Amplify Review Envs
Breaking changes
- Added scripts & jobs to provide review environments for amplify projects. As a result the shared
dev
will no longer get updated. Note this is only a breaking change for AWS amplify based projects.Migration process
Nothing to migrate, just be aware that the shared dev environment will not be updated with your changes and you will need to implement review environments as seen in the template src and infra examples
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1215 - [UNSAFE] Update Maven - Major (major)
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1214 - [SAFE] Update TP Projects - Minor/Patch to v9.10.13
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1213 - [SAFE] Update Maven - Minor/Patch
Commit history
- fca267f SI-1722: AWS Amplify Review Envs
- a599657 [UNSAFE] Update Maven - Major (major)
- c9bcb8a [SAFE] Update TP Projects - Minor/Patch to v9.10.13
- b507a3b [SAFE] Update Maven - Minor/Patch
v66.0.0
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1211 - SI-2107 check_amplify_pipeline_status.sh fix
Breaking changes
The script
check_amplify_pipeline_status.sh
has been changed. Now it requires theAMPLIFY_FRAMEWORK
variable to be specified (default value isNext.js - SSR
). If you are using a framework other thanNext.js - SSR
, then you need specifyAMPLIFY_FRAMEWORK
in.gitlab-ci.yml
file with proper value. These modifications apply only to projects utilizing the CICD Amplify pipeline.
Commit history
- f01bca7 SI-2107 check_amplify_pipeline_status.sh fix
v65.0.1
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1210 - SI-1980 localstack_add_lambda.py fix
Changes
Fixed
localstack_add_lambda.py
to run on EKS Gitlab Runners.
Commit history
- 48eb7c8 SI-1980 localstack_add_lambda.py fix
v65.0.0
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1207 - SI-1849 - Remove US Jobs
Breaking changes
SI-1849 - Removing US related jobs from PI-CICD
Migration process
- Remove US related jobs from gitlab-ci.yml or files inside .gitlab/
- eg,
DISABLE_JOB_tf_plan_stage_us: 'true'
,tf-apply-prod-us
etc
Commit history
- 34e7415 SI-1849 - Remove US Jobs
v64.4.3
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1208 - Check output file from behave tests
Fixes
- SI-2031 Fixing error with "False positive pipeline for an error before tests and their omissions"
Commit history
- 9b3e745 Check output file from behave tests
v64.4.2
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1197 - SI-1987 Issue with assumerole
Hotfix
- Fix tags on prod-eu-sandbox as per outlined in SI-1987
- Revert tag change on Core Infra, as underlying issue with permissions previously merged in https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1196 was in downstream tf-apply rather than core. Correct fix is now applied in https://gitlab.com/securetrading-gl/st-server-project/core-infrastructure/-/merge_requests/1011
Commit history
- e30696e SI-1987 Issue with assumerole
v64.4.1
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1205 - Hotfix skip js vuln
Hotfix
Fixing issue with
DISABLE_JOB_vuln_check
variable and passing this variable to dependent templates This change applies to all java-script project which are using.gitlab/pipeline/stages/js/fast-tests.yml configuration file.
DISABLE_JOB_vuln_check
hasn't work, because Gitlab rules forvuln-check
job have been overriding by.rules-always
rule mentioned in .fast-tests. Eg.:After changing the order, expected rules for
vuln-check
job have been set.
Commit history
- cd9ce01 Hotfix skip js vuln
v64.4.0
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1203 - SI-1910: JS pipeline image with Python 3.11
New Features
Added support for Python 3.11 in Ubuntu 22.04 JS Docker image.
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1202 - Hotfix - correct pact-bin dir path
Hotfix
Correct directory for
pact/bin
Commit history
- a2b273d SI-1910: JS pipeline image with Python 3.11
- 888d86d Hotfix - correct pact-bin dir path
v64.3.23
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1201 - SI-1701: Update Maven to 3.9.6
Changes
- Updated
maven
to 3.9.6 on the2204
image.
Commit history
- da6a0e6 SI-1701: Update Maven to 3.9.6
v64.3.22
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1198 - SI-1984: Migration from ST/AppMesh to ST/Filtered/AppMesh
Changes
Due to the cost savings, there is a migration from ST/AppMesh to ST/Filtered/AppMesh
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1200 - Fix
Hotfix
Fix tags on prod-eu-sandbox as per outlined in SI-1987
Commit history
- 94df726 SI-1984: Migration from ST/AppMesh to ST/Filtered/AppMesh
- 87543eb Fix
v64.3.20
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1195 - Hotfix k8s cpu mem requests
Fixes
k8s cpu mem requests
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1196 - Hotfix - Core Deployment Permissions
Hotfix
- Patch permissions to ensure Core deployments on review envs use the RW role.
Commit history
- 439ceb5 Hotfix k8s cpu mem requests
- cd0bb0e Hotfix - Core Deployment Permissions
v64.3.18
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1181 - SmartPOS - Gradle Lint Modifications
Changes
- Updated Android lint to allow passing of specific build flavours during the lint instead of all.
Commit history
- 050b082 SmartPOS - Gradle Lint Modifications
v64.3.17
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1193 - Adding tag for smoke-candidate-data-prod-eu
Hotfix
Adding tag for smoke-candidate-data-prod-eu
https://gitlab.com/securetrading-gl/st-server-project/project-infrastructure-cicd/-/merge_requests/1192 - SI-1874 Kubernetes MEM/CPU requests
Changes
SI-1874 Kubernetes MEM/CPU requests
Commit history
- 0245680 SI-1874 Kubernetes MEM/CPU requests
- 54d84af Adding tag for smoke-candidate-data-prod-eu
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.