fix: enforce ssl (#2979) #556

Workflow file for this run

.github/workflows/cfn-nag.yml at 635f6d5

	name: CFN Nag

	on:
	workflow_dispatch:
	push:
	paths:
	- "test_infra/**"
	branches:
	- main
	pull_request:
	paths:
	- "test_infra/**"
	branches:
	- main

	permissions:
	contents: read

	env:
	CDK_DEFAULT_ACCOUNT: 111111111111
	CDK_DEFAULT_REGION: us-east-1

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Use Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 16
	- name: Cache Node.js modules
	uses: actions/cache@v4
	with:
	path: ~/.npm
	key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: \|
	${{ runner.OS }}-node-
	${{ runner.OS }}-
	- name: Install CDK
	run: \|
	npm install -g aws-cdk
	cdk --version
	- uses: actions/checkout@v4
	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: 3.11
	- name: Install Requirements
	run: \|
	cd test_infra
	python -m pip install --upgrade pip
	python -m pip install poetry
	poetry env use python
	poetry env info
	source $(poetry env info --path)/bin/activate
	poetry install -vvv
	- name: Set up cdk.json
	run: \|
	cd test_infra
	cat <<EOT >> cdk.context.json
	{
	"availability-zones:account=111111111111:region=us-east-1": [
	"us-east-1a",
	"us-east-1b",
	"us-east-1c",
	"us-east-1d",
	"us-east-1e",
	"us-east-1f"
	]
	}
	EOT
	cat cdk.json \| jq -r '.context.databases.neptune = true' \| jq -r '.context.databases.oracle = true' \| jq -r '.context.databases.sqlserver = true' > overwrite.cdk.json
	rm cdk.json && mv overwrite.cdk.json cdk.json
	- name: CDK Synth
	run: \|
	cd test_infra
	source $(poetry env info --path)/bin/activate
	cdk synth
	- uses: stelligent/cfn_nag@master
	with:
	input_path: test_infra/cdk.out
	extra_args: --ignore-fatal

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: enforce ssl (#2979) #556

Workflow file

fix: enforce ssl (#2979)#556

Jobs

Run details

Workflow file for this run