From f00da84d81834d6e381b7f2ddaa396474a4a599f Mon Sep 17 00:00:00 2001 From: "laurence.barker@dvsa.gov.uk" Date: Fri, 29 Nov 2024 10:17:08 +0000 Subject: [PATCH 1/2] fix: trust policies for PR --- infra/terraform/accounts/nonprod/main.tf | 3 ++- infra/terraform/accounts/prod/main.tf | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/infra/terraform/accounts/nonprod/main.tf b/infra/terraform/accounts/nonprod/main.tf index 49fa96b258..1d332a808b 100644 --- a/infra/terraform/accounts/nonprod/main.tf +++ b/infra/terraform/accounts/nonprod/main.tf @@ -31,7 +31,8 @@ module "account" { github_oidc_subjects = concat( [ "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. - "dvsa/vol-app:environment:account-nonprod", # `.github/workflows/deploy-account.yaml`. + "dvsa/vol-app:environment:account-nonprod", + "dvsa/vol-app:pull_request", # `.github/workflows/deploy-account.yaml`. ], [ for env in local.environments : "dvsa/vol-app:environment:${env}" # `.github/workflows/deploy-environment.yaml` diff --git a/infra/terraform/accounts/prod/main.tf b/infra/terraform/accounts/prod/main.tf index a1a91bf79b..d6eafba2b9 100644 --- a/infra/terraform/accounts/prod/main.tf +++ b/infra/terraform/accounts/prod/main.tf @@ -31,7 +31,8 @@ module "account" { github_oidc_subjects = concat( [ "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. - "dvsa/vol-app:environment:account-prod", # `.github/workflows/deploy-account.yaml`. + "dvsa/vol-app:environment:account-prod", + "dvsa/vol-app:pull_request", # `.github/workflows/deploy-account.yaml`. ], [ for env in local.environments : "dvsa/vol-app:environment:${env}" # `.github/workflows/deploy-environment.yaml` From bc78b17a58cf7a110049d1fce13b05359cd2bd94 Mon Sep 17 00:00:00 2001 From: "laurence.barker@dvsa.gov.uk" Date: Fri, 29 Nov 2024 10:20:36 +0000 Subject: [PATCH 2/2] fix: fmt issues --- infra/terraform/accounts/nonprod/main.tf | 2 +- infra/terraform/accounts/prod/main.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/terraform/accounts/nonprod/main.tf b/infra/terraform/accounts/nonprod/main.tf index 1d332a808b..05387809bb 100644 --- a/infra/terraform/accounts/nonprod/main.tf +++ b/infra/terraform/accounts/nonprod/main.tf @@ -30,7 +30,7 @@ module "account" { github_oidc_subjects = concat( [ - "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. + "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. "dvsa/vol-app:environment:account-nonprod", "dvsa/vol-app:pull_request", # `.github/workflows/deploy-account.yaml`. ], diff --git a/infra/terraform/accounts/prod/main.tf b/infra/terraform/accounts/prod/main.tf index d6eafba2b9..bc00b29227 100644 --- a/infra/terraform/accounts/prod/main.tf +++ b/infra/terraform/accounts/prod/main.tf @@ -30,7 +30,7 @@ module "account" { github_oidc_subjects = concat( [ - "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. + "dvsa/vol-app:ref:refs/heads/main", # `.github/workflows/docker.yaml` & `.github/workflows/assets.yaml`. "dvsa/vol-app:environment:account-prod", "dvsa/vol-app:pull_request", # `.github/workflows/deploy-account.yaml`. ],