Merge pull request #261 from cloud-gov/overhaul

ready for prod, removed some prints, left some in, errors redirected …
cloud-gov · Dec 10, 2024 · c859483 · c859483
2 parents 526328f + b4bd252
commit c859483
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 9 deletions.
diff --git a/ci/aws-iam-check-keys/find_stale_keys.py b/ci/aws-iam-check-keys/find_stale_keys.py
@@ -230,7 +230,6 @@ def search_for_keys(region_name: str, profile: dict, all_users: list[Threshold],
         aws_access_key_id=profile["id"],
         aws_secret_access_key=profile["secret"],
     )
-    print(f"about to check: {account}")
     iam = session.client("iam")
     # Generate credential report for the given profile
     # Generating the report is an async operation, so wait for it by sleeping
@@ -250,8 +249,6 @@ def search_for_keys(region_name: str, profile: dict, all_users: list[Threshold],
     row: dict
     for row in csv_reader:
         user_name = row["user"]
-        if user_name == "ephraim.gross":
-            print(f"found ephraim: {row}")
         # Note: If the user is unknown, we aren't capturing it, but could here
         # in an else below
         aws_user = find_known_user(user_name, all_users)
@@ -331,15 +328,13 @@ def send_key(key_dict: dict, severity: str):
 def check_key(key_num: int, last_rotated_key: str, user: Threshold, row: dict, account: str):
     days_since_rotation = calc_days_since_rotation(last_rotated_key)
     user_dict = {"user":row["user"], "key_num": key_num, "user_type": user.account_type, "account": account, "days_since_rotation": days_since_rotation, "last_rotated":last_rotated_key}
+    print(f"user is either being sent or deleted: {user_dict}")
     if days_since_rotation >= user.violation and user.account_type:
-        print(f"about to send user: {user_dict['user']}")
         send_key(user_dict, "violation")
     elif days_since_rotation >= user.warn:
-        print(f"about to send user: {user_dict['user']}")
         send_key(user_dict, "warn")
     else:
-        # print(f"about to send rotated for user: {user}")
-        print(f"about to del user: {user_dict['user']}")
+        print("it was actually deleted")
         del_key(user_dict)
 
 

diff --git a/ci/pipeline.yml b/ci/pipeline.yml
@@ -130,7 +130,7 @@ jobs:
       IAM_KEYS_HOST: ((aws-iam-keys-host))
       IAM_KEYS_PORT: ((aws-iam-keys-port))
       IAM_CREATE_TABLES: ((aws-iam-create-tables-bool))
-      GATEWAY_HOST: prometheus-staging.service.cf.internal
+      GATEWAY_HOST: prometheus.service.cf.internal
       PREFIX_DELIMITER: ((aws-iam-prefix-delimiter))
       WARN_DAYS: ((aws-iam-warn-days))
       VIOLATION_DAYS: ((aws-iam-violation-days))
@@ -141,7 +141,7 @@ jobs:
       text: |
         :x: FAILED to deploy IAM Check Keys on production
         <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME|View build details>
-      channel: "#cg-platform-news"
+      channel: "#cg-platform"
       username: ((slack-username))
       icon_url: ((slack-icon-url))