From 329d5ba6d5fe5db774721aa4d3d5b0584b25ec30 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 10 Jan 2023 11:11:26 -0500 Subject: [PATCH 1/3] Remove unnecessary ami_block_device_mappings block One only needs to specify ami_block_mappings_block to add additional volumes when the AMI launches that are not present when the instance on which the AMI is built is launched: https://developer.hashicorp.com/packer/plugins/builders/amazon/ebs#ami-block-device-mappings-example I suppose another use might be if you want the root disk when the AMI is launched to be different than it is when the instance on which the AMI is being built is launched, but that doesn't apply here either. It is certainly the case that there is no need to configure the same root volume in the same way in both the launch_block_device_mappings and ami_block_device_mappings blocks. --- src/packer.pkr.hcl | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/packer.pkr.hcl b/src/packer.pkr.hcl index d3727ca..8a64d4e 100644 --- a/src/packer.pkr.hcl +++ b/src/packer.pkr.hcl @@ -60,13 +60,6 @@ data "amazon-ami" "debian_bullseye" { locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") } source "amazon-ebs" "example" { - ami_block_device_mappings { - delete_on_termination = true - device_name = "/dev/xvda" - encrypted = true - volume_size = 8 - volume_type = "gp3" - } ami_name = "example-hvm-${local.timestamp}-x86_64-ebs" ami_regions = var.ami_regions associate_public_ip_address = true From 786d60ba1354e4e9caa8b36cdb978519f7f2d246 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 31 Jan 2023 13:06:42 -0500 Subject: [PATCH 2/3] Update pre-commit hooks Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook is intentionally held back to be updated independently to v6. --- .pre-commit-config.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b5dce48..b4e2017 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,7 +5,7 @@ default_language_version: repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.3.0 + rev: v4.4.0 hooks: - id: check-case-conflict - id: check-executables-have-shebangs @@ -31,7 +31,7 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.32.2 + rev: v0.33.0 hooks: - id: markdownlint args: @@ -41,7 +41,7 @@ repos: hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.28.0 + rev: v1.29.0 hooks: - id: yamllint args: @@ -49,14 +49,14 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.18.4 + rev: 0.21.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v2.20.0 + rev: v3.0.2 hooks: - id: validate_manifest @@ -98,25 +98,25 @@ repos: name: bandit (everything else) exclude: tests - repo: https://github.com/psf/black - rev: 22.10.0 + rev: 22.12.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 - rev: 5.0.4 + rev: 6.0.0 hooks: - id: flake8 additional_dependencies: - flake8-docstrings - repo: https://github.com/PyCQA/isort - rev: 5.10.1 + rev: 5.12.0 hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.990 + rev: v0.991 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.2.0 + rev: v3.3.1 hooks: - id: pyupgrade @@ -129,7 +129,7 @@ repos: # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.76.0 + rev: v1.77.0 hooks: - id: terraform_fmt - id: terraform_validate From 2177d707b73bd777a3d311630a48512d3aef7401 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 2 Feb 2023 13:56:59 -0500 Subject: [PATCH 3/3] Add a security label --- .github/labels.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/labels.yml b/.github/labels.yml index 27f1220..5d1e6d5 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -53,6 +53,9 @@ - color: "ef476c" description: This issue is a request for information or needs discussion name: question +- color: "d73a4a" + description: This issue or pull request addresses a security issue + name: security - color: "7b42bc" description: Pull requests that update Terraform code name: terraform