Merge pull request #1822 from ministryofjustice/MLPAB-2873-remove-egr…

…ess-checker MLPAB-2873 - remove egress checker lambda
ministryofjustice · Mar 4, 2025 · 2949329 · 2949329
2 parents 1d32f7d + acfc20f
commit 2949329
Show file tree

Hide file tree

Showing 13 changed files with 2 additions and 140 deletions.
diff --git a/.github/workflows/docker_job.yml b/.github/workflows/docker_job.yml
@@ -58,11 +58,6 @@ jobs:
             path: ./docker/schedule-runner/Dockerfile
             trivyignores: ./docker/schedule-runner/.trivyignore.yaml
             platforms: linux/amd64
-          - ecr_repository: egress-checker
-            name: egress-checker
-            path: ./docker/egress-checker/Dockerfile
-            trivyignores: ./docker/schedule-runner/.trivyignore.yaml
-            platforms: linux/amd64
 
     runs-on: ubuntu-latest
     name: ${{ matrix.ecr_repository }}

diff --git a/docker/egress-checker/.trivyignore.yaml b/docker/egress-checker/.trivyignore.yaml
diff --git a/docker/egress-checker/Dockerfile b/docker/egress-checker/Dockerfile
diff --git a/terraform/environment/global/iam_egress_checker_lambda_role.tf b/terraform/environment/global/iam_egress_checker_lambda_role.tf
diff --git a/terraform/environment/global/outputs.tf b/terraform/environment/global/outputs.tf
@@ -10,7 +10,6 @@ output "iam_roles" {
     cross_account_put                       = aws_iam_role.cross_account_put,
     fault_injection_simulator               = aws_iam_role.fault_injection_simulator,
     create_s3_batch_replication_jobs_lambda = aws_iam_role.create_s3_batch_replication_jobs_lambda
-    egress_checker_lambda                   = aws_iam_role.egress_checker_lambda
     event_received_lambda                   = aws_iam_role.event_received_lambda
     schedule_runner_lambda                  = aws_iam_role.schedule_runner_lambda
     opensearch_pipeline                     = aws_iam_role.opensearch_pipeline

diff --git a/terraform/environment/region/egress_checker.tf b/terraform/environment/region/egress_checker.tf
diff --git a/terraform/environment/region/modules/egress_checker/main.tf b/terraform/environment/region/modules/egress_checker/main.tf
diff --git a/terraform/environment/region/modules/egress_checker/variables.tf b/terraform/environment/region/modules/egress_checker/variables.tf
diff --git a/terraform/environment/region/modules/egress_checker/versions.tf b/terraform/environment/region/modules/egress_checker/versions.tf
diff --git a/terraform/environment/region/variables.tf b/terraform/environment/region/variables.tf
@@ -6,7 +6,6 @@ variable "iam_roles" {
     cross_account_put                       = any
     fault_injection_simulator               = any
     create_s3_batch_replication_jobs_lambda = any
-    egress_checker_lambda                   = any
     event_received_lambda                   = any
     schedule_runner_scheduler               = any
     schedule_runner_lambda                  = any
@@ -187,21 +186,6 @@ variable "waf_alb_association_enabled" {
   default     = true
 }
 
-variable "egress_checker_repository_url" {
-  type        = string
-  description = "Repository URL for the egress-checker lambda function"
-}
-
-variable "egress_checker_container_version" {
-  type        = string
-  description = "Container version the egress-checker lambda function"
-}
-
-variable "egress_checker_enabled" {
-  type    = bool
-  default = false
-}
-
 variable "ecs_aws_otel_collector_version" {
   type        = string
   description = "semver tag for the public ecr tag of the aws-otel-collector image"

diff --git a/terraform/environment/regions.tf b/terraform/environment/regions.tf
@@ -13,11 +13,6 @@ data "aws_ecr_repository" "mock_pay" {
   provider = aws.management_eu_west_1
 }
 
-data "aws_ecr_repository" "egress_checker" {
-  name     = "egress-checker"
-  provider = aws.management_eu_west_1
-}
-
 data "aws_ecr_image" "mock_onelogin" {
   repository_name = data.aws_ecr_repository.mock_onelogin.name
   image_tag       = "latest"
@@ -38,7 +33,6 @@ module "eu_west_1" {
     cross_account_put                       = module.global.iam_roles.cross_account_put
     fault_injection_simulator               = module.global.iam_roles.fault_injection_simulator
     create_s3_batch_replication_jobs_lambda = module.global.iam_roles.create_s3_batch_replication_jobs_lambda
-    egress_checker_lambda                   = module.global.iam_roles.egress_checker_lambda
     event_received_lambda                   = module.global.iam_roles.event_received_lambda
     schedule_runner_lambda                  = module.global.iam_roles.schedule_runner_lambda
     schedule_runner_scheduler               = module.global.iam_roles.schedule_runner_scheduler
@@ -53,9 +47,6 @@ module "eu_west_1" {
   mock_onelogin_service_container_version = data.aws_ecr_image.mock_onelogin.id
   mock_pay_service_repository_url         = data.aws_ecr_repository.mock_pay.repository_url
   mock_pay_service_container_version      = var.container_version
-  egress_checker_repository_url           = data.aws_ecr_repository.egress_checker.repository_url
-  egress_checker_container_version        = var.container_version
-  egress_checker_enabled                  = local.environment.egress_checker_enabled
   ingress_allow_list_cidr                 = module.allow_list.moj_sites
   alb_deletion_protection_enabled         = local.environment.application_load_balancer.deletion_protection_enabled
   waf_alb_association_enabled             = local.environment.application_load_balancer.waf_alb_association_enabled
@@ -113,7 +104,6 @@ module "eu_west_2" {
     cross_account_put                       = module.global.iam_roles.cross_account_put
     fault_injection_simulator               = module.global.iam_roles.fault_injection_simulator
     create_s3_batch_replication_jobs_lambda = module.global.iam_roles.create_s3_batch_replication_jobs_lambda
-    egress_checker_lambda                   = module.global.iam_roles.egress_checker_lambda
     event_received_lambda                   = module.global.iam_roles.event_received_lambda
     schedule_runner_lambda                  = module.global.iam_roles.schedule_runner_lambda
     schedule_runner_scheduler               = module.global.iam_roles.schedule_runner_scheduler
@@ -128,9 +118,6 @@ module "eu_west_2" {
   mock_onelogin_service_container_version = local.mock_onelogin_version
   mock_pay_service_repository_url         = data.aws_ecr_repository.mock_pay.repository_url
   mock_pay_service_container_version      = var.container_version
-  egress_checker_repository_url           = data.aws_ecr_repository.egress_checker.repository_url
-  egress_checker_container_version        = var.container_version
-  egress_checker_enabled                  = local.environment.egress_checker_enabled
   ingress_allow_list_cidr                 = module.allow_list.moj_sites
   alb_deletion_protection_enabled         = local.environment.application_load_balancer.deletion_protection_enabled
   waf_alb_association_enabled             = local.environment.application_load_balancer.waf_alb_association_enabled

diff --git a/terraform/environment/terraform.tfvars.json b/terraform/environment/terraform.tfvars.json
@@ -27,7 +27,6 @@
             },
             "mock_onelogin_enabled": false,
             "mock_pay_enabled": true,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -117,7 +116,6 @@
             },
             "mock_onelogin_enabled": false,
             "mock_pay_enabled": true,
-            "egress_checker_enabled": true,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -207,7 +205,6 @@
             },
             "mock_onelogin_enabled": true,
             "mock_pay_enabled": false,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -298,7 +295,6 @@
             },
             "mock_onelogin_enabled": true,
             "mock_pay_enabled": true,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -388,7 +384,6 @@
             },
             "mock_onelogin_enabled": true,
             "mock_pay_enabled": true,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -478,7 +473,6 @@
             },
             "mock_onelogin_enabled": false,
             "mock_pay_enabled": false,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://preproduction.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [
@@ -568,7 +562,6 @@
             },
             "mock_onelogin_enabled": false,
             "mock_pay_enabled": false,
-            "egress_checker_enabled": false,
             "uid_service": {
                 "base_url": "https://development.lpa-uid.api.opg.service.justice.gov.uk",
                 "api_arns": [

diff --git a/terraform/environment/variables.tf b/terraform/environment/variables.tf
@@ -56,9 +56,8 @@ variable "environments" {
         fault_injection_experiments_enabled     = bool
         real_user_monitoring_cw_logs_enabled    = bool
       })
-      mock_onelogin_enabled  = bool
-      mock_pay_enabled       = bool
-      egress_checker_enabled = bool
+      mock_onelogin_enabled = bool
+      mock_pay_enabled      = bool
       uid_service = object({
         base_url = string
         api_arns = list(string)