Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(deletion): revoke fxa tokens when deleting accounts #897

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat(deletion): revoke fxa tokens when deleting accounts #897

wants to merge 3 commits into from

Conversation

kschelonka
Copy link
Contributor

@kschelonka kschelonka commented Oct 28, 2024
edited
Loading

This data was deleted before on the Pocket side,
but now it will remove Pocket from integrations
so it no longer shows up on the Mozilla account page.

POCKET-9990

@kschelonka kschelonka requested a review from a team as a code owner October 28, 2024 22:01
@kschelonka kschelonka requested review from marcin-kozinski and removed request for a team October 28, 2024 22:01
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 28, 2024
edited
Loading

Plan Result (account-data-deleter-cdk-production)

CI link

⚠️ Resource Deletion will happen ⚠️

This plan contains resource delete operation. Please check the plan result very carefully!

Plan: 1 to add, 0 to change, 1 to destroy.
  • Replace
    • aws_ecs_task_definition.data-deleter-app_application_ecs_service_ecs-task_243DED07
Change Result (Click me) 
  # aws_ecs_task_definition.data-deleter-app_application_ecs_service_ecs-task_243DED07 must be replaced
-/+ resource "aws_ecs_task_definition" "data-deleter-app_application_ecs_service_ecs-task_243DED07" {
      ~ arn                      = "arn:aws:ecs:us-east-1:996905175585:task-definition/AccountDataDeleter-Prod:842" -> (known after apply)
      ~ arn_without_revision     = "arn:aws:ecs:us-east-1:996905175585:task-definition/AccountDataDeleter-Prod" -> (known after apply)
      ~ container_definitions    = jsonencode(
          ~ [
              ~ {
                    name                   = "app"
                  ~ secrets                = [
                        # (7 unchanged elements hidden)
                        {
                            name      = "EXPORT_SIGNEDURL_USER_SECRET_KEY"
                            valueFrom = "arn:aws:secretsmanager:us-east-1:996905175585:secret:AccountDataDeleter/Prod/EXPORT_USER_CREDS:secretAccessKey::"
                        },
                      + {
                          + name      = "FXA_CLIENT_ID"
                          + valueFrom = "arn:aws:ssm:us-east-1:996905175585:parameter/Web/Prod/FIREFOX_WEB_AUTH_CLIENT_ID"
                        },
                      + {
                          + name      = "FXA_CLIENT_SECRET"
                          + valueFrom = "arn:aws:ssm:us-east-1:996905175585:parameter/Web/Prod/FIREFOX_WEB_AUTH_CLIENT_SECRET"
                        },
                      + {
                          + name      = "FXA_OAUTH_URL"
                          + valueFrom = "arn:aws:ssm:us-east-1:996905175585:parameter/Web/Prod/FIREFOX_AUTH_OAUTH_URL"
                        },
                        {
                            name      = "SENTRY_DSN"
                            valueFrom = "arn:aws:ssm:us-east-1:996905175585:parameter/AccountDataDeleter/Prod/SENTRY_DSN"
                        },
                        # (3 unchanged elements hidden)
                    ]
                    # (10 unchanged attributes hidden)
                },
            ] # forces replacement
        )
      ~ id                       = "AccountDataDeleter-Prod" -> (known after apply)
      ~ revision                 = 842 -> (known after apply)
        tags                     = {
            "app_code"       = "pocket"
            "component_code" = "pocket-accountdatadeleter"
            "costCenter"     = "Pocket"
            "env_code"       = "prod"
            "environment"    = "Prod"
            "owner"          = "Pocket"
            "service"        = "AccountDataDeleter"
        }
        # (12 unchanged attributes hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Changes to Outputs:
  ~ ecs-task-arn                                                                              = "arn:aws:ecs:us-east-1:996905175585:task-definition/AccountDataDeleter-Prod:842" -> (known after apply)

@kschelonka
feat(deletion): revoke fxa tokens when deleting accounts
d12d2be 
This data was deleted before on the Pocket side,
but now it will remove Pocket from integrations
on the Mozilla account page.

[POCKET-9990]
@kschelonka
fix(test): add reference to user_firefox_account for test seeds
3fbc60d
@kschelonka
chore: lint
df3c0ee
@kschelonka kschelonka enabled auto-merge (squash) November 4, 2024 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bassrock bassrock bassrock approved these changes

@marcin-kozinski marcin-kozinski Awaiting requested review from marcin-kozinski marcin-kozinski is a code owner automatically assigned from Pocket/pocket

Assignees
No one assigned
Labels
account-data-deleter-cdk-production/destroy
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kschelonka @bassrock