FY25 Q3 Dependabot Updates

[stdavis]

Benefit

UGRC applications have dependencies that are constantly updating to add new features, improve performance, and patch security issues. Keeping applications current with dependencies improves our security posture and allows for easier future enhancements since the amount of breaking changes is smaller and more trivial.

Acceptance Criteria

Close out the org-wide dependency PRs and merge the pending release pr's

• check terraform drift
• add to github repos in tf?
• Migrate to google v6 terraform provider #460
• Add customer ELCID's to non UGRC projects #463

Notes

Insecure applications using deprecated services

Risks

The deployment breaks the application

Issue Reference

• Dependabot Updates (FY25 Q2) #479

[steveoh]

terraform drift

I took care of 99% of this. I didn't apply every change because I wasn't sure the situation.

• firebase updated it's free tier and the default storage bucket has moved. electrofishing will want this update but i wasn't sure if that was ok or not.
• the gis website had some iam policies and workload federation changes i wasn't ready to apply
• honeycomb is missing a backup and patching entry for the compute engine module
• portal had some compute engine metadata drift i'm not sure about
• roadkill had github federation diffs
• uic has federation and monitoring drift
• vista dev and prod had a lot of drift

I believe we will need to update the github federation as the release action updates have broken some runs. Here is a running list while creating dbot updates

• kitchen sink documentation deployment
• spills prod deployment

[stdavis]

@steveoh I'm going to need your help with honeycomb.

[stdavis]

The roadkill fed diffs can't be handled until this issue is completed.

[steveoh]

FY25Q3 Sprint 1 Notes

• We're down to 4 dependency pr's.
  • I'm working on wri and the api separately.
  • I assume scott's got the roadkill mobile one on his radar and the dabs one is 🤷.
• We've got some release pr's to work through but that should be quick.
• We got most of the terraform drift and will work through the checklist above.
• Scott added a few github repo's to tf 👍🏼.
• We didn't have all the elcids for the cloud resources but scott was able to add one to two projects 👍🏼

[steveoh]

FY25Q3 Sprint 2 Notes

• The last round of dbot updates are in
  • Migrate self service to utah design system components api.mapserv.utah.gov#466
  • agrc/roadkill#355
• all terraform drift has been rectified

We have a few fallout items to resolve with supervisor, uic but we can track those in separate issues.