From af0fa8075b710bc2fa8a1fb10b0265c393bdb0fb Mon Sep 17 00:00:00 2001
From: aidenvaines-bjss <aiden.vaines@bjss.com>
Date: Tue, 10 Sep 2024 11:20:32 +0100
Subject: [PATCH] CCM-6405 Initial PR remediation

---
 .../scheduled-repository-template-sync.yaml   |  1 +
 nhs-notify-repository-template                |  1 -
 .../config/.repository-template-sync-ignore   |  3 +-
 .../config/vocabularies/words/accept.txt      |  6 +--
 .../examples/python/.tool-versions.example    |  2 -
 scripts/docker/examples/python/Dockerfile     | 33 ------------
 .../examples/python/Dockerfile.effective      | 54 -------------------
 scripts/docker/examples/python/VERSION        |  1 -
 .../examples/python/assets/hello_world/app.py | 12 -----
 .../assets/hello_world/requirements.txt       | 12 -----
 .../docker/examples/python/tests/goss.yaml    |  8 ---
 scripts/terraform/terraform.mk                |  2 -
 12 files changed, 5 insertions(+), 130 deletions(-)
 delete mode 160000 nhs-notify-repository-template
 delete mode 100644 scripts/docker/examples/python/.tool-versions.example
 delete mode 100644 scripts/docker/examples/python/Dockerfile
 delete mode 100644 scripts/docker/examples/python/Dockerfile.effective
 delete mode 100644 scripts/docker/examples/python/VERSION
 delete mode 100644 scripts/docker/examples/python/assets/hello_world/app.py
 delete mode 100644 scripts/docker/examples/python/assets/hello_world/requirements.txt
 delete mode 100644 scripts/docker/examples/python/tests/goss.yaml

diff --git a/.github/workflows/scheduled-repository-template-sync.yaml b/.github/workflows/scheduled-repository-template-sync.yaml
index a227476..aa688da 100644
--- a/.github/workflows/scheduled-repository-template-sync.yaml
+++ b/.github/workflows/scheduled-repository-template-sync.yaml
@@ -28,6 +28,7 @@ jobs:
     - name: Run syncronisation script
       run: |
         ./scripts/githooks/sync-template-repo.sh
+        rm -Rf ./nhs-notify-repository-template
 
     - name: Create Pull Request
       if: ${{ !env.ACT }}
diff --git a/nhs-notify-repository-template b/nhs-notify-repository-template
deleted file mode 160000
index 7887908..0000000
--- a/nhs-notify-repository-template
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 7887908ee63fc9a62f154f98d82f42f8c3c61c45
diff --git a/scripts/config/.repository-template-sync-ignore b/scripts/config/.repository-template-sync-ignore
index 7564f3e..0d9e896 100644
--- a/scripts/config/.repository-template-sync-ignore
+++ b/scripts/config/.repository-template-sync-ignore
@@ -2,6 +2,7 @@
 scripts/config/.repository-template-sync-ignore
 .github/workflows/
 nhs-notify-repository-template/
+*/examples/
 
 # Files and Folders in this repository to ignore
 .vscode/
@@ -13,6 +14,6 @@ VERSION
 # Files and Folders in the template repository to disregard
 .devcontainer/
 .github/workflows/cicd-*.yaml
-*/examples/
 docs/
 infrastructure/terraform/components/
+scripts/config/vale/styles/config/vocabularies/words/
diff --git a/scripts/config/vale/styles/config/vocabularies/words/accept.txt b/scripts/config/vale/styles/config/vocabularies/words/accept.txt
index 3b07d50..b420567 100644
--- a/scripts/config/vale/styles/config/vocabularies/words/accept.txt
+++ b/scripts/config/vale/styles/config/vocabularies/words/accept.txt
@@ -1,14 +1,14 @@
 [A-Z]+s
 Bitwarden
 bot
-Cognito
+config
 Cyber
 Dependabot
 draw.io
 drawio
-endcapture
 endfor
 endraw
+env
 GitHub
 Gitleaks
 Grype
@@ -19,8 +19,6 @@ Octokit
 onboarding
 Podman
 Python
-rawContent
-sed
 Syft
 Terraform
 toolchain
diff --git a/scripts/docker/examples/python/.tool-versions.example b/scripts/docker/examples/python/.tool-versions.example
deleted file mode 100644
index 9209311..0000000
--- a/scripts/docker/examples/python/.tool-versions.example
+++ /dev/null
@@ -1,2 +0,0 @@
-# python, SEE: https://hub.docker.com/_/python/tags
-# docker/python 3.11.4-alpine3.18@sha256:0135ae6442d1269379860b361760ad2cf6ab7c403d21935a8015b48d5bf78a86
diff --git a/scripts/docker/examples/python/Dockerfile b/scripts/docker/examples/python/Dockerfile
deleted file mode 100644
index d0780aa..0000000
--- a/scripts/docker/examples/python/Dockerfile
+++ /dev/null
@@ -1,33 +0,0 @@
-# `*:latest` will be replaced with a corresponding version stored in the '.tool-versions' file
-# hadolint ignore=DL3007
-FROM python:latest as base
-
-# === Builder ==================================================================
-
-FROM base AS builder
-COPY ./assets/hello_world/requirements.txt /requirements.txt
-WORKDIR /packages
-RUN set -eux; \
-    \
-    # Install dependencies
-    pip install \
-        --requirement /requirements.txt \
-        --prefix=/packages \
-        --no-warn-script-location \
-        --no-cache-dir
-
-# === Runtime ==================================================================
-
-FROM base
-ENV \
-    LANG="C.UTF-8" \
-    LC_ALL="C.UTF-8" \
-    PYTHONDONTWRITEBYTECODE="1" \
-    PYTHONUNBUFFERED="1" \
-    TZ="UTC"
-COPY --from=builder /packages /usr/local
-COPY ./assets/hello_world /hello_world
-WORKDIR /hello_world
-USER nobody
-CMD [ "python", "app.py" ]
-EXPOSE 8000
diff --git a/scripts/docker/examples/python/Dockerfile.effective b/scripts/docker/examples/python/Dockerfile.effective
deleted file mode 100644
index 3f1ea6b..0000000
--- a/scripts/docker/examples/python/Dockerfile.effective
+++ /dev/null
@@ -1,54 +0,0 @@
-# `*:latest` will be replaced with a corresponding version stored in the '.tool-versions' file
-FROM python:3.11.4-alpine3.18@sha256:0135ae6442d1269379860b361760ad2cf6ab7c403d21935a8015b48d5bf78a86 as base
-
-# === Builder ==================================================================
-
-FROM base AS builder
-COPY ./assets/hello_world/requirements.txt /requirements.txt
-WORKDIR /packages
-RUN set -eux; \
-    \
-    # Install dependencies
-    pip install \
-        --requirement /requirements.txt \
-        --prefix=/packages \
-        --no-warn-script-location \
-        --no-cache-dir
-
-# === Runtime ==================================================================
-
-FROM base
-ENV \
-    LANG="C.UTF-8" \
-    LC_ALL="C.UTF-8" \
-    PYTHONDONTWRITEBYTECODE="1" \
-    PYTHONUNBUFFERED="1" \
-    TZ="UTC"
-COPY --from=builder /packages /usr/local
-COPY ./assets/hello_world /hello_world
-WORKDIR /hello_world
-USER nobody
-CMD [ "python", "app.py" ]
-EXPOSE 8000
-
-# === Metadata =================================================================
-
-ARG IMAGE
-ARG TITLE
-ARG DESCRIPTION
-ARG LICENCE
-ARG GIT_URL
-ARG GIT_BRANCH
-ARG GIT_COMMIT_HASH
-ARG BUILD_DATE
-ARG BUILD_VERSION
-LABEL \
-    org.opencontainers.image.base.name=$IMAGE \
-    org.opencontainers.image.title="$TITLE" \
-    org.opencontainers.image.description="$DESCRIPTION" \
-    org.opencontainers.image.licenses="$LICENCE" \
-    org.opencontainers.image.url=$GIT_URL \
-    org.opencontainers.image.ref.name=$GIT_BRANCH \
-    org.opencontainers.image.revision=$GIT_COMMIT_HASH \
-    org.opencontainers.image.created=$BUILD_DATE \
-    org.opencontainers.image.version=$BUILD_VERSION
diff --git a/scripts/docker/examples/python/VERSION b/scripts/docker/examples/python/VERSION
deleted file mode 100644
index 8acdd82..0000000
--- a/scripts/docker/examples/python/VERSION
+++ /dev/null
@@ -1 +0,0 @@
-0.0.1
diff --git a/scripts/docker/examples/python/assets/hello_world/app.py b/scripts/docker/examples/python/assets/hello_world/app.py
deleted file mode 100644
index 4844e89..0000000
--- a/scripts/docker/examples/python/assets/hello_world/app.py
+++ /dev/null
@@ -1,12 +0,0 @@
-from flask import Flask
-from flask_wtf.csrf import CSRFProtect
-
-app = Flask(__name__)
-csrf = CSRFProtect()
-csrf.init_app(app)
-
-@app.route("/")
-def index():
-    return "Hello World!"
-
-app.run(host='0.0.0.0', port=8000)
diff --git a/scripts/docker/examples/python/assets/hello_world/requirements.txt b/scripts/docker/examples/python/assets/hello_world/requirements.txt
deleted file mode 100644
index a3611c8..0000000
--- a/scripts/docker/examples/python/assets/hello_world/requirements.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-blinker==1.6.2
-click==8.1.7
-Flask-WTF==1.2.0
-Flask==2.3.3
-itsdangerous==2.1.2
-Jinja2==3.1.4
-MarkupSafe==2.1.3
-pip==23.3
-setuptools==65.5.1
-Werkzeug==3.0.3
-wheel==0.41.1
-WTForms==3.0.1
diff --git a/scripts/docker/examples/python/tests/goss.yaml b/scripts/docker/examples/python/tests/goss.yaml
deleted file mode 100644
index 589db37..0000000
--- a/scripts/docker/examples/python/tests/goss.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-package:
-  python:
-    installed: true
-
-command:
-  pip list | grep -i flask:
-    exit-status: 0
-    timeout: 60000
diff --git a/scripts/terraform/terraform.mk b/scripts/terraform/terraform.mk
index 4a2783a..0db0a88 100644
--- a/scripts/terraform/terraform.mk
+++ b/scripts/terraform/terraform.mk
@@ -59,8 +59,6 @@ terraform-sec: # TFSEC check against Terraform files - optional: terraform_dir|d
 	tfsec infrastructure/terraform \
 		--force-all-dirs \
 		--exclude-downloaded-modules \
-		--tfvars-file infrastructure/terraform/etc/global.tfvars \
-		--tfvars-file infrastructure/terraform/etc/env_eu-west-2_main.tfvars \
 		--config-file scripts/config/tfsec.yml
 
 # ==============================================================================