From 4fe2b39e1d03029932bc2eb7601e02293c7ff639 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Conall=20=C3=93=20Cofaigh?= <ocofaigh@ie.ibm.com>
Date: Wed, 19 Nov 2025 14:44:27 +0000
Subject: [PATCH 1/5] Clean up CI workflow by removing parameters

Removed unused parameters from the CI workflow.
---
 .github/workflows/ci.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 01e1226f..b07599d3 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -10,6 +10,3 @@ jobs:
   call-terraform-ci-pipeline:
     uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.22.4
     secrets: inherit
-    with:
-      craSCCv2: true
-      craConfigYamlFile: "cra-config.yaml"

From 586f3112912a9046b383276739af48d1b824443b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Conall=20=C3=93=20Cofaigh?= <ocofaigh@ie.ibm.com>
Date: Wed, 19 Nov 2025 14:49:54 +0000
Subject: [PATCH 2/5] Update ci.yml

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b07599d3..95b2acb9 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -8,5 +8,5 @@ on:
 
 jobs:
   call-terraform-ci-pipeline:
-    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.22.4
+    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.24.0
     secrets: inherit

From da5c1890304ea84b8021b4953ae6978a2c89952b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Conall=20=C3=93=20Cofaigh?= <ocofaigh@ie.ibm.com>
Date: Wed, 19 Nov 2025 14:50:14 +0000
Subject: [PATCH 3/5] Update common-release workflow version to v1.24.0

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9ed3f5a3..7017d3fe 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,5 +8,5 @@ on:
 
 jobs:
   call-terraform-release-pipeline:
-    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.22.4
+    uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.24.0
     secrets: inherit

From 37e5edae97fefa5bc3666be8638d1fb0178a92c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Conall=20=C3=93=20Cofaigh?= <ocofaigh@ie.ibm.com>
Date: Wed, 19 Nov 2025 14:50:29 +0000
Subject: [PATCH 4/5] Delete cra-config.yaml

---
 cra-config.yaml | 19 -------------------
 1 file changed, 19 deletions(-)
 delete mode 100644 cra-config.yaml

diff --git a/cra-config.yaml b/cra-config.yaml
deleted file mode 100644
index 466f667f..00000000
--- a/cra-config.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
-version: "v1"
-CRA_TARGETS:
-  - CRA_TARGET: "solutions/lsf"
-    CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
-    PROFILE_ID: "48279384-3d29-4089-8259-8ed354774b4a"  # SCC profile ID (currently set to 'CIS IBM Cloud Foundations Benchmark v1.1.0' '1.1.0' profile).
-    CRA_ENVIRONMENT_VARIABLES:
-      TF_VAR_ssh_keys: "[\"geretain-hpc\"]"
-      TF_VAR_remote_allowed_ips: "[\"49.207.216.50\"]"
-      TF_VAR_app_center_gui_password: "Craconfig@12345" #pragma: allowlist secret
-  - CRA_TARGET: "solutions/scale"
-    CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"
-    PROFILE_ID: "48279384-3d29-4089-8259-8ed354774b4a"  # SCC profile ID (currently set to 'CIS IBM Cloud Foundations Benchmark v1.1.0' '1.1.0' profile).
-    CRA_ENVIRONMENT_VARIABLES:
-      TF_VAR_ssh_keys: "[\"geretain-hpc\"]"
-      TF_VAR_remote_allowed_ips: "[\"49.207.216.50\"]"
-      TF_VAR_storage_gui_username: "storagegui"
-      TF_VAR_storage_type: "evaluation"
-      TF_VAR_storage_gui_password: "Stor@ge1234" #pragma: allowlist secret

From ab2eeb2d5c30234cf6ebe35071f1eb5f97e58343 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Conall=20=C3=93=20Cofaigh?= <ocofaigh@ie.ibm.com>
Date: Wed, 19 Nov 2025 14:52:00 +0000
Subject: [PATCH 5/5] Delete cra-tf-validate-ignore-rules.json

---
 cra-tf-validate-ignore-rules.json | 34 -------------------------------
 1 file changed, 34 deletions(-)
 delete mode 100644 cra-tf-validate-ignore-rules.json

diff --git a/cra-tf-validate-ignore-rules.json b/cra-tf-validate-ignore-rules.json
deleted file mode 100644
index 07e5bff3..00000000
--- a/cra-tf-validate-ignore-rules.json
+++ /dev/null
@@ -1,34 +0,0 @@
-{
-    "scc_rules": [
-        {
-            "scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
-            "description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
-            "ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
-            "is_valid": true
-        },
-        {
-            "scc_rule_id": "rule-4d86c074-097e-4ff3-a763-ccff128388e2",
-            "description": "Check whether multifactor authentication (MFA) is enabled at the account level",
-            "ignore_reason": "In order for this rule to pass, multifactor authentication (MFA) is enabled at the account level (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
-            "is_valid": true
-        },
-        {
-            "scc_rule_id": "rule-0704e840-e443-4781-b9be-ec57469d09c1",
-            "description": "Check whether permissions for API key creation are limited and configured in IAM settings for the account owner",
-            "ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
-            "is_valid": true
-        },
-        {
-            "scc_rule_id": "rule-0244c010-fde6-4db3-95aa-8952bd292ac3",
-            "description": "Check whether permissions for service ID creation are limited and configured in IAM settings for the account owner",
-            "ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
-            "is_valid": true
-        },
-        {
-            "scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
-            "description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
-            "ignore_reason": "Need more exploration (tracking in https://github.ibm.com/workload-eng-services/HPCCluster/issues/3422).",
-            "is_valid": true
-        }
-    ]
-}