add jit bot zip for teams

[barha-jit]

Summary by CodeRabbit

• Chores

  • CI runner updated to the latest available Ubuntu image for improved compatibility.

• Improvements

  • Authentication now surfaces a clearer error message on failure.
  • State token issuance now includes an explicit time-to-live to control token lifetime.

• Style

  • Various documentation and example files cleaned up for consistent formatting and trailing-newline handling.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Updated CI runner image and small Terraform/readme formatting fixes; added a TTL field to the state token request and an explicit postcondition error message for JIT auth in the AWS integration automation.

Changes

Cohort / File(s)	Summary
GitHub Actions Configuration /.github/workflows/linter.yml	Runner image changed from ubuntu-20.04 to ubuntu-latest. Workflow steps otherwise unchanged.
Integration core src/integrations/aws_integration_automation/locals.tf, src/integrations/aws_integration_automation/main.tf, src/integrations/aws_integration_automation/variables.tf, src/integrations/aws_integration_automation/versions.tf	locals.tf: added token_ttl = 1440 to state_token_request_body. main.tf: added error_message to the JIT auth data postcondition (status != 200). variables.tf and versions.tf: only formatting/newline adjustments. Review focus: TTL presence and postcondition message.
Examples — Terraform configs src/integrations/aws_integration_automation/examples/*	Multiple example files (organization_integration.tf, terraform.tfvars, variables.tf in aws_organization and single_account): whitespace, trailing-space removal, and newline normalization only. No semantic changes.
Docs src/integrations/aws_integration_automation/README.md	Formatting and line-flow adjustments only (whitespace/blank-line changes). No functional changes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped through code with a tidy little trill,
A TTL added, a message to fill,
The runner refreshed, whitespace made neat,
Small changes, soft paws — the project feels complete. ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'add jit bot zip for teams' does not match the actual changes, which are formatting adjustments, whitespace cleanup, and minor configuration updates (token_ttl addition, error_message in postcondition). The title suggests adding a new bot zip file, but no such file appears in the changeset.	Update the title to reflect the actual changes, such as 'Format and minor configuration updates for AWS integration automation' or 'Add token TTL and improve error handling in AWS integration'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch add-jit-bot-teams-zip

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between aad4f73 and 982c547.

📒 Files selected for processing (11)

• src/integrations/aws_integration_automation/README.md
• src/integrations/aws_integration_automation/examples/aws_organization/organization_integration.tf
• src/integrations/aws_integration_automation/examples/aws_organization/terraform.tfvars
• src/integrations/aws_integration_automation/examples/aws_organization/variables.tf
• src/integrations/aws_integration_automation/examples/single_account/account_integration.tf
• src/integrations/aws_integration_automation/examples/single_account/terraform.tfvars
• src/integrations/aws_integration_automation/examples/single_account/variables.tf
• src/integrations/aws_integration_automation/locals.tf
• src/integrations/aws_integration_automation/main.tf
• src/integrations/aws_integration_automation/variables.tf
• src/integrations/aws_integration_automation/versions.tf

✅ Files skipped from review due to trivial changes (8)

• src/integrations/aws_integration_automation/examples/aws_organization/variables.tf
• src/integrations/aws_integration_automation/variables.tf
• src/integrations/aws_integration_automation/README.md
• src/integrations/aws_integration_automation/examples/aws_organization/organization_integration.tf
• src/integrations/aws_integration_automation/examples/single_account/variables.tf
• src/integrations/aws_integration_automation/examples/aws_organization/terraform.tfvars
• src/integrations/aws_integration_automation/examples/single_account/account_integration.tf
• src/integrations/aws_integration_automation/versions.tf

🔇 Additional comments (6)

src/integrations/aws_integration_automation/examples/single_account/terraform.tfvars (1)

5-5: LGTM! Formatting improvements.

These whitespace adjustments align with standard formatting practices.

Also applies to: 17-17

src/integrations/aws_integration_automation/locals.tf (2)

4-4: LGTM! Formatting improvements.

These whitespace adjustments improve code consistency.

Also applies to: 7-7, 10-10, 16-16, 22-22, 32-32

---

24-31: Verify the token_ttl parameter acceptance and make it configurable.

The token_ttl = 1440 is hardcoded in the state token request body. Three concerns:

1. The JIT API /oauth/state-token endpoint acceptance of token_ttl is not documented in available sources and should be confirmed with JIT support
2. The value 1440 lacks documentation—confirm the unit (assumed to be minutes = 24 hours)
3. This should be a configurable variable (e.g., via var.token_ttl) rather than hardcoded, allowing different integration needs without code changes

src/integrations/aws_integration_automation/main.tf (3)

6-6: LGTM! Formatting improvements.

These whitespace adjustments improve code consistency throughout the file.

Also applies to: 18-18, 23-23, 28-28, 46-46, 51-51, 58-58, 62-62, 69-69, 73-73, 83-83, 87-87, 94-94, 98-98

---

29-34: Excellent addition for better error diagnostics.

The explicit error message in the postcondition will provide clearer feedback when JIT authentication fails, making debugging easier by displaying the actual HTTP status code received.

---

1-103: PR title doesn't match the actual changes.

The PR is titled "add jit bot zip for teams" but the changes shown are related to AWS integration automation (Terraform configs). The actual changes include:

• Adding a token_ttl field to state token requests
• Adding an error message to the authentication postcondition
• Formatting improvements

Please ensure the PR title accurately reflects the changes, or confirm that additional files related to "jit bot zip for teams" exist in this PR but weren't included in the review.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/linter.yml (1)

1-17: PR title/content mismatch: Expected files for "jit bot zip for teams" are missing.

The PR title indicates "add jit bot zip for teams," but this PR only updates the Ubuntu runner version in the linter workflow. No files related to jit bot or teams integration are included. Please verify:

• Is this the correct PR for the intended changes?
• Are files missing from this PR?
• Should the PR title be updated to reflect the actual changes (e.g., "Update linter workflow to use ubuntu-latest")?

🧹 Nitpick comments (1)

.github/workflows/linter.yml (1)

10-10: Consider the trade-offs of using ubuntu-latest.

Switching from ubuntu-20.04 to ubuntu-latest keeps the runner updated automatically but introduces unpredictability since GitHub may change what "latest" points to over time. For linter workflows, this is typically low-risk and acceptable.

If your organization prefers reproducible builds, consider keeping a pinned version like ubuntu-22.04 or ubuntu-24.04.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fe3ebb6 and aad4f73.

⛔ Files ignored due to path filters (1)

• src/integrations/microsoft_teams/jit_bot/jit-teams-bot.zip is excluded by !**/*.zip

📒 Files selected for processing (1)

• .github/workflows/linter.yml