Merge pull request #15797 from CDCgov/josiahsiegel/add/cdctiautomated…

…-env add cdctiautomated env var
CDCgov · Sep 5, 2024 · 851a1da · 851a1da
2 parents 38ee70c + 24cad65
commit 851a1da
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 0 deletions.
diff --git a/.environment/gitleaks/gitleaks-config.toml b/.environment/gitleaks/gitleaks-config.toml
@@ -204,6 +204,7 @@ title = "PRIME ReportStream Gitleaks Configuration"
             'ApiKeyCredential\(\"flexion\"',
             'authType: \"two-legged\"',
             'Authorization-Type: \"username/password\"',
+            'cdctiautomated_sa'
         ]
         paths = [
             '.terraform/modules/',

diff --git a/operations/app/terraform/modules/function_app/locals.tf b/operations/app/terraform/modules/function_app/locals.tf
@@ -18,6 +18,7 @@ locals {
     "RS_OKTA_authkey"  = var.RS_OKTA_authKey
     "RS_OKTA_ClientId" = var.RS_OKTA_clientId
     "ETOR_TI_baseurl"  = var.etor_ti_base_url
+    "cdctiautomated"   = var.cdctiautomated_sa
     # Manage client secrets via a Key Vault
     "CREDENTIAL_STORAGE_METHOD" = "AZURE"
     "CREDENTIAL_KEY_VAULT_NAME" = var.client_config_key_vault_name

diff --git a/operations/app/terraform/modules/function_app/~inputs.tf b/operations/app/terraform/modules/function_app/~inputs.tf
@@ -90,6 +90,9 @@ variable "RS_OKTA_authKey" {}
 variable "RS_OKTA_clientId" {}
 variable "RS_OKTA_scope" {}
 variable "etor_ti_base_url" {}
+variable "cdctiautomated_sa" {
+  default = ""
+}
 
 variable "subnets" {
   description = "A set of all available subnet combinations"

diff --git a/operations/app/terraform/vars/staging/data.tf b/operations/app/terraform/vars/staging/data.tf
@@ -93,4 +93,10 @@ data "azurerm_key_vault_secret" "RS_OKTA_authKey" {
   name         = "functionapp-RS-OKTA-authkey"
   key_vault_id = data.azurerm_key_vault.app_config.id
 
+}
+
+data "azurerm_key_vault_secret" "cdctiautomated_sa" {
+  name         = "functionapp-cdctiautomated"
+  key_vault_id = data.azurerm_key_vault.app_config.id
+
 }
diff --git a/operations/app/terraform/vars/staging/main.tf b/operations/app/terraform/vars/staging/main.tf
@@ -160,6 +160,7 @@ module "function_app" {
   RS_OKTA_clientId                  = data.azurerm_key_vault_secret.RS_OKTA_clientId.value
   RS_OKTA_authKey                   = data.azurerm_key_vault_secret.RS_OKTA_authKey.value
   etor_ti_base_url                  = local.init.etor_ti_base_url
+  cdctiautomated_sa                 = data.azurerm_key_vault_secret.cdctiautomated_sa.value
 }
 
 module "front_door" {