From 29b996b8f1e9bb5c6afa48f93e8c5c284671555c Mon Sep 17 00:00:00 2001 From: Josiah Siegel Date: Thu, 5 Sep 2024 14:05:09 -0400 Subject: [PATCH] add cdctiautomated env var --- .environment/gitleaks/gitleaks-config.toml | 1 + operations/app/terraform/modules/function_app/locals.tf | 1 + operations/app/terraform/modules/function_app/~inputs.tf | 3 +++ operations/app/terraform/vars/staging/data.tf | 6 ++++++ operations/app/terraform/vars/staging/main.tf | 1 + 5 files changed, 12 insertions(+) diff --git a/.environment/gitleaks/gitleaks-config.toml b/.environment/gitleaks/gitleaks-config.toml index 469d0793cd8..d95d877f4b8 100644 --- a/.environment/gitleaks/gitleaks-config.toml +++ b/.environment/gitleaks/gitleaks-config.toml @@ -204,6 +204,7 @@ title = "PRIME ReportStream Gitleaks Configuration" 'ApiKeyCredential\(\"flexion\"', 'authType: \"two-legged\"', 'Authorization-Type: \"username/password\"', + 'cdctiautomated_sa' ] paths = [ '.terraform/modules/', diff --git a/operations/app/terraform/modules/function_app/locals.tf b/operations/app/terraform/modules/function_app/locals.tf index 5af78ff0c91..15daeed6e3f 100644 --- a/operations/app/terraform/modules/function_app/locals.tf +++ b/operations/app/terraform/modules/function_app/locals.tf @@ -18,6 +18,7 @@ locals { "RS_OKTA_authkey" = var.RS_OKTA_authKey "RS_OKTA_ClientId" = var.RS_OKTA_clientId "ETOR_TI_baseurl" = var.etor_ti_base_url + "cdctiautomated" = var.cdctiautomated_sa # Manage client secrets via a Key Vault "CREDENTIAL_STORAGE_METHOD" = "AZURE" "CREDENTIAL_KEY_VAULT_NAME" = var.client_config_key_vault_name diff --git a/operations/app/terraform/modules/function_app/~inputs.tf b/operations/app/terraform/modules/function_app/~inputs.tf index 1bf2cb032d1..5b20d635fb5 100644 --- a/operations/app/terraform/modules/function_app/~inputs.tf +++ b/operations/app/terraform/modules/function_app/~inputs.tf @@ -90,6 +90,9 @@ variable "RS_OKTA_authKey" {} variable "RS_OKTA_clientId" {} variable "RS_OKTA_scope" {} variable "etor_ti_base_url" {} +variable "cdctiautomated_sa" { + default = "" +} variable "subnets" { description = "A set of all available subnet combinations" diff --git a/operations/app/terraform/vars/staging/data.tf b/operations/app/terraform/vars/staging/data.tf index 3643807284b..d66b8220718 100644 --- a/operations/app/terraform/vars/staging/data.tf +++ b/operations/app/terraform/vars/staging/data.tf @@ -93,4 +93,10 @@ data "azurerm_key_vault_secret" "RS_OKTA_authKey" { name = "functionapp-RS-OKTA-authkey" key_vault_id = data.azurerm_key_vault.app_config.id +} + +data "azurerm_key_vault_secret" "cdctiautomated_sa" { + name = "functionapp-cdctiautomated" + key_vault_id = data.azurerm_key_vault.app_config.id + } \ No newline at end of file diff --git a/operations/app/terraform/vars/staging/main.tf b/operations/app/terraform/vars/staging/main.tf index 5ad91c3e3ad..2ba317c6fc0 100644 --- a/operations/app/terraform/vars/staging/main.tf +++ b/operations/app/terraform/vars/staging/main.tf @@ -160,6 +160,7 @@ module "function_app" { RS_OKTA_clientId = data.azurerm_key_vault_secret.RS_OKTA_clientId.value RS_OKTA_authKey = data.azurerm_key_vault_secret.RS_OKTA_authKey.value etor_ti_base_url = local.init.etor_ti_base_url + cdctiautomated_sa = data.azurerm_key_vault_secret.cdctiautomated_sa.value } module "front_door" {