diff --git a/.github/workflows/deployDev.yml b/.github/workflows/deployDev.yml index 6e7ead8214..8435154bce 100644 --- a/.github/workflows/deployDev.yml +++ b/.github/workflows/deployDev.yml @@ -16,7 +16,6 @@ on: - dev4 - dev5 - dev6 - - dev7 - pentest env: diff --git a/.github/workflows/liquibaseClearChecksums.yml b/.github/workflows/liquibaseClearChecksums.yml index 735e0668d9..d580315bd0 100644 --- a/.github/workflows/liquibaseClearChecksums.yml +++ b/.github/workflows/liquibaseClearChecksums.yml @@ -11,7 +11,7 @@ on: description: The environment of the database. required: true type: choice - options: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod] + options: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod] default: dev action: description: The liquibase action to run. diff --git a/.github/workflows/liquibaseRollback.yml b/.github/workflows/liquibaseRollback.yml index a4ca30f422..5d9fbbe111 100644 --- a/.github/workflows/liquibaseRollback.yml +++ b/.github/workflows/liquibaseRollback.yml @@ -11,7 +11,7 @@ on: description: The environment of the database. required: true type: choice - options: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod] + options: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod] default: dev action: description: The liquibase action to run. diff --git a/.github/workflows/liquibaseValidate.yml b/.github/workflows/liquibaseValidate.yml index 11ff68d8b0..b312d4108d 100644 --- a/.github/workflows/liquibaseValidate.yml +++ b/.github/workflows/liquibaseValidate.yml @@ -11,7 +11,7 @@ on: description: The environment of the database. required: true type: choice - options: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod] + options: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod] default: dev action: description: The liquibase action to run. diff --git a/.github/workflows/slotSwapDevAPI.yml b/.github/workflows/slotSwapDevAPI.yml index ee62502761..9199e6c013 100644 --- a/.github/workflows/slotSwapDevAPI.yml +++ b/.github/workflows/slotSwapDevAPI.yml @@ -15,7 +15,6 @@ on: - dev4 - dev5 - dev6 - - dev7 - pentest env: diff --git a/.github/workflows/terraformChecks.yml b/.github/workflows/terraformChecks.yml index 09d341fbe4..a013a989de 100644 --- a/.github/workflows/terraformChecks.yml +++ b/.github/workflows/terraformChecks.yml @@ -29,7 +29,7 @@ jobs: env: TERRAFORM_DIRS: | dev dev/persistent dev2 dev2/persistent dev3 dev3/persistent dev4 dev4/persistent - dev5 dev5/persistent dev6 dev6/persistent dev7 dev7/persistent + dev5 dev5/persistent dev6 dev6/persistent test test/persistent demo demo/persistent training training/persistent stg stg/persistent pentest pentest/persistent prod prod/persistent global diff --git a/.github/workflows/terraformPlan.yml b/.github/workflows/terraformPlan.yml index fbe8805fb6..91f0425dc1 100644 --- a/.github/workflows/terraformPlan.yml +++ b/.github/workflows/terraformPlan.yml @@ -15,7 +15,6 @@ on: - dev4 - dev5 - dev6 - - dev7 - pentest - test - demo @@ -41,7 +40,7 @@ jobs: - id: set_matrix run: | if [[ "${{ inputs.env }}" == "all_environments" ]]; then - matrix=[{\"env\":\"dev\"},{\"env\":\"dev2\"},{\"env\":\"dev3\"},{\"env\":\"dev4\"},{\"env\":\"dev5\"},{\"env\":\"dev6\"},{\"env\":\"dev7\"},{\"env\":\"pentest\"},{\"env\":\"test\"},{\"env\":\"demo\"},{\"env\":\"training\"},{\"env\":\"stg\"},{\"env\":\"prod\"}] + matrix=[{\"env\":\"dev\"},{\"env\":\"dev2\"},{\"env\":\"dev3\"},{\"env\":\"dev4\"},{\"env\":\"dev5\"},{\"env\":\"dev6\"},{\"env\":\"pentest\"},{\"env\":\"test\"},{\"env\":\"demo\"},{\"env\":\"training\"},{\"env\":\"stg\"},{\"env\":\"prod\"}] else matrix=[{\"env\":\"${{ inputs.env }}\"}] fi diff --git a/backend/src/main/resources/application-azure-dev7.yaml b/backend/src/main/resources/application-azure-dev7.yaml deleted file mode 100644 index 61eee2a57f..0000000000 --- a/backend/src/main/resources/application-azure-dev7.yaml +++ /dev/null @@ -1,17 +0,0 @@ -simple-report: - azure-reporting-queue: - enabled: true - fhir-queue-enabled: true - exception-webhook-enabled: true - patient-link-url: https://dev7.simplereport.gov/app/pxp?plid= - twilio-callback-url: https://dev7.simplereport.gov/api/pxp/callback - sendgrid: - enabled: false - cors: - allowed-origins: - - https://simplereportdev7app.z13.web.core.windows.net - - https://simple-report-api-dev7.azurewebsites.net - - https://simple-report-dev7.azureedge.net - - https://dev7.simplereport.gov -twilio: - enabled: true diff --git a/backend/src/main/resources/application-okta-dev7.yaml b/backend/src/main/resources/application-okta-dev7.yaml deleted file mode 100644 index 575fc7d28e..0000000000 --- a/backend/src/main/resources/application-okta-dev7.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# Bean profile to be included in deployment-specific profiles -# for DEV/TEST deployments. -okta: - oauth2: - client-id: 0oa5uvpmofBA83yGZ1d7 - issuer: https://hhs-prime.oktapreview.com/oauth2/default - client: - org-url: https://hhs-prime.oktapreview.com -simple-report: - authorization: - role-claim: dev7_roles - environment-name: "DEV7" diff --git a/backend/src/main/resources/application.yaml b/backend/src/main/resources/application.yaml index 8f792d8cc0..7b4d985065 100644 --- a/backend/src/main/resources/application.yaml +++ b/backend/src/main/resources/application.yaml @@ -11,7 +11,6 @@ spring: azure-dev4: okta-dev4, server-debug azure-dev5: okta-dev5, server-debug azure-dev6: okta-dev6, server-debug - azure-dev7: okta-dev7, server-debug azure-pentest: okta-pentest azure-training: no-security, no-okta-mgmt, create-sample-data, no-okta-auth azure-test: okta-test, server-debug diff --git a/ops/Makefile b/ops/Makefile index 523a9e2361..b61e5d1ce4 100644 --- a/ops/Makefile +++ b/ops/Makefile @@ -34,7 +34,7 @@ default: # Internal target: check if the passed-in wildcard is a known environment name. Hard-coding them because let's be real here. .valid-env-%: - @case $* in test|dev|dev2|dev3|dev4|dev5|dev6|dev7|demo|training|pentest|stg|prod) ;; *) echo "$* is not a valid environment"; exit 1;; esac + @case $* in test|dev|dev2|dev3|dev4|dev5|dev6|demo|training|pentest|stg|prod) ;; *) echo "$* is not a valid environment"; exit 1;; esac api.tfvars: /dev/null echo "acr_image_tag=\"$(DEPLOYED_COMMIT)\"" > $@; \ @@ -68,7 +68,7 @@ deploy-%: .valid-env-% api.tfvars terraform -chdir=$* apply -auto-approve -var-file=../api.tfvars -lock-timeout=30m promote-%: .be-logged-in .valid-env-% - @case $* in dev2|dev3|dev4|dev5|dev6|dev7) az webapp deployment slot swap -g prime-simple-report-dev -n $(API_NAME) --slot $(SOURCE_SLOT) --target-slot $(TARGET_SLOT) ;; *) az webapp deployment slot swap -g prime-simple-report-$* -n $(API_NAME) --slot $(SOURCE_SLOT) --target-slot $(TARGET_SLOT) ;; esac + @case $* in dev2|dev3|dev4|dev5|dev6) az webapp deployment slot swap -g prime-simple-report-dev -n $(API_NAME) --slot $(SOURCE_SLOT) --target-slot $(TARGET_SLOT) ;; *) az webapp deployment slot swap -g prime-simple-report-$* -n $(API_NAME) --slot $(SOURCE_SLOT) --target-slot $(TARGET_SLOT) ;; esac wait-for-%-slot-commit: .valid-env-% @echo "Starting wait for commit $(DEPLOYED_COMMIT) in $(SOURCE_SLOT) slot of $* at `date`" diff --git a/ops/dev7/.terraform.lock.hcl b/ops/dev7/.terraform.lock.hcl deleted file mode 100644 index c387ba1ea7..0000000000 --- a/ops/dev7/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.71.0" - constraints = "~> 3.55" - hashes = [ - "h1:QI0iaPNi0qAOIbXptd4ZObi0D5X1jojom5774GtEspA=", - "zh:06f0d225b1711dfad256ff33134f878acc8f84624d9da66b075b075cc4d75892", - "zh:09ff74056818babe02ea5a633bffe2b8223eaf79916dc1db169651ef7725c22f", - "zh:27687e0f8458e6d88ebea94352eb523f56e8f5cdc468268af8f38dc4a4265bf4", - "zh:2d81bfab3c6a9b897fa8fbb5256c9e5a944e6ecbf7f73a2a3e2b53a2c4fbcfc5", - "zh:4cfc744cfc37aeeeecd82800c70e2591b38447af9e3c51bcbf06a5efe842ed65", - "zh:734fbb81508b264f772a076338ddf1c7b25534d2007a1738a7d55587478ed258", - "zh:9a5502c364f58073599fff8cdd8adc32e7f7bcd00a4d9b57d2fff678fd8a8319", - "zh:9bc528f7e78dbfd106f94b741b68dedd3dd3d31c3defcddcc1972c8e52a6b7db", - "zh:c30db03d877f9a7ae0c19d3fd338bbf95cdddbf6df1023709dbfa99689abac14", - "zh:c51d4065145b8f4ca45fc9a0f3ca7f2d933bc0302af2eead74f3ce64a9221ae8", - "zh:e23029fc7f81723795d7da770131adb1ce6f4d32f0a57eb75d47e036a0a19833", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} diff --git a/ops/dev7/_config.tf b/ops/dev7/_config.tf deleted file mode 100644 index 6db61dae90..0000000000 --- a/ops/dev7/_config.tf +++ /dev/null @@ -1,20 +0,0 @@ -terraform { - backend "azurerm" { - resource_group_name = "prime-simple-report-test" - storage_account_name = "usdssimplereportglobal" - container_name = "sr-tfstate" - key = "dev7/terraform.tfstate" - } - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "~> 3.55" - } - } - required_version = "~> 1.3.3" -} - -provider "azurerm" { - features {} - skip_provider_registration = true -} diff --git a/ops/dev7/_data.tf b/ops/dev7/_data.tf deleted file mode 100644 index c8f62fe26c..0000000000 --- a/ops/dev7/_data.tf +++ /dev/null @@ -1,237 +0,0 @@ -# external state -data "terraform_remote_state" "persistent_dev7" { - backend = "azurerm" - config = { - resource_group_name = "prime-simple-report-test" - storage_account_name = "usdssimplereportglobal" - container_name = "sr-tfstate" - key = "dev7/persistent-terraform.tfstate" - } -} - -data "terraform_remote_state" "global" { - backend = "azurerm" - config = { - resource_group_name = "prime-simple-report-test" - storage_account_name = "usdssimplereportglobal" - container_name = "sr-tfstate" - key = "global/terraform.tfstate" - } -} - -# Resource Groups -data "azurerm_resource_group" "rg" { - # Environments are assembled into shared resource groups by environment level. - name = "${local.project}-${local.name}-${local.env_level}" -} - -data "azurerm_resource_group" "rg_global" { - name = "${local.project}-${local.name}-management" -} - -data "azurerm_resource_group" "rg_prod" { - name = "${local.project}-${local.name}-prod" -} - -data "azurerm_client_config" "current" {} - -# Network -data "azurerm_virtual_network" "dev7" { - name = "simple-report-${local.env}-network" - resource_group_name = data.azurerm_resource_group.rg.name -} - -# Secrets -data "azurerm_key_vault" "sr_global" { - name = "simple-report-global" - resource_group_name = data.azurerm_resource_group.rg_global.name -} - -data "azurerm_key_vault_secret" "sr_dev7_db_jdbc" { - name = "simple-report-${local.env}-db-jdbc" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "metabase_db_uri" { - name = "simple-report-${local.env}-db-metabase-uri" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "postgres_user" { - name = "simple-report-${local.env}-db-username" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "postgres_password" { - name = "simple-report-${local.env}-db-password" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "postgres_nophi_user" { - name = "simple-report-${local.env}-db-username-no-phi" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "postgres_nophi_password" { - name = "simple-report-${local.env}-db-password-no-phi" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "okta_api_key" { - name = "okta-api-key" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "okta_api_key_nonprod" { - name = "okta-api-key-nonprod" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "okta_client_id" { - key_vault_id = data.azurerm_key_vault.sr_global.id - name = "okta-${local.env}-client-id" -} - -data "azurerm_key_vault_secret" "okta_client_secret" { - key_vault_id = data.azurerm_key_vault.sr_global.id - name = "okta-${local.env}-client-secret" -} - -data "azurerm_key_vault_secret" "twilio_account_sid" { - name = "twilio-account-sid" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "twilio_auth_token" { - name = "twilio-auth-token" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "twilio_messaging_sid" { - name = "twilio-messaging-sid" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "sendgrid_api_key" { - name = "sendgrid-dev-api-key" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "smarty_auth_id" { - name = "smarty-auth-id" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "smarty_auth_token" { - name = "smarty-auth-token" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_token_endpoint" { - name = "experian-token-endpoint-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_initial_request_endpoint" { - name = "experian-initial-request-endpoint-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_domain" { - name = "experian-domain-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_client_id" { - name = "experian-client-id-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_client_secret" { - name = "experian-client-secret-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_crosscore_subscriber_subcode" { - name = "experian-crosscore-subscriber-subcode-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_crosscore_username" { - name = "experian-crosscore-username-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_crosscore_password" { - name = "experian-crosscore-password-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_preciseid_tenant_id" { - name = "experian-preciseid-tenant-id-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_preciseid_client_reference_id" { - name = "experian-preciseid-client-reference-id-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_preciseid_username" { - name = "experian-preciseid-username-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "experian_preciseid_password" { - name = "experian-preciseid-password-dev" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "report_stream_exception_callback_token" { - name = "report-stream-exception-callback-test" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -# logs -data "azurerm_log_analytics_workspace" "log_analytics" { - name = "simple-report-log-workspace-global" - resource_group_name = data.azurerm_resource_group.rg_global.name -} - -data "azurerm_application_insights" "app_insights" { - name = "prime-simple-report-${local.env}-insights" - resource_group_name = data.azurerm_resource_group.rg.name -} - -data "azurerm_storage_account" "app" { - name = "simplereport${local.env}app" - resource_group_name = data.azurerm_resource_group.rg.name - depends_on = [ - azurerm_storage_account.app - ] -} - -data "azurerm_key_vault_secret" "db_password_no_phi" { - name = "simple-report-${local.env}-db-password-no-phi" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "datahub_api_key" { - name = "datahub-api-key-test" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "datahub_fhir_key" { - name = "datahub-fhir-key-test" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "datahub_url" { - name = "datahub-url-test" - key_vault_id = data.azurerm_key_vault.sr_global.id -} - -data "azurerm_key_vault_secret" "datahub_signing_key" { - name = "datahub-signing-key-test" - key_vault_id = data.azurerm_key_vault.sr_global.id -} diff --git a/ops/dev7/_var.tf b/ops/dev7/_var.tf deleted file mode 100644 index cfe65be862..0000000000 --- a/ops/dev7/_var.tf +++ /dev/null @@ -1,46 +0,0 @@ -variable "acr_image_tag" { - description = "Simple report Api ACR tag to deploy" - type = string -} - -variable "deploy_timestamp" { - description = "The current date and time" - type = string - default = "" -} - -variable "deploy_tag" { - description = "The branch or tag that we are deploying" - type = string - default = "" -} - -variable "deploy_workflow" { - description = "The name of the workflow performing the deploy" - type = string - default = "N/A" -} - -variable "deploy_runnumber" { - description = "The run number of the deploy workflow" - type = number - default = -1 -} - -variable "deploy_actor" { - description = "The ID of the person performing the release" - type = string - default = "" -} - -variable "liquibase_rollback_tag" { - description = "If defined, attempt to roll DB back to this tag" - type = string - default = null -} - -variable "image_action" { - description = "The liquibase action to perform" - type = string - default = null -} diff --git a/ops/dev7/alerts.tf b/ops/dev7/alerts.tf deleted file mode 100644 index a3b06909ec..0000000000 --- a/ops/dev7/alerts.tf +++ /dev/null @@ -1,37 +0,0 @@ -module "metric_alerts" { - source = "../services/alerts/app_service_metrics" - env = local.env - app_insights_id = data.azurerm_application_insights.app_insights.id - service_plan_id = module.simple_report_api.service_plan_id - app_service_id = module.simple_report_api.app_service_id - rg_name = data.azurerm_resource_group.rg.name - tags = local.management_tags - http_response_time_aggregation = "Minimum" - disabled_alerts = [ - "cpu_util", - "mem_util", - "http_2xx_failed_requests", - "http_4xx_errors", - "http_401_410_errors", - "http_5xx_errors", - "first_error_in_a_week", - "account_request_failures", - "experian_auth_failures", - "frontend_error_boundary", - "db_query_duration_over_time_window", - "db_connection_exhaustion", - "batched_uploader_single_failure_detected", - "batched_uploader_function_not_triggering", - "fhir_batched_uploader_single_failure_detected", - "fhir_batched_uploader_function_not_triggering", - "function_app_memory_alert", - "fhir_function_app_duration_alert" - ] - - action_group_ids = [ - data.terraform_remote_state.global.outputs.pagerduty_non_prod_action_id - ] - function_id = module.report_stream_reporting_functions.azurerm_linux_function_app_id - - database_id = data.terraform_remote_state.persistent_dev7.outputs.postgres_server_id -} diff --git a/ops/dev7/api.tf b/ops/dev7/api.tf deleted file mode 100644 index b6ffc6d2e2..0000000000 --- a/ops/dev7/api.tf +++ /dev/null @@ -1,79 +0,0 @@ -module "simple_report_api" { - source = "../services/app_service" - name = "${local.name}-api" - env = local.env - env_index = 7 - - instance_count = 1 - - resource_group_location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - - webapp_subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_webapp_id - lb_subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_lbs_id - - docker_image = "simplereportacr.azurecr.io/api/simple-report-api-build" - docker_image_tag = var.acr_image_tag - - key_vault_id = data.azurerm_key_vault.sr_global.id - tenant_id = data.azurerm_client_config.current.tenant_id - https_only = true - - deploy_info = { - env = "dev7", - time = var.deploy_timestamp, - tag = var.deploy_tag, - workflow_name = var.deploy_workflow, - workflow_run = var.deploy_runnumber, - by = var.deploy_actor - } - - app_settings = { - SPRING_PROFILES_ACTIVE = "azure-dev7" - SPRING_DATASOURCE_SIMPLEREPORT_HIKARI_JDBCURL = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.sr_dev7_db_jdbc.id})" - SPRING_DATASOURCE_METABASE_HIKARI_JDBCURL = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.metabase_db_uri.id})" - DB_PASSWORD_NO_PHI = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.db_password_no_phi.id})" - APPLICATIONINSIGHTS_CONNECTION_STRING = data.azurerm_application_insights.app_insights.connection_string - AZ_REPORTING_QUEUE_CXN_STRING = data.azurerm_storage_account.app.primary_connection_string - OKTA_OAUTH2_CLIENT_SECRET = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.okta_client_secret.id})" - OKTA_API_KEY = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.okta_api_key_nonprod.id})" - TWILIO_ACCOUNT_SID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.twilio_account_sid.id})" - TWILIO_AUTH_TOKEN = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.twilio_auth_token.id})" - TWILIO_MESSAGING_SID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.twilio_messaging_sid.id})" - SIMPLE_REPORT_SENDGRID_API_KEY = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.sendgrid_api_key.id})" - SMARTY_AUTH_ID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.smarty_auth_id.id})" - SMARTY_AUTH_TOKEN = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.smarty_auth_token.id})" - EXPERIAN_TOKEN_ENDPOINT = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_token_endpoint.id})" - EXPERIAN_INITIAL_REQUEST_ENDPOINT = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_initial_request_endpoint.id})" - EXPERIAN_DOMAIN = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_domain.id})" - EXPERIAN_CLIENT_ID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_client_id.id})" - EXPERIAN_CLIENT_SECRET = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_client_secret.id})" - EXPERIAN_CC_SUBSCRIBER_SUBCODE = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_crosscore_subscriber_subcode.id})" - EXPERIAN_CC_USERNAME = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_crosscore_username.id})" - EXPERIAN_CC_PASSWORD = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_crosscore_password.id})" - EXPERIAN_PID_TENANT_ID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_preciseid_tenant_id.id})" - EXPERIAN_PID_CLIENT_REFERENCE_ID = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_preciseid_client_reference_id.id})" - EXPERIAN_PID_USERNAME = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_preciseid_username.id})" - EXPERIAN_PID_PASSWORD = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.experian_preciseid_password.id})" - RS_QUEUE_CALLBACK_TOKEN = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.report_stream_exception_callback_token.id})" - DATAHUB_URL = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.datahub_url.id})" - DATAHUB_API_KEY = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.datahub_api_key.id})" - DATAHUB_FHIR_KEY = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.datahub_fhir_key.id})" - DATAHUB_SIGNING_KEY = "@Microsoft.KeyVault(SecretUri=${data.azurerm_key_vault_secret.datahub_signing_key.id})" - # true by default: can be disabled quickly here - # SPRING_LIQUIBASE_ENABLED = "true" - # this shadows (and overrides) an identical declaration in application.yaml - # SPRING_JPA_PROPERTIES_HIBERNATE_DEFAULT_SCHEMA = "public" - } -} - -module "report_stream_reporting_functions" { - source = "../services/app_functions/report_stream_batched_publisher/infra" - environment = local.env - env_level = local.env_level - tenant_id = data.azurerm_client_config.current.tenant_id - lb_subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_lbs_id - depends_on = [ - azurerm_storage_account.app - ] -} diff --git a/ops/dev7/container_instances.tf b/ops/dev7/container_instances.tf deleted file mode 100644 index bf3c44ca8f..0000000000 --- a/ops/dev7/container_instances.tf +++ /dev/null @@ -1,26 +0,0 @@ -module "db_liquibase_action" { - source = "../services/container_instances/db_liquibase_action" - count = var.image_action == null ? 0 : 1 - name = local.name - env = local.env - resource_group_name = data.azurerm_resource_group.rg.name - resource_group_location = data.azurerm_resource_group.rg.location - acr_password = data.terraform_remote_state.global.outputs.acr_simeplereport_admin_password - rollback_tag = var.liquibase_rollback_tag - image_action = var.image_action - spring_datasource_url = data.azurerm_key_vault_secret.sr_dev7_db_jdbc.value - subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_container_instances_id -} - -module "db_client" { - source = "../services/container_instances/db_client/infra" - name = local.name - env = local.env - resource_group_name = data.azurerm_resource_group.rg.name - resource_group_location = data.azurerm_resource_group.rg.location - acr_password = data.terraform_remote_state.global.outputs.acr_simeplereport_admin_password - subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_container_instances_id - storage_account_name = azurerm_storage_account.app.name - storage_account_key = azurerm_storage_account.app.primary_access_key - storage_share_name = azurerm_storage_share.db_client_export.name -} \ No newline at end of file diff --git a/ops/dev7/main.tf b/ops/dev7/main.tf deleted file mode 100644 index 8a83b00d76..0000000000 --- a/ops/dev7/main.tf +++ /dev/null @@ -1,132 +0,0 @@ -locals { - project = "prime" - name = "simple-report" - env = "dev7" - env_level = "dev" - management_tags = { - prime-app = "simple-report" - environment = local.env - # Resource groups can support multiple environments at the same level. Any resources that are shared between - # environments should use the "local.env_level" convention where possible. - resource_group = data.azurerm_resource_group.rg.name - } -} - -# Frontend React App -resource "azurerm_storage_account" "app" { - account_replication_type = "GRS" # Cross-regional redundancy - account_tier = "Standard" - account_kind = "StorageV2" - name = "simplereport${local.env}app" - resource_group_name = data.azurerm_resource_group.rg.name - location = data.azurerm_resource_group.rg.location - enable_https_traffic_only = true - min_tls_version = "TLS1_2" - allow_nested_items_to_be_public = false - cross_tenant_replication_enabled = false - - queue_properties { - logging { - delete = false - read = false - write = false - version = "1.0" - retention_policy_days = 7 - } - } - - static_website { - index_document = "index.html" - error_404_document = "404.html" - } - - tags = local.management_tags -} - -resource "azurerm_storage_queue" "test_event_queue" { - name = "test-event-publishing" - storage_account_name = azurerm_storage_account.app.name -} - -resource "azurerm_storage_queue" "test_event_exceptions_queue" { - name = "test-event-publishing-exceptions" - storage_account_name = azurerm_storage_account.app.name -} - -resource "azurerm_storage_queue" "test-event-publishing-error" { - name = "test-event-publishing-error" - storage_account_name = azurerm_storage_account.app.name -} - -resource "azurerm_storage_queue" "fhir_data_queue" { - name = "fhir-data-publishing" - storage_account_name = azurerm_storage_account.app.name -} - -resource "azurerm_storage_queue" "fhir_publishing_error_queue" { - name = "fhir-data-publishing-error" - storage_account_name = azurerm_storage_account.app.name -} - -resource "azurerm_storage_share" "db_client_export" { - name = "db-client-export-${local.env}" - storage_account_name = azurerm_storage_account.app.name - quota = 10 -} - -# Manually configured rules/rewrite sets -module "app_gateway" { - source = "../services/app_gateway" - name = "${local.name}-${local.env}" - env = local.env - resource_group_location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - - blob_endpoint = azurerm_storage_account.app.primary_web_host - subnet_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_lbs_id - key_vault_id = data.azurerm_key_vault.sr_global.id - log_workspace_uri = data.azurerm_log_analytics_workspace.log_analytics.id - - fqdns = [ - module.simple_report_api.app_hostname - ] - - staging_fqdns = [ - module.simple_report_api.staging_hostname - ] - - firewall_policy_id = module.web_application_firewall.web_application_firewall_id - tags = local.management_tags -} - -module "nat_gateway" { - source = "../services/nat_gateway" - name = "${local.name}-${local.env}" - env = local.env - resource_group_location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - subnet_webapp_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_webapp_id - subnet_lb_id = data.terraform_remote_state.persistent_dev7.outputs.subnet_lbs_id - tags = local.management_tags -} - -module "web_application_firewall" { - source = "../services/web_application_firewall" - name = "${local.name}-${local.env}" - env = local.env - resource_group_location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - - tags = local.management_tags -} - -module "app_service_autoscale" { - source = "../services/app_service_autoscale" - name = "${local.name}-${local.env}" - env = local.env - resource_group_location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - target_resource_id = module.simple_report_api.service_plan_id - - tags = local.management_tags -} diff --git a/ops/dev7/metabase.tf b/ops/dev7/metabase.tf deleted file mode 100644 index e482af36f1..0000000000 --- a/ops/dev7/metabase.tf +++ /dev/null @@ -1,5 +0,0 @@ -module "metabase_database" { - source = "../services/metabase/database" - - postgres_server_id = data.terraform_remote_state.persistent_dev7.outputs.postgres_server_id -} \ No newline at end of file diff --git a/ops/dev7/persistent/.terraform.lock.hcl b/ops/dev7/persistent/.terraform.lock.hcl deleted file mode 100644 index ff66c283ae..0000000000 --- a/ops/dev7/persistent/.terraform.lock.hcl +++ /dev/null @@ -1,64 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.71.0" - constraints = "~> 3.55" - hashes = [ - "h1:QI0iaPNi0qAOIbXptd4ZObi0D5X1jojom5774GtEspA=", - "zh:06f0d225b1711dfad256ff33134f878acc8f84624d9da66b075b075cc4d75892", - "zh:09ff74056818babe02ea5a633bffe2b8223eaf79916dc1db169651ef7725c22f", - "zh:27687e0f8458e6d88ebea94352eb523f56e8f5cdc468268af8f38dc4a4265bf4", - "zh:2d81bfab3c6a9b897fa8fbb5256c9e5a944e6ecbf7f73a2a3e2b53a2c4fbcfc5", - "zh:4cfc744cfc37aeeeecd82800c70e2591b38447af9e3c51bcbf06a5efe842ed65", - "zh:734fbb81508b264f772a076338ddf1c7b25534d2007a1738a7d55587478ed258", - "zh:9a5502c364f58073599fff8cdd8adc32e7f7bcd00a4d9b57d2fff678fd8a8319", - "zh:9bc528f7e78dbfd106f94b741b68dedd3dd3d31c3defcddcc1972c8e52a6b7db", - "zh:c30db03d877f9a7ae0c19d3fd338bbf95cdddbf6df1023709dbfa99689abac14", - "zh:c51d4065145b8f4ca45fc9a0f3ca7f2d933bc0302af2eead74f3ce64a9221ae8", - "zh:e23029fc7f81723795d7da770131adb1ce6f4d32f0a57eb75d47e036a0a19833", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} - -provider "registry.terraform.io/hashicorp/random" { - version = "3.5.1" - constraints = "~> 3.5" - hashes = [ - "h1:VSnd9ZIPyfKHOObuQCaKfnjIHRtR7qTw19Rz8tJxm+k=", - "zh:04e3fbd610cb52c1017d282531364b9c53ef72b6bc533acb2a90671957324a64", - "zh:119197103301ebaf7efb91df8f0b6e0dd31e6ff943d231af35ee1831c599188d", - "zh:4d2b219d09abf3b1bb4df93d399ed156cadd61f44ad3baf5cf2954df2fba0831", - "zh:6130bdde527587bbe2dcaa7150363e96dbc5250ea20154176d82bc69df5d4ce3", - "zh:6cc326cd4000f724d3086ee05587e7710f032f94fc9af35e96a386a1c6f2214f", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:b6d88e1d28cf2dfa24e9fdcc3efc77adcdc1c3c3b5c7ce503a423efbdd6de57b", - "zh:ba74c592622ecbcef9dc2a4d81ed321c4e44cddf7da799faa324da9bf52a22b2", - "zh:c7c5cde98fe4ef1143bd1b3ec5dc04baf0d4cc3ca2c5c7d40d17c0e9b2076865", - "zh:dac4bad52c940cd0dfc27893507c1e92393846b024c5a9db159a93c534a3da03", - "zh:de8febe2a2acd9ac454b844a4106ed295ae9520ef54dc8ed2faf29f12716b602", - "zh:eab0d0495e7e711cca367f7d4df6e322e6c562fc52151ec931176115b83ed014", - ] -} - -provider "registry.terraform.io/okta/okta" { - version = "4.3.0" - constraints = "~> 4.3.0" - hashes = [ - "h1:eZRzGr/4124G29dQTebtd7OPAcUst7Zs7BTvx7yxp/0=", - "zh:0f364629464dbcdc0928f50e930118acf1f3b6ad8e2aa1536ec898e71dce8937", - "zh:18fd9b8eae7bbd6fa5be5c7a24bf07324c760232192d2d7ec15e0760779b943d", - "zh:2c3f37c4d627a48547406012ae8658b0e0086753ed935499f4291a7919c8c159", - "zh:3ac813a36577d76f1cb0788e28e37ab9b6fa58238d7c756438e88e5efa3a94df", - "zh:56f20a03991ca862d2e944f7b52ee2b5ff35d5a0839db202bc8b8fdf68c61d8c", - "zh:5be530362a94717d426b35c26fe4cbe79ad1660a305e5c505b17f7657af0de07", - "zh:65a02931c6b4a36ebc922e56feeb98d8b96ae39eb4d31efb1d1123f1579a093a", - "zh:6971b322c5a6436b365df8f02d35a655bb283b51296a98332324b71f23825ea2", - "zh:69cccfaf89265b5ada883b3d3cfaae910313b0f52c8dce1ac76392c8caaaba5d", - "zh:7dc996e1a19f13e9ed6c3a9e243bfb66c0bd815eb08255d7597d82acefdc5b92", - "zh:ab11cf5e85d381df94ef9362f7f5c958fd9a123f6237fab183067288fc69fd8a", - "zh:bed16ac0fceb1a581be85345b65a6f31216ae4f927bc3c129761b4ebfe7fc2c7", - "zh:c8da630a007bab6a760a2e73714d631bd018e3f6acfe6aefffaa09ac6a8dcb6e", - "zh:d37e530c5208d591be59d21723423f5e674dd1659203369455ea5b9771c5f773", - ] -} diff --git a/ops/dev7/persistent/_config.tf b/ops/dev7/persistent/_config.tf deleted file mode 100644 index 05b26adda8..0000000000 --- a/ops/dev7/persistent/_config.tf +++ /dev/null @@ -1,33 +0,0 @@ -terraform { - backend "azurerm" { - resource_group_name = "prime-simple-report-test" - storage_account_name = "usdssimplereportglobal" - container_name = "sr-tfstate" - key = "dev7/persistent-terraform.tfstate" - } - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "~> 3.55" - } - okta = { - source = "okta/okta" - version = "~> 4.3.0" - } - random = { - version = "~> 3.5" - } - } - required_version = "~> 1.3.3" -} - - -provider "azurerm" { - features {} - skip_provider_registration = true -} - -provider "okta" { - org_name = "hhs-prime" - base_url = "oktapreview.com" -} diff --git a/ops/dev7/persistent/_data.tf b/ops/dev7/persistent/_data.tf deleted file mode 100644 index 85a4f1fc16..0000000000 --- a/ops/dev7/persistent/_data.tf +++ /dev/null @@ -1,50 +0,0 @@ -data "terraform_remote_state" "global" { - backend = "azurerm" - config = { - resource_group_name = "prime-simple-report-test" - storage_account_name = "usdssimplereportglobal" - container_name = "sr-tfstate" - key = "global/terraform.tfstate" - } -} - -# Resource Groups -data "azurerm_resource_group" "dev7" { - # Environments are assembled into shared resource groups by environment level. - name = "${local.project}-${local.name}-${local.env_level}" -} - -data "azurerm_resource_group" "global" { - name = "${local.project}-${local.name}-management" -} - -data "azurerm_resource_group" "rg_prod" { - name = "${local.project}-${local.name}-prod" -} - -data "azurerm_client_config" "current" {} - -# Network -data "azurerm_virtual_network" "dev7" { - name = "simple-report-${local.env}-network" - resource_group_name = data.azurerm_resource_group.dev7.name - depends_on = [ - module.vnet - ] -} - -# Secrets -data "azurerm_key_vault" "global" { - name = "simple-report-global" - resource_group_name = data.azurerm_resource_group.global.name -} - -data "azurerm_key_vault" "db_keys" { - name = "simple-report-db-keys" - resource_group_name = data.azurerm_resource_group.global.name -} - -data "azurerm_key_vault_key" "db_encryption_key" { - name = local.env_level - key_vault_id = data.azurerm_key_vault.db_keys.id -} diff --git a/ops/dev7/persistent/_output.tf b/ops/dev7/persistent/_output.tf deleted file mode 100644 index bf1d143c07..0000000000 --- a/ops/dev7/persistent/_output.tf +++ /dev/null @@ -1,36 +0,0 @@ -output "vnet_id" { - value = module.vnet.network.id -} - -output "subnet_lbs_id" { - value = module.vnet.subnet_lbs_id -} - -output "subnet_webapp_id" { - value = module.vnet.subnet_webapp_id -} - -output "app_insight_id" { - value = module.monitoring.app_insights_id -} - -output "app_insights_instrumentation_key" { - value = module.monitoring.app_insights_instrumentation_key - sensitive = true -} - -output "postgres_server_name" { - value = module.db.server_name -} - -output "postgres_server_fqdn" { - value = module.db.server_fqdn -} - -output "postgres_server_id" { - value = module.db.server_id -} - -output "subnet_container_instances_id" { - value = module.vnet.subnet_container_instances_id -} diff --git a/ops/dev7/persistent/main.tf b/ops/dev7/persistent/main.tf deleted file mode 100644 index 7ec40d2fbe..0000000000 --- a/ops/dev7/persistent/main.tf +++ /dev/null @@ -1,73 +0,0 @@ -locals { - project = "prime" - name = "simple-report" - env = "dev7" - env_level = "dev" - - network_cidr = "10.1.0.0/16" - rg_name = data.azurerm_resource_group.dev7.name - rg_location = data.azurerm_resource_group.dev7.location - management_tags = { - prime-app = "simple-report" - environment = local.env - # Resource groups can support multiple environments at the same level. Any resources that are shared between - # environments should use the "local.env_level" convention where possible. - resource_group = data.azurerm_resource_group.dev7.name - } -} - -module "monitoring" { - source = "../../services/monitoring" - env = local.env - management_rg = data.azurerm_resource_group.global.name - rg_location = local.rg_location - rg_name = local.rg_name - - app_url = "${local.env}.simplereport.gov" - - tags = local.management_tags -} - -resource "random_password" "random_nophi_password" { - length = 30 - special = false - override_special = "!#$%&*()-_=+[]{}<>:?" -} - -module "db" { - source = "../../services/postgres_db" - env = local.env - env_level = local.env_level - rg_location = local.rg_location - rg_name = local.rg_name - - global_vault_id = data.azurerm_key_vault.global.id - db_vault_id = data.azurerm_key_vault.db_keys.id - subnet_id = module.vnet.subnet_db_id - log_workspace_id = module.monitoring.log_analytics_workspace_id - private_dns_zone_id = module.vnet.private_dns_zone_id - - nophi_user_password = random_password.random_nophi_password.result - - tags = local.management_tags -} - -module "db_alerting" { - source = "../../services/alerts/db_metrics" - env = local.env - rg_name = local.rg_name - db_id = module.db.server_id - action_group_ids = [ - data.terraform_remote_state.global.outputs.pagerduty_non_prod_action_id - ] -} - -module "vnet" { - source = "../../services/virtual_network" - env = local.env - env_level = local.env_level - resource_group_name = local.rg_name - network_address = local.network_cidr - management_tags = local.management_tags - location = local.rg_location -} diff --git a/ops/dev7/persistent/okta.tf b/ops/dev7/persistent/okta.tf deleted file mode 100644 index 21c02b4ed5..0000000000 --- a/ops/dev7/persistent/okta.tf +++ /dev/null @@ -1,28 +0,0 @@ -module "okta" { - source = "../../services/okta-app" - env = local.env - logout_redirect_uris = ["https://${local.env}.simplereport.gov"] - app_url = "https://${local.env}.simplereport.gov/app" -} - -// Create the Okta secrets - -resource "azurerm_key_vault_secret" "okta_client_id" { - key_vault_id = data.azurerm_key_vault.global.id - name = "okta-${local.env}-client-id" - value = module.okta.client_id - - lifecycle { - ignore_changes = [value] - } -} - -resource "azurerm_key_vault_secret" "okta_client_secret" { - key_vault_id = data.azurerm_key_vault.global.id - name = "okta-${local.env}-client-secret" - value = module.okta.client_secret - - lifecycle { - ignore_changes = [value] - } -} \ No newline at end of file diff --git a/ops/services/container_instances/db_client/infra/_var.tf b/ops/services/container_instances/db_client/infra/_var.tf index 754f63503f..84b2cd4283 100644 --- a/ops/services/container_instances/db_client/infra/_var.tf +++ b/ops/services/container_instances/db_client/infra/_var.tf @@ -1,5 +1,5 @@ variable "env" { - description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod]" + description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod]" type = string } variable "name" { diff --git a/ops/services/container_instances/db_liquibase_action/_var.tf b/ops/services/container_instances/db_liquibase_action/_var.tf index 832a6db746..9de368c4f0 100644 --- a/ops/services/container_instances/db_liquibase_action/_var.tf +++ b/ops/services/container_instances/db_liquibase_action/_var.tf @@ -1,5 +1,5 @@ variable "env" { - description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod]" + description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod]" type = string } variable "name" { diff --git a/ops/services/virtual_network/_var.tf b/ops/services/virtual_network/_var.tf index 73362a0e2e..4701ac7c45 100644 --- a/ops/services/virtual_network/_var.tf +++ b/ops/services/virtual_network/_var.tf @@ -7,7 +7,7 @@ variable "app_name" { } variable "env" { - description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, dev7, pentest, test, training, stg, prod]" + description = "values: [demo, dev, dev2, dev3, dev4, dev5, dev6, pentest, test, training, stg, prod]" type = string } diff --git a/ops/upgradetf.sh b/ops/upgradetf.sh index 9c94eba0e8..b7e0768b7d 100755 --- a/ops/upgradetf.sh +++ b/ops/upgradetf.sh @@ -5,7 +5,7 @@ az login -TERRAFORM_DIRS="dev dev/persistent dev2 dev2/persistent dev3 dev3/persistent dev4 dev4/persistent dev5 dev5/persistent dev6 dev6/persistent dev7 dev7/persistent test test/persistent demo demo/persistent training training/persistent stg stg/persistent pentest pentest/persistent prod prod/persistent global" +TERRAFORM_DIRS="dev dev/persistent dev2 dev2/persistent dev3 dev3/persistent dev4 dev4/persistent dev5 dev5/persistent dev6 dev6/persistent test test/persistent demo demo/persistent training training/persistent stg stg/persistent pentest pentest/persistent prod prod/persistent global" terraform fmt -recursive