[Issue #1519] Cherry pick platform's pattern for env vars & ssm secrets #1516
Conversation
github-actions
bot
added
documentation
coilysiren
changed the title
coilysiren
changed the title
coilysiren
changed the title
coilysiren
changed the title
coilysiren
changed the title
| @@ -0,0 +1,58 @@ | |||
| # Environment variables and secrets | |||
There was a problem hiding this comment.
|
The CI failures are related to the WAF. They dont seem related to this PR |
coilysiren
requested review from
aplybeah,
sumiat,
widal001,
andycochran,
acouch and
SammySteiner
as code owners
| @@ -7,6 +7,5 @@ module "prod_config" { | |||
| domain = "api.simpler.grants.gov" | |||
| database_instance_count = 2 | |||
| database_enable_http_endpoint = true | |||
| enable_v01_endpoints = false | |||
There was a problem hiding this comment.
Could we add the ENABLE_V_0_1_ENDPOINTS value in the service overrides as false?
Doesn't technically need to be there (null == false for this), but just to have the mapping defined for prod.
There was a problem hiding this comment.
@chouinar I wanted to leave it null since the string "False" is truthy, ya know?
$ python -c 'print(bool("False"))'
> TrueUnless you're certain the that thing reading the env vars is casting strings to booleans "properly"!
There was a problem hiding this comment.
We use Pydantic for loading env vars / converting to Python types. It considers false as a false value: https://docs.pydantic.dev/2.0/usage/types/booleans/
|
I was able to confirm that the terratest CI failures (eg. |
Summary
Relates to #784
Closes #1519
Copies navapbc/template-infra#549
Time to review: 10 mins
Changes proposed
ENABLE_V_0_1_ENDPOINTS/enable_v01_endpointsto use the above patternContext for reviewers
I created this PR via tactical copy-pasting from the https://github.com/navapbc/template-infra/ repo.
The goal of this PR is to DRY our methods for setting environment variables. Notice on the red side of the diff, how I've removed the need to set
enable_v01_endpointsso many times. Then notice on the green side of the diff, that I only need to setENABLE_V_0_1_ENDPOINTStwice (for dev and staging). That's the goal of this PR, to pull in platform's very nice pattern for DRY'ing environment variables.Testing
To test this, I added - then removed - the following block from
staging.tfI then deployed to staging to see the difference. It worked as intended.