diff --git a/.github/workflows/deploy-demo.yml b/.github/workflows/deploy-demo.yml new file mode 100644 index 000000000..a0ae9f598 --- /dev/null +++ b/.github/workflows/deploy-demo.yml @@ -0,0 +1,68 @@ +name: Deploy to demo environment + +on: + push: + branches: [ production ] + +permissions: + contents: read + +jobs: + deploy: + runs-on: ubuntu-latest + environment: demo + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - name: Check for changes to Terraform + id: changed-terraform-files + uses: tj-actions/changed-files@v1.1.2 + with: + files: terraform/demo + - name: Terraform init + if: steps.changed-terraform-files.outputs.any_changed == 'true' + working-directory: terraform/demo + env: + AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} + run: terraform init + - name: Terraform apply + if: steps.changed-terraform-files.outputs.any_changed == 'true' + working-directory: terraform/demo + env: + AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} + TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }} + TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} + run: terraform apply -auto-approve -input=false + + - uses: ./.github/actions/setup-project + + - name: Deploy to cloud.gov + uses: 18f/cg-deploy-action@main + env: + DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }} + SECRET_KEY: ${{ secrets.SECRET_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }} + BASIC_AUTH_PASSWORD: ${{ secrets.BASIC_AUTH_PASSWORD }} + REDIS_ENABLED: ${{ secrets.REDIS_ENABLED }} + with: + cf_username: ${{ secrets.CLOUDGOV_USERNAME }} + cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} + cf_org: gsa-tts-benefits-studio-prototyping + cf_space: notify-demo + push_arguments: >- + --vars-file deploy-config/staging.yml + --var DANGEROUS_SALT="$DANGEROUS_SALT" + --var SECRET_KEY="$SECRET_KEY" + --var AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" + --var AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" + --var REDIS_ENABLED="$REDIS_ENABLED" + --var ADMIN_CLIENT_USERNAME="notify-admin" + --var ADMIN_CLIENT_SECRET="$ADMIN_CLIENT_SECRET" + --var BASIC_AUTH_USERNAME="curiousabout" + --var BASIC_AUTH_PASSWORD="$BASIC_AUTH_PASSWORD" diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1efb81a27..5795c1f15 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,13 +15,8 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' }} + environment: staging steps: - - name: Install container dependencies - run: | - sudo apt-get update \ - && sudo apt-get install -y --no-install-recommends \ - libcurl4-openssl-dev - - uses: actions/checkout@v3 with: fetch-depth: 2 @@ -48,31 +43,25 @@ jobs: TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} run: terraform apply -auto-approve -input=false - - name: Set up Python 3.9 - uses: actions/setup-python@v3 - with: - python-version: "3.9" - - - name: Install application dependencies - run: make bootstrap + - uses: ./.github/actions/setup-project - name: Deploy to cloud.gov uses: 18f/cg-deploy-action@main env: - DANGEROUS_SALT: ${{ secrets.PROD_DANGEROUS_SALT }} - SECRET_KEY: ${{ secrets.PROD_SECRET_KEY }} + DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }} + SECRET_KEY: ${{ secrets.SECRET_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - ADMIN_CLIENT_SECRET: ${{ secrets.PROD_ADMIN_CLIENT_SECRET }} + ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }} BASIC_AUTH_PASSWORD: ${{ secrets.BASIC_AUTH_PASSWORD }} REDIS_ENABLED: ${{ secrets.REDIS_ENABLED }} with: cf_username: ${{ secrets.CLOUDGOV_USERNAME }} cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} - cf_org: gsa-10x-prototyping - cf_space: 10x-notifications + cf_org: gsa-tts-benefits-studio-prototyping + cf_space: notify-staging push_arguments: >- - --var env=staging + --vars-file deploy-config/staging.yml --var DANGEROUS_SALT="$DANGEROUS_SALT" --var SECRET_KEY="$SECRET_KEY" --var AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" @@ -87,4 +76,6 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'failure' }} steps: - - run: echo 'Checks failed, not deploying' + - uses: actions/github-script@v6 + with: + script: core.setFailed('Checks failed, not deploying') diff --git a/.github/workflows/terraform-demo.yml b/.github/workflows/terraform-demo.yml new file mode 100644 index 000000000..29b8fa397 --- /dev/null +++ b/.github/workflows/terraform-demo.yml @@ -0,0 +1,79 @@ +name: Run Terraform plan in demo + +on: + pull_request: + branches: [ production ] + paths: [ 'terraform/**' ] + +defaults: + run: + working-directory: terraform/demo + +jobs: + terraform: + name: Terraform plan + runs-on: ubuntu-latest + environment: demo + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Terraform format + id: format + run: terraform fmt -check + + - name: Terraform init + id: init + env: + AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} + run: terraform init + + - name: Terraform validate + id: validation + run: terraform validate -no-color + + - name: Terraform plan + id: plan + env: + AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} + TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }} + TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} + run: terraform plan -no-color -input=false 2>&1 | tee plan_output.txt + + - name: Read Terraform plan output file + id: terraform_output + uses: juliangruber/read-file-action@v1 + if: ${{ always() }} + with: + path: ./terraform/demo/plan_output.txt + + # inspiration: https://learn.hashicorp.com/tutorials/terraform/github-actions#review-actions-workflow + - name: Update PR + uses: actions/github-script@v6 + # we would like to update the PR even when a prior step failed + if: ${{ always() }} + with: + script: | + const output = `Terraform Format and Style: ${{ steps.format.outcome }} + Terraform Initialization: ${{ steps.init.outcome }} + Terraform Validation: ${{ steps.validation.outcome }} + Terraform Plan: ${{ steps.plan.outcome }} + +
Show Plan + + \`\`\`\n + ${{ steps.terraform_output.outputs.content }} + \`\`\` + +
+ + *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; + + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) diff --git a/.github/workflows/terraform-production.yml b/.github/workflows/terraform-production.yml index 7861c3205..e48000438 100644 --- a/.github/workflows/terraform-production.yml +++ b/.github/workflows/terraform-production.yml @@ -2,7 +2,7 @@ name: Run Terraform plan in production on: pull_request: - branches: [ production ] + branches: [ production-disabled-for-now ] paths: [ 'terraform/**' ] defaults: @@ -38,8 +38,8 @@ jobs: env: AWS_ACCESS_KEY_ID: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }} AWS_SECRET_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_SECRET_ACCESS_KEY }} - TF_VAR_cf_user: ${{ secrets.CF_USERNAME }} - TF_VAR_cf_password: ${{ secrets.CF_PASSWORD }} + TF_VAR_cf_user: ${{ secrets.CLOUDGOV_USERNAME }} + TF_VAR_cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} run: terraform plan -no-color -input=false 2>&1 | tee plan_output.txt - name: Read Terraform plan output file @@ -51,7 +51,7 @@ jobs: # inspiration: https://learn.hashicorp.com/tutorials/terraform/github-actions#review-actions-workflow - name: Update PR - uses: actions/github-script@v4 + uses: actions/github-script@v6 # we would like to update the PR even when a prior step failed if: ${{ always() }} with: @@ -71,7 +71,7 @@ jobs: *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; - github.issues.createComment({ + github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, diff --git a/.github/workflows/terraform-staging.yml b/.github/workflows/terraform-staging.yml index 5c7d2a6ff..b1ac54f8f 100644 --- a/.github/workflows/terraform-staging.yml +++ b/.github/workflows/terraform-staging.yml @@ -13,6 +13,7 @@ jobs: terraform: name: Terraform plan runs-on: ubuntu-latest + environment: staging steps: - name: Checkout uses: actions/checkout@v2 @@ -50,7 +51,7 @@ jobs: # inspiration: https://learn.hashicorp.com/tutorials/terraform/github-actions#review-actions-workflow - name: Update PR - uses: actions/github-script@v4 + uses: actions/github-script@v6 # we would like to update the PR even when a prior step failed if: ${{ always() }} with: @@ -70,7 +71,7 @@ jobs: *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; - github.issues.createComment({ + github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, diff --git a/app/config.py b/app/config.py index cabc33ab7..3cb91b68e 100644 --- a/app/config.py +++ b/app/config.py @@ -148,6 +148,10 @@ class Staging(Production): HEADER_COLOUR = '#6F72AF' # $mauve +class Demo(Staging): + pass + + class Scanning(Production): BASIC_AUTH_FORCE = False HTTP_PROTOCOL = 'http' @@ -162,5 +166,6 @@ configs = { 'test': Test, 'scanning': Scanning, 'staging': Staging, + 'demo': Demo, 'production': Production } diff --git a/deploy-config/demo.yml b/deploy-config/demo.yml new file mode 100644 index 000000000..2f82ea6e6 --- /dev/null +++ b/deploy-config/demo.yml @@ -0,0 +1,4 @@ +env: demo +instances: 1 +memory: 1G +public_admin_route: notify-demo.app.cloud.gov diff --git a/deploy-config/production.yml b/deploy-config/production.yml new file mode 100644 index 000000000..add5bbef2 --- /dev/null +++ b/deploy-config/production.yml @@ -0,0 +1,4 @@ +env: production +instances: 2 +memory: 1G +public_admin_route: notify.app.cloud.gov diff --git a/deploy-config/staging.yml b/deploy-config/staging.yml new file mode 100644 index 000000000..9478a72a2 --- /dev/null +++ b/deploy-config/staging.yml @@ -0,0 +1,4 @@ +env: staging +instances: 1 +memory: 1G +public_admin_route: notify-staging.app.cloud.gov diff --git a/manifest.yml b/manifest.yml index 36b4eaf62..8b7b5a18b 100644 --- a/manifest.yml +++ b/manifest.yml @@ -1,45 +1,44 @@ --- applications: - - name: notifications-admin-((env)) + - name: notify-admin-((env)) buildpack: python_buildpack - memory: 1G + instances: ((instances)) + memory: ((memory)) health-check-type: http health-check-http-endpoint: '/_status?simple=true' health-check-invocation-timeout: 10 routes: - - route: notifications-admin.app.cloud.gov + - route: ((public_admin_route)) services: - - notifications-admin-redis-((env)) - - notifications-api-csv-upload-bucket-((env)) - - notifications-api-contact-list-bucket-((env)) - - notifications-admin-logo-upload-bucket-((env)) + - notify-admin-redis-((env)) + - notify-api-csv-upload-bucket-((env)) + - notify-api-contact-list-bucket-((env)) + - notify-admin-logo-upload-bucket-((env)) env: + NOTIFY_ENVIRONMENT: ((env)) NOTIFY_APP_NAME: admin NOTIFY_LOG_PATH: /home/vcap/logs/app.log NOTIFY_LOG_LEVEL: INFO FLASK_APP: application.py FLASK_ENV: production - DEPLOY_ENV: ((env)) REDIS_ENABLED: ((REDIS_ENABLED)) - - NOTIFY_ENVIRONMENT: ((env)) + ADMIN_BASE_URL: https://((public_admin_route)) + API_HOST_NAME: https://notify-api-((env)).apps.internal:61443 # Credentials variables ADMIN_CLIENT_SECRET: ((ADMIN_CLIENT_SECRET)) ADMIN_CLIENT_USERNAME: ((ADMIN_CLIENT_USERNAME)) - ADMIN_BASE_URL: https://notifications-admin.app.cloud.gov - API_HOST_NAME: https://notifications-api-((env)).apps.internal:61443 DANGEROUS_SALT: ((DANGEROUS_SALT)) SECRET_KEY: ((SECRET_KEY)) + BASIC_AUTH_USERNAME: ((BASIC_AUTH_USERNAME)) + BASIC_AUTH_PASSWORD: ((BASIC_AUTH_PASSWORD)) AWS_REGION: us-west-2 AWS_ACCESS_KEY_ID: ((AWS_ACCESS_KEY_ID)) AWS_SECRET_ACCESS_KEY: ((AWS_SECRET_ACCESS_KEY)) - BASIC_AUTH_USERNAME: ((BASIC_AUTH_USERNAME)) - BASIC_AUTH_PASSWORD: ((BASIC_AUTH_PASSWORD)) - NOTIFY_BILLING_DETAILS: [] + NOTIFY_BILLING_DETAILS: '[]' REQUESTS_CA_BUNDLE: "/etc/ssl/certs/ca-certificates.crt" diff --git a/terraform/bootstrap/import.sh b/terraform/bootstrap/import.sh index 88b1e40d2..9140711f5 100755 --- a/terraform/bootstrap/import.sh +++ b/terraform/bootstrap/import.sh @@ -4,8 +4,8 @@ read -p "Are you sure you want to import terraform state (y/n)? " verify if [[ $verify == "y" ]]; then echo "Importing bootstrap state" - ./run.sh import module.s3.cloudfoundry_service_instance.bucket 31204bcc-aae3-4cd3-8b59-5055a338d44f - ./run.sh import cloudfoundry_service_key.bucket_creds 483a6ac5-4ba0-48ad-9850-ef87b51aaa08 + ./run.sh import module.s3.cloudfoundry_service_instance.bucket 6b759c13-6253-4a64-9bda-dd1f620185b0 + ./run.sh import cloudfoundry_service_key.bucket_creds a8e40295-68b7-42ba-8955-d82ba262e948 ./run.sh plan else echo "Not importing bootstrap state" diff --git a/terraform/bootstrap/main.tf b/terraform/bootstrap/main.tf index f00fff4c5..f51d5bd2d 100644 --- a/terraform/bootstrap/main.tf +++ b/terraform/bootstrap/main.tf @@ -9,8 +9,8 @@ module "s3" { cf_api_url = local.cf_api_url cf_user = var.cf_user cf_password = var.cf_password - cf_org_name = "gsa-10x-prototyping" - cf_space_name = "10x-notifications" + cf_org_name = "gsa-tts-benefits-studio-prototyping" + cf_space_name = "notify-management" s3_service_name = local.s3_service_name } diff --git a/terraform/bootstrap/run.sh b/terraform/bootstrap/run.sh index 404987590..1ac395444 100755 --- a/terraform/bootstrap/run.sh +++ b/terraform/bootstrap/run.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash if [[ ! -f "secrets.auto.tfvars" ]]; then - ../create_service_account.sh -s 10x-notifications -u config-bootstrap-deployer > secrets.auto.tfvars + ../create_service_account.sh -s notify-management -u config-bootstrap-deployer > secrets.auto.tfvars fi if [[ $# -gt 0 ]]; then diff --git a/terraform/bootstrap/teardown_creds.sh b/terraform/bootstrap/teardown_creds.sh index 196e3756f..77207a69b 100755 --- a/terraform/bootstrap/teardown_creds.sh +++ b/terraform/bootstrap/teardown_creds.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -../destroy_service_account.sh -s 10x-notifications -u config-bootstrap-deployer +../destroy_service_account.sh -s notify-management -u config-bootstrap-deployer rm secrets.auto.tfvars diff --git a/terraform/bootstrap/variables.tf b/terraform/bootstrap/variables.tf index 2fe500544..a24f2f3f8 100644 --- a/terraform/bootstrap/variables.tf +++ b/terraform/bootstrap/variables.tf @@ -1,2 +1,4 @@ -variable "cf_password" {} +variable "cf_password" { + sensitive = true +} variable "cf_user" {} diff --git a/terraform/create_service_account.sh b/terraform/create_service_account.sh index 1a6b0eb1c..fafe83adf 100755 --- a/terraform/create_service_account.sh +++ b/terraform/create_service_account.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -org="gsa-10x-prototyping" +org="gsa-tts-benefits-studio-prototyping" usage=" $0: Create a Service User Account for a given space diff --git a/terraform/demo/main.tf b/terraform/demo/main.tf new file mode 100644 index 000000000..14ed3cea4 --- /dev/null +++ b/terraform/demo/main.tf @@ -0,0 +1,48 @@ +locals { + cf_org_name = "gsa-tts-benefits-studio-prototyping" + cf_space_name = "notify-demo" + env = "demo" + app_name = "notify-admin" + recursive_delete = false +} + +module "redis" { + source = "github.com/18f/terraform-cloudgov//redis" + + cf_user = var.cf_user + cf_password = var.cf_password + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + env = local.env + app_name = local.app_name + recursive_delete = local.recursive_delete + redis_plan_name = "redis-dev" +} + +module "logo_upload_bucket" { + source = "github.com/18f/terraform-cloudgov//s3" + + cf_user = var.cf_user + cf_password = var.cf_password + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + recursive_delete = local.recursive_delete + s3_service_name = "${local.app_name}-logo-upload-bucket-${local.env}" +} + +# ########################################################################## +# The following lines need to be commented out for the initial `terraform apply` +# It can be re-enabled after: +# 1) the api app has first been deployed +# 2) the admin app has first been deployed +########################################################################### +# module "api_network_route" { +# source = "../shared/container_networking" + +# cf_user = var.cf_user +# cf_password = var.cf_password +# cf_org_name = local.cf_org_name +# cf_space_name = local.cf_space_name +# source_app_name = "${local.app_name}-${local.env}" +# destination_app_name = "notify-api-${local.env}" +# } diff --git a/terraform/demo/providers.tf b/terraform/demo/providers.tf new file mode 100644 index 000000000..5a7691ff0 --- /dev/null +++ b/terraform/demo/providers.tf @@ -0,0 +1,17 @@ +terraform { + required_version = "~> 1.0" + required_providers { + cloudfoundry = { + source = "cloudfoundry-community/cloudfoundry" + version = "0.15.5" + } + } + + backend "s3" { + bucket = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0" + key = "admin.tfstate.demo" + encrypt = "true" + region = "us-gov-west-1" + profile = "notify-terraform-backend" + } +} diff --git a/terraform/demo/variables.tf b/terraform/demo/variables.tf new file mode 100644 index 000000000..bd8f74131 --- /dev/null +++ b/terraform/demo/variables.tf @@ -0,0 +1,5 @@ +variable "cf_password" { + type = string + sensitive = true +} +variable "cf_user" {} diff --git a/terraform/destroy_service_account.sh b/terraform/destroy_service_account.sh index caeb12901..e8db20474 100755 --- a/terraform/destroy_service_account.sh +++ b/terraform/destroy_service_account.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -org="gsa-10x-prototyping" +org="gsa-tts-benefits-studio-prototyping" usage=" $0: Destroy a Service User Account in a given space diff --git a/terraform/production/main.tf b/terraform/production/main.tf index 377654b01..88ccb5ae5 100644 --- a/terraform/production/main.tf +++ b/terraform/production/main.tf @@ -1,8 +1,8 @@ locals { - cf_org_name = "TKTK" - cf_space_name = "TKTK" + cf_org_name = "gsa-tts-benefits-studio-prototyping" + cf_space_name = "notify-prod" env = "production" - app_name = "notifications-admin" + app_name = "notify-admin" recursive_delete = false } @@ -44,7 +44,7 @@ module "logo_upload_bucket" { # cf_org_name = local.cf_org_name # cf_space_name = local.cf_space_name # source_app_name = "${local.app_name}-${local.env}" -# destination_app_name = "notifications-api-${local.env}" +# destination_app_name = "notify-api-${local.env}" # } # ########################################################################## diff --git a/terraform/production/providers.tf b/terraform/production/providers.tf index 685d356f9..276ad5105 100644 --- a/terraform/production/providers.tf +++ b/terraform/production/providers.tf @@ -8,7 +8,7 @@ terraform { } backend "s3" { - bucket = "cg-31204bcc-aae3-4cd3-8b59-5055a338d44f" + bucket = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0" key = "admin.tfstate.prod" encrypt = "true" region = "us-gov-west-1" diff --git a/terraform/set_space_egress.sh b/terraform/set_space_egress.sh index 7eeaaf989..e3893e809 100755 --- a/terraform/set_space_egress.sh +++ b/terraform/set_space_egress.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -org="gsa-10x-prototyping" +org="gsa-tts-benefits-studio-prototyping" usage=" $0: Set egress rules for given space diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index d2a62db7f..a23570ca7 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -1,8 +1,8 @@ locals { - cf_org_name = "gsa-10x-prototyping" - cf_space_name = "10x-notifications" + cf_org_name = "gsa-tts-benefits-studio-prototyping" + cf_space_name = "notify-staging" env = "staging" - app_name = "notifications-admin" + app_name = "notify-admin" recursive_delete = true } @@ -30,13 +30,19 @@ module "logo_upload_bucket" { s3_service_name = "${local.app_name}-logo-upload-bucket-${local.env}" } -module "api_network_route" { - source = "../shared/container_networking" +# ########################################################################## +# The following lines need to be commented out for the initial `terraform apply` +# It can be re-enabled after: +# 1) the api app has first been deployed +# 2) the admin app has first been deployed +########################################################################### +# module "api_network_route" { +# source = "../shared/container_networking" - cf_user = var.cf_user - cf_password = var.cf_password - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - source_app_name = "${local.app_name}-${local.env}" - destination_app_name = "notifications-api-${local.env}" -} +# cf_user = var.cf_user +# cf_password = var.cf_password +# cf_org_name = local.cf_org_name +# cf_space_name = local.cf_space_name +# source_app_name = "${local.app_name}-${local.env}" +# destination_app_name = "notify-api-${local.env}" +# } diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index 826e74267..ab8e8ced0 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -8,7 +8,7 @@ terraform { } backend "s3" { - bucket = "cg-31204bcc-aae3-4cd3-8b59-5055a338d44f" + bucket = "cg-6b759c13-6253-4a64-9bda-dd1f620185b0" key = "admin.tfstate.stage" encrypt = "true" region = "us-gov-west-1"