From def35bf402947b0d3c664bddeb1c8cca264b3a80 Mon Sep 17 00:00:00 2001
From: Ryan Ahearn <ryan.ahearn@gsa.gov>
Date: Fri, 2 Sep 2022 11:49:51 -0400
Subject: [PATCH] Pass ADMIN_CLIENT_SECRET through deploy process

---
 .github/workflows/deploy.yml | 15 ++++++++-------
 manifest.yml                 |  5 ++---
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index cdb501850..f596c5b24 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -35,8 +35,9 @@ jobs:
     - name: Deploy to cloud.gov
       uses: 18f/cg-deploy-action@main
       env:
-        DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }}
-        SECRET_KEY: ${{ secrets.SECRET_KEY }}
+        DANGEROUS_SALT: ${{ secrets.PROD_DANGEROUS_SALT }}
+        SECRET_KEY: ${{ secrets.PROD_SECRET_KEY }}
+        ADMIN_CLIENT_SECRET: ${{ secrets.PROD_ADMIN_CLIENT_SECRET }}
         AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
         AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       with:
@@ -44,11 +45,11 @@ jobs:
         cf_password: ${{ secrets.cloudgov_password }}
         cf_org: gsa-10x-prototyping
         cf_space: 10x-notifications
-        full_command: |
-          cf push --strategy rolling \
-          --var DANGEROUS_SALT="$DANGEROUS_SALT" \
-          --var SECRET_KEY="$SECRET_KEY" \
-          --var AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
+        push_arguments: >-
+          --var DANGEROUS_SALT="$DANGEROUS_SALT"
+          --var SECRET_KEY="$SECRET_KEY"
+          --var ADMIN_CLIENT_SECRET="$ADMIN_CLIENT_SECRET"
+          --var AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID"
           --var AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY"
 
   bail:
diff --git a/manifest.yml b/manifest.yml
index fc7f6d37d..ca6ea42eb 100644
--- a/manifest.yml
+++ b/manifest.yml
@@ -27,9 +27,10 @@ applications:
       NOTIFICATION_QUEUE_PREFIX: prototype_10x
       STATSD_HOST: localhost
 
-      INTERNAL_CLIENT_API_KEYS: '{"notify-admin":["dev-notify-secret-key"]}'
+      INTERNAL_CLIENT_API_KEYS: '{"notify-admin":["((ADMIN_CLIENT_SECRET))"]}'
 
       # Credentials variables
+      ADMIN_CLIENT_SECRET: ((ADMIN_CLIENT_SECRET))
       DANGEROUS_SALT: ((DANGEROUS_SALT))
       SECRET_KEY: ((SECRET_KEY))
       AWS_REGION: us-west-2
@@ -37,5 +38,3 @@ applications:
       AWS_US_TOLL_FREE_NUMBER: +18446120782
 
       DVLA_EMAIL_ADDRESSES: []
-
-      NOTIFY_EMAIL_DOMAIN: dispostable.com