From 62a8e0cecc3f372f650984640cad20275e99185a Mon Sep 17 00:00:00 2001 From: ____ Date: Thu, 27 Jul 2023 18:42:26 -0700 Subject: [PATCH 1/4] added checkout and person webhooks env vars to dev --- infra/dev/.terraform.lock.hcl | 1 + infra/dev/iam_roles.tf | 4 ++++ infra/dev/ssm.tf | 16 ++++++++++++++++ infra/dev/variables.tf | 16 ++++++++++++++++ 4 files changed, 37 insertions(+) diff --git a/infra/dev/.terraform.lock.hcl b/infra/dev/.terraform.lock.hcl index 94b524f5..f36afb80 100644 --- a/infra/dev/.terraform.lock.hcl +++ b/infra/dev/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/aws" { constraints = "4.37.0" hashes = [ "h1:LFWMFPtcsxlzbzNlR5XQNfO9/teX2pD60XYycSU4gjQ=", + "h1:RQ6CqIhVwJQ0EMeNCH0y9ztLlJalC6QO/CyqmeQUUJ4=", "zh:12c2eb60cb1eb0a41d1afbca6fc6f0eed6ca31a12c51858f951a9e71651afbe0", "zh:1e17482217c39a12e930e71fd2c9af8af577bec6736b184674476ebcaad28477", "zh:1e8163c3d871bbd54c189bf2fe5e60e556d67fa399e4c88c8e6ee0834525dc33", diff --git a/infra/dev/iam_roles.tf b/infra/dev/iam_roles.tf index 8983aeca..35826eb1 100644 --- a/infra/dev/iam_roles.tf +++ b/infra/dev/iam_roles.tf @@ -44,6 +44,10 @@ data "aws_iam_policy_document" "task_policy" { data.aws_ssm_parameter.unit21_api_key.arn, data.aws_ssm_parameter.checkout_public_key.arn, data.aws_ssm_parameter.checkout_private_key.arn, + data.aws_ssm_parameter.checkout_webhook_secret.arn, + data.aws_ssm_parameter.persona_api_key.arn, + data.aws_ssm_parameter.persona_webhook_secret.arn, + data.aws_ssm_parameter.slack_webhook_url.arn, data.aws_ssm_parameter.owlracle_api_key.arn, data.aws_ssm_parameter.owlracle_api_secret.arn, data.aws_ssm_parameter.db_password.arn, diff --git a/infra/dev/ssm.tf b/infra/dev/ssm.tf index 514c2a64..90c5d35f 100644 --- a/infra/dev/ssm.tf +++ b/infra/dev/ssm.tf @@ -30,6 +30,14 @@ data "aws_ssm_parameter" "unit21_api_key" { name = "unit21-api-key" } +data "aws_ssm_parameter" "persona_api_key" { + name = "persona-api-key" +} + +data "aws_ssm_parameter" "persona_webhook_secret" { + name = "persona-signature-key" +} + data "aws_ssm_parameter" "checkout_public_key" { name = "dev-checkout-public-key" } @@ -38,6 +46,14 @@ data "aws_ssm_parameter" "checkout_private_key" { name = "dev-checkout-private-key" } +data "aws_ssm_parameter" "checkout_webhook_secret" { + name = "checkout-signature-key" +} + +data "aws_ssm_parameter" "slack_webhook_url" { + name = "slack-webhook-url" +} + data "aws_ssm_parameter" "owlracle_api_key" { name = "dev-owlracle-api-key" } diff --git a/infra/dev/variables.tf b/infra/dev/variables.tf index 86da86dd..e6f6ce40 100644 --- a/infra/dev/variables.tf +++ b/infra/dev/variables.tf @@ -74,6 +74,22 @@ locals { name = "CHECKOUT_SECRET_KEY" valueFrom = data.aws_ssm_parameter.checkout_private_key.arn }, + { + name = "CHECKOUT_WEBHOOK_SECRET" + valueFrom = data.aws_ssm_parameter.checkout_webhook_secret.arn + }, + { + name = "PERSONA_API_KEY" + valueFrom = data.aws_ssm_parameter.persona_api_key.arn + }, + { + name = "PERSONA_WEBHOOK_SECRET" + valueFrom = data.aws_ssm_parameter.persona_webhook_secret.arn + }, + { + name = "SLACK_WEBHOOK_URL" + valueFrom = data.aws_ssm_parameter.slack_webhook_url.arn + }, { name = "OWLRACLE_API_KEY" valueFrom = data.aws_ssm_parameter.owlracle_api_key.arn From 970c9b7fdbc75a55f4248431c952217ddc8aa839 Mon Sep 17 00:00:00 2001 From: ____ Date: Thu, 27 Jul 2023 21:57:01 -0700 Subject: [PATCH 2/4] sandbox envs --- infra/dev/ssm.tf | 8 ++++++++ infra/sandbox/iam_roles.tf | 4 +++- infra/sandbox/ssm.tf | 10 +++++++++- infra/sandbox/variables.tf | 16 ++++++++++++---- 4 files changed, 32 insertions(+), 6 deletions(-) diff --git a/infra/dev/ssm.tf b/infra/dev/ssm.tf index 90c5d35f..f8837123 100644 --- a/infra/dev/ssm.tf +++ b/infra/dev/ssm.tf @@ -50,6 +50,14 @@ data "aws_ssm_parameter" "checkout_webhook_secret" { name = "checkout-signature-key" } +data "aws_ssm_parameter" "persona_api_key" { + name = "persona-api-key" +} + +data "aws_ssm_parameter" "persona_webhook_secret" { + name = "persona-signature-key" +} + data "aws_ssm_parameter" "slack_webhook_url" { name = "slack-webhook-url" } diff --git a/infra/sandbox/iam_roles.tf b/infra/sandbox/iam_roles.tf index 3258952e..5abb5d54 100644 --- a/infra/sandbox/iam_roles.tf +++ b/infra/sandbox/iam_roles.tf @@ -44,7 +44,9 @@ data "aws_iam_policy_document" "task_policy" { data.aws_ssm_parameter.unit21_api_key.arn, data.aws_ssm_parameter.checkout_public_key.arn, data.aws_ssm_parameter.checkout_private_key.arn, - data.aws_ssm_parameter.checkout_signature_key.arn, + data.aws_ssm_parameter.checkout_webhook_secret.arn, + data.aws_ssm_parameter.persona_api_key.arn, + data.aws_ssm_parameter.persona_webhook_secret.arn, data.aws_ssm_parameter.owlracle_api_key.arn, data.aws_ssm_parameter.owlracle_api_secret.arn, data.aws_ssm_parameter.db_password.arn, diff --git a/infra/sandbox/ssm.tf b/infra/sandbox/ssm.tf index 3dc8cf82..6d4ea058 100644 --- a/infra/sandbox/ssm.tf +++ b/infra/sandbox/ssm.tf @@ -38,10 +38,18 @@ data "aws_ssm_parameter" "checkout_private_key" { name = "dev-checkout-private-key" } -data "aws_ssm_parameter" "checkout_signature_key" { +data "aws_ssm_parameter" "checkout_webhook_secret" { name = "checkout-signature-key" } +data "aws_ssm_parameter" "persona_api_key" { + name = "persona-api-key" +} + +data "aws_ssm_parameter" "persona_webhook_secret" { + name = "persona-signature-key" +} + data "aws_ssm_parameter" "owlracle_api_key" { name = "dev-owlracle-api-key" } diff --git a/infra/sandbox/variables.tf b/infra/sandbox/variables.tf index a15a2968..9ca5a353 100644 --- a/infra/sandbox/variables.tf +++ b/infra/sandbox/variables.tf @@ -75,12 +75,20 @@ locals { valueFrom = data.aws_ssm_parameter.checkout_private_key.arn }, { - name = "WEBHOOK_SECRET_KEY" - valueFrom = data.aws_ssm_parameter.checkout_signature_key.arn + name = "CHECKOUT_WEBHOOK_SECRET" + valueFrom = data.aws_ssm_parameter.checkout_webhook_secret.arn }, { - name = "CHECKOUT_SIGNATURE_KEY" - valueFrom = data.aws_ssm_parameter.checkout_signature_key.arn + name = "PERSONA_API_KEY" + valueFrom = data.aws_ssm_parameter.persona_api_key.arn + }, + { + name = "PERSONA_WEBHOOK_SECRET" + valueFrom = data.aws_ssm_parameter.persona_webhook_secret.arn + }, + { + name = "SLACK_WEBHOOK_URL" + valueFrom = data.aws_ssm_parameter.slack_webhook_url.arn }, { name = "OWLRACLE_API_KEY" From 9178214fc521cec1dbe8478521c17a108f5e5b48 Mon Sep 17 00:00:00 2001 From: ____ Date: Fri, 28 Jul 2023 13:06:05 -0700 Subject: [PATCH 3/4] removed duplicates --- infra/dev/ssm.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/infra/dev/ssm.tf b/infra/dev/ssm.tf index f8837123..9a6982d8 100644 --- a/infra/dev/ssm.tf +++ b/infra/dev/ssm.tf @@ -30,14 +30,6 @@ data "aws_ssm_parameter" "unit21_api_key" { name = "unit21-api-key" } -data "aws_ssm_parameter" "persona_api_key" { - name = "persona-api-key" -} - -data "aws_ssm_parameter" "persona_webhook_secret" { - name = "persona-signature-key" -} - data "aws_ssm_parameter" "checkout_public_key" { name = "dev-checkout-public-key" } From 57c62a3f948afb4b45acec39c0d10b537ddb714f Mon Sep 17 00:00:00 2001 From: ____ Date: Fri, 28 Jul 2023 13:48:36 -0700 Subject: [PATCH 4/4] use same env var names --- infra/dev/variables.tf | 4 ++-- infra/sandbox/variables.tf | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/infra/dev/variables.tf b/infra/dev/variables.tf index e6f6ce40..46886c76 100644 --- a/infra/dev/variables.tf +++ b/infra/dev/variables.tf @@ -75,7 +75,7 @@ locals { valueFrom = data.aws_ssm_parameter.checkout_private_key.arn }, { - name = "CHECKOUT_WEBHOOK_SECRET" + name = "CHECKOUT_WEBHOOK_SECRET_KEY" valueFrom = data.aws_ssm_parameter.checkout_webhook_secret.arn }, { @@ -83,7 +83,7 @@ locals { valueFrom = data.aws_ssm_parameter.persona_api_key.arn }, { - name = "PERSONA_WEBHOOK_SECRET" + name = "PERSONA_WEBHOOK_SECRET_KEY" valueFrom = data.aws_ssm_parameter.persona_webhook_secret.arn }, { diff --git a/infra/sandbox/variables.tf b/infra/sandbox/variables.tf index 9ca5a353..a3819a5a 100644 --- a/infra/sandbox/variables.tf +++ b/infra/sandbox/variables.tf @@ -75,7 +75,7 @@ locals { valueFrom = data.aws_ssm_parameter.checkout_private_key.arn }, { - name = "CHECKOUT_WEBHOOK_SECRET" + name = "CHECKOUT_WEBHOOK_SECRET_KEY" valueFrom = data.aws_ssm_parameter.checkout_webhook_secret.arn }, { @@ -83,7 +83,7 @@ locals { valueFrom = data.aws_ssm_parameter.persona_api_key.arn }, { - name = "PERSONA_WEBHOOK_SECRET" + name = "PERSONA_WEBHOOK_SECRET_KEY" valueFrom = data.aws_ssm_parameter.persona_webhook_secret.arn }, {