Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: specify app settings as code #1294

Merged
merged 12 commits into from Mar 7, 2023
Merged

Feat: specify app settings as code #1294

merged 12 commits into from Mar 7, 2023

Conversation

angela-tran
Copy link
Member

@angela-tran angela-tran commented Feb 24, 2023
edited

Closes #1116 and closes #1241

This PR specifies our app settings as code. Settings with secret values make use of Azure Key Vault references.

Current status of secrets in Key Vault

All data migration secrets have been added to the Key Vaults for dev, test, and prod.
The settings that used to be manually configured on our app services (e.g. Django settings, Azure Docker settings, etc.) have been added to the dev Key Vault.

Todo

  • Add the manually configured app settings to Key Vaults for test and prod.
  • Figure out how to conditionally set app settings. For example, dev does not need the HEALTHCHECK_USER_AGENTS app setting.
  • Update documentation

@angela-tran angela-tran self-assigned this Feb 24, 2023
@github-actions github-actions bot added infrastructure Terraform, Azure, etc. migrations [auto] Review for potential model changes/needed data migrations updates back-end Django views, sessions, middleware, models, migrations etc. deployment-dev [auto] Changes that will trigger a deploy if merged to dev documentation [auto] Improvements or additions to documentation and removed infrastructure Terraform, Azure, etc. labels Feb 24, 2023
@angela-tran angela-tran changed the base branch from dev to feat/set-key-vault-values February 24, 2023 22:00
@angela-tran angela-tran added this to the Refine secrets management milestone Feb 24, 2023
Base automatically changed from feat/set-key-vault-values to dev March 2, 2023 17:21
@angela-tran angela-tran marked this pull request as ready for review March 4, 2023 00:12
@angela-tran angela-tran requested a review from a team as a code owner March 4, 2023 00:12
@angela-tran angela-tran added the infrastructure Terraform, Azure, etc. label Mar 4, 2023
@angela-tran
Copy link
Member Author

angela-tran commented Mar 7, 2023
edited

Rebased to update a commit message

thekaveman
thekaveman requested changes Mar 7, 2023
View reviewed changes
Copy link
Member

@thekaveman thekaveman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking great. Few questions/suggestions.

terraform/app_service.tf Outdated Show resolved Hide resolved
terraform/app_service.tf Outdated Show resolved Hide resolved
terraform/app_service.tf Outdated Show resolved Hide resolved
thekaveman
thekaveman approved these changes Mar 7, 2023
View reviewed changes
Copy link
Member

@thekaveman thekaveman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to merge this with our release this afternoon? I think we did want to, but going through each of the environments/secrets first right?

@angela-tran angela-tran merged commit 5d1fa35 into dev Mar 7, 2023
@angela-tran angela-tran deleted the feat/app-settings-secrets branch March 7, 2023 21:08
@angela-tran angela-tran mentioned this pull request Mar 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thekaveman thekaveman thekaveman approved these changes

Assignees

@angela-tran angela-tran

Labels
back-end Django views, sessions, middleware, models, migrations etc. deployment-dev [auto] Changes that will trigger a deploy if merged to dev documentation [auto] Improvements or additions to documentation infrastructure Terraform, Azure, etc. migrations [auto] Review for potential model changes/needed data migrations updates
Projects
None yet
Milestone
Refine secrets management
2 participants
@angela-tran @thekaveman