From 5c416263f0a9c20db963689d547f6a6a9043e96f Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:25:48 +0000
Subject: [PATCH 1/6] Template: use module.web_application url output

---
 templates/new_service/terraform/application/output.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/new_service/terraform/application/output.tf b/templates/new_service/terraform/application/output.tf
index 4398f01c..989dbad1 100644
--- a/templates/new_service/terraform/application/output.tf
+++ b/templates/new_service/terraform/application/output.tf
@@ -1,3 +1,3 @@
 output "url" {
-  value = "https://${module.web_application.hostname}/"
+  value = module.web_application.url
 }

From cea6f7dae3195162df83c59d017d41777bf4fc86 Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:27:47 +0000
Subject: [PATCH 2/6] Template: Pin Redis version to 6

The version should be pinned so it doesn't change when the module
changes the default version
---
 templates/new_service/terraform/application/database.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/new_service/terraform/application/database.tf b/templates/new_service/terraform/application/database.tf
index 7ddac312..b87af9e5 100644
--- a/templates/new_service/terraform/application/database.tf
+++ b/templates/new_service/terraform/application/database.tf
@@ -28,4 +28,5 @@ module "redis-cache" {
   use_azure                 = var.deploy_azure_backing_services
   azure_enable_monitoring   = var.enable_monitoring
   azure_patch_schedule      = [{ "day_of_week" : "Sunday", "start_hour_utc" : 01 }]
+  server_version            = "6"
 }

From 9ae2a34c06fc2cd29e10f1eeb0859546fd9a1d42 Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:31:15 +0000
Subject: [PATCH 3/6] Template: remove dmarc TXT record

This has the becomingateacher email address so it is not generic. We
should first check with security what should the policy be.
---
 .../domains/infrastructure/config/zones.tfvars.json         | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/templates/new_service/terraform/domains/infrastructure/config/zones.tfvars.json b/templates/new_service/terraform/domains/infrastructure/config/zones.tfvars.json
index 90bbc2b8..eb2e2f1a 100644
--- a/templates/new_service/terraform/domains/infrastructure/config/zones.tfvars.json
+++ b/templates/new_service/terraform/domains/infrastructure/config/zones.tfvars.json
@@ -2,11 +2,7 @@
     "hosted_zone": {
       "#DNS_ZONE_NAME#": {
         "caa_records": {},
-        "txt_records": {
-          "_dmarc": {
-            "value": "v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s;fo=1;rua=mailto:dmarc-rua@dmarc.service.gov.uk,mailto:becomingateacher+dmarc@digital.education.gov.uk;ruf=mailto:dmarc-ruf@dmarc.service.gov.uk"
-          }
-        },
+        "txt_records": {},
         "resource_group_name": "#DOMAINS_RESOURCE_GROUP_NAME#",
         "front_door_name": "#FRONT_DOOR_NAME#"
       }

From 343f976ff697a6cc70bb7eb9f48a91907aa117f7 Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:33:06 +0000
Subject: [PATCH 4/6] Template: add bin/konduit.sh to .gitignore

---
 templates/new_service/.gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/new_service/.gitignore b/templates/new_service/.gitignore
index ea67a66a..172837b4 100644
--- a/templates/new_service/.gitignore
+++ b/templates/new_service/.gitignore
@@ -3,3 +3,4 @@ terraform/application/vendor
 terraform/domains/environment_domains/vendor
 terraform.tfstate*
 bin/terrafile
+bin/konduit.sh

From 19b1c762116195a0465f36295520f05b57514c70 Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:34:33 +0000
Subject: [PATCH 5/6] Template: Fix Makefile domains comments

---
 templates/new_service/Makefile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/new_service/Makefile b/templates/new_service/Makefile
index 1f17f567..126eae16 100644
--- a/templates/new_service/Makefile
+++ b/templates/new_service/Makefile
@@ -87,10 +87,10 @@ domains-infra-init: bin/terrafile domains composed-variables set-azure-account
 		-backend-config=storage_account_name=${STORAGE_ACCOUNT_NAME} \
 		-backend-config=key=domains_infrastructure.tfstate
 
-domains-infra-plan: domains domains-infra-init  ## Terraform plan for DNS infrastructure (zone and front door. Usage: make domains-infra-plan
+domains-infra-plan: domains domains-infra-init  ## Terraform plan for DNS infrastructure (DNS zone and front door). Usage: make domains-infra-plan
 	terraform -chdir=terraform/domains/infrastructure plan -var-file config/zones.tfvars.json
 
-domains-infra-apply: domains domains-infra-init  ## Terraform apply for DNS infrastructure (zone and front door). Usage: make domains-infra-apply
+domains-infra-apply: domains domains-infra-init  ## Terraform apply for DNS infrastructure (DNS zone and front door). Usage: make domains-infra-apply
 	terraform -chdir=terraform/domains/infrastructure apply -var-file config/zones.tfvars.json ${AUTO_APPROVE}
 
 domains-init: bin/terrafile domains composed-variables set-azure-account
@@ -101,10 +101,10 @@ domains-init: bin/terrafile domains composed-variables set-azure-account
 		-backend-config=storage_account_name=${STORAGE_ACCOUNT_NAME} \
 		-backend-config=key=${ENVIRONMENT}.tfstate
 
-domains-plan: domains-init  ## Terraform plan for DNS environment domains. Usage: make development domains domains-plan
+domains-plan: domains-init  ## Terraform plan for DNS environment domains. Usage: make development domains-plan
 	terraform -chdir=terraform/domains/environment_domains plan -var-file config/${CONFIG}.tfvars.json
 
-domains-apply: domains-init ## Terraform apply for DNS environment domains. Usage: make development domains domains-apply
+domains-apply: domains-init ## Terraform apply for DNS environment domains. Usage: make development domains-apply
 	terraform -chdir=terraform/domains/environment_domains apply -var-file config/${CONFIG}.tfvars.json ${AUTO_APPROVE}
 
 test-cluster:

From 38fe1b4c7c4c2d12640d80b42aebd188df27cd56 Mon Sep 17 00:00:00 2001
From: Colin Saliceti <colin.saliceti@digital.education.gov.uk>
Date: Fri, 17 Nov 2023 18:35:14 +0000
Subject: [PATCH 6/6] Template: use appropriate terraform-module tags

---
 .../terraform/application/config/development_Terrafile          | 2 +-
 .../terraform/application/config/production_Terrafile           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/new_service/terraform/application/config/development_Terrafile b/templates/new_service/terraform/application/config/development_Terrafile
index 65af53b1..b4c222c1 100644
--- a/templates/new_service/terraform/application/config/development_Terrafile
+++ b/templates/new_service/terraform/application/config/development_Terrafile
@@ -1,3 +1,3 @@
 aks:
     source:  "https://github.com/DFE-Digital/terraform-modules"
-    version: "main"
+    version: "testing"
diff --git a/templates/new_service/terraform/application/config/production_Terrafile b/templates/new_service/terraform/application/config/production_Terrafile
index 65af53b1..5b2b118f 100644
--- a/templates/new_service/terraform/application/config/production_Terrafile
+++ b/templates/new_service/terraform/application/config/production_Terrafile
@@ -1,3 +1,3 @@
 aks:
     source:  "https://github.com/DFE-Digital/terraform-modules"
-    version: "main"
+    version: "stable"