Use ENV instead of directly accessing SecretsManager.

mbta · Aug 2, 2024 · 1710c6e · 1710c6e
1 parent 6eafd0d
commit 1710c6e
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 23 deletions.
diff --git a/config/runtime.exs b/config/runtime.exs
@@ -28,23 +28,7 @@ if config_env() == :prod do
   {:ok, _} = Application.ensure_all_started(:ex_aws)
   {:ok, _} = Application.ensure_all_started(:ex_aws_secretsmanager)
 
-  secret_key_base =
-    (eb_env_name <> "-secret-key-base")
-    |> ExAws.SecretsManager.get_secret_value()
-    |> ExAws.request!()
-    |> Map.fetch!("SecretString")
-
-  api_v3_key =
-    (eb_env_name <> "-api-v3-key")
-    |> ExAws.SecretsManager.get_secret_value()
-    |> ExAws.request!()
-    |> Map.fetch!("SecretString")
-
-  screens_auth_secret =
-    (eb_env_name <> "-screens-auth-secret")
-    |> ExAws.SecretsManager.get_secret_value()
-    |> ExAws.request!()
-    |> Map.fetch!("SecretString")
+  eb_env_name = System.get_env("ENVIRONMENT_NAME")
 
   signs_ui_s3_bucket =
     case eb_env_name do
@@ -56,13 +40,11 @@ if config_env() == :prod do
 
   config :screens, ScreensWeb.Endpoint,
     http: [:inet6, port: String.to_integer(System.get_env("PORT") || "4000")],
-    secret_key_base: secret_key_base
+    secret_key_base: System.get_env("SECRET_KEY_BASE")
 
   sentry_dsn = System.get_env("SENTRY_DSN")
 
   config :screens,
-    api_v3_url: api_v3_url,
-    api_v3_key: api_v3_key,
     environment_name: eb_env_name,
     signs_ui_s3_bucket: signs_ui_s3_bucket,
     sentry_frontend_dsn: sentry_dsn,
@@ -74,7 +56,7 @@ if config_env() == :prod do
       environment_name: eb_env_name
   end
 
-  config :screens, ScreensWeb.AuthManager, secret_key: screens_auth_secret
+  config :screens, ScreensWeb.AuthManager, secret_key: System.get_env("SCREENS_AUTH_SECRET")
 
   config :screens, Screens.ScreensByAlert.Memcache,
     connection_opts: [

diff --git a/mix.exs b/mix.exs
@@ -66,7 +66,6 @@ defmodule Screens.MixProject do
       {:mix_test_watch, "~> 1.0", only: :dev, runtime: false},
       {:ex_aws, "~> 2.1"},
       {:ex_aws_s3, "~> 2.1"},
-      {:ex_aws_secretsmanager, "~> 2.0", only: :prod},
       {:ex_aws_polly, "~> 0.5.0"},
       {:ehmon, github: "mbta/ehmon", only: :prod},
       {:sweet_xml, "~> 0.7.0"},

diff --git a/mix.lock b/mix.lock
@@ -19,7 +19,6 @@
   "ex_aws": {:hex, :ex_aws, "2.5.4", "86c5bb870a49e0ab6f5aa5dd58cf505f09d2624ebe17530db3c1b61c88a673af", [:mix], [{:configparser_ex, "~> 4.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "~> 1.16", [hex: :hackney, repo: "hexpm", optional: true]}, {:jason, "~> 1.1", [hex: :jason, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8 or ~> 3.0", [hex: :jsx, repo: "hexpm", optional: true]}, {:mime, "~> 1.2 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:sweet_xml, "~> 0.7", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.3 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "e82bd0091bb9a5bb190139599f922ff3fc7aebcca4374d65c99c4e23aa6d1625"},
   "ex_aws_polly": {:hex, :ex_aws_polly, "0.5.0", "277662ce3f4203eef352ae0ea37df1feb54c291d8717cc6c241575e25c861c4c", [:mix], [{:ex_aws, "~> 2.1", [hex: :ex_aws, repo: "hexpm", optional: false]}], "hexpm", "a021192995409c103b927c75d1d1d2e892f2bb23a0c0063bc85355907b600ca3"},
   "ex_aws_s3": {:hex, :ex_aws_s3, "2.5.3", "422468e5c3e1a4da5298e66c3468b465cfd354b842e512cb1f6fbbe4e2f5bdaf", [:mix], [{:ex_aws, "~> 2.0", [hex: :ex_aws, repo: "hexpm", optional: false]}, {:sweet_xml, ">= 0.0.0", [hex: :sweet_xml, repo: "hexpm", optional: true]}], "hexpm", "4f09dd372cc386550e484808c5ac5027766c8d0cd8271ccc578b82ee6ef4f3b8"},
-  "ex_aws_secretsmanager": {:hex, :ex_aws_secretsmanager, "2.0.0", "deff8c12335f0160882afeb9687e55a97fddcd7d9a82fc3a6fbb270797374773", [:mix], [{:ex_aws, "~> 2.0", [hex: :ex_aws, repo: "hexpm", optional: false]}], "hexpm", "8b2838af536c32263ff797012b29e87bad73ef34f43cfa60ebca8e84576f6d45"},
   "ex_cldr": {:hex, :ex_cldr, "2.39.2", "4a3a77797da8f900369822ea9353adfa035a5bbbbfff09b2d3d1b6fa461768e3", [:mix], [{:cldr_utils, "~> 2.25", [hex: :cldr_utils, repo: "hexpm", optional: false]}, {:decimal, "~> 1.6 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:gettext, "~> 0.19", [hex: :gettext, repo: "hexpm", optional: true]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:nimble_parsec, "~> 0.5 or ~> 1.0", [hex: :nimble_parsec, repo: "hexpm", optional: true]}], "hexpm", "02fd8913ef28d1b2a4190fd8016c2dec1f2291c9ce56c17d7649848c0261a6eb"},
   "ex_cldr_currencies": {:hex, :ex_cldr_currencies, "2.16.1", "29317f533cb5ec046d04523256cca4090291e9157028f28731395149b06ff8b2", [:mix], [{:ex_cldr, "~> 2.38", [hex: :ex_cldr, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "095d5e973bf0ee066dd1153990d10cb6fa6d8ff0e028295bdce7a7821c70a0e4"},
   "ex_cldr_messages": {:hex, :ex_cldr_messages, "1.0.2", "9909829e8cdb4eeb6d5b4dbe76b8e07ae39d2d2254fb943ff74dd9ace55a9120", [:mix], [{:ex_cldr_dates_times, "~> 2.13", [hex: :ex_cldr_dates_times, repo: "hexpm", optional: true]}, {:ex_cldr_lists, "~> 2.10", [hex: :ex_cldr_lists, repo: "hexpm", optional: true]}, {:ex_cldr_numbers, "~> 2.28", [hex: :ex_cldr_numbers, repo: "hexpm", optional: false]}, {:ex_cldr_units, "~> 3.12", [hex: :ex_cldr_units, repo: "hexpm", optional: true]}, {:ex_doc, "~> 0.20", [hex: :ex_doc, repo: "hexpm", optional: true]}, {:ex_money, "~> 5.9", [hex: :ex_money, repo: "hexpm", optional: true]}, {:gettext, "~> 0.19", [hex: :gettext, repo: "hexpm", optional: true]}, {:jason, "~> 1.1", [hex: :jason, repo: "hexpm", optional: false]}, {:nimble_parsec, "~> 1.0", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm", "3805a92f5ff64ee951f3a0174a85221af0117276ac794638df25b845edf431fa"},