diff --git a/.env.template b/.env.template index c110296..9282368 100644 --- a/.env.template +++ b/.env.template @@ -3,7 +3,7 @@ USER_POOL_ID=eu-west-2_fhHtnXS3G USER_POOL_CLIENT_ID= HOSTED_LOGIN_DOMAIN=nhsnotify-iam-dev-auth-userpool.auth.eu-west-2.amazoncognito.com -NOTIFY_STAGE=nonprod +NOTIFY_GROUP=nonprod NOTIFY_ENVIRONMENT=dev AWS_APP=d1axbs26ewhyx4 AWS_BRANCH=main @@ -14,4 +14,3 @@ AWS_BRANCH=main # Use a GitHub Personal Access Token to deploy a new Amplify integration (connect to a GitHub repo) TF_VAR_github_pat= - diff --git a/amplify/auth/resource.ts b/amplify/auth/resource.ts index c8043a0..80d46e5 100644 --- a/amplify/auth/resource.ts +++ b/amplify/auth/resource.ts @@ -6,7 +6,7 @@ const userPoolClientId = process.env.USER_POOL_CLIENT_ID!; const hostedLoginDomain = process.env.HOSTED_LOGIN_DOMAIN!; const appId = process.env.AWS_APP_ID!; -const stage = process.env.NOTIFY_STAGE!; +const group = process.env.NOTIFY_GROUP!; const subdomain = process.env.NOTIFY_SUBDOMAIN!; const domainName = process.env.NOTIFY_DOMAIN_NAME!; @@ -28,12 +28,12 @@ export const authConfig: DeepPartialAmplifyGeneratedConfigs = { 'redirect_sign_in_uri': [ `https://${subdomain}.${appId}.amplifyapp.com/auth/`, `https://${subdomain}.${domainName}/auth/`, - ...(stage === 'nonprod' ? ['http://localhost:3000/auth/']: []) + ...(group === 'nonprod' ? ['http://localhost:3000/auth/']: []) ], 'redirect_sign_out_uri': [ `https://${subdomain}.${appId}.amplifyapp.com/`, `https://${subdomain}.${domainName}/`, - ...(stage === 'nonprod' ? ['http://localhost:3000/']: []) + ...(group === 'nonprod' ? ['http://localhost:3000/']: []) ], 'response_type': 'code' }, diff --git a/infrastructure/environments/dev/module-amplify-app.tf b/infrastructure/environments/dev/module-amplify-app.tf index ebdbecb..e27a750 100644 --- a/infrastructure/environments/dev/module-amplify-app.tf +++ b/infrastructure/environments/dev/module-amplify-app.tf @@ -3,7 +3,7 @@ module "amplify_app" { domain = var.domain environment = var.environment component = var.component - stage = var.stage + group = var.group cognito_user_pool_id = module.userpool.user_pool_id cognito_hosted_login_domain = module.userpool.hosted_login_domain diff --git a/infrastructure/environments/dev/module-amplify-branch.tf b/infrastructure/environments/dev/module-amplify-branch.tf index 6dd0fd7..aad14c7 100644 --- a/infrastructure/environments/dev/module-amplify-branch.tf +++ b/infrastructure/environments/dev/module-amplify-branch.tf @@ -3,7 +3,7 @@ module "amplify_branch" { domain = var.domain environment = var.environment component = var.component - stage = var.stage + group = var.group cognito_user_pool_id = module.userpool.user_pool_id cognito_user_pool_identity_provider_names = module.userpool.identity_provider_names diff --git a/infrastructure/environments/dev/module-route53-zone.tf b/infrastructure/environments/dev/module-route53-zone.tf index 4d3504c..b2c35b7 100644 --- a/infrastructure/environments/dev/module-route53-zone.tf +++ b/infrastructure/environments/dev/module-route53-zone.tf @@ -3,5 +3,5 @@ module "route53-zone" { domain = var.domain environment = var.environment component = var.component - stage = var.stage + group = var.group } diff --git a/infrastructure/environments/dev/module-userpool.tf b/infrastructure/environments/dev/module-userpool.tf index e49beb9..e4b9a13 100644 --- a/infrastructure/environments/dev/module-userpool.tf +++ b/infrastructure/environments/dev/module-userpool.tf @@ -3,7 +3,7 @@ module "userpool" { domain = var.domain environment = var.environment component = var.component - stage = var.stage + group = var.group app_url = "https://${local.app_domain_name}" } diff --git a/infrastructure/environments/dev/variables.tf b/infrastructure/environments/dev/variables.tf index 00ce94a..aa74f2d 100644 --- a/infrastructure/environments/dev/variables.tf +++ b/infrastructure/environments/dev/variables.tf @@ -3,7 +3,7 @@ variable "domain" { default = "iam" } -variable "stage" { +variable "group" { type = string default = "nonprod" } @@ -25,7 +25,7 @@ variable "github_pat" { variable "repository" { type = string - default = "https://github.com/NHSDigital/nhs-notify-iam" + default = "https://github.com/NHSDigital/nhs-notify-iam-webauth" } variable "branch" { diff --git a/infrastructure/environments/dynamic/module-amplify-branch.tf b/infrastructure/environments/dynamic/module-amplify-branch.tf index d2f50a6..ec2bb16 100644 --- a/infrastructure/environments/dynamic/module-amplify-branch.tf +++ b/infrastructure/environments/dynamic/module-amplify-branch.tf @@ -3,7 +3,7 @@ module "amplify_branch" { domain = var.domain environment = var.environment component = var.component - stage = var.stage + group = var.group cognito_user_pool_id = local.user_pool_id cognito_user_pool_identity_provider_names = local.identity_provider_names diff --git a/infrastructure/environments/dynamic/variables.tf b/infrastructure/environments/dynamic/variables.tf index 8d8d65d..e80f4d7 100644 --- a/infrastructure/environments/dynamic/variables.tf +++ b/infrastructure/environments/dynamic/variables.tf @@ -3,7 +3,7 @@ variable "domain" { default = "iam" } -variable "stage" { +variable "group" { type = string default = "nonprod" } diff --git a/infrastructure/modules/amplify-app/amplify-app.tf b/infrastructure/modules/amplify-app/amplify-app.tf index 3e3f8fe..c644c8d 100644 --- a/infrastructure/modules/amplify-app/amplify-app.tf +++ b/infrastructure/modules/amplify-app/amplify-app.tf @@ -20,7 +20,7 @@ resource "aws_amplify_app" "app" { environment_variables = { USER_POOL_ID = var.cognito_user_pool_id HOSTED_LOGIN_DOMAIN = var.cognito_hosted_login_domain - NOTIFY_STAGE = var.stage + NOTIFY_GROUP = var.group NOTIFY_ENVIRONMENT = var.environment NOTIFY_DOMAIN_NAME = var.domain_name } diff --git a/infrastructure/modules/amplify-app/variables.tf b/infrastructure/modules/amplify-app/variables.tf index 1177db6..18a965e 100644 --- a/infrastructure/modules/amplify-app/variables.tf +++ b/infrastructure/modules/amplify-app/variables.tf @@ -15,9 +15,9 @@ variable "module" { default = "app" } -variable "stage" { +variable "group" { type = string - description = "The domain PTL stage (prod|nonprod)" + description = "The domain PTL group (prod|nonprod)" } variable "cognito_user_pool_id" { diff --git a/infrastructure/modules/amplify-branch/amplify-branch.tf b/infrastructure/modules/amplify-branch/amplify-branch.tf index cef6f62..b5b0de3 100644 --- a/infrastructure/modules/amplify-branch/amplify-branch.tf +++ b/infrastructure/modules/amplify-branch/amplify-branch.tf @@ -18,8 +18,8 @@ resource "aws_amplify_domain_association" "domain" { domain_name = "${var.subdomain}.${var.domain_name}" enable_auto_sub_domain = false - # Wait for domain verification in prod stage environments - wait_for_verification = var.stage == "prod" + # Wait for domain verification in prod group environments + wait_for_verification = var.group == "prod" sub_domain { branch_name = aws_amplify_branch.branch.branch_name diff --git a/infrastructure/modules/amplify-branch/cognito-userpool-client.tf b/infrastructure/modules/amplify-branch/cognito-userpool-client.tf index 73eb5e2..e51b5ef 100644 --- a/infrastructure/modules/amplify-branch/cognito-userpool-client.tf +++ b/infrastructure/modules/amplify-branch/cognito-userpool-client.tf @@ -4,11 +4,11 @@ resource "aws_cognito_user_pool_client" "client" { callback_urls = flatten([ ["https://${var.subdomain}.${var.domain_name}/auth/", "https://${var.subdomain}.${var.amplify_app_id}.amplifyapp.com/auth/"], - var.stage == "nonprod" ? ["http://localhost:3000/auth/"] : + var.group == "nonprod" ? ["http://localhost:3000/auth/"] : var.environment == "prod" ? ["https://notify.nhs.net/auth/"] : [] ]) supported_identity_providers = flatten([ - var.stage == "nonprod" ? ["COGNITO"] : [], + var.group == "nonprod" ? ["COGNITO"] : [], var.cognito_user_pool_identity_provider_names ]) allowed_oauth_flows = ["code"] diff --git a/infrastructure/modules/amplify-branch/variables.tf b/infrastructure/modules/amplify-branch/variables.tf index 67ccac4..4d6d5ad 100644 --- a/infrastructure/modules/amplify-branch/variables.tf +++ b/infrastructure/modules/amplify-branch/variables.tf @@ -15,9 +15,9 @@ variable "module" { default = "branch" } -variable "stage" { +variable "group" { type = string - description = "The domain PTL stage (prod|nonprod)" + description = "The domain PTL group (prod|nonprod)" } variable "cognito_user_pool_id" { diff --git a/infrastructure/modules/route53-zone/route53-zone.tf b/infrastructure/modules/route53-zone/route53-zone.tf index c16acea..6fd5801 100644 --- a/infrastructure/modules/route53-zone/route53-zone.tf +++ b/infrastructure/modules/route53-zone/route53-zone.tf @@ -1,8 +1,8 @@ # Should reference existing zone if created via standard account boostrap # data "aws_route53_zone" "zone" { -# name = "iam.${var.stage}.nhsnotify.national.nhs.uk" +# name = "iam.${var.group}.nhsnotify.national.nhs.uk" # } resource "aws_route53_zone" "zone" { - name = "iam.${var.stage}.nhsnotify.national.nhs.uk" + name = "iam.${var.group}.nhsnotify.national.nhs.uk" } diff --git a/infrastructure/modules/route53-zone/variables.tf b/infrastructure/modules/route53-zone/variables.tf index 7331503..44b31c5 100644 --- a/infrastructure/modules/route53-zone/variables.tf +++ b/infrastructure/modules/route53-zone/variables.tf @@ -15,7 +15,7 @@ variable "module" { default = "r53" } -variable "stage" { +variable "group" { type = string - description = "The domain PTL stage (prod|nonprod)" + description = "The domain PTL group (prod|nonprod)" } diff --git a/infrastructure/modules/userpool/variables.tf b/infrastructure/modules/userpool/variables.tf index 7ce021d..f4a691b 100644 --- a/infrastructure/modules/userpool/variables.tf +++ b/infrastructure/modules/userpool/variables.tf @@ -15,9 +15,9 @@ variable "module" { default = "userpool" } -variable "stage" { +variable "group" { type = string - description = "The domain PTL stage (prod|nonprod)" + description = "The domain PTL group (prod|nonprod)" } variable "app_url" { diff --git a/package.json b/package.json index a4e2e57..ceecbc4 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "name": "nhs-notify-iam", + "name": "nhs-notify-iam-webauth", "version": "1.0.0", "description": "[![CI/CD Pull Request](https://github.com/nhs-england-tools/repository-template/actions/workflows/cicd-1-pull-request.yaml/badge.svg)](https://github.com/nhs-england-tools/repository-template/actions/workflows/cicd-1-pull-request.yaml) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=repository-template&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=repository-template)", "main": "index.js", diff --git a/scripts/config/pre-commit.yaml b/scripts/config/pre-commit.yaml index 41dafe7..29e8765 100644 --- a/scripts/config/pre-commit.yaml +++ b/scripts/config/pre-commit.yaml @@ -12,8 +12,8 @@ repos: exclude: .+\.cs - id: forbid-new-submodules - id: mixed-line-ending - - id: pretty-format-json - args: ['--autofix'] +# - id: pretty-format-json # This re-orders object keys which is annoying for structured JSON config like package.json +# args: ['--autofix'] # - id: ... - repo: local hooks: