From 6b01291f676c2c5e87d297cf51a68111e6f685d0 Mon Sep 17 00:00:00 2001
From: Steven Leighton <steven.leighton@digital.justice.gov.uk>
Date: Wed, 6 Sep 2023 11:27:24 +0100
Subject: [PATCH] Remove long lived creds

---
 config/application.rb                         | 16 +++++++--------
 .../templates/deployment.yaml                 | 20 +++++++++----------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/config/application.rb b/config/application.rb
index 1a15d1f..7ca9bb4 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -34,14 +34,14 @@ class Application < Rails::Application
     # Only loads a smaller set of middleware suitable for API only apps.
     # Middleware like session, flash, cookies can be added back manually.
     # Skip views, helpers and assets when generating a new resource.
-    config.x.s3_internal_bucket_config = {
-      access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'),
-      secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY')
-    }
-    config.x.s3_external_bucket_config = {
-      access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'),
-      secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY')
-    }
+    # config.x.s3_internal_bucket_config = {
+    #   access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'),
+    #   secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY')
+    # }
+    # config.x.s3_external_bucket_config = {
+    #   access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'),
+    #   secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY')
+    # }
     config.api_only = true
   end
 end
diff --git a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml
index ba81711..b5545d2 100644
--- a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml
+++ b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml
@@ -70,16 +70,16 @@ spec:
               secretKeyRef:
                 name: fb-user-filestore-api-secrets-{{ .Values.environmentName }}
                 key: key_encryption_iv
-          - name: AWS_ACCESS_KEY_ID
-            valueFrom:
-              secretKeyRef:
-                name: s3-formbuilder-user-filestore-{{ .Values.environmentName }}
-                key: access_key_id
-          - name: AWS_SECRET_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: s3-formbuilder-user-filestore-{{ .Values.environmentName }}
-                key: secret_access_key
+          # - name: AWS_ACCESS_KEY_ID
+          #   valueFrom:
+          #     secretKeyRef:
+          #       name: s3-formbuilder-user-filestore-{{ .Values.environmentName }}
+          #       key: access_key_id
+          # - name: AWS_SECRET_ACCESS_KEY
+          #   valueFrom:
+          #     secretKeyRef:
+          #       name: s3-formbuilder-user-filestore-{{ .Values.environmentName }}
+          #       key: secret_access_key
           - name: AWS_S3_BUCKET_NAME
             valueFrom:
               secretKeyRef: