From 28b00cf11ebf59e6f28015f5b6b1e7345db73a45 Mon Sep 17 00:00:00 2001
From: Angela Tran <angela@compiler.la>
Date: Wed, 16 Aug 2023 15:17:07 +0000
Subject: [PATCH] feat: data migration reads Key Vault secrets to set verifier
 active flag

---
 benefits/core/migrations/0002_data.py | 5 +++++
 terraform/app_service.tf              | 7 ++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/benefits/core/migrations/0002_data.py b/benefits/core/migrations/0002_data.py
index ba0e29286..7e2bc3324 100644
--- a/benefits/core/migrations/0002_data.py
+++ b/benefits/core/migrations/0002_data.py
@@ -167,6 +167,7 @@ def load_data(app, *args, **kwargs):
 
     mst_senior_verifier = EligibilityVerifier.objects.create(
         name=os.environ.get("MST_OAUTH_VERIFIER_NAME", "OAuth claims via Login.gov (MST)"),
+        active=os.environ.get("MST_OAUTH_VERIFIER_ACTIVE", "False").lower() == "true",
         eligibility_type=mst_senior_type,
         auth_provider=senior_auth_provider,
         selection_label_template="eligibility/includes/selection-label--senior.html",
@@ -175,6 +176,7 @@ def load_data(app, *args, **kwargs):
 
     mst_veteran_verifier = EligibilityVerifier.objects.create(
         name=os.environ.get("MST_VETERAN_VERIFIER_NAME", "VA.gov - Veteran (MST)"),
+        active=os.environ.get("MST_VETERAN_VERIFIER_ACTIVE", "False").lower() == "true",
         eligibility_type=mst_veteran_type,
         auth_provider=veteran_auth_provider,
         selection_label_template="eligibility/includes/selection-label--veteran.html",
@@ -183,6 +185,7 @@ def load_data(app, *args, **kwargs):
 
     mst_courtesy_card_verifier = EligibilityVerifier.objects.create(
         name=os.environ.get("COURTESY_CARD_VERIFIER", "Eligibility Server Verifier"),
+        active=os.environ.get("COURTESY_CARD_VERIFIER_ACTIVE", "False").lower() == "true",
         api_url=os.environ.get("COURTESY_CARD_VERIFIER_API_URL", "http://server:8000/verify"),
         api_auth_header=os.environ.get("COURTESY_CARD_VERIFIER_API_AUTH_HEADER", "X-Server-API-Key"),
         api_auth_key=os.environ.get("COURTESY_CARD_VERIFIER_API_AUTH_KEY", "server-auth-token"),
@@ -199,6 +202,7 @@ def load_data(app, *args, **kwargs):
 
     sacrt_senior_verifier = EligibilityVerifier.objects.create(
         name=os.environ.get("SACRT_OAUTH_VERIFIER_NAME", "OAuth claims via Login.gov (SacRT)"),
+        active=os.environ.get("SACRT_OAUTH_VERIFIER_ACTIVE", "False").lower() == "true",
         eligibility_type=sacrt_senior_type,
         auth_provider=senior_auth_provider,
         selection_label_template="eligibility/includes/selection-label--senior.html",
@@ -207,6 +211,7 @@ def load_data(app, *args, **kwargs):
 
     sbmtd_senior_verifier = EligibilityVerifier.objects.create(
         name=os.environ.get("SBMTD_OAUTH_VERIFIER_NAME", "OAuth claims via Login.gov (SBMTD)"),
+        active=os.environ.get("SBMTD_OAUTH_VERIFIER_ACTIVE", "False").lower() == "true",
         eligibility_type=sbmtd_senior_type,
         auth_provider=senior_auth_provider,
         selection_label_template="eligibility/includes/selection-label--senior.html",
diff --git a/terraform/app_service.tf b/terraform/app_service.tf
index c72d80856..63e44c89e 100644
--- a/terraform/app_service.tf
+++ b/terraform/app_service.tf
@@ -106,8 +106,11 @@ resource "azurerm_linux_web_app" "main" {
     "VETERAN_AUTH_PROVIDER_CLAIM"                          = "${local.secret_prefix}veteran-auth-provider-claim)"
     "VETERAN_AUTH_PROVIDER_SCHEME"                         = "${local.secret_prefix}veteran-auth-provider-scheme)"
     "MST_OAUTH_VERIFIER_NAME"                              = "${local.secret_prefix}mst-oauth-verifier-name)"
+    "MST_OAUTH_VERIFIER_ACTIVE"                            = "${local.secret_prefix}mst-oauth-verifier-active)"
     "MST_VETERAN_VERIFIER_NAME"                            = "${local.secret_prefix}mst-veteran-verifier-name)"
+    "MST_VETERAN_VERIFIER_ACTIVE"                          = "${local.secret_prefix}mst-veteran-verifier-active)"
     "COURTESY_CARD_VERIFIER"                               = "${local.secret_prefix}courtesy-card-verifier)"
+    "COURTESY_CARD_VERIFIER_ACTIVE"                        = "${local.secret_prefix}courtesy-card-verifier-active)"
     "COURTESY_CARD_VERIFIER_API_URL"                       = "${local.secret_prefix}courtesy-card-verifier-api-url)"
     "COURTESY_CARD_VERIFIER_API_AUTH_HEADER"               = "${local.secret_prefix}courtesy-card-verifier-api-auth-header)"
     "COURTESY_CARD_VERIFIER_API_AUTH_KEY"                  = "${local.secret_prefix}courtesy-card-verifier-api-auth-key)"
@@ -115,7 +118,9 @@ resource "azurerm_linux_web_app" "main" {
     "COURTESY_CARD_VERIFIER_JWE_ENCRYPTION_ALG"            = "${local.secret_prefix}courtesy-card-verifier-jwe-encryption-alg)"
     "COURTESY_CARD_VERIFIER_JWS_SIGNING_ALG"               = "${local.secret_prefix}courtesy-card-verifier-jws-signing-alg)"
     "SACRT_OAUTH_VERIFIER_NAME"                            = "${local.secret_prefix}sacrt-oauth-verifier-name)"
-    "SBMTD_SENIOR_VERIFIER_NAME"                           = "${local.secret_prefix}sbmtd-senior-verifier-name"
+    "SACRT_OAUTH_VERIFIER_ACTIVE"                          = "${local.secret_prefix}sacrt-oauth-verifier-active)"
+    "SBMTD_SENIOR_VERIFIER_NAME"                           = "${local.secret_prefix}sbmtd-senior-verifier-name)"
+    "SBMTD_SENIOR_VERIFIER_ACTIVE"                         = "${local.secret_prefix}sbmtd-senior-verifier-active)"
     "MST_PAYMENT_PROCESSOR_NAME"                           = "${local.secret_prefix}mst-payment-processor-name)"
     "MST_PAYMENT_PROCESSOR_API_BASE_URL"                   = "${local.secret_prefix}mst-payment-processor-api-base-url)"
     "MST_PAYMENT_PROCESSOR_API_ACCESS_TOKEN_ENDPOINT"      = "${local.secret_prefix}mst-payment-processor-api-access-token-endpoint)"