npm - @govuk-pay/cli - Versions diffs - 0.0.7 → 0.0.8 - Mend

@govuk-pay/cli 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@govuk-pay/cli",
-  "version": "0.0.7",
+  "version": "0.0.8",
   "description": "GOV.UK Pay Command Line Interface",
   "bin": {
     "pay": "bin/cli.js",

package/resources/legacy-ruby-cli/config/secrets.yml CHANGED Viewed

@@ -50,6 +50,7 @@ pay-low-pass:
       end-to-end/docker-username:                dockerhub/concourse-username
       end-to-end/docker-access-token:            dockerhub/concourse-access-token
       github-access-token:                       alphagov-pay-ci-concourse/github.com-concourse-github-personal-access-token
+      grafana-annotations-password:        concourse/grafana_annotations
       slack-notification-secret:             slack/notification-secret
     cd-pay-dev:
       docker-email:                        dockerhub/concourse-email
@@ -57,6 +58,7 @@ pay-low-pass:
       docker-password:                     dockerhub/concourse-password
       docker-access-token:                 dockerhub/concourse-access-token
       github-access-token:                 alphagov-pay-ci-concourse/github.com-concourse-github-personal-access-token
+      grafana-annotations-password:        concourse/grafana_annotations
       pay-js-commons/github-access-token:  alphagov-pay-ci-concourse/github.com-concourse-github-personal-access-token
       pr-ci/github-access-token:           alphagov-pay-ci-concourse/github.com-concourse-github-personal-access-token
       slack-notification-secret:           slack/notification-secret
@@ -88,12 +90,14 @@ pay-low-pass:
   test-12:
     adminusers:
       DB_PASSWORD:                                  aws/rds/application_users/test/adminusers1
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test/adminusers_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                               notify/api_key/ci/test.adminusers.notify_api_key
       SENTRY_DSN:                                   sentry_io/adminusers_dsn
     cardid:
       SENTRY_DSN:                                   sentry_io/cardid_dsn
     connector:
       DB_PASSWORD:                                                       aws/rds/application_users/test/connector2
+      DB_SUPPORT_PASSWORD_READONLY:                                      aws/rds/support_readonly_users/test/connector_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                                                    notify/api_key/ci/test.connector.notify_api_key
       GDS_CONNECTOR_STRIPE_AUTH_TOKEN:                                   stripe/test/test/account-api-key
       GDS_CONNECTOR_STRIPE_AUTH_LIVE_TOKEN:                              stripe/test/test/account-api-key
@@ -123,24 +127,32 @@ pay-low-pass:
       SENTRY_CSP_REPORT_URI:                          sentry/frontend_csp_report_uri
     ledger:
       DB_PASSWORD:                                  aws/rds/application_users/test/ledger
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test/ledger_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/ledger_dsn
     webhooks:
       DB_PASSWORD:                                  aws/rds/application_users/test/webhooks # pragma: allowlist secret
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test/webhooks_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/webhooks_dsn
     product-page:
       pager_duty_cloudwatch_integration_url:        pager-duty/govuk-pay-product-page/amazon-cloudwatch-integration-url
     publicapi:
-      TOKEN_API_HMAC_SECRET:                        ""
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_API_HMAC_SECRET:                        ""
       SENTRY_DSN:                                   sentry_io/publicapi_dsn
     publicauth:
       DB_USER:                                      ""
       DB_PASSWORD:                                  ""
-      TOKEN_DB_BCRYPT_SALT:                         ""
-      TOKEN_API_HMAC_SECRET:                        ""
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test/publicauth_support_readonly # pragma: allowlist secret
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_DB_BCRYPT_SALT:                         ""
+      # TOKEN_API_HMAC_SECRET:                        ""
       SENTRY_DSN:                                   sentry_io/publicauth_dsn
     products:
       DB_USER:                                      ""
       DB_PASSWORD:                                  ""
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test/products_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/products_dsn
     products-ui:
       SESSION_ENCRYPTION_KEY:                       ""
@@ -176,13 +188,15 @@ pay-low-pass:
   test-perf-1:
     adminusers:
       DB_PASSWORD:                                  aws/rds/application_users/test/adminusers
-      NOTIFY_API_KEY:                               notify/api_key/ci/test.adminusers.notify_api_key
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test-perf/adminusers_support_readonly # pragma: allowlist secret
+      NOTIFY_API_KEY:                               notify/api_key/ci/test_perf.adminusers.notify_api_key # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/adminusers_dsn
     cardid:
       SENTRY_DSN:                                   sentry_io/cardid_dsn
     connector:
       DB_PASSWORD:                                                       aws/rds/superuser/test-12/connector/payment-password
-      NOTIFY_API_KEY:                                                    notify/api_key/ci/test.connector.notify_api_key
+      DB_SUPPORT_PASSWORD_READONLY:                                      aws/rds/support_readonly_users/test-perf/connector_support_readonly # pragma: allowlist secret
+      NOTIFY_API_KEY:                                                    notify/api_key/ci/test_perf.connector.notify_api_key # pragma: allowlist secret
       GDS_CONNECTOR_STRIPE_AUTH_TOKEN:                                   stripe/test/test/account-api-key
       GDS_CONNECTOR_STRIPE_AUTH_LIVE_TOKEN:                              stripe/test/test/account-api-key
       GDS_CONNECTOR_STRIPE_WEBHOOK_SIGN_SECRET:                          stripe/test/test/webhook-secret
@@ -209,19 +223,26 @@ pay-low-pass:
       SENTRY_CSP_REPORT_URI:                          sentry/frontend_csp_report_uri
     ledger:
       DB_PASSWORD:                                  aws/rds/application_users/test/ledger
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test-perf/ledger_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/ledger_dsn
     publicapi:
-      TOKEN_API_HMAC_SECRET:                        ""
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_API_HMAC_SECRET:                        ""
       SENTRY_DSN:                                   sentry_io/publicapi_dsn
     publicauth:
       DB_USER:                                      ""
       DB_PASSWORD:                                  ""
-      TOKEN_DB_BCRYPT_SALT:                         ""
-      TOKEN_API_HMAC_SECRET:                        ""
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test-perf/publicauth_support_readonly # pragma: allowlist secret
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_DB_BCRYPT_SALT:                         ""
+      # TOKEN_API_HMAC_SECRET:                        ""
       SENTRY_DSN:                                   sentry_io/publicauth_dsn
     products:
       DB_USER:                                      ""
       DB_PASSWORD:                                  ""
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test-perf/products_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/products_dsn
     products-ui:
       SESSION_ENCRYPTION_KEY:                       ""
@@ -255,6 +276,7 @@ pay-low-pass:
       ZENDESK_USER:                                 zendesk/user
     webhooks:
       DB_PASSWORD:                                  aws/rds/application_users/test/webhooks # pragma: allowlist secret
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/test-perf/webhooks_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/webhooks_dsn
   test:
     alb_and_s3_logging_pipeline:
@@ -270,18 +292,24 @@ pay-low-pass:
       docker-username: dockerhub/concourse-username
       docker-access-token: dockerhub/concourse-access-token
       github-access-token: alphagov-pay-ci-concourse/github.com-concourse-github-personal-access-token
+    worldpay_secure_file_gateway:
+      private-key: worldpay/secure_file_gateway/worldpay_secure_file_gateway.rsa
+      public-key: worldpay/secure_file_gateway/worldpay_secure_file_gateway.rsa.pub
+      passphrase: worldpay/secure_file_gateway/passphrase
   ci:
     alb_and_s3_logging_pipeline:
       firehose_hec_token: splunk/firehose-hec-token
   staging-2:
     adminusers:
       DB_PASSWORD:                                  aws/rds/application_users/staging/adminusers1
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/staging/adminusers_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                               notify/api_key/deploy/staging.adminusers.notify_api_key
       SENTRY_DSN:                                   sentry_io/adminusers_dsn
     cardid:
       SENTRY_DSN:                                   sentry_io/cardid_dsn
     connector:
       DB_PASSWORD:                                                       aws/rds/application_users/staging/connector1
+      DB_SUPPORT_PASSWORD_READONLY:                                      aws/rds/support_readonly_users/staging/connector_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                                                    notify/api_key/deploy/staging.connector.notify_api_key
       GDS_CONNECTOR_STRIPE_AUTH_TOKEN:                                   stripe/staging/test/account-api-key
       GDS_CONNECTOR_STRIPE_AUTH_LIVE_TOKEN:                              stripe/staging/test/account-api-key
@@ -309,8 +337,10 @@ pay-low-pass:
       SENTRY_CSP_REPORT_URI:                          sentry/frontend_csp_report_uri
     ledger:
       DB_PASSWORD:                                  aws/rds/application_users/staging/ledger
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/staging/ledger_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/ledger_dsn
     products:
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/staging/products_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/products_dsn
     products-ui:
       SENTRY_DSN:                                   sentry_io/products_ui_dsn
@@ -318,9 +348,16 @@ pay-low-pass:
       GOOGLE_RECAPTCHA_SITE_KEY:                    google/test/captcha-site-key
     publicapi:
       SENTRY_DSN:                                   sentry_io/publicapi_dsn
-      TOKEN_API_HMAC_SECRET:                        ""
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_API_HMAC_SECRET:                        ""
     publicauth:
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/staging/publicauth_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/publicauth_dsn
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_DB_BCRYPT_SALT:                         ""
+      # TOKEN_API_HMAC_SECRET:                        ""
     product-page:
       pager_duty_cloudwatch_integration_url:        pager-duty/govuk-pay-product-page/amazon-cloudwatch-integration-url
     terraform:
@@ -351,6 +388,7 @@ pay-low-pass:
       ZENDESK_USER:                                 zendesk/user
     webhooks:
       DB_PASSWORD:                                  aws/rds/application_users/staging/webhooks # pragma: allowlist secret
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/staging/webhooks_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/webhooks_dsn
     webhooks_intrusion_monitoring:
       pager_duty_cloudwatch_integration_url:        pager-duty/govuk-pay-staging-webhooks/amazon-cloudwatch-integration-url
@@ -360,12 +398,14 @@ pay-low-pass:
   production-2:
     adminusers:
       DB_PASSWORD:                                  aws/rds/application_users/production/adminusers1
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/production/adminusers_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                               notify/api_key/deploy/production.adminusers.notify_api_key
       SENTRY_DSN:                                   sentry_io/adminusers_dsn
     cardid:
       SENTRY_DSN:                                   sentry_io/cardid_dsn
     connector:
       DB_PASSWORD:                                                       aws/rds/application_users/production/connector2
+      DB_SUPPORT_PASSWORD_READONLY:                                      aws/rds/support_readonly_users/production/connector_support_readonly # pragma: allowlist secret
       NOTIFY_API_KEY:                                                    notify/api_key/deploy/production.connector.notify_api_key
       GDS_CONNECTOR_STRIPE_AUTH_TOKEN:                                   stripe/production/test/account-api-key
       GDS_CONNECTOR_STRIPE_AUTH_LIVE_TOKEN:                              stripe/production/live/account-api-key
@@ -393,12 +433,14 @@ pay-low-pass:
       SENTRY_CSP_REPORT_URI:                          sentry/frontend_csp_report_uri
     ledger:
       DB_PASSWORD:                                  aws/rds/application_users/production/ledger
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/production/ledger_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/ledger_dsn
     network:
       PAGER_DUTY_CLOUDWATCH_ALB_INTEGRATION_URL:    pager-duty/govuk-pay-cloudwatch-alb/amazon-cloudwatch-integration-url
     product-page:
       pager_duty_cloudwatch_integration_url:        pager-duty/govuk-pay-product-page/amazon-cloudwatch-integration-url
     products:
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/production/products_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/products_dsn
     products-ui:
       SENTRY_DSN:                                   sentry_io/products_ui_dsn
@@ -408,7 +450,12 @@ pay-low-pass:
     publicapi:
       SENTRY_DSN:                                   sentry_io/publicapi_dsn
     publicauth:
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/production/publicauth_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/publicauth_dsn
+      # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+      # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+      # TOKEN_DB_BCRYPT_SALT:                         ""
+      # TOKEN_API_HMAC_SECRET:                        ""
     terraform:
       ADMINUSERS_RDS_PASSWORD:                      aws/rds/superuser/production-2/adminusers/payment-password
       CONNECTOR_RDS_PASSWORD:                       aws/rds/superuser/production-2/connector/payment-password
@@ -437,6 +484,7 @@ pay-low-pass:
       ZENDESK_USER:                                 zendesk/user
     webhooks:
       DB_PASSWORD:                                  aws/rds/application_users/production/webhooks # pragma: allowlist secret
+      DB_SUPPORT_PASSWORD_READONLY:                 aws/rds/support_readonly_users/production/webhooks_support_readonly # pragma: allowlist secret
       SENTRY_DSN:                                   sentry_io/webhooks_dsn
     webhooks_intrusion_monitoring:
       pager_duty_cloudwatch_integration_url:        pager-duty/govuk-pay/amazon-cloudwatch-integration-url
@@ -480,9 +528,11 @@ value:
   test-12:
     adminusers:
       DB_USER: "adminusers1"
+      DB_SUPPORT_USER_READONLY: "adminusers_support_readonly"
       NOTIFY_SECRET: ""
     connector:
       DB_USER: "connector2"
+      DB_SUPPORT_USER_READONLY: "connector_support_readonly"
       NOTIFY_SECRET: ""
     frontend:
       AB_TEST_THRESHOLD:      "50"
@@ -490,12 +540,16 @@ value:
       GOOGLE_PAY_MERCHANT_ID_2: "value-not-set"
     ledger:
       DB_USER: "ledger"
+      DB_SUPPORT_USER_READONLY: "ledger_support_readonly"
     webhooks:
       DB_USER: "webhooks"
+      DB_SUPPORT_USER_READONLY: "webhooks_support_readonly"
     publicauth:
       DB_USER: "publicauth1"
+      DB_SUPPORT_USER_READONLY: "publicauth_support_readonly"
     products:
       DB_USER: "products"
+      DB_SUPPORT_USER_READONLY: "products_support_readonly"
     toolbox:
       AUTH_GITHUB_VIEW_ONLY_TEAM_ID: "3304536"
       AUTH_GITHUB_USER_SUPPORT_TEAM_ID: "3304536"
@@ -505,9 +559,11 @@ value:
   test-perf-1:
     adminusers:
       DB_USER: "adminusers"
+      DB_SUPPORT_USER_READONLY: "adminusers_support_readonly"
       NOTIFY_SECRET: ""
     connector:
       DB_USER: "connector"
+      DB_SUPPORT_USER_READONLY: "connector_support_readonly"
       NOTIFY_SECRET: ""
     frontend:
       AB_TEST_THRESHOLD:      "50"
@@ -515,10 +571,13 @@ value:
       GOOGLE_PAY_MERCHANT_ID_2: "value-not-set"
     ledger:
       DB_USER: "ledger"
+      DB_SUPPORT_USER_READONLY: "ledger_support_readonly"
     publicauth:
       DB_USER: "publicauth"
+      DB_SUPPORT_USER_READONLY: "publicauth_support_readonly"
     products:
       DB_USER: "products"
+      DB_SUPPORT_USER_READONLY: "products_support_readonly"
     terraform:
       PERF_ENV: "true"
     toolbox:
@@ -529,12 +588,15 @@ value:
       AUTH_GITHUB_ADMIN_TEAM_ID: "3304536"
     webhooks:
       DB_USER: "webhooks"
+      DB_SUPPORT_USER_READONLY: "webhooks_support_readonly"
   staging-2:
     adminusers:
       DB_USER: "adminusers1"
+      DB_SUPPORT_USER_READONLY: "adminusers_support_readonly"
       NOTIFY_SECRET: ""
     connector:
       DB_USER: "connector1"
+      DB_SUPPORT_USER_READONLY: "connector_support_readonly"
       NOTIFY_SECRET: ""
     frontend:
       AB_TEST_THRESHOLD:      "50"
@@ -542,10 +604,13 @@ value:
       GOOGLE_PAY_MERCHANT_ID_2: "value-not-set"
     ledger:
       DB_USER: "ledger"
+      DB_SUPPORT_USER_READONLY: "ledger_support_readonly"
     publicauth:
       DB_USER: "publicauth1"
+      DB_SUPPORT_USER_READONLY: "publicauth_support_readonly"
     products:
       DB_USER: "products"
+      DB_SUPPORT_USER_READONLY: "products_support_readonly"
     toolbox:
       AUTH_GITHUB_VIEW_ONLY_TEAM_ID: "3304500"
       AUTH_GITHUB_USER_SUPPORT_TEAM_ID: "3304500"
@@ -554,21 +619,27 @@ value:
       PERF_ENV: "false"
     webhooks:
       DB_USER: "webhooks"
+      DB_SUPPORT_USER_READONLY: "webhooks_support_readonly"
   production-2:
     adminusers:
       DB_USER: "adminusers1"
+      DB_SUPPORT_USER_READONLY: "adminusers_support_readonly"
       NOTIFY_SECRET: ""
     connector:
       DB_USER: "connector2"
+      DB_SUPPORT_USER_READONLY: "connector_support_readonly"
       NOTIFY_SECRET: ""
     frontend:
       AB_TEST_THRESHOLD:     "50"
     ledger:
       DB_USER: "ledger"
+      DB_SUPPORT_USER_READONLY: "ledger_support_readonly"
     publicauth:
       DB_USER: "publicauth1"
+      DB_SUPPORT_USER_READONLY: "publicauth_support_readonly"
     products:
       DB_USER: "products"
+      DB_SUPPORT_USER_READONLY: "products_support_readonly"
     performance-slack:
       SLACK_URI: "https://hooks.slack.com/services/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"
     toolbox:
@@ -579,3 +650,4 @@ value:
       PERF_ENV: "false"
     webhooks:
       DB_USER: "webhooks"
+      DB_SUPPORT_USER_READONLY: "webhooks_support_readonly"

package/resources/legacy-ruby-cli/config/service_secrets.yml CHANGED Viewed

@@ -2,6 +2,8 @@
 adminusers:
   - DB_USER
   - DB_PASSWORD
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
   - NOTIFY_API_KEY
   - NOTIFY_SECRET
   - SENTRY_DSN
@@ -15,6 +17,8 @@ cardid:
 connector:
   - DB_USER
   - DB_PASSWORD
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
   - NOTIFY_SECRET
   - NOTIFY_API_KEY
   - GDS_CONNECTOR_STRIPE_AUTH_TOKEN
@@ -61,19 +65,27 @@ frontend:
 network:
   - PAGER_DUTY_CLOUDWATCH_ALB_INTEGRATION_URL
 publicapi:
-  - TOKEN_API_HMAC_SECRET
+  # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+  # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+  # - TOKEN_API_HMAC_SECRET
   - SENTRY_DSN
 publicauth:
   - DB_USER
   - DB_PASSWORD
-  - TOKEN_DB_BCRYPT_SALT
-  - TOKEN_API_HMAC_SECRET
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
+  # These secrets are used by the app, but having them set to an empty string tries to overwrite working secrets with
+  # the words 'Password Store'. They are not in pay-low-pass, so for now to stop them being overwritten I'm commenting them out
+  # - TOKEN_DB_BCRYPT_SALT
+  # - TOKEN_API_HMAC_SECRET
   - SENTRY_DSN
 product-page:
   - pager_duty_cloudwatch_integration_url
 products:
   - DB_USER
   - DB_PASSWORD
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
   - SENTRY_DSN
 products-ui:
   - SESSION_ENCRYPTION_KEY
@@ -92,10 +104,14 @@ performance-slack:
 ledger:
   - DB_PASSWORD
   - DB_USER
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
   - SENTRY_DSN
 webhooks:
   - DB_PASSWORD
   - DB_USER
+  - DB_SUPPORT_USER_READONLY
+  - DB_SUPPORT_PASSWORD_READONLY
   - SENTRY_DSN
 toolbox:
   - AUTH_GITHUB_CLIENT_ID
@@ -109,8 +125,6 @@ toolbox:
   - ZENDESK_API_KEY
   - ZENDESK_USER
 cd-pay-deploy:
-  - cf-password
-  - cf-username
   - docker-password
   - docker-username
   - docker-email
@@ -120,10 +134,9 @@ cd-pay-deploy:
   - end-to-end/docker-email
   - end-to-end/docker-access-token
   - github-access-token
+  - grafana-annotations-password
   - pact-broker-username
   - pact-broker-password
-  - pact-broker/cf-password
-  - pact-broker/cf-username
   - pact-broker/pact-broker-password
   - pact-broker/pact-broker-username
   - pay_aws_deploy_account_id
@@ -132,13 +145,12 @@ cd-pay-deploy:
   - pay_aws_test_account_id
   - slack-notification-secret
 cd-pay-dev:
-  - cf-password
-  - cf-username
   - docker-email
   - docker-username
   - docker-password
   - docker-access-token
   - github-access-token
+  - grafana-annotations-password
   - pact-broker-username
   - pact-broker-password
   - pay_aws_deploy_account_id
@@ -172,3 +184,7 @@ codebuild:
   - docker-username
   - docker-access-token
   - github-access-token
+worldpay_secure_file_gateway:
+  - private-key
+  - public-key
+  - passphrase

package/resources/legacy-ruby-cli/lib/pay_cli/commands/local/config.yaml CHANGED Viewed

@@ -64,8 +64,11 @@ publicauth:
 publicapi:
   name: publicapi
   type: java
+  proxy: true
+  naxsi: true
   port: 9100
   admin_port: 9101
+  proxy_port: 39100
   healthcheck: true
   uses_redis: true
   environment_overrides: