From e48ed24769ed3f48da18dc738370b3758d49bcb8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dafydd=20Ll=C5=B7r=20Pearson?= <DafyddLlyr@gmail.com>
Date: Thu, 14 Mar 2024 12:15:33 +0000
Subject: [PATCH 1/4] chore: Update .env files

---
 .env.example                   | 13 -------------
 api.planx.uk/.env.test.example | 21 +--------------------
 2 files changed, 1 insertion(+), 33 deletions(-)

diff --git a/.env.example b/.env.example
index 7ee1b254c6..6374e05983 100644
--- a/.env.example
+++ b/.env.example
@@ -87,28 +87,15 @@ SUPPRESS_LOGS=true
 
 # Local authority specific integrations
 ## Lambeth
-GOV_UK_PAY_TOKEN_LAMBETH=👻
 UNIFORM_CLIENT_LAMBETH=👻
 
 ## Southwark
-GOV_UK_PAY_TOKEN_SOUTHWARK=👻
 UNIFORM_CLIENT_SOUTHWARK=👻
 
 ## Buckinghamshire
-GOV_UK_PAY_TOKEN_BUCKINGHAMSHIRE=👻
 UNIFORM_CLIENT_AYLESBURY_VALE=👻
 UNIFORM_CLIENT_CHILTERN=👻
 UNIFORM_CLIENT_WYCOMBE=👻
 
-## Camden
-GOV_UK_PAY_TOKEN_CAMDEN=👻
-
-## Gloucester
-GOV_UK_PAY_TOKEN_GLOUCESTER=👻
-
-## Medway
-GOV_UK_PAY_TOKEN_MEDWAY=👻
-
 ## End-to-end test team (borrows Lambeth's details)
 GOV_UK_PAY_SECRET_E2E=👻
-GOV_UK_PAY_TOKEN_E2E=👻
diff --git a/api.planx.uk/.env.test.example b/api.planx.uk/.env.test.example
index d422761044..2970a6f0c4 100644
--- a/api.planx.uk/.env.test.example
+++ b/api.planx.uk/.env.test.example
@@ -35,23 +35,4 @@ UNIFORM_SUBMISSION_URL=👻
 
 SLACK_WEBHOOK_URL=👻
 
-ORDNANCE_SURVEY_API_KEY=👻
-
-# Local authority specific integrations
-## Lambeth
-GOV_UK_PAY_TOKEN_LAMBETH=👻
-
-## Southwark
-GOV_UK_PAY_TOKEN_SOUTHWARK=👻
-
-## Buckinghamshire
-GOV_UK_PAY_TOKEN_BUCKINGHAMSHIRE=👻
-
-## Camden
-GOV_UK_PAY_TOKEN_CAMDEN=👻
-
-## Gloucester
-GOV_UK_PAY_TOKEN_GLOUCESTER=👻
-
-## Medway
-GOV_UK_PAY_TOKEN_MEDWAY=👻
+ORDNANCE_SURVEY_API_KEY=👻
\ No newline at end of file

From 7f7b92f31b34194e7ece4c345f345bc3bb038006 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dafydd=20Ll=C5=B7r=20Pearson?= <DafyddLlyr@gmail.com>
Date: Thu, 14 Mar 2024 12:15:57 +0000
Subject: [PATCH 2/4] chore: Update dockerfiles

---
 docker-compose.e2e.yml | 3 +--
 docker-compose.yml     | 9 ---------
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/docker-compose.e2e.yml b/docker-compose.e2e.yml
index b3ce738817..6e17dfebd2 100644
--- a/docker-compose.e2e.yml
+++ b/docker-compose.e2e.yml
@@ -28,5 +28,4 @@ services:
     environment:
       UNIFORM_SUBMISSION_URL: http://mock-server:8080
       UNIFORM_TOKEN_URL: http://mock-server:8080
-      UNIFORM_CLIENT_E2E: e2e:123
-      GOV_UK_PAY_TOKEN_E2E: ${GOV_UK_PAY_TOKEN_E2E}
\ No newline at end of file
+      UNIFORM_CLIENT_E2E: e2e:123
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 6041dbbe42..b2631928d7 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -145,22 +145,13 @@ services:
       ENCRYPTION_KEY: ${ENCRYPTION_KEY}
       # Local authority config
       # Lambeth
-      GOV_UK_PAY_TOKEN_LAMBETH: ${GOV_UK_PAY_TOKEN_LAMBETH}
       UNIFORM_CLIENT_LAMBETH: ${UNIFORM_CLIENT_LAMBETH}
       # Southwark
-      GOV_UK_PAY_TOKEN_SOUTHWARK: ${GOV_UK_PAY_TOKEN_SOUTHWARK}
       UNIFORM_CLIENT_SOUTHWARK: ${UNIFORM_CLIENT_SOUTHWARK}
       # Buckinghamshire
-      GOV_UK_PAY_TOKEN_BUCKINGHAMSHIRE: ${GOV_UK_PAY_TOKEN_BUCKINGHAMSHIRE}
       UNIFORM_CLIENT_AYLESBURY_VALE: ${UNIFORM_CLIENT_AYLESBURY_VALE}
       UNIFORM_CLIENT_CHILTERN: ${UNIFORM_CLIENT_CHILTERN}
       UNIFORM_CLIENT_WYCOMBE: ${UNIFORM_CLIENT_WYCOMBE}
-      #Camden
-      GOV_UK_PAY_TOKEN_CAMDEN: ${GOV_UK_PAY_TOKEN_CAMDEN}
-      # Medway
-      GOV_UK_PAY_TOKEN_MEDWAY: ${GOV_UK_PAY_TOKEN_MEDWAY}
-      # Gloucester
-      GOV_UK_PAY_TOKEN_GLOUCESTER: ${GOV_UK_PAY_TOKEN_GLOUCESTER}
 
   sharedb:
     restart: unless-stopped

From b2f96c462d69410b05b1450b34d0407198d5fca4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dafydd=20Ll=C5=B7r=20Pearson?= <DafyddLlyr@gmail.com>
Date: Thu, 14 Mar 2024 12:16:12 +0000
Subject: [PATCH 3/4] chore: Drop asset() from API

---
 api.planx.uk/server.ts | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/api.planx.uk/server.ts b/api.planx.uk/server.ts
index d66dc68814..c9f99f93c0 100644
--- a/api.planx.uk/server.ts
+++ b/api.planx.uk/server.ts
@@ -107,11 +107,6 @@ assert(process.env.BOPS_API_TOKEN);
 assert(process.env.UNIFORM_TOKEN_URL);
 assert(process.env.UNIFORM_SUBMISSION_URL);
 
-// Camden, Medway & Gloucester have sandbox pay only, so skip assertion as this will fail in production
-["BUCKINGHAMSHIRE", "LAMBETH", "SOUTHWARK"].forEach((authority) => {
-  assert(process.env[`GOV_UK_PAY_TOKEN_${authority}`]);
-});
-
 // needed for storing original URL to redirect to in login flow
 app.use(
   cookieSession({

From c4dfe9f1259348f593c23fb7f0864fdbfce8b5aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dafydd=20Ll=C5=B7r=20Pearson?= <DafyddLlyr@gmail.com>
Date: Thu, 14 Mar 2024 12:16:43 +0000
Subject: [PATCH 4/4] chore: Remove secrets from Pulumi

---
 infrastructure/application/Pulumi.production.yaml |  6 ------
 infrastructure/application/Pulumi.staging.yaml    | 12 ------------
 .../application/utils/generateTeamSecrets.ts      | 15 ---------------
 3 files changed, 33 deletions(-)

diff --git a/infrastructure/application/Pulumi.production.yaml b/infrastructure/application/Pulumi.production.yaml
index 2077d6da1f..7ccbad24c8 100644
--- a/infrastructure/application/Pulumi.production.yaml
+++ b/infrastructure/application/Pulumi.production.yaml
@@ -15,12 +15,6 @@ config:
   application:google-client-id: 987324067365-vpsk3kgeq5n32ihjn760ihf8l7m5rhh8.apps.googleusercontent.com
   application:google-client-secret:
     secure: AAABAN5E+De3A3HtpLVaSNTDwk9Uz4r2d5g8SIRVbNOd2fj3eU+lGJXjVbEAnxezr14hwabbfwW2ptjcFzqkhG7OmQ==
-  application:gov-uk-pay-token-buckinghamshire:
-    secure: AAABAA0ya8JhmFcgwuuf5i+XiJZ/uDp4SEGplUiiojyZzDtbjlZZfd8tNw8PjqKHzMBIhgyB2gHSsx9D/FV+cxxBa1AfIFtcj/l3rIrkK9jeG+yXtHnsLKr7MsZUqi6SdFft
-  application:gov-uk-pay-token-lambeth:
-    secure: AAABAK7qJXCA9mN96DeDWHqRDY7xe5glU9NZ2oTWVxYHR0NhkA83JOnI6dhknhUh8m7IMyy59lFIzeFCG3gOoWvkoTeQNiok7T91ek2f8UQqSSzgfUzgftbRm2sCkS5Yn0bW
-  application:gov-uk-pay-token-southwark:
-    secure: AAABAEosPvNevt9G7xLgTJIgyPDe9ZmXZnQa2BIsk7glewLz+EFzCvMVFq+9RkiEzkg9GdV2S7ttZ+6fCb5gByNbM7n2JcVG6a+LH9nHv6NwcoZ6U8ORArwiL4uO8xvGQQzD
   application:govuk-notify-api-key:
     secure: AAABADo05EPv/HWj7Rkf19nBeTcPJd4pEcRi2/uhyB3agraFODpLvNMx2bXfISf5pZ4HA41GYCE4f7OLcJN6hIV6ZMWUlEriPzvkoUAixbLlz1LIERiyk73R8E4F2bV65/9aFqi4l7caLS5c8iDJrE+JAvu2i7oS
   application:hasura-admin-secret:
diff --git a/infrastructure/application/Pulumi.staging.yaml b/infrastructure/application/Pulumi.staging.yaml
index ac8e78abb8..7f9f00e596 100644
--- a/infrastructure/application/Pulumi.staging.yaml
+++ b/infrastructure/application/Pulumi.staging.yaml
@@ -16,18 +16,6 @@ config:
   application:google-client-id: 987324067365-vpsk3kgeq5n32ihjn760ihf8l7m5rhh8.apps.googleusercontent.com
   application:google-client-secret:
     secure: AAABAGQuqQDU4S+vR+cQaFoa6xAeWU9clVaNonQ/dq0R8Dke+o0y7ALOmYMy4fOX4Pa6HiZl85npU/cbwy8HdMYaiA==
-  application:gov-uk-pay-token-buckinghamshire:
-    secure: AAABADroqKJ1/CanxoghKyCutFA8bmiPBuafrNYGNMn1H16jXiHuytHUUByTbXZZHtANciv7rkQEJosUmyay5j/ZFKu9TeS2WaIGBD913EVlv4iXDw3Y5OU2bSocROlYQm7/
-  application:gov-uk-pay-token-camden:
-    secure: AAABAA2gkhNBs2hOfIkhHiA50MF3X8xnaGvLVzWdg0OOTl9qOKgtCjS76/XBIpGsGEyFbtHwuOgWhPw1qgql7MBO+pTnfLzDc8WcbxQFMbIjKUAgqF4yUMu75jcOiJ9XadNq
-  application:gov-uk-pay-token-gloucester:
-    secure: AAABAMzflVg0cd5sjaETPp/s+OhgAr9UC4p8B72HiLHLUmNoFlsdWmCi4Z9rX6fEx+R008e0JHTz6REYQXWegH80QYMhKsUonmMON8/QMiz3AbDfZnEOGovMuC7mFLGpRDqn
-  application:gov-uk-pay-token-lambeth:
-    secure: AAABAPy5USkd8/hwq6vFXP45BXsYFUltR6gj8PoiZkOLRPUd1wgQ3Yhgc1Cyn+lb5cZrXBoVPjuVhm/UvBN82DNzRTl2TxAakCQQIrBU5xil+m9UnbY82CNSMDuEaWwMpR3C
-  application:gov-uk-pay-token-medway:
-    secure: AAABAOf9pQgmUkPWbyBQpkd2eZDtzx8WhHfPMD+V8lDLP/hqo24ZZyCrDfq6VBrcEeZVL89dvJ/PIVng9V5xFDKwpRcChTsOsen6epWGE/I0zwDdwrONmxgbPXnGgxLDtiEp
-  application:gov-uk-pay-token-southwark:
-    secure: AAABALGCrA9ZqRLql+ZHRQD/q6GiGNihtdgPL/7k5d37vgjqW115YR30HG9ofE00qP2Hkr2ZkYkJhVCIr9G5l1wSGXBNI+ldXxTCU8PWLGWv+Xa+Sv5Ltgd9egmwBBqUgvwe
   application:govuk-notify-api-key:
     secure: AAABACgwjEmlLmE19ofRO8e/JpD8sHDV2lcDmSXbU/Mw8ZRh5gTgll8DZ3BVjpDWfQfIecBAIf2TFgeo9CsBSLjfaRJ7eJyKDSWm7i8LlMC2JN/PN+Ig8oeI0H0oLkqJIziNKKjx+e97zDiXO9LZ1CVzrywR
   application:hasura-admin-secret:
diff --git a/infrastructure/application/utils/generateTeamSecrets.ts b/infrastructure/application/utils/generateTeamSecrets.ts
index 747c3f195a..9dcf6c1b77 100644
--- a/infrastructure/application/utils/generateTeamSecrets.ts
+++ b/infrastructure/application/utils/generateTeamSecrets.ts
@@ -25,21 +25,6 @@ export const generateTeamSecrets = (
 ): awsx.ecs.KeyValuePair[] => {
   const secrets: awsx.ecs.KeyValuePair[] = [];
   teams.forEach((team) => {
-    switch(env) {
-      case "staging":
-        secrets.push({
-          name: `GOV_UK_PAY_TOKEN_${name(team.name)}`,
-          value: config.require(`gov-uk-pay-token-${value(team.name)}`),
-        });
-        break;
-      case "production":
-        if (!team?.govPayStagingOnly) {
-          secrets.push({
-            name: `GOV_UK_PAY_TOKEN_${name(team.name)}`,
-            value: config.require(`gov-uk-pay-token-${value(team.name)}`),
-          });
-        }
-    };
     team.uniformInstances?.forEach((instance) => {
       secrets.push({
         name: `UNIFORM_CLIENT_${name(instance)}`,