[hotfix] drafts bucket env var fixes

HHS · Dec 10, 2024 · c3c7c22 · c3c7c22
1 parent 4271bd3
commit c3c7c22
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/infra/modules/service/draft_documents.tf b/infra/modules/service/draft_documents.tf
@@ -25,6 +25,8 @@ resource "aws_s3_bucket_public_access_block" "draft_documents" {
 }
 
 data "aws_iam_policy_document" "draft_documents_put_access" {
+  count = var.enable_drafts_bucket ? 1 : 0
+
   statement {
     effect = "Allow"
     resources = [
@@ -90,5 +92,5 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "draft_documents_e
 resource "aws_s3_bucket_policy" "draft_documents" {
   count  = var.enable_drafts_bucket ? 1 : 0
   bucket = aws_s3_bucket.draft_documents[0].id
-  policy = data.aws_iam_policy_document.draft_documents_put_access.json
+  policy = data.aws_iam_policy_document.draft_documents_put_access[0].json
 }
diff --git a/infra/modules/service/main.tf b/infra/modules/service/main.tf
@@ -9,6 +9,7 @@ data "external" "whoami" {
   program = ["sh", "-c", "whoami | xargs -I {} echo '{\"value\": \"{}\"}'"]
 }
 
+# TODO: https://github.com/HHS/simpler-grants-gov/issues/3177
 # data "external" "deploy_github_ref" {
 #   program = ["sh", "-c", "git branch --show-current | xargs -I {} echo '{\"value\": \"{}\"}'"]
 # }
@@ -25,7 +26,7 @@ locals {
   task_executor_role_name = "${var.service_name}-task-executor"
   image_url               = var.image_repository_url != null ? "${var.image_repository_url}:${var.image_tag}" : "${data.aws_ecr_repository.app[0].repository_url}:${var.image_tag}"
   hostname                = var.hostname != null ? [{ name = "HOSTNAME", value = var.hostname }] : []
-  drafts_s3_bucket_url    = var.enable_drafts_bucket != null ? [{ name : "DRAFTS_S3_BUCKET_URL", value : aws_s3_bucket.draft_documents[0].bucket_regional_domain_name }] : []
+  drafts_s3_bucket_url    = var.enable_drafts_bucket != null && length(aws_s3_bucket.draft_documents) > 0 ? [{ name : "DRAFTS_S3_BUCKET_URL", value : aws_s3_bucket.draft_documents[0].bucket_regional_domain_name }] : []
 
   base_environment_variables = concat([
     { name : "PORT", value : tostring(var.container_port) },
@@ -34,6 +35,7 @@ locals {
     { name : "ENVIRONMENT", value : var.environment_name },
     { name : "DEPLOY_TIMESTAMP", value : timestamp() },
     { name : "DEPLOY_GITHUB_SHA", value : data.external.deploy_github_sha.result.value },
+    # TODO: https://github.com/HHS/simpler-grants-gov/issues/3177
     # { name : "DEPLOY_GITHUB_REF", value : data.external.deploy_github_ref.result.value },
     { name : "DEPLOY_WHOAMI", value : data.external.whoami.result.value }
   ], local.hostname, local.drafts_s3_bucket_url)