alphagov · syed-ali-tw · Nov 19, 2024
diff --git a/app/controllers/link_checker_api_controller.rb b/app/controllers/link_checker_api_controller.rb
@@ -46,6 +46,6 @@ def verify_signature
   end
 
   def webhook_secret_token
-    Rails.application.secrets.link_checker_api_secret_token
+    ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN")
   end
 end
diff --git a/app/services/link_check_report_creator.rb b/app/services/link_check_report_creator.rb
@@ -48,7 +48,7 @@ def call_link_checker_api
     GdsApi.link_checker_api.create_batch(
       uris,
       webhook_uri: callback_url,
-      webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token,
+      webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"),
     )
   end
 

diff --git a/config/application.rb b/config/application.rb
@@ -63,7 +63,7 @@ class Application < Rails::Application
     config.asset_host = ENV.fetch("ASSET_HOST", nil)
 
     config.action_mailer.notify_settings = {
-      api_key: Rails.application.secrets.notify_api_key || "fake-test-api-key",
+      api_key: ENV.fetch("GOVUK_NOTIFY_API_KEY", "fake-test-api-key"),
     }
 
     config.generators do |g|

diff --git a/config/secrets.yml b/config/secrets.yml
diff --git a/test/functional/link_check_reports_controller_test.rb b/test/functional/link_check_reports_controller_test.rb
@@ -16,7 +16,7 @@ class LinkCheckReportsControllerTest < ActionController::TestCase
         uris: ["https://www.gov.uk"],
         id: 1234,
         webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")),
-        webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token,
+        webhook_secret_token: ENV["LINK_CHECKER_API_SECRET_TOKEN"],
       )
     end
 

diff --git a/test/functional/link_checker_api_controller_test.rb b/test/functional/link_checker_api_controller_test.rb
@@ -48,7 +48,7 @@ def campaign_edition_link_check_report
   def set_headers(post_body)
     headers = {
       "Content-Type": "application/json",
-      "X-LinkCheckerApi-Signature": generate_signature(post_body.to_json, Rails.application.secrets.link_checker_api_secret_token),
+      "X-LinkCheckerApi-Signature": generate_signature(post_body.to_json, ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN")),
     }
 
     request.headers.merge! headers

diff --git a/test/integration/edition_link_check_test.rb b/test/integration/edition_link_check_test.rb
@@ -13,7 +13,7 @@ class EditionLinkCheckTest < LegacyJavascriptIntegrationTest
       uris: ["https://www.gov.uk"],
       id: 1234,
       webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")),
-      webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token,
+      webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"),
     )
 
     @place = FactoryBot.create(:place_edition, introduction: "This is [link](https://www.gov.uk) text.")

diff --git a/test/unit/services/link_check_report_creator_test.rb b/test/unit/services/link_check_report_creator_test.rb
@@ -14,7 +14,7 @@ def create_edition(govspeak)
       uris: ["https://www.gov.uk"],
       id: 1234,
       webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")),
-      webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token,
+      webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"),
     )
   end