[LG-6146] Prepare for removing ERB from service_providers.yml

[orenyk]

Resolves LG-6146

Precursor to #7764 to avoid breaking things, should be safe to merge/deploy before the YAML files change.

[zachmargolis]

LGTM

[julialeague]

question: Can this be tested in a deployed environment (like ursula) before merging? Maybe it's not that important to test before merging because the worst that would happen is it would temporarily break our deployments and not the actual running instance?

[orenyk]

@julialeague Unfortunately I don't think so - we'll have to coordinate merges since the file is used everywhere. With that said, I think we could probably make this a bit safer by splitting this up into two changes - first just adding the gsub for the %{env} replacement, which will do absolutely nothing with the current file, and then when we merge in the changes in identity-idp-config we can remove the ERB references (but they won't do anything bad since the file will not contain any ERB.

@zachmargolis does that seem right to you as a safer sequence of events? Thanks for the inspiration @julialeague!

[zachmargolis]

question: Can this be tested in a deployed environment (like ursula) before merging? Maybe it's not that important to test before merging because the worst that would happen is it would temporarily break our deployments and not the actual running instance?

I think it is possible to test this before merging to main in a deployed env. If we patch this line to clone a branch of identity-idp-config instead, and then push the branch to say, team ursula env, it would be a pretty good way to test:

identity-idp/lib/deploy/activate.rb

Line 45 in 9a55ab2

cmd = ['git', 'clone', '--depth', '1', '--branch', 'main', private_git_repo_url, checkout_dir]

[orenyk]

I tried testing this in my personal sandbox but something strange is happening during seeding - I'm getting a validation error on a duplicate abbreviation when seeding agencies, which is weird since I recently nuked and re-provisioned my personal sandbox a few weeks ago and the agencies.yml file hasn't been touched in almost 8 months.

I'm pretty sure this PR should be safe to merge (it only adds gsub('%{env}', deploy_env) to the SP seeder and that text is not present in the YAML file) but will try to button up testing tomorrow!

[orenyk]

Also, updated this to account for @julialeague's comment in https://github.com/18F/identity-idp-config/pull/1256 - this modifies the seeder behavior for cases where restrict_to_deploy_env is equal to sandbox and I believe otherwise remains the same.

Note that the updated service_providers.yml file will ultimately require restrict_to_deploy_env for all configurations.

[orenyk]

Please double check me here but I'm 99% that lines 63-68 are the same, functionally, as the previous code, with the addition of line 65 (restrict_to_deploy_env set to sandbox). I found the old code hard to read / reason about so even though this is more verbose I think it's a bit clearer.

[julialeague]

very minor, but my immediate thought when glancing at this was that it could be rewritten as a case statement. Either way works, though!

[orenyk]

Thanks! I generally like guard clauses over case statements for Ruby but I had the same thought myself 😄

[orenyk]

Tested this in a personal sandbox (thanks @mitchellhenke) and it appeared to work fine, so going to merge this in for tomorrow's release