fix: add env var for CSRF_TRUSTED_ORIGINS

ministryofjustice · Aug 14, 2024 · 6e7c0b0 · 6e7c0b0
1 parent be5f5a2
commit 6e7c0b0
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 0 deletions.
diff --git a/.github/workflows/reusable-build-and-deploy.yml b/.github/workflows/reusable-build-and-deploy.yml
@@ -96,6 +96,7 @@ jobs:
           CATALOGUE_URL: ${{ vars.CATALOGUE_URL }}
           DEBUG: ${{ vars.DEBUG }}
           DJANGO_ALLOWED_HOSTS: ${{ vars.DJANGO_ALLOWED_HOSTS }}
+          CSRF_TRUSTED_ORIGINS: ${{ vars.CSRF_TRUSTED_ORIGINS }}
           DJANGO_LOG_LEVEL: ${{ vars.DJANGO_LOG_LEVEL }}
           SENTRY_DSN_WORKAROUND: ${{ vars.SENTRY_DSN_WORKAROUND }}
           SECRET_KEY: ${{ secrets.SECRET_KEY }}

diff --git a/core/settings.py b/core/settings.py
@@ -255,3 +255,5 @@
 USE_I18N = True
 LANGUAGE_CODE = "en"
 LOCALE_PATHS = [BASE_DIR / "locale"]
+
+CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(" ")
diff --git a/deployments/templates/deployment.yml b/deployments/templates/deployment.yml
@@ -46,6 +46,8 @@ spec:
               value: "$AZURE_REDIRECT_URI"
             - name: AZURE_AUTHORITY
               value: "$AZURE_AUTHORITY"
+            - name: CSRF_TRUSTED_ORIGINS
+              value: "${CSRF_TRUSTED_ORIGINS}"
             - name: SECRET_KEY
               valueFrom:
                 secretKeyRef: