From cd0cdde55d62cb8f0fec6d2fb057677c856575a4 Mon Sep 17 00:00:00 2001
From: Mohammed Abubakar <mohammed.abubakar@altostack.io>
Date: Wed, 14 Jul 2021 08:27:21 +0100
Subject: [PATCH 01/18] patch source

---
 pipelines/tag/pipeline.yaml | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml
index 6a7ade41..abd31d0c 100644
--- a/pipelines/tag/pipeline.yaml
+++ b/pipelines/tag/pipeline.yaml
@@ -18,13 +18,6 @@ resources:
       tag_filter: v*
       private_key: ((git_ssh_key))
 
-  - name: updated-source
-    type: git-tag
-    source:
-      uri: ((source_repository_url))
-      tag_filter: v*
-      private_key: ((git_ssh_key))
-
   - name: app-image
     type: docker-image
     source:
@@ -126,7 +119,6 @@ jobs:
             trigger: true
             passed:
               - build
-          - get: updated-source
           - get: node-builder-image
       - task: test
         image: node-builder-image
@@ -136,9 +128,6 @@ jobs:
           PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
           DEPLOYMENT_TYPE: ((ci_deployment_type))
           DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
 
     on_success: *on_success
     on_failure: *on_failure

From 559d748f6d135aabfe98189de3ee3b169ed90849 Mon Sep 17 00:00:00 2001
From: Mohammed Abubakar <mohammed.abubakar@altostack.io>
Date: Thu, 15 Jul 2021 15:51:15 +0100
Subject: [PATCH 02/18] Add 1 git-crypt collaborator

New collaborators:

	C5D7F579 Radu Stefanache <radustefanache@redeemeum.com>
---
 .../2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg  | Bin 0 -> 726 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 .git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg

diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..95cac3c1ed16dc0219ed9d3d0895974b570b55a5
GIT binary patch
literal 726
zcmV;{0xA840t^E$BT+qSxOk%h5C2qaLjb-Nj4WwQ;o<(j`@I@%9RY=x987d2`V2X&
zV<H-pSCUw?c1mSkTho)Mr(dFdn~@KW+bAiU#Le9Zd82Qt@At>{JqQ6Zqs>NpK`F&g
zoX`rk+8nsLnvRCNm&U~Q^R&8T`9(t=D)CHjg50j>d@;;WU>Cj6gmL2c41`jQR_kw*
zqlA}tWB_PTLk+cVL`0}7K7HVoZ9L#JfJK!1PhjNLYUQoudU}%9wFil_MM@A)>BhSW
zIAGlE^>~S24j(NeSA`=;bVg$WGs_xH|4gu)yJ70pF8+7t9%l<>PXb~NTc}nD{M=hJ
z-MTg~+km@i`&~CN5&U$5tHd61QX&z|oAkuM48DjJX=){urk(4yNK;a8c6soIN@i71
zE7-_GsFvN&!-wjA*3mWQ`D-<!bSW3#DQ)q>-uFP7<*AkfAr!a{?cu3t$X1}<M~dZn
zwqnJ0<gEHLs_DNje6yUuEJN74on~+N?;1TxS$_}I*y-}x@K%^;b=W9<=hJ2gLvDRF
zx4>_Vcvgv|Mg(asgOVNE5c7{uHeVk1=<k%!VA$%Zj63i_H?8QBuvnUz4=NCct#rH-
zn7tnt^;F4*M$8g^48N2bX+MukTEk(o7-36Hd^n9X^9h!({0K9a=zD3z!2zCWQ7Rrs
z!K&mBJmLwv6c@ym=Y!I~1OdnY>hv1O=?`pxV14tJuH)$93xqTwnhqWF3s*<o_MI=Y
zpZnPPH52Rqsag{lNtEbRpp)2yC|i>|c6@(XY2oBu?GIC4&fOE^^A2F-|DlSYcLYeT
z$`MioQ6bW@Olxx@tA0rvruk-N>#@Wq*hGYIiN1~_;?M;qK(qYYVkAyX6n*Qb7KY2O
zd+{!8LjEismTEbwsSdTnwoinmFEW!cs3U42kk^V^_-I}AUA`KB_y&Z?G_&xSfLsBI
Is7Os=GN>zQjsO4v

literal 0
HcmV?d00001


From 621bf3da7709b463969168acf9f3935980c92939 Mon Sep 17 00:00:00 2001
From: HristiyanG <hristiyan@limechain.tech>
Date: Mon, 19 Jul 2021 15:59:42 +0300
Subject: [PATCH 03/18] delete github workflows

---
 .github/workflows/deploy-develop.yaml | 35 ---------------------------
 .github/workflows/deploy-master.yaml  | 35 ---------------------------
 2 files changed, 70 deletions(-)
 delete mode 100644 .github/workflows/deploy-develop.yaml
 delete mode 100644 .github/workflows/deploy-master.yaml

diff --git a/.github/workflows/deploy-develop.yaml b/.github/workflows/deploy-develop.yaml
deleted file mode 100644
index 93ca18af..00000000
--- a/.github/workflows/deploy-develop.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Develop Branch Backend Build and Deploy to GAE
-on:
-  push:
-    branches:
-      - develop
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [10.x]
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: build backend
-        run: |
-          npm install
-      - uses: actions-hub/gcloud@master
-        name: copy environment variables
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-          CLI: gsutil
-        with:
-          args: cp gs://boson-variables-dev/.env .
-      - uses: actions-hub/gcloud@master
-        name: deploy service
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-        with:
-          args: app deploy
diff --git a/.github/workflows/deploy-master.yaml b/.github/workflows/deploy-master.yaml
deleted file mode 100644
index cdda7603..00000000
--- a/.github/workflows/deploy-master.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Develop Branch Backend Build and Deploy to GCE
-on:
-  push:
-    branches:
-      - master
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [10.x]
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: build backend
-        run: |
-          npm install
-      - uses: actions-hub/gcloud@master
-        name: copy environment variables
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_PROD}}
-          CLI: gsutil
-        with:
-          args: cp gs://boson-variables-test/.env .
-      - uses: actions-hub/gcloud@master
-        name: deploy service
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_PROD}}
-        with:
-          args: app deploy

From f2269ff5909aec83815bdc94364d40a192192478 Mon Sep 17 00:00:00 2001
From: HristiyanG <hristiyan@limechain.tech>
Date: Fri, 20 Aug 2021 15:22:26 +0300
Subject: [PATCH 04/18] bump ethers to latest

---
 external/keepers/package-lock.json            | 609 +++++++++---------
 external/keepers/package.json                 |   2 +-
 .../triggerExpirations/src/package.json       |   2 +-
 .../triggerFinalizations/src/package.json     |   4 +-
 .../triggerWithdrawals/src/package.json       |   2 +-
 package-lock.json                             | 603 ++++++++---------
 package.json                                  |   2 +-
 7 files changed, 617 insertions(+), 607 deletions(-)

diff --git a/external/keepers/package-lock.json b/external/keepers/package-lock.json
index 07b581b7..76e50d0f 100644
--- a/external/keepers/package-lock.json
+++ b/external/keepers/package-lock.json
@@ -5,379 +5,371 @@
   "requires": true,
   "dependencies": {
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
+      "requires": {
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
-      },
-      "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
-          }
-        }
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "aes-js": {
@@ -399,9 +391,9 @@
       "integrity": "sha512-s0IrSOzLlbvX7yp4WBfPITzpAU8sqQcpsmwXDiKwrG4r491vwCO/XpejasRNl0piBMe/DvP4Tz0mIS/X1DPJBQ=="
     },
     "bn.js": {
-      "version": "4.11.9",
-      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz",
-      "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw=="
+      "version": "4.12.0",
+      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
+      "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA=="
     },
     "brorand": {
       "version": "1.1.0",
@@ -429,17 +421,17 @@
       "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
     },
     "elliptic": {
-      "version": "6.5.3",
-      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
-      "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "version": "6.5.4",
+      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+      "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
       "requires": {
-        "bn.js": "^4.4.0",
-        "brorand": "^1.0.1",
+        "bn.js": "^4.11.9",
+        "brorand": "^1.1.0",
         "hash.js": "^1.0.0",
-        "hmac-drbg": "^1.0.0",
-        "inherits": "^2.0.1",
-        "minimalistic-assert": "^1.0.0",
-        "minimalistic-crypto-utils": "^1.0.0"
+        "hmac-drbg": "^1.0.1",
+        "inherits": "^2.0.4",
+        "minimalistic-assert": "^1.0.1",
+        "minimalistic-crypto-utils": "^1.0.1"
       }
     },
     "env-cmd": {
@@ -452,39 +444,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.4",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.4.tgz",
-      "integrity": "sha512-/VzvmgsrBDOxGo+WIZD7kKXcEUFCrr53P40w5fk1EcGYidv+XVbtTWil5FMsijV6BVXTKqxwMv7hDvKLAObfNQ==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.0",
-        "@ethersproject/abstract-provider": "^5.0.0",
-        "@ethersproject/abstract-signer": "^5.0.0",
-        "@ethersproject/address": "^5.0.0",
-        "@ethersproject/base64": "^5.0.0",
-        "@ethersproject/bignumber": "^5.0.0",
-        "@ethersproject/bytes": "^5.0.0",
-        "@ethersproject/constants": "^5.0.0",
-        "@ethersproject/contracts": "^5.0.0",
-        "@ethersproject/hash": "^5.0.0",
-        "@ethersproject/hdnode": "^5.0.0",
-        "@ethersproject/json-wallets": "^5.0.0",
-        "@ethersproject/keccak256": "^5.0.0",
-        "@ethersproject/logger": "^5.0.0",
-        "@ethersproject/networks": "^5.0.0",
-        "@ethersproject/pbkdf2": "^5.0.0",
-        "@ethersproject/properties": "^5.0.0",
-        "@ethersproject/providers": "^5.0.0",
-        "@ethersproject/random": "^5.0.0",
-        "@ethersproject/rlp": "^5.0.0",
-        "@ethersproject/sha2": "^5.0.0",
-        "@ethersproject/signing-key": "^5.0.0",
-        "@ethersproject/solidity": "^5.0.0",
-        "@ethersproject/strings": "^5.0.0",
-        "@ethersproject/transactions": "^5.0.0",
-        "@ethersproject/units": "^5.0.0",
-        "@ethersproject/wallet": "^5.0.0",
-        "@ethersproject/web": "^5.0.0",
-        "@ethersproject/wordlists": "^5.0.0"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "follow-redirects": {
@@ -568,9 +561,9 @@
       }
     },
     "ws": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "version": "7.4.6",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+      "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
     }
   }
 }
diff --git a/external/keepers/package.json b/external/keepers/package.json
index abcb1649..1b7fe72b 100644
--- a/external/keepers/package.json
+++ b/external/keepers/package.json
@@ -15,6 +15,6 @@
     "axios": "^0.21.1",
     "dotenv": "^8.2.0",
     "env-cmd": "^10.1.0",
-    "ethers": "^5.0.4"
+    "ethers": "^5.4.5"
   }
 }
diff --git a/external/lambdas/triggerExpirations/src/package.json b/external/lambdas/triggerExpirations/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerExpirations/src/package.json
+++ b/external/lambdas/triggerExpirations/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerFinalizations/src/package.json b/external/lambdas/triggerFinalizations/src/package.json
index f0cafe14..f9231f9a 100644
--- a/external/lambdas/triggerFinalizations/src/package.json
+++ b/external/lambdas/triggerFinalizations/src/package.json
@@ -3,13 +3,13 @@
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
-    "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
+  "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
  },
  "dependencies": {
   "@aws-sdk/client-s3": "^3.3.0",
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerWithdrawals/src/package.json b/external/lambdas/triggerWithdrawals/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerWithdrawals/src/package.json
+++ b/external/lambdas/triggerWithdrawals/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/package-lock.json b/package-lock.json
index 0f8407f7..0fa4a321 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -421,379 +421,394 @@
       }
     },
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
       "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
+      },
+      "dependencies": {
+        "ws": {
+          "version": "7.4.6",
+          "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+          "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
+        }
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
+      }
+    },
+    "@ethersproject/signing-key": {
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       },
       "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
+        "elliptic": {
+          "version": "6.5.4",
+          "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+          "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
+          "requires": {
+            "bn.js": "^4.11.9",
+            "brorand": "^1.1.0",
+            "hash.js": "^1.0.0",
+            "hmac-drbg": "^1.0.1",
+            "inherits": "^2.0.4",
+            "minimalistic-assert": "^1.0.1",
+            "minimalistic-crypto-utils": "^1.0.1"
           }
         }
       }
     },
-    "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
-      }
-    },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@google-cloud/common": {
@@ -3437,6 +3452,7 @@
       "version": "6.5.3",
       "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
       "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "dev": true,
       "requires": {
         "bn.js": "^4.4.0",
         "brorand": "^1.0.1",
@@ -4014,40 +4030,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.26",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.26.tgz",
-      "integrity": "sha512-MqA8Fvutn3qEW0yBJOHeV6KZmRpF2rqlL2B5058AGkUFsuu6j5Ns/FRlMsbGeQwBz801IB23jQp7vjRfFsKSkg==",
-      "requires": {
-        "@ethersproject/abi": "5.0.10",
-        "@ethersproject/abstract-provider": "5.0.8",
-        "@ethersproject/abstract-signer": "5.0.11",
-        "@ethersproject/address": "5.0.9",
-        "@ethersproject/base64": "5.0.7",
-        "@ethersproject/basex": "5.0.7",
-        "@ethersproject/bignumber": "5.0.13",
-        "@ethersproject/bytes": "5.0.9",
-        "@ethersproject/constants": "5.0.8",
-        "@ethersproject/contracts": "5.0.9",
-        "@ethersproject/hash": "5.0.10",
-        "@ethersproject/hdnode": "5.0.8",
-        "@ethersproject/json-wallets": "5.0.10",
-        "@ethersproject/keccak256": "5.0.7",
-        "@ethersproject/logger": "5.0.8",
-        "@ethersproject/networks": "5.0.7",
-        "@ethersproject/pbkdf2": "5.0.7",
-        "@ethersproject/properties": "5.0.7",
-        "@ethersproject/providers": "5.0.19",
-        "@ethersproject/random": "5.0.7",
-        "@ethersproject/rlp": "5.0.7",
-        "@ethersproject/sha2": "5.0.7",
-        "@ethersproject/signing-key": "5.0.8",
-        "@ethersproject/solidity": "5.0.8",
-        "@ethersproject/strings": "5.0.8",
-        "@ethersproject/transactions": "5.0.9",
-        "@ethersproject/units": "5.0.9",
-        "@ethersproject/wallet": "5.0.10",
-        "@ethersproject/web": "5.0.12",
-        "@ethersproject/wordlists": "5.0.8"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "ethjs-util": {
@@ -11674,7 +11690,8 @@
     "ws": {
       "version": "7.2.3",
       "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ==",
+      "dev": true
     },
     "xdg-basedir": {
       "version": "4.0.0",
diff --git a/package.json b/package.json
index 7bc4fc96..98a126b6 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "cors": "^2.8.5",
     "dotenv": "^8.2.0",
     "eslint-plugin-import": "^2.22.1",
-    "ethers": "^5.0.24",
+    "ethers": "^5.4.5",
     "express": "^4.17.1",
     "express-basic-auth": "^1.2.0",
     "form-data": "^4.0.0",

From 6a195b0e54afb35cc3e51e12829677923e6984b1 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 14:45:36 +0000
Subject: [PATCH 05/18] [ADD] Github Actions

---
 .git-crypt/.gitattributes                     |   4 -
 ...ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg | Bin 470 -> 0 bytes
 ...BCDE40E6B92375882CAF869801BFBDC5D7F579.gpg | Bin 726 -> 0 bytes
 ...D2606F66C3FF28874362B61A16916844CE9D82.gpg | Bin 470 -> 0 bytes
 ...4145CFE7938B456B337E514F2AE1DED258B20E.gpg | Bin 726 -> 0 bytes
 ...76184B551B037240C4D457AFD792BACA20583D.gpg | Bin 470 -> 0 bytes
 .gitattributes                                |   1 -
 .github/workflows/main.yaml                   | 125 +++
 .gitignore                                    |  36 +
 .ruby-version                                 |   1 -
 image/Dockerfile => Dockerfile                |   4 -
 Gemfile                                       |  10 -
 Gemfile.lock                                  | 157 ----
 Rakefile                                      | 812 ------------------
 config/ci/rdm-management-default.yaml         |  20 -
 config/defaults.yaml                          |  32 -
 config/deployments/bsn-demo-mendelevium.yaml  |  73 --
 .../bsn-development-plutonium.yaml            |  73 --
 .../deployments/bsn-production-oganesson.yaml |  73 --
 config/deployments/local-development.yaml     |  21 -
 config/deployments/local-testing.yaml         |  14 -
 .../deployments/rdm-management-default.yaml   |  58 --
 config/hiera.yaml                             |  19 -
 config/pipelines/defaults.yaml                |  16 -
 config/roles/bootstrap.yaml                   |  11 -
 config/roles/builder-pipeline.yaml            |  20 -
 config/roles/database.yaml                    |  29 -
 config/roles/demo-pipeline.yaml               |  29 -
 config/roles/develop-pipeline.yaml            |  29 -
 config/roles/functions.yaml                   |  24 -
 config/roles/image-repository.yaml            |  13 -
 config/roles/image-storage-bucket.yaml        |  17 -
 config/roles/integration-tests.yaml           |   9 -
 config/roles/keepers-image-repository.yaml    |  13 -
 config/roles/keepers-service.yaml             |  46 -
 config/roles/local-app.yaml                   |  18 -
 config/roles/pr-pipeline.yaml                 |  20 -
 config/roles/service.yaml                     |  59 --
 config/roles/tag-pipeline.yaml                |  29 -
 config/secrets/.unlocked                      | Bin 27 -> 0 bytes
 config/secrets/app/bsn-demo-mendelevium.yaml  | Bin 809 -> 0 bytes
 .../app/bsn-development-plutonium.yaml        | Bin 809 -> 0 bytes
 .../secrets/app/bsn-production-oganesson.yaml | Bin 809 -> 0 bytes
 config/secrets/app/gpg.passphrase             | Bin 70 -> 0 bytes
 config/secrets/app/gpg.private                | Bin 2993 -> 0 bytes
 config/secrets/app/gpg.public                 | Bin 1599 -> 0 bytes
 config/secrets/app/local-development.yaml     | Bin 240 -> 0 bytes
 config/secrets/app/local-testing.yaml         | Bin 240 -> 0 bytes
 .../database/bsn-demo-mendelevium.yaml        | Bin 280 -> 0 bytes
 .../database/bsn-development-plutonium.yaml   | Bin 280 -> 0 bytes
 .../database/bsn-production-oganesson.yaml    | Bin 280 -> 0 bytes
 .../database/rdm-management-default.yaml      | Bin 280 -> 0 bytes
 config/secrets/gcp/local-development.yaml     | Bin 108 -> 0 bytes
 config/secrets/gcp/local-testing.yaml         | Bin 108 -> 0 bytes
 .../secrets/gcp/test-bucket-credentials.json  | Bin 2384 -> 0 bytes
 config/secrets/mongodbatlas/credentials.yaml  | Bin 187 -> 0 bytes
 config/secrets/pipeline/constants.yaml        | Bin 7826 -> 0 bytes
 .../pipeline/rdm-management-default.yaml      | Bin 240 -> 0 bytes
 ...cker-entrypoint.sh => docker-entrypoint.sh |   0
 .../keepers}/Dockerfile                       |   4 -
 .../keepers}/docker-entrypoint.sh             |   0
 go                                            |  97 ---
 infra/bootstrap/bucket.tf                     |  23 -
 infra/bootstrap/outputs.tf                    |   3 -
 .../policies/storage-bucket-policy.json.tpl   |  22 -
 infra/bootstrap/providers.tf                  |   3 -
 infra/bootstrap/terraform.tf                  |  14 -
 infra/bootstrap/variables.tf                  |  12 -
 infra/database/network.tf                     |  10 -
 infra/functions/modules/lambda/iam.tf         |  57 --
 .../modules/lambda/security_group.tf          |  20 -
 infra/functions/terraform.tf                  |  16 -
 infra/image-repository/outputs.tf             |   6 -
 infra/image-repository/provider.tf            |   3 -
 infra/image-repository/repository.tf          |  31 -
 infra/image-repository/terraform.tf           |  12 -
 infra/image-repository/variables.tf           |   8 -
 infra/image-storage-bucket/bucket.tf          |  15 -
 infra/image-storage-bucket/iam.tf             |  40 -
 infra/image-storage-bucket/outputs.tf         |  11 -
 infra/image-storage-bucket/provider.tf        |   3 -
 infra/image-storage-bucket/terraform.tf       |  12 -
 infra/image-storage-bucket/variables.tf       |   9 -
 infra/keepers-image-repository/outputs.tf     |   6 -
 infra/keepers-image-repository/provider.tf    |   3 -
 infra/keepers-image-repository/repository.tf  |  31 -
 infra/keepers-image-repository/terraform.tf   |  12 -
 infra/keepers-image-repository/variables.tf   |   8 -
 infra/keepers-service/cluster.tf              |  10 -
 .../container-definitions/service.json.tpl    |  32 -
 .../keepers-service/envfiles/service.env.tpl  |   5 -
 infra/keepers-service/image_repository.tf     |  10 -
 infra/keepers-service/network.tf              |  14 -
 infra/keepers-service/provider.tf             |   3 -
 infra/keepers-service/roles.tf                |  35 -
 infra/keepers-service/secrets.tf              |  32 -
 infra/keepers-service/service.tf              |  65 --
 infra/keepers-service/variables.tf            |  39 -
 infra/service/certificate.tf                  |   5 -
 infra/service/cluster.tf                      |  10 -
 .../container-definitions/service.json.tpl    |  41 -
 infra/service/database.tf                     |  10 -
 infra/service/domain.tf                       |  10 -
 infra/service/envfiles/service.env.tpl        |  13 -
 infra/service/image_repository.tf             |  10 -
 infra/service/load_balancer.tf                |  71 --
 infra/service/network.tf                      |  14 -
 infra/service/outputs.tf                      |   3 -
 infra/service/provider.tf                     |   3 -
 infra/service/roles.tf                        |  49 --
 infra/service/secrets.tf                      |  40 -
 infra/service/service.tf                      |  59 --
 infra/service/terraform.tf                    |  16 -
 infra/service/variables.tf                    |  52 --
 pipelines/builder/handle-pr-event/task.sh     |  15 -
 pipelines/builder/handle-pr-event/task.yaml   |   8 -
 pipelines/builder/pipeline.yaml               |  39 -
 pipelines/demo/pipeline.yaml                  | 372 --------
 pipelines/demo/provision-database/task.sh     |  27 -
 pipelines/demo/provision-database/task.yaml   |   8 -
 pipelines/demo/provision-functions/task.sh    |  27 -
 pipelines/demo/provision-functions/task.yaml  |   8 -
 .../demo/provision-image-repository/task.sh   |  27 -
 .../demo/provision-image-repository/task.yaml |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../demo/provision-keepers-service/task.sh    |  31 -
 .../demo/provision-keepers-service/task.yaml  |   9 -
 pipelines/demo/provision-service/task.sh      |  31 -
 pipelines/demo/provision-service/task.yaml    |   9 -
 pipelines/demo/publish-image-keepers/task.sh  |  34 -
 .../demo/publish-image-keepers/task.yaml      |  11 -
 pipelines/demo/publish-image/task.sh          |  34 -
 pipelines/demo/publish-image/task.yaml        |  11 -
 pipelines/develop/pipeline.yaml               | 372 --------
 pipelines/develop/provision-database/task.sh  |  27 -
 .../develop/provision-database/task.yaml      |   8 -
 pipelines/develop/provision-functions/task.sh |  27 -
 .../develop/provision-functions/task.yaml     |   8 -
 .../provision-image-repository/task.sh        |  27 -
 .../provision-image-repository/task.yaml      |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../develop/provision-keepers-service/task.sh |  31 -
 .../provision-keepers-service/task.yaml       |   9 -
 pipelines/develop/provision-service/task.sh   |  31 -
 pipelines/develop/provision-service/task.yaml |   9 -
 .../develop/publish-image-keepers/task.sh     |  34 -
 .../develop/publish-image-keepers/task.yaml   |  11 -
 pipelines/develop/publish-image/task.sh       |  34 -
 pipelines/develop/publish-image/task.yaml     |  11 -
 pipelines/pr/pipeline.yaml                    | 172 ----
 pipelines/shared/build/task.sh                |  12 -
 pipelines/shared/build/task.yaml              |   9 -
 pipelines/shared/coverage/task.sh             |  33 -
 pipelines/shared/coverage/task.yaml           |  12 -
 pipelines/shared/test/task.sh                 |  25 -
 pipelines/shared/test/task.yaml               |   9 -
 pipelines/tag/pipeline.yaml                   | 366 --------
 pipelines/tag/provision-database/task.sh      |  27 -
 pipelines/tag/provision-database/task.yaml    |   8 -
 pipelines/tag/provision-functions/task.sh     |  27 -
 pipelines/tag/provision-functions/task.yaml   |   8 -
 .../tag/provision-image-repository/task.sh    |  27 -
 .../tag/provision-image-repository/task.yaml  |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../tag/provision-keepers-service/task.sh     |  31 -
 .../tag/provision-keepers-service/task.yaml   |   9 -
 pipelines/tag/provision-service/task.sh       |  31 -
 pipelines/tag/provision-service/task.yaml     |   9 -
 pipelines/tag/publish-image-keepers/task.sh   |  34 -
 pipelines/tag/publish-image-keepers/task.yaml |  11 -
 pipelines/tag/publish-image/task.sh           |  34 -
 pipelines/tag/publish-image/task.yaml         |  11 -
 state/bootstrap/bsn-demo-mendelevium.tfstate  | 225 -----
 .../bsn-development-plutonium.tfstate         | 201 -----
 .../bsn-production-oganesson.tfstate          | 225 -----
 .../bootstrap/rdm-management-default.tfstate  | 195 -----
 .../rdm-management-default.tfstate.backup     | 156 ----
 terraform/database/.terraform.lock.hcl        |  58 ++
 {infra => terraform}/database/cluster.tf      |  22 +-
 {infra => terraform}/database/endpoint.tf     |   4 +-
 {infra => terraform}/database/outputs.tf      |   0
 {infra => terraform}/database/project.tf      |   2 +-
 {infra => terraform}/database/providers.tf    |   2 +-
 {infra => terraform}/database/terraform.tf    |   4 +-
 {infra => terraform}/database/variables.tf    |   8 +-
 terraform/functions/.terraform.lock.hcl       |  75 ++
 {infra => terraform}/functions/lambda.tf      |  30 +-
 terraform/functions/modules/lambda/iam.tf     |  57 ++
 .../functions/modules/lambda/lambda.tf        |   0
 .../functions/modules/lambda/locals.tf        |   2 +-
 .../functions/modules/lambda/outputs.tf       |   2 +-
 .../modules/lambda/security_group.tf          |  20 +
 .../functions/modules/lambda/terraform.tf     |   2 +-
 .../functions/modules/lambda/variables.tf     |   0
 {infra => terraform}/functions/outputs.tf     |   0
 {infra => terraform}/functions/provider.tf    |   0
 .../functions}/terraform.tf                   |   0
 {infra => terraform}/functions/variables.tf   |   6 +-
 207 files changed, 406 insertions(+), 6429 deletions(-)
 delete mode 100644 .git-crypt/.gitattributes
 delete mode 100644 .git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
 delete mode 100644 .git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
 delete mode 100644 .git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
 delete mode 100644 .git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
 delete mode 100644 .git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
 create mode 100644 .github/workflows/main.yaml
 delete mode 100644 .ruby-version
 rename image/Dockerfile => Dockerfile (94%)
 delete mode 100644 Gemfile
 delete mode 100644 Gemfile.lock
 delete mode 100644 Rakefile
 delete mode 100644 config/ci/rdm-management-default.yaml
 delete mode 100644 config/defaults.yaml
 delete mode 100644 config/deployments/bsn-demo-mendelevium.yaml
 delete mode 100644 config/deployments/bsn-development-plutonium.yaml
 delete mode 100644 config/deployments/bsn-production-oganesson.yaml
 delete mode 100644 config/deployments/local-development.yaml
 delete mode 100644 config/deployments/local-testing.yaml
 delete mode 100644 config/deployments/rdm-management-default.yaml
 delete mode 100644 config/hiera.yaml
 delete mode 100644 config/pipelines/defaults.yaml
 delete mode 100644 config/roles/bootstrap.yaml
 delete mode 100644 config/roles/builder-pipeline.yaml
 delete mode 100644 config/roles/database.yaml
 delete mode 100644 config/roles/demo-pipeline.yaml
 delete mode 100644 config/roles/develop-pipeline.yaml
 delete mode 100644 config/roles/functions.yaml
 delete mode 100644 config/roles/image-repository.yaml
 delete mode 100644 config/roles/image-storage-bucket.yaml
 delete mode 100644 config/roles/integration-tests.yaml
 delete mode 100644 config/roles/keepers-image-repository.yaml
 delete mode 100644 config/roles/keepers-service.yaml
 delete mode 100644 config/roles/local-app.yaml
 delete mode 100644 config/roles/pr-pipeline.yaml
 delete mode 100644 config/roles/service.yaml
 delete mode 100644 config/roles/tag-pipeline.yaml
 delete mode 100644 config/secrets/.unlocked
 delete mode 100644 config/secrets/app/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/app/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/app/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/app/gpg.passphrase
 delete mode 100644 config/secrets/app/gpg.private
 delete mode 100644 config/secrets/app/gpg.public
 delete mode 100644 config/secrets/app/local-development.yaml
 delete mode 100644 config/secrets/app/local-testing.yaml
 delete mode 100644 config/secrets/database/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/database/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/database/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/database/rdm-management-default.yaml
 delete mode 100644 config/secrets/gcp/local-development.yaml
 delete mode 100644 config/secrets/gcp/local-testing.yaml
 delete mode 100644 config/secrets/gcp/test-bucket-credentials.json
 delete mode 100644 config/secrets/mongodbatlas/credentials.yaml
 delete mode 100644 config/secrets/pipeline/constants.yaml
 delete mode 100644 config/secrets/pipeline/rdm-management-default.yaml
 rename image/docker-entrypoint.sh => docker-entrypoint.sh (100%)
 rename {image-keepers => external/keepers}/Dockerfile (94%)
 rename {image-keepers => external/keepers}/docker-entrypoint.sh (100%)
 delete mode 100755 go
 delete mode 100644 infra/bootstrap/bucket.tf
 delete mode 100644 infra/bootstrap/outputs.tf
 delete mode 100644 infra/bootstrap/policies/storage-bucket-policy.json.tpl
 delete mode 100644 infra/bootstrap/providers.tf
 delete mode 100644 infra/bootstrap/terraform.tf
 delete mode 100644 infra/bootstrap/variables.tf
 delete mode 100644 infra/database/network.tf
 delete mode 100644 infra/functions/modules/lambda/iam.tf
 delete mode 100644 infra/functions/modules/lambda/security_group.tf
 delete mode 100644 infra/functions/terraform.tf
 delete mode 100644 infra/image-repository/outputs.tf
 delete mode 100644 infra/image-repository/provider.tf
 delete mode 100644 infra/image-repository/repository.tf
 delete mode 100644 infra/image-repository/terraform.tf
 delete mode 100644 infra/image-repository/variables.tf
 delete mode 100644 infra/image-storage-bucket/bucket.tf
 delete mode 100644 infra/image-storage-bucket/iam.tf
 delete mode 100644 infra/image-storage-bucket/outputs.tf
 delete mode 100644 infra/image-storage-bucket/provider.tf
 delete mode 100644 infra/image-storage-bucket/terraform.tf
 delete mode 100644 infra/image-storage-bucket/variables.tf
 delete mode 100644 infra/keepers-image-repository/outputs.tf
 delete mode 100644 infra/keepers-image-repository/provider.tf
 delete mode 100644 infra/keepers-image-repository/repository.tf
 delete mode 100644 infra/keepers-image-repository/terraform.tf
 delete mode 100644 infra/keepers-image-repository/variables.tf
 delete mode 100644 infra/keepers-service/cluster.tf
 delete mode 100644 infra/keepers-service/container-definitions/service.json.tpl
 delete mode 100644 infra/keepers-service/envfiles/service.env.tpl
 delete mode 100644 infra/keepers-service/image_repository.tf
 delete mode 100644 infra/keepers-service/network.tf
 delete mode 100644 infra/keepers-service/provider.tf
 delete mode 100644 infra/keepers-service/roles.tf
 delete mode 100644 infra/keepers-service/secrets.tf
 delete mode 100644 infra/keepers-service/service.tf
 delete mode 100644 infra/keepers-service/variables.tf
 delete mode 100644 infra/service/certificate.tf
 delete mode 100644 infra/service/cluster.tf
 delete mode 100644 infra/service/container-definitions/service.json.tpl
 delete mode 100644 infra/service/database.tf
 delete mode 100644 infra/service/domain.tf
 delete mode 100644 infra/service/envfiles/service.env.tpl
 delete mode 100644 infra/service/image_repository.tf
 delete mode 100644 infra/service/load_balancer.tf
 delete mode 100644 infra/service/network.tf
 delete mode 100644 infra/service/outputs.tf
 delete mode 100644 infra/service/provider.tf
 delete mode 100644 infra/service/roles.tf
 delete mode 100644 infra/service/secrets.tf
 delete mode 100644 infra/service/service.tf
 delete mode 100644 infra/service/terraform.tf
 delete mode 100644 infra/service/variables.tf
 delete mode 100755 pipelines/builder/handle-pr-event/task.sh
 delete mode 100644 pipelines/builder/handle-pr-event/task.yaml
 delete mode 100644 pipelines/builder/pipeline.yaml
 delete mode 100644 pipelines/demo/pipeline.yaml
 delete mode 100755 pipelines/demo/provision-database/task.sh
 delete mode 100644 pipelines/demo/provision-database/task.yaml
 delete mode 100755 pipelines/demo/provision-functions/task.sh
 delete mode 100644 pipelines/demo/provision-functions/task.yaml
 delete mode 100755 pipelines/demo/provision-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/demo/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-service/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/demo/provision-service/task.sh
 delete mode 100644 pipelines/demo/provision-service/task.yaml
 delete mode 100755 pipelines/demo/publish-image-keepers/task.sh
 delete mode 100644 pipelines/demo/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/demo/publish-image/task.sh
 delete mode 100644 pipelines/demo/publish-image/task.yaml
 delete mode 100644 pipelines/develop/pipeline.yaml
 delete mode 100755 pipelines/develop/provision-database/task.sh
 delete mode 100644 pipelines/develop/provision-database/task.yaml
 delete mode 100755 pipelines/develop/provision-functions/task.sh
 delete mode 100644 pipelines/develop/provision-functions/task.yaml
 delete mode 100755 pipelines/develop/provision-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/develop/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-service/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/develop/provision-service/task.sh
 delete mode 100644 pipelines/develop/provision-service/task.yaml
 delete mode 100755 pipelines/develop/publish-image-keepers/task.sh
 delete mode 100644 pipelines/develop/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/develop/publish-image/task.sh
 delete mode 100644 pipelines/develop/publish-image/task.yaml
 delete mode 100644 pipelines/pr/pipeline.yaml
 delete mode 100755 pipelines/shared/build/task.sh
 delete mode 100644 pipelines/shared/build/task.yaml
 delete mode 100755 pipelines/shared/coverage/task.sh
 delete mode 100644 pipelines/shared/coverage/task.yaml
 delete mode 100755 pipelines/shared/test/task.sh
 delete mode 100644 pipelines/shared/test/task.yaml
 delete mode 100644 pipelines/tag/pipeline.yaml
 delete mode 100755 pipelines/tag/provision-database/task.sh
 delete mode 100644 pipelines/tag/provision-database/task.yaml
 delete mode 100755 pipelines/tag/provision-functions/task.sh
 delete mode 100644 pipelines/tag/provision-functions/task.yaml
 delete mode 100755 pipelines/tag/provision-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/tag/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-service/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/tag/provision-service/task.sh
 delete mode 100644 pipelines/tag/provision-service/task.yaml
 delete mode 100755 pipelines/tag/publish-image-keepers/task.sh
 delete mode 100644 pipelines/tag/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/tag/publish-image/task.sh
 delete mode 100644 pipelines/tag/publish-image/task.yaml
 delete mode 100644 state/bootstrap/bsn-demo-mendelevium.tfstate
 delete mode 100644 state/bootstrap/bsn-development-plutonium.tfstate
 delete mode 100644 state/bootstrap/bsn-production-oganesson.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate.backup
 create mode 100644 terraform/database/.terraform.lock.hcl
 rename {infra => terraform}/database/cluster.tf (67%)
 rename {infra => terraform}/database/endpoint.tf (68%)
 rename {infra => terraform}/database/outputs.tf (100%)
 rename {infra => terraform}/database/project.tf (83%)
 rename {infra => terraform}/database/providers.tf (72%)
 rename {infra => terraform}/database/terraform.tf (84%)
 rename {infra => terraform}/database/variables.tf (76%)
 create mode 100644 terraform/functions/.terraform.lock.hcl
 rename {infra => terraform}/functions/lambda.tf (90%)
 create mode 100644 terraform/functions/modules/lambda/iam.tf
 rename {infra => terraform}/functions/modules/lambda/lambda.tf (100%)
 rename {infra => terraform}/functions/modules/lambda/locals.tf (74%)
 rename {infra => terraform}/functions/modules/lambda/outputs.tf (95%)
 create mode 100644 terraform/functions/modules/lambda/security_group.tf
 rename {infra => terraform}/functions/modules/lambda/terraform.tf (88%)
 rename {infra => terraform}/functions/modules/lambda/variables.tf (100%)
 rename {infra => terraform}/functions/outputs.tf (100%)
 rename {infra => terraform}/functions/provider.tf (100%)
 rename {infra/keepers-service => terraform/functions}/terraform.tf (100%)
 rename {infra => terraform}/functions/variables.tf (62%)

diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
deleted file mode 100644
index 665b10e8..00000000
--- a/.git-crypt/.gitattributes
+++ /dev/null
@@ -1,4 +0,0 @@
-# Do not edit this file.  To specify the files to encrypt, create your own
-# .gitattributes file in the directory where your files are.
-* !filter !diff
-*.gpg binary
diff --git a/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg b/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
deleted file mode 100644
index 33fd86c80e8c41e0fbbef0c94a4f51dcf8153360..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp5{(iS6;rKeW`2mgA=J1%tk6B%+%YSE{k<#x3Qd6g&J3HksZL}gat
z%a?q$%B+ZQzuURXH$dt-i-cw9I=1*LT<fvEc^BW3oliWN4HXMOo4EpSCDGDSI_RfY
zJscKq;Pbp75J!qb%A_`^V#8%yn-BtV8e7%UkG!}ps01O;0?LEc+9tFv4X4^WW8rJ}
zZQjT9lWIS}TLY`c5LDsT7LZr_OFgFUJ9mf7+WAGfQO}9kOsflu<}OuqH@0Y&I%-&%
z6JpJ4;k9a(tP)$WM2?KTT^X*usUNFaa&b%Vhr+Ww$a?y(vDtm_bF1)Zy?6$*{my)!
zCLwU*!x*mVwqV}}>?Ots4d&9o1Oe}2=k}=UwHMUVppF9oT<Z()(b+EUJJhwfS>k9#
zGFmG@m#3+LJf$|s%DJHoN}LKoo7QQnM^CsD$@1eGjW(rhK&|@HsL@=T^mBWg0X2f4
z6zG@V19R9~c^oV-q>c+jI*Z>M2<1e#QxS!}!0bpiNVWExB^A@@vF0-m*A&9AlYXJz
zJ^oy!Ngl$&8AO;2s%X+HjPD4b_MLPa>5|9VeC8p=VGn!ZD~C~c`;|J+{yXVr-(vpk
M<@|B8n?QFjjqAGa?EnA(

diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
deleted file mode 100644
index 95cac3c1ed16dc0219ed9d3d0895974b570b55a5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^E$BT+qSxOk%h5C2qaLjb-Nj4WwQ;o<(j`@I@%9RY=x987d2`V2X&
zV<H-pSCUw?c1mSkTho)Mr(dFdn~@KW+bAiU#Le9Zd82Qt@At>{JqQ6Zqs>NpK`F&g
zoX`rk+8nsLnvRCNm&U~Q^R&8T`9(t=D)CHjg50j>d@;;WU>Cj6gmL2c41`jQR_kw*
zqlA}tWB_PTLk+cVL`0}7K7HVoZ9L#JfJK!1PhjNLYUQoudU}%9wFil_MM@A)>BhSW
zIAGlE^>~S24j(NeSA`=;bVg$WGs_xH|4gu)yJ70pF8+7t9%l<>PXb~NTc}nD{M=hJ
z-MTg~+km@i`&~CN5&U$5tHd61QX&z|oAkuM48DjJX=){urk(4yNK;a8c6soIN@i71
zE7-_GsFvN&!-wjA*3mWQ`D-<!bSW3#DQ)q>-uFP7<*AkfAr!a{?cu3t$X1}<M~dZn
zwqnJ0<gEHLs_DNje6yUuEJN74on~+N?;1TxS$_}I*y-}x@K%^;b=W9<=hJ2gLvDRF
zx4>_Vcvgv|Mg(asgOVNE5c7{uHeVk1=<k%!VA$%Zj63i_H?8QBuvnUz4=NCct#rH-
zn7tnt^;F4*M$8g^48N2bX+MukTEk(o7-36Hd^n9X^9h!({0K9a=zD3z!2zCWQ7Rrs
z!K&mBJmLwv6c@ym=Y!I~1OdnY>hv1O=?`pxV14tJuH)$93xqTwnhqWF3s*<o_MI=Y
zpZnPPH52Rqsag{lNtEbRpp)2yC|i>|c6@(XY2oBu?GIC4&fOE^^A2F-|DlSYcLYeT
z$`MioQ6bW@Olxx@tA0rvruk-N>#@Wq*hGYIiN1~_;?M;qK(qYYVkAyX6n*Qb7KY2O
zd+{!8LjEismTEbwsSdTnwoinmFEW!cs3U42kk^V^_-I}AUA`KB_y&Z?G_&xSfLsBI
Is7Os=GN>zQjsO4v

diff --git a/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg b/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
deleted file mode 100644
index 15900f7566055946c478dcd99ac764e666c943e4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp8EeDc3*iP`D_2mf{OYfFk@1O4@HO7uU^0&(WrS7b%)abi}dUeUgR
zmiGA}HKq_t50|o~@DLvZX)bF9R4JJ2Lzd-4{fiMis@MhQ{5N3CD{)qiPOzyE2LxX;
z;P6WQZJL(NQ>b~Xe9IYN%HS`R;gMwZ(+PaKX|Fhe5wZL!oG)6@N%r8krXDIS=MIOJ
z-TAdMHzMc4x7!Uk{3w&K&V)%^BcgOTD8=?Mfyz2lWY`L~y5lR3G<hs+E885y#`wCL
z8hXjv9&XxU!vWZ(F5L@`H~=0}h@v(qi|^Nb2RA?%&>LbBgBaMOyY)k8{Lv}+fj2EF
z9pm*5n&}v$*<r_hloj*N)@#zh1ObCU&h5s}p;5KH1_6!W&)UNvm=9*AX0up^jtB9X
z?!nxvF*_{k1E_w)P1ruBtO&S0TLhAhQ~D_nN*(Leue<<*69iIokj0fWQDhkZLtGO>
z9e8J_iuH08BhFVmud1fdjEUjj%Q<sHY%ik=?b6aS(f~Jy<=J}AijB1Askf=!hQ}dG
z@H_{D*|VPp`vMUAKY?iSd7gVC6u&*`{K*>C0XSi)SWTXsspF$F*#!bC8lp|K0z?<O
MVmGSDj)@;ea$!H{JOBUy

diff --git a/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg b/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
deleted file mode 100644
index 6dab001c6dd6e3198fbabaf745b1c8251585db3e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^Erfx44{9v21y5CFL&5X4e&mNU1x?7ZvW3WFG`5m=2E$cJ+2>0iwc
zc_1~5Zo+^ju6b38F}8?7ahInDD(~bwF>tnT6570Nj$BFwMd}ka?+LSS+KBhwa-rE<
zhT-%<l&$Hc!i+zt6F%$ITi_t8xX~JEb(U#q3w-!dKK*!G$0nraKhXE6-s|Pm2el@e
z!l;kEPrxi~Rt4(!)Xwq3mt+-<46~o684`_(nl52D$l4Cp3Q_i2kX6F{nO4u3g;?4x
zlaFBsJR_}!kN#yIM@ta^FrNvs>Lp8>W^#YN55*LgLt77tVnC<#kOff5mqJjPAcMry
zI29%{*aA(~KTq2?WJAa*OuZAqH;GKkSHc&O)`Ey~WeFg_A(bUo?b|iy<eN~%T72J3
z({=kv5OAzmaW)N^)iWJv)o4sZ4|!-q61@Y-MCDMDw7~?Wf;o9`qNQ$nazwd~JIU}H
zir23dUq5g+<9coO0(GQFza;YjB>>&sL2=4SEk@Wz$9J4CY<03yen<abLxy$cYjI{@
zo;yt+>3f0%x1m3nj5#J$1^_zgqT_Cku$=OsnZN59#Btw!PHT8otn0z{LWLTydw1mj
z8_Lq;i5!t4HJO)QModqkx-K`YviwTdxZax31&kqz^oeA)4|YY79FRZsGC~Jd=;x;(
ze&3+k{*l@rnv@VHImFVy1OZI0wpoU&nZGoQX`QExp-}Id*DP*4hEv0CA!^4>s<`hZ
z0Lm{el>=V(DRon8v1D=Q?jJ&!)mNO7Hb1w~m=mTWlGBh89s=?tvwY~s%#%r(S?A2o
ztfUwC`o-{9jJ_WBzPmbff3MVKKQ~6?G2d3<nuZ(tluQ31tXI8vLhQkUz_{lPrUa7a
z!hMS_wX(i@wSHVqr;Q^?Db#A69AvFkdb@A_5Wm~(WJnJWG;nI-tJ2eik5>{Ntl^*r
IQ92T~OC$eeeE<Le

diff --git a/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg b/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
deleted file mode 100644
index 764c18307541f4ba8416fa094cefbd60fc1aaabe..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp81;6RTHb>!Ir2mrW82U4e_-!;@@K#ni@!WYQfJ5FtSd_yx9DCjcA
zz95}Wxm8HzC1&7OhlW6ndnNn@W{+aU6ijwnyJe4R(P+8<r@0$75M-%o*uv?wG(>M4
zS;fN@(4M_lOPMzB4zpM&g6p%({r?1FMQ~w?U=u}=FR2OxlzKdh9658)b$<MV#od{4
zS93xdk9z*7dVFDoOT4XOkBOwy1KjsB&i;+A){iTe?VZQOQJjFqR$1*ZjcGL_pj#Ib
zAn5!5*7&X8{0h8YK~G4qVZIlz2*TAFs&b0d`%`{Px(WZS?pfD4dhT3mo`=-&ZtFCy
zr*YS%Ch&*in7&@+ljtRSssz%&1OaS&3sNsnmUT-oClWxMJ;-lAkgxRI*G&hD^u}#S
zEGCF<gg&|}j=?^OzK>soe84x^lX8a;4hK?trT<4=_*317&8%g)zK^mJ@bP6NfMSHR
zl&Krj-9;3;p*hum6e7qi1Ao=AxdS>F`)xsJs?g@DK!{?6$0QI{h*<liVs7x$_L2Tj
zX5lbDJ*Z5+`mXfKx^Nn+jotq0jkTsGtB<IwPM<8~C*UC9TqY6n_n~+?)2l;b>Cu&d
Mt0twE#yl1Ow9Ojtp8x;=

diff --git a/.gitattributes b/.gitattributes
index 986e6e4e..52031de5 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1 @@
-config/secrets/** filter=git-crypt diff=git-crypt
 *.sol linguist-language=Solidity
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 00000000..128ed465
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,125 @@
+name: Build and Deploy leptonite.io
+
+on:
+  push:
+    branches:
+      - radu/migration
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  api:
+    name: API related tasks
+    runs-on: ubuntu-latest
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    services:
+      mongodb:
+        image: mongo:4.4.8
+        ports:
+          - 27017:27017
+        env:
+          MONGO_INITDB_ROOT_USERNAME: admin
+          MONGO_INITDB_ROOT_PASSWORD: secret
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - run: npm run app:lint
+      - run: npm run app:format
+      - run: npm run tests:app:lint
+      - run: npm run tests:app:format
+      - run: npm run tests:app:unit:coverage
+      - run: npm run tests:app:persistence:coverage
+      - run: npm run tests:app:persistence
+      - run: npm run tests:app:component:coverage
+      - run: npm run tests:app:component
+      - run: npm run tests:coverage:badge
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+
+  keepers:
+    name: Keepers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./external/keepers"
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+
+  triggers:
+    name: Triggers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./terraform/functions"
+    steps:
+      - uses: actions/checkout@v2
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_wrapper: false
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check -recursive
+      - name: Terraform Init
+        id: init
+        run: terraform init -backend-config=$TF_BACKEND_BUCKET -backend-config=$TF_BACKEND_STATE_KEY -backend-config='region=eu-west-2' -backend-config='encrypt=true'
+        env:
+          TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }}
+          TF_BACKEND_STATE_KEY: ${{ secrets.TF_BACKEND_STATE_KEY }}
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+      - run: 'echo "$TFVARS" > terraform.tfvars'
+        shell: bash
+        env:
+          TFVARS: ${{ secrets.TFVARS }}
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -no-color
diff --git a/.gitignore b/.gitignore
index 9432f1a4..9a2b04dd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,39 @@ node_modules
 
 # Personal Preferences
 .vscode
+
+### Terraform template
+# Local .terraform directories
+terraform/**/.terraform/**
+
+# .tfstate files
+terraform/*.tfstate
+terraform/*.tfstate.*
+
+# Crash log files
+terraform/crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+terraform/*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+terraform/override.tf
+terraform/override.tf.json
+terraform/*_override.tf
+terraform/*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+terraform/.terraformrc
+terraform/terraform.rc
\ No newline at end of file
diff --git a/.ruby-version b/.ruby-version
deleted file mode 100644
index fbafd6b6..00000000
--- a/.ruby-version
+++ /dev/null
@@ -1 +0,0 @@
-2.7.2
\ No newline at end of file
diff --git a/image/Dockerfile b/Dockerfile
similarity index 94%
rename from image/Dockerfile
rename to Dockerfile
index 7c30762b..deaf505f 100644
--- a/image/Dockerfile
+++ b/Dockerfile
@@ -26,9 +26,5 @@ RUN cd /opt/reference-backend \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/reference-backend/bin/docker-entrypoint.sh"]
diff --git a/Gemfile b/Gemfile
deleted file mode 100644
index fa40e32d..00000000
--- a/Gemfile
+++ /dev/null
@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'rake', '~> 13.0'
-gem 'rake_terraform', '~> 1.19'
-gem 'rake_docker', '~> 2.13'
-gem 'rake_fly', '~> 2.7'
-gem 'rake_gpg', '~> 0.16'
-gem 'git', '~> 1.8'
-gem 'confidante', '~> 0.27'
-gem 'shivers', '~> 0.5'
diff --git a/Gemfile.lock b/Gemfile.lock
deleted file mode 100644
index a7dfb8bf..00000000
--- a/Gemfile.lock
+++ /dev/null
@@ -1,157 +0,0 @@
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activesupport (6.1.3.2)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    aws-eventstream (1.1.1)
-    aws-partitions (1.465.0)
-    aws-sdk-core (3.114.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.239.0)
-      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
-    aws-sdk-ecr (1.42.0)
-      aws-sdk-core (~> 3, >= 3.112.0)
-      aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.2.3)
-      aws-eventstream (~> 1, >= 1.0.2)
-    colored2 (3.1.2)
-    concourse.rb (0.4.0)
-      dry-schema (~> 0.5)
-      excon (~> 0.72)
-      semantic (~> 1.5)
-    concurrent-ruby (1.1.8)
-    confidante (0.27.0)
-      activesupport (>= 4)
-      hiera (~> 3.3, >= 3.3.1)
-      shikashi (~> 0.6)
-    docker-api (1.34.2)
-      excon (>= 0.47.0)
-      multi_json
-    dry-configurable (0.12.1)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5.0)
-    dry-container (0.7.2)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.1, >= 0.1.3)
-    dry-core (0.5.0)
-      concurrent-ruby (~> 1.0)
-    dry-equalizer (0.3.0)
-    dry-inflector (0.2.0)
-    dry-initializer (3.0.4)
-    dry-logic (1.2.0)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5)
-    dry-schema (0.6.0)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.8, >= 0.8.0)
-      dry-core (~> 0.4)
-      dry-equalizer (~> 0.2)
-      dry-initializer (~> 3.0)
-      dry-logic (~> 1.0)
-      dry-types (~> 1.0)
-    dry-types (1.5.1)
-      concurrent-ruby (~> 1.0)
-      dry-container (~> 0.3)
-      dry-core (~> 0.5, >= 0.5)
-      dry-inflector (~> 0.1, >= 0.1.2)
-      dry-logic (~> 1.0, >= 1.0.2)
-    evalhook (0.6.0)
-      partialruby (~> 0.3)
-      sexp_processor (~> 4.0)
-    excon (0.82.0)
-    getsource (0.2.2)
-    git (1.8.1)
-      rchardet (~> 1.8)
-    hamster (3.0.0)
-      concurrent-ruby (~> 1.0)
-    hiera (3.7.0)
-    i18n (1.8.10)
-      concurrent-ruby (~> 1.0)
-    immutable-struct (2.4.1)
-    jmespath (1.4.0)
-    lino (3.0.0)
-      hamster (~> 3.0)
-      open4 (~> 1.3)
-    minitar (0.9)
-    minitest (5.14.4)
-    multi_json (1.15.0)
-    open4 (1.3.4)
-    partialruby (0.3.0)
-      ruby2ruby (~> 2)
-      ruby_parser (~> 3)
-    rake (13.0.3)
-    rake_dependencies (2.11.0)
-      hamster (~> 3.0)
-      minitar (~> 0.9)
-      rake_factory (~> 0.23)
-      rubyzip (>= 1.3)
-    rake_docker (2.13.0)
-      aws-sdk-ecr (~> 1.2)
-      colored2 (~> 3.1)
-      docker-api (~> 1.34)
-      rake_factory (~> 0.23)
-    rake_factory (0.29.0)
-      activesupport (>= 4)
-      rake (~> 13.0)
-    rake_fly (2.7.0)
-      concourse.rb (>= 0.4)
-      rake_dependencies (~> 2, < 3)
-      rake_factory (>= 0.29, < 1)
-      ruby_fly (>= 0.35)
-      semantic (~> 1.6.1)
-    rake_gpg (0.16.0)
-      rake_factory (>= 0.23, < 1)
-      ruby_gpg2 (>= 0.6, < 1)
-    rake_terraform (1.19.0)
-      colored2 (~> 3.1)
-      rake_dependencies (~> 2.11)
-      rake_factory (~> 0.23)
-      ruby-terraform (~> 1.1)
-    rchardet (1.8.0)
-    ruby-terraform (1.2.0)
-      immutable-struct (~> 2.4)
-      lino (~> 3.0)
-    ruby2ruby (2.4.4)
-      ruby_parser (~> 3.1)
-      sexp_processor (~> 4.6)
-    ruby_fly (0.35.0)
-      lino (>= 1.5)
-    ruby_gpg2 (0.8.0)
-      lino (>= 1.5)
-    ruby_parser (3.16.0)
-      sexp_processor (~> 4.15, >= 4.15.1)
-    rubyzip (2.3.0)
-    semantic (1.6.1)
-    sexp_processor (4.15.3)
-    shikashi (0.6.0)
-      evalhook (>= 0.6.0)
-      getsource (>= 0.1.0)
-    shivers (0.5.0)
-      semantic (~> 1.6)
-    tzinfo (2.0.4)
-      concurrent-ruby (~> 1.0)
-    zeitwerk (2.4.2)
-
-PLATFORMS
-  arm64-darwin-20
-  x86_64-darwin-19
-  x86_64-darwin-20
-  x86_64-linux
-
-DEPENDENCIES
-  confidante (~> 0.27)
-  git (~> 1.8)
-  rake (~> 13.0)
-  rake_docker (~> 2.13)
-  rake_fly (~> 2.7)
-  rake_gpg (~> 0.16)
-  rake_terraform (~> 1.19)
-  shivers (~> 0.5)
-
-BUNDLED WITH
-   2.2.18
diff --git a/Rakefile b/Rakefile
deleted file mode 100644
index d0c002de..00000000
--- a/Rakefile
+++ /dev/null
@@ -1,812 +0,0 @@
-require 'git'
-require 'confidante'
-require 'rake_terraform'
-require 'ruby_terraform/output'
-require 'rake_docker'
-require 'rake_fly'
-require 'rake_gpg'
-require 'rake_factory/kernel_extensions'
-require 'shivers'
-
-configuration = Confidante.configuration
-version = Shivers::Version.from_file('build/version')
-
-Docker.options = {
-  read_timeout: 300
-}
-
-RakeFly.define_installation_tasks(version: '6.7.2')
-RakeTerraform.define_installation_tasks(
-  path: File.join(Dir.pwd, 'vendor', 'terraform'),
-  version: '0.15.4')
-
-task :default => [
-  :build_fix,
-  :test
-]
-
-task :build => [
-  :"app:lint",
-  :"app:format",
-  :"tests:app:lint",
-  :"tests:app:format"
-]
-
-task :build_fix => [
-  :"app:lint_fix",
-  :"app:format_fix",
-  :"tests:app:lint_fix",
-  :"tests:app:format_fix"
-]
-
-namespace :keys do
-  namespace :app do
-    namespace :passphrase do
-      task :generate do
-        File.open('config/secrets/app/gpg.passphrase', 'w') do |f|
-          f.write(SecureRandom.base64(36))
-        end
-      end
-    end
-
-    namespace :gpg do
-      RakeGPG.define_generate_key_task(
-          output_directory: 'config/secrets/app',
-          name_prefix: 'gpg',
-          armor: false,
-          owner_name: 'Leptonite Maintainers',
-          owner_email: 'maintainers@leptonite.io',
-          owner_comment: 'Service key'
-      ) do |t|
-        t.passphrase =
-            File.read('config/secrets/app/gpg.passphrase')
-      end
-    end
-
-    task generate: %w[passphrase:generate gpg:generate]
-  end
-end
-
-task :test, [:deployment_type, :deployment_label] do |_, args|
-  [
-    :'tests:app:unit',
-    :'tests:app:persistence',
-    :'tests:app:component'
-  ].each do |task_name|
-    Rake::Task[task_name].invoke(*args)
-  end
-end
-
-namespace :secrets do
-  desc 'Check if secrets are readable'
-  task :check do
-    if File.exist?('config/secrets')
-      puts 'Checking if secrets are accessible.'
-      unless File.read('config/secrets/.unlocked').strip == "true"
-        raise RuntimeError, Paint['Cannot access secrets.', :red]
-      end
-      puts 'Secrets accessible. Continuing.'
-    end
-  end
-
-  desc 'Unlock secrets'
-  task :unlock do
-    if File.exist?('config/secrets')
-      puts 'Unlocking secrets.'
-      sh('git crypt unlock')
-    end
-  end
-end
-
-namespace :app do
-  namespace :dependencies do
-    desc "Install all app dependencies"
-    task :install do
-      sh('npm', 'install')
-    end
-  end
-
-  desc "Lint all app sources"
-  task :lint => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint')
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint-fix')
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format')
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format-fix')
-  end
-
-  desc "Run the app as a local process"
-  task :run => [:'dependencies:install', :'database:local:provision'] do
-    configuration = configuration
-      .for_scope(
-        deployment_type: 'local',
-        deployment_label: 'development',
-        role: 'local-app'
-      )
-
-    environment = configuration
-      .environment
-      .map { |k, v| [k.to_s, v] }
-      .to_h
-
-    sh(environment, 'npm', 'run', 'start')
-  end
-end
-
-namespace :functions do
-  namespace :dependencies do
-    desc "Install all functions dependencies"
-    task :install do
-      Dir.chdir('external/lambdas') do
-        sh('npm', 'install')
-      end
-    end
-  end
-
-  desc "Lint all function sources"
-  task :lint => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint')
-    end
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint-fix')
-    end
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format')
-    end
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format-fix')
-    end
-  end
-end
-
-namespace :bootstrap do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'bootstrap infrastructure',
-    argument_names: [:deployment_type, :deployment_label]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h.merge(role: 'bootstrap'))
-
-    deployment_identifier = configuration.deployment_identifier
-    vars = configuration.vars
-
-    t.source_directory = 'infra/bootstrap'
-    t.work_directory = 'build'
-
-    t.state_file =
-      File.join(
-        Dir.pwd, "state/bootstrap/#{deployment_identifier}.tfstate")
-    t.vars = vars
-  end
-end
-
-namespace :database do
-  namespace :test do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-test-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :local do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-local-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'development')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :environment do
-    RakeTerraform.define_command_tasks(
-      configuration_name: 'database',
-      argument_names: [:deployment_type, :deployment_label]) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'database'))
-
-      vars = configuration.vars
-      backend_config = configuration.backend_config
-
-      t.source_directory = 'infra/database'
-      t.work_directory = 'build'
-
-      t.vars = vars
-      t.backend_config = backend_config
-    end
-  end
-
-  namespace :contextual do
-    task :ensure, [:deployment_type, :deployment_label] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      database_type = configuration
-        .for_scope(args.to_h)
-        .database_type
-      task_name = (database_type == 'deployed') ?
-        'database:environment:provision' :
-        'database:test:provision'
-
-      Rake::Task[task_name].invoke(*args)
-    end
-  end
-end
-
-namespace :tests do
-  namespace :app do
-    desc "Lint all tests"
-    task :lint => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint')
-    end
-
-    desc "Lint & fix all tests"
-    task :lint_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint-fix')
-    end
-
-    desc "Format all test files"
-    task :format => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format')
-    end
-
-    desc "Format & fix all test files"
-    task :format_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format-fix')
-    end
-
-    desc "Run all unit tests"
-    task :unit => [:'app:dependencies:install'] do
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:unit:coverage' :
-        'tests:app:unit'
-      sh('npm', 'run', script_name)
-    end
-
-    desc "Run all integration tests"
-    task :integration => [:'app:dependencies:install'] do
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing',
-          role: 'integration-tests'
-        )
-
-      environment = configuration
-        .environment
-        .map { |k, v| [k.to_s, v] }
-        .to_h
-
-      sh(environment, 'npm', 'run', 'tests:app:integration')
-    end
-
-    desc "Run all persistence tests"
-    task :persistence,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:persistence:coverage' :
-        'tests:app:persistence'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    desc "Run all component tests"
-    task :component,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:component:coverage' :
-        'tests:app:component'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    namespace :coverage do
-      desc "Run coverage badge creation"
-      task :badge => [:'app:dependencies:install'] do |_, args|
-        sh('npm', 'run', 'tests:coverage:badge')
-      end
-    end
-  end
-end
-
-namespace :lambda do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend keepers lambda',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'functions'))
-
-    t.source_directory = 'infra/functions'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :keepers_image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.source_directory = 'infra/keepers-image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.source_directory = 'infra/image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image do
-  RakeDocker.define_image_tasks(
-    image_name: 'reference-backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image/Dockerfile',
-      'image/docker-entrypoint.sh',
-      'src/',
-      'app.js',
-      'package.json',
-      'package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_keepers do
-  RakeDocker.define_image_tasks(
-    image_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image-keepers/Dockerfile',
-      'image-keepers/docker-entrypoint.sh',
-      'external/keepers/src/',
-      'external/keepers/package.json',
-      'external/keepers/package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.keepers_image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/keepers-image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/keepers-image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_storage_bucket do
-  RakeTerraform.define_command_tasks(
-      configuration_name: 'reference backend image storage bucket',
-      argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-        configuration.for_scope(args.to_h.merge(role: 'image-storage-bucket'))
-
-    t.source_directory = 'infra/image-storage-bucket'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :service do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'service'))
-
-    t.source_directory = 'infra/service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :service_keepers do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'keepers-service'))
-
-    t.source_directory = 'infra/keepers-service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :ci do
-  RakeFly.define_authentication_tasks(
-    namespace: :authentication,
-    argument_names: [
-      :ci_deployment_type,
-      :ci_deployment_label
-    ]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h)
-
-    t.target = configuration.concourse_team
-    t.concourse_url = configuration.concourse_url
-    t.team = configuration.concourse_team
-    t.username = configuration.concourse_username
-    t.password = configuration.concourse_password
-
-    t.home_directory = 'build/fly'
-  end
-
-  namespace :pipeline do
-    RakeFly.define_pipeline_tasks(
-      namespace: :develop,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'develop-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-develop"
-
-      t.config = 'pipelines/develop/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :demo,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'demo-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-demo"
-
-      t.config = 'pipelines/demo/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :production,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'tag-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-production"
-
-      t.config = 'pipelines/tag/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :builder,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'builder-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-builder"
-
-      t.config = 'pipelines/builder/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    namespace :pr do
-      RakeFly.define_pipeline_tasks(
-        argument_names: [
-          :ci_deployment_type,
-          :ci_deployment_label,
-          :branch
-        ]
-      ) do |t, args|
-        branch = args.branch || pr_metadata_branch
-
-        configuration = configuration
-          .for_scope(args.to_h.merge(role: 'pr-pipeline'))
-          .for_overrides(source_repository_branch: branch)
-
-        ci_deployment_type = configuration.ci_deployment_identifier
-
-        t.target = configuration.concourse_team
-        t.team = configuration.concourse_team
-        t.pipeline = "reference-backend-pr-#{to_pipeline_name(branch)}"
-
-        t.config = 'pipelines/pr/pipeline.yaml'
-
-        t.vars = configuration.vars
-        t.var_files = [
-          'config/secrets/pipeline/constants.yaml',
-          "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-        ]
-
-        t.non_interactive = true
-        t.home_directory = 'build/fly'
-      end
-
-      task :handle, [
-        :ci_deployment_type,
-        :ci_deployment_label,
-        :branch,
-        :state
-      ] do |_, args|
-        branch = args.branch || pr_metadata_branch
-        state = args.state || pr_metadata_state
-
-        if state == "OPEN"
-          Rake::Task[:"ci:pipeline:pr:push"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        else
-          Rake::Task[:"ci:pipeline:pr:destroy"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        end
-      end
-    end
-  end
-
-  namespace :pipelines do
-    desc "Push all pipelines"
-    task :push, [:ci_deployment_type, :ci_deployment_label] do |_, args|
-      Rake::Task[:"ci:pipeline:develop:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:demo:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:builder:push"].invoke(*args)
-    end
-  end
-end
-
-def pr_metadata_value(key)
-  File.exist?(".git/resource/#{key}") ?
-    File.read(".git/resource/#{key}") :
-    nil
-end
-
-def pr_metadata_branch
-  pr_metadata_value("head_name")
-end
-
-def pr_metadata_state
-  pr_metadata_value("state")
-end
-
-def current_branch
-  Git.open(File.dirname(__FILE__)).current_branch
-end
-
-def to_db_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "")
-end
-
-def to_pipeline_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "_")
-end
-
-def database_overrides_for(configuration, args)
-  configuration = configuration
-    .for_scope(args.to_h.merge(role: 'database'))
-
-  (configuration.database_type == 'deployed') ?
-    {
-      "DB_CONNECTION_STRING" =>
-        RubyTerraform::Output.for(
-          name: 'connection_string',
-          source_directory: 'infra/database',
-          work_directory: 'build',
-          backend_config: configuration.backend_config),
-      "DB_USERNAME" => configuration.database_username,
-      "DB_PASSWORD" => configuration.database_password,
-      "DB_NAME" => to_db_name(current_branch)
-    } :
-    {}
-end
diff --git a/config/ci/rdm-management-default.yaml b/config/ci/rdm-management-default.yaml
deleted file mode 100644
index f9e09032..00000000
--- a/config/ci/rdm-management-default.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-ci_account_id: "%{hiera('rdm_management_account_id')}"
-
-ci_deployment_identifier: "%{ci_deployment_type}-%{ci_deployment_label}"
-
-ci_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('ci_deployment_identifier')}"
-ci_storage_bucket_region: "%{hiera('region')}"
-ci_storage_bucket_encryption: "AES256"
-
-concourse_url: "https://ci-server.rdm-management.redeemeum.io"
-concourse_team: "bosonprotocol"
-
-image_repository_base_url: "%{hiera('rdm_management_account_id')}.dkr.ecr.%{hiera('region')}.amazonaws.com"
-
-node_builder_image_repository_name: "rdm/node-12-builder"
-node_builder_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('node_builder_image_repository_name')}"
-
-app_image_repository_name: "%{hiera('image_repository_name')}"
-app_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('app_image_repository_name')}"
-keepers_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('keepers_image_repository_name')}"
diff --git a/config/defaults.yaml b/config/defaults.yaml
deleted file mode 100644
index 7e09c4fa..00000000
--- a/config/defaults.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-# General
-region: "eu-west-2"
-
-component: "reference-backend"
-deployment_identifier: "%{deployment_type}-%{deployment_label}"
-
-source_repository_name: "bosonprotocol/reference-backend"
-source_repository_url: "git@github.com:%{hiera('source_repository_name')}.git"
-source_repository_branch: "develop"
-
-image_repository_name: "bsn/reference-backend"
-keepers_image_repository_name: "bsn/keepers"
-
-storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}"
-storage_bucket_encryption: "AES256"
-
-secrets_bucket_name: "%{hiera('storage_bucket_name')}"
-
-image_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage"
-image_storage_user_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage-user"
-image_storage_user_public_gpg_key_path: "%{cwd}/config/secrets/app/gpg.public"
-
-admin_role_name: "cross-account-admin-role"
-
-rdm_management_account_id: "031036423983"
-
-bsn_parent_account_id: "915981965568"
-bsn_development_potassium_account_id: "384010198059"
-bsn_production_lutetium_account_id: "371854298993"
-
-bsn_parent_account_admin_role: "arn:aws:iam::%{hiera('bsn_parent_account_id')}:role/%{hiera('admin_role_name')}"
diff --git a/config/deployments/bsn-demo-mendelevium.yaml b/config/deployments/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 8a4422d5..00000000
--- a/config/deployments/bsn-demo-mendelevium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x43A3Df919d5918bbB6300Fd2c20cCBF54221972e"
-token_contact_address: "0x3efc136c2F352bB0768029c115f9e518C61E6902"
-boson_router_contact_address: "0x55C7461087e476a1EE094847EE2401B26559FADC"
-cashier_address: "0xc5701331cf35EED5950CF770fd3316c1402C57f3"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-demo-selenium"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-development-plutonium.yaml b/config/deployments/bsn-development-plutonium.yaml
deleted file mode 100644
index e4fe1967..00000000
--- a/config/deployments/bsn-development-plutonium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x469eF8b9F583920318Ce3dd095A0402A4b061bb0"
-token_contact_address: "0xe8637906721051D860af222E6021826887d9e358"
-boson_router_contact_address: "0xf7EEBa6c7a4eC07735b4AcaC8f8AF608f9Ecb8Cf"
-cashier_address: "0x0ab0Fec353C6653F2eD05b5E5ceb4fB27c7d7902"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-development-tennessine"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-production-oganesson.yaml b/config/deployments/bsn-production-oganesson.yaml
deleted file mode 100644
index 9f81d75d..00000000
--- a/config/deployments/bsn-production-oganesson.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x72ed3a45303D5102B92b6F837162684673c40477"
-token_contact_address: "0x94588Ba858c7F67B60a0a079FE2131c4C0351fB9"
-boson_router_contact_address: "0x6D7f06CC2F2583A44226A9077Bea8C5f646B5095"
-cashier_address: "0x5aF8E92541Ce126d2BfF69A03F301a7E16943A9c"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-production-lutetium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-production-fluorine"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-production-gold"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-development.yaml b/config/deployments/local-development.yaml
deleted file mode 100644
index c4a85e3d..00000000
--- a/config/deployments/local-development.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27018"
-database_version: "4.4"
-
-database_type: "local"
-
-app_port: "3001"
-
-token_secret: "e039b2caa4b26f6ec6c65388676389e917e0cd248aaf1222df0540b9bb60d160393e15620e5155cbe2abb97f1b3f96483f670a5788d17a2488077bbce696afcc"
-gcloud_secret: "e9c21f96242935be36928c9acb44ef88b1153644994ba1"
-
-image_upload_storage_engine: "AWS"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-testing.yaml b/config/deployments/local-testing.yaml
deleted file mode 100644
index 8f5b31b2..00000000
--- a/config/deployments/local-testing.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27017"
-database_version: "4.4"
-
-database_type: "local"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/rdm-management-default.yaml b/config/deployments/rdm-management-default.yaml
deleted file mode 100644
index 636ee0d8..00000000
--- a/config/deployments/rdm-management-default.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('rdm_management_account_id')}"
-  - "%{hiera('bsn_development_potassium_account_id')}"
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-development_tennessine_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210413135553345900000003"
-demo_selenium_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210623150921670400000003"
-production_gold_cluster_instance_role_arn: "arn:aws:iam::371854298993:role/terraform-20210413135959680100000003"
-
-image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-keepers_image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-# State
-network_state_bucket_name: "rdm-tooling-network-rdm-management-default"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/hiera.yaml b/config/hiera.yaml
deleted file mode 100644
index 86af7c11..00000000
--- a/config/hiera.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-:backends:
-  - "overrides"
-  - "env"
-  - "yaml"
-:logger: "noop"
-:yaml:
-  :datadir: "config"
-:hierarchy:
-  - "roles/%{role}"
-  - "deployments/%{deployment_type}-%{deployment_label}"
-  - "pipelines/defaults"
-  - "ci/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "secrets/gcp/%{deployment_type}-%{deployment_label}"
-  - "secrets/app/%{deployment_type}-%{deployment_label}"
-  - "secrets/mongodbatlas/credentials"
-  - "secrets/database/%{deployment_type}-%{deployment_label}"
-  - "secrets/pipeline/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "defaults"
diff --git a/config/pipelines/defaults.yaml b/config/pipelines/defaults.yaml
deleted file mode 100644
index 3eb81db6..00000000
--- a/config/pipelines/defaults.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-ci_provisioning_role_arn: "arn:aws:iam::%{hiera('rdm_management_account_id')}:role/cross-account-admin-role"
-ci_deployment_type: "%{ci_deployment_type}"
-ci_deployment_label: "%{ci_deployment_label}"
-
-development_plutonium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-development_plutonium_deployment_type: "bsn-development"
-development_plutonium_deployment_label: "plutonium"
-
-demo_mendelevium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-demo_mendelevium_deployment_type: "bsn-demo"
-demo_mendelevium_deployment_label: "mendelevium"
-
-production_oganesson_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_production_lutetium_account_id')}:role/cross-account-admin-role"
-production_oganesson_deployment_type: "bsn-production"
-production_oganesson_deployment_label: "oganesson"
diff --git a/config/roles/bootstrap.yaml b/config/roles/bootstrap.yaml
deleted file mode 100644
index 68a22522..00000000
--- a/config/roles/bootstrap.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  storage_bucket_name: "%{hiera('storage_bucket_name')}"
-
-  allowed_account_ids: "%{hiera('storage_bucket_allowed_account_ids')}"
diff --git a/config/roles/builder-pipeline.yaml b/config/roles/builder-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/builder-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/database.yaml b/config/roles/database.yaml
deleted file mode 100644
index bb7e2271..00000000
--- a/config/roles/database.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  mongodb_atlas_organization_id: "%{hiera('mongodb_atlas_organization_id')}"
-  mongodb_atlas_public_key: "%{hiera('mongodb_atlas_public_key')}"
-  mongodb_atlas_private_key: "%{hiera('mongodb_atlas_private_key')}"
-
-  database_version: "%{hiera('database_version')}"
-  database_instance_size_name: "%{hiera('database_instance_size_name')}"
-  database_service_user_username: "%{hiera('database_service_user_username')}"
-  database_service_user_password: "%{hiera('database_service_user_password')}"
-  database_read_only_user_username: "%{hiera('database_read_only_user_username')}"
-  database_read_only_user_password: "%{hiera('database_read_only_user_password')}"
-  database_allow_cidrs: "%{hiera('database_allow_cidrs')}"
-
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_key: "%{hiera('network_state_key')}"
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-
-backend_config:
-  bucket: "%{hiera('database_state_bucket_name')}"
-  key: "%{hiera('database_state_key')}"
-  region: "%{hiera('database_state_bucket_region')}"
-  encrypt: "%{hiera('database_state_bucket_is_encrypted')}"
diff --git a/config/roles/demo-pipeline.yaml b/config/roles/demo-pipeline.yaml
deleted file mode 100644
index 7996eb63..00000000
--- a/config/roles/demo-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  demo_mendelevium_provisioning_role_arn: "%{hiera('demo_mendelevium_provisioning_role_arn')}"
-  demo_mendelevium_deployment_type: "%{hiera('demo_mendelevium_deployment_type')}"
-  demo_mendelevium_deployment_label: "%{hiera('demo_mendelevium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/develop-pipeline.yaml b/config/roles/develop-pipeline.yaml
deleted file mode 100644
index 3b73acd7..00000000
--- a/config/roles/develop-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  development_plutonium_provisioning_role_arn: "%{hiera('development_plutonium_provisioning_role_arn')}"
-  development_plutonium_deployment_type: "%{hiera('development_plutonium_deployment_type')}"
-  development_plutonium_deployment_label: "%{hiera('development_plutonium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/functions.yaml b/config/roles/functions.yaml
deleted file mode 100644
index 767a80b1..00000000
--- a/config/roles/functions.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  cashier_address: "%{hiera('cashier_address')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-  executor_secret: "%{hiera('executor_secret')}"
-  etherscan_apikey: "%{hiera('etherscan_apikey')}"
-  infura_apikey: "%{hiera('infura_apikey')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('functions_state_bucket_region')}"
-  bucket: "%{hiera('functions_state_bucket_name')}"
-  encrypt: "%{hiera('functions_state_bucket_is_encrypted')}"
-  key: "%{hiera('functions_state_key')}"
diff --git a/config/roles/image-repository.yaml b/config/roles/image-repository.yaml
deleted file mode 100644
index 4b05dc4a..00000000
--- a/config/roles/image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('image_repository_state_bucket_name')}"
-  key: "%{hiera('image_repository_state_key')}"
-  region: "%{hiera('image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/image-storage-bucket.yaml b/config/roles/image-storage-bucket.yaml
deleted file mode 100644
index dfd1570c..00000000
--- a/config/roles/image-storage-bucket.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  image_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-  image_storage_user_name: "%{hiera('image_storage_user_name')}"
-  image_storage_user_public_gpg_key_path: "%{hiera('image_storage_user_public_gpg_key_path')}"
-
-backend_config:
-  bucket: "%{hiera('image_storage_bucket_state_bucket_name')}"
-  key: "%{hiera('image_storage_bucket_state_key')}"
-  region: "%{hiera('image_storage_bucket_state_bucket_region')}"
-  encrypt: "%{hiera('image_storage_bucket_state_bucket_is_encrypted')}"
diff --git a/config/roles/integration-tests.yaml b/config/roles/integration-tests.yaml
deleted file mode 100644
index 90a94ada..00000000
--- a/config/roles/integration-tests.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-environment:
-  AWS_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-  AWS_REGION: "%{hiera('region')}"
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  GCP_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('gcp_image_upload_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/keepers-image-repository.yaml b/config/roles/keepers-image-repository.yaml
deleted file mode 100644
index ef38598a..00000000
--- a/config/roles/keepers-image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('keepers_image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('keepers_image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  key: "%{hiera('keepers_image_repository_state_key')}"
-  region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/keepers-service.yaml b/config/roles/keepers-service.yaml
deleted file mode 100644
index b22ab5e3..00000000
--- a/config/roles/keepers-service.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "keepers"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 1
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "keepers"
-  container_http_port: "3001"
-
-  token_contact_address: "%{hiera('token_contact_address')}"
-  boson_router_contact_address: "%{hiera('boson_router_contact_address')}"
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  alchemy_url: "%{hiera('alchemy_url')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('keepers_image_repository_state_key')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('keepers_service_state_bucket_region')}"
-  bucket: "%{hiera('keepers_service_state_bucket_name')}"
-  encrypt: "%{hiera('keepers_service_state_bucket_is_encrypted')}"
-  key: "%{hiera('keepers_service_state_key')}"
diff --git a/config/roles/local-app.yaml b/config/roles/local-app.yaml
deleted file mode 100644
index ee8ffcda..00000000
--- a/config/roles/local-app.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-environment:
-  PORT: "%{hiera('app_port')}"
-
-  DB_CONNECTION_STRING: "mongodb://localhost:%{hiera('database_port')}"
-  DB_NAME: "api"
-  DB_USERNAME: "%{hiera('database_username')}"
-  DB_PASSWORD: "%{hiera('database_password')}"
-
-  TOKEN_SECRET: "%{hiera('token_secret')}"
-  GCLOUD_SECRET: "%{hiera('gcloud_secret')}"
-
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  IMAGE_UPLOAD_STORAGE_ENGINE: "%{hiera('image_upload_storage_engine')}"
-  IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/pr-pipeline.yaml b/config/roles/pr-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/pr-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/service.yaml b/config/roles/service.yaml
deleted file mode 100644
index 8748d710..00000000
--- a/config/roles/service.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 3
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "reference-backend"
-  container_http_port: "3000"
-  host_http_port: "3000"
-
-  token_secret: "%{hiera('token_secret')}"
-  gcloud_secret: "%{hiera('gcloud_secret')}"
-
-  image_upload_storage_engine: "%{hiera('image_upload_storage_engine')}"
-  image_upload_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-
-  superadmin_username: "%{hiera('superadmin_username')}"
-  superadmin_password: "%{hiera('superadmin_password')}"
-
-  database_username: "%{hiera('database_username')}"
-  database_password: "%{hiera('database_password')}"
-  database_name: "%{hiera('database_name')}"
-
-  domain_state_bucket_region: "%{hiera('domain_state_bucket_region')}"
-  domain_state_bucket_name: "%{hiera('domain_state_bucket_name')}"
-  domain_state_bucket_is_encrypted: "%{hiera('domain_state_bucket_is_encrypted')}"
-  domain_state_key: "%{hiera('domain_state_key')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  database_state_bucket_name: "%{hiera('database_state_bucket_name')}"
-  database_state_key: "%{hiera('database_state_key')}"
-  database_state_bucket_region: "%{hiera('database_state_bucket_region')}"
-  database_state_bucket_is_encrypted: "%{hiera('database_state_bucket_is_encrypted')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('image_repository_state_key')}"
-
-backend_config:
-  region: "%{hiera('service_state_bucket_region')}"
-  bucket: "%{hiera('service_state_bucket_name')}"
-  encrypt: "%{hiera('service_state_bucket_is_encrypted')}"
-  key: "%{hiera('service_state_key')}"
diff --git a/config/roles/tag-pipeline.yaml b/config/roles/tag-pipeline.yaml
deleted file mode 100644
index 9b5a221c..00000000
--- a/config/roles/tag-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  production_oganesson_provisioning_role_arn: "%{hiera('production_oganesson_provisioning_role_arn')}"
-  production_oganesson_deployment_type: "%{hiera('production_oganesson_deployment_type')}"
-  production_oganesson_deployment_label: "%{hiera('production_oganesson_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/secrets/.unlocked b/config/secrets/.unlocked
deleted file mode 100644
index 08384ac39ab520e9b92da6ef7aee1fe3f558cdd9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 27
icmZQ@_Y83kiVO&0uz%<8<}_y|cW^=Tq}~>>nQsAksR~d4

diff --git a/config/secrets/app/bsn-demo-mendelevium.yaml b/config/secrets/app/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 3a61ab1bb685dbfe235d1e470584cce0b1564020..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`0H-w=XU_DCy}G%;J;c|sxA~B}(L_td{9xhy`ddhkXJooy
zMr?qQ80jgUelFQuq`OdE+FkVo644$z!a~*I&Y`;#tF)!JK4x;4vjVT`;|(s_HScRb
z%?X1Pi;b9pxd5iu)%flAevfg6t6uBb0_3w)M}~^2&M>)oNk&uQEH#zRiI-{~*b@>;
zWTa5l7BUi!R$VjRkBA9z3&kxcRCzi7I9FNQ&nD)d@$3E+PjbIC!Hbg5bR~vlE8D`;
zo?Tx!mM{$sKp4(nhS5T(L;z&nRznytf^nS;pq6}QPT9%lb^k5j48=TF9LVgy@6zMD
zkmX5gj-KMeh~L(Bjc|s%y;z;{Ny7CuQcahEHT1uK(jM?EsYh{U8S7?l!6nV~kFV2i
zCV;ku2$YC%a<gA;*Se`&w`L~edgf|Ya!v+0{v|dh93R}Y{!h+)F$7EwYPIa!KATo#
z?oi}2>vkZRP!7eONi!QzjDI^ZaJ5i79;9$pFj*V?%WXj|OMxU$(aDezMO5bSi1aLA
zy3Nr{_Cp7NXM2k<0N4P56lIB~j2=2D4eSKr4^a8&sjOAH>_-@E7%t1}Zig`bJ;JDA
zeRu{&`2YKv(Lc}j4hV2>%?wMWd@9-J3HYO1OSxkLxXWp__SlyV*RS^pp1whf2ziJ$
zz4aKBciCX-dr;K0L9F2*&ehq?O}RVoTO`3S$}yNoOJT)OvzXN-X<=NxJy~th*R})F
z{6TC+no6_CBC5C`uSu6ug>k9H{kdGM5Cn-bg71N?ur&k&;zG81zR9Hd%;+fvc<wx`
zM|J*5l2Nl!25gYC>Y6IpJEg&i!4Q`5JNAhqWQ<bN!6mNDD%y`zkH$=12byA5x&B+?
zf$m^Yu#fuF-4UOUQ%*q7%2Ajqg@6gN(q~kYx)D4|qKrP#c6K-onpAS$oDb&m_=~lT
zq;;RWvISoyr;(l_E<GXLJOq?ZMhv_QMXoyesjY%^9H$*cp=TC+a$@xZ`#Xs@#Ddif
n18ONtuT)BaQowSkHN_1;EA}U<$4CPMn4QDazL79UqDH}ozfqHf

diff --git a/config/secrets/app/bsn-development-plutonium.yaml b/config/secrets/app/bsn-development-plutonium.yaml
deleted file mode 100644
index 35e25dd6782565a3c23a623eff1a83d864eeb10a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`03(R!8+*n5O-n!aDhc)yrDGO<SBt){-3Rj5MDN=>@=H4z
zmhs1F-ChBS2)1+a32cIl(Swk`cj7rY21y8dex#^6&M^iGF|JXtRH_-{X4g3o_vIeK
zWW%SQ!GA36$Am;-;Nte!F!9X$<yyQ4eI)yARKCb;jeUO<3Zs_A^-1?BZ4wFPKZ6Sl
z7Wp)%VOoLYvnY6C=Q2*_Y}c7KFTXD<)*E1f@8s>6I-E+ZX$}Tq7r(6Pd_lB}XABu{
z<%mDJexc@H>n*UoeGYl+WodQvl3kLYYT3BrTso`Uw(WVk?~bLLfG|=(gqL^fpU`Xd
zuNk1gD?wSzc_?Bw?a~IJ9Aub_#1f+%s*owISRldTIUPD8&WsE6>W0c!_83>hIqI~n
zzIkEk`KAkC;WZk5F<Z7dd7`|f*VpK<9O_G0&@rwQyNL?8l&d;V;yeCiZUcNx_QydD
zC;S?F*9*OxGDL63#i>K<p@n$*AG|SqUU~{?0_9KIJ_6p`SHclZq7|V5AzOd8n=h7%
z!*s05`m}suRp}8A-bO=R(9-^XnvU}VJyG%89MbF$u!{EARTOLZD~xeg1q*-*mbmuO
z=6^0@yA&h6Cl<tZS<=E@i!kHIQdtC{UlYxtvH28(A@;Wd71v%qK`(6A$S_H~8)<Kf
zOj1m0jzd+Ps2KG%KC)7~TSK+$X#cFu982}D__I|(tk`>4>p#~(z*Y!@@lh1YaekA)
z7(=3LPBm2TI2c~oztajr9itFo!K$k(BYR#FnYjaaM<n<1oCy1LD|)g}Km&KmX6Y?w
z98=I|{p*7crX#>?HS#k}Lr1&TZoKVB-KT8j05-`w;U#+Si|e-5yw=LsbRfGb8tM({
z{M(O!X`d{1OI5bT1R127lKs)^Ct}9$rW&d{HGD%+2VcL&uUoDAYTDy*2-V{^&$O+w
zP-&T~Qqm!hO%B<iD4G6q4*2LAdeXbBTGIRf`$v0p5SuI|7Q9!h=+F-BwaY41%2itu
nd)CZf@L)8Zu5G(NO08!rwqw4)xU=NX9Jfg>RvEA$Psg;5QZtsf

diff --git a/config/secrets/app/bsn-production-oganesson.yaml b/config/secrets/app/bsn-production-oganesson.yaml
deleted file mode 100644
index 0cd2b52fd1854ba50907fe8e8f451ef2b5eb652a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`056{Jq7dOBC)=^H9w7wlDZu78FpM`%2gLm7$oaR2$Jl-A
zA7Q2bQe{6_dOz;x0gixw1DAQA@~Zsj2ARv)EGxg|kUg}E(#NefQxy)QIzMr}yS)UQ
zbYIFN(M69kOG;|3_1(Z0jcg_pl8$!;!Sx-rdyL`faU3Ld<T_wu@a@gah}Kp!0QI!t
zFbYpGJH#PL{yU{NX<VpB0=B|@=uQ^XNn;9`RYDL4!eDjFFT1Gy3lo0DlhTg)UR;JI
zc}?Pq9yY0wa|8<M0RqZ)Q%LL?cM*=xKv+{N=3)eg7m31-`l+H!grV@_9axEm=pd0*
z9ij|;8u_)%Eo^iVYL2otaC<Q<@P^^9-FLI+*4K}%sHnQN6;U<D5YnE-k!IQ(IXB_c
zR;~z4P+j50j@J7Lh7~UI+b2q!2~hxCaw-t>fq4b#N9VITSIt-UdbZ2ua?{d~T*0Ln
z&1UeYdyi9wprL}B;EzT!=Qwu0`kc>$rEp>g7B{PJAelhb#msyoD(0lw<)0!CxE;Aj
z26%O8#_QZ7s5?FqL@SvCq+pTLVxO~!>`PWGK@oEJ*KuI18V=-0p@*kj5mfMBg2-m&
zRX)T7v1jmHynR4SVr9q3p}N_1cJQScCD`MKK<`(2{d$!Sg3SHOhvxK-wT1?z5P-1}
zD)^AtAPdv|Y#;gCO7>K%blEDH#gkKMz-I*xM))y04cb1WPcu?wk`Y-E`<2aXbHMtM
z8l?#Tb?4dW!6%PnzSeV0^2aQeWfbjDUaU=S>Z!#aq9<SB%1Wpe*sTlyU2>Azf@sQ3
z%So+>_eN>Ck;J?SRrFDf#fUNSH}>1{o;y2Gd+}e{p><brH1Fa#J5>vM;GYZXmQ#xj
za+XUyUiA=|F#S$*wDLjVWP<2PBm88CeI4EcOPLFpZxCf~iq{YXem!e<7cc~Ddb`+0
zSBHH|@6b%)9(OOw!j8h*RlT#XP6Km%d*|KD*BFLUnwW0v&>OzC&(#$vcYxDsJNQq2
nlD)nEI+uOY00<VdWf<}T)35?WEIm=MRAt4IbV9?2x^wdUmEn~y

diff --git a/config/secrets/app/gpg.passphrase b/config/secrets/app/gpg.passphrase
deleted file mode 100644
index 2a40252d4a98137a333056efcd409d7e604cf188..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 70
zcmV-M0J;AFM@dveQdv+`0Bc%=X-iG8;r0D|%gj>gkZwNaxblIs4`~P6?V;+e3-8Ty
c1{XO3kaex=D7kbsu!X^yl@v4_BmbT<jF*2Q&;S4c

diff --git a/config/secrets/app/gpg.private b/config/secrets/app/gpg.private
deleted file mode 100644
index 40f5c37ac914bc79f5e1ffc98ebc667b0cc43316..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2993
zcmV;i3r_R^M@dveQdv+`00IM$X)KkBcEB!@wv146^*Vm_x1nf1yyAz$;(!Yl;fyyC
z>uf3PBnRw4-bJxhMkO2S&E^ZuBM@jRcz}78w2tS_XIfoY8S5dW_Ig5<)NfJIawuRm
zcm;v%lfAm5rfyTxA;NF1q47%yB0jpV4=c8hJ2CH}On{<b`zINHdotW)Q(3Gxc6}r6
zRqi;`j;oprfquS1)B%Dpg#lk$#m(q3fX*~zZE>Ol+%&7MYr8euQ5jjP1ES6?AhU?=
zJg)$`YCcowXg^#4jCj&+n?yu{$H7|e0ssl%-~`Z7PEU{+Tj|>cg))*XK{Jv`u;(4r
zobC0!D_J6(s6+O%R#qI5Cp3doPE+_xHxqx%4D#2Wo{EZaNh(ir-nEv+&X{eMMSPWS
zcVyQED~Q76AIeUYmyHfB$+rAozNl5f#kI4B(>H$>{vZ2n#wT?`5yuZRw7GK*J9T0m
zI(~XtbNN;JBXdydr38Fr=FY;6Oy2$CQEpX@O7QN9IcudaY<be(Kv%WlV(<5lUdb~|
z&PIdf;b40umfN+Yk>-nOA~Z6+$yoYZU}YrPiaSF8+YR6os9vSuI-#}wStA85xKqrO
zbdWZK+!I!PPCr}bJ+cwkHfF%RXC7ez)Y}@*U>?t5*%Z=?G@mQQ64S<~O=d9)AkHW`
zIcaDa-un5(Cy*4?f?J>76EZg;oaYhIvhH9TldA_IBrG{hrJbm>`X@f16N=%;>LSl&
z7=E<0In_h81-KarScSquc!7dByAPTehwOekd^k}^^~2veMjSG<O9%GrBh(g3vG`pt
zpNUGRIWnjXSgemAa5z6jaRnqMJPIJ9{uph5?e4O%K-A~h5^WzPXxe<dSY+ONH}G;h
zMRLZi#830B*~ufx4wa{GimUP`Ri_HKX2~WC1}#t)s@t&^$<sGyq%uR-#nl5wg->k|
zGOG0i3a8+LU&=>6uQKkg5NuxyqwaCPCA4slq1(t<DKqto_dK56(UPflmg_cU;Os~g
zeuTJTByh335~B@L7ELTo57cWSUqMRYuT`?PYnVDB%O}1ex4|@TsBFC}2Z$rj6izuN
zAE8F*o435KYyegPeXSYf7f1NJn{pw!QJCQ)O(ryOZECicFTc<YiL%*Jc}3soMXGoL
zB26{-@AC@AUb-_bIVm!0DNyr41QJc#tT6<h5C?Q&PSn*WVR-ZzEHL*MNb$vi;b_e%
za{{7LnX6Gj0~~je2A*0Z6?kaGEcBTc;b9|lsd*XI(p~eGIw0x5+e_L7;mp0Aa49mr
zhAbil6^J~ERAfDN!0UQdom(TN^p_x1O;!R<vE)oEvDR9N5+v{cnrP;jQ_McX9gdr`
z8+W~m7_o5Z5o7ITidvI;TL?j-8<KR9FyN$_i->g#3;IC_9%900NgU)><g7kbbW-jG
z-loH{>&w*|8LGh!Nu~>x^iLtrdmu@@z5lC_iQUd#y=UQ))6W#%vY(_%ysJWC?@^N_
zRQ<D^vUwT*h&}?Ryfv!Avc9C{x|LbL%75?{+9nF|2iWV;p=+RXFGZ71A~1x_Y>#zX
zLF4?EHZgIM0z`w^n7dROa~L1x12@=+X=EHEqm(9M!9T=986;x`<rI(J+vHp}GpuH9
zrRaMSLNO@Qs*5te&t`w+%-R}I!F-o7`>LUtr;-v+3l+e-)o1!c1CkGHDZc7E{1*cQ
zBu<j*`T^jFM2x8LhRa*4$9^Z$nj1$gS0S5ozYMT9PT7f<#gQFbcFl?n@!V_t(ffe6
z&B%SU*>4W_J>nyKb)X~rW1_X4N$(N@5)jfDLJL<Yfgck2ByBH1UdgE__eOSYN8AQJ
z3!XrNg*xsyT%;)&Wk_y}@>~SOrr{7u+)`{5!(q+Vt4zQ(u}`l1E(U)Qg2WjCI7Do!
z9XWM=G%QzT;E<*1&gHhKtA0A%<TulLbTwvhc>n)Cj1Yu|;N!I4<Ht&n6dCJ2=F}n5
zyzb?I@3Ey7!e(R%&Ulws1nN@z!yZNvw|gkb8X!n-6Jd=R>Azu2hC{)a{vKZR3|ZeZ
z#%!79KnW%WiV$KJc#tvBdWFOd&w8n~WGoNBsqXU+4AKQ}H&^f)YX3X|IW!?e;-KWR
z@L{F-Hw0N@$g+e<%!SZGP8E?Pk(qykn4vHTpMG|L5CBnv!5$7Tx}w^h=}at^+3-`z
z5nuVXCh9t*K&HmLO=5<YFsJ53#r$~Rd;9uGH6xRuTfh~Qr4UcGeo_nf*^e7Wotu!w
zbyEA=DAe`9YU3&VhA7WMB}1DhCXJ6rEPOy9_#U4Sc==Gdc3Z^ZGJ+?|T)q1ZES!xm
zb)Z2Cm*Ka}YHLADy^-h1Ikx7&&!-!vCo?JEFF?9v5rFN@e5=2X8QY<P&NTqA+qmmq
z6Vo72wCX00bxQ5VgYtz~HZ<X;TW^4bqPs*NSGY6_RJe1A<maar9H~SP7xh~l%e6!M
z50|OD8AKEsM1B`;C=b5R5<$l|R{Qo;wQUYe&ygKO^r|7f7l?-LHWOdD_7LFI^I)hA
zOtU3ye&8s!ni9HjK9bOMjqxNOyYG<~{ytIn72PxgESSq2Z0wGwLwC7>XY@(e8D1-Y
zl_q6GC2mT9idZEwRUM8Q;x}(){<Kh!lKh#r&~pv`Ad>T#C@qaEJ7R8U!y&{-JZ)7}
z7~A4QFH37!lF^qbbmCugH(oDBenqnzdYxAHHphRo?$cJy-Glo$kEOz(RMURG#486X
zmzrYEodv@{6Cp0_&+BMrfPgN2L+PFP2`4rpW32H7sy>V@PjkXK(RQin;43*5(#Ofw
zT5r?p?3e)BHN1$)I+O<Ad&n$NVw)bv|Mr6`F()|<5Z`nt<#EMXt;3{SNs-SB9f9ax
z49*MBEJkp)mlM1XU^Rn(gorLU2X958VLXAI16+Y|g6caH5LuBz9Wk=r66(ehceZp?
zQxJ{+9gS0+)UzCtU-?WN3L3I#kntdVE?R4NiQ!H#8fqSx+?f5k%jCp?FsWNX1vEmS
zufARB^c|im+;Uyd<zm<n!b!^xL#RBFK0lAhc3f{GY&g^zrqaK16$ZFM5W7n;;Ncbs
zR^?*U17J`<l}{vr`_Mf?e*{PcB{;8)@G9vQ_CbH{iZ(R{RcW(BB3`Q?+*=II1GZh}
zN1>#;A+pzFSY<=TbC9j_C0h@oQ-aC}y>Q;4&4=a`8Sr>R-)J9R1?fQlRFGyp%A%E*
zU=krh)ZUfL7DAWyW|{!aR%_y7cPGMTQF?I!`4Jm;r38!-jW7N1#2#?6e1o`DaoeWa
zZ{)l)aW-%u`8aES7)Ng5=@!iACyEQVpH)EAJQ%IOGqDAh^G_5(G(9jM94I*`50fp<
zYIb;x;>S%iP^e7qi{E1l*IH0j+K=-nkXM}%+vl)2v~%U{jY>uW_GlCE3Svt^cL7#_
z^Ym+$E&U=O9^QSe&AnHU3~99<EqJ#--=lnNX3dX}{?<^^g)jU{z%@Obp!Gb*G*>m2
zip!ZEHtR8uA;N{iMa%%Jyuc`l0j&q|38^+*p0`rxEwExr<KJ%!&qAy+ixt)imV|zW
zbwT<{X=1Bf<JU;>ScSZ8HN~{8jRIGb{q0AphfKoVw^{7~4yjhBx<oEKkM}o=9H+?N
z=8{2LAiV^P`dUq102pE%7<rNjb(5O=BxLu{m<9(&0Sg43tGOL&f1SM~A0mQ=fYWu%
z)?nxp{@0PPsl-IdE0S!D=9kn?z|^M;NoKR*DcFjH|NKyH_7wWPIMN@?So;Y#?nnN?
zZ{Le^;GsfgWpnId7WB(;AN%RV?;&$R6>dZmgG+qG!6f4-WB#FZJ1zwa*pR{2l#X_(
z-6U2R1K;mlpT-@0JSKvtaV*z`fN`aof%&_GBI7=%gR_CDQQ-egr395KcDkcFP{eVk
n_L+AM*nG0zj&PAdje3z|Zh=+DjCA>D05S?_<rcJZv|E2!Dk`4B

diff --git a/config/secrets/app/gpg.public b/config/secrets/app/gpg.public
deleted file mode 100644
index 147ffc34c8b3814bf5ddd7acc452b4117db257f8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1599
zcmV-F2Eh3MM@dveQdv+`0Bdl0=B@s`)W?a6;N2NxpK7Mc5%%{pl-RI{OkD!dR&X;g
z5p5bVyjtS=2X=j0W7Vi;aIsYq1%uaCIO*#BNSOT$Vq-%cbA^TV;Rmwc(U1=*%xOUW
z!)Vi;zL79&lF;6rU-bdq-2!Xjwnx1g-ZKz;4d}V^!UcjL5HSyU&CgVGSy5)>)f!IW
zVd%)LodUjUB2d=Ud(Oc?m$#$5@6b;J298r|i?HhpR*K6tU+imHOo-((gAhooGnvrA
z?5~u-s0OX!{98g#Ar>85U`~91d{s1uFRvY<>zf`oV!K{E(}=Gw)l;8M+#UfANWsFv
z7Xj4)F^K)-Sl7c0&&4gnneR1+lxb`EaIE@QY{#3%d#z*8${fHt99sc<?fey}UK!q%
z>*W^Y5~$HqfEg9St$!FAWXlN%WT|x&Zr$*r0SAdE_IJ9i?f_u@3$$Wt!_giP7S3w;
zi6!ugsC&l&y5!`1@vnT|3{$U!06I?q`bmHdA}&qi69n@#VqHC}A|lA6OTAhx4p8iz
zTkh0k12Y=4NQFi4%F_A7$2D@I&EZ}^S}^^I*Pdw(Jd(yK=%lC~e#sO}Hjv$6fityj
zWIs<<@W;tyC{DWFV-(GOSY@#=Xi&+e9?A$P)xr^Za5|Js)lzS~Xa58{h%aq}zCOxR
z1Pf`1XbB|PGR0d_tjSb!?F~cD>Ij=BW5_-8QZ0nmGJ`4^b<<!n>AE$nri#G<C#a$A
zfrQs+Dv>xp9eLU0qA=7Di~qeEl)k4{370|d=*%BjbiG`<xazhIW0gyG6C}&)Of{VC
z1UMs_4>HjNtVv8YaG9=<U}m}u%Sc0cgFVCqF)y%#CTr%P-Yxj@(sHd|qkOAWSNa~I
z(=~h`8)9XEuVw9hW<8dcqGG2<&bf4S74$KNj?~VS6&52nc1+)Huk(5S!ocXO5{E;K
z9r!{p{fn+_>ni3cjVmfc2B)RCzMwBUw4s%3rf!wr&;vX^YMv;awj;Z`4B8A~QAy+l
zAB;*yk`X@q9KR+wTEsGkeDl{J8coF{Q(|D{39~BHC{+3Xifs=snGC1|^KE5lw;iDY
zvkcry7ClG&g_AF9dm_8=0c>9kM<ghpjvwK*Q#%E?A&Zdb^USS<*UQ!s>-bvESwfcc
zg_a);K^wPtj!oWm?c(98X6v@;mS$qjN3mK!=fB`f6re*t5^#?E0>)QIH692R5(!%t
z83Cf3LnOXoEVSHtN$PZe!94g{sel1|uacK}=VNqV5@h@#0(?nHc7TtRFXSz3$T05U
z>SRz5(4~*I2XV7xEGZXbdc~*%4T4}cw^r_*c+&X|Tg%X}s_ZZ#+uu<I1fYy=MFq}9
z+;zq)Bom@gJ|I=)Ui+k4B)ZNQS0I?<4TZhM^)@rl@R*U1$6IpEjj0F`d2&V&NN2dq
z=NUO%N&cmQ8^o{Vg4)z;J};2h`?fbgW!mHoTu+IR8zHTiSD)*<tegO7yi1m|8fvuN
zt@SLiO(Cw>?JoD}%Kg27jwijrEN8BkVY^e*Fw+MMy0ru?DA73^{H*HviA)1vOxho&
zJ8ciH2^hfPv;)r;>Z(#Td3!}=Q9XI<K{r^P@ZJACLltxS+8*&oHWuz+!wou3aWviX
zk>sR(aeSB*AWIbC4ymWwLkRQN-~Zu_5W!m3W<oORDEnuf4cSmk)zTfe)Gj)kl~t^u
zNBoUDExNyH!BZ4G-A=&mnq8q^Z(=IqFxWdljAauOk1j$X+(TbqtL3FyC9Meu<R?YI
z&9K*{Mbpk5?V{VVjuA!C2Hg;c=~-Pz20tM;yYlJe=5RLNMin+(BS8~^8f7}wK907A
zgYz|zD}^p27s;LHt}J)Ky!4NGkTvA}$bUD`qiLbohEYOui_3``u}sjSoorQl$fNj(
zRRV8D+?y)9Oi)~>;{I`*<h>NfUBM|(_5238wx%TdPF5oN_!NK${t+M?@9`xZ#Dt0=
z+}kEWEmqC#)0hB?!BSP2dL@0gYJ)+#pX`usWXa;SF^LXvAIXojZB<g)D9oh@u!9!j
x`w|4a7(kNr$EZ=X|FT?w=F$i<HJ5i>Q~HKzm6hw`>oI9ufBBqS6{~|ws-2B&4n+U}

diff --git a/config/secrets/app/local-development.yaml b/config/secrets/app/local-development.yaml
deleted file mode 100644
index f0cbcbbfc183257b4caf236c126fa40cc6366fcf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`05S}F?X-gNGzmpx9pKm}&v}BAxye9cl`LlkdIZXU>{^8K
z8d0&JqjkYs6KWwEga5Vh7JJV%e;A5(87z}X4sGR1pi?8DpbE@MDEB_Y83j%zhDK!E
z?-g^41$Q~hc$8zL+WSrhN`&!g1M8dykdolt8Vd@Oj&|8VwBB-*-pici8WnO8PjE17
zmRjW2^M!aFNWn~#Al+V*M&|dT=O;DJvI1W|lmSzU?yRH-U4Tc^Dr~dkNgQ#L5Y;s>
q#t2MF8K}Heay^lZwZ}P`gZUqe@Pc{gHS#bfsmBCDoJI!sDDkg<pKh@L

diff --git a/config/secrets/app/local-testing.yaml b/config/secrets/app/local-testing.yaml
deleted file mode 100644
index 66d2375a33f83ccd229cef193ed984c1000401e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`03TAWuDVdlo9JO>3`s~~CbqlvCm^F5g)%eomv|;$%dLg$
z<6|OQ`k$|RBp68wq-VDCS6&K;P4|Li(c@l(ZM+x&i+S<+VPKWn+-(+j9YYq)MguWI
zagGE!!rBiKzeJcI-Dksf=WvYc*7ovq`VNqUXD?m)|3<>na#{tGJ?rpP0eXe87Xu*e
z4o-%G(JvgM?g67z(Cq~sBJ9O^&vmN=?0)Hj_hTUao4mqBuq7JYV(S<D@l?2FR}Hpu
qC<gUXT4lm%DSE!EX%{$?t2d}lJH>f!<j3Uo3HVK!j&wgipNX}@zjP`9

diff --git a/config/secrets/database/bsn-demo-mendelevium.yaml b/config/secrets/database/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-development-plutonium.yaml b/config/secrets/database/bsn-development-plutonium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-production-oganesson.yaml b/config/secrets/database/bsn-production-oganesson.yaml
deleted file mode 100644
index eefcdd92a97afb9d030b322d70a10e752b33c846..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QO;^c6gQb(OMLh;IqoTY6Ccm0`jy4j^idHmyGY+5#Lb(
z++rTT?pB^ZpgrvKDn#-?!uRsp)s@s7pYpJ-7!`{yApHT<jcmFL>%sthxCVyDZIYQ<
zfMm7ZVSSye?F7Y+loRThE*U`WeHVvA-Htvr9BMn_qg<U6&je<M5guaA2yWZTwr_-q
z`^>3ERKr0jSrs2eqll&E#1nyHlx@xcU~9L#%DD(ocqVZ$(q!8bBZ3V16uriP7Amfw
z5s!JlQ@WpwZg`>KGr!C;y4Z9LKZmi_5Mx!Y5)|W0iY?tZt~SE3RPZ|rEdx3(t^{4E
e)0+6&qDHse(8DbAVqe0?5l;s@!OKFm=~V3XM2OM=

diff --git a/config/secrets/database/rdm-management-default.yaml b/config/secrets/database/rdm-management-default.yaml
deleted file mode 100644
index 96337abd1ae41a8c4a572156d5ad1751baef6f18..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0F$#RVz-RH|6Uq!v3J6OQ=p_H;-AKS9GSM%S>s1i?=78H
z)w%T$lUEjs?%oTov?+B!nCqS`YmoF<CTxJm-xvy2^p2Kn@m4-QTi;bWc7i^t5}hRt
z>`ihcLBo!|_*77DlRtZn0!SxnsP_IF`LW8Y&Sd-EmsRda+-qko4hqockFz#bC4kFG
zXHq<K{x$6;czszAf$$KVLK4ux!#4D|VQGx&Y4_APy`jX~ME^We?9tdT(6*8@gs}<e
z2UvV6`E&g^fk=K})KRlNKQT?9UjUcLdu8)T^7zPxh`A#NYxkM;mNIgITL~3Uo+XMS
en%<J%>UW`NIx_74zXz5q39N8iq;yp2?>gq%pNy^m

diff --git a/config/secrets/gcp/local-development.yaml b/config/secrets/gcp/local-development.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/local-testing.yaml b/config/secrets/gcp/local-testing.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/test-bucket-credentials.json b/config/secrets/gcp/test-bucket-credentials.json
deleted file mode 100644
index 0b6dd95a9a82b5d1d811b1686ebe1160033164a3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2384
zcmV-W39t45M@dveQdv+`08+N`Z>~7vvR;L7&xnB$Sfa?q^qYo%q+L-iTPAbh9U9*M
zT|A{<NQiXoqhts~GhT5$kf!WIl5K?WzVlX_^QThjPQ48NlNbY5O9?m%r>=Mg#^Lro
zw=YE8C`F(+O9hCNZ=dX71j9vzrO@J=b+eE~Fa5O}%Z4LpcPIy5eYBTKsMu^w0oiC5
zF7Aotc{}|}yT>rpprvZzQ#c9ZB@)Y8w3NtXEv)b-93X_gXz^v?>eN4$h}IdAkKI-_
z_=-n2U!$8Z_awP_S=1RQqmj}(qDKx7z>wZYe)YLH36~4LPDKJpJCFRJ!p<1A&D$%#
zDZDojvibUMi>^adj!?ao(wp8$w~4l*XezdgN8DPHh=~}NvM|rl(rSLOiKte?*FcA7
zHU~#Ho<OFZ7xS7weSiLpze4(dv|ssRf01Dsey1vgYQ!9qBOxq?W5Elu;?-b!8U!EV
zq>Yyx$X+Urt?s{!%&n;1OAMSRrQvY2^kV4k5I~eF@@AiQlmea{=2=3H5{|sdRlSr0
zwnp5zFV$St?9-$OW@#_&1=LEFxz5HNyubAAZPC+>62ys=_fY-SFdzS@Zb7TjFx|#h
zYHfAB$KR=cE+4NilBeEu_<ta-4zuE1P&iGckgXUv{X<WkI?-&ur(xJ-c2SEAbQ}r=
zF8AG$9&tJ*jOKas-`9F9--@7amGmm_hyv2ZpMc!u68i~WU@8f&CBngx%Ae_(h?}7*
zkz7-lj_&2UbHTEh%x<fCc7(mOvj<(5q+!)Z$=sj5*9<pe0$urmC)Mu6?U9yCXq}Fl
zc}9$v<+mcf<uo>dC%YUv(ilG)8DNW)43y8yHD7C966^dCV5E0JofL|f`sNa)jWS0j
zNA=Uy8!`B|4JimModrhsHmf{mVj8S6`mUG^TED*Yq40u6KusFe9qD^Ny#)E@_gKNp
zqEI9(F&oKz1C&_qGdK#$&C1vg2I}dx&+ibbs_m3LK4i3F5f<g|cj;H`oGXam7%GbR
zKQ5SwxPX1$@cTn|yybINXKGY9;z2ImZ+F(ii7Xoy*#`&&xp!IAd*=EEV=-nndRR}X
zl)7dRE9WOR>2ne8XSXQzlhVE3Dn{Ze3xdmupVt-*F;%NIb-%x$Dzwb2@HH6ETEI|z
zjoyqp`#R>QDIn!7suU6!^o%5xlzv{)=ZE6@zA+y_5#d^MFm02joR?l-RY#Aq@7hqa
z=FKfxDwlCBTro_n@1qHjwXuuqiZ;<ER#nKV0@ImpVMvy^UkC%|E)P?xdOV&pK=T23
z|ECZH$ybMsH`kjA2y)|qDy!q|Zy1q06pJO(SswQQQWW)^(#i**Ryul|d}_eu+CbFu
zR-wpX0C9n76S-wnx!i{H^>W27&#%G6*as6%J3(#*6$3dJf^9^zfD3JPSa2h?pwr{D
z#fSJjT}!2mCg|FQpYm{^DFE?vk&+E_ZhfD_M1`p4O|L=Om$vx(^voMgsY27TcreYe
z%(c-KW}_~tEbGJwaO33TppO@3<h1}8#h=XS9tes66|B3pjW=SJcW&pEl2L4XBZ3G9
zjMCrb(Yuk-RJ|?-FQ=fNY&CNqCjOE{+taqLwvnf_W%Sf9j9K^Cm!w6l+!Cq=^tJZ)
z5j<X;D*$4)Yk5{#{d8Iq&fa^I$NJU?k3OTUr(C9jCp10q1#ox-<8*L6z)+I)PgWDg
zjs6&@utPL<zbCiyswx&8M$Ly#*@N(!{A(?ld1&b(imhvZ(Pr%j1ZGFWj_orT>i)Rt
z>^schWvJhDTIR29y@S$X!HhG92XMhGksorRpNc;zaZWd8fH~o#&ZH2I<~eRHfugm(
z9WjG1X=zEyo1*fTM#`L5OapY^Hj5EZMM-~nKRCORhvXL-VxcM6PqLNB9)#Ya=w``X
zD<C7pOy=oNSR!uM)4^;$MQGHb$Rlt&BswlWbmsy$G6&*9Bqg~V(#7~_V`u6nfigfF
znctp@+w_?<_3nlV>i5uDfE*v8HzNsp!<H#Tk?;+xp88XFW`d))%;W6Z>BMlkh-;cb
zz{<Q*za5oaLX+Q1vH1C(Y*TfJAs6u8&h;_=h6k3aBbOdP59*C^`}W(iu>>1Yph`WQ
zY4bTnTP(Z2yXKS=@RDT&es(jhmv-llCocmzeb5ref`X0hN%T5(Vg4;n{$Yo=2uMSW
z`9;-AYf+S*y7?O{q%{;0(DH)=HqCJ8jT7zZblC8#zT9GPRF_Ix$E$7udnU`;xvf8W
z%*x5^d4X*}%DOnS_l%DUj+ZaxJbB~WGwRi+-)!LiGlv>7tXcE67#Kon7~CEq-d*IF
zYi69L(niVgF<7fF=w`ASW8FeVxFJqVOtoEsz^(?Zh2}oa1<0C~{Y7mxFR|~pk2vtR
z3&f*@7a*G8RGHS@H*S2wGA|MZElV*X%E823qwRNO#J8-vK(;i->{USDc<=Fn?hlEA
z-6nD^S5*i~pv3Bl7IFLZ0xvV|Mdh_XCEOpyluOph=V*)oQTqD*PWguc1_08DH`G-x
z%bpJ6SU*7na+ss{f3YID-lE@@oNN+m8etyE>sD_&T3;Uam?28E>6&qsaOv&6`M5Yn
zeH=+M89X$~<nuwRKl$ej`)`LnxhcppWb>RUs96ZG{^Iw^cJ+=FB)_95Wy~BZ1c@F8
zbxN2AzUD**jCQ_J>m4`~L8>p(VLaFEV3cUzh9BjXIv);=u>?eDv&SLNHntLTTagU;
zvh>89nf@)Hj($74k3D#AKuO@<n-7`)A&breKMVsUp-;Vq+lYj>LInRiBf9oG+j%N<
zPh0oLls`w)x1t*7W9qS>kaXhu$41vZ#NQVh)Y^;+KT9=H5-$YA5P9_v2Z3z_iAT?v
z9*v5rB`qqqkP-`0d!6Y=UhxKtY7cIl#jy|85KpM2b2JP{C^6lfbi2#uOv#q~B25R0
z4}5D<JV>6snL~bd;EyCQ^&u_$UEpGr?&O8qX*z7BzlxN0X0T+^hL!=YiERbW9=LvW
zwGldm2i`_~Shni?$f#S#U8t=hL|L;4U>JuQHOcZ`<hWAU82nPP$Hq~6ZhuObVo_22
z{alr_#=Cm|G=4eQ=hcBj`Wc>KPS{4Vag5!yd*;Rw5hUsVi|+-gXmEP(?LXNV+7qih
CVXyiC

diff --git a/config/secrets/mongodbatlas/credentials.yaml b/config/secrets/mongodbatlas/credentials.yaml
deleted file mode 100644
index b2c255f200bebd293e6073d3558b7855be2594db..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 187
zcmV;s07U-)M@dveQdv+`0J18}a%c;W0seJA{vy(aO$e&dTkw8+R7f04m(k*@=x3Kk
zY-cd>lpim@_~>8I^JsK<lEChFQ-T!}Ofu^(+Fc8!P9SykSJp+K*U_uLYbUA8+;zM}
z<bOcU=!D>hj(pF)2KgvJPHWhzUUW@8+NP6LODLya)`rA-4WrFyG4Cqjb?b_IM$sIN
pL}JAo16~=2c}XJqxFs3<-Dzti?;Nf~E>u9k|K#EL+0g?hkd$2?T}c1{

diff --git a/config/secrets/pipeline/constants.yaml b/config/secrets/pipeline/constants.yaml
deleted file mode 100644
index 894a40a2279425a15dd7c0460ede37726e79f24a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7826
zcmV;D9&O<OM@dveQdv+`05SrPM-#t;TW%}6&(HvtwxfdnG{OU-Q^T0gwO<xvBhQ{X
zBBqN{Bl(VlB*l^|)*wJX`@s%lh)?Ksk@ZNh`J(|A)ZsyTe!H;+T#*&vp%TPw&{9OZ
zIL$fUVNlnn?37Xs8(-6|emm&{1k#3)HqhS|M+{Yf=t#%!&`#J(-G=k>l|uoSohULs
zwTw16$w-bLldu?CVhFSq*+v-Kb0e^J^`Wo76eGR9Y@$;Okl%j@e26cADAO1J0UQ}B
zW#sT=v<N?h$-^QIZ|PYKpZW?qMsh>Lzi52?&Pu-}Ha_6mXuvBOa28^XqBwKHBWi@L
zSA)wjuJm)4)9gfo!wG(k(n@)7d(4MT6|nV`zi1>8V*od-VP=_Tz#)+7X(tVbE%Qs>
z#w0|D6H8Mt3d9zG8@3@=!J3NLY4V=mG7L?_-GF$tfqLR$`s@TZ%`wuBJk>%NHRKH)
zSm<6uQl0f>sk0m;N8_Z^GMxdNXi1q~as4H!y@J<Mp!2nfDVZ;Q1ITz)3k;SOp)US*
z3i@uGDYm}v6gN@X$~Rk4UTNSviD6I?(RTvVW%7^7;o~Ecz5UJt&|fq&L{75Adk>ln
z^|(_s?MRwpfCV!B{+<=8)bF!{pd}woxWTi=s#f=5Gk^=`bYx&%thbnD_)ChHX(AQ3
z_sB}7U&!o|=kAgfH-3i-(63j$Q9cJddFDn`ufyl^%w=Wt{cQ$qg|EYt^u74GOwCUF
zmhKPF>9m^&SJ38`?sy6J1wk5U{yDoBOGwvR19<Z<RV1sTZ|(^wdUrnV;#@4BK=8LK
z{P`VS_L{Scof^`2J_cn7pZ+!iDoH*H1Ors@Mr?U+91iJYaa_2PbxLXM*fPI6*IDh>
zq`*Xm9NtipNQh;PiV^pa&%RiPot4uf%p7>4btJ?mm1su!&-q)f1apqmx;t`XVR*yA
zrhZAFsvVDuPG~Bh4X~Ql=+7^H|Fi9x*^VTb%xh8tmm$+SBS+7BIHMz5W8~=o7JxS9
zQ|=wn*B}S`dmsKT2Bz|&a$2pYc%bMVn1#-wn)xmKJPC8F9Rfg6{~|wLT8FDAxJTRe
zJJ1u_W_^g(Z)VHeVX6UB^>oEB-s^!b)q#nll#~}GBoa3sUqEz9mZK=pD^Ip5R2YnQ
zHdHBN<7Ikc>MX$OAyAP4X7~2A)tG=AoRX<p@+7+vs-v@+XME6V%pbutrnIf-?ZL4l
zu&KHZWxFHh1wAZa&$_d+8w18Y20%KwRduX6S(7No#8zS){c13+djdsN2(dEXP**Fl
z^1Aup5yMRTrA*k@qcvlrzx|O6Hbf*&!exU2b3cCXD%f8wNm^Ho;D#lCTMD1WE6`6(
zPPw5g{yq0ra|-Ip8*~PSEh_>))~)+GQ^rOUenR1uJB8MxnpEZv5yL>bqa>}ciF<zE
zk7lR*uwkrEb`BX2nxKQYr=EwAmNprqR_1*NX91oMNhULu0#u4*@}y6EX=lm3qzjI+
ziwlko03|t1kuW{m6tj5-#;&10vaeSpfP98QUg0Mey$S}IxhW?J#L1loR}+P?JaXkj
zfC`V!7YDoUYjtY3Vf4-1o9cDyjZ2vy9`Y$tiq^&3IV38~+>5gDLDUIcY~wmVeXq2e
zi#;2Y#*1^Jj#rfVVCek1OQN`z!ts@JI^Hti4649a4C7r*{h1v{7|<pJNK#=GIdH`a
z`J2naJ4_=P6;yWR6X*vvuIl~^ejfSCn=KTJTM^+d{+?&0xaZsZNnwlFHXgfycqgzE
zhV3=++bD%A5JBtg<)%m32N6EudlLm9;}3^NM6>!EM<5C5wO3&(t^mmsKP4~ZuP$Ix
zX(PO`VUtPo(Eg)!r|csuaC?s8tWDEgV~D9P11RjyZZiNE^$A^V2ZGISdb!j~T6+7(
zb26^XhpUAdl%Px@-GlzuiE@qf!IElxT=A(IrxzkdBB>5IfHP0YuGs|7;?NTCf9%~|
z2a3kM=VG_=`_emp`W25gagMU$lJc%tDn~o2<bS8*uZy&_><~sZ2AEkBq=J55;jrn|
zgW;9R_Rkg=!e>jz^6rO0bk%za_I6vBKrNXH6?0e2#dodaZPvENx{|W~Bo4v~AvlcQ
z2gOD1L0)$|tAC&-;XcVOV*Q(tt3_LXm4(20!7y8%0`lZ56M1$;90XZY#~5=RjU5Z1
zuYi{wn!V8iTB%>m8FT41gdtZ3J$(KKDAuwhXhYhGFhcZe>eN_E{_(Dd=W3MeGX_a<
zab0J$oVE<%ySDNW(rp_Dh;DUKyUfkRJhIQrKP@TepwIyboIZ|0ZzgHp!v-%eEudS|
zymRk%!)9&FpCejUrN3%<dFrGIz!^OWPOUS3QAPgn=@SmR3BdE)I0nlv+}xc*V_`1O
z3Sh!5)3E*GI1qNgJmsy8H1dU;A|mH7HIZI=0dtNA@3-i?znWiZ%)1UxgPcw+D+P1Y
zH&%MD)<Ox!K(BH75^rc2j@f~F!FcLnY=7Ba3srJWGMVL^S`RdStEbZ@*;vd1S%y^f
zO+YFs(hC|MPbh0a$u+Hc+Gi?cjVbQplDys1e1m599v>e%3&dqo0GITH1F3#-#)jsT
z4lnSN6biHUWNlR!$xE32@2Ak78V-4Fx#RG1nT9IVkgR-xEJJ2`P~<OH>QAK3j}LCs
zm&;ET%ivd@=@&wOb3tHKpPddX49GvR5ee-O+nSUBcxvVmCvN83BtKHk4+`ZsMoY??
z)x{dTMKD90$1k=F5YFeAWaD{>X8qvVDj)FVea(XfLBzRCX>k)-Fjy?F;h2`lJy0YD
zfI5pT<HEN{-ew|KBpjlkT$<Hgn409`V`VSX2o~%q-*KXm7~f(d*P<PLyF`#1R^exW
zlS}5V)(OQlBlS?*jzj0#N`TPCg<<8W6S)}F7hFdR0ypcPAuSK29P^}O62UcXTsEEG
zES;&nj9tc;g&3v9k*9yvvoKu_uJR`;c6Xae73FiHdgD)Ms}fQhG<~sc#-rs9D2^8o
zBsZ4s=k`&87v)SrIPPK`n^!$D*ZYwSyUQg`)+n@uFw2m1y%NU3SpxljszKGgd9P+T
zf)=G>$_L|M=BsUoB?A(_)*!3EJ=6Seduf|8FI`n7bG?qTMGLlV7C39Az^B(FF4*^k
zX5=I8ws9s`mlvPxc{fV65M~{mKnzPASAbC2H&s{+a99^Bp9)jmE{AqXD;+U0MC{mj
zoh*4br!vacBbk`Eb0o#u84FbjfR>lD5$tV6Z*VwNLf)JtKtA0z_h=?^CjX+Ai#C&A
zzjVDj(ki3G>h4bq3~j$VB%z?K=ZrDHPFi+kqImMi$P3FIbX|o&7?8s-9M|hI1&v#u
zMp|TLOn%JTU(L`N)Y$FTpO`uVjXZ9jT7?4@%B%0)udgN1D^#r_H0}Nv$Xwqb#K|Y1
z#2<^C%Ep;4lod_7EKVlfmhomEstranI!HepynDAU3Klw=3)q(oXYFC0Hd>>1k4Uj#
zPHA2H2Y<2JQjVxP1Xj^&F|#`R<(?$d;_Zm{6N0~d=eJIN+%<!!NdV@RhO(j_lT-?i
zUAOm5Ix;$E10&QqT5GUois4-r=Nml~auHB+ig*?Ze_Rh^MDvcZR7rPv99gAj!HHD8
zQ426$wP!-?rc$YaO!}yS^SC<kpU3-X%0ZrhiJ{9fan@X?%`>Q_WrwQDR8Ey#tK$mg
zh3!$?YkM!KO*!}ocaqDU<?h`wr`@KND1L?n{7JvUvT~QD2pW%*>0&AoRCv@`eOP)g
zbZ4dnSm!X#|61{SjHJ0z{TUn8k?G!DYD|H)(oGbBkt>8&cO_sL-zv>5zqf6?+={GK
zuN}y!NOVa}*;jqjCd|wFjTfvRa~Fzx7=tuo^@mFfIb|S5QG&$XC64`$Msk<Sg#?5D
z715ShO*Hi_;Cz9twoR=?Y91=Fl#Q8N&TCm8MKd-jzl~0zHq)srYr?JNK~?(6yx0|?
zcM+UF5;vJvH!U?o+1MepqbL7z_-^sI;uG}mkXl<)8=ggSg!y<rrW`1XKIl?MgcBH$
zcT*$~;6pdAdak6+C&wl)$E)JA9YlV#wP>o=Mo0P86?W)>=W&4k#eUAhFzti<l(Sq<
z0Bqp)&mKJy<4}k85kEGPT#r-yz9nrSg<F3Z2a*R+{xvWKP!tz&A8D2;AKHzB)+V1$
z*MDnPNAcUu1fWEsO(<gs0a>f~G=3UIOj>Qk&^*6BM)uJm!D(bp0(NW=`jp<VItc(e
z6h<$+@q3kc(%c^xb$%k}GQhu28A~0OI9k$}5<#z0Bqm?RxO@{hBfMRtj>^jENQQs;
z&ueK}8NQj7Lps|fiN5)$tLZhle>{BuCJpMcF1RQorA++`MxD?<&0dbbK==iPUV8WR
z9+XH9mvP-p7oWcl>EkOJtNd1df96WI--=$0wTpS@{;~(@StSSbK<FMyJ6YdBJIDab
zHt6lV!h675jeH0_vgMr~4U#VkBC#=VUc;PIf`BGI$k5X8l2KQVfBdt=wjxc<?G?U*
z1jgL%ux#|~<Zef#!o!x?=hCQux49PV@L3B)Y5UUKB9moT0?weGB*hiY9*R0Cruaoe
zanJSrv3eZ-PXV3t?%_l75B^TncK8aE95{OB_bb%e+D(zW=ZuoL!H7i9Ak5-jFr4I>
zR~?+~Ua-XzJy~68Ynb2#w)#Maes$o}n<?T46v@%5qH|k;go>K(Bvyg7L=p+h-5P50
z{uHUgBF?{>iy>DX97A-eG@>G6zJ?%1&~Ki=)gj3AZ_%P<$wK^yca?K}_ve7L277Z%
zp}{Dne@SgSaB7a#0_ov4D$P#SH+Jrm`?$K0Tdhh-_0X=Itf2t-rEOxHWNsY}yXIDx
zM9-!<;thxAdYv)OXieCu&Kz54&fPuhzJv<sR;7sg_jUcZ3ld7=Tl0<gG9mHdOv#IX
zsLUo!eoRkzD4bv#=+2!})5@IK4R`Tcvxg~+8PWn}>Y4h846JPUYrsA+h2b(JOk2~K
z$UhY5iZke4^%pm7q327^B~flkFg#8y--o!`Qohw!y%KvKKIyU2U!>0MX5^b|6#7}L
zRETDFw0{LXlsvSh(eiW@+4zqQaCr*i`KKXS;_UEDHn?mSSUq#UL^i3pq95}M$bjBi
zk`ym1g%ipCe%A&Jj5T@za5dse-Fsx@nq~L$5g<8>en>%5N3uOv-_!S;r3Rq6{X8P+
zJS_oqQK7{@-z!6GAUDAN1?^2fcbvuZq)$||GLL&bwDgycNU>VOj`ZYY$v`L1_`pYI
z_^}fj+GNM)qlLWmxz?i*PI~SO)?}f7h$16;e7&hAI;lBN5f-DsQF9*W_=Pl&nSV^*
z-t3i<qCIHT{Xu*?`vuj9$@W{Yb31|-XNug9-rSuN6EEe?(2s=OFoxB`OaX9@4lSD^
zB1_0{4B*C#-mz@lOx^WR6tAWUt@ej(+(|7=f|*ank?SjUzv!tB|3Kp}WV#-EhcJ9&
zw8`aR4FuSy@pKw*=$7BKSBOKt*@E8c%UR>k&Z*Mtd0#OG)VX85w8uukG%of}^n{!d
z>QQbK^<v!wDAeiXR$m;1W?6g}*Et=eY#X*H4m&9j#vfrMMN&8bxq8N~FyWuwky_1P
zMcD3)Z#%fV#*q~{)os2M1~%!+SE5XX@fnpIb>wsgCIeTC69r_U&z`<~?1OQ#R$Q*o
zO?BVVAj#A&J7}wiGA^?1`49G&i7I!w&USc5$)|cTanmkmsz!N4ks3}LlF%5-X14tv
zy&L0K{-(3rS+LLL<VP1PdRu++??mn(jcqBhqh5TkT;7B-&h<8RC-TwjXm0Xoo}OTG
zko@*{0qbr{dSWvues;x7j|n3kdN-z+v-Lw6WR>{KGomN8wRBD3(lBEhZTf5{B)Tg3
zFeUTb1=PS+<4cVIZ<Ap}oSUJ!59TS3#G1T>fahxhll&<f58|j`zrqx9`yslm^DUSn
zP*?xcP3%tiT^aU7o_qDI3+Pfz`uPKK>H}As1fQy8Hg_N0V<;XA?A~txRy_O^_1c>d
zETx&Q8q*?XXo}iu0w;v^2sInwBhFn?H^q}2-V{F0&|nlGxp|Mv*+sBdQZQME4`d7%
zT%Hj130?zwBU8!Hv_zO5h^VK2E4up7Uf0dOYrD{s&*i?-*jRJ7ejL`p?l{EQYyCsJ
zWp%J5i$mM=G=N$6^9LeMIpV7QotsvG{jA?D%XlRg(7v?*U|}<+6$`;lB>({$MXSKO
z(#G{Kul;+Rueg|R*C^*?6i_>!5NpVl0~3ht#wPyVfsdK1ng~Hr*5DL&vrF5h@bWDs
z7js-Q<n_wF``^#~0u*ON0v{CjZg@9lz-~R_f$?G5BtTxcxaQ+6HUy7Z=gCS{l7bbl
z`QV5xNz`s$j(Vu`6K%=%=0ym=p1LPq2N$NZW1`PS^pTIf7cX1E@FV&)u;kq7Vdf7Y
zZ{*v;RG9R0c?J=`?3c}!^&|TSn|Q-$uKqkCH2AwpSoh-H6Q}y5Z{Ka;`L$Jr_#Ohp
zXGXiqyg;&kJzxwZj3X=?Cv<k<<k6E~(AmJ$Ybql^*lGPB%^@mGfIVaQ2NOWFhOOx8
zH_h$}Yfsp5M8SCo?KK)FbTg5#jcnhjXBp5biEE^VD}EL^j39-bU<K9JWt^3HAv!l9
zCm?3?(S4W_vStOmXU?mCqP%S7!n*$19^wP4Y7cN=4~hu>U{&(SO_8h-Bpbbe;1q=W
z0oY+Vl#FI#oVVaO>?_PPU~a%c;Li4!XEWVyzg1sHfou!X-?ZI9d`L4gx8N*hO`wKj
z>MWF+S1W-PNfmb9kR?M9x1DrZyc~p$1o|owHC-oisvwZ+%?L`gQ>~8hq4~rX1cV8A
zJUrIsE&+~t<rf!ksK!g^Y2BfL)E{`{xTW<N$_oR<gPHBE^(JK@1U9CS$oE6e7foGu
zCOwPB6lU}w^WtK$|EeXRN}!u>L~rb61T@oEH?o64r`psIy+%3+UA`*DWQPtQ1Amb<
zL6%5B53$S-Gb0-N5Z#UAU9)W;;)dp(p+-wY=iNMvcr;wns$#EHy3`!yAe&57<x>!V
zrhnxNTIc-I2|GfY`r?CU<23GkKFf{oMO3M{skZOwxBjFeCSi06DWjL&0(*E3pIz*Y
z-%qbhMsOg_t4X<TwAm~OVs+dsjfPCxtR&HY)H-v3;~&#@SAzPy#Gi})B<Sqy%UWEW
zVyXTCZYh=ko;pQ0mzIByIVrUxGnJ0o#`Q!=04ufy+BhJk1A)xA)+4%x2e8p<`&Prv
z=Y@pi3Mm4JKES`sjt`wI%ZvpqIMj$MINqLb8bwydyj6V#fu94>M^~j)S*CH`w5mu)
zOti#^3h7xS>FR+x{3<r?RF$o5b^T5&>bQal-LX?I0QIIi*GwAuYlRpHhM>kxvj&jR
z3Rg_Inx29W@w0AY@p?e-4EHJM$JHHYW#S<VT~+Xw8M|2_;ppc<BVm)kkb87;bJ|_M
z#vFWF`H@$dtd=zktouss6VHx2s-LFPpLzMXT=>e;M?FeI&#C$rhhE>YdR{=^d;)@y
zpA}4hyExR5RI%(jL~@X7-oOm^^sohJhh}P?WBL#psc=zo6{UseTzwwT+U;6ospe;X
zZ;B7VR0voAcK{wkDZ9{@8Myq-Dp&=F+<{NAbLs}~nzD(V<$f^d(zlT!FQWZG-Qa%z
zvgPc;ZJDx|njB@+0v^datM*l}kXXKP9h(c%<r0!V#AbL2Xx{kIh@jR3uEdpEECOCH
z>+~Ku22RcY0yL9A$&P(*D^i?5e#8*WZBN(3u_RDpVYU(|mwlhgt1;_84|M*n-jnWu
zUDK<&2hr_wy`>7W7XDlP6@-GZH!M~y(rTczv;1;D?6`N1A6sQZl0FXv_DsNV73yVs
z<nh_O1e8yW(;z^>ca(}rJCHVqZ#R_=K$QbbrHy%Q^PN!GdWxc{{(O#K;MP?+&Xwa&
zJLQDOLY=h!MrN9wnoLndx8xG_X+_OIMoNaKgregao-!n7{O7)+K9D9-qwR2Nm&KO!
z*~<7G)&4wGcRD_?_}QX;5I(1{3Ijnh0cjD~D*Z^~H#lr}MIJv*^EfaJLWifSOd<Kx
zV=Z)p&Yp)tmk2lSkiNTbnO#6e;X>!>i^K1ac`|qn0tIdzjyE5Ov`>-_<<@kQIli@+
zTw^JU#e3vIiz7+{k)}GIS6M@ci^@OsQlhrBD?-Mq!GP?zU1B<dZh9Ly|F-KTua^sR
z6;%tz__M#rGjo%rBBsP`o#f>eR9`dab!E`A!cL+ZYFyS}Mx{kQd3`6A?kvTaRX;!n
zOz6#1g7k!aa(kyT>hi&X10E!Pr&&5K-Y1fsQ-dky@VXh}MUO(|!7Kk8Y33+Nwb;s=
z8kJ<5n6cnTN&CQ&0WO8BGgzFuNnaN*uow)twj5(R7Rv9IRJxt`pCUwzzM`v<M(sMb
zfnSr>YINHCO5U`X$S-)2857DWrA5EqWmQI`v)#3~P)Tlr7(<Xm$D1P?NlwF^=ioX7
zIE?<;b$bXH<k0f;NIP~qpq&5y*v`(jv8>AcA)sSK#^iN+W_B_{<pP(ZY{FYpPt}3u
zvhB}Vq(;*{uLwVzXX*-jIlFW%dmP;63<_Hv6kbOv(zII@7ZrFJ#%S#UhcnpvcD@JN
z4$avSrwr)8XuiX?s6Ps4LG1Q6EZw9IhMRs#TvPcmAY4wNsc>kmF9fH&=lm27-550p
zaTzcqI8>Cl6wf7irc=ySxBqQN_JZ~>9_||JZ{E36^rVV`_nHg57f_*72DDq8j!IZz
z4Xzi;*3+wWumT;g+Es~=r?R;Y+2}-drqe(mV50B->N4xg!@3P>WKQ82lyHVZr2~kf
zJMCq9$BspFI<ln^?cc$p!5^3Z3uml#b+qTVIMCRga2qU$YOXu1sy+&|;Qp$usE=8O
zTK7^;075)SfKg)e_suCrF?=vt)A)a=1bhNX4)_#lGb)i~|N63h<|M*?cVajaiMK8N
z@5%FPN(3uI+>qLV1%%}(d$7Op%m(Ibz6JI)cCw54kayftr^lLqK<*`u->NiS@UJHi
zMkLq=bjX@nlU=7MwuqubLg_j=7YCA?9|V%n(q^TY?m3`&(+xnw=Q17?7aXw;eSWQt
zOQoVkcOgnKXYDtTxBd7{VD#-Bj~uc^Og|pSU}E@djN7j42Ynk{qZf4dASC}ZvS9jU
zNZ0PHd&eJ|lWC?4i3@}Ee^;-0+oYR4JmhHR<J--c5fgw|6}nn$joSrJF4W(;x&t?H
zk-2?Xx>zHH-r=GKDH)Eju%u!osO=`qoR4ng-T(v-aZmu&L&QNfx`u|D_vF~ActH9G
zaSf#oA1Mw;*z*7K^0W-?u(`JbqQ^)1c)7?Ha=yGv0!!9LEShI41<tF(qhq3JBK84#
z#cmuqcwzl_WB}wacy3#iL*bJ!vNWPO`5P_9;LYW>71zMK;{G={G4P}n$1br6FA6;b
z==#4??R~FWNhBO6o${!Q7h;6V@Z5UC@J%bc+DY|~ig*+r_)<b8{P<#4*j$GTie;7D
zu4|;rW(o@QbZ<K9YlhrAQtoJUUiQew@3TABJslOq;5PP-;*zkkEpw8WT#eh&^FkQO
zdn$O1Runv_U&YkEO-D$MZCFUYT&$0YLopq1ZgECgjZ%!>hh$B+E=C;2AZAz^ce5_B
zhV&DcXw$}Qlyos2;0qRJljm+{V@Gsq$ql*SDPza@{o~8QwdJtTX*tQihUa2Y?UPf5
z7rDecrgXp5yrQh1URoRwFf&MSIG4rQJg{`d^34QT@2nr!tlzaMDD0b_oe6BqcXifm
zR>RUs25*Z5Xct4v1}=2aYT2Bak`+~b);2$m(eJQj2T7r~hmAs}Q8pn^?5l6}rCF?8
zN%`pQZL$3=F=``BjZ&mu5H0mFosXPCyko)mUHc#;<e~6;_x1v*j)%|u`K0{q!E|+#
z@0FNrezZ5PD*c3Hwld84sL3>|_6`g}nZ|Zz;3n_!ZaRk{&wr|PUf30Fkx5q#Q~qwU
zeECn1*1@m>1S`=_{md@hk-{?t3|@!*zTD(%83xTq^l!x0SfiLV@c|I!j`D61P$iPK
zm$sy7_X%-wzbduRHj<}=MpcT6$;8BY2QrhG%kQOx_V3f2pJ7H}5U&&dv6pjs#7^nF
zk(U+-z*Abi_dut0`W3lq8d!U+HTR{JfkYWU-7$o`eUZIR^O`e=o#o4&H*P0D-}lK^
zzdbrKldw*eZ_!+!zG@a%5%f`?@Oi*^M5z7*v;oTl4NT-!=NUnqbb<r9SCQWFF{fP3
k@tB;0m9igZ(>==;E&KrZ$DaRkOz^KtKHxdLwS>||A{lNnzyJUM

diff --git a/config/secrets/pipeline/rdm-management-default.yaml b/config/secrets/pipeline/rdm-management-default.yaml
deleted file mode 100644
index 27e627c633bf7744c79d7b5415931197baa0d1e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`07V}-T_}<=rkFiI6XsB7PMH{uR$Ee88>ohe!w=Ks-$G2A
z-J>yR1#=sa4Ke-q1p4MXYx&cSO3<9bXp`qnlvZw&2hkwU)qR+5aScHtue6LfBb-Bm
zqYPI}eeGVUbWLQe4V_n;t2$3N%~^t{nCkJ<6!9pmY+LZXY=Q|%*s7<kJlf|P%#MN4
zwR(ar$EFmW2uV}Rkg(7QEP0L}!)FI7u=lZrG4gW)NhduL?jSoRcy@qt9$I+3oXN*o
q^mdsjvWBlq^V)#4tIB>tv?wIU^9AqPM!B$MCFE=kaR1&CF&7F*m2o=&

diff --git a/image/docker-entrypoint.sh b/docker-entrypoint.sh
similarity index 100%
rename from image/docker-entrypoint.sh
rename to docker-entrypoint.sh
diff --git a/image-keepers/Dockerfile b/external/keepers/Dockerfile
similarity index 94%
rename from image-keepers/Dockerfile
rename to external/keepers/Dockerfile
index 002d46eb..48b1d3f8 100644
--- a/image-keepers/Dockerfile
+++ b/external/keepers/Dockerfile
@@ -25,9 +25,5 @@ RUN cd /opt/keepers \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/keepers/bin/docker-entrypoint.sh"]
diff --git a/image-keepers/docker-entrypoint.sh b/external/keepers/docker-entrypoint.sh
similarity index 100%
rename from image-keepers/docker-entrypoint.sh
rename to external/keepers/docker-entrypoint.sh
diff --git a/go b/go
deleted file mode 100755
index 35e5fbfd..00000000
--- a/go
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$GO_DEBUG" ] && set -x
-set -e
-
-project_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-verbose="no"
-offline="no"
-skip_checks="no"
-
-missing_dependency="no"
-
-[ -n "$GO_DEBUG" ] && verbose="yes"
-[ -n "$GO_SKIP_CHECKS" ] && skip_checks="yes"
-[ -n "$GO_OFFLINE" ] && offline="yes"
-
-function loose_version() {
-  local version="$1"
-
-  IFS="." read -r -a version_parts <<<"$version"
-
-  echo "${version_parts[0]}.${version_parts[1]}"
-}
-
-ruby_full_version="$(cat "$project_dir"/.ruby-version)"
-ruby_loose_version="$(loose_version "$ruby_full_version")"
-node_full_version="$(cat "$project_dir"/.nvmrc)"
-node_loose_version="$(loose_version "$node_full_version")"
-
-echo "Configuring NVM if present."
-nvm_dirs=("$NVM_DIR" "$HOME/.nvm" "/usr/local/opt/nvm")
-# shellcheck disable=SC2068
-for nvm_dir in ${nvm_dirs[@]}; do
-  nvm_script="${nvm_dir}/nvm.sh"
-  if [ -s "$nvm_script" ]; then
-    set +e
-    # shellcheck disable=SC1090
-    source "$nvm_script" >/dev/null 2>&1
-    nvm use "$node_loose_version" >/dev/null 2>&1
-    set -e
-    break
-  fi
-done
-
-if [[ "$skip_checks" == "no" ]]; then
-  echo "Checking for system dependencies."
-  if ! type ruby >/dev/null 2>&1 || ! ruby -v | grep -q "$ruby_loose_version"; then
-    echo "This codebase requires Ruby $ruby_loose_version."
-    missing_dependency="yes"
-  fi
-
-  if ! type bundler >/dev/null 2>&1; then
-    echo "This codebase requires Bundler."
-    missing_dependency="yes"
-  fi
-
-  if ! type node >/dev/null 2>&1 || ! node --version | grep -q "$node_loose_version"; then
-    echo "This codebase requires Node $node_loose_version"
-    missing_dependency="yes"
-  fi
-
-  if ! type npm >/dev/null 2>&1; then
-    echo "This codebase requires NPM."
-    missing_dependency="yes"
-  fi
-
-  if [[ "$missing_dependency" == "yes" ]]; then
-    echo "Please install missing dependencies to continue."
-    exit 1
-  fi
-
-  echo "All system dependencies present. Continuing."
-fi
-
-if [[ "$offline" == "no" ]]; then
-  echo "Installing bundler."
-  if [[ "$verbose" == "yes" ]]; then
-    gem install --no-document bundler
-  else
-    gem install --no-document bundler >/dev/null
-  fi
-
-  echo "Installing ruby dependencies."
-  if [[ "$verbose" == "yes" ]]; then
-    bundle install
-  else
-    bundle install >/dev/null
-  fi
-fi
-
-echo "Starting rake."
-if [[ "$verbose" == "yes" ]]; then
-  time bundle exec rake --verbose "$@"
-else
-  time bundle exec rake "$@"
-fi
diff --git a/infra/bootstrap/bucket.tf b/infra/bootstrap/bucket.tf
deleted file mode 100644
index 9bf230db..00000000
--- a/infra/bootstrap/bucket.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-data "template_file" "bucket_policy_template" {
-  template = file("${path.module}/policies/storage-bucket-policy.json.tpl")
-
-  vars = {
-    allowed_account_ids = jsonencode(coalescelist(var.allowed_account_ids, [data.aws_caller_identity.current.account_id]))
-  }
-}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  bucket_name = var.storage_bucket_name
-  bucket_policy_template = data.template_file.bucket_policy_template.rendered
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/bootstrap/outputs.tf b/infra/bootstrap/outputs.tf
deleted file mode 100644
index d59f77a2..00000000
--- a/infra/bootstrap/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "storage_bucket_name" {
-  value = var.storage_bucket_name
-}
diff --git a/infra/bootstrap/policies/storage-bucket-policy.json.tpl b/infra/bootstrap/policies/storage-bucket-policy.json.tpl
deleted file mode 100644
index f647a293..00000000
--- a/infra/bootstrap/policies/storage-bucket-policy.json.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    $${deny_unencrypted_object_upload_fragment},
-    $${deny_unencrypted_inflight_operations_fragment},
-    {
-      "Sid": "AllowCrossAccountAccess",
-      "Effect": "Allow",
-      "Action": [
-        "s3:ListBucket",
-        "s3:GetObject"
-      ],
-      "Principal": {
-        "AWS": ${allowed_account_ids}
-      },
-      "Resource": [
-        "arn:aws:s3:::$${bucket_name}",
-        "arn:aws:s3:::$${bucket_name}/*"
-      ]
-    }
-  ]
-}
\ No newline at end of file
diff --git a/infra/bootstrap/providers.tf b/infra/bootstrap/providers.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/bootstrap/providers.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/bootstrap/terraform.tf b/infra/bootstrap/terraform.tf
deleted file mode 100644
index b1d45698..00000000
--- a/infra/bootstrap/terraform.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.29"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "~> 2.2.0"
-    }
-  }
-}
\ No newline at end of file
diff --git a/infra/bootstrap/variables.tf b/infra/bootstrap/variables.tf
deleted file mode 100644
index 80dd25ff..00000000
--- a/infra/bootstrap/variables.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "storage_bucket_name" {}
-
-variable "allowed_account_ids" {
-  type    = list(string)
-  default = []
-}
diff --git a/infra/database/network.tf b/infra/database/network.tf
deleted file mode 100644
index 04dc4a8d..00000000
--- a/infra/database/network.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/functions/modules/lambda/iam.tf b/infra/functions/modules/lambda/iam.tf
deleted file mode 100644
index 748ea015..00000000
--- a/infra/functions/modules/lambda/iam.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-data "aws_caller_identity" "current" {
-}
-
-resource "aws_iam_role" "lambda_execution_role" {
-  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Action: "sts:AssumeRole",
-        Principal: {
-          "Service": "lambda.amazonaws.com"
-        },
-        Effect: "Allow"
-      }
-    ]
-  })
-  tags = local.tags
-}
-
-resource "aws_iam_role_policy" "lambda_execution_policy" {
-  role = aws_iam_role.lambda_execution_role.id
-  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Effect: "Allow",
-        Action: [
-          "ec2:CreateNetworkInterface",
-          "ec2:DescribeNetworkInterfaces",
-          "ec2:DeleteNetworkInterface",
-          "ec2:DescribeSecurityGroups",
-          "ec2:AssignPrivateIpAddresses",
-          "ec2:UnassignPrivateIpAddresses",
-          "ec2:DescribeSubnets",
-          "ec2:DescribeVpcs"
-        ],
-        Resource: [
-          "*"
-        ]
-      },
-      {
-        Effect: "Allow",
-        Action: [
-          "logs:CreateLogGroup",
-          "logs:CreateLogStream",
-          "logs:PutLogEvents"
-        ],
-        Resource: [
-          "arn:aws:logs:${var.region}:${var.account_id}:*"
-        ]
-      }
-    ]
-  })
-}
-
diff --git a/infra/functions/modules/lambda/security_group.tf b/infra/functions/modules/lambda/security_group.tf
deleted file mode 100644
index 95dfd4e1..00000000
--- a/infra/functions/modules/lambda/security_group.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-resource "aws_security_group" "sg_lambda" {
-  description = "${var.deployment_identifier}-lambda"
-  vpc_id = var.vpc_id
-  tags = local.tags
-  count = var.deploy_in_vpc == "yes" ? 1 : 0
-
-  ingress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_ingress_cidr_blocks
-  }
-
-  egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_egress_cidr_blocks
-  }
-}
diff --git a/infra/functions/terraform.tf b/infra/functions/terraform.tf
deleted file mode 100644
index a3531f9a..00000000
--- a/infra/functions/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
\ No newline at end of file
diff --git a/infra/image-repository/outputs.tf b/infra/image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/image-repository/provider.tf b/infra/image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-repository/repository.tf b/infra/image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/image-repository/terraform.tf b/infra/image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-repository/variables.tf b/infra/image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/bucket.tf b/infra/image-storage-bucket/bucket.tf
deleted file mode 100644
index 9cbf9bd6..00000000
--- a/infra/image-storage-bucket/bucket.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  acl = "public-read"
-  bucket_name = var.image_storage_bucket_name
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/image-storage-bucket/iam.tf b/infra/image-storage-bucket/iam.tf
deleted file mode 100644
index b9bfdd42..00000000
--- a/infra/image-storage-bucket/iam.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-resource "aws_iam_user" "image_storage" {
-  name = substr(var.image_storage_user_name, 0, 64)
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
-
-resource "aws_iam_access_key" "image_storage" {
-  user = aws_iam_user.image_storage.name
-  pgp_key = filebase64(var.image_storage_user_public_gpg_key_path)
-}
-
-resource "aws_iam_user_policy" "image_storage" {
-  name = "${var.image_storage_user_name}-policy"
-  user = aws_iam_user.image_storage.name
-
-  policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Action": [
-        "s3:DeleteObject",
-        "s3:GetObject",
-        "s3:GetObjectAcl",
-        "s3:PutObject",
-        "s3:PutObjectAcl"
-      ],
-      "Effect": "Allow",
-      "Resource": [
-        "${module.storage_bucket.bucket_arn}/*"
-      ]
-    }
-  ]
-}
-EOF
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/outputs.tf b/infra/image-storage-bucket/outputs.tf
deleted file mode 100644
index 07e52a0f..00000000
--- a/infra/image-storage-bucket/outputs.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-output "image_storage_bucket_name" {
-  value = module.storage_bucket.bucket_name
-}
-
-output "image_storage_user_access_key_id" {
-  value = aws_iam_access_key.image_storage.id
-}
-
-output "image_storage_user_secret_access_key" {
-  value = aws_iam_access_key.image_storage.encrypted_secret
-}
diff --git a/infra/image-storage-bucket/provider.tf b/infra/image-storage-bucket/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-storage-bucket/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-storage-bucket/terraform.tf b/infra/image-storage-bucket/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-storage-bucket/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-storage-bucket/variables.tf b/infra/image-storage-bucket/variables.tf
deleted file mode 100644
index 84104ad1..00000000
--- a/infra/image-storage-bucket/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "image_storage_bucket_name" {}
-variable "image_storage_user_name" {}
-variable "image_storage_user_public_gpg_key_path" {}
diff --git a/infra/keepers-image-repository/outputs.tf b/infra/keepers-image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/keepers-image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/keepers-image-repository/provider.tf b/infra/keepers-image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-image-repository/repository.tf b/infra/keepers-image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/keepers-image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/keepers-image-repository/terraform.tf b/infra/keepers-image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/keepers-image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/keepers-image-repository/variables.tf b/infra/keepers-image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/keepers-image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/keepers-service/cluster.tf b/infra/keepers-service/cluster.tf
deleted file mode 100644
index b4a8d43f..00000000
--- a/infra/keepers-service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.cluster_state_bucket_name
-    key     = var.cluster_state_key
-    region  = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/container-definitions/service.json.tpl b/infra/keepers-service/container-definitions/service.json.tpl
deleted file mode 100644
index 3ef64daf..00000000
--- a/infra/keepers-service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "API_URL", "value": "${api_url}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/keepers-service/envfiles/service.env.tpl b/infra/keepers-service/envfiles/service.env.tpl
deleted file mode 100644
index 1780456a..00000000
--- a/infra/keepers-service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,5 +0,0 @@
-TOKENS_CONTRACT_ADDRESS="${token_contact_address}"
-BOSON_ROUTER_CONTRACT_ADDRESS="${boson_router_contact_address}"
-VOUCHER_KERNEL_ADDRESS="${voucher_kernel_address}"
-GCLOUD_SECRET="${gcloud_keepers_secret}"
-ALCHEMY_URL="${alchemy_url}"
diff --git a/infra/keepers-service/image_repository.tf b/infra/keepers-service/image_repository.tf
deleted file mode 100644
index bca72e6d..00000000
--- a/infra/keepers-service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.image_repository_state_bucket_name
-    key     = var.image_repository_state_key
-    region  = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/network.tf b/infra/keepers-service/network.tf
deleted file mode 100644
index 4f174709..00000000
--- a/infra/keepers-service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.network_state_bucket_name
-    key     = var.network_state_key
-    region  = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/keepers-service/provider.tf b/infra/keepers-service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-service/roles.tf b/infra/keepers-service/roles.tf
deleted file mode 100644
index f4377d9b..00000000
--- a/infra/keepers-service/roles.tf
+++ /dev/null
@@ -1,35 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type        = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role   = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/keepers-service/secrets.tf b/infra/keepers-service/secrets.tf
deleted file mode 100644
index be94555c..00000000
--- a/infra/keepers-service/secrets.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-locals {
-  env_file_object_key = "keepers-service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket         = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_contact_address        = var.token_contact_address
-    boson_router_contact_address = var.boson_router_contact_address
-    voucher_kernel_address       = var.voucher_kernel_address
-    gcloud_keepers_secret        = var.gcloud_keepers_secret
-    alchemy_url                  = var.alchemy_url
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key     = local.env_file_object_key
-  bucket  = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/keepers-service/service.tf b/infra/keepers-service/service.tf
deleted file mode 100644
index d1d62b2e..00000000
--- a/infra/keepers-service/service.tf
+++ /dev/null
@@ -1,65 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag            = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name        = local.container_name
-    secrets_bucket_name   = var.secrets_bucket_name
-    component             = var.component
-    api_url               = "https://${data.terraform_remote_state.service.outputs.address}"
-    cluster               = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path  = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component             = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name  = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port  = var.container_http_port
-
-  service_desired_count                      = var.service_desired_count
-  service_deployment_maximum_percent         = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id               = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  attach_to_load_balancer = "no"
-}
diff --git a/infra/keepers-service/variables.tf b/infra/keepers-service/variables.tf
deleted file mode 100644
index c7ae4487..00000000
--- a/infra/keepers-service/variables.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-
-variable "token_contact_address" {}
-variable "boson_router_contact_address" {}
-variable "voucher_kernel_address" {}
-variable "alchemy_url" {}
-variable "gcloud_keepers_secret" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}
-
diff --git a/infra/service/certificate.tf b/infra/service/certificate.tf
deleted file mode 100644
index ba85e596..00000000
--- a/infra/service/certificate.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-data "aws_acm_certificate" "wildcard" {
-  domain = "*.${data.terraform_remote_state.domain.outputs.domain_name}"
-  statuses = ["ISSUED"]
-  most_recent = true
-}
diff --git a/infra/service/cluster.tf b/infra/service/cluster.tf
deleted file mode 100644
index 3b04b99c..00000000
--- a/infra/service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket = var.cluster_state_bucket_name
-    key = var.cluster_state_key
-    region = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/container-definitions/service.json.tpl b/infra/service/container-definitions/service.json.tpl
deleted file mode 100644
index 83dc3bf0..00000000
--- a/infra/service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,41 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "portMappings": [
-      {
-        "containerPort": ${container_http_port},
-        "hostPort": ${host_http_port}
-      }
-    ],
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_${host_http_port}_NAME", "value": "${container_name}-http" },
-      { "name": "SERVICE_${host_http_port}_CHECK_HTTP", "value": "/health" },
-      { "name": "SERVICE_${host_http_port}_CHECK_INTERVAL", "value": "30s" },
-      { "name": "SERVICE_${host_http_port}_CHECK_TIMEOUT", "value": "2s" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/service/database.tf b/infra/service/database.tf
deleted file mode 100644
index 3f29539a..00000000
--- a/infra/service/database.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "database" {
-  backend = "s3"
-
-  config = {
-    bucket = var.database_state_bucket_name
-    key = var.database_state_key
-    region = var.database_state_bucket_region
-    encrypt = var.database_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/domain.tf b/infra/service/domain.tf
deleted file mode 100644
index cf9f2536..00000000
--- a/infra/service/domain.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "domain" {
-  backend = "s3"
-
-  config = {
-    bucket = var.domain_state_bucket_name
-    key = var.domain_state_key
-    region = var.domain_state_bucket_region
-    encrypt = var.domain_state_bucket_is_encrypted
-  }
-}
\ No newline at end of file
diff --git a/infra/service/envfiles/service.env.tpl b/infra/service/envfiles/service.env.tpl
deleted file mode 100644
index f34d7e32..00000000
--- a/infra/service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,13 +0,0 @@
-DB_CONNECTION_STRING="${database_connection_string}"
-DB_NAME="${database_name}"
-DB_USERNAME="${database_username}"
-DB_PASSWORD="${database_password}"
-
-TOKEN_SECRET="${token_secret}"
-GCLOUD_SECRET="${gcloud_secret}"
-
-SUPERADMIN_USERNAME="${superadmin_username}"
-SUPERADMIN_PASSWORD="${superadmin_password}"
-
-IMAGE_UPLOAD_STORAGE_ENGINE="${image_upload_storage_engine}"
-IMAGE_UPLOAD_STORAGE_BUCKET_NAME="${image_upload_storage_bucket_name}"
diff --git a/infra/service/image_repository.tf b/infra/service/image_repository.tf
deleted file mode 100644
index 39767a45..00000000
--- a/infra/service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket = var.image_repository_state_bucket_name
-    key = var.image_repository_state_key
-    region = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/load_balancer.tf b/infra/service/load_balancer.tf
deleted file mode 100644
index 577bde0a..00000000
--- a/infra/service/load_balancer.tf
+++ /dev/null
@@ -1,71 +0,0 @@
-module "load_balancer" {
-  source = "infrablocks/application-load-balancer/aws"
-  version = "3.0.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.public_subnet_ids
-
-  expose_to_public_internet = "yes"
-
-  security_groups = {
-    default = {
-      associate = "yes"
-      ingress_rule = {
-        include = "yes"
-        cidrs = ["0.0.0.0/0"]
-      },
-      egress_rule = {
-        include = "yes"
-        from_port = 0
-        to_port = 65535
-        cidrs = [data.aws_vpc.vpc.cidr_block]
-      }
-    }
-  }
-
-  dns = {
-    domain_name = data.terraform_remote_state.domain.outputs.domain_name
-    records = [
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.public_zone_id
-      },
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.private_zone_id
-      }
-    ]
-  }
-
-  target_groups = [
-    {
-      key = "default"
-      port = var.host_http_port
-      protocol = "HTTP"
-      target_type = "instance"
-      health_check = {
-        path = "/health"
-        port = "traffic-port"
-        protocol = "HTTP"
-        interval = 30
-        healthy_threshold = 3
-        unhealthy_threshold = 3
-      }
-    }
-  ]
-
-  listeners = [
-    {
-      key = "default"
-      port = "443"
-      protocol = "HTTPS"
-      certificate_arn = data.aws_acm_certificate.wildcard.arn,
-      default_action = {
-        type = "forward"
-        target_group_key = "default"
-      }
-    }
-  ]
-}
diff --git a/infra/service/network.tf b/infra/service/network.tf
deleted file mode 100644
index 35857c06..00000000
--- a/infra/service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/service/outputs.tf b/infra/service/outputs.tf
deleted file mode 100644
index 8ee465d6..00000000
--- a/infra/service/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "address" {
-  value = module.load_balancer.address
-}
diff --git a/infra/service/provider.tf b/infra/service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/service/roles.tf b/infra/service/roles.tf
deleted file mode 100644
index 28b48ffc..00000000
--- a/infra/service/roles.tf
+++ /dev/null
@@ -1,49 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-
-  statement {
-    actions = [
-      "s3:DeleteObject",
-      "s3:GetObject",
-      "s3:GetObjectAcl",
-      "s3:PutObject",
-      "s3:PutObjectAcl"
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.image_upload_storage_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/service/secrets.tf b/infra/service/secrets.tf
deleted file mode 100644
index 8cd3da12..00000000
--- a/infra/service/secrets.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-locals {
-  env_file_object_key = "service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_secret = var.token_secret
-    gcloud_secret = var.gcloud_secret
-
-    image_upload_storage_engine = var.image_upload_storage_engine
-    image_upload_storage_bucket_name = var.image_upload_storage_bucket_name
-
-    superadmin_username = var.superadmin_username
-    superadmin_password = var.superadmin_password
-
-    database_connection_string = data.terraform_remote_state.database.outputs.connection_string
-    database_username = var.database_username
-    database_password = var.database_password
-    database_name = var.database_name
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key = local.env_file_object_key
-  bucket = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/service/service.tf b/infra/service/service.tf
deleted file mode 100644
index c0717015..00000000
--- a/infra/service/service.tf
+++ /dev/null
@@ -1,59 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name = local.container_name
-    container_http_port = var.container_http_port
-    host_http_port = var.host_http_port
-    secrets_bucket_name = var.secrets_bucket_name
-    component = var.component
-    cluster = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port = var.container_http_port
-
-  service_desired_count = var.service_desired_count
-  service_deployment_maximum_percent = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  target_group_arn = module.load_balancer.target_groups["default"].arn
-
-  depends_on = [
-    module.load_balancer
-  ]
-}
diff --git a/infra/service/terraform.tf b/infra/service/terraform.tf
deleted file mode 100644
index 5947770a..00000000
--- a/infra/service/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/service/variables.tf b/infra/service/variables.tf
deleted file mode 100644
index 5557c8b6..00000000
--- a/infra/service/variables.tf
+++ /dev/null
@@ -1,52 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-variable "host_http_port" {}
-
-variable "token_secret" {}
-variable "gcloud_secret" {}
-
-variable "image_upload_storage_engine" {}
-variable "image_upload_storage_bucket_name" {}
-
-variable "superadmin_username" {}
-variable "superadmin_password" {}
-
-variable "database_username" {}
-variable "database_password" {}
-variable "database_name" {}
-
-variable "domain_state_bucket_name" {}
-variable "domain_state_key" {}
-variable "domain_state_bucket_region" {}
-variable "domain_state_bucket_is_encrypted" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "database_state_bucket_name" {}
-variable "database_state_key" {}
-variable "database_state_bucket_region" {}
-variable "database_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
diff --git a/pipelines/builder/handle-pr-event/task.sh b/pipelines/builder/handle-pr-event/task.sh
deleted file mode 100755
index 6e561a3f..00000000
--- a/pipelines/builder/handle-pr-event/task.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-./go "ci:pipeline:pr:handle[${CI_DEPLOYMENT_TYPE},${CI_DEPLOYMENT_LABEL}]"
diff --git a/pipelines/builder/handle-pr-event/task.yaml b/pipelines/builder/handle-pr-event/task.yaml
deleted file mode 100644
index 405879ee..00000000
--- a/pipelines/builder/handle-pr-event/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/builder/handle-pr-event/task.sh
diff --git a/pipelines/builder/pipeline.yaml b/pipelines/builder/pipeline.yaml
deleted file mode 100644
index 99fca14a..00000000
--- a/pipelines/builder/pipeline.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-resource_types:
-  - name: pull-request
-    type: docker-image
-    source:
-      repository: teliaoss/github-pr-resource
-
-resources:
-  - name: source
-    type: pull-request
-    check_every: 1h
-    webhook_token: ((webhook_token))
-    source:
-      repository: ((source_repository_name))
-      access_token: ((github_access_token))
-      states:
-        - OPEN
-        - MERGED
-        - CLOSED
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-jobs:
-  - name: handle-pr-event
-    plan:
-      - in_parallel:
-        - get: source
-          trigger: true
-          version: every
-        - get: node-builder-image
-      - task: handle-pr-event
-        image: node-builder-image
-        file: source/pipelines/builder/handle-pr-event/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          CI_DEPLOYMENT_TYPE: ((ci_deployment_type))
-          CI_DEPLOYMENT_LABEL: ((ci_deployment_label))
diff --git a/pipelines/demo/pipeline.yaml b/pipelines/demo/pipeline.yaml
deleted file mode 100644
index 8ba5d945..00000000
--- a/pipelines/demo/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/demo/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: demo-mendelevium
-    jobs:
-      - provision-demo-mendelevium-database
-      - provision-demo-mendelevium-image-storage-bucket
-      - provision-demo-mendelevium-service
-      - provision-demo-mendelevium-keepers-service
-      - provision-demo-mendelevium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/demo/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/demo/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/demo/provision-database/task.sh b/pipelines/demo/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/demo/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-database/task.yaml b/pipelines/demo/provision-database/task.yaml
deleted file mode 100644
index a78e5f14..00000000
--- a/pipelines/demo/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-database/task.sh
diff --git a/pipelines/demo/provision-functions/task.sh b/pipelines/demo/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/demo/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-functions/task.yaml b/pipelines/demo/provision-functions/task.yaml
deleted file mode 100644
index 20dbe129..00000000
--- a/pipelines/demo/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-functions/task.sh
diff --git a/pipelines/demo/provision-image-repository/task.sh b/pipelines/demo/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/demo/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-repository/task.yaml b/pipelines/demo/provision-image-repository/task.yaml
deleted file mode 100644
index 5988fa7c..00000000
--- a/pipelines/demo/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-repository/task.sh
diff --git a/pipelines/demo/provision-image-storage-bucket/task.sh b/pipelines/demo/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-storage-bucket/task.yaml b/pipelines/demo/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 94702c62..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-storage-bucket/task.sh
diff --git a/pipelines/demo/provision-keepers-image-repository/task.sh b/pipelines/demo/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-image-repository/task.yaml b/pipelines/demo/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7a04596f..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-image-repository/task.sh
diff --git a/pipelines/demo/provision-keepers-service/task.sh b/pipelines/demo/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/demo/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-service/task.yaml b/pipelines/demo/provision-keepers-service/task.yaml
deleted file mode 100644
index 218c18e0..00000000
--- a/pipelines/demo/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-service/task.sh
diff --git a/pipelines/demo/provision-service/task.sh b/pipelines/demo/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/demo/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-service/task.yaml b/pipelines/demo/provision-service/task.yaml
deleted file mode 100644
index a75db42d..00000000
--- a/pipelines/demo/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-service/task.sh
diff --git a/pipelines/demo/publish-image-keepers/task.sh b/pipelines/demo/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/demo/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image-keepers/task.yaml b/pipelines/demo/publish-image-keepers/task.yaml
deleted file mode 100644
index 6230325e..00000000
--- a/pipelines/demo/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image-keepers/task.sh
diff --git a/pipelines/demo/publish-image/task.sh b/pipelines/demo/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/demo/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image/task.yaml b/pipelines/demo/publish-image/task.yaml
deleted file mode 100644
index 7eb822cc..00000000
--- a/pipelines/demo/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image/task.sh
diff --git a/pipelines/develop/pipeline.yaml b/pipelines/develop/pipeline.yaml
deleted file mode 100644
index be17bdf6..00000000
--- a/pipelines/develop/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/develop/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: development-plutonium
-    jobs:
-      - provision-development-plutonium-database
-      - provision-development-plutonium-image-storage-bucket
-      - provision-development-plutonium-service
-      - provision-development-plutonium-keepers-service
-      - provision-development-plutonium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/develop/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/develop/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/develop/provision-database/task.sh b/pipelines/develop/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/develop/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-database/task.yaml b/pipelines/develop/provision-database/task.yaml
deleted file mode 100644
index f814aa1c..00000000
--- a/pipelines/develop/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-database/task.sh
diff --git a/pipelines/develop/provision-functions/task.sh b/pipelines/develop/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/develop/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-functions/task.yaml b/pipelines/develop/provision-functions/task.yaml
deleted file mode 100644
index ee2f7fbe..00000000
--- a/pipelines/develop/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-functions/task.sh
diff --git a/pipelines/develop/provision-image-repository/task.sh b/pipelines/develop/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/develop/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-repository/task.yaml b/pipelines/develop/provision-image-repository/task.yaml
deleted file mode 100644
index c372b33b..00000000
--- a/pipelines/develop/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-repository/task.sh
diff --git a/pipelines/develop/provision-image-storage-bucket/task.sh b/pipelines/develop/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-storage-bucket/task.yaml b/pipelines/develop/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 57a7feea..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-storage-bucket/task.sh
diff --git a/pipelines/develop/provision-keepers-image-repository/task.sh b/pipelines/develop/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-image-repository/task.yaml b/pipelines/develop/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7f9321c3..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-image-repository/task.sh
diff --git a/pipelines/develop/provision-keepers-service/task.sh b/pipelines/develop/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/develop/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-service/task.yaml b/pipelines/develop/provision-keepers-service/task.yaml
deleted file mode 100644
index aabda087..00000000
--- a/pipelines/develop/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-service/task.sh
diff --git a/pipelines/develop/provision-service/task.sh b/pipelines/develop/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/develop/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-service/task.yaml b/pipelines/develop/provision-service/task.yaml
deleted file mode 100644
index b7524e43..00000000
--- a/pipelines/develop/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-service/task.sh
diff --git a/pipelines/develop/publish-image-keepers/task.sh b/pipelines/develop/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/develop/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image-keepers/task.yaml b/pipelines/develop/publish-image-keepers/task.yaml
deleted file mode 100644
index 10737029..00000000
--- a/pipelines/develop/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image-keepers/task.sh
diff --git a/pipelines/develop/publish-image/task.sh b/pipelines/develop/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/develop/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image/task.yaml b/pipelines/develop/publish-image/task.yaml
deleted file mode 100644
index 4b7d876d..00000000
--- a/pipelines/develop/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image/task.sh
diff --git a/pipelines/pr/pipeline.yaml b/pipelines/pr/pipeline.yaml
deleted file mode 100644
index e8ebe46f..00000000
--- a/pipelines/pr/pipeline.yaml
+++ /dev/null
@@ -1,172 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: github-status
-    type: docker-image
-    source:
-      repository: resource/github-status
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: status
-    type: github-status
-    source:
-      repo: ((source_repository_name))
-      access_token: ((github_access_token))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - put: status
-        params:
-          path: source
-          state: pending
-          context: "CI Pipeline"
-          description: "Running build..."
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success:
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/test/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success:
-      do:
-        - put: status
-          params:
-            path: source
-            state: success
-            context: "CI Pipeline"
-            description: "Pipeline succeeded."
-        - put: notify-success
-          params:
-            text: ((slack_success_message))
-            channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
diff --git a/pipelines/shared/build/task.sh b/pipelines/shared/build/task.sh
deleted file mode 100755
index 31589dde..00000000
--- a/pipelines/shared/build/task.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-./go build
diff --git a/pipelines/shared/build/task.yaml b/pipelines/shared/build/task.yaml
deleted file mode 100644
index fc3f0096..00000000
--- a/pipelines/shared/build/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/build/task.sh
diff --git a/pipelines/shared/coverage/task.sh b/pipelines/shared/coverage/task.sh
deleted file mode 100755
index 530bfde6..00000000
--- a/pipelines/shared/coverage/task.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export INCLUDE_COVERAGE="true"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
-./go "tests:app:coverage:badge"
-
-git config --global user.email "ci@redeemeum.com"
-git config --global user.name "Redeemeum CI"
-git add .
-git diff --staged --quiet || git commit -m "Update coverage badge [ci skip]"
diff --git a/pipelines/shared/coverage/task.yaml b/pipelines/shared/coverage/task.yaml
deleted file mode 100644
index 984bfab8..00000000
--- a/pipelines/shared/coverage/task.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-outputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/coverage/task.sh
diff --git a/pipelines/shared/test/task.sh b/pipelines/shared/test/task.sh
deleted file mode 100755
index 730af29f..00000000
--- a/pipelines/shared/test/task.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
diff --git a/pipelines/shared/test/task.yaml b/pipelines/shared/test/task.yaml
deleted file mode 100644
index 10068508..00000000
--- a/pipelines/shared/test/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/test/task.sh
diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml
deleted file mode 100644
index abd31d0c..00000000
--- a/pipelines/tag/pipeline.yaml
+++ /dev/null
@@ -1,366 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: git-tag
-    type: docker-image
-    source:
-      repository: sarquella/concourse-git-tag-resource
-
-resources:
-  - name: source
-    type: git-tag
-    source:
-      uri: ((source_repository_url))
-      tag_filter: v*
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/tag/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: production-oganesson
-    jobs:
-      - provision-production-oganesson-database
-      - provision-production-oganesson-image-storage-bucket
-      - provision-production-oganesson-service
-      - provision-production-oganesson-keepers-service
-      - provision-production-oganesson-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/tag/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/tag/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/tag/provision-database/task.sh b/pipelines/tag/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/tag/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-database/task.yaml b/pipelines/tag/provision-database/task.yaml
deleted file mode 100644
index df7970a2..00000000
--- a/pipelines/tag/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-database/task.sh
diff --git a/pipelines/tag/provision-functions/task.sh b/pipelines/tag/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/tag/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-functions/task.yaml b/pipelines/tag/provision-functions/task.yaml
deleted file mode 100644
index c270a36e..00000000
--- a/pipelines/tag/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-functions/task.sh
diff --git a/pipelines/tag/provision-image-repository/task.sh b/pipelines/tag/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/tag/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-repository/task.yaml b/pipelines/tag/provision-image-repository/task.yaml
deleted file mode 100644
index a17a4f2d..00000000
--- a/pipelines/tag/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-repository/task.sh
diff --git a/pipelines/tag/provision-image-storage-bucket/task.sh b/pipelines/tag/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-storage-bucket/task.yaml b/pipelines/tag/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 479a1c64..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-storage-bucket/task.sh
diff --git a/pipelines/tag/provision-keepers-image-repository/task.sh b/pipelines/tag/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-image-repository/task.yaml b/pipelines/tag/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 24720810..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-image-repository/task.sh
diff --git a/pipelines/tag/provision-keepers-service/task.sh b/pipelines/tag/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/tag/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-service/task.yaml b/pipelines/tag/provision-keepers-service/task.yaml
deleted file mode 100644
index 9778ebe9..00000000
--- a/pipelines/tag/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-service/task.sh
diff --git a/pipelines/tag/provision-service/task.sh b/pipelines/tag/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/tag/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-service/task.yaml b/pipelines/tag/provision-service/task.yaml
deleted file mode 100644
index e3af9674..00000000
--- a/pipelines/tag/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-service/task.sh
diff --git a/pipelines/tag/publish-image-keepers/task.sh b/pipelines/tag/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/tag/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image-keepers/task.yaml b/pipelines/tag/publish-image-keepers/task.yaml
deleted file mode 100644
index 59ed9854..00000000
--- a/pipelines/tag/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image-keepers/task.sh
diff --git a/pipelines/tag/publish-image/task.sh b/pipelines/tag/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/tag/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image/task.yaml b/pipelines/tag/publish-image/task.yaml
deleted file mode 100644
index b94cc567..00000000
--- a/pipelines/tag/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image/task.sh
diff --git a/state/bootstrap/bsn-demo-mendelevium.tfstate b/state/bootstrap/bsn-demo-mendelevium.tfstate
deleted file mode 100644
index c7b9b374..00000000
--- a/state/bootstrap/bsn-demo-mendelevium.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 3,
-  "lineage": "71d2f718-2aae-99a5-8641-9eff0d019205",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-demo-mendelevium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1623963485930141000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1623963485930141000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "589805729",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "325e4d711bf55ce8ba435ac8b7c4502bad8c1f3d7d4d4b88da1138e9fc9912f6",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b5645c4979a618ef68cf22030eafa93bd5469eea88c590f0232c68f348530d1d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "697d2a6ce17cbfb9c24186cebf53e57ec62026cf317cdeda47a76f410d53d1cf",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-development-plutonium.tfstate b/state/bootstrap/bsn-development-plutonium.tfstate
deleted file mode 100644
index 3bdc7207..00000000
--- a/state/bootstrap/bsn-development-plutonium.tfstate
+++ /dev/null
@@ -1,201 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.11",
-  "serial": 3,
-  "lineage": "3249ecf7-dd9f-920f-3dad-76cf395aff6b",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-development-plutonium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1620303543574032000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1620303543574032000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8cb9e9fa0d3584552ab1b25b8ef81ee01f0a665f8321c1a92757a54f5500a80d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "c7b2f9fc56462a4778d0391e67bbeed96326f542bc78c08defd206a69591cc4c",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "524d2f95c4af6949803de8b52ad6bdc18ad07ecc0d96f3807feb3cc0805aa94a",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium",
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-production-oganesson.tfstate b/state/bootstrap/bsn-production-oganesson.tfstate
deleted file mode 100644
index 88f23da2..00000000
--- a/state/bootstrap/bsn-production-oganesson.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 20,
-  "lineage": "39ebb09a-624a-613f-e210-afa6a2d7b055",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-production-oganesson",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "371854298993",
-            "arn": "arn:aws:sts::371854298993:assumed-role/cross-account-admin-role/1626182315391485000",
-            "id": "371854298993",
-            "user_id": "AROAVNFB6J5YYTJHEDVMW:1626182315391485000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8dbf8c224a07e1e86314a9d4ff9da447c0475cbb5d4541c5da5da854d13fcc90",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "660376941",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "d54313351417b65af622cd30548bcf485c6c998dbcc7a4e27cb38eda722d0b99",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "64b5682ec316d73f6bb9101337ea88e510bf74a9683abfa0d3f5fefa1280957f",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "30977d174b013d8ca1f155126b4bae742b0e29a0290da7846517759f2bb8a38c",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson",
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "bucket_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate b/state/bootstrap/rdm-management-default.tfstate
deleted file mode 100644
index 840a06de..00000000
--- a/state/bootstrap/rdm-management-default.tfstate
+++ /dev/null
@@ -1,195 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 5,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "031036423983",
-            "arn": "arn:aws:sts::031036423983:assumed-role/cross-account-admin-role/1619028282270591000",
-            "id": "031036423983",
-            "user_id": "AROAQOOPKH4XR52AY76HB:1619028282270591000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "0cf2a8e56151f1b60471b1e015ebe47bfa2c3c7db2de6914db77220528529cd9",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"031036423983\",\"384010198059\",\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "3142c89cf1a1d0bbdf3dd04dc9a10667b21611e36bceb1a38ba7e5ecf412e679",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate.backup b/state/bootstrap/rdm-management-default.tfstate.backup
deleted file mode 100644
index ce8e042a..00000000
--- a/state/bootstrap/rdm-management-default.tfstate.backup
+++ /dev/null
@@ -1,156 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 3,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b4957ff366d63181aee465dc916bc11afc77113830421a77121edf0b10c4c5e8",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment}\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/terraform/database/.terraform.lock.hcl b/terraform/database/.terraform.lock.hcl
new file mode 100644
index 00000000..f35e5a0e
--- /dev/null
+++ b/terraform/database/.terraform.lock.hcl
@@ -0,0 +1,58 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.29"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "~> 2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
+
+provider "registry.terraform.io/mongodb/mongodbatlas" {
+  version     = "0.8.2"
+  constraints = "~> 0.8, 0.8.2"
+  hashes = [
+    "h1:ry6CGqesidcJXaWDeLtqjVMxOZ5bqqLOvOtQhLDriSs=",
+    "zh:17705b49166fc296aef7300534a5c964ea8d4f6cb6616bcb8e7d3186cd1cae50",
+    "zh:39b8fdcf3262f7b2faffa41b0aed2ffdcf5ed47b985429c7bb764945f9873637",
+    "zh:3d4dbbb6be68dfea4f84172d0db9fc52dbda6025ed424ea249fb1317968b28ac",
+    "zh:525ae17dc4c2607c4ee596450fba58f5101635b05a93de2cdcb2e550b6c46abc",
+    "zh:71759a108c1499b9538ae4d54faaf66077adce90b031fc1051f484118418e6c7",
+    "zh:7a42549360c6cfb4a4f8986c9e59f8533750de964f31d4bea09e758da460b994",
+    "zh:8869872ea9bedb5a2b46637d62aaed8c886dce4579133a6f84043f540aa927cd",
+    "zh:aa3b2f8c64c9a28e96e1d23c0b21092fa0c21fbbe6d56b7f92a7d40e7d4696b7",
+    "zh:e7c85f9baeb2fb234721b2b4fba4a9620af7a5bc138f2d6c9682178b6b24ba72",
+    "zh:fa0c84bfea33a7726ed29574e58a9666cf8a9e5882b9aabd0f1899965a0c4b18",
+    "zh:fd9b995f95e58391d592cfce078f98b5657dd58452f5d049ebd1be562314ed36",
+  ]
+}
diff --git a/infra/database/cluster.tf b/terraform/database/cluster.tf
similarity index 67%
rename from infra/database/cluster.tf
rename to terraform/database/cluster.tf
index 9c2aec99..e73f9f67 100644
--- a/infra/database/cluster.tf
+++ b/terraform/database/cluster.tf
@@ -10,16 +10,16 @@ module "cluster" {
   mongo_db_major_version = var.database_version
 
   cloud_provider = {
-    name = "AWS"
-    region_name = replace(upper(var.region), "-", "_")
+    name               = "AWS"
+    region_name        = replace(upper(var.region), "-", "_")
     instance_size_name = var.database_instance_size_name
-    disk_iops = null
-    volume_type = null
-    backup_enabled = true
+    disk_iops          = null
+    volume_type        = null
+    backup_enabled     = true
     auto_scaling = {
       compute = {
-        min_instance_size: null
-        max_instance_size: null
+        min_instance_size : null
+        max_instance_size : null
       }
     }
   }
@@ -30,8 +30,8 @@ module "cluster" {
       password = var.database_service_user_password
       roles = [
         {
-          role_name = "readWriteAnyDatabase"
-          database_name = "admin"
+          role_name       = "readWriteAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
@@ -42,8 +42,8 @@ module "cluster" {
       password = var.database_read_only_user_password
       roles = [
         {
-          role_name = "readAnyDatabase"
-          database_name = "admin"
+          role_name       = "readAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
diff --git a/infra/database/endpoint.tf b/terraform/database/endpoint.tf
similarity index 68%
rename from infra/database/endpoint.tf
rename to terraform/database/endpoint.tf
index ed2bec9a..734111d5 100644
--- a/infra/database/endpoint.tf
+++ b/terraform/database/endpoint.tf
@@ -6,8 +6,8 @@ module "aws-private-endpoint" {
   deployment_identifier = var.deployment_identifier
 
   region     = var.region
-  vpc_id     = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.private_subnet_ids
+  vpc_id     = var.vpc_id
+  subnet_ids = var.private_subnet_ids
 
   project_id = module.project.project_id
 
diff --git a/infra/database/outputs.tf b/terraform/database/outputs.tf
similarity index 100%
rename from infra/database/outputs.tf
rename to terraform/database/outputs.tf
diff --git a/infra/database/project.tf b/terraform/database/project.tf
similarity index 83%
rename from infra/database/project.tf
rename to terraform/database/project.tf
index f51a78d5..c98a3405 100644
--- a/infra/database/project.tf
+++ b/terraform/database/project.tf
@@ -2,7 +2,7 @@ module "project" {
   source  = "infrablocks/project/mongodbatlas"
   version = "1.0.0"
 
-  component = var.component
+  component             = var.component
   deployment_identifier = var.deployment_identifier
 
   organization_id = var.mongodb_atlas_organization_id
diff --git a/infra/database/providers.tf b/terraform/database/providers.tf
similarity index 72%
rename from infra/database/providers.tf
rename to terraform/database/providers.tf
index 19d0a693..e2270d16 100644
--- a/infra/database/providers.tf
+++ b/terraform/database/providers.tf
@@ -3,6 +3,6 @@ provider "aws" {
 }
 
 provider "mongodbatlas" {
-  public_key = var.mongodb_atlas_public_key
+  public_key  = var.mongodb_atlas_public_key
   private_key = var.mongodb_atlas_private_key
 }
diff --git a/infra/database/terraform.tf b/terraform/database/terraform.tf
similarity index 84%
rename from infra/database/terraform.tf
rename to terraform/database/terraform.tf
index 8907a147..e239d3a8 100644
--- a/infra/database/terraform.tf
+++ b/terraform/database/terraform.tf
@@ -3,10 +3,10 @@ terraform {
 
   required_providers {
     mongodbatlas = {
-      source = "mongodb/mongodbatlas"
+      source  = "mongodb/mongodbatlas"
       version = "0.8.2"
     }
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.29"
     }
diff --git a/infra/database/variables.tf b/terraform/database/variables.tf
similarity index 76%
rename from infra/database/variables.tf
rename to terraform/database/variables.tf
index 21901ef1..169b17f8 100644
--- a/infra/database/variables.tf
+++ b/terraform/database/variables.tf
@@ -17,7 +17,7 @@ variable "mongodb_atlas_organization_id" {}
 variable "mongodb_atlas_public_key" {}
 variable "mongodb_atlas_private_key" {}
 
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
+variable "vpc_id" {}
+variable "private_subnet_ids" {
+  type = list(string)
+}
\ No newline at end of file
diff --git a/terraform/functions/.terraform.lock.hcl b/terraform/functions/.terraform.lock.hcl
new file mode 100644
index 00000000..63a0aaf0
--- /dev/null
+++ b/terraform/functions/.terraform.lock.hcl
@@ -0,0 +1,75 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/archive" {
+  version = "2.2.0"
+  hashes = [
+    "h1:CIWi5G6ob7p2wWoThRQbOB8AbmFlCzp7Ka81hR3cVp0=",
+    "zh:06bd875932288f235c16e2237142b493c2c2b6aba0e82e8c85068332a8d2a29e",
+    "zh:0c681b481372afcaefddacc7ccdf1d3bb3a0c0d4678a526bc8b02d0c331479bc",
+    "zh:100fc5b3fc01ea463533d7bbfb01cb7113947a969a4ec12e27f5b2be49884d6c",
+    "zh:55c0d7ddddbd0a46d57c51fcfa9b91f14eed081a45101dbfc7fd9d2278aa1403",
+    "zh:73a5dd68379119167934c48afa1101b09abad2deb436cd5c446733e705869d6b",
+    "zh:841fc4ac6dc3479981330974d44ad2341deada8a5ff9e3b1b4510702dfbdbed9",
+    "zh:91be62c9b41edb137f7f835491183628d484e9d6efa82fcb75cfa538c92791c5",
+    "zh:acd5f442bd88d67eb948b18dc2ed421c6c3faee62d3a12200e442bfff0aa7d8b",
+    "zh:ad5720da5524641ad718a565694821be5f61f68f1c3c5d2cfa24426b8e774bef",
+    "zh:e63f12ea938520b3f83634fc29da28d92eed5cfbc5cc8ca08281a6a9c36cca65",
+    "zh:f6542918faa115df46474a36aabb4c3899650bea036b5f8a5e296be6f8f25767",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.16, ~> 3.33"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version = "3.1.0"
+  hashes = [
+    "h1:vpC6bgUQoJ0znqIKVFevOdq+YQw42bRq0u+H3nto8nA=",
+    "zh:02a1675fd8de126a00460942aaae242e65ca3380b5bb192e8773ef3da9073fd2",
+    "zh:53e30545ff8926a8e30ad30648991ca8b93b6fa496272cd23b26763c8ee84515",
+    "zh:5f9200bf708913621d0f6514179d89700e9aa3097c77dac730e8ba6e5901d521",
+    "zh:9ebf4d9704faba06b3ec7242c773c0fbfe12d62db7d00356d4f55385fc69bfb2",
+    "zh:a6576c81adc70326e4e1c999c04ad9ca37113a6e925aefab4765e5a5198efa7e",
+    "zh:a8a42d13346347aff6c63a37cda9b2c6aa5cc384a55b2fe6d6adfa390e609c53",
+    "zh:c797744d08a5307d50210e0454f91ca4d1c7621c68740441cf4579390452321d",
+    "zh:cecb6a304046df34c11229f20a80b24b1603960b794d68361a67c5efe58e62b8",
+    "zh:e1371aa1e502000d9974cfaff5be4cfa02f47b17400005a16f14d2ef30dc2a70",
+    "zh:fc39cc1fe71234a0b0369d5c5c7f876c71b956d23d7d6f518289737a001ba69b",
+    "zh:fea4227271ebf7d9e2b61b89ce2328c7262acd9fd190e1fd6d15a591abfa848e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
diff --git a/infra/functions/lambda.tf b/terraform/functions/lambda.tf
similarity index 90%
rename from infra/functions/lambda.tf
rename to terraform/functions/lambda.tf
index f38e8b85..76b6a410 100644
--- a/infra/functions/lambda.tf
+++ b/terraform/functions/lambda.tf
@@ -1,14 +1,4 @@
 data "aws_caller_identity" "caller" {}
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
 
 resource "aws_secretsmanager_secret" "keepers_secretsmanager_secret" {
   name = "keepersServiceSMSecrets-${var.deployment_identifier}"
@@ -24,7 +14,7 @@ resource "aws_secretsmanager_secret_version" "keepers_secretsmanager_secret_vers
     etherscanapikey      = var.etherscan_apikey
     infuraapikey         = var.infura_apikey
     voucherkerneladdress = var.voucher_kernel_address
-    apiurl               = "https://${data.terraform_remote_state.service.outputs.address}"
+    apiurl               = var.api_url
   }))
 }
 
@@ -86,16 +76,16 @@ data "aws_iam_policy_document" "execution_policy" {
 }
 
 module "expirations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerExpirations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerExpirations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerExpirations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -138,16 +128,16 @@ resource "aws_lambda_permission" "expirations_lambda_permission" {
 }
 
 module "finalizations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerFinalizations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerFinalizations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerFinalizations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -190,16 +180,16 @@ resource "aws_lambda_permission" "finalizations_lambda_permission" {
 }
 
 module "withdrawals_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerWithdrawals.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 256
diff --git a/terraform/functions/modules/lambda/iam.tf b/terraform/functions/modules/lambda/iam.tf
new file mode 100644
index 00000000..d6fef4ab
--- /dev/null
+++ b/terraform/functions/modules/lambda/iam.tf
@@ -0,0 +1,57 @@
+data "aws_caller_identity" "current" {
+}
+
+resource "aws_iam_role" "lambda_execution_role" {
+  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Action : "sts:AssumeRole",
+          Principal : {
+            "Service" : "lambda.amazonaws.com"
+          },
+          Effect : "Allow"
+        }
+      ]
+  })
+  tags = local.tags
+}
+
+resource "aws_iam_role_policy" "lambda_execution_policy" {
+  role = aws_iam_role.lambda_execution_role.id
+  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Effect : "Allow",
+          Action : [
+            "ec2:CreateNetworkInterface",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DescribeSecurityGroups",
+            "ec2:AssignPrivateIpAddresses",
+            "ec2:UnassignPrivateIpAddresses",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs"
+          ],
+          Resource : [
+            "*"
+          ]
+        },
+        {
+          Effect : "Allow",
+          Action : [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          Resource : [
+            "arn:aws:logs:${var.region}:${var.account_id}:*"
+          ]
+        }
+      ]
+  })
+}
+
diff --git a/infra/functions/modules/lambda/lambda.tf b/terraform/functions/modules/lambda/lambda.tf
similarity index 100%
rename from infra/functions/modules/lambda/lambda.tf
rename to terraform/functions/modules/lambda/lambda.tf
diff --git a/infra/functions/modules/lambda/locals.tf b/terraform/functions/modules/lambda/locals.tf
similarity index 74%
rename from infra/functions/modules/lambda/locals.tf
rename to terraform/functions/modules/lambda/locals.tf
index 4c1a0f09..96c053ea 100644
--- a/infra/functions/modules/lambda/locals.tf
+++ b/terraform/functions/modules/lambda/locals.tf
@@ -1,6 +1,6 @@
 locals {
   base_tags = {
-    "Component" = var.component,
+    "Component"            = var.component,
     "DeploymentIdentifier" = var.deployment_identifier
   }
 
diff --git a/infra/functions/modules/lambda/outputs.tf b/terraform/functions/modules/lambda/outputs.tf
similarity index 95%
rename from infra/functions/modules/lambda/outputs.tf
rename to terraform/functions/modules/lambda/outputs.tf
index 18f2d6fd..cdcdeb66 100644
--- a/infra/functions/modules/lambda/outputs.tf
+++ b/terraform/functions/modules/lambda/outputs.tf
@@ -41,5 +41,5 @@ output "iam_role_name" {
   value = aws_iam_role.lambda_execution_role.name
 }
 output "iam_role_policy_name" {
-  value =  aws_iam_role_policy.lambda_execution_policy.name
+  value = aws_iam_role_policy.lambda_execution_policy.name
 }
diff --git a/terraform/functions/modules/lambda/security_group.tf b/terraform/functions/modules/lambda/security_group.tf
new file mode 100644
index 00000000..c9bb2855
--- /dev/null
+++ b/terraform/functions/modules/lambda/security_group.tf
@@ -0,0 +1,20 @@
+resource "aws_security_group" "sg_lambda" {
+  description = "${var.deployment_identifier}-lambda"
+  vpc_id      = var.vpc_id
+  tags        = local.tags
+  count       = var.deploy_in_vpc == "yes" ? 1 : 0
+
+  ingress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_ingress_cidr_blocks
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_egress_cidr_blocks
+  }
+}
diff --git a/infra/functions/modules/lambda/terraform.tf b/terraform/functions/modules/lambda/terraform.tf
similarity index 88%
rename from infra/functions/modules/lambda/terraform.tf
rename to terraform/functions/modules/lambda/terraform.tf
index a7ab87fb..c7b0c196 100644
--- a/infra/functions/modules/lambda/terraform.tf
+++ b/terraform/functions/modules/lambda/terraform.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.14"
 
   required_providers {
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.33"
     }
diff --git a/infra/functions/modules/lambda/variables.tf b/terraform/functions/modules/lambda/variables.tf
similarity index 100%
rename from infra/functions/modules/lambda/variables.tf
rename to terraform/functions/modules/lambda/variables.tf
diff --git a/infra/functions/outputs.tf b/terraform/functions/outputs.tf
similarity index 100%
rename from infra/functions/outputs.tf
rename to terraform/functions/outputs.tf
diff --git a/infra/functions/provider.tf b/terraform/functions/provider.tf
similarity index 100%
rename from infra/functions/provider.tf
rename to terraform/functions/provider.tf
diff --git a/infra/keepers-service/terraform.tf b/terraform/functions/terraform.tf
similarity index 100%
rename from infra/keepers-service/terraform.tf
rename to terraform/functions/terraform.tf
diff --git a/infra/functions/variables.tf b/terraform/functions/variables.tf
similarity index 62%
rename from infra/functions/variables.tf
rename to terraform/functions/variables.tf
index 2a4bbcfb..6d03dec0 100644
--- a/infra/functions/variables.tf
+++ b/terraform/functions/variables.tf
@@ -2,14 +2,10 @@ variable "region" {}
 variable "component" {}
 variable "deployment_identifier" {}
 
+variable "api_url" {}
 variable "gcloud_keepers_secret" {}
 variable "cashier_address" {}
 variable "executor_secret" {}
 variable "etherscan_apikey" {}
 variable "infura_apikey" {}
 variable "voucher_kernel_address" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}

From 421fb5d922184957920e105e7a19dc2e42e49832 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 23:00:26 +0000
Subject: [PATCH 06/18] [ADD] Helm chart

---
 .github/workflows/main.yaml        | 20 +++++--
 helm/.helmignore                   | 23 ++++++++
 helm/Chart.yaml                    |  6 ++
 helm/templates/_helpers.tpl        | 71 ++++++++++++++++++++++
 helm/templates/deployment.yaml     | 95 ++++++++++++++++++++++++++++++
 helm/templates/hpa.yaml            | 58 ++++++++++++++++++
 helm/templates/ingress.yaml        | 42 +++++++++++++
 helm/templates/service.yaml        | 15 +++++
 helm/templates/serviceaccount.yaml | 25 ++++++++
 helm/values.yaml                   | 84 ++++++++++++++++++++++++++
 10 files changed, 435 insertions(+), 4 deletions(-)
 create mode 100644 helm/.helmignore
 create mode 100644 helm/Chart.yaml
 create mode 100644 helm/templates/_helpers.tpl
 create mode 100644 helm/templates/deployment.yaml
 create mode 100644 helm/templates/hpa.yaml
 create mode 100644 helm/templates/ingress.yaml
 create mode 100644 helm/templates/service.yaml
 create mode 100644 helm/templates/serviceaccount.yaml
 create mode 100644 helm/values.yaml

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 128ed465..3520b2a3 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -2,8 +2,8 @@ name: Build and Deploy leptonite.io
 
 on:
   push:
-    branches:
-      - radu/migration
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
@@ -50,10 +50,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/reference-backend:$TAG .
+          docker push $REGISTRY /bsn/reference-backend:$TAG
 
   keepers:
     name: Keepers related tasks
@@ -81,10 +85,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/keepers:$TAG .
+          docker push $REGISTRY /bsn/keepers:$TAG
 
   triggers:
     name: Triggers related tasks
@@ -123,3 +131,7 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: terraform plan -no-color
+      - name: Terraform Apply
+        if: ${{ github.event_name == 'push' }}
+        id: apply
+        run: terraform apply -auto-approve
diff --git a/helm/.helmignore b/helm/.helmignore
new file mode 100644
index 00000000..0e8a0eb3
--- /dev/null
+++ b/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
new file mode 100644
index 00000000..83a6a103
--- /dev/null
+++ b/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: reference-backend
+description: A Helm chart for deploying the Leptonite.io backend on Kubernetes
+type: application
+version: 0.1.0
+appVersion: "1.16.0"
diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl
new file mode 100644
index 00000000..733ad228
--- /dev/null
+++ b/helm/templates/_helpers.tpl
@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "reference-backend.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "reference-backend.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "reference-backend.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels for backend
+*/}}
+{{- define "reference-backend.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for backend
+*/}}
+{{- define "reference-backend.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels for keepers
+*/}}
+{{- define "reference-backend-keepers.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend-keepers.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for keepers
+*/}}
+{{- define "reference-backend-keepers.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}-keepers
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml
new file mode 100644
index 00000000..54ae2fc4
--- /dev/null
+++ b/helm/templates/deployment.yaml
@@ -0,0 +1,95 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.backend.autoscaling.enabled }}
+  replicas: {{ .Values.backend.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.backend.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: http
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.backend.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.backend.envFilePath }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.keepers.autoscaling.enabled }}
+  replicas: {{ .Values.keepers.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend-keepers.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend-keepers.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.keepers.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}-keepers
+          image: "{{ .Values.keepers.image.repository }}:{{ .Values.keepers.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.keepers.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.keepers.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.keepers.envFilePath }}
+            - name: API_URL
+              value: {{ .Values.keepers.apiUrl }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml
new file mode 100644
index 00000000..fa9c224b
--- /dev/null
+++ b/helm/templates/hpa.yaml
@@ -0,0 +1,58 @@
+{{- if .Values.backend.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}
+  minReplicas: {{ .Values.backend.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+{{- if .Values.keepers.autoscaling.enabled }}
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+  {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}-keepers
+  minReplicas: {{ .Values.keepers.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.keepers.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+
diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml
new file mode 100644
index 00000000..0ebb163e
--- /dev/null
+++ b/helm/templates/ingress.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "reference-backend.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.ingress.tls.enabled }}
+  tls:
+    {{- range .Values.ingress.hosts }}
+    - hosts:
+      - {{ .host | quote }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+    {{- end }}
+{{- end }}
diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml
new file mode 100644
index 00000000..1d90f181
--- /dev/null
+++ b/helm/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "reference-backend.selectorLabels" . | nindent 4 }}
diff --git a/helm/templates/serviceaccount.yaml b/helm/templates/serviceaccount.yaml
new file mode 100644
index 00000000..44983c16
--- /dev/null
+++ b/helm/templates/serviceaccount.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.backend.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.backend.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.backend.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- if .Values.keepers.serviceAccount.create }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.keepers.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+  {{- with .Values.keepers.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/helm/values.yaml b/helm/values.yaml
new file mode 100644
index 00000000..4a808435
--- /dev/null
+++ b/helm/values.yaml
@@ -0,0 +1,84 @@
+# Default values for portal-backend.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+backend:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/reference-backend
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: { }
+    name: "backend"
+keepers:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/keepers
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  apiUrl: dummy
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: {}
+    name: "keepers"
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+service:
+  type: NodePort
+  port: 3000
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    alb.ingress.kubernetes.io/backend-protocol: HTTP
+    alb.ingress.kubernetes.io/healthcheck-path: /health
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/load-balancer-attributes: routing.http2.enabled=true,idle_timeout.timeout_seconds=120
+  hosts:
+    - host: chart-example.local
+  tls:
+    enabled: true
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local

From 3ee1e5e2594501eda2f2abffb9a65f12512aea9e Mon Sep 17 00:00:00 2001
From: HristiyanG <hristiyan@limechain.tech>
Date: Fri, 20 Aug 2021 15:22:26 +0300
Subject: [PATCH 07/18] bump ethers to latest

---
 external/keepers/package-lock.json            | 609 +++++++++---------
 external/keepers/package.json                 |   2 +-
 .../triggerExpirations/src/package.json       |   2 +-
 .../triggerFinalizations/src/package.json     |   4 +-
 .../triggerWithdrawals/src/package.json       |   2 +-
 package-lock.json                             | 603 ++++++++---------
 package.json                                  |   2 +-
 7 files changed, 617 insertions(+), 607 deletions(-)

diff --git a/external/keepers/package-lock.json b/external/keepers/package-lock.json
index 07b581b7..76e50d0f 100644
--- a/external/keepers/package-lock.json
+++ b/external/keepers/package-lock.json
@@ -5,379 +5,371 @@
   "requires": true,
   "dependencies": {
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
+      "requires": {
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
-      },
-      "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
-          }
-        }
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "aes-js": {
@@ -399,9 +391,9 @@
       "integrity": "sha512-s0IrSOzLlbvX7yp4WBfPITzpAU8sqQcpsmwXDiKwrG4r491vwCO/XpejasRNl0piBMe/DvP4Tz0mIS/X1DPJBQ=="
     },
     "bn.js": {
-      "version": "4.11.9",
-      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz",
-      "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw=="
+      "version": "4.12.0",
+      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
+      "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA=="
     },
     "brorand": {
       "version": "1.1.0",
@@ -429,17 +421,17 @@
       "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
     },
     "elliptic": {
-      "version": "6.5.3",
-      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
-      "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "version": "6.5.4",
+      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+      "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
       "requires": {
-        "bn.js": "^4.4.0",
-        "brorand": "^1.0.1",
+        "bn.js": "^4.11.9",
+        "brorand": "^1.1.0",
         "hash.js": "^1.0.0",
-        "hmac-drbg": "^1.0.0",
-        "inherits": "^2.0.1",
-        "minimalistic-assert": "^1.0.0",
-        "minimalistic-crypto-utils": "^1.0.0"
+        "hmac-drbg": "^1.0.1",
+        "inherits": "^2.0.4",
+        "minimalistic-assert": "^1.0.1",
+        "minimalistic-crypto-utils": "^1.0.1"
       }
     },
     "env-cmd": {
@@ -452,39 +444,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.4",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.4.tgz",
-      "integrity": "sha512-/VzvmgsrBDOxGo+WIZD7kKXcEUFCrr53P40w5fk1EcGYidv+XVbtTWil5FMsijV6BVXTKqxwMv7hDvKLAObfNQ==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.0",
-        "@ethersproject/abstract-provider": "^5.0.0",
-        "@ethersproject/abstract-signer": "^5.0.0",
-        "@ethersproject/address": "^5.0.0",
-        "@ethersproject/base64": "^5.0.0",
-        "@ethersproject/bignumber": "^5.0.0",
-        "@ethersproject/bytes": "^5.0.0",
-        "@ethersproject/constants": "^5.0.0",
-        "@ethersproject/contracts": "^5.0.0",
-        "@ethersproject/hash": "^5.0.0",
-        "@ethersproject/hdnode": "^5.0.0",
-        "@ethersproject/json-wallets": "^5.0.0",
-        "@ethersproject/keccak256": "^5.0.0",
-        "@ethersproject/logger": "^5.0.0",
-        "@ethersproject/networks": "^5.0.0",
-        "@ethersproject/pbkdf2": "^5.0.0",
-        "@ethersproject/properties": "^5.0.0",
-        "@ethersproject/providers": "^5.0.0",
-        "@ethersproject/random": "^5.0.0",
-        "@ethersproject/rlp": "^5.0.0",
-        "@ethersproject/sha2": "^5.0.0",
-        "@ethersproject/signing-key": "^5.0.0",
-        "@ethersproject/solidity": "^5.0.0",
-        "@ethersproject/strings": "^5.0.0",
-        "@ethersproject/transactions": "^5.0.0",
-        "@ethersproject/units": "^5.0.0",
-        "@ethersproject/wallet": "^5.0.0",
-        "@ethersproject/web": "^5.0.0",
-        "@ethersproject/wordlists": "^5.0.0"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "follow-redirects": {
@@ -568,9 +561,9 @@
       }
     },
     "ws": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "version": "7.4.6",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+      "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
     }
   }
 }
diff --git a/external/keepers/package.json b/external/keepers/package.json
index abcb1649..1b7fe72b 100644
--- a/external/keepers/package.json
+++ b/external/keepers/package.json
@@ -15,6 +15,6 @@
     "axios": "^0.21.1",
     "dotenv": "^8.2.0",
     "env-cmd": "^10.1.0",
-    "ethers": "^5.0.4"
+    "ethers": "^5.4.5"
   }
 }
diff --git a/external/lambdas/triggerExpirations/src/package.json b/external/lambdas/triggerExpirations/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerExpirations/src/package.json
+++ b/external/lambdas/triggerExpirations/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerFinalizations/src/package.json b/external/lambdas/triggerFinalizations/src/package.json
index f0cafe14..f9231f9a 100644
--- a/external/lambdas/triggerFinalizations/src/package.json
+++ b/external/lambdas/triggerFinalizations/src/package.json
@@ -3,13 +3,13 @@
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
-    "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
+  "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
  },
  "dependencies": {
   "@aws-sdk/client-s3": "^3.3.0",
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerWithdrawals/src/package.json b/external/lambdas/triggerWithdrawals/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerWithdrawals/src/package.json
+++ b/external/lambdas/triggerWithdrawals/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/package-lock.json b/package-lock.json
index 0f8407f7..0fa4a321 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -421,379 +421,394 @@
       }
     },
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
       "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
+      },
+      "dependencies": {
+        "ws": {
+          "version": "7.4.6",
+          "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+          "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
+        }
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
+      }
+    },
+    "@ethersproject/signing-key": {
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       },
       "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
+        "elliptic": {
+          "version": "6.5.4",
+          "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+          "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
+          "requires": {
+            "bn.js": "^4.11.9",
+            "brorand": "^1.1.0",
+            "hash.js": "^1.0.0",
+            "hmac-drbg": "^1.0.1",
+            "inherits": "^2.0.4",
+            "minimalistic-assert": "^1.0.1",
+            "minimalistic-crypto-utils": "^1.0.1"
           }
         }
       }
     },
-    "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
-      }
-    },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@google-cloud/common": {
@@ -3437,6 +3452,7 @@
       "version": "6.5.3",
       "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
       "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "dev": true,
       "requires": {
         "bn.js": "^4.4.0",
         "brorand": "^1.0.1",
@@ -4014,40 +4030,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.26",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.26.tgz",
-      "integrity": "sha512-MqA8Fvutn3qEW0yBJOHeV6KZmRpF2rqlL2B5058AGkUFsuu6j5Ns/FRlMsbGeQwBz801IB23jQp7vjRfFsKSkg==",
-      "requires": {
-        "@ethersproject/abi": "5.0.10",
-        "@ethersproject/abstract-provider": "5.0.8",
-        "@ethersproject/abstract-signer": "5.0.11",
-        "@ethersproject/address": "5.0.9",
-        "@ethersproject/base64": "5.0.7",
-        "@ethersproject/basex": "5.0.7",
-        "@ethersproject/bignumber": "5.0.13",
-        "@ethersproject/bytes": "5.0.9",
-        "@ethersproject/constants": "5.0.8",
-        "@ethersproject/contracts": "5.0.9",
-        "@ethersproject/hash": "5.0.10",
-        "@ethersproject/hdnode": "5.0.8",
-        "@ethersproject/json-wallets": "5.0.10",
-        "@ethersproject/keccak256": "5.0.7",
-        "@ethersproject/logger": "5.0.8",
-        "@ethersproject/networks": "5.0.7",
-        "@ethersproject/pbkdf2": "5.0.7",
-        "@ethersproject/properties": "5.0.7",
-        "@ethersproject/providers": "5.0.19",
-        "@ethersproject/random": "5.0.7",
-        "@ethersproject/rlp": "5.0.7",
-        "@ethersproject/sha2": "5.0.7",
-        "@ethersproject/signing-key": "5.0.8",
-        "@ethersproject/solidity": "5.0.8",
-        "@ethersproject/strings": "5.0.8",
-        "@ethersproject/transactions": "5.0.9",
-        "@ethersproject/units": "5.0.9",
-        "@ethersproject/wallet": "5.0.10",
-        "@ethersproject/web": "5.0.12",
-        "@ethersproject/wordlists": "5.0.8"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "ethjs-util": {
@@ -11674,7 +11690,8 @@
     "ws": {
       "version": "7.2.3",
       "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ==",
+      "dev": true
     },
     "xdg-basedir": {
       "version": "4.0.0",
diff --git a/package.json b/package.json
index 7bc4fc96..98a126b6 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "cors": "^2.8.5",
     "dotenv": "^8.2.0",
     "eslint-plugin-import": "^2.22.1",
-    "ethers": "^5.0.24",
+    "ethers": "^5.4.5",
     "express": "^4.17.1",
     "express-basic-auth": "^1.2.0",
     "form-data": "^4.0.0",

From 2017f4c0a74459c5d14beb3edab02b3b01952820 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 14:45:36 +0000
Subject: [PATCH 08/18] [ADD] Github Actions

---
 .git-crypt/.gitattributes                     |   4 -
 ...ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg | Bin 470 -> 0 bytes
 ...BCDE40E6B92375882CAF869801BFBDC5D7F579.gpg | Bin 726 -> 0 bytes
 ...D2606F66C3FF28874362B61A16916844CE9D82.gpg | Bin 470 -> 0 bytes
 ...4145CFE7938B456B337E514F2AE1DED258B20E.gpg | Bin 726 -> 0 bytes
 ...76184B551B037240C4D457AFD792BACA20583D.gpg | Bin 470 -> 0 bytes
 .gitattributes                                |   1 -
 .github/workflows/main.yaml                   | 125 +++
 .gitignore                                    |  36 +
 .ruby-version                                 |   1 -
 image/Dockerfile => Dockerfile                |   4 -
 Gemfile                                       |  10 -
 Gemfile.lock                                  | 157 ----
 Rakefile                                      | 812 ------------------
 config/ci/rdm-management-default.yaml         |  20 -
 config/defaults.yaml                          |  32 -
 config/deployments/bsn-demo-mendelevium.yaml  |  73 --
 .../bsn-development-plutonium.yaml            |  73 --
 .../deployments/bsn-production-oganesson.yaml |  73 --
 config/deployments/local-development.yaml     |  21 -
 config/deployments/local-testing.yaml         |  14 -
 .../deployments/rdm-management-default.yaml   |  58 --
 config/hiera.yaml                             |  19 -
 config/pipelines/defaults.yaml                |  16 -
 config/roles/bootstrap.yaml                   |  11 -
 config/roles/builder-pipeline.yaml            |  20 -
 config/roles/database.yaml                    |  29 -
 config/roles/demo-pipeline.yaml               |  29 -
 config/roles/develop-pipeline.yaml            |  29 -
 config/roles/functions.yaml                   |  24 -
 config/roles/image-repository.yaml            |  13 -
 config/roles/image-storage-bucket.yaml        |  17 -
 config/roles/integration-tests.yaml           |   9 -
 config/roles/keepers-image-repository.yaml    |  13 -
 config/roles/keepers-service.yaml             |  46 -
 config/roles/local-app.yaml                   |  18 -
 config/roles/pr-pipeline.yaml                 |  20 -
 config/roles/service.yaml                     |  59 --
 config/roles/tag-pipeline.yaml                |  29 -
 config/secrets/.unlocked                      | Bin 27 -> 0 bytes
 config/secrets/app/bsn-demo-mendelevium.yaml  | Bin 809 -> 0 bytes
 .../app/bsn-development-plutonium.yaml        | Bin 809 -> 0 bytes
 .../secrets/app/bsn-production-oganesson.yaml | Bin 809 -> 0 bytes
 config/secrets/app/gpg.passphrase             | Bin 70 -> 0 bytes
 config/secrets/app/gpg.private                | Bin 2993 -> 0 bytes
 config/secrets/app/gpg.public                 | Bin 1599 -> 0 bytes
 config/secrets/app/local-development.yaml     | Bin 240 -> 0 bytes
 config/secrets/app/local-testing.yaml         | Bin 240 -> 0 bytes
 .../database/bsn-demo-mendelevium.yaml        | Bin 280 -> 0 bytes
 .../database/bsn-development-plutonium.yaml   | Bin 280 -> 0 bytes
 .../database/bsn-production-oganesson.yaml    | Bin 280 -> 0 bytes
 .../database/rdm-management-default.yaml      | Bin 280 -> 0 bytes
 config/secrets/gcp/local-development.yaml     | Bin 108 -> 0 bytes
 config/secrets/gcp/local-testing.yaml         | Bin 108 -> 0 bytes
 .../secrets/gcp/test-bucket-credentials.json  | Bin 2384 -> 0 bytes
 config/secrets/mongodbatlas/credentials.yaml  | Bin 187 -> 0 bytes
 config/secrets/pipeline/constants.yaml        | Bin 7826 -> 0 bytes
 .../pipeline/rdm-management-default.yaml      | Bin 240 -> 0 bytes
 ...cker-entrypoint.sh => docker-entrypoint.sh |   0
 .../keepers}/Dockerfile                       |   4 -
 .../keepers}/docker-entrypoint.sh             |   0
 go                                            |  97 ---
 infra/bootstrap/bucket.tf                     |  23 -
 infra/bootstrap/outputs.tf                    |   3 -
 .../policies/storage-bucket-policy.json.tpl   |  22 -
 infra/bootstrap/providers.tf                  |   3 -
 infra/bootstrap/terraform.tf                  |  14 -
 infra/bootstrap/variables.tf                  |  12 -
 infra/database/network.tf                     |  10 -
 infra/functions/modules/lambda/iam.tf         |  57 --
 .../modules/lambda/security_group.tf          |  20 -
 infra/functions/terraform.tf                  |  16 -
 infra/image-repository/outputs.tf             |   6 -
 infra/image-repository/provider.tf            |   3 -
 infra/image-repository/repository.tf          |  31 -
 infra/image-repository/terraform.tf           |  12 -
 infra/image-repository/variables.tf           |   8 -
 infra/image-storage-bucket/bucket.tf          |  15 -
 infra/image-storage-bucket/iam.tf             |  40 -
 infra/image-storage-bucket/outputs.tf         |  11 -
 infra/image-storage-bucket/provider.tf        |   3 -
 infra/image-storage-bucket/terraform.tf       |  12 -
 infra/image-storage-bucket/variables.tf       |   9 -
 infra/keepers-image-repository/outputs.tf     |   6 -
 infra/keepers-image-repository/provider.tf    |   3 -
 infra/keepers-image-repository/repository.tf  |  31 -
 infra/keepers-image-repository/terraform.tf   |  12 -
 infra/keepers-image-repository/variables.tf   |   8 -
 infra/keepers-service/cluster.tf              |  10 -
 .../container-definitions/service.json.tpl    |  32 -
 .../keepers-service/envfiles/service.env.tpl  |   5 -
 infra/keepers-service/image_repository.tf     |  10 -
 infra/keepers-service/network.tf              |  14 -
 infra/keepers-service/provider.tf             |   3 -
 infra/keepers-service/roles.tf                |  35 -
 infra/keepers-service/secrets.tf              |  32 -
 infra/keepers-service/service.tf              |  65 --
 infra/keepers-service/variables.tf            |  39 -
 infra/service/certificate.tf                  |   5 -
 infra/service/cluster.tf                      |  10 -
 .../container-definitions/service.json.tpl    |  41 -
 infra/service/database.tf                     |  10 -
 infra/service/domain.tf                       |  10 -
 infra/service/envfiles/service.env.tpl        |  13 -
 infra/service/image_repository.tf             |  10 -
 infra/service/load_balancer.tf                |  71 --
 infra/service/network.tf                      |  14 -
 infra/service/outputs.tf                      |   3 -
 infra/service/provider.tf                     |   3 -
 infra/service/roles.tf                        |  49 --
 infra/service/secrets.tf                      |  40 -
 infra/service/service.tf                      |  59 --
 infra/service/terraform.tf                    |  16 -
 infra/service/variables.tf                    |  52 --
 pipelines/builder/handle-pr-event/task.sh     |  15 -
 pipelines/builder/handle-pr-event/task.yaml   |   8 -
 pipelines/builder/pipeline.yaml               |  39 -
 pipelines/demo/pipeline.yaml                  | 372 --------
 pipelines/demo/provision-database/task.sh     |  27 -
 pipelines/demo/provision-database/task.yaml   |   8 -
 pipelines/demo/provision-functions/task.sh    |  27 -
 pipelines/demo/provision-functions/task.yaml  |   8 -
 .../demo/provision-image-repository/task.sh   |  27 -
 .../demo/provision-image-repository/task.yaml |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../demo/provision-keepers-service/task.sh    |  31 -
 .../demo/provision-keepers-service/task.yaml  |   9 -
 pipelines/demo/provision-service/task.sh      |  31 -
 pipelines/demo/provision-service/task.yaml    |   9 -
 pipelines/demo/publish-image-keepers/task.sh  |  34 -
 .../demo/publish-image-keepers/task.yaml      |  11 -
 pipelines/demo/publish-image/task.sh          |  34 -
 pipelines/demo/publish-image/task.yaml        |  11 -
 pipelines/develop/pipeline.yaml               | 372 --------
 pipelines/develop/provision-database/task.sh  |  27 -
 .../develop/provision-database/task.yaml      |   8 -
 pipelines/develop/provision-functions/task.sh |  27 -
 .../develop/provision-functions/task.yaml     |   8 -
 .../provision-image-repository/task.sh        |  27 -
 .../provision-image-repository/task.yaml      |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../develop/provision-keepers-service/task.sh |  31 -
 .../provision-keepers-service/task.yaml       |   9 -
 pipelines/develop/provision-service/task.sh   |  31 -
 pipelines/develop/provision-service/task.yaml |   9 -
 .../develop/publish-image-keepers/task.sh     |  34 -
 .../develop/publish-image-keepers/task.yaml   |  11 -
 pipelines/develop/publish-image/task.sh       |  34 -
 pipelines/develop/publish-image/task.yaml     |  11 -
 pipelines/pr/pipeline.yaml                    | 172 ----
 pipelines/shared/build/task.sh                |  12 -
 pipelines/shared/build/task.yaml              |   9 -
 pipelines/shared/coverage/task.sh             |  33 -
 pipelines/shared/coverage/task.yaml           |  12 -
 pipelines/shared/test/task.sh                 |  25 -
 pipelines/shared/test/task.yaml               |   9 -
 pipelines/tag/pipeline.yaml                   | 366 --------
 pipelines/tag/provision-database/task.sh      |  27 -
 pipelines/tag/provision-database/task.yaml    |   8 -
 pipelines/tag/provision-functions/task.sh     |  27 -
 pipelines/tag/provision-functions/task.yaml   |   8 -
 .../tag/provision-image-repository/task.sh    |  27 -
 .../tag/provision-image-repository/task.yaml  |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../tag/provision-keepers-service/task.sh     |  31 -
 .../tag/provision-keepers-service/task.yaml   |   9 -
 pipelines/tag/provision-service/task.sh       |  31 -
 pipelines/tag/provision-service/task.yaml     |   9 -
 pipelines/tag/publish-image-keepers/task.sh   |  34 -
 pipelines/tag/publish-image-keepers/task.yaml |  11 -
 pipelines/tag/publish-image/task.sh           |  34 -
 pipelines/tag/publish-image/task.yaml         |  11 -
 state/bootstrap/bsn-demo-mendelevium.tfstate  | 225 -----
 .../bsn-development-plutonium.tfstate         | 201 -----
 .../bsn-production-oganesson.tfstate          | 225 -----
 .../bootstrap/rdm-management-default.tfstate  | 195 -----
 .../rdm-management-default.tfstate.backup     | 156 ----
 terraform/database/.terraform.lock.hcl        |  58 ++
 {infra => terraform}/database/cluster.tf      |  22 +-
 {infra => terraform}/database/endpoint.tf     |   4 +-
 {infra => terraform}/database/outputs.tf      |   0
 {infra => terraform}/database/project.tf      |   2 +-
 {infra => terraform}/database/providers.tf    |   2 +-
 {infra => terraform}/database/terraform.tf    |   4 +-
 {infra => terraform}/database/variables.tf    |   8 +-
 terraform/functions/.terraform.lock.hcl       |  75 ++
 {infra => terraform}/functions/lambda.tf      |  30 +-
 terraform/functions/modules/lambda/iam.tf     |  57 ++
 .../functions/modules/lambda/lambda.tf        |   0
 .../functions/modules/lambda/locals.tf        |   2 +-
 .../functions/modules/lambda/outputs.tf       |   2 +-
 .../modules/lambda/security_group.tf          |  20 +
 .../functions/modules/lambda/terraform.tf     |   2 +-
 .../functions/modules/lambda/variables.tf     |   0
 {infra => terraform}/functions/outputs.tf     |   0
 {infra => terraform}/functions/provider.tf    |   0
 .../functions}/terraform.tf                   |   0
 {infra => terraform}/functions/variables.tf   |   6 +-
 207 files changed, 406 insertions(+), 6429 deletions(-)
 delete mode 100644 .git-crypt/.gitattributes
 delete mode 100644 .git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
 delete mode 100644 .git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
 delete mode 100644 .git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
 delete mode 100644 .git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
 delete mode 100644 .git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
 create mode 100644 .github/workflows/main.yaml
 delete mode 100644 .ruby-version
 rename image/Dockerfile => Dockerfile (94%)
 delete mode 100644 Gemfile
 delete mode 100644 Gemfile.lock
 delete mode 100644 Rakefile
 delete mode 100644 config/ci/rdm-management-default.yaml
 delete mode 100644 config/defaults.yaml
 delete mode 100644 config/deployments/bsn-demo-mendelevium.yaml
 delete mode 100644 config/deployments/bsn-development-plutonium.yaml
 delete mode 100644 config/deployments/bsn-production-oganesson.yaml
 delete mode 100644 config/deployments/local-development.yaml
 delete mode 100644 config/deployments/local-testing.yaml
 delete mode 100644 config/deployments/rdm-management-default.yaml
 delete mode 100644 config/hiera.yaml
 delete mode 100644 config/pipelines/defaults.yaml
 delete mode 100644 config/roles/bootstrap.yaml
 delete mode 100644 config/roles/builder-pipeline.yaml
 delete mode 100644 config/roles/database.yaml
 delete mode 100644 config/roles/demo-pipeline.yaml
 delete mode 100644 config/roles/develop-pipeline.yaml
 delete mode 100644 config/roles/functions.yaml
 delete mode 100644 config/roles/image-repository.yaml
 delete mode 100644 config/roles/image-storage-bucket.yaml
 delete mode 100644 config/roles/integration-tests.yaml
 delete mode 100644 config/roles/keepers-image-repository.yaml
 delete mode 100644 config/roles/keepers-service.yaml
 delete mode 100644 config/roles/local-app.yaml
 delete mode 100644 config/roles/pr-pipeline.yaml
 delete mode 100644 config/roles/service.yaml
 delete mode 100644 config/roles/tag-pipeline.yaml
 delete mode 100644 config/secrets/.unlocked
 delete mode 100644 config/secrets/app/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/app/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/app/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/app/gpg.passphrase
 delete mode 100644 config/secrets/app/gpg.private
 delete mode 100644 config/secrets/app/gpg.public
 delete mode 100644 config/secrets/app/local-development.yaml
 delete mode 100644 config/secrets/app/local-testing.yaml
 delete mode 100644 config/secrets/database/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/database/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/database/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/database/rdm-management-default.yaml
 delete mode 100644 config/secrets/gcp/local-development.yaml
 delete mode 100644 config/secrets/gcp/local-testing.yaml
 delete mode 100644 config/secrets/gcp/test-bucket-credentials.json
 delete mode 100644 config/secrets/mongodbatlas/credentials.yaml
 delete mode 100644 config/secrets/pipeline/constants.yaml
 delete mode 100644 config/secrets/pipeline/rdm-management-default.yaml
 rename image/docker-entrypoint.sh => docker-entrypoint.sh (100%)
 rename {image-keepers => external/keepers}/Dockerfile (94%)
 rename {image-keepers => external/keepers}/docker-entrypoint.sh (100%)
 delete mode 100755 go
 delete mode 100644 infra/bootstrap/bucket.tf
 delete mode 100644 infra/bootstrap/outputs.tf
 delete mode 100644 infra/bootstrap/policies/storage-bucket-policy.json.tpl
 delete mode 100644 infra/bootstrap/providers.tf
 delete mode 100644 infra/bootstrap/terraform.tf
 delete mode 100644 infra/bootstrap/variables.tf
 delete mode 100644 infra/database/network.tf
 delete mode 100644 infra/functions/modules/lambda/iam.tf
 delete mode 100644 infra/functions/modules/lambda/security_group.tf
 delete mode 100644 infra/functions/terraform.tf
 delete mode 100644 infra/image-repository/outputs.tf
 delete mode 100644 infra/image-repository/provider.tf
 delete mode 100644 infra/image-repository/repository.tf
 delete mode 100644 infra/image-repository/terraform.tf
 delete mode 100644 infra/image-repository/variables.tf
 delete mode 100644 infra/image-storage-bucket/bucket.tf
 delete mode 100644 infra/image-storage-bucket/iam.tf
 delete mode 100644 infra/image-storage-bucket/outputs.tf
 delete mode 100644 infra/image-storage-bucket/provider.tf
 delete mode 100644 infra/image-storage-bucket/terraform.tf
 delete mode 100644 infra/image-storage-bucket/variables.tf
 delete mode 100644 infra/keepers-image-repository/outputs.tf
 delete mode 100644 infra/keepers-image-repository/provider.tf
 delete mode 100644 infra/keepers-image-repository/repository.tf
 delete mode 100644 infra/keepers-image-repository/terraform.tf
 delete mode 100644 infra/keepers-image-repository/variables.tf
 delete mode 100644 infra/keepers-service/cluster.tf
 delete mode 100644 infra/keepers-service/container-definitions/service.json.tpl
 delete mode 100644 infra/keepers-service/envfiles/service.env.tpl
 delete mode 100644 infra/keepers-service/image_repository.tf
 delete mode 100644 infra/keepers-service/network.tf
 delete mode 100644 infra/keepers-service/provider.tf
 delete mode 100644 infra/keepers-service/roles.tf
 delete mode 100644 infra/keepers-service/secrets.tf
 delete mode 100644 infra/keepers-service/service.tf
 delete mode 100644 infra/keepers-service/variables.tf
 delete mode 100644 infra/service/certificate.tf
 delete mode 100644 infra/service/cluster.tf
 delete mode 100644 infra/service/container-definitions/service.json.tpl
 delete mode 100644 infra/service/database.tf
 delete mode 100644 infra/service/domain.tf
 delete mode 100644 infra/service/envfiles/service.env.tpl
 delete mode 100644 infra/service/image_repository.tf
 delete mode 100644 infra/service/load_balancer.tf
 delete mode 100644 infra/service/network.tf
 delete mode 100644 infra/service/outputs.tf
 delete mode 100644 infra/service/provider.tf
 delete mode 100644 infra/service/roles.tf
 delete mode 100644 infra/service/secrets.tf
 delete mode 100644 infra/service/service.tf
 delete mode 100644 infra/service/terraform.tf
 delete mode 100644 infra/service/variables.tf
 delete mode 100755 pipelines/builder/handle-pr-event/task.sh
 delete mode 100644 pipelines/builder/handle-pr-event/task.yaml
 delete mode 100644 pipelines/builder/pipeline.yaml
 delete mode 100644 pipelines/demo/pipeline.yaml
 delete mode 100755 pipelines/demo/provision-database/task.sh
 delete mode 100644 pipelines/demo/provision-database/task.yaml
 delete mode 100755 pipelines/demo/provision-functions/task.sh
 delete mode 100644 pipelines/demo/provision-functions/task.yaml
 delete mode 100755 pipelines/demo/provision-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/demo/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-service/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/demo/provision-service/task.sh
 delete mode 100644 pipelines/demo/provision-service/task.yaml
 delete mode 100755 pipelines/demo/publish-image-keepers/task.sh
 delete mode 100644 pipelines/demo/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/demo/publish-image/task.sh
 delete mode 100644 pipelines/demo/publish-image/task.yaml
 delete mode 100644 pipelines/develop/pipeline.yaml
 delete mode 100755 pipelines/develop/provision-database/task.sh
 delete mode 100644 pipelines/develop/provision-database/task.yaml
 delete mode 100755 pipelines/develop/provision-functions/task.sh
 delete mode 100644 pipelines/develop/provision-functions/task.yaml
 delete mode 100755 pipelines/develop/provision-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/develop/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-service/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/develop/provision-service/task.sh
 delete mode 100644 pipelines/develop/provision-service/task.yaml
 delete mode 100755 pipelines/develop/publish-image-keepers/task.sh
 delete mode 100644 pipelines/develop/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/develop/publish-image/task.sh
 delete mode 100644 pipelines/develop/publish-image/task.yaml
 delete mode 100644 pipelines/pr/pipeline.yaml
 delete mode 100755 pipelines/shared/build/task.sh
 delete mode 100644 pipelines/shared/build/task.yaml
 delete mode 100755 pipelines/shared/coverage/task.sh
 delete mode 100644 pipelines/shared/coverage/task.yaml
 delete mode 100755 pipelines/shared/test/task.sh
 delete mode 100644 pipelines/shared/test/task.yaml
 delete mode 100644 pipelines/tag/pipeline.yaml
 delete mode 100755 pipelines/tag/provision-database/task.sh
 delete mode 100644 pipelines/tag/provision-database/task.yaml
 delete mode 100755 pipelines/tag/provision-functions/task.sh
 delete mode 100644 pipelines/tag/provision-functions/task.yaml
 delete mode 100755 pipelines/tag/provision-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/tag/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-service/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/tag/provision-service/task.sh
 delete mode 100644 pipelines/tag/provision-service/task.yaml
 delete mode 100755 pipelines/tag/publish-image-keepers/task.sh
 delete mode 100644 pipelines/tag/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/tag/publish-image/task.sh
 delete mode 100644 pipelines/tag/publish-image/task.yaml
 delete mode 100644 state/bootstrap/bsn-demo-mendelevium.tfstate
 delete mode 100644 state/bootstrap/bsn-development-plutonium.tfstate
 delete mode 100644 state/bootstrap/bsn-production-oganesson.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate.backup
 create mode 100644 terraform/database/.terraform.lock.hcl
 rename {infra => terraform}/database/cluster.tf (67%)
 rename {infra => terraform}/database/endpoint.tf (68%)
 rename {infra => terraform}/database/outputs.tf (100%)
 rename {infra => terraform}/database/project.tf (83%)
 rename {infra => terraform}/database/providers.tf (72%)
 rename {infra => terraform}/database/terraform.tf (84%)
 rename {infra => terraform}/database/variables.tf (76%)
 create mode 100644 terraform/functions/.terraform.lock.hcl
 rename {infra => terraform}/functions/lambda.tf (90%)
 create mode 100644 terraform/functions/modules/lambda/iam.tf
 rename {infra => terraform}/functions/modules/lambda/lambda.tf (100%)
 rename {infra => terraform}/functions/modules/lambda/locals.tf (74%)
 rename {infra => terraform}/functions/modules/lambda/outputs.tf (95%)
 create mode 100644 terraform/functions/modules/lambda/security_group.tf
 rename {infra => terraform}/functions/modules/lambda/terraform.tf (88%)
 rename {infra => terraform}/functions/modules/lambda/variables.tf (100%)
 rename {infra => terraform}/functions/outputs.tf (100%)
 rename {infra => terraform}/functions/provider.tf (100%)
 rename {infra/keepers-service => terraform/functions}/terraform.tf (100%)
 rename {infra => terraform}/functions/variables.tf (62%)

diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
deleted file mode 100644
index 665b10e8..00000000
--- a/.git-crypt/.gitattributes
+++ /dev/null
@@ -1,4 +0,0 @@
-# Do not edit this file.  To specify the files to encrypt, create your own
-# .gitattributes file in the directory where your files are.
-* !filter !diff
-*.gpg binary
diff --git a/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg b/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
deleted file mode 100644
index 33fd86c80e8c41e0fbbef0c94a4f51dcf8153360..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp5{(iS6;rKeW`2mgA=J1%tk6B%+%YSE{k<#x3Qd6g&J3HksZL}gat
z%a?q$%B+ZQzuURXH$dt-i-cw9I=1*LT<fvEc^BW3oliWN4HXMOo4EpSCDGDSI_RfY
zJscKq;Pbp75J!qb%A_`^V#8%yn-BtV8e7%UkG!}ps01O;0?LEc+9tFv4X4^WW8rJ}
zZQjT9lWIS}TLY`c5LDsT7LZr_OFgFUJ9mf7+WAGfQO}9kOsflu<}OuqH@0Y&I%-&%
z6JpJ4;k9a(tP)$WM2?KTT^X*usUNFaa&b%Vhr+Ww$a?y(vDtm_bF1)Zy?6$*{my)!
zCLwU*!x*mVwqV}}>?Ots4d&9o1Oe}2=k}=UwHMUVppF9oT<Z()(b+EUJJhwfS>k9#
zGFmG@m#3+LJf$|s%DJHoN}LKoo7QQnM^CsD$@1eGjW(rhK&|@HsL@=T^mBWg0X2f4
z6zG@V19R9~c^oV-q>c+jI*Z>M2<1e#QxS!}!0bpiNVWExB^A@@vF0-m*A&9AlYXJz
zJ^oy!Ngl$&8AO;2s%X+HjPD4b_MLPa>5|9VeC8p=VGn!ZD~C~c`;|J+{yXVr-(vpk
M<@|B8n?QFjjqAGa?EnA(

diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
deleted file mode 100644
index 95cac3c1ed16dc0219ed9d3d0895974b570b55a5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^E$BT+qSxOk%h5C2qaLjb-Nj4WwQ;o<(j`@I@%9RY=x987d2`V2X&
zV<H-pSCUw?c1mSkTho)Mr(dFdn~@KW+bAiU#Le9Zd82Qt@At>{JqQ6Zqs>NpK`F&g
zoX`rk+8nsLnvRCNm&U~Q^R&8T`9(t=D)CHjg50j>d@;;WU>Cj6gmL2c41`jQR_kw*
zqlA}tWB_PTLk+cVL`0}7K7HVoZ9L#JfJK!1PhjNLYUQoudU}%9wFil_MM@A)>BhSW
zIAGlE^>~S24j(NeSA`=;bVg$WGs_xH|4gu)yJ70pF8+7t9%l<>PXb~NTc}nD{M=hJ
z-MTg~+km@i`&~CN5&U$5tHd61QX&z|oAkuM48DjJX=){urk(4yNK;a8c6soIN@i71
zE7-_GsFvN&!-wjA*3mWQ`D-<!bSW3#DQ)q>-uFP7<*AkfAr!a{?cu3t$X1}<M~dZn
zwqnJ0<gEHLs_DNje6yUuEJN74on~+N?;1TxS$_}I*y-}x@K%^;b=W9<=hJ2gLvDRF
zx4>_Vcvgv|Mg(asgOVNE5c7{uHeVk1=<k%!VA$%Zj63i_H?8QBuvnUz4=NCct#rH-
zn7tnt^;F4*M$8g^48N2bX+MukTEk(o7-36Hd^n9X^9h!({0K9a=zD3z!2zCWQ7Rrs
z!K&mBJmLwv6c@ym=Y!I~1OdnY>hv1O=?`pxV14tJuH)$93xqTwnhqWF3s*<o_MI=Y
zpZnPPH52Rqsag{lNtEbRpp)2yC|i>|c6@(XY2oBu?GIC4&fOE^^A2F-|DlSYcLYeT
z$`MioQ6bW@Olxx@tA0rvruk-N>#@Wq*hGYIiN1~_;?M;qK(qYYVkAyX6n*Qb7KY2O
zd+{!8LjEismTEbwsSdTnwoinmFEW!cs3U42kk^V^_-I}AUA`KB_y&Z?G_&xSfLsBI
Is7Os=GN>zQjsO4v

diff --git a/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg b/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
deleted file mode 100644
index 15900f7566055946c478dcd99ac764e666c943e4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp8EeDc3*iP`D_2mf{OYfFk@1O4@HO7uU^0&(WrS7b%)abi}dUeUgR
zmiGA}HKq_t50|o~@DLvZX)bF9R4JJ2Lzd-4{fiMis@MhQ{5N3CD{)qiPOzyE2LxX;
z;P6WQZJL(NQ>b~Xe9IYN%HS`R;gMwZ(+PaKX|Fhe5wZL!oG)6@N%r8krXDIS=MIOJ
z-TAdMHzMc4x7!Uk{3w&K&V)%^BcgOTD8=?Mfyz2lWY`L~y5lR3G<hs+E885y#`wCL
z8hXjv9&XxU!vWZ(F5L@`H~=0}h@v(qi|^Nb2RA?%&>LbBgBaMOyY)k8{Lv}+fj2EF
z9pm*5n&}v$*<r_hloj*N)@#zh1ObCU&h5s}p;5KH1_6!W&)UNvm=9*AX0up^jtB9X
z?!nxvF*_{k1E_w)P1ruBtO&S0TLhAhQ~D_nN*(Leue<<*69iIokj0fWQDhkZLtGO>
z9e8J_iuH08BhFVmud1fdjEUjj%Q<sHY%ik=?b6aS(f~Jy<=J}AijB1Askf=!hQ}dG
z@H_{D*|VPp`vMUAKY?iSd7gVC6u&*`{K*>C0XSi)SWTXsspF$F*#!bC8lp|K0z?<O
MVmGSDj)@;ea$!H{JOBUy

diff --git a/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg b/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
deleted file mode 100644
index 6dab001c6dd6e3198fbabaf745b1c8251585db3e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^Erfx44{9v21y5CFL&5X4e&mNU1x?7ZvW3WFG`5m=2E$cJ+2>0iwc
zc_1~5Zo+^ju6b38F}8?7ahInDD(~bwF>tnT6570Nj$BFwMd}ka?+LSS+KBhwa-rE<
zhT-%<l&$Hc!i+zt6F%$ITi_t8xX~JEb(U#q3w-!dKK*!G$0nraKhXE6-s|Pm2el@e
z!l;kEPrxi~Rt4(!)Xwq3mt+-<46~o684`_(nl52D$l4Cp3Q_i2kX6F{nO4u3g;?4x
zlaFBsJR_}!kN#yIM@ta^FrNvs>Lp8>W^#YN55*LgLt77tVnC<#kOff5mqJjPAcMry
zI29%{*aA(~KTq2?WJAa*OuZAqH;GKkSHc&O)`Ey~WeFg_A(bUo?b|iy<eN~%T72J3
z({=kv5OAzmaW)N^)iWJv)o4sZ4|!-q61@Y-MCDMDw7~?Wf;o9`qNQ$nazwd~JIU}H
zir23dUq5g+<9coO0(GQFza;YjB>>&sL2=4SEk@Wz$9J4CY<03yen<abLxy$cYjI{@
zo;yt+>3f0%x1m3nj5#J$1^_zgqT_Cku$=OsnZN59#Btw!PHT8otn0z{LWLTydw1mj
z8_Lq;i5!t4HJO)QModqkx-K`YviwTdxZax31&kqz^oeA)4|YY79FRZsGC~Jd=;x;(
ze&3+k{*l@rnv@VHImFVy1OZI0wpoU&nZGoQX`QExp-}Id*DP*4hEv0CA!^4>s<`hZ
z0Lm{el>=V(DRon8v1D=Q?jJ&!)mNO7Hb1w~m=mTWlGBh89s=?tvwY~s%#%r(S?A2o
ztfUwC`o-{9jJ_WBzPmbff3MVKKQ~6?G2d3<nuZ(tluQ31tXI8vLhQkUz_{lPrUa7a
z!hMS_wX(i@wSHVqr;Q^?Db#A69AvFkdb@A_5Wm~(WJnJWG;nI-tJ2eik5>{Ntl^*r
IQ92T~OC$eeeE<Le

diff --git a/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg b/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
deleted file mode 100644
index 764c18307541f4ba8416fa094cefbd60fc1aaabe..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp81;6RTHb>!Ir2mrW82U4e_-!;@@K#ni@!WYQfJ5FtSd_yx9DCjcA
zz95}Wxm8HzC1&7OhlW6ndnNn@W{+aU6ijwnyJe4R(P+8<r@0$75M-%o*uv?wG(>M4
zS;fN@(4M_lOPMzB4zpM&g6p%({r?1FMQ~w?U=u}=FR2OxlzKdh9658)b$<MV#od{4
zS93xdk9z*7dVFDoOT4XOkBOwy1KjsB&i;+A){iTe?VZQOQJjFqR$1*ZjcGL_pj#Ib
zAn5!5*7&X8{0h8YK~G4qVZIlz2*TAFs&b0d`%`{Px(WZS?pfD4dhT3mo`=-&ZtFCy
zr*YS%Ch&*in7&@+ljtRSssz%&1OaS&3sNsnmUT-oClWxMJ;-lAkgxRI*G&hD^u}#S
zEGCF<gg&|}j=?^OzK>soe84x^lX8a;4hK?trT<4=_*317&8%g)zK^mJ@bP6NfMSHR
zl&Krj-9;3;p*hum6e7qi1Ao=AxdS>F`)xsJs?g@DK!{?6$0QI{h*<liVs7x$_L2Tj
zX5lbDJ*Z5+`mXfKx^Nn+jotq0jkTsGtB<IwPM<8~C*UC9TqY6n_n~+?)2l;b>Cu&d
Mt0twE#yl1Ow9Ojtp8x;=

diff --git a/.gitattributes b/.gitattributes
index 986e6e4e..52031de5 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1 @@
-config/secrets/** filter=git-crypt diff=git-crypt
 *.sol linguist-language=Solidity
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 00000000..128ed465
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,125 @@
+name: Build and Deploy leptonite.io
+
+on:
+  push:
+    branches:
+      - radu/migration
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  api:
+    name: API related tasks
+    runs-on: ubuntu-latest
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    services:
+      mongodb:
+        image: mongo:4.4.8
+        ports:
+          - 27017:27017
+        env:
+          MONGO_INITDB_ROOT_USERNAME: admin
+          MONGO_INITDB_ROOT_PASSWORD: secret
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - run: npm run app:lint
+      - run: npm run app:format
+      - run: npm run tests:app:lint
+      - run: npm run tests:app:format
+      - run: npm run tests:app:unit:coverage
+      - run: npm run tests:app:persistence:coverage
+      - run: npm run tests:app:persistence
+      - run: npm run tests:app:component:coverage
+      - run: npm run tests:app:component
+      - run: npm run tests:coverage:badge
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+
+  keepers:
+    name: Keepers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./external/keepers"
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+
+  triggers:
+    name: Triggers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./terraform/functions"
+    steps:
+      - uses: actions/checkout@v2
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_wrapper: false
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check -recursive
+      - name: Terraform Init
+        id: init
+        run: terraform init -backend-config=$TF_BACKEND_BUCKET -backend-config=$TF_BACKEND_STATE_KEY -backend-config='region=eu-west-2' -backend-config='encrypt=true'
+        env:
+          TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }}
+          TF_BACKEND_STATE_KEY: ${{ secrets.TF_BACKEND_STATE_KEY }}
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+      - run: 'echo "$TFVARS" > terraform.tfvars'
+        shell: bash
+        env:
+          TFVARS: ${{ secrets.TFVARS }}
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -no-color
diff --git a/.gitignore b/.gitignore
index 9432f1a4..9a2b04dd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,39 @@ node_modules
 
 # Personal Preferences
 .vscode
+
+### Terraform template
+# Local .terraform directories
+terraform/**/.terraform/**
+
+# .tfstate files
+terraform/*.tfstate
+terraform/*.tfstate.*
+
+# Crash log files
+terraform/crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+terraform/*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+terraform/override.tf
+terraform/override.tf.json
+terraform/*_override.tf
+terraform/*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+terraform/.terraformrc
+terraform/terraform.rc
\ No newline at end of file
diff --git a/.ruby-version b/.ruby-version
deleted file mode 100644
index fbafd6b6..00000000
--- a/.ruby-version
+++ /dev/null
@@ -1 +0,0 @@
-2.7.2
\ No newline at end of file
diff --git a/image/Dockerfile b/Dockerfile
similarity index 94%
rename from image/Dockerfile
rename to Dockerfile
index 7c30762b..deaf505f 100644
--- a/image/Dockerfile
+++ b/Dockerfile
@@ -26,9 +26,5 @@ RUN cd /opt/reference-backend \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/reference-backend/bin/docker-entrypoint.sh"]
diff --git a/Gemfile b/Gemfile
deleted file mode 100644
index fa40e32d..00000000
--- a/Gemfile
+++ /dev/null
@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'rake', '~> 13.0'
-gem 'rake_terraform', '~> 1.19'
-gem 'rake_docker', '~> 2.13'
-gem 'rake_fly', '~> 2.7'
-gem 'rake_gpg', '~> 0.16'
-gem 'git', '~> 1.8'
-gem 'confidante', '~> 0.27'
-gem 'shivers', '~> 0.5'
diff --git a/Gemfile.lock b/Gemfile.lock
deleted file mode 100644
index a7dfb8bf..00000000
--- a/Gemfile.lock
+++ /dev/null
@@ -1,157 +0,0 @@
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activesupport (6.1.3.2)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    aws-eventstream (1.1.1)
-    aws-partitions (1.465.0)
-    aws-sdk-core (3.114.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.239.0)
-      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
-    aws-sdk-ecr (1.42.0)
-      aws-sdk-core (~> 3, >= 3.112.0)
-      aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.2.3)
-      aws-eventstream (~> 1, >= 1.0.2)
-    colored2 (3.1.2)
-    concourse.rb (0.4.0)
-      dry-schema (~> 0.5)
-      excon (~> 0.72)
-      semantic (~> 1.5)
-    concurrent-ruby (1.1.8)
-    confidante (0.27.0)
-      activesupport (>= 4)
-      hiera (~> 3.3, >= 3.3.1)
-      shikashi (~> 0.6)
-    docker-api (1.34.2)
-      excon (>= 0.47.0)
-      multi_json
-    dry-configurable (0.12.1)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5.0)
-    dry-container (0.7.2)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.1, >= 0.1.3)
-    dry-core (0.5.0)
-      concurrent-ruby (~> 1.0)
-    dry-equalizer (0.3.0)
-    dry-inflector (0.2.0)
-    dry-initializer (3.0.4)
-    dry-logic (1.2.0)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5)
-    dry-schema (0.6.0)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.8, >= 0.8.0)
-      dry-core (~> 0.4)
-      dry-equalizer (~> 0.2)
-      dry-initializer (~> 3.0)
-      dry-logic (~> 1.0)
-      dry-types (~> 1.0)
-    dry-types (1.5.1)
-      concurrent-ruby (~> 1.0)
-      dry-container (~> 0.3)
-      dry-core (~> 0.5, >= 0.5)
-      dry-inflector (~> 0.1, >= 0.1.2)
-      dry-logic (~> 1.0, >= 1.0.2)
-    evalhook (0.6.0)
-      partialruby (~> 0.3)
-      sexp_processor (~> 4.0)
-    excon (0.82.0)
-    getsource (0.2.2)
-    git (1.8.1)
-      rchardet (~> 1.8)
-    hamster (3.0.0)
-      concurrent-ruby (~> 1.0)
-    hiera (3.7.0)
-    i18n (1.8.10)
-      concurrent-ruby (~> 1.0)
-    immutable-struct (2.4.1)
-    jmespath (1.4.0)
-    lino (3.0.0)
-      hamster (~> 3.0)
-      open4 (~> 1.3)
-    minitar (0.9)
-    minitest (5.14.4)
-    multi_json (1.15.0)
-    open4 (1.3.4)
-    partialruby (0.3.0)
-      ruby2ruby (~> 2)
-      ruby_parser (~> 3)
-    rake (13.0.3)
-    rake_dependencies (2.11.0)
-      hamster (~> 3.0)
-      minitar (~> 0.9)
-      rake_factory (~> 0.23)
-      rubyzip (>= 1.3)
-    rake_docker (2.13.0)
-      aws-sdk-ecr (~> 1.2)
-      colored2 (~> 3.1)
-      docker-api (~> 1.34)
-      rake_factory (~> 0.23)
-    rake_factory (0.29.0)
-      activesupport (>= 4)
-      rake (~> 13.0)
-    rake_fly (2.7.0)
-      concourse.rb (>= 0.4)
-      rake_dependencies (~> 2, < 3)
-      rake_factory (>= 0.29, < 1)
-      ruby_fly (>= 0.35)
-      semantic (~> 1.6.1)
-    rake_gpg (0.16.0)
-      rake_factory (>= 0.23, < 1)
-      ruby_gpg2 (>= 0.6, < 1)
-    rake_terraform (1.19.0)
-      colored2 (~> 3.1)
-      rake_dependencies (~> 2.11)
-      rake_factory (~> 0.23)
-      ruby-terraform (~> 1.1)
-    rchardet (1.8.0)
-    ruby-terraform (1.2.0)
-      immutable-struct (~> 2.4)
-      lino (~> 3.0)
-    ruby2ruby (2.4.4)
-      ruby_parser (~> 3.1)
-      sexp_processor (~> 4.6)
-    ruby_fly (0.35.0)
-      lino (>= 1.5)
-    ruby_gpg2 (0.8.0)
-      lino (>= 1.5)
-    ruby_parser (3.16.0)
-      sexp_processor (~> 4.15, >= 4.15.1)
-    rubyzip (2.3.0)
-    semantic (1.6.1)
-    sexp_processor (4.15.3)
-    shikashi (0.6.0)
-      evalhook (>= 0.6.0)
-      getsource (>= 0.1.0)
-    shivers (0.5.0)
-      semantic (~> 1.6)
-    tzinfo (2.0.4)
-      concurrent-ruby (~> 1.0)
-    zeitwerk (2.4.2)
-
-PLATFORMS
-  arm64-darwin-20
-  x86_64-darwin-19
-  x86_64-darwin-20
-  x86_64-linux
-
-DEPENDENCIES
-  confidante (~> 0.27)
-  git (~> 1.8)
-  rake (~> 13.0)
-  rake_docker (~> 2.13)
-  rake_fly (~> 2.7)
-  rake_gpg (~> 0.16)
-  rake_terraform (~> 1.19)
-  shivers (~> 0.5)
-
-BUNDLED WITH
-   2.2.18
diff --git a/Rakefile b/Rakefile
deleted file mode 100644
index d0c002de..00000000
--- a/Rakefile
+++ /dev/null
@@ -1,812 +0,0 @@
-require 'git'
-require 'confidante'
-require 'rake_terraform'
-require 'ruby_terraform/output'
-require 'rake_docker'
-require 'rake_fly'
-require 'rake_gpg'
-require 'rake_factory/kernel_extensions'
-require 'shivers'
-
-configuration = Confidante.configuration
-version = Shivers::Version.from_file('build/version')
-
-Docker.options = {
-  read_timeout: 300
-}
-
-RakeFly.define_installation_tasks(version: '6.7.2')
-RakeTerraform.define_installation_tasks(
-  path: File.join(Dir.pwd, 'vendor', 'terraform'),
-  version: '0.15.4')
-
-task :default => [
-  :build_fix,
-  :test
-]
-
-task :build => [
-  :"app:lint",
-  :"app:format",
-  :"tests:app:lint",
-  :"tests:app:format"
-]
-
-task :build_fix => [
-  :"app:lint_fix",
-  :"app:format_fix",
-  :"tests:app:lint_fix",
-  :"tests:app:format_fix"
-]
-
-namespace :keys do
-  namespace :app do
-    namespace :passphrase do
-      task :generate do
-        File.open('config/secrets/app/gpg.passphrase', 'w') do |f|
-          f.write(SecureRandom.base64(36))
-        end
-      end
-    end
-
-    namespace :gpg do
-      RakeGPG.define_generate_key_task(
-          output_directory: 'config/secrets/app',
-          name_prefix: 'gpg',
-          armor: false,
-          owner_name: 'Leptonite Maintainers',
-          owner_email: 'maintainers@leptonite.io',
-          owner_comment: 'Service key'
-      ) do |t|
-        t.passphrase =
-            File.read('config/secrets/app/gpg.passphrase')
-      end
-    end
-
-    task generate: %w[passphrase:generate gpg:generate]
-  end
-end
-
-task :test, [:deployment_type, :deployment_label] do |_, args|
-  [
-    :'tests:app:unit',
-    :'tests:app:persistence',
-    :'tests:app:component'
-  ].each do |task_name|
-    Rake::Task[task_name].invoke(*args)
-  end
-end
-
-namespace :secrets do
-  desc 'Check if secrets are readable'
-  task :check do
-    if File.exist?('config/secrets')
-      puts 'Checking if secrets are accessible.'
-      unless File.read('config/secrets/.unlocked').strip == "true"
-        raise RuntimeError, Paint['Cannot access secrets.', :red]
-      end
-      puts 'Secrets accessible. Continuing.'
-    end
-  end
-
-  desc 'Unlock secrets'
-  task :unlock do
-    if File.exist?('config/secrets')
-      puts 'Unlocking secrets.'
-      sh('git crypt unlock')
-    end
-  end
-end
-
-namespace :app do
-  namespace :dependencies do
-    desc "Install all app dependencies"
-    task :install do
-      sh('npm', 'install')
-    end
-  end
-
-  desc "Lint all app sources"
-  task :lint => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint')
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint-fix')
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format')
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format-fix')
-  end
-
-  desc "Run the app as a local process"
-  task :run => [:'dependencies:install', :'database:local:provision'] do
-    configuration = configuration
-      .for_scope(
-        deployment_type: 'local',
-        deployment_label: 'development',
-        role: 'local-app'
-      )
-
-    environment = configuration
-      .environment
-      .map { |k, v| [k.to_s, v] }
-      .to_h
-
-    sh(environment, 'npm', 'run', 'start')
-  end
-end
-
-namespace :functions do
-  namespace :dependencies do
-    desc "Install all functions dependencies"
-    task :install do
-      Dir.chdir('external/lambdas') do
-        sh('npm', 'install')
-      end
-    end
-  end
-
-  desc "Lint all function sources"
-  task :lint => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint')
-    end
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint-fix')
-    end
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format')
-    end
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format-fix')
-    end
-  end
-end
-
-namespace :bootstrap do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'bootstrap infrastructure',
-    argument_names: [:deployment_type, :deployment_label]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h.merge(role: 'bootstrap'))
-
-    deployment_identifier = configuration.deployment_identifier
-    vars = configuration.vars
-
-    t.source_directory = 'infra/bootstrap'
-    t.work_directory = 'build'
-
-    t.state_file =
-      File.join(
-        Dir.pwd, "state/bootstrap/#{deployment_identifier}.tfstate")
-    t.vars = vars
-  end
-end
-
-namespace :database do
-  namespace :test do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-test-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :local do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-local-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'development')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :environment do
-    RakeTerraform.define_command_tasks(
-      configuration_name: 'database',
-      argument_names: [:deployment_type, :deployment_label]) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'database'))
-
-      vars = configuration.vars
-      backend_config = configuration.backend_config
-
-      t.source_directory = 'infra/database'
-      t.work_directory = 'build'
-
-      t.vars = vars
-      t.backend_config = backend_config
-    end
-  end
-
-  namespace :contextual do
-    task :ensure, [:deployment_type, :deployment_label] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      database_type = configuration
-        .for_scope(args.to_h)
-        .database_type
-      task_name = (database_type == 'deployed') ?
-        'database:environment:provision' :
-        'database:test:provision'
-
-      Rake::Task[task_name].invoke(*args)
-    end
-  end
-end
-
-namespace :tests do
-  namespace :app do
-    desc "Lint all tests"
-    task :lint => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint')
-    end
-
-    desc "Lint & fix all tests"
-    task :lint_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint-fix')
-    end
-
-    desc "Format all test files"
-    task :format => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format')
-    end
-
-    desc "Format & fix all test files"
-    task :format_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format-fix')
-    end
-
-    desc "Run all unit tests"
-    task :unit => [:'app:dependencies:install'] do
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:unit:coverage' :
-        'tests:app:unit'
-      sh('npm', 'run', script_name)
-    end
-
-    desc "Run all integration tests"
-    task :integration => [:'app:dependencies:install'] do
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing',
-          role: 'integration-tests'
-        )
-
-      environment = configuration
-        .environment
-        .map { |k, v| [k.to_s, v] }
-        .to_h
-
-      sh(environment, 'npm', 'run', 'tests:app:integration')
-    end
-
-    desc "Run all persistence tests"
-    task :persistence,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:persistence:coverage' :
-        'tests:app:persistence'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    desc "Run all component tests"
-    task :component,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:component:coverage' :
-        'tests:app:component'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    namespace :coverage do
-      desc "Run coverage badge creation"
-      task :badge => [:'app:dependencies:install'] do |_, args|
-        sh('npm', 'run', 'tests:coverage:badge')
-      end
-    end
-  end
-end
-
-namespace :lambda do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend keepers lambda',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'functions'))
-
-    t.source_directory = 'infra/functions'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :keepers_image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.source_directory = 'infra/keepers-image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.source_directory = 'infra/image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image do
-  RakeDocker.define_image_tasks(
-    image_name: 'reference-backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image/Dockerfile',
-      'image/docker-entrypoint.sh',
-      'src/',
-      'app.js',
-      'package.json',
-      'package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_keepers do
-  RakeDocker.define_image_tasks(
-    image_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image-keepers/Dockerfile',
-      'image-keepers/docker-entrypoint.sh',
-      'external/keepers/src/',
-      'external/keepers/package.json',
-      'external/keepers/package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.keepers_image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/keepers-image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/keepers-image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_storage_bucket do
-  RakeTerraform.define_command_tasks(
-      configuration_name: 'reference backend image storage bucket',
-      argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-        configuration.for_scope(args.to_h.merge(role: 'image-storage-bucket'))
-
-    t.source_directory = 'infra/image-storage-bucket'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :service do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'service'))
-
-    t.source_directory = 'infra/service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :service_keepers do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'keepers-service'))
-
-    t.source_directory = 'infra/keepers-service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :ci do
-  RakeFly.define_authentication_tasks(
-    namespace: :authentication,
-    argument_names: [
-      :ci_deployment_type,
-      :ci_deployment_label
-    ]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h)
-
-    t.target = configuration.concourse_team
-    t.concourse_url = configuration.concourse_url
-    t.team = configuration.concourse_team
-    t.username = configuration.concourse_username
-    t.password = configuration.concourse_password
-
-    t.home_directory = 'build/fly'
-  end
-
-  namespace :pipeline do
-    RakeFly.define_pipeline_tasks(
-      namespace: :develop,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'develop-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-develop"
-
-      t.config = 'pipelines/develop/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :demo,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'demo-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-demo"
-
-      t.config = 'pipelines/demo/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :production,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'tag-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-production"
-
-      t.config = 'pipelines/tag/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :builder,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'builder-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-builder"
-
-      t.config = 'pipelines/builder/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    namespace :pr do
-      RakeFly.define_pipeline_tasks(
-        argument_names: [
-          :ci_deployment_type,
-          :ci_deployment_label,
-          :branch
-        ]
-      ) do |t, args|
-        branch = args.branch || pr_metadata_branch
-
-        configuration = configuration
-          .for_scope(args.to_h.merge(role: 'pr-pipeline'))
-          .for_overrides(source_repository_branch: branch)
-
-        ci_deployment_type = configuration.ci_deployment_identifier
-
-        t.target = configuration.concourse_team
-        t.team = configuration.concourse_team
-        t.pipeline = "reference-backend-pr-#{to_pipeline_name(branch)}"
-
-        t.config = 'pipelines/pr/pipeline.yaml'
-
-        t.vars = configuration.vars
-        t.var_files = [
-          'config/secrets/pipeline/constants.yaml',
-          "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-        ]
-
-        t.non_interactive = true
-        t.home_directory = 'build/fly'
-      end
-
-      task :handle, [
-        :ci_deployment_type,
-        :ci_deployment_label,
-        :branch,
-        :state
-      ] do |_, args|
-        branch = args.branch || pr_metadata_branch
-        state = args.state || pr_metadata_state
-
-        if state == "OPEN"
-          Rake::Task[:"ci:pipeline:pr:push"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        else
-          Rake::Task[:"ci:pipeline:pr:destroy"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        end
-      end
-    end
-  end
-
-  namespace :pipelines do
-    desc "Push all pipelines"
-    task :push, [:ci_deployment_type, :ci_deployment_label] do |_, args|
-      Rake::Task[:"ci:pipeline:develop:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:demo:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:builder:push"].invoke(*args)
-    end
-  end
-end
-
-def pr_metadata_value(key)
-  File.exist?(".git/resource/#{key}") ?
-    File.read(".git/resource/#{key}") :
-    nil
-end
-
-def pr_metadata_branch
-  pr_metadata_value("head_name")
-end
-
-def pr_metadata_state
-  pr_metadata_value("state")
-end
-
-def current_branch
-  Git.open(File.dirname(__FILE__)).current_branch
-end
-
-def to_db_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "")
-end
-
-def to_pipeline_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "_")
-end
-
-def database_overrides_for(configuration, args)
-  configuration = configuration
-    .for_scope(args.to_h.merge(role: 'database'))
-
-  (configuration.database_type == 'deployed') ?
-    {
-      "DB_CONNECTION_STRING" =>
-        RubyTerraform::Output.for(
-          name: 'connection_string',
-          source_directory: 'infra/database',
-          work_directory: 'build',
-          backend_config: configuration.backend_config),
-      "DB_USERNAME" => configuration.database_username,
-      "DB_PASSWORD" => configuration.database_password,
-      "DB_NAME" => to_db_name(current_branch)
-    } :
-    {}
-end
diff --git a/config/ci/rdm-management-default.yaml b/config/ci/rdm-management-default.yaml
deleted file mode 100644
index f9e09032..00000000
--- a/config/ci/rdm-management-default.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-ci_account_id: "%{hiera('rdm_management_account_id')}"
-
-ci_deployment_identifier: "%{ci_deployment_type}-%{ci_deployment_label}"
-
-ci_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('ci_deployment_identifier')}"
-ci_storage_bucket_region: "%{hiera('region')}"
-ci_storage_bucket_encryption: "AES256"
-
-concourse_url: "https://ci-server.rdm-management.redeemeum.io"
-concourse_team: "bosonprotocol"
-
-image_repository_base_url: "%{hiera('rdm_management_account_id')}.dkr.ecr.%{hiera('region')}.amazonaws.com"
-
-node_builder_image_repository_name: "rdm/node-12-builder"
-node_builder_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('node_builder_image_repository_name')}"
-
-app_image_repository_name: "%{hiera('image_repository_name')}"
-app_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('app_image_repository_name')}"
-keepers_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('keepers_image_repository_name')}"
diff --git a/config/defaults.yaml b/config/defaults.yaml
deleted file mode 100644
index 7e09c4fa..00000000
--- a/config/defaults.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-# General
-region: "eu-west-2"
-
-component: "reference-backend"
-deployment_identifier: "%{deployment_type}-%{deployment_label}"
-
-source_repository_name: "bosonprotocol/reference-backend"
-source_repository_url: "git@github.com:%{hiera('source_repository_name')}.git"
-source_repository_branch: "develop"
-
-image_repository_name: "bsn/reference-backend"
-keepers_image_repository_name: "bsn/keepers"
-
-storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}"
-storage_bucket_encryption: "AES256"
-
-secrets_bucket_name: "%{hiera('storage_bucket_name')}"
-
-image_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage"
-image_storage_user_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage-user"
-image_storage_user_public_gpg_key_path: "%{cwd}/config/secrets/app/gpg.public"
-
-admin_role_name: "cross-account-admin-role"
-
-rdm_management_account_id: "031036423983"
-
-bsn_parent_account_id: "915981965568"
-bsn_development_potassium_account_id: "384010198059"
-bsn_production_lutetium_account_id: "371854298993"
-
-bsn_parent_account_admin_role: "arn:aws:iam::%{hiera('bsn_parent_account_id')}:role/%{hiera('admin_role_name')}"
diff --git a/config/deployments/bsn-demo-mendelevium.yaml b/config/deployments/bsn-demo-mendelevium.yaml
deleted file mode 100644
index df643a26..00000000
--- a/config/deployments/bsn-demo-mendelevium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x6ae1FCe8b0BcEe14d498C043D64b6a4a19c0E4A8"
-token_contact_address: "0x66c02B4C0f1b8205B090AEB0266577557167AF47"
-boson_router_contact_address: "0xe2AfF6a81Aa47149AAd39a0c320B5895E6f266D0"
-cashier_address: "0xa49925E6064CeB7E0777BD9E864a71518Cd141A8"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-demo-selenium"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-development-plutonium.yaml b/config/deployments/bsn-development-plutonium.yaml
deleted file mode 100644
index e4fe1967..00000000
--- a/config/deployments/bsn-development-plutonium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x469eF8b9F583920318Ce3dd095A0402A4b061bb0"
-token_contact_address: "0xe8637906721051D860af222E6021826887d9e358"
-boson_router_contact_address: "0xf7EEBa6c7a4eC07735b4AcaC8f8AF608f9Ecb8Cf"
-cashier_address: "0x0ab0Fec353C6653F2eD05b5E5ceb4fB27c7d7902"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-development-tennessine"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-production-oganesson.yaml b/config/deployments/bsn-production-oganesson.yaml
deleted file mode 100644
index 9f81d75d..00000000
--- a/config/deployments/bsn-production-oganesson.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x72ed3a45303D5102B92b6F837162684673c40477"
-token_contact_address: "0x94588Ba858c7F67B60a0a079FE2131c4C0351fB9"
-boson_router_contact_address: "0x6D7f06CC2F2583A44226A9077Bea8C5f646B5095"
-cashier_address: "0x5aF8E92541Ce126d2BfF69A03F301a7E16943A9c"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-production-lutetium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-production-fluorine"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-production-gold"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-development.yaml b/config/deployments/local-development.yaml
deleted file mode 100644
index c4a85e3d..00000000
--- a/config/deployments/local-development.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27018"
-database_version: "4.4"
-
-database_type: "local"
-
-app_port: "3001"
-
-token_secret: "e039b2caa4b26f6ec6c65388676389e917e0cd248aaf1222df0540b9bb60d160393e15620e5155cbe2abb97f1b3f96483f670a5788d17a2488077bbce696afcc"
-gcloud_secret: "e9c21f96242935be36928c9acb44ef88b1153644994ba1"
-
-image_upload_storage_engine: "AWS"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-testing.yaml b/config/deployments/local-testing.yaml
deleted file mode 100644
index 8f5b31b2..00000000
--- a/config/deployments/local-testing.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27017"
-database_version: "4.4"
-
-database_type: "local"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/rdm-management-default.yaml b/config/deployments/rdm-management-default.yaml
deleted file mode 100644
index 636ee0d8..00000000
--- a/config/deployments/rdm-management-default.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('rdm_management_account_id')}"
-  - "%{hiera('bsn_development_potassium_account_id')}"
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-development_tennessine_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210413135553345900000003"
-demo_selenium_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210623150921670400000003"
-production_gold_cluster_instance_role_arn: "arn:aws:iam::371854298993:role/terraform-20210413135959680100000003"
-
-image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-keepers_image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-# State
-network_state_bucket_name: "rdm-tooling-network-rdm-management-default"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/hiera.yaml b/config/hiera.yaml
deleted file mode 100644
index 86af7c11..00000000
--- a/config/hiera.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-:backends:
-  - "overrides"
-  - "env"
-  - "yaml"
-:logger: "noop"
-:yaml:
-  :datadir: "config"
-:hierarchy:
-  - "roles/%{role}"
-  - "deployments/%{deployment_type}-%{deployment_label}"
-  - "pipelines/defaults"
-  - "ci/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "secrets/gcp/%{deployment_type}-%{deployment_label}"
-  - "secrets/app/%{deployment_type}-%{deployment_label}"
-  - "secrets/mongodbatlas/credentials"
-  - "secrets/database/%{deployment_type}-%{deployment_label}"
-  - "secrets/pipeline/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "defaults"
diff --git a/config/pipelines/defaults.yaml b/config/pipelines/defaults.yaml
deleted file mode 100644
index 3eb81db6..00000000
--- a/config/pipelines/defaults.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-ci_provisioning_role_arn: "arn:aws:iam::%{hiera('rdm_management_account_id')}:role/cross-account-admin-role"
-ci_deployment_type: "%{ci_deployment_type}"
-ci_deployment_label: "%{ci_deployment_label}"
-
-development_plutonium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-development_plutonium_deployment_type: "bsn-development"
-development_plutonium_deployment_label: "plutonium"
-
-demo_mendelevium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-demo_mendelevium_deployment_type: "bsn-demo"
-demo_mendelevium_deployment_label: "mendelevium"
-
-production_oganesson_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_production_lutetium_account_id')}:role/cross-account-admin-role"
-production_oganesson_deployment_type: "bsn-production"
-production_oganesson_deployment_label: "oganesson"
diff --git a/config/roles/bootstrap.yaml b/config/roles/bootstrap.yaml
deleted file mode 100644
index 68a22522..00000000
--- a/config/roles/bootstrap.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  storage_bucket_name: "%{hiera('storage_bucket_name')}"
-
-  allowed_account_ids: "%{hiera('storage_bucket_allowed_account_ids')}"
diff --git a/config/roles/builder-pipeline.yaml b/config/roles/builder-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/builder-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/database.yaml b/config/roles/database.yaml
deleted file mode 100644
index bb7e2271..00000000
--- a/config/roles/database.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  mongodb_atlas_organization_id: "%{hiera('mongodb_atlas_organization_id')}"
-  mongodb_atlas_public_key: "%{hiera('mongodb_atlas_public_key')}"
-  mongodb_atlas_private_key: "%{hiera('mongodb_atlas_private_key')}"
-
-  database_version: "%{hiera('database_version')}"
-  database_instance_size_name: "%{hiera('database_instance_size_name')}"
-  database_service_user_username: "%{hiera('database_service_user_username')}"
-  database_service_user_password: "%{hiera('database_service_user_password')}"
-  database_read_only_user_username: "%{hiera('database_read_only_user_username')}"
-  database_read_only_user_password: "%{hiera('database_read_only_user_password')}"
-  database_allow_cidrs: "%{hiera('database_allow_cidrs')}"
-
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_key: "%{hiera('network_state_key')}"
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-
-backend_config:
-  bucket: "%{hiera('database_state_bucket_name')}"
-  key: "%{hiera('database_state_key')}"
-  region: "%{hiera('database_state_bucket_region')}"
-  encrypt: "%{hiera('database_state_bucket_is_encrypted')}"
diff --git a/config/roles/demo-pipeline.yaml b/config/roles/demo-pipeline.yaml
deleted file mode 100644
index 7996eb63..00000000
--- a/config/roles/demo-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  demo_mendelevium_provisioning_role_arn: "%{hiera('demo_mendelevium_provisioning_role_arn')}"
-  demo_mendelevium_deployment_type: "%{hiera('demo_mendelevium_deployment_type')}"
-  demo_mendelevium_deployment_label: "%{hiera('demo_mendelevium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/develop-pipeline.yaml b/config/roles/develop-pipeline.yaml
deleted file mode 100644
index 3b73acd7..00000000
--- a/config/roles/develop-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  development_plutonium_provisioning_role_arn: "%{hiera('development_plutonium_provisioning_role_arn')}"
-  development_plutonium_deployment_type: "%{hiera('development_plutonium_deployment_type')}"
-  development_plutonium_deployment_label: "%{hiera('development_plutonium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/functions.yaml b/config/roles/functions.yaml
deleted file mode 100644
index 767a80b1..00000000
--- a/config/roles/functions.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  cashier_address: "%{hiera('cashier_address')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-  executor_secret: "%{hiera('executor_secret')}"
-  etherscan_apikey: "%{hiera('etherscan_apikey')}"
-  infura_apikey: "%{hiera('infura_apikey')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('functions_state_bucket_region')}"
-  bucket: "%{hiera('functions_state_bucket_name')}"
-  encrypt: "%{hiera('functions_state_bucket_is_encrypted')}"
-  key: "%{hiera('functions_state_key')}"
diff --git a/config/roles/image-repository.yaml b/config/roles/image-repository.yaml
deleted file mode 100644
index 4b05dc4a..00000000
--- a/config/roles/image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('image_repository_state_bucket_name')}"
-  key: "%{hiera('image_repository_state_key')}"
-  region: "%{hiera('image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/image-storage-bucket.yaml b/config/roles/image-storage-bucket.yaml
deleted file mode 100644
index dfd1570c..00000000
--- a/config/roles/image-storage-bucket.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  image_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-  image_storage_user_name: "%{hiera('image_storage_user_name')}"
-  image_storage_user_public_gpg_key_path: "%{hiera('image_storage_user_public_gpg_key_path')}"
-
-backend_config:
-  bucket: "%{hiera('image_storage_bucket_state_bucket_name')}"
-  key: "%{hiera('image_storage_bucket_state_key')}"
-  region: "%{hiera('image_storage_bucket_state_bucket_region')}"
-  encrypt: "%{hiera('image_storage_bucket_state_bucket_is_encrypted')}"
diff --git a/config/roles/integration-tests.yaml b/config/roles/integration-tests.yaml
deleted file mode 100644
index 90a94ada..00000000
--- a/config/roles/integration-tests.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-environment:
-  AWS_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-  AWS_REGION: "%{hiera('region')}"
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  GCP_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('gcp_image_upload_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/keepers-image-repository.yaml b/config/roles/keepers-image-repository.yaml
deleted file mode 100644
index ef38598a..00000000
--- a/config/roles/keepers-image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('keepers_image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('keepers_image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  key: "%{hiera('keepers_image_repository_state_key')}"
-  region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/keepers-service.yaml b/config/roles/keepers-service.yaml
deleted file mode 100644
index b22ab5e3..00000000
--- a/config/roles/keepers-service.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "keepers"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 1
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "keepers"
-  container_http_port: "3001"
-
-  token_contact_address: "%{hiera('token_contact_address')}"
-  boson_router_contact_address: "%{hiera('boson_router_contact_address')}"
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  alchemy_url: "%{hiera('alchemy_url')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('keepers_image_repository_state_key')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('keepers_service_state_bucket_region')}"
-  bucket: "%{hiera('keepers_service_state_bucket_name')}"
-  encrypt: "%{hiera('keepers_service_state_bucket_is_encrypted')}"
-  key: "%{hiera('keepers_service_state_key')}"
diff --git a/config/roles/local-app.yaml b/config/roles/local-app.yaml
deleted file mode 100644
index ee8ffcda..00000000
--- a/config/roles/local-app.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-environment:
-  PORT: "%{hiera('app_port')}"
-
-  DB_CONNECTION_STRING: "mongodb://localhost:%{hiera('database_port')}"
-  DB_NAME: "api"
-  DB_USERNAME: "%{hiera('database_username')}"
-  DB_PASSWORD: "%{hiera('database_password')}"
-
-  TOKEN_SECRET: "%{hiera('token_secret')}"
-  GCLOUD_SECRET: "%{hiera('gcloud_secret')}"
-
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  IMAGE_UPLOAD_STORAGE_ENGINE: "%{hiera('image_upload_storage_engine')}"
-  IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/pr-pipeline.yaml b/config/roles/pr-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/pr-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/service.yaml b/config/roles/service.yaml
deleted file mode 100644
index 8748d710..00000000
--- a/config/roles/service.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 3
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "reference-backend"
-  container_http_port: "3000"
-  host_http_port: "3000"
-
-  token_secret: "%{hiera('token_secret')}"
-  gcloud_secret: "%{hiera('gcloud_secret')}"
-
-  image_upload_storage_engine: "%{hiera('image_upload_storage_engine')}"
-  image_upload_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-
-  superadmin_username: "%{hiera('superadmin_username')}"
-  superadmin_password: "%{hiera('superadmin_password')}"
-
-  database_username: "%{hiera('database_username')}"
-  database_password: "%{hiera('database_password')}"
-  database_name: "%{hiera('database_name')}"
-
-  domain_state_bucket_region: "%{hiera('domain_state_bucket_region')}"
-  domain_state_bucket_name: "%{hiera('domain_state_bucket_name')}"
-  domain_state_bucket_is_encrypted: "%{hiera('domain_state_bucket_is_encrypted')}"
-  domain_state_key: "%{hiera('domain_state_key')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  database_state_bucket_name: "%{hiera('database_state_bucket_name')}"
-  database_state_key: "%{hiera('database_state_key')}"
-  database_state_bucket_region: "%{hiera('database_state_bucket_region')}"
-  database_state_bucket_is_encrypted: "%{hiera('database_state_bucket_is_encrypted')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('image_repository_state_key')}"
-
-backend_config:
-  region: "%{hiera('service_state_bucket_region')}"
-  bucket: "%{hiera('service_state_bucket_name')}"
-  encrypt: "%{hiera('service_state_bucket_is_encrypted')}"
-  key: "%{hiera('service_state_key')}"
diff --git a/config/roles/tag-pipeline.yaml b/config/roles/tag-pipeline.yaml
deleted file mode 100644
index 9b5a221c..00000000
--- a/config/roles/tag-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  production_oganesson_provisioning_role_arn: "%{hiera('production_oganesson_provisioning_role_arn')}"
-  production_oganesson_deployment_type: "%{hiera('production_oganesson_deployment_type')}"
-  production_oganesson_deployment_label: "%{hiera('production_oganesson_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/secrets/.unlocked b/config/secrets/.unlocked
deleted file mode 100644
index 08384ac39ab520e9b92da6ef7aee1fe3f558cdd9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 27
icmZQ@_Y83kiVO&0uz%<8<}_y|cW^=Tq}~>>nQsAksR~d4

diff --git a/config/secrets/app/bsn-demo-mendelevium.yaml b/config/secrets/app/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 3a61ab1bb685dbfe235d1e470584cce0b1564020..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`0H-w=XU_DCy}G%;J;c|sxA~B}(L_td{9xhy`ddhkXJooy
zMr?qQ80jgUelFQuq`OdE+FkVo644$z!a~*I&Y`;#tF)!JK4x;4vjVT`;|(s_HScRb
z%?X1Pi;b9pxd5iu)%flAevfg6t6uBb0_3w)M}~^2&M>)oNk&uQEH#zRiI-{~*b@>;
zWTa5l7BUi!R$VjRkBA9z3&kxcRCzi7I9FNQ&nD)d@$3E+PjbIC!Hbg5bR~vlE8D`;
zo?Tx!mM{$sKp4(nhS5T(L;z&nRznytf^nS;pq6}QPT9%lb^k5j48=TF9LVgy@6zMD
zkmX5gj-KMeh~L(Bjc|s%y;z;{Ny7CuQcahEHT1uK(jM?EsYh{U8S7?l!6nV~kFV2i
zCV;ku2$YC%a<gA;*Se`&w`L~edgf|Ya!v+0{v|dh93R}Y{!h+)F$7EwYPIa!KATo#
z?oi}2>vkZRP!7eONi!QzjDI^ZaJ5i79;9$pFj*V?%WXj|OMxU$(aDezMO5bSi1aLA
zy3Nr{_Cp7NXM2k<0N4P56lIB~j2=2D4eSKr4^a8&sjOAH>_-@E7%t1}Zig`bJ;JDA
zeRu{&`2YKv(Lc}j4hV2>%?wMWd@9-J3HYO1OSxkLxXWp__SlyV*RS^pp1whf2ziJ$
zz4aKBciCX-dr;K0L9F2*&ehq?O}RVoTO`3S$}yNoOJT)OvzXN-X<=NxJy~th*R})F
z{6TC+no6_CBC5C`uSu6ug>k9H{kdGM5Cn-bg71N?ur&k&;zG81zR9Hd%;+fvc<wx`
zM|J*5l2Nl!25gYC>Y6IpJEg&i!4Q`5JNAhqWQ<bN!6mNDD%y`zkH$=12byA5x&B+?
zf$m^Yu#fuF-4UOUQ%*q7%2Ajqg@6gN(q~kYx)D4|qKrP#c6K-onpAS$oDb&m_=~lT
zq;;RWvISoyr;(l_E<GXLJOq?ZMhv_QMXoyesjY%^9H$*cp=TC+a$@xZ`#Xs@#Ddif
n18ONtuT)BaQowSkHN_1;EA}U<$4CPMn4QDazL79UqDH}ozfqHf

diff --git a/config/secrets/app/bsn-development-plutonium.yaml b/config/secrets/app/bsn-development-plutonium.yaml
deleted file mode 100644
index 35e25dd6782565a3c23a623eff1a83d864eeb10a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`03(R!8+*n5O-n!aDhc)yrDGO<SBt){-3Rj5MDN=>@=H4z
zmhs1F-ChBS2)1+a32cIl(Swk`cj7rY21y8dex#^6&M^iGF|JXtRH_-{X4g3o_vIeK
zWW%SQ!GA36$Am;-;Nte!F!9X$<yyQ4eI)yARKCb;jeUO<3Zs_A^-1?BZ4wFPKZ6Sl
z7Wp)%VOoLYvnY6C=Q2*_Y}c7KFTXD<)*E1f@8s>6I-E+ZX$}Tq7r(6Pd_lB}XABu{
z<%mDJexc@H>n*UoeGYl+WodQvl3kLYYT3BrTso`Uw(WVk?~bLLfG|=(gqL^fpU`Xd
zuNk1gD?wSzc_?Bw?a~IJ9Aub_#1f+%s*owISRldTIUPD8&WsE6>W0c!_83>hIqI~n
zzIkEk`KAkC;WZk5F<Z7dd7`|f*VpK<9O_G0&@rwQyNL?8l&d;V;yeCiZUcNx_QydD
zC;S?F*9*OxGDL63#i>K<p@n$*AG|SqUU~{?0_9KIJ_6p`SHclZq7|V5AzOd8n=h7%
z!*s05`m}suRp}8A-bO=R(9-^XnvU}VJyG%89MbF$u!{EARTOLZD~xeg1q*-*mbmuO
z=6^0@yA&h6Cl<tZS<=E@i!kHIQdtC{UlYxtvH28(A@;Wd71v%qK`(6A$S_H~8)<Kf
zOj1m0jzd+Ps2KG%KC)7~TSK+$X#cFu982}D__I|(tk`>4>p#~(z*Y!@@lh1YaekA)
z7(=3LPBm2TI2c~oztajr9itFo!K$k(BYR#FnYjaaM<n<1oCy1LD|)g}Km&KmX6Y?w
z98=I|{p*7crX#>?HS#k}Lr1&TZoKVB-KT8j05-`w;U#+Si|e-5yw=LsbRfGb8tM({
z{M(O!X`d{1OI5bT1R127lKs)^Ct}9$rW&d{HGD%+2VcL&uUoDAYTDy*2-V{^&$O+w
zP-&T~Qqm!hO%B<iD4G6q4*2LAdeXbBTGIRf`$v0p5SuI|7Q9!h=+F-BwaY41%2itu
nd)CZf@L)8Zu5G(NO08!rwqw4)xU=NX9Jfg>RvEA$Psg;5QZtsf

diff --git a/config/secrets/app/bsn-production-oganesson.yaml b/config/secrets/app/bsn-production-oganesson.yaml
deleted file mode 100644
index 0cd2b52fd1854ba50907fe8e8f451ef2b5eb652a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`056{Jq7dOBC)=^H9w7wlDZu78FpM`%2gLm7$oaR2$Jl-A
zA7Q2bQe{6_dOz;x0gixw1DAQA@~Zsj2ARv)EGxg|kUg}E(#NefQxy)QIzMr}yS)UQ
zbYIFN(M69kOG;|3_1(Z0jcg_pl8$!;!Sx-rdyL`faU3Ld<T_wu@a@gah}Kp!0QI!t
zFbYpGJH#PL{yU{NX<VpB0=B|@=uQ^XNn;9`RYDL4!eDjFFT1Gy3lo0DlhTg)UR;JI
zc}?Pq9yY0wa|8<M0RqZ)Q%LL?cM*=xKv+{N=3)eg7m31-`l+H!grV@_9axEm=pd0*
z9ij|;8u_)%Eo^iVYL2otaC<Q<@P^^9-FLI+*4K}%sHnQN6;U<D5YnE-k!IQ(IXB_c
zR;~z4P+j50j@J7Lh7~UI+b2q!2~hxCaw-t>fq4b#N9VITSIt-UdbZ2ua?{d~T*0Ln
z&1UeYdyi9wprL}B;EzT!=Qwu0`kc>$rEp>g7B{PJAelhb#msyoD(0lw<)0!CxE;Aj
z26%O8#_QZ7s5?FqL@SvCq+pTLVxO~!>`PWGK@oEJ*KuI18V=-0p@*kj5mfMBg2-m&
zRX)T7v1jmHynR4SVr9q3p}N_1cJQScCD`MKK<`(2{d$!Sg3SHOhvxK-wT1?z5P-1}
zD)^AtAPdv|Y#;gCO7>K%blEDH#gkKMz-I*xM))y04cb1WPcu?wk`Y-E`<2aXbHMtM
z8l?#Tb?4dW!6%PnzSeV0^2aQeWfbjDUaU=S>Z!#aq9<SB%1Wpe*sTlyU2>Azf@sQ3
z%So+>_eN>Ck;J?SRrFDf#fUNSH}>1{o;y2Gd+}e{p><brH1Fa#J5>vM;GYZXmQ#xj
za+XUyUiA=|F#S$*wDLjVWP<2PBm88CeI4EcOPLFpZxCf~iq{YXem!e<7cc~Ddb`+0
zSBHH|@6b%)9(OOw!j8h*RlT#XP6Km%d*|KD*BFLUnwW0v&>OzC&(#$vcYxDsJNQq2
nlD)nEI+uOY00<VdWf<}T)35?WEIm=MRAt4IbV9?2x^wdUmEn~y

diff --git a/config/secrets/app/gpg.passphrase b/config/secrets/app/gpg.passphrase
deleted file mode 100644
index 2a40252d4a98137a333056efcd409d7e604cf188..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 70
zcmV-M0J;AFM@dveQdv+`0Bc%=X-iG8;r0D|%gj>gkZwNaxblIs4`~P6?V;+e3-8Ty
c1{XO3kaex=D7kbsu!X^yl@v4_BmbT<jF*2Q&;S4c

diff --git a/config/secrets/app/gpg.private b/config/secrets/app/gpg.private
deleted file mode 100644
index 40f5c37ac914bc79f5e1ffc98ebc667b0cc43316..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2993
zcmV;i3r_R^M@dveQdv+`00IM$X)KkBcEB!@wv146^*Vm_x1nf1yyAz$;(!Yl;fyyC
z>uf3PBnRw4-bJxhMkO2S&E^ZuBM@jRcz}78w2tS_XIfoY8S5dW_Ig5<)NfJIawuRm
zcm;v%lfAm5rfyTxA;NF1q47%yB0jpV4=c8hJ2CH}On{<b`zINHdotW)Q(3Gxc6}r6
zRqi;`j;oprfquS1)B%Dpg#lk$#m(q3fX*~zZE>Ol+%&7MYr8euQ5jjP1ES6?AhU?=
zJg)$`YCcowXg^#4jCj&+n?yu{$H7|e0ssl%-~`Z7PEU{+Tj|>cg))*XK{Jv`u;(4r
zobC0!D_J6(s6+O%R#qI5Cp3doPE+_xHxqx%4D#2Wo{EZaNh(ir-nEv+&X{eMMSPWS
zcVyQED~Q76AIeUYmyHfB$+rAozNl5f#kI4B(>H$>{vZ2n#wT?`5yuZRw7GK*J9T0m
zI(~XtbNN;JBXdydr38Fr=FY;6Oy2$CQEpX@O7QN9IcudaY<be(Kv%WlV(<5lUdb~|
z&PIdf;b40umfN+Yk>-nOA~Z6+$yoYZU}YrPiaSF8+YR6os9vSuI-#}wStA85xKqrO
zbdWZK+!I!PPCr}bJ+cwkHfF%RXC7ez)Y}@*U>?t5*%Z=?G@mQQ64S<~O=d9)AkHW`
zIcaDa-un5(Cy*4?f?J>76EZg;oaYhIvhH9TldA_IBrG{hrJbm>`X@f16N=%;>LSl&
z7=E<0In_h81-KarScSquc!7dByAPTehwOekd^k}^^~2veMjSG<O9%GrBh(g3vG`pt
zpNUGRIWnjXSgemAa5z6jaRnqMJPIJ9{uph5?e4O%K-A~h5^WzPXxe<dSY+ONH}G;h
zMRLZi#830B*~ufx4wa{GimUP`Ri_HKX2~WC1}#t)s@t&^$<sGyq%uR-#nl5wg->k|
zGOG0i3a8+LU&=>6uQKkg5NuxyqwaCPCA4slq1(t<DKqto_dK56(UPflmg_cU;Os~g
zeuTJTByh335~B@L7ELTo57cWSUqMRYuT`?PYnVDB%O}1ex4|@TsBFC}2Z$rj6izuN
zAE8F*o435KYyegPeXSYf7f1NJn{pw!QJCQ)O(ryOZECicFTc<YiL%*Jc}3soMXGoL
zB26{-@AC@AUb-_bIVm!0DNyr41QJc#tT6<h5C?Q&PSn*WVR-ZzEHL*MNb$vi;b_e%
za{{7LnX6Gj0~~je2A*0Z6?kaGEcBTc;b9|lsd*XI(p~eGIw0x5+e_L7;mp0Aa49mr
zhAbil6^J~ERAfDN!0UQdom(TN^p_x1O;!R<vE)oEvDR9N5+v{cnrP;jQ_McX9gdr`
z8+W~m7_o5Z5o7ITidvI;TL?j-8<KR9FyN$_i->g#3;IC_9%900NgU)><g7kbbW-jG
z-loH{>&w*|8LGh!Nu~>x^iLtrdmu@@z5lC_iQUd#y=UQ))6W#%vY(_%ysJWC?@^N_
zRQ<D^vUwT*h&}?Ryfv!Avc9C{x|LbL%75?{+9nF|2iWV;p=+RXFGZ71A~1x_Y>#zX
zLF4?EHZgIM0z`w^n7dROa~L1x12@=+X=EHEqm(9M!9T=986;x`<rI(J+vHp}GpuH9
zrRaMSLNO@Qs*5te&t`w+%-R}I!F-o7`>LUtr;-v+3l+e-)o1!c1CkGHDZc7E{1*cQ
zBu<j*`T^jFM2x8LhRa*4$9^Z$nj1$gS0S5ozYMT9PT7f<#gQFbcFl?n@!V_t(ffe6
z&B%SU*>4W_J>nyKb)X~rW1_X4N$(N@5)jfDLJL<Yfgck2ByBH1UdgE__eOSYN8AQJ
z3!XrNg*xsyT%;)&Wk_y}@>~SOrr{7u+)`{5!(q+Vt4zQ(u}`l1E(U)Qg2WjCI7Do!
z9XWM=G%QzT;E<*1&gHhKtA0A%<TulLbTwvhc>n)Cj1Yu|;N!I4<Ht&n6dCJ2=F}n5
zyzb?I@3Ey7!e(R%&Ulws1nN@z!yZNvw|gkb8X!n-6Jd=R>Azu2hC{)a{vKZR3|ZeZ
z#%!79KnW%WiV$KJc#tvBdWFOd&w8n~WGoNBsqXU+4AKQ}H&^f)YX3X|IW!?e;-KWR
z@L{F-Hw0N@$g+e<%!SZGP8E?Pk(qykn4vHTpMG|L5CBnv!5$7Tx}w^h=}at^+3-`z
z5nuVXCh9t*K&HmLO=5<YFsJ53#r$~Rd;9uGH6xRuTfh~Qr4UcGeo_nf*^e7Wotu!w
zbyEA=DAe`9YU3&VhA7WMB}1DhCXJ6rEPOy9_#U4Sc==Gdc3Z^ZGJ+?|T)q1ZES!xm
zb)Z2Cm*Ka}YHLADy^-h1Ikx7&&!-!vCo?JEFF?9v5rFN@e5=2X8QY<P&NTqA+qmmq
z6Vo72wCX00bxQ5VgYtz~HZ<X;TW^4bqPs*NSGY6_RJe1A<maar9H~SP7xh~l%e6!M
z50|OD8AKEsM1B`;C=b5R5<$l|R{Qo;wQUYe&ygKO^r|7f7l?-LHWOdD_7LFI^I)hA
zOtU3ye&8s!ni9HjK9bOMjqxNOyYG<~{ytIn72PxgESSq2Z0wGwLwC7>XY@(e8D1-Y
zl_q6GC2mT9idZEwRUM8Q;x}(){<Kh!lKh#r&~pv`Ad>T#C@qaEJ7R8U!y&{-JZ)7}
z7~A4QFH37!lF^qbbmCugH(oDBenqnzdYxAHHphRo?$cJy-Glo$kEOz(RMURG#486X
zmzrYEodv@{6Cp0_&+BMrfPgN2L+PFP2`4rpW32H7sy>V@PjkXK(RQin;43*5(#Ofw
zT5r?p?3e)BHN1$)I+O<Ad&n$NVw)bv|Mr6`F()|<5Z`nt<#EMXt;3{SNs-SB9f9ax
z49*MBEJkp)mlM1XU^Rn(gorLU2X958VLXAI16+Y|g6caH5LuBz9Wk=r66(ehceZp?
zQxJ{+9gS0+)UzCtU-?WN3L3I#kntdVE?R4NiQ!H#8fqSx+?f5k%jCp?FsWNX1vEmS
zufARB^c|im+;Uyd<zm<n!b!^xL#RBFK0lAhc3f{GY&g^zrqaK16$ZFM5W7n;;Ncbs
zR^?*U17J`<l}{vr`_Mf?e*{PcB{;8)@G9vQ_CbH{iZ(R{RcW(BB3`Q?+*=II1GZh}
zN1>#;A+pzFSY<=TbC9j_C0h@oQ-aC}y>Q;4&4=a`8Sr>R-)J9R1?fQlRFGyp%A%E*
zU=krh)ZUfL7DAWyW|{!aR%_y7cPGMTQF?I!`4Jm;r38!-jW7N1#2#?6e1o`DaoeWa
zZ{)l)aW-%u`8aES7)Ng5=@!iACyEQVpH)EAJQ%IOGqDAh^G_5(G(9jM94I*`50fp<
zYIb;x;>S%iP^e7qi{E1l*IH0j+K=-nkXM}%+vl)2v~%U{jY>uW_GlCE3Svt^cL7#_
z^Ym+$E&U=O9^QSe&AnHU3~99<EqJ#--=lnNX3dX}{?<^^g)jU{z%@Obp!Gb*G*>m2
zip!ZEHtR8uA;N{iMa%%Jyuc`l0j&q|38^+*p0`rxEwExr<KJ%!&qAy+ixt)imV|zW
zbwT<{X=1Bf<JU;>ScSZ8HN~{8jRIGb{q0AphfKoVw^{7~4yjhBx<oEKkM}o=9H+?N
z=8{2LAiV^P`dUq102pE%7<rNjb(5O=BxLu{m<9(&0Sg43tGOL&f1SM~A0mQ=fYWu%
z)?nxp{@0PPsl-IdE0S!D=9kn?z|^M;NoKR*DcFjH|NKyH_7wWPIMN@?So;Y#?nnN?
zZ{Le^;GsfgWpnId7WB(;AN%RV?;&$R6>dZmgG+qG!6f4-WB#FZJ1zwa*pR{2l#X_(
z-6U2R1K;mlpT-@0JSKvtaV*z`fN`aof%&_GBI7=%gR_CDQQ-egr395KcDkcFP{eVk
n_L+AM*nG0zj&PAdje3z|Zh=+DjCA>D05S?_<rcJZv|E2!Dk`4B

diff --git a/config/secrets/app/gpg.public b/config/secrets/app/gpg.public
deleted file mode 100644
index 147ffc34c8b3814bf5ddd7acc452b4117db257f8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1599
zcmV-F2Eh3MM@dveQdv+`0Bdl0=B@s`)W?a6;N2NxpK7Mc5%%{pl-RI{OkD!dR&X;g
z5p5bVyjtS=2X=j0W7Vi;aIsYq1%uaCIO*#BNSOT$Vq-%cbA^TV;Rmwc(U1=*%xOUW
z!)Vi;zL79&lF;6rU-bdq-2!Xjwnx1g-ZKz;4d}V^!UcjL5HSyU&CgVGSy5)>)f!IW
zVd%)LodUjUB2d=Ud(Oc?m$#$5@6b;J298r|i?HhpR*K6tU+imHOo-((gAhooGnvrA
z?5~u-s0OX!{98g#Ar>85U`~91d{s1uFRvY<>zf`oV!K{E(}=Gw)l;8M+#UfANWsFv
z7Xj4)F^K)-Sl7c0&&4gnneR1+lxb`EaIE@QY{#3%d#z*8${fHt99sc<?fey}UK!q%
z>*W^Y5~$HqfEg9St$!FAWXlN%WT|x&Zr$*r0SAdE_IJ9i?f_u@3$$Wt!_giP7S3w;
zi6!ugsC&l&y5!`1@vnT|3{$U!06I?q`bmHdA}&qi69n@#VqHC}A|lA6OTAhx4p8iz
zTkh0k12Y=4NQFi4%F_A7$2D@I&EZ}^S}^^I*Pdw(Jd(yK=%lC~e#sO}Hjv$6fityj
zWIs<<@W;tyC{DWFV-(GOSY@#=Xi&+e9?A$P)xr^Za5|Js)lzS~Xa58{h%aq}zCOxR
z1Pf`1XbB|PGR0d_tjSb!?F~cD>Ij=BW5_-8QZ0nmGJ`4^b<<!n>AE$nri#G<C#a$A
zfrQs+Dv>xp9eLU0qA=7Di~qeEl)k4{370|d=*%BjbiG`<xazhIW0gyG6C}&)Of{VC
z1UMs_4>HjNtVv8YaG9=<U}m}u%Sc0cgFVCqF)y%#CTr%P-Yxj@(sHd|qkOAWSNa~I
z(=~h`8)9XEuVw9hW<8dcqGG2<&bf4S74$KNj?~VS6&52nc1+)Huk(5S!ocXO5{E;K
z9r!{p{fn+_>ni3cjVmfc2B)RCzMwBUw4s%3rf!wr&;vX^YMv;awj;Z`4B8A~QAy+l
zAB;*yk`X@q9KR+wTEsGkeDl{J8coF{Q(|D{39~BHC{+3Xifs=snGC1|^KE5lw;iDY
zvkcry7ClG&g_AF9dm_8=0c>9kM<ghpjvwK*Q#%E?A&Zdb^USS<*UQ!s>-bvESwfcc
zg_a);K^wPtj!oWm?c(98X6v@;mS$qjN3mK!=fB`f6re*t5^#?E0>)QIH692R5(!%t
z83Cf3LnOXoEVSHtN$PZe!94g{sel1|uacK}=VNqV5@h@#0(?nHc7TtRFXSz3$T05U
z>SRz5(4~*I2XV7xEGZXbdc~*%4T4}cw^r_*c+&X|Tg%X}s_ZZ#+uu<I1fYy=MFq}9
z+;zq)Bom@gJ|I=)Ui+k4B)ZNQS0I?<4TZhM^)@rl@R*U1$6IpEjj0F`d2&V&NN2dq
z=NUO%N&cmQ8^o{Vg4)z;J};2h`?fbgW!mHoTu+IR8zHTiSD)*<tegO7yi1m|8fvuN
zt@SLiO(Cw>?JoD}%Kg27jwijrEN8BkVY^e*Fw+MMy0ru?DA73^{H*HviA)1vOxho&
zJ8ciH2^hfPv;)r;>Z(#Td3!}=Q9XI<K{r^P@ZJACLltxS+8*&oHWuz+!wou3aWviX
zk>sR(aeSB*AWIbC4ymWwLkRQN-~Zu_5W!m3W<oORDEnuf4cSmk)zTfe)Gj)kl~t^u
zNBoUDExNyH!BZ4G-A=&mnq8q^Z(=IqFxWdljAauOk1j$X+(TbqtL3FyC9Meu<R?YI
z&9K*{Mbpk5?V{VVjuA!C2Hg;c=~-Pz20tM;yYlJe=5RLNMin+(BS8~^8f7}wK907A
zgYz|zD}^p27s;LHt}J)Ky!4NGkTvA}$bUD`qiLbohEYOui_3``u}sjSoorQl$fNj(
zRRV8D+?y)9Oi)~>;{I`*<h>NfUBM|(_5238wx%TdPF5oN_!NK${t+M?@9`xZ#Dt0=
z+}kEWEmqC#)0hB?!BSP2dL@0gYJ)+#pX`usWXa;SF^LXvAIXojZB<g)D9oh@u!9!j
x`w|4a7(kNr$EZ=X|FT?w=F$i<HJ5i>Q~HKzm6hw`>oI9ufBBqS6{~|ws-2B&4n+U}

diff --git a/config/secrets/app/local-development.yaml b/config/secrets/app/local-development.yaml
deleted file mode 100644
index f0cbcbbfc183257b4caf236c126fa40cc6366fcf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`05S}F?X-gNGzmpx9pKm}&v}BAxye9cl`LlkdIZXU>{^8K
z8d0&JqjkYs6KWwEga5Vh7JJV%e;A5(87z}X4sGR1pi?8DpbE@MDEB_Y83j%zhDK!E
z?-g^41$Q~hc$8zL+WSrhN`&!g1M8dykdolt8Vd@Oj&|8VwBB-*-pici8WnO8PjE17
zmRjW2^M!aFNWn~#Al+V*M&|dT=O;DJvI1W|lmSzU?yRH-U4Tc^Dr~dkNgQ#L5Y;s>
q#t2MF8K}Heay^lZwZ}P`gZUqe@Pc{gHS#bfsmBCDoJI!sDDkg<pKh@L

diff --git a/config/secrets/app/local-testing.yaml b/config/secrets/app/local-testing.yaml
deleted file mode 100644
index 66d2375a33f83ccd229cef193ed984c1000401e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`03TAWuDVdlo9JO>3`s~~CbqlvCm^F5g)%eomv|;$%dLg$
z<6|OQ`k$|RBp68wq-VDCS6&K;P4|Li(c@l(ZM+x&i+S<+VPKWn+-(+j9YYq)MguWI
zagGE!!rBiKzeJcI-Dksf=WvYc*7ovq`VNqUXD?m)|3<>na#{tGJ?rpP0eXe87Xu*e
z4o-%G(JvgM?g67z(Cq~sBJ9O^&vmN=?0)Hj_hTUao4mqBuq7JYV(S<D@l?2FR}Hpu
qC<gUXT4lm%DSE!EX%{$?t2d}lJH>f!<j3Uo3HVK!j&wgipNX}@zjP`9

diff --git a/config/secrets/database/bsn-demo-mendelevium.yaml b/config/secrets/database/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-development-plutonium.yaml b/config/secrets/database/bsn-development-plutonium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-production-oganesson.yaml b/config/secrets/database/bsn-production-oganesson.yaml
deleted file mode 100644
index eefcdd92a97afb9d030b322d70a10e752b33c846..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QO;^c6gQb(OMLh;IqoTY6Ccm0`jy4j^idHmyGY+5#Lb(
z++rTT?pB^ZpgrvKDn#-?!uRsp)s@s7pYpJ-7!`{yApHT<jcmFL>%sthxCVyDZIYQ<
zfMm7ZVSSye?F7Y+loRThE*U`WeHVvA-Htvr9BMn_qg<U6&je<M5guaA2yWZTwr_-q
z`^>3ERKr0jSrs2eqll&E#1nyHlx@xcU~9L#%DD(ocqVZ$(q!8bBZ3V16uriP7Amfw
z5s!JlQ@WpwZg`>KGr!C;y4Z9LKZmi_5Mx!Y5)|W0iY?tZt~SE3RPZ|rEdx3(t^{4E
e)0+6&qDHse(8DbAVqe0?5l;s@!OKFm=~V3XM2OM=

diff --git a/config/secrets/database/rdm-management-default.yaml b/config/secrets/database/rdm-management-default.yaml
deleted file mode 100644
index 96337abd1ae41a8c4a572156d5ad1751baef6f18..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0F$#RVz-RH|6Uq!v3J6OQ=p_H;-AKS9GSM%S>s1i?=78H
z)w%T$lUEjs?%oTov?+B!nCqS`YmoF<CTxJm-xvy2^p2Kn@m4-QTi;bWc7i^t5}hRt
z>`ihcLBo!|_*77DlRtZn0!SxnsP_IF`LW8Y&Sd-EmsRda+-qko4hqockFz#bC4kFG
zXHq<K{x$6;czszAf$$KVLK4ux!#4D|VQGx&Y4_APy`jX~ME^We?9tdT(6*8@gs}<e
z2UvV6`E&g^fk=K})KRlNKQT?9UjUcLdu8)T^7zPxh`A#NYxkM;mNIgITL~3Uo+XMS
en%<J%>UW`NIx_74zXz5q39N8iq;yp2?>gq%pNy^m

diff --git a/config/secrets/gcp/local-development.yaml b/config/secrets/gcp/local-development.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/local-testing.yaml b/config/secrets/gcp/local-testing.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/test-bucket-credentials.json b/config/secrets/gcp/test-bucket-credentials.json
deleted file mode 100644
index 0b6dd95a9a82b5d1d811b1686ebe1160033164a3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2384
zcmV-W39t45M@dveQdv+`08+N`Z>~7vvR;L7&xnB$Sfa?q^qYo%q+L-iTPAbh9U9*M
zT|A{<NQiXoqhts~GhT5$kf!WIl5K?WzVlX_^QThjPQ48NlNbY5O9?m%r>=Mg#^Lro
zw=YE8C`F(+O9hCNZ=dX71j9vzrO@J=b+eE~Fa5O}%Z4LpcPIy5eYBTKsMu^w0oiC5
zF7Aotc{}|}yT>rpprvZzQ#c9ZB@)Y8w3NtXEv)b-93X_gXz^v?>eN4$h}IdAkKI-_
z_=-n2U!$8Z_awP_S=1RQqmj}(qDKx7z>wZYe)YLH36~4LPDKJpJCFRJ!p<1A&D$%#
zDZDojvibUMi>^adj!?ao(wp8$w~4l*XezdgN8DPHh=~}NvM|rl(rSLOiKte?*FcA7
zHU~#Ho<OFZ7xS7weSiLpze4(dv|ssRf01Dsey1vgYQ!9qBOxq?W5Elu;?-b!8U!EV
zq>Yyx$X+Urt?s{!%&n;1OAMSRrQvY2^kV4k5I~eF@@AiQlmea{=2=3H5{|sdRlSr0
zwnp5zFV$St?9-$OW@#_&1=LEFxz5HNyubAAZPC+>62ys=_fY-SFdzS@Zb7TjFx|#h
zYHfAB$KR=cE+4NilBeEu_<ta-4zuE1P&iGckgXUv{X<WkI?-&ur(xJ-c2SEAbQ}r=
zF8AG$9&tJ*jOKas-`9F9--@7amGmm_hyv2ZpMc!u68i~WU@8f&CBngx%Ae_(h?}7*
zkz7-lj_&2UbHTEh%x<fCc7(mOvj<(5q+!)Z$=sj5*9<pe0$urmC)Mu6?U9yCXq}Fl
zc}9$v<+mcf<uo>dC%YUv(ilG)8DNW)43y8yHD7C966^dCV5E0JofL|f`sNa)jWS0j
zNA=Uy8!`B|4JimModrhsHmf{mVj8S6`mUG^TED*Yq40u6KusFe9qD^Ny#)E@_gKNp
zqEI9(F&oKz1C&_qGdK#$&C1vg2I}dx&+ibbs_m3LK4i3F5f<g|cj;H`oGXam7%GbR
zKQ5SwxPX1$@cTn|yybINXKGY9;z2ImZ+F(ii7Xoy*#`&&xp!IAd*=EEV=-nndRR}X
zl)7dRE9WOR>2ne8XSXQzlhVE3Dn{Ze3xdmupVt-*F;%NIb-%x$Dzwb2@HH6ETEI|z
zjoyqp`#R>QDIn!7suU6!^o%5xlzv{)=ZE6@zA+y_5#d^MFm02joR?l-RY#Aq@7hqa
z=FKfxDwlCBTro_n@1qHjwXuuqiZ;<ER#nKV0@ImpVMvy^UkC%|E)P?xdOV&pK=T23
z|ECZH$ybMsH`kjA2y)|qDy!q|Zy1q06pJO(SswQQQWW)^(#i**Ryul|d}_eu+CbFu
zR-wpX0C9n76S-wnx!i{H^>W27&#%G6*as6%J3(#*6$3dJf^9^zfD3JPSa2h?pwr{D
z#fSJjT}!2mCg|FQpYm{^DFE?vk&+E_ZhfD_M1`p4O|L=Om$vx(^voMgsY27TcreYe
z%(c-KW}_~tEbGJwaO33TppO@3<h1}8#h=XS9tes66|B3pjW=SJcW&pEl2L4XBZ3G9
zjMCrb(Yuk-RJ|?-FQ=fNY&CNqCjOE{+taqLwvnf_W%Sf9j9K^Cm!w6l+!Cq=^tJZ)
z5j<X;D*$4)Yk5{#{d8Iq&fa^I$NJU?k3OTUr(C9jCp10q1#ox-<8*L6z)+I)PgWDg
zjs6&@utPL<zbCiyswx&8M$Ly#*@N(!{A(?ld1&b(imhvZ(Pr%j1ZGFWj_orT>i)Rt
z>^schWvJhDTIR29y@S$X!HhG92XMhGksorRpNc;zaZWd8fH~o#&ZH2I<~eRHfugm(
z9WjG1X=zEyo1*fTM#`L5OapY^Hj5EZMM-~nKRCORhvXL-VxcM6PqLNB9)#Ya=w``X
zD<C7pOy=oNSR!uM)4^;$MQGHb$Rlt&BswlWbmsy$G6&*9Bqg~V(#7~_V`u6nfigfF
znctp@+w_?<_3nlV>i5uDfE*v8HzNsp!<H#Tk?;+xp88XFW`d))%;W6Z>BMlkh-;cb
zz{<Q*za5oaLX+Q1vH1C(Y*TfJAs6u8&h;_=h6k3aBbOdP59*C^`}W(iu>>1Yph`WQ
zY4bTnTP(Z2yXKS=@RDT&es(jhmv-llCocmzeb5ref`X0hN%T5(Vg4;n{$Yo=2uMSW
z`9;-AYf+S*y7?O{q%{;0(DH)=HqCJ8jT7zZblC8#zT9GPRF_Ix$E$7udnU`;xvf8W
z%*x5^d4X*}%DOnS_l%DUj+ZaxJbB~WGwRi+-)!LiGlv>7tXcE67#Kon7~CEq-d*IF
zYi69L(niVgF<7fF=w`ASW8FeVxFJqVOtoEsz^(?Zh2}oa1<0C~{Y7mxFR|~pk2vtR
z3&f*@7a*G8RGHS@H*S2wGA|MZElV*X%E823qwRNO#J8-vK(;i->{USDc<=Fn?hlEA
z-6nD^S5*i~pv3Bl7IFLZ0xvV|Mdh_XCEOpyluOph=V*)oQTqD*PWguc1_08DH`G-x
z%bpJ6SU*7na+ss{f3YID-lE@@oNN+m8etyE>sD_&T3;Uam?28E>6&qsaOv&6`M5Yn
zeH=+M89X$~<nuwRKl$ej`)`LnxhcppWb>RUs96ZG{^Iw^cJ+=FB)_95Wy~BZ1c@F8
zbxN2AzUD**jCQ_J>m4`~L8>p(VLaFEV3cUzh9BjXIv);=u>?eDv&SLNHntLTTagU;
zvh>89nf@)Hj($74k3D#AKuO@<n-7`)A&breKMVsUp-;Vq+lYj>LInRiBf9oG+j%N<
zPh0oLls`w)x1t*7W9qS>kaXhu$41vZ#NQVh)Y^;+KT9=H5-$YA5P9_v2Z3z_iAT?v
z9*v5rB`qqqkP-`0d!6Y=UhxKtY7cIl#jy|85KpM2b2JP{C^6lfbi2#uOv#q~B25R0
z4}5D<JV>6snL~bd;EyCQ^&u_$UEpGr?&O8qX*z7BzlxN0X0T+^hL!=YiERbW9=LvW
zwGldm2i`_~Shni?$f#S#U8t=hL|L;4U>JuQHOcZ`<hWAU82nPP$Hq~6ZhuObVo_22
z{alr_#=Cm|G=4eQ=hcBj`Wc>KPS{4Vag5!yd*;Rw5hUsVi|+-gXmEP(?LXNV+7qih
CVXyiC

diff --git a/config/secrets/mongodbatlas/credentials.yaml b/config/secrets/mongodbatlas/credentials.yaml
deleted file mode 100644
index b2c255f200bebd293e6073d3558b7855be2594db..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 187
zcmV;s07U-)M@dveQdv+`0J18}a%c;W0seJA{vy(aO$e&dTkw8+R7f04m(k*@=x3Kk
zY-cd>lpim@_~>8I^JsK<lEChFQ-T!}Ofu^(+Fc8!P9SykSJp+K*U_uLYbUA8+;zM}
z<bOcU=!D>hj(pF)2KgvJPHWhzUUW@8+NP6LODLya)`rA-4WrFyG4Cqjb?b_IM$sIN
pL}JAo16~=2c}XJqxFs3<-Dzti?;Nf~E>u9k|K#EL+0g?hkd$2?T}c1{

diff --git a/config/secrets/pipeline/constants.yaml b/config/secrets/pipeline/constants.yaml
deleted file mode 100644
index 894a40a2279425a15dd7c0460ede37726e79f24a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7826
zcmV;D9&O<OM@dveQdv+`05SrPM-#t;TW%}6&(HvtwxfdnG{OU-Q^T0gwO<xvBhQ{X
zBBqN{Bl(VlB*l^|)*wJX`@s%lh)?Ksk@ZNh`J(|A)ZsyTe!H;+T#*&vp%TPw&{9OZ
zIL$fUVNlnn?37Xs8(-6|emm&{1k#3)HqhS|M+{Yf=t#%!&`#J(-G=k>l|uoSohULs
zwTw16$w-bLldu?CVhFSq*+v-Kb0e^J^`Wo76eGR9Y@$;Okl%j@e26cADAO1J0UQ}B
zW#sT=v<N?h$-^QIZ|PYKpZW?qMsh>Lzi52?&Pu-}Ha_6mXuvBOa28^XqBwKHBWi@L
zSA)wjuJm)4)9gfo!wG(k(n@)7d(4MT6|nV`zi1>8V*od-VP=_Tz#)+7X(tVbE%Qs>
z#w0|D6H8Mt3d9zG8@3@=!J3NLY4V=mG7L?_-GF$tfqLR$`s@TZ%`wuBJk>%NHRKH)
zSm<6uQl0f>sk0m;N8_Z^GMxdNXi1q~as4H!y@J<Mp!2nfDVZ;Q1ITz)3k;SOp)US*
z3i@uGDYm}v6gN@X$~Rk4UTNSviD6I?(RTvVW%7^7;o~Ecz5UJt&|fq&L{75Adk>ln
z^|(_s?MRwpfCV!B{+<=8)bF!{pd}woxWTi=s#f=5Gk^=`bYx&%thbnD_)ChHX(AQ3
z_sB}7U&!o|=kAgfH-3i-(63j$Q9cJddFDn`ufyl^%w=Wt{cQ$qg|EYt^u74GOwCUF
zmhKPF>9m^&SJ38`?sy6J1wk5U{yDoBOGwvR19<Z<RV1sTZ|(^wdUrnV;#@4BK=8LK
z{P`VS_L{Scof^`2J_cn7pZ+!iDoH*H1Ors@Mr?U+91iJYaa_2PbxLXM*fPI6*IDh>
zq`*Xm9NtipNQh;PiV^pa&%RiPot4uf%p7>4btJ?mm1su!&-q)f1apqmx;t`XVR*yA
zrhZAFsvVDuPG~Bh4X~Ql=+7^H|Fi9x*^VTb%xh8tmm$+SBS+7BIHMz5W8~=o7JxS9
zQ|=wn*B}S`dmsKT2Bz|&a$2pYc%bMVn1#-wn)xmKJPC8F9Rfg6{~|wLT8FDAxJTRe
zJJ1u_W_^g(Z)VHeVX6UB^>oEB-s^!b)q#nll#~}GBoa3sUqEz9mZK=pD^Ip5R2YnQ
zHdHBN<7Ikc>MX$OAyAP4X7~2A)tG=AoRX<p@+7+vs-v@+XME6V%pbutrnIf-?ZL4l
zu&KHZWxFHh1wAZa&$_d+8w18Y20%KwRduX6S(7No#8zS){c13+djdsN2(dEXP**Fl
z^1Aup5yMRTrA*k@qcvlrzx|O6Hbf*&!exU2b3cCXD%f8wNm^Ho;D#lCTMD1WE6`6(
zPPw5g{yq0ra|-Ip8*~PSEh_>))~)+GQ^rOUenR1uJB8MxnpEZv5yL>bqa>}ciF<zE
zk7lR*uwkrEb`BX2nxKQYr=EwAmNprqR_1*NX91oMNhULu0#u4*@}y6EX=lm3qzjI+
ziwlko03|t1kuW{m6tj5-#;&10vaeSpfP98QUg0Mey$S}IxhW?J#L1loR}+P?JaXkj
zfC`V!7YDoUYjtY3Vf4-1o9cDyjZ2vy9`Y$tiq^&3IV38~+>5gDLDUIcY~wmVeXq2e
zi#;2Y#*1^Jj#rfVVCek1OQN`z!ts@JI^Hti4649a4C7r*{h1v{7|<pJNK#=GIdH`a
z`J2naJ4_=P6;yWR6X*vvuIl~^ejfSCn=KTJTM^+d{+?&0xaZsZNnwlFHXgfycqgzE
zhV3=++bD%A5JBtg<)%m32N6EudlLm9;}3^NM6>!EM<5C5wO3&(t^mmsKP4~ZuP$Ix
zX(PO`VUtPo(Eg)!r|csuaC?s8tWDEgV~D9P11RjyZZiNE^$A^V2ZGISdb!j~T6+7(
zb26^XhpUAdl%Px@-GlzuiE@qf!IElxT=A(IrxzkdBB>5IfHP0YuGs|7;?NTCf9%~|
z2a3kM=VG_=`_emp`W25gagMU$lJc%tDn~o2<bS8*uZy&_><~sZ2AEkBq=J55;jrn|
zgW;9R_Rkg=!e>jz^6rO0bk%za_I6vBKrNXH6?0e2#dodaZPvENx{|W~Bo4v~AvlcQ
z2gOD1L0)$|tAC&-;XcVOV*Q(tt3_LXm4(20!7y8%0`lZ56M1$;90XZY#~5=RjU5Z1
zuYi{wn!V8iTB%>m8FT41gdtZ3J$(KKDAuwhXhYhGFhcZe>eN_E{_(Dd=W3MeGX_a<
zab0J$oVE<%ySDNW(rp_Dh;DUKyUfkRJhIQrKP@TepwIyboIZ|0ZzgHp!v-%eEudS|
zymRk%!)9&FpCejUrN3%<dFrGIz!^OWPOUS3QAPgn=@SmR3BdE)I0nlv+}xc*V_`1O
z3Sh!5)3E*GI1qNgJmsy8H1dU;A|mH7HIZI=0dtNA@3-i?znWiZ%)1UxgPcw+D+P1Y
zH&%MD)<Ox!K(BH75^rc2j@f~F!FcLnY=7Ba3srJWGMVL^S`RdStEbZ@*;vd1S%y^f
zO+YFs(hC|MPbh0a$u+Hc+Gi?cjVbQplDys1e1m599v>e%3&dqo0GITH1F3#-#)jsT
z4lnSN6biHUWNlR!$xE32@2Ak78V-4Fx#RG1nT9IVkgR-xEJJ2`P~<OH>QAK3j}LCs
zm&;ET%ivd@=@&wOb3tHKpPddX49GvR5ee-O+nSUBcxvVmCvN83BtKHk4+`ZsMoY??
z)x{dTMKD90$1k=F5YFeAWaD{>X8qvVDj)FVea(XfLBzRCX>k)-Fjy?F;h2`lJy0YD
zfI5pT<HEN{-ew|KBpjlkT$<Hgn409`V`VSX2o~%q-*KXm7~f(d*P<PLyF`#1R^exW
zlS}5V)(OQlBlS?*jzj0#N`TPCg<<8W6S)}F7hFdR0ypcPAuSK29P^}O62UcXTsEEG
zES;&nj9tc;g&3v9k*9yvvoKu_uJR`;c6Xae73FiHdgD)Ms}fQhG<~sc#-rs9D2^8o
zBsZ4s=k`&87v)SrIPPK`n^!$D*ZYwSyUQg`)+n@uFw2m1y%NU3SpxljszKGgd9P+T
zf)=G>$_L|M=BsUoB?A(_)*!3EJ=6Seduf|8FI`n7bG?qTMGLlV7C39Az^B(FF4*^k
zX5=I8ws9s`mlvPxc{fV65M~{mKnzPASAbC2H&s{+a99^Bp9)jmE{AqXD;+U0MC{mj
zoh*4br!vacBbk`Eb0o#u84FbjfR>lD5$tV6Z*VwNLf)JtKtA0z_h=?^CjX+Ai#C&A
zzjVDj(ki3G>h4bq3~j$VB%z?K=ZrDHPFi+kqImMi$P3FIbX|o&7?8s-9M|hI1&v#u
zMp|TLOn%JTU(L`N)Y$FTpO`uVjXZ9jT7?4@%B%0)udgN1D^#r_H0}Nv$Xwqb#K|Y1
z#2<^C%Ep;4lod_7EKVlfmhomEstranI!HepynDAU3Klw=3)q(oXYFC0Hd>>1k4Uj#
zPHA2H2Y<2JQjVxP1Xj^&F|#`R<(?$d;_Zm{6N0~d=eJIN+%<!!NdV@RhO(j_lT-?i
zUAOm5Ix;$E10&QqT5GUois4-r=Nml~auHB+ig*?Ze_Rh^MDvcZR7rPv99gAj!HHD8
zQ426$wP!-?rc$YaO!}yS^SC<kpU3-X%0ZrhiJ{9fan@X?%`>Q_WrwQDR8Ey#tK$mg
zh3!$?YkM!KO*!}ocaqDU<?h`wr`@KND1L?n{7JvUvT~QD2pW%*>0&AoRCv@`eOP)g
zbZ4dnSm!X#|61{SjHJ0z{TUn8k?G!DYD|H)(oGbBkt>8&cO_sL-zv>5zqf6?+={GK
zuN}y!NOVa}*;jqjCd|wFjTfvRa~Fzx7=tuo^@mFfIb|S5QG&$XC64`$Msk<Sg#?5D
z715ShO*Hi_;Cz9twoR=?Y91=Fl#Q8N&TCm8MKd-jzl~0zHq)srYr?JNK~?(6yx0|?
zcM+UF5;vJvH!U?o+1MepqbL7z_-^sI;uG}mkXl<)8=ggSg!y<rrW`1XKIl?MgcBH$
zcT*$~;6pdAdak6+C&wl)$E)JA9YlV#wP>o=Mo0P86?W)>=W&4k#eUAhFzti<l(Sq<
z0Bqp)&mKJy<4}k85kEGPT#r-yz9nrSg<F3Z2a*R+{xvWKP!tz&A8D2;AKHzB)+V1$
z*MDnPNAcUu1fWEsO(<gs0a>f~G=3UIOj>Qk&^*6BM)uJm!D(bp0(NW=`jp<VItc(e
z6h<$+@q3kc(%c^xb$%k}GQhu28A~0OI9k$}5<#z0Bqm?RxO@{hBfMRtj>^jENQQs;
z&ueK}8NQj7Lps|fiN5)$tLZhle>{BuCJpMcF1RQorA++`MxD?<&0dbbK==iPUV8WR
z9+XH9mvP-p7oWcl>EkOJtNd1df96WI--=$0wTpS@{;~(@StSSbK<FMyJ6YdBJIDab
zHt6lV!h675jeH0_vgMr~4U#VkBC#=VUc;PIf`BGI$k5X8l2KQVfBdt=wjxc<?G?U*
z1jgL%ux#|~<Zef#!o!x?=hCQux49PV@L3B)Y5UUKB9moT0?weGB*hiY9*R0Cruaoe
zanJSrv3eZ-PXV3t?%_l75B^TncK8aE95{OB_bb%e+D(zW=ZuoL!H7i9Ak5-jFr4I>
zR~?+~Ua-XzJy~68Ynb2#w)#Maes$o}n<?T46v@%5qH|k;go>K(Bvyg7L=p+h-5P50
z{uHUgBF?{>iy>DX97A-eG@>G6zJ?%1&~Ki=)gj3AZ_%P<$wK^yca?K}_ve7L277Z%
zp}{Dne@SgSaB7a#0_ov4D$P#SH+Jrm`?$K0Tdhh-_0X=Itf2t-rEOxHWNsY}yXIDx
zM9-!<;thxAdYv)OXieCu&Kz54&fPuhzJv<sR;7sg_jUcZ3ld7=Tl0<gG9mHdOv#IX
zsLUo!eoRkzD4bv#=+2!})5@IK4R`Tcvxg~+8PWn}>Y4h846JPUYrsA+h2b(JOk2~K
z$UhY5iZke4^%pm7q327^B~flkFg#8y--o!`Qohw!y%KvKKIyU2U!>0MX5^b|6#7}L
zRETDFw0{LXlsvSh(eiW@+4zqQaCr*i`KKXS;_UEDHn?mSSUq#UL^i3pq95}M$bjBi
zk`ym1g%ipCe%A&Jj5T@za5dse-Fsx@nq~L$5g<8>en>%5N3uOv-_!S;r3Rq6{X8P+
zJS_oqQK7{@-z!6GAUDAN1?^2fcbvuZq)$||GLL&bwDgycNU>VOj`ZYY$v`L1_`pYI
z_^}fj+GNM)qlLWmxz?i*PI~SO)?}f7h$16;e7&hAI;lBN5f-DsQF9*W_=Pl&nSV^*
z-t3i<qCIHT{Xu*?`vuj9$@W{Yb31|-XNug9-rSuN6EEe?(2s=OFoxB`OaX9@4lSD^
zB1_0{4B*C#-mz@lOx^WR6tAWUt@ej(+(|7=f|*ank?SjUzv!tB|3Kp}WV#-EhcJ9&
zw8`aR4FuSy@pKw*=$7BKSBOKt*@E8c%UR>k&Z*Mtd0#OG)VX85w8uukG%of}^n{!d
z>QQbK^<v!wDAeiXR$m;1W?6g}*Et=eY#X*H4m&9j#vfrMMN&8bxq8N~FyWuwky_1P
zMcD3)Z#%fV#*q~{)os2M1~%!+SE5XX@fnpIb>wsgCIeTC69r_U&z`<~?1OQ#R$Q*o
zO?BVVAj#A&J7}wiGA^?1`49G&i7I!w&USc5$)|cTanmkmsz!N4ks3}LlF%5-X14tv
zy&L0K{-(3rS+LLL<VP1PdRu++??mn(jcqBhqh5TkT;7B-&h<8RC-TwjXm0Xoo}OTG
zko@*{0qbr{dSWvues;x7j|n3kdN-z+v-Lw6WR>{KGomN8wRBD3(lBEhZTf5{B)Tg3
zFeUTb1=PS+<4cVIZ<Ap}oSUJ!59TS3#G1T>fahxhll&<f58|j`zrqx9`yslm^DUSn
zP*?xcP3%tiT^aU7o_qDI3+Pfz`uPKK>H}As1fQy8Hg_N0V<;XA?A~txRy_O^_1c>d
zETx&Q8q*?XXo}iu0w;v^2sInwBhFn?H^q}2-V{F0&|nlGxp|Mv*+sBdQZQME4`d7%
zT%Hj130?zwBU8!Hv_zO5h^VK2E4up7Uf0dOYrD{s&*i?-*jRJ7ejL`p?l{EQYyCsJ
zWp%J5i$mM=G=N$6^9LeMIpV7QotsvG{jA?D%XlRg(7v?*U|}<+6$`;lB>({$MXSKO
z(#G{Kul;+Rueg|R*C^*?6i_>!5NpVl0~3ht#wPyVfsdK1ng~Hr*5DL&vrF5h@bWDs
z7js-Q<n_wF``^#~0u*ON0v{CjZg@9lz-~R_f$?G5BtTxcxaQ+6HUy7Z=gCS{l7bbl
z`QV5xNz`s$j(Vu`6K%=%=0ym=p1LPq2N$NZW1`PS^pTIf7cX1E@FV&)u;kq7Vdf7Y
zZ{*v;RG9R0c?J=`?3c}!^&|TSn|Q-$uKqkCH2AwpSoh-H6Q}y5Z{Ka;`L$Jr_#Ohp
zXGXiqyg;&kJzxwZj3X=?Cv<k<<k6E~(AmJ$Ybql^*lGPB%^@mGfIVaQ2NOWFhOOx8
zH_h$}Yfsp5M8SCo?KK)FbTg5#jcnhjXBp5biEE^VD}EL^j39-bU<K9JWt^3HAv!l9
zCm?3?(S4W_vStOmXU?mCqP%S7!n*$19^wP4Y7cN=4~hu>U{&(SO_8h-Bpbbe;1q=W
z0oY+Vl#FI#oVVaO>?_PPU~a%c;Li4!XEWVyzg1sHfou!X-?ZI9d`L4gx8N*hO`wKj
z>MWF+S1W-PNfmb9kR?M9x1DrZyc~p$1o|owHC-oisvwZ+%?L`gQ>~8hq4~rX1cV8A
zJUrIsE&+~t<rf!ksK!g^Y2BfL)E{`{xTW<N$_oR<gPHBE^(JK@1U9CS$oE6e7foGu
zCOwPB6lU}w^WtK$|EeXRN}!u>L~rb61T@oEH?o64r`psIy+%3+UA`*DWQPtQ1Amb<
zL6%5B53$S-Gb0-N5Z#UAU9)W;;)dp(p+-wY=iNMvcr;wns$#EHy3`!yAe&57<x>!V
zrhnxNTIc-I2|GfY`r?CU<23GkKFf{oMO3M{skZOwxBjFeCSi06DWjL&0(*E3pIz*Y
z-%qbhMsOg_t4X<TwAm~OVs+dsjfPCxtR&HY)H-v3;~&#@SAzPy#Gi})B<Sqy%UWEW
zVyXTCZYh=ko;pQ0mzIByIVrUxGnJ0o#`Q!=04ufy+BhJk1A)xA)+4%x2e8p<`&Prv
z=Y@pi3Mm4JKES`sjt`wI%ZvpqIMj$MINqLb8bwydyj6V#fu94>M^~j)S*CH`w5mu)
zOti#^3h7xS>FR+x{3<r?RF$o5b^T5&>bQal-LX?I0QIIi*GwAuYlRpHhM>kxvj&jR
z3Rg_Inx29W@w0AY@p?e-4EHJM$JHHYW#S<VT~+Xw8M|2_;ppc<BVm)kkb87;bJ|_M
z#vFWF`H@$dtd=zktouss6VHx2s-LFPpLzMXT=>e;M?FeI&#C$rhhE>YdR{=^d;)@y
zpA}4hyExR5RI%(jL~@X7-oOm^^sohJhh}P?WBL#psc=zo6{UseTzwwT+U;6ospe;X
zZ;B7VR0voAcK{wkDZ9{@8Myq-Dp&=F+<{NAbLs}~nzD(V<$f^d(zlT!FQWZG-Qa%z
zvgPc;ZJDx|njB@+0v^datM*l}kXXKP9h(c%<r0!V#AbL2Xx{kIh@jR3uEdpEECOCH
z>+~Ku22RcY0yL9A$&P(*D^i?5e#8*WZBN(3u_RDpVYU(|mwlhgt1;_84|M*n-jnWu
zUDK<&2hr_wy`>7W7XDlP6@-GZH!M~y(rTczv;1;D?6`N1A6sQZl0FXv_DsNV73yVs
z<nh_O1e8yW(;z^>ca(}rJCHVqZ#R_=K$QbbrHy%Q^PN!GdWxc{{(O#K;MP?+&Xwa&
zJLQDOLY=h!MrN9wnoLndx8xG_X+_OIMoNaKgregao-!n7{O7)+K9D9-qwR2Nm&KO!
z*~<7G)&4wGcRD_?_}QX;5I(1{3Ijnh0cjD~D*Z^~H#lr}MIJv*^EfaJLWifSOd<Kx
zV=Z)p&Yp)tmk2lSkiNTbnO#6e;X>!>i^K1ac`|qn0tIdzjyE5Ov`>-_<<@kQIli@+
zTw^JU#e3vIiz7+{k)}GIS6M@ci^@OsQlhrBD?-Mq!GP?zU1B<dZh9Ly|F-KTua^sR
z6;%tz__M#rGjo%rBBsP`o#f>eR9`dab!E`A!cL+ZYFyS}Mx{kQd3`6A?kvTaRX;!n
zOz6#1g7k!aa(kyT>hi&X10E!Pr&&5K-Y1fsQ-dky@VXh}MUO(|!7Kk8Y33+Nwb;s=
z8kJ<5n6cnTN&CQ&0WO8BGgzFuNnaN*uow)twj5(R7Rv9IRJxt`pCUwzzM`v<M(sMb
zfnSr>YINHCO5U`X$S-)2857DWrA5EqWmQI`v)#3~P)Tlr7(<Xm$D1P?NlwF^=ioX7
zIE?<;b$bXH<k0f;NIP~qpq&5y*v`(jv8>AcA)sSK#^iN+W_B_{<pP(ZY{FYpPt}3u
zvhB}Vq(;*{uLwVzXX*-jIlFW%dmP;63<_Hv6kbOv(zII@7ZrFJ#%S#UhcnpvcD@JN
z4$avSrwr)8XuiX?s6Ps4LG1Q6EZw9IhMRs#TvPcmAY4wNsc>kmF9fH&=lm27-550p
zaTzcqI8>Cl6wf7irc=ySxBqQN_JZ~>9_||JZ{E36^rVV`_nHg57f_*72DDq8j!IZz
z4Xzi;*3+wWumT;g+Es~=r?R;Y+2}-drqe(mV50B->N4xg!@3P>WKQ82lyHVZr2~kf
zJMCq9$BspFI<ln^?cc$p!5^3Z3uml#b+qTVIMCRga2qU$YOXu1sy+&|;Qp$usE=8O
zTK7^;075)SfKg)e_suCrF?=vt)A)a=1bhNX4)_#lGb)i~|N63h<|M*?cVajaiMK8N
z@5%FPN(3uI+>qLV1%%}(d$7Op%m(Ibz6JI)cCw54kayftr^lLqK<*`u->NiS@UJHi
zMkLq=bjX@nlU=7MwuqubLg_j=7YCA?9|V%n(q^TY?m3`&(+xnw=Q17?7aXw;eSWQt
zOQoVkcOgnKXYDtTxBd7{VD#-Bj~uc^Og|pSU}E@djN7j42Ynk{qZf4dASC}ZvS9jU
zNZ0PHd&eJ|lWC?4i3@}Ee^;-0+oYR4JmhHR<J--c5fgw|6}nn$joSrJF4W(;x&t?H
zk-2?Xx>zHH-r=GKDH)Eju%u!osO=`qoR4ng-T(v-aZmu&L&QNfx`u|D_vF~ActH9G
zaSf#oA1Mw;*z*7K^0W-?u(`JbqQ^)1c)7?Ha=yGv0!!9LEShI41<tF(qhq3JBK84#
z#cmuqcwzl_WB}wacy3#iL*bJ!vNWPO`5P_9;LYW>71zMK;{G={G4P}n$1br6FA6;b
z==#4??R~FWNhBO6o${!Q7h;6V@Z5UC@J%bc+DY|~ig*+r_)<b8{P<#4*j$GTie;7D
zu4|;rW(o@QbZ<K9YlhrAQtoJUUiQew@3TABJslOq;5PP-;*zkkEpw8WT#eh&^FkQO
zdn$O1Runv_U&YkEO-D$MZCFUYT&$0YLopq1ZgECgjZ%!>hh$B+E=C;2AZAz^ce5_B
zhV&DcXw$}Qlyos2;0qRJljm+{V@Gsq$ql*SDPza@{o~8QwdJtTX*tQihUa2Y?UPf5
z7rDecrgXp5yrQh1URoRwFf&MSIG4rQJg{`d^34QT@2nr!tlzaMDD0b_oe6BqcXifm
zR>RUs25*Z5Xct4v1}=2aYT2Bak`+~b);2$m(eJQj2T7r~hmAs}Q8pn^?5l6}rCF?8
zN%`pQZL$3=F=``BjZ&mu5H0mFosXPCyko)mUHc#;<e~6;_x1v*j)%|u`K0{q!E|+#
z@0FNrezZ5PD*c3Hwld84sL3>|_6`g}nZ|Zz;3n_!ZaRk{&wr|PUf30Fkx5q#Q~qwU
zeECn1*1@m>1S`=_{md@hk-{?t3|@!*zTD(%83xTq^l!x0SfiLV@c|I!j`D61P$iPK
zm$sy7_X%-wzbduRHj<}=MpcT6$;8BY2QrhG%kQOx_V3f2pJ7H}5U&&dv6pjs#7^nF
zk(U+-z*Abi_dut0`W3lq8d!U+HTR{JfkYWU-7$o`eUZIR^O`e=o#o4&H*P0D-}lK^
zzdbrKldw*eZ_!+!zG@a%5%f`?@Oi*^M5z7*v;oTl4NT-!=NUnqbb<r9SCQWFF{fP3
k@tB;0m9igZ(>==;E&KrZ$DaRkOz^KtKHxdLwS>||A{lNnzyJUM

diff --git a/config/secrets/pipeline/rdm-management-default.yaml b/config/secrets/pipeline/rdm-management-default.yaml
deleted file mode 100644
index 27e627c633bf7744c79d7b5415931197baa0d1e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`07V}-T_}<=rkFiI6XsB7PMH{uR$Ee88>ohe!w=Ks-$G2A
z-J>yR1#=sa4Ke-q1p4MXYx&cSO3<9bXp`qnlvZw&2hkwU)qR+5aScHtue6LfBb-Bm
zqYPI}eeGVUbWLQe4V_n;t2$3N%~^t{nCkJ<6!9pmY+LZXY=Q|%*s7<kJlf|P%#MN4
zwR(ar$EFmW2uV}Rkg(7QEP0L}!)FI7u=lZrG4gW)NhduL?jSoRcy@qt9$I+3oXN*o
q^mdsjvWBlq^V)#4tIB>tv?wIU^9AqPM!B$MCFE=kaR1&CF&7F*m2o=&

diff --git a/image/docker-entrypoint.sh b/docker-entrypoint.sh
similarity index 100%
rename from image/docker-entrypoint.sh
rename to docker-entrypoint.sh
diff --git a/image-keepers/Dockerfile b/external/keepers/Dockerfile
similarity index 94%
rename from image-keepers/Dockerfile
rename to external/keepers/Dockerfile
index 002d46eb..48b1d3f8 100644
--- a/image-keepers/Dockerfile
+++ b/external/keepers/Dockerfile
@@ -25,9 +25,5 @@ RUN cd /opt/keepers \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/keepers/bin/docker-entrypoint.sh"]
diff --git a/image-keepers/docker-entrypoint.sh b/external/keepers/docker-entrypoint.sh
similarity index 100%
rename from image-keepers/docker-entrypoint.sh
rename to external/keepers/docker-entrypoint.sh
diff --git a/go b/go
deleted file mode 100755
index 35e5fbfd..00000000
--- a/go
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$GO_DEBUG" ] && set -x
-set -e
-
-project_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-verbose="no"
-offline="no"
-skip_checks="no"
-
-missing_dependency="no"
-
-[ -n "$GO_DEBUG" ] && verbose="yes"
-[ -n "$GO_SKIP_CHECKS" ] && skip_checks="yes"
-[ -n "$GO_OFFLINE" ] && offline="yes"
-
-function loose_version() {
-  local version="$1"
-
-  IFS="." read -r -a version_parts <<<"$version"
-
-  echo "${version_parts[0]}.${version_parts[1]}"
-}
-
-ruby_full_version="$(cat "$project_dir"/.ruby-version)"
-ruby_loose_version="$(loose_version "$ruby_full_version")"
-node_full_version="$(cat "$project_dir"/.nvmrc)"
-node_loose_version="$(loose_version "$node_full_version")"
-
-echo "Configuring NVM if present."
-nvm_dirs=("$NVM_DIR" "$HOME/.nvm" "/usr/local/opt/nvm")
-# shellcheck disable=SC2068
-for nvm_dir in ${nvm_dirs[@]}; do
-  nvm_script="${nvm_dir}/nvm.sh"
-  if [ -s "$nvm_script" ]; then
-    set +e
-    # shellcheck disable=SC1090
-    source "$nvm_script" >/dev/null 2>&1
-    nvm use "$node_loose_version" >/dev/null 2>&1
-    set -e
-    break
-  fi
-done
-
-if [[ "$skip_checks" == "no" ]]; then
-  echo "Checking for system dependencies."
-  if ! type ruby >/dev/null 2>&1 || ! ruby -v | grep -q "$ruby_loose_version"; then
-    echo "This codebase requires Ruby $ruby_loose_version."
-    missing_dependency="yes"
-  fi
-
-  if ! type bundler >/dev/null 2>&1; then
-    echo "This codebase requires Bundler."
-    missing_dependency="yes"
-  fi
-
-  if ! type node >/dev/null 2>&1 || ! node --version | grep -q "$node_loose_version"; then
-    echo "This codebase requires Node $node_loose_version"
-    missing_dependency="yes"
-  fi
-
-  if ! type npm >/dev/null 2>&1; then
-    echo "This codebase requires NPM."
-    missing_dependency="yes"
-  fi
-
-  if [[ "$missing_dependency" == "yes" ]]; then
-    echo "Please install missing dependencies to continue."
-    exit 1
-  fi
-
-  echo "All system dependencies present. Continuing."
-fi
-
-if [[ "$offline" == "no" ]]; then
-  echo "Installing bundler."
-  if [[ "$verbose" == "yes" ]]; then
-    gem install --no-document bundler
-  else
-    gem install --no-document bundler >/dev/null
-  fi
-
-  echo "Installing ruby dependencies."
-  if [[ "$verbose" == "yes" ]]; then
-    bundle install
-  else
-    bundle install >/dev/null
-  fi
-fi
-
-echo "Starting rake."
-if [[ "$verbose" == "yes" ]]; then
-  time bundle exec rake --verbose "$@"
-else
-  time bundle exec rake "$@"
-fi
diff --git a/infra/bootstrap/bucket.tf b/infra/bootstrap/bucket.tf
deleted file mode 100644
index 9bf230db..00000000
--- a/infra/bootstrap/bucket.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-data "template_file" "bucket_policy_template" {
-  template = file("${path.module}/policies/storage-bucket-policy.json.tpl")
-
-  vars = {
-    allowed_account_ids = jsonencode(coalescelist(var.allowed_account_ids, [data.aws_caller_identity.current.account_id]))
-  }
-}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  bucket_name = var.storage_bucket_name
-  bucket_policy_template = data.template_file.bucket_policy_template.rendered
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/bootstrap/outputs.tf b/infra/bootstrap/outputs.tf
deleted file mode 100644
index d59f77a2..00000000
--- a/infra/bootstrap/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "storage_bucket_name" {
-  value = var.storage_bucket_name
-}
diff --git a/infra/bootstrap/policies/storage-bucket-policy.json.tpl b/infra/bootstrap/policies/storage-bucket-policy.json.tpl
deleted file mode 100644
index f647a293..00000000
--- a/infra/bootstrap/policies/storage-bucket-policy.json.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    $${deny_unencrypted_object_upload_fragment},
-    $${deny_unencrypted_inflight_operations_fragment},
-    {
-      "Sid": "AllowCrossAccountAccess",
-      "Effect": "Allow",
-      "Action": [
-        "s3:ListBucket",
-        "s3:GetObject"
-      ],
-      "Principal": {
-        "AWS": ${allowed_account_ids}
-      },
-      "Resource": [
-        "arn:aws:s3:::$${bucket_name}",
-        "arn:aws:s3:::$${bucket_name}/*"
-      ]
-    }
-  ]
-}
\ No newline at end of file
diff --git a/infra/bootstrap/providers.tf b/infra/bootstrap/providers.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/bootstrap/providers.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/bootstrap/terraform.tf b/infra/bootstrap/terraform.tf
deleted file mode 100644
index b1d45698..00000000
--- a/infra/bootstrap/terraform.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.29"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "~> 2.2.0"
-    }
-  }
-}
\ No newline at end of file
diff --git a/infra/bootstrap/variables.tf b/infra/bootstrap/variables.tf
deleted file mode 100644
index 80dd25ff..00000000
--- a/infra/bootstrap/variables.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "storage_bucket_name" {}
-
-variable "allowed_account_ids" {
-  type    = list(string)
-  default = []
-}
diff --git a/infra/database/network.tf b/infra/database/network.tf
deleted file mode 100644
index 04dc4a8d..00000000
--- a/infra/database/network.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/functions/modules/lambda/iam.tf b/infra/functions/modules/lambda/iam.tf
deleted file mode 100644
index 748ea015..00000000
--- a/infra/functions/modules/lambda/iam.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-data "aws_caller_identity" "current" {
-}
-
-resource "aws_iam_role" "lambda_execution_role" {
-  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Action: "sts:AssumeRole",
-        Principal: {
-          "Service": "lambda.amazonaws.com"
-        },
-        Effect: "Allow"
-      }
-    ]
-  })
-  tags = local.tags
-}
-
-resource "aws_iam_role_policy" "lambda_execution_policy" {
-  role = aws_iam_role.lambda_execution_role.id
-  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Effect: "Allow",
-        Action: [
-          "ec2:CreateNetworkInterface",
-          "ec2:DescribeNetworkInterfaces",
-          "ec2:DeleteNetworkInterface",
-          "ec2:DescribeSecurityGroups",
-          "ec2:AssignPrivateIpAddresses",
-          "ec2:UnassignPrivateIpAddresses",
-          "ec2:DescribeSubnets",
-          "ec2:DescribeVpcs"
-        ],
-        Resource: [
-          "*"
-        ]
-      },
-      {
-        Effect: "Allow",
-        Action: [
-          "logs:CreateLogGroup",
-          "logs:CreateLogStream",
-          "logs:PutLogEvents"
-        ],
-        Resource: [
-          "arn:aws:logs:${var.region}:${var.account_id}:*"
-        ]
-      }
-    ]
-  })
-}
-
diff --git a/infra/functions/modules/lambda/security_group.tf b/infra/functions/modules/lambda/security_group.tf
deleted file mode 100644
index 95dfd4e1..00000000
--- a/infra/functions/modules/lambda/security_group.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-resource "aws_security_group" "sg_lambda" {
-  description = "${var.deployment_identifier}-lambda"
-  vpc_id = var.vpc_id
-  tags = local.tags
-  count = var.deploy_in_vpc == "yes" ? 1 : 0
-
-  ingress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_ingress_cidr_blocks
-  }
-
-  egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_egress_cidr_blocks
-  }
-}
diff --git a/infra/functions/terraform.tf b/infra/functions/terraform.tf
deleted file mode 100644
index a3531f9a..00000000
--- a/infra/functions/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
\ No newline at end of file
diff --git a/infra/image-repository/outputs.tf b/infra/image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/image-repository/provider.tf b/infra/image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-repository/repository.tf b/infra/image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/image-repository/terraform.tf b/infra/image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-repository/variables.tf b/infra/image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/bucket.tf b/infra/image-storage-bucket/bucket.tf
deleted file mode 100644
index 9cbf9bd6..00000000
--- a/infra/image-storage-bucket/bucket.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  acl = "public-read"
-  bucket_name = var.image_storage_bucket_name
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/image-storage-bucket/iam.tf b/infra/image-storage-bucket/iam.tf
deleted file mode 100644
index b9bfdd42..00000000
--- a/infra/image-storage-bucket/iam.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-resource "aws_iam_user" "image_storage" {
-  name = substr(var.image_storage_user_name, 0, 64)
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
-
-resource "aws_iam_access_key" "image_storage" {
-  user = aws_iam_user.image_storage.name
-  pgp_key = filebase64(var.image_storage_user_public_gpg_key_path)
-}
-
-resource "aws_iam_user_policy" "image_storage" {
-  name = "${var.image_storage_user_name}-policy"
-  user = aws_iam_user.image_storage.name
-
-  policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Action": [
-        "s3:DeleteObject",
-        "s3:GetObject",
-        "s3:GetObjectAcl",
-        "s3:PutObject",
-        "s3:PutObjectAcl"
-      ],
-      "Effect": "Allow",
-      "Resource": [
-        "${module.storage_bucket.bucket_arn}/*"
-      ]
-    }
-  ]
-}
-EOF
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/outputs.tf b/infra/image-storage-bucket/outputs.tf
deleted file mode 100644
index 07e52a0f..00000000
--- a/infra/image-storage-bucket/outputs.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-output "image_storage_bucket_name" {
-  value = module.storage_bucket.bucket_name
-}
-
-output "image_storage_user_access_key_id" {
-  value = aws_iam_access_key.image_storage.id
-}
-
-output "image_storage_user_secret_access_key" {
-  value = aws_iam_access_key.image_storage.encrypted_secret
-}
diff --git a/infra/image-storage-bucket/provider.tf b/infra/image-storage-bucket/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-storage-bucket/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-storage-bucket/terraform.tf b/infra/image-storage-bucket/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-storage-bucket/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-storage-bucket/variables.tf b/infra/image-storage-bucket/variables.tf
deleted file mode 100644
index 84104ad1..00000000
--- a/infra/image-storage-bucket/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "image_storage_bucket_name" {}
-variable "image_storage_user_name" {}
-variable "image_storage_user_public_gpg_key_path" {}
diff --git a/infra/keepers-image-repository/outputs.tf b/infra/keepers-image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/keepers-image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/keepers-image-repository/provider.tf b/infra/keepers-image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-image-repository/repository.tf b/infra/keepers-image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/keepers-image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/keepers-image-repository/terraform.tf b/infra/keepers-image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/keepers-image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/keepers-image-repository/variables.tf b/infra/keepers-image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/keepers-image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/keepers-service/cluster.tf b/infra/keepers-service/cluster.tf
deleted file mode 100644
index b4a8d43f..00000000
--- a/infra/keepers-service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.cluster_state_bucket_name
-    key     = var.cluster_state_key
-    region  = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/container-definitions/service.json.tpl b/infra/keepers-service/container-definitions/service.json.tpl
deleted file mode 100644
index 3ef64daf..00000000
--- a/infra/keepers-service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "API_URL", "value": "${api_url}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/keepers-service/envfiles/service.env.tpl b/infra/keepers-service/envfiles/service.env.tpl
deleted file mode 100644
index 1780456a..00000000
--- a/infra/keepers-service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,5 +0,0 @@
-TOKENS_CONTRACT_ADDRESS="${token_contact_address}"
-BOSON_ROUTER_CONTRACT_ADDRESS="${boson_router_contact_address}"
-VOUCHER_KERNEL_ADDRESS="${voucher_kernel_address}"
-GCLOUD_SECRET="${gcloud_keepers_secret}"
-ALCHEMY_URL="${alchemy_url}"
diff --git a/infra/keepers-service/image_repository.tf b/infra/keepers-service/image_repository.tf
deleted file mode 100644
index bca72e6d..00000000
--- a/infra/keepers-service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.image_repository_state_bucket_name
-    key     = var.image_repository_state_key
-    region  = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/network.tf b/infra/keepers-service/network.tf
deleted file mode 100644
index 4f174709..00000000
--- a/infra/keepers-service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.network_state_bucket_name
-    key     = var.network_state_key
-    region  = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/keepers-service/provider.tf b/infra/keepers-service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-service/roles.tf b/infra/keepers-service/roles.tf
deleted file mode 100644
index f4377d9b..00000000
--- a/infra/keepers-service/roles.tf
+++ /dev/null
@@ -1,35 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type        = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role   = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/keepers-service/secrets.tf b/infra/keepers-service/secrets.tf
deleted file mode 100644
index be94555c..00000000
--- a/infra/keepers-service/secrets.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-locals {
-  env_file_object_key = "keepers-service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket         = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_contact_address        = var.token_contact_address
-    boson_router_contact_address = var.boson_router_contact_address
-    voucher_kernel_address       = var.voucher_kernel_address
-    gcloud_keepers_secret        = var.gcloud_keepers_secret
-    alchemy_url                  = var.alchemy_url
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key     = local.env_file_object_key
-  bucket  = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/keepers-service/service.tf b/infra/keepers-service/service.tf
deleted file mode 100644
index d1d62b2e..00000000
--- a/infra/keepers-service/service.tf
+++ /dev/null
@@ -1,65 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag            = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name        = local.container_name
-    secrets_bucket_name   = var.secrets_bucket_name
-    component             = var.component
-    api_url               = "https://${data.terraform_remote_state.service.outputs.address}"
-    cluster               = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path  = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component             = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name  = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port  = var.container_http_port
-
-  service_desired_count                      = var.service_desired_count
-  service_deployment_maximum_percent         = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id               = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  attach_to_load_balancer = "no"
-}
diff --git a/infra/keepers-service/variables.tf b/infra/keepers-service/variables.tf
deleted file mode 100644
index c7ae4487..00000000
--- a/infra/keepers-service/variables.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-
-variable "token_contact_address" {}
-variable "boson_router_contact_address" {}
-variable "voucher_kernel_address" {}
-variable "alchemy_url" {}
-variable "gcloud_keepers_secret" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}
-
diff --git a/infra/service/certificate.tf b/infra/service/certificate.tf
deleted file mode 100644
index ba85e596..00000000
--- a/infra/service/certificate.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-data "aws_acm_certificate" "wildcard" {
-  domain = "*.${data.terraform_remote_state.domain.outputs.domain_name}"
-  statuses = ["ISSUED"]
-  most_recent = true
-}
diff --git a/infra/service/cluster.tf b/infra/service/cluster.tf
deleted file mode 100644
index 3b04b99c..00000000
--- a/infra/service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket = var.cluster_state_bucket_name
-    key = var.cluster_state_key
-    region = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/container-definitions/service.json.tpl b/infra/service/container-definitions/service.json.tpl
deleted file mode 100644
index 83dc3bf0..00000000
--- a/infra/service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,41 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "portMappings": [
-      {
-        "containerPort": ${container_http_port},
-        "hostPort": ${host_http_port}
-      }
-    ],
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_${host_http_port}_NAME", "value": "${container_name}-http" },
-      { "name": "SERVICE_${host_http_port}_CHECK_HTTP", "value": "/health" },
-      { "name": "SERVICE_${host_http_port}_CHECK_INTERVAL", "value": "30s" },
-      { "name": "SERVICE_${host_http_port}_CHECK_TIMEOUT", "value": "2s" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/service/database.tf b/infra/service/database.tf
deleted file mode 100644
index 3f29539a..00000000
--- a/infra/service/database.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "database" {
-  backend = "s3"
-
-  config = {
-    bucket = var.database_state_bucket_name
-    key = var.database_state_key
-    region = var.database_state_bucket_region
-    encrypt = var.database_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/domain.tf b/infra/service/domain.tf
deleted file mode 100644
index cf9f2536..00000000
--- a/infra/service/domain.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "domain" {
-  backend = "s3"
-
-  config = {
-    bucket = var.domain_state_bucket_name
-    key = var.domain_state_key
-    region = var.domain_state_bucket_region
-    encrypt = var.domain_state_bucket_is_encrypted
-  }
-}
\ No newline at end of file
diff --git a/infra/service/envfiles/service.env.tpl b/infra/service/envfiles/service.env.tpl
deleted file mode 100644
index f34d7e32..00000000
--- a/infra/service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,13 +0,0 @@
-DB_CONNECTION_STRING="${database_connection_string}"
-DB_NAME="${database_name}"
-DB_USERNAME="${database_username}"
-DB_PASSWORD="${database_password}"
-
-TOKEN_SECRET="${token_secret}"
-GCLOUD_SECRET="${gcloud_secret}"
-
-SUPERADMIN_USERNAME="${superadmin_username}"
-SUPERADMIN_PASSWORD="${superadmin_password}"
-
-IMAGE_UPLOAD_STORAGE_ENGINE="${image_upload_storage_engine}"
-IMAGE_UPLOAD_STORAGE_BUCKET_NAME="${image_upload_storage_bucket_name}"
diff --git a/infra/service/image_repository.tf b/infra/service/image_repository.tf
deleted file mode 100644
index 39767a45..00000000
--- a/infra/service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket = var.image_repository_state_bucket_name
-    key = var.image_repository_state_key
-    region = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/load_balancer.tf b/infra/service/load_balancer.tf
deleted file mode 100644
index 577bde0a..00000000
--- a/infra/service/load_balancer.tf
+++ /dev/null
@@ -1,71 +0,0 @@
-module "load_balancer" {
-  source = "infrablocks/application-load-balancer/aws"
-  version = "3.0.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.public_subnet_ids
-
-  expose_to_public_internet = "yes"
-
-  security_groups = {
-    default = {
-      associate = "yes"
-      ingress_rule = {
-        include = "yes"
-        cidrs = ["0.0.0.0/0"]
-      },
-      egress_rule = {
-        include = "yes"
-        from_port = 0
-        to_port = 65535
-        cidrs = [data.aws_vpc.vpc.cidr_block]
-      }
-    }
-  }
-
-  dns = {
-    domain_name = data.terraform_remote_state.domain.outputs.domain_name
-    records = [
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.public_zone_id
-      },
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.private_zone_id
-      }
-    ]
-  }
-
-  target_groups = [
-    {
-      key = "default"
-      port = var.host_http_port
-      protocol = "HTTP"
-      target_type = "instance"
-      health_check = {
-        path = "/health"
-        port = "traffic-port"
-        protocol = "HTTP"
-        interval = 30
-        healthy_threshold = 3
-        unhealthy_threshold = 3
-      }
-    }
-  ]
-
-  listeners = [
-    {
-      key = "default"
-      port = "443"
-      protocol = "HTTPS"
-      certificate_arn = data.aws_acm_certificate.wildcard.arn,
-      default_action = {
-        type = "forward"
-        target_group_key = "default"
-      }
-    }
-  ]
-}
diff --git a/infra/service/network.tf b/infra/service/network.tf
deleted file mode 100644
index 35857c06..00000000
--- a/infra/service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/service/outputs.tf b/infra/service/outputs.tf
deleted file mode 100644
index 8ee465d6..00000000
--- a/infra/service/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "address" {
-  value = module.load_balancer.address
-}
diff --git a/infra/service/provider.tf b/infra/service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/service/roles.tf b/infra/service/roles.tf
deleted file mode 100644
index 28b48ffc..00000000
--- a/infra/service/roles.tf
+++ /dev/null
@@ -1,49 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-
-  statement {
-    actions = [
-      "s3:DeleteObject",
-      "s3:GetObject",
-      "s3:GetObjectAcl",
-      "s3:PutObject",
-      "s3:PutObjectAcl"
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.image_upload_storage_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/service/secrets.tf b/infra/service/secrets.tf
deleted file mode 100644
index 8cd3da12..00000000
--- a/infra/service/secrets.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-locals {
-  env_file_object_key = "service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_secret = var.token_secret
-    gcloud_secret = var.gcloud_secret
-
-    image_upload_storage_engine = var.image_upload_storage_engine
-    image_upload_storage_bucket_name = var.image_upload_storage_bucket_name
-
-    superadmin_username = var.superadmin_username
-    superadmin_password = var.superadmin_password
-
-    database_connection_string = data.terraform_remote_state.database.outputs.connection_string
-    database_username = var.database_username
-    database_password = var.database_password
-    database_name = var.database_name
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key = local.env_file_object_key
-  bucket = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/service/service.tf b/infra/service/service.tf
deleted file mode 100644
index c0717015..00000000
--- a/infra/service/service.tf
+++ /dev/null
@@ -1,59 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name = local.container_name
-    container_http_port = var.container_http_port
-    host_http_port = var.host_http_port
-    secrets_bucket_name = var.secrets_bucket_name
-    component = var.component
-    cluster = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port = var.container_http_port
-
-  service_desired_count = var.service_desired_count
-  service_deployment_maximum_percent = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  target_group_arn = module.load_balancer.target_groups["default"].arn
-
-  depends_on = [
-    module.load_balancer
-  ]
-}
diff --git a/infra/service/terraform.tf b/infra/service/terraform.tf
deleted file mode 100644
index 5947770a..00000000
--- a/infra/service/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/service/variables.tf b/infra/service/variables.tf
deleted file mode 100644
index 5557c8b6..00000000
--- a/infra/service/variables.tf
+++ /dev/null
@@ -1,52 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-variable "host_http_port" {}
-
-variable "token_secret" {}
-variable "gcloud_secret" {}
-
-variable "image_upload_storage_engine" {}
-variable "image_upload_storage_bucket_name" {}
-
-variable "superadmin_username" {}
-variable "superadmin_password" {}
-
-variable "database_username" {}
-variable "database_password" {}
-variable "database_name" {}
-
-variable "domain_state_bucket_name" {}
-variable "domain_state_key" {}
-variable "domain_state_bucket_region" {}
-variable "domain_state_bucket_is_encrypted" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "database_state_bucket_name" {}
-variable "database_state_key" {}
-variable "database_state_bucket_region" {}
-variable "database_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
diff --git a/pipelines/builder/handle-pr-event/task.sh b/pipelines/builder/handle-pr-event/task.sh
deleted file mode 100755
index 6e561a3f..00000000
--- a/pipelines/builder/handle-pr-event/task.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-./go "ci:pipeline:pr:handle[${CI_DEPLOYMENT_TYPE},${CI_DEPLOYMENT_LABEL}]"
diff --git a/pipelines/builder/handle-pr-event/task.yaml b/pipelines/builder/handle-pr-event/task.yaml
deleted file mode 100644
index 405879ee..00000000
--- a/pipelines/builder/handle-pr-event/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/builder/handle-pr-event/task.sh
diff --git a/pipelines/builder/pipeline.yaml b/pipelines/builder/pipeline.yaml
deleted file mode 100644
index 99fca14a..00000000
--- a/pipelines/builder/pipeline.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-resource_types:
-  - name: pull-request
-    type: docker-image
-    source:
-      repository: teliaoss/github-pr-resource
-
-resources:
-  - name: source
-    type: pull-request
-    check_every: 1h
-    webhook_token: ((webhook_token))
-    source:
-      repository: ((source_repository_name))
-      access_token: ((github_access_token))
-      states:
-        - OPEN
-        - MERGED
-        - CLOSED
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-jobs:
-  - name: handle-pr-event
-    plan:
-      - in_parallel:
-        - get: source
-          trigger: true
-          version: every
-        - get: node-builder-image
-      - task: handle-pr-event
-        image: node-builder-image
-        file: source/pipelines/builder/handle-pr-event/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          CI_DEPLOYMENT_TYPE: ((ci_deployment_type))
-          CI_DEPLOYMENT_LABEL: ((ci_deployment_label))
diff --git a/pipelines/demo/pipeline.yaml b/pipelines/demo/pipeline.yaml
deleted file mode 100644
index 8ba5d945..00000000
--- a/pipelines/demo/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/demo/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: demo-mendelevium
-    jobs:
-      - provision-demo-mendelevium-database
-      - provision-demo-mendelevium-image-storage-bucket
-      - provision-demo-mendelevium-service
-      - provision-demo-mendelevium-keepers-service
-      - provision-demo-mendelevium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/demo/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/demo/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/demo/provision-database/task.sh b/pipelines/demo/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/demo/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-database/task.yaml b/pipelines/demo/provision-database/task.yaml
deleted file mode 100644
index a78e5f14..00000000
--- a/pipelines/demo/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-database/task.sh
diff --git a/pipelines/demo/provision-functions/task.sh b/pipelines/demo/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/demo/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-functions/task.yaml b/pipelines/demo/provision-functions/task.yaml
deleted file mode 100644
index 20dbe129..00000000
--- a/pipelines/demo/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-functions/task.sh
diff --git a/pipelines/demo/provision-image-repository/task.sh b/pipelines/demo/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/demo/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-repository/task.yaml b/pipelines/demo/provision-image-repository/task.yaml
deleted file mode 100644
index 5988fa7c..00000000
--- a/pipelines/demo/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-repository/task.sh
diff --git a/pipelines/demo/provision-image-storage-bucket/task.sh b/pipelines/demo/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-storage-bucket/task.yaml b/pipelines/demo/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 94702c62..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-storage-bucket/task.sh
diff --git a/pipelines/demo/provision-keepers-image-repository/task.sh b/pipelines/demo/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-image-repository/task.yaml b/pipelines/demo/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7a04596f..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-image-repository/task.sh
diff --git a/pipelines/demo/provision-keepers-service/task.sh b/pipelines/demo/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/demo/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-service/task.yaml b/pipelines/demo/provision-keepers-service/task.yaml
deleted file mode 100644
index 218c18e0..00000000
--- a/pipelines/demo/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-service/task.sh
diff --git a/pipelines/demo/provision-service/task.sh b/pipelines/demo/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/demo/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-service/task.yaml b/pipelines/demo/provision-service/task.yaml
deleted file mode 100644
index a75db42d..00000000
--- a/pipelines/demo/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-service/task.sh
diff --git a/pipelines/demo/publish-image-keepers/task.sh b/pipelines/demo/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/demo/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image-keepers/task.yaml b/pipelines/demo/publish-image-keepers/task.yaml
deleted file mode 100644
index 6230325e..00000000
--- a/pipelines/demo/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image-keepers/task.sh
diff --git a/pipelines/demo/publish-image/task.sh b/pipelines/demo/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/demo/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image/task.yaml b/pipelines/demo/publish-image/task.yaml
deleted file mode 100644
index 7eb822cc..00000000
--- a/pipelines/demo/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image/task.sh
diff --git a/pipelines/develop/pipeline.yaml b/pipelines/develop/pipeline.yaml
deleted file mode 100644
index be17bdf6..00000000
--- a/pipelines/develop/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/develop/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: development-plutonium
-    jobs:
-      - provision-development-plutonium-database
-      - provision-development-plutonium-image-storage-bucket
-      - provision-development-plutonium-service
-      - provision-development-plutonium-keepers-service
-      - provision-development-plutonium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/develop/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/develop/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/develop/provision-database/task.sh b/pipelines/develop/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/develop/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-database/task.yaml b/pipelines/develop/provision-database/task.yaml
deleted file mode 100644
index f814aa1c..00000000
--- a/pipelines/develop/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-database/task.sh
diff --git a/pipelines/develop/provision-functions/task.sh b/pipelines/develop/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/develop/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-functions/task.yaml b/pipelines/develop/provision-functions/task.yaml
deleted file mode 100644
index ee2f7fbe..00000000
--- a/pipelines/develop/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-functions/task.sh
diff --git a/pipelines/develop/provision-image-repository/task.sh b/pipelines/develop/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/develop/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-repository/task.yaml b/pipelines/develop/provision-image-repository/task.yaml
deleted file mode 100644
index c372b33b..00000000
--- a/pipelines/develop/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-repository/task.sh
diff --git a/pipelines/develop/provision-image-storage-bucket/task.sh b/pipelines/develop/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-storage-bucket/task.yaml b/pipelines/develop/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 57a7feea..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-storage-bucket/task.sh
diff --git a/pipelines/develop/provision-keepers-image-repository/task.sh b/pipelines/develop/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-image-repository/task.yaml b/pipelines/develop/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7f9321c3..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-image-repository/task.sh
diff --git a/pipelines/develop/provision-keepers-service/task.sh b/pipelines/develop/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/develop/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-service/task.yaml b/pipelines/develop/provision-keepers-service/task.yaml
deleted file mode 100644
index aabda087..00000000
--- a/pipelines/develop/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-service/task.sh
diff --git a/pipelines/develop/provision-service/task.sh b/pipelines/develop/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/develop/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-service/task.yaml b/pipelines/develop/provision-service/task.yaml
deleted file mode 100644
index b7524e43..00000000
--- a/pipelines/develop/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-service/task.sh
diff --git a/pipelines/develop/publish-image-keepers/task.sh b/pipelines/develop/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/develop/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image-keepers/task.yaml b/pipelines/develop/publish-image-keepers/task.yaml
deleted file mode 100644
index 10737029..00000000
--- a/pipelines/develop/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image-keepers/task.sh
diff --git a/pipelines/develop/publish-image/task.sh b/pipelines/develop/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/develop/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image/task.yaml b/pipelines/develop/publish-image/task.yaml
deleted file mode 100644
index 4b7d876d..00000000
--- a/pipelines/develop/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image/task.sh
diff --git a/pipelines/pr/pipeline.yaml b/pipelines/pr/pipeline.yaml
deleted file mode 100644
index e8ebe46f..00000000
--- a/pipelines/pr/pipeline.yaml
+++ /dev/null
@@ -1,172 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: github-status
-    type: docker-image
-    source:
-      repository: resource/github-status
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: status
-    type: github-status
-    source:
-      repo: ((source_repository_name))
-      access_token: ((github_access_token))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - put: status
-        params:
-          path: source
-          state: pending
-          context: "CI Pipeline"
-          description: "Running build..."
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success:
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/test/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success:
-      do:
-        - put: status
-          params:
-            path: source
-            state: success
-            context: "CI Pipeline"
-            description: "Pipeline succeeded."
-        - put: notify-success
-          params:
-            text: ((slack_success_message))
-            channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
diff --git a/pipelines/shared/build/task.sh b/pipelines/shared/build/task.sh
deleted file mode 100755
index 31589dde..00000000
--- a/pipelines/shared/build/task.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-./go build
diff --git a/pipelines/shared/build/task.yaml b/pipelines/shared/build/task.yaml
deleted file mode 100644
index fc3f0096..00000000
--- a/pipelines/shared/build/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/build/task.sh
diff --git a/pipelines/shared/coverage/task.sh b/pipelines/shared/coverage/task.sh
deleted file mode 100755
index 530bfde6..00000000
--- a/pipelines/shared/coverage/task.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export INCLUDE_COVERAGE="true"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
-./go "tests:app:coverage:badge"
-
-git config --global user.email "ci@redeemeum.com"
-git config --global user.name "Redeemeum CI"
-git add .
-git diff --staged --quiet || git commit -m "Update coverage badge [ci skip]"
diff --git a/pipelines/shared/coverage/task.yaml b/pipelines/shared/coverage/task.yaml
deleted file mode 100644
index 984bfab8..00000000
--- a/pipelines/shared/coverage/task.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-outputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/coverage/task.sh
diff --git a/pipelines/shared/test/task.sh b/pipelines/shared/test/task.sh
deleted file mode 100755
index 730af29f..00000000
--- a/pipelines/shared/test/task.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
diff --git a/pipelines/shared/test/task.yaml b/pipelines/shared/test/task.yaml
deleted file mode 100644
index 10068508..00000000
--- a/pipelines/shared/test/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/test/task.sh
diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml
deleted file mode 100644
index abd31d0c..00000000
--- a/pipelines/tag/pipeline.yaml
+++ /dev/null
@@ -1,366 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: git-tag
-    type: docker-image
-    source:
-      repository: sarquella/concourse-git-tag-resource
-
-resources:
-  - name: source
-    type: git-tag
-    source:
-      uri: ((source_repository_url))
-      tag_filter: v*
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/tag/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: production-oganesson
-    jobs:
-      - provision-production-oganesson-database
-      - provision-production-oganesson-image-storage-bucket
-      - provision-production-oganesson-service
-      - provision-production-oganesson-keepers-service
-      - provision-production-oganesson-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/tag/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/tag/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/tag/provision-database/task.sh b/pipelines/tag/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/tag/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-database/task.yaml b/pipelines/tag/provision-database/task.yaml
deleted file mode 100644
index df7970a2..00000000
--- a/pipelines/tag/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-database/task.sh
diff --git a/pipelines/tag/provision-functions/task.sh b/pipelines/tag/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/tag/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-functions/task.yaml b/pipelines/tag/provision-functions/task.yaml
deleted file mode 100644
index c270a36e..00000000
--- a/pipelines/tag/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-functions/task.sh
diff --git a/pipelines/tag/provision-image-repository/task.sh b/pipelines/tag/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/tag/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-repository/task.yaml b/pipelines/tag/provision-image-repository/task.yaml
deleted file mode 100644
index a17a4f2d..00000000
--- a/pipelines/tag/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-repository/task.sh
diff --git a/pipelines/tag/provision-image-storage-bucket/task.sh b/pipelines/tag/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-storage-bucket/task.yaml b/pipelines/tag/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 479a1c64..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-storage-bucket/task.sh
diff --git a/pipelines/tag/provision-keepers-image-repository/task.sh b/pipelines/tag/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-image-repository/task.yaml b/pipelines/tag/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 24720810..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-image-repository/task.sh
diff --git a/pipelines/tag/provision-keepers-service/task.sh b/pipelines/tag/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/tag/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-service/task.yaml b/pipelines/tag/provision-keepers-service/task.yaml
deleted file mode 100644
index 9778ebe9..00000000
--- a/pipelines/tag/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-service/task.sh
diff --git a/pipelines/tag/provision-service/task.sh b/pipelines/tag/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/tag/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-service/task.yaml b/pipelines/tag/provision-service/task.yaml
deleted file mode 100644
index e3af9674..00000000
--- a/pipelines/tag/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-service/task.sh
diff --git a/pipelines/tag/publish-image-keepers/task.sh b/pipelines/tag/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/tag/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image-keepers/task.yaml b/pipelines/tag/publish-image-keepers/task.yaml
deleted file mode 100644
index 59ed9854..00000000
--- a/pipelines/tag/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image-keepers/task.sh
diff --git a/pipelines/tag/publish-image/task.sh b/pipelines/tag/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/tag/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image/task.yaml b/pipelines/tag/publish-image/task.yaml
deleted file mode 100644
index b94cc567..00000000
--- a/pipelines/tag/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image/task.sh
diff --git a/state/bootstrap/bsn-demo-mendelevium.tfstate b/state/bootstrap/bsn-demo-mendelevium.tfstate
deleted file mode 100644
index c7b9b374..00000000
--- a/state/bootstrap/bsn-demo-mendelevium.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 3,
-  "lineage": "71d2f718-2aae-99a5-8641-9eff0d019205",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-demo-mendelevium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1623963485930141000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1623963485930141000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "589805729",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "325e4d711bf55ce8ba435ac8b7c4502bad8c1f3d7d4d4b88da1138e9fc9912f6",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b5645c4979a618ef68cf22030eafa93bd5469eea88c590f0232c68f348530d1d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "697d2a6ce17cbfb9c24186cebf53e57ec62026cf317cdeda47a76f410d53d1cf",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-development-plutonium.tfstate b/state/bootstrap/bsn-development-plutonium.tfstate
deleted file mode 100644
index 3bdc7207..00000000
--- a/state/bootstrap/bsn-development-plutonium.tfstate
+++ /dev/null
@@ -1,201 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.11",
-  "serial": 3,
-  "lineage": "3249ecf7-dd9f-920f-3dad-76cf395aff6b",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-development-plutonium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1620303543574032000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1620303543574032000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8cb9e9fa0d3584552ab1b25b8ef81ee01f0a665f8321c1a92757a54f5500a80d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "c7b2f9fc56462a4778d0391e67bbeed96326f542bc78c08defd206a69591cc4c",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "524d2f95c4af6949803de8b52ad6bdc18ad07ecc0d96f3807feb3cc0805aa94a",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium",
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-production-oganesson.tfstate b/state/bootstrap/bsn-production-oganesson.tfstate
deleted file mode 100644
index 88f23da2..00000000
--- a/state/bootstrap/bsn-production-oganesson.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 20,
-  "lineage": "39ebb09a-624a-613f-e210-afa6a2d7b055",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-production-oganesson",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "371854298993",
-            "arn": "arn:aws:sts::371854298993:assumed-role/cross-account-admin-role/1626182315391485000",
-            "id": "371854298993",
-            "user_id": "AROAVNFB6J5YYTJHEDVMW:1626182315391485000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8dbf8c224a07e1e86314a9d4ff9da447c0475cbb5d4541c5da5da854d13fcc90",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "660376941",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "d54313351417b65af622cd30548bcf485c6c998dbcc7a4e27cb38eda722d0b99",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "64b5682ec316d73f6bb9101337ea88e510bf74a9683abfa0d3f5fefa1280957f",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "30977d174b013d8ca1f155126b4bae742b0e29a0290da7846517759f2bb8a38c",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson",
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "bucket_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate b/state/bootstrap/rdm-management-default.tfstate
deleted file mode 100644
index 840a06de..00000000
--- a/state/bootstrap/rdm-management-default.tfstate
+++ /dev/null
@@ -1,195 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 5,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "031036423983",
-            "arn": "arn:aws:sts::031036423983:assumed-role/cross-account-admin-role/1619028282270591000",
-            "id": "031036423983",
-            "user_id": "AROAQOOPKH4XR52AY76HB:1619028282270591000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "0cf2a8e56151f1b60471b1e015ebe47bfa2c3c7db2de6914db77220528529cd9",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"031036423983\",\"384010198059\",\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "3142c89cf1a1d0bbdf3dd04dc9a10667b21611e36bceb1a38ba7e5ecf412e679",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate.backup b/state/bootstrap/rdm-management-default.tfstate.backup
deleted file mode 100644
index ce8e042a..00000000
--- a/state/bootstrap/rdm-management-default.tfstate.backup
+++ /dev/null
@@ -1,156 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 3,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b4957ff366d63181aee465dc916bc11afc77113830421a77121edf0b10c4c5e8",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment}\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/terraform/database/.terraform.lock.hcl b/terraform/database/.terraform.lock.hcl
new file mode 100644
index 00000000..f35e5a0e
--- /dev/null
+++ b/terraform/database/.terraform.lock.hcl
@@ -0,0 +1,58 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.29"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "~> 2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
+
+provider "registry.terraform.io/mongodb/mongodbatlas" {
+  version     = "0.8.2"
+  constraints = "~> 0.8, 0.8.2"
+  hashes = [
+    "h1:ry6CGqesidcJXaWDeLtqjVMxOZ5bqqLOvOtQhLDriSs=",
+    "zh:17705b49166fc296aef7300534a5c964ea8d4f6cb6616bcb8e7d3186cd1cae50",
+    "zh:39b8fdcf3262f7b2faffa41b0aed2ffdcf5ed47b985429c7bb764945f9873637",
+    "zh:3d4dbbb6be68dfea4f84172d0db9fc52dbda6025ed424ea249fb1317968b28ac",
+    "zh:525ae17dc4c2607c4ee596450fba58f5101635b05a93de2cdcb2e550b6c46abc",
+    "zh:71759a108c1499b9538ae4d54faaf66077adce90b031fc1051f484118418e6c7",
+    "zh:7a42549360c6cfb4a4f8986c9e59f8533750de964f31d4bea09e758da460b994",
+    "zh:8869872ea9bedb5a2b46637d62aaed8c886dce4579133a6f84043f540aa927cd",
+    "zh:aa3b2f8c64c9a28e96e1d23c0b21092fa0c21fbbe6d56b7f92a7d40e7d4696b7",
+    "zh:e7c85f9baeb2fb234721b2b4fba4a9620af7a5bc138f2d6c9682178b6b24ba72",
+    "zh:fa0c84bfea33a7726ed29574e58a9666cf8a9e5882b9aabd0f1899965a0c4b18",
+    "zh:fd9b995f95e58391d592cfce078f98b5657dd58452f5d049ebd1be562314ed36",
+  ]
+}
diff --git a/infra/database/cluster.tf b/terraform/database/cluster.tf
similarity index 67%
rename from infra/database/cluster.tf
rename to terraform/database/cluster.tf
index 9c2aec99..e73f9f67 100644
--- a/infra/database/cluster.tf
+++ b/terraform/database/cluster.tf
@@ -10,16 +10,16 @@ module "cluster" {
   mongo_db_major_version = var.database_version
 
   cloud_provider = {
-    name = "AWS"
-    region_name = replace(upper(var.region), "-", "_")
+    name               = "AWS"
+    region_name        = replace(upper(var.region), "-", "_")
     instance_size_name = var.database_instance_size_name
-    disk_iops = null
-    volume_type = null
-    backup_enabled = true
+    disk_iops          = null
+    volume_type        = null
+    backup_enabled     = true
     auto_scaling = {
       compute = {
-        min_instance_size: null
-        max_instance_size: null
+        min_instance_size : null
+        max_instance_size : null
       }
     }
   }
@@ -30,8 +30,8 @@ module "cluster" {
       password = var.database_service_user_password
       roles = [
         {
-          role_name = "readWriteAnyDatabase"
-          database_name = "admin"
+          role_name       = "readWriteAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
@@ -42,8 +42,8 @@ module "cluster" {
       password = var.database_read_only_user_password
       roles = [
         {
-          role_name = "readAnyDatabase"
-          database_name = "admin"
+          role_name       = "readAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
diff --git a/infra/database/endpoint.tf b/terraform/database/endpoint.tf
similarity index 68%
rename from infra/database/endpoint.tf
rename to terraform/database/endpoint.tf
index ed2bec9a..734111d5 100644
--- a/infra/database/endpoint.tf
+++ b/terraform/database/endpoint.tf
@@ -6,8 +6,8 @@ module "aws-private-endpoint" {
   deployment_identifier = var.deployment_identifier
 
   region     = var.region
-  vpc_id     = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.private_subnet_ids
+  vpc_id     = var.vpc_id
+  subnet_ids = var.private_subnet_ids
 
   project_id = module.project.project_id
 
diff --git a/infra/database/outputs.tf b/terraform/database/outputs.tf
similarity index 100%
rename from infra/database/outputs.tf
rename to terraform/database/outputs.tf
diff --git a/infra/database/project.tf b/terraform/database/project.tf
similarity index 83%
rename from infra/database/project.tf
rename to terraform/database/project.tf
index f51a78d5..c98a3405 100644
--- a/infra/database/project.tf
+++ b/terraform/database/project.tf
@@ -2,7 +2,7 @@ module "project" {
   source  = "infrablocks/project/mongodbatlas"
   version = "1.0.0"
 
-  component = var.component
+  component             = var.component
   deployment_identifier = var.deployment_identifier
 
   organization_id = var.mongodb_atlas_organization_id
diff --git a/infra/database/providers.tf b/terraform/database/providers.tf
similarity index 72%
rename from infra/database/providers.tf
rename to terraform/database/providers.tf
index 19d0a693..e2270d16 100644
--- a/infra/database/providers.tf
+++ b/terraform/database/providers.tf
@@ -3,6 +3,6 @@ provider "aws" {
 }
 
 provider "mongodbatlas" {
-  public_key = var.mongodb_atlas_public_key
+  public_key  = var.mongodb_atlas_public_key
   private_key = var.mongodb_atlas_private_key
 }
diff --git a/infra/database/terraform.tf b/terraform/database/terraform.tf
similarity index 84%
rename from infra/database/terraform.tf
rename to terraform/database/terraform.tf
index 8907a147..e239d3a8 100644
--- a/infra/database/terraform.tf
+++ b/terraform/database/terraform.tf
@@ -3,10 +3,10 @@ terraform {
 
   required_providers {
     mongodbatlas = {
-      source = "mongodb/mongodbatlas"
+      source  = "mongodb/mongodbatlas"
       version = "0.8.2"
     }
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.29"
     }
diff --git a/infra/database/variables.tf b/terraform/database/variables.tf
similarity index 76%
rename from infra/database/variables.tf
rename to terraform/database/variables.tf
index 21901ef1..169b17f8 100644
--- a/infra/database/variables.tf
+++ b/terraform/database/variables.tf
@@ -17,7 +17,7 @@ variable "mongodb_atlas_organization_id" {}
 variable "mongodb_atlas_public_key" {}
 variable "mongodb_atlas_private_key" {}
 
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
+variable "vpc_id" {}
+variable "private_subnet_ids" {
+  type = list(string)
+}
\ No newline at end of file
diff --git a/terraform/functions/.terraform.lock.hcl b/terraform/functions/.terraform.lock.hcl
new file mode 100644
index 00000000..63a0aaf0
--- /dev/null
+++ b/terraform/functions/.terraform.lock.hcl
@@ -0,0 +1,75 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/archive" {
+  version = "2.2.0"
+  hashes = [
+    "h1:CIWi5G6ob7p2wWoThRQbOB8AbmFlCzp7Ka81hR3cVp0=",
+    "zh:06bd875932288f235c16e2237142b493c2c2b6aba0e82e8c85068332a8d2a29e",
+    "zh:0c681b481372afcaefddacc7ccdf1d3bb3a0c0d4678a526bc8b02d0c331479bc",
+    "zh:100fc5b3fc01ea463533d7bbfb01cb7113947a969a4ec12e27f5b2be49884d6c",
+    "zh:55c0d7ddddbd0a46d57c51fcfa9b91f14eed081a45101dbfc7fd9d2278aa1403",
+    "zh:73a5dd68379119167934c48afa1101b09abad2deb436cd5c446733e705869d6b",
+    "zh:841fc4ac6dc3479981330974d44ad2341deada8a5ff9e3b1b4510702dfbdbed9",
+    "zh:91be62c9b41edb137f7f835491183628d484e9d6efa82fcb75cfa538c92791c5",
+    "zh:acd5f442bd88d67eb948b18dc2ed421c6c3faee62d3a12200e442bfff0aa7d8b",
+    "zh:ad5720da5524641ad718a565694821be5f61f68f1c3c5d2cfa24426b8e774bef",
+    "zh:e63f12ea938520b3f83634fc29da28d92eed5cfbc5cc8ca08281a6a9c36cca65",
+    "zh:f6542918faa115df46474a36aabb4c3899650bea036b5f8a5e296be6f8f25767",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.16, ~> 3.33"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version = "3.1.0"
+  hashes = [
+    "h1:vpC6bgUQoJ0znqIKVFevOdq+YQw42bRq0u+H3nto8nA=",
+    "zh:02a1675fd8de126a00460942aaae242e65ca3380b5bb192e8773ef3da9073fd2",
+    "zh:53e30545ff8926a8e30ad30648991ca8b93b6fa496272cd23b26763c8ee84515",
+    "zh:5f9200bf708913621d0f6514179d89700e9aa3097c77dac730e8ba6e5901d521",
+    "zh:9ebf4d9704faba06b3ec7242c773c0fbfe12d62db7d00356d4f55385fc69bfb2",
+    "zh:a6576c81adc70326e4e1c999c04ad9ca37113a6e925aefab4765e5a5198efa7e",
+    "zh:a8a42d13346347aff6c63a37cda9b2c6aa5cc384a55b2fe6d6adfa390e609c53",
+    "zh:c797744d08a5307d50210e0454f91ca4d1c7621c68740441cf4579390452321d",
+    "zh:cecb6a304046df34c11229f20a80b24b1603960b794d68361a67c5efe58e62b8",
+    "zh:e1371aa1e502000d9974cfaff5be4cfa02f47b17400005a16f14d2ef30dc2a70",
+    "zh:fc39cc1fe71234a0b0369d5c5c7f876c71b956d23d7d6f518289737a001ba69b",
+    "zh:fea4227271ebf7d9e2b61b89ce2328c7262acd9fd190e1fd6d15a591abfa848e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
diff --git a/infra/functions/lambda.tf b/terraform/functions/lambda.tf
similarity index 90%
rename from infra/functions/lambda.tf
rename to terraform/functions/lambda.tf
index f38e8b85..76b6a410 100644
--- a/infra/functions/lambda.tf
+++ b/terraform/functions/lambda.tf
@@ -1,14 +1,4 @@
 data "aws_caller_identity" "caller" {}
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
 
 resource "aws_secretsmanager_secret" "keepers_secretsmanager_secret" {
   name = "keepersServiceSMSecrets-${var.deployment_identifier}"
@@ -24,7 +14,7 @@ resource "aws_secretsmanager_secret_version" "keepers_secretsmanager_secret_vers
     etherscanapikey      = var.etherscan_apikey
     infuraapikey         = var.infura_apikey
     voucherkerneladdress = var.voucher_kernel_address
-    apiurl               = "https://${data.terraform_remote_state.service.outputs.address}"
+    apiurl               = var.api_url
   }))
 }
 
@@ -86,16 +76,16 @@ data "aws_iam_policy_document" "execution_policy" {
 }
 
 module "expirations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerExpirations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerExpirations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerExpirations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -138,16 +128,16 @@ resource "aws_lambda_permission" "expirations_lambda_permission" {
 }
 
 module "finalizations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerFinalizations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerFinalizations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerFinalizations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -190,16 +180,16 @@ resource "aws_lambda_permission" "finalizations_lambda_permission" {
 }
 
 module "withdrawals_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerWithdrawals.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 256
diff --git a/terraform/functions/modules/lambda/iam.tf b/terraform/functions/modules/lambda/iam.tf
new file mode 100644
index 00000000..d6fef4ab
--- /dev/null
+++ b/terraform/functions/modules/lambda/iam.tf
@@ -0,0 +1,57 @@
+data "aws_caller_identity" "current" {
+}
+
+resource "aws_iam_role" "lambda_execution_role" {
+  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Action : "sts:AssumeRole",
+          Principal : {
+            "Service" : "lambda.amazonaws.com"
+          },
+          Effect : "Allow"
+        }
+      ]
+  })
+  tags = local.tags
+}
+
+resource "aws_iam_role_policy" "lambda_execution_policy" {
+  role = aws_iam_role.lambda_execution_role.id
+  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Effect : "Allow",
+          Action : [
+            "ec2:CreateNetworkInterface",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DescribeSecurityGroups",
+            "ec2:AssignPrivateIpAddresses",
+            "ec2:UnassignPrivateIpAddresses",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs"
+          ],
+          Resource : [
+            "*"
+          ]
+        },
+        {
+          Effect : "Allow",
+          Action : [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          Resource : [
+            "arn:aws:logs:${var.region}:${var.account_id}:*"
+          ]
+        }
+      ]
+  })
+}
+
diff --git a/infra/functions/modules/lambda/lambda.tf b/terraform/functions/modules/lambda/lambda.tf
similarity index 100%
rename from infra/functions/modules/lambda/lambda.tf
rename to terraform/functions/modules/lambda/lambda.tf
diff --git a/infra/functions/modules/lambda/locals.tf b/terraform/functions/modules/lambda/locals.tf
similarity index 74%
rename from infra/functions/modules/lambda/locals.tf
rename to terraform/functions/modules/lambda/locals.tf
index 4c1a0f09..96c053ea 100644
--- a/infra/functions/modules/lambda/locals.tf
+++ b/terraform/functions/modules/lambda/locals.tf
@@ -1,6 +1,6 @@
 locals {
   base_tags = {
-    "Component" = var.component,
+    "Component"            = var.component,
     "DeploymentIdentifier" = var.deployment_identifier
   }
 
diff --git a/infra/functions/modules/lambda/outputs.tf b/terraform/functions/modules/lambda/outputs.tf
similarity index 95%
rename from infra/functions/modules/lambda/outputs.tf
rename to terraform/functions/modules/lambda/outputs.tf
index 18f2d6fd..cdcdeb66 100644
--- a/infra/functions/modules/lambda/outputs.tf
+++ b/terraform/functions/modules/lambda/outputs.tf
@@ -41,5 +41,5 @@ output "iam_role_name" {
   value = aws_iam_role.lambda_execution_role.name
 }
 output "iam_role_policy_name" {
-  value =  aws_iam_role_policy.lambda_execution_policy.name
+  value = aws_iam_role_policy.lambda_execution_policy.name
 }
diff --git a/terraform/functions/modules/lambda/security_group.tf b/terraform/functions/modules/lambda/security_group.tf
new file mode 100644
index 00000000..c9bb2855
--- /dev/null
+++ b/terraform/functions/modules/lambda/security_group.tf
@@ -0,0 +1,20 @@
+resource "aws_security_group" "sg_lambda" {
+  description = "${var.deployment_identifier}-lambda"
+  vpc_id      = var.vpc_id
+  tags        = local.tags
+  count       = var.deploy_in_vpc == "yes" ? 1 : 0
+
+  ingress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_ingress_cidr_blocks
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_egress_cidr_blocks
+  }
+}
diff --git a/infra/functions/modules/lambda/terraform.tf b/terraform/functions/modules/lambda/terraform.tf
similarity index 88%
rename from infra/functions/modules/lambda/terraform.tf
rename to terraform/functions/modules/lambda/terraform.tf
index a7ab87fb..c7b0c196 100644
--- a/infra/functions/modules/lambda/terraform.tf
+++ b/terraform/functions/modules/lambda/terraform.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.14"
 
   required_providers {
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.33"
     }
diff --git a/infra/functions/modules/lambda/variables.tf b/terraform/functions/modules/lambda/variables.tf
similarity index 100%
rename from infra/functions/modules/lambda/variables.tf
rename to terraform/functions/modules/lambda/variables.tf
diff --git a/infra/functions/outputs.tf b/terraform/functions/outputs.tf
similarity index 100%
rename from infra/functions/outputs.tf
rename to terraform/functions/outputs.tf
diff --git a/infra/functions/provider.tf b/terraform/functions/provider.tf
similarity index 100%
rename from infra/functions/provider.tf
rename to terraform/functions/provider.tf
diff --git a/infra/keepers-service/terraform.tf b/terraform/functions/terraform.tf
similarity index 100%
rename from infra/keepers-service/terraform.tf
rename to terraform/functions/terraform.tf
diff --git a/infra/functions/variables.tf b/terraform/functions/variables.tf
similarity index 62%
rename from infra/functions/variables.tf
rename to terraform/functions/variables.tf
index 2a4bbcfb..6d03dec0 100644
--- a/infra/functions/variables.tf
+++ b/terraform/functions/variables.tf
@@ -2,14 +2,10 @@ variable "region" {}
 variable "component" {}
 variable "deployment_identifier" {}
 
+variable "api_url" {}
 variable "gcloud_keepers_secret" {}
 variable "cashier_address" {}
 variable "executor_secret" {}
 variable "etherscan_apikey" {}
 variable "infura_apikey" {}
 variable "voucher_kernel_address" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}

From 04681a1bad4c51e0309f1464f52696418d9cae9e Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 23:00:26 +0000
Subject: [PATCH 09/18] [ADD] Helm chart

---
 .github/workflows/main.yaml        | 20 +++++--
 helm/.helmignore                   | 23 ++++++++
 helm/Chart.yaml                    |  6 ++
 helm/templates/_helpers.tpl        | 71 ++++++++++++++++++++++
 helm/templates/deployment.yaml     | 95 ++++++++++++++++++++++++++++++
 helm/templates/hpa.yaml            | 58 ++++++++++++++++++
 helm/templates/ingress.yaml        | 42 +++++++++++++
 helm/templates/service.yaml        | 15 +++++
 helm/templates/serviceaccount.yaml | 25 ++++++++
 helm/values.yaml                   | 84 ++++++++++++++++++++++++++
 10 files changed, 435 insertions(+), 4 deletions(-)
 create mode 100644 helm/.helmignore
 create mode 100644 helm/Chart.yaml
 create mode 100644 helm/templates/_helpers.tpl
 create mode 100644 helm/templates/deployment.yaml
 create mode 100644 helm/templates/hpa.yaml
 create mode 100644 helm/templates/ingress.yaml
 create mode 100644 helm/templates/service.yaml
 create mode 100644 helm/templates/serviceaccount.yaml
 create mode 100644 helm/values.yaml

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 128ed465..3520b2a3 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -2,8 +2,8 @@ name: Build and Deploy leptonite.io
 
 on:
   push:
-    branches:
-      - radu/migration
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
@@ -50,10 +50,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/reference-backend:$TAG .
+          docker push $REGISTRY /bsn/reference-backend:$TAG
 
   keepers:
     name: Keepers related tasks
@@ -81,10 +85,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/keepers:$TAG .
+          docker push $REGISTRY /bsn/keepers:$TAG
 
   triggers:
     name: Triggers related tasks
@@ -123,3 +131,7 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: terraform plan -no-color
+      - name: Terraform Apply
+        if: ${{ github.event_name == 'push' }}
+        id: apply
+        run: terraform apply -auto-approve
diff --git a/helm/.helmignore b/helm/.helmignore
new file mode 100644
index 00000000..0e8a0eb3
--- /dev/null
+++ b/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
new file mode 100644
index 00000000..83a6a103
--- /dev/null
+++ b/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: reference-backend
+description: A Helm chart for deploying the Leptonite.io backend on Kubernetes
+type: application
+version: 0.1.0
+appVersion: "1.16.0"
diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl
new file mode 100644
index 00000000..733ad228
--- /dev/null
+++ b/helm/templates/_helpers.tpl
@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "reference-backend.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "reference-backend.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "reference-backend.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels for backend
+*/}}
+{{- define "reference-backend.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for backend
+*/}}
+{{- define "reference-backend.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels for keepers
+*/}}
+{{- define "reference-backend-keepers.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend-keepers.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for keepers
+*/}}
+{{- define "reference-backend-keepers.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}-keepers
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml
new file mode 100644
index 00000000..54ae2fc4
--- /dev/null
+++ b/helm/templates/deployment.yaml
@@ -0,0 +1,95 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.backend.autoscaling.enabled }}
+  replicas: {{ .Values.backend.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.backend.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: http
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.backend.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.backend.envFilePath }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.keepers.autoscaling.enabled }}
+  replicas: {{ .Values.keepers.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend-keepers.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend-keepers.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.keepers.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}-keepers
+          image: "{{ .Values.keepers.image.repository }}:{{ .Values.keepers.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.keepers.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.keepers.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.keepers.envFilePath }}
+            - name: API_URL
+              value: {{ .Values.keepers.apiUrl }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml
new file mode 100644
index 00000000..fa9c224b
--- /dev/null
+++ b/helm/templates/hpa.yaml
@@ -0,0 +1,58 @@
+{{- if .Values.backend.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}
+  minReplicas: {{ .Values.backend.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+{{- if .Values.keepers.autoscaling.enabled }}
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+  {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}-keepers
+  minReplicas: {{ .Values.keepers.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.keepers.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+
diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml
new file mode 100644
index 00000000..0ebb163e
--- /dev/null
+++ b/helm/templates/ingress.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "reference-backend.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.ingress.tls.enabled }}
+  tls:
+    {{- range .Values.ingress.hosts }}
+    - hosts:
+      - {{ .host | quote }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+    {{- end }}
+{{- end }}
diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml
new file mode 100644
index 00000000..1d90f181
--- /dev/null
+++ b/helm/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "reference-backend.selectorLabels" . | nindent 4 }}
diff --git a/helm/templates/serviceaccount.yaml b/helm/templates/serviceaccount.yaml
new file mode 100644
index 00000000..44983c16
--- /dev/null
+++ b/helm/templates/serviceaccount.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.backend.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.backend.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.backend.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- if .Values.keepers.serviceAccount.create }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.keepers.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+  {{- with .Values.keepers.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/helm/values.yaml b/helm/values.yaml
new file mode 100644
index 00000000..4a808435
--- /dev/null
+++ b/helm/values.yaml
@@ -0,0 +1,84 @@
+# Default values for portal-backend.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+backend:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/reference-backend
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: { }
+    name: "backend"
+keepers:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/keepers
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  apiUrl: dummy
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: {}
+    name: "keepers"
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+service:
+  type: NodePort
+  port: 3000
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    alb.ingress.kubernetes.io/backend-protocol: HTTP
+    alb.ingress.kubernetes.io/healthcheck-path: /health
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/load-balancer-attributes: routing.http2.enabled=true,idle_timeout.timeout_seconds=120
+  hosts:
+    - host: chart-example.local
+  tls:
+    enabled: true
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local

From 72e66101092977a9c4ccab8d38311191b2cf1617 Mon Sep 17 00:00:00 2001
From: Mohammed Abubakar <mohammed.abubakar@altostack.io>
Date: Wed, 14 Jul 2021 08:27:21 +0100
Subject: [PATCH 10/18] patch source

---
 pipelines/tag/pipeline.yaml | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml
index 6a7ade41..abd31d0c 100644
--- a/pipelines/tag/pipeline.yaml
+++ b/pipelines/tag/pipeline.yaml
@@ -18,13 +18,6 @@ resources:
       tag_filter: v*
       private_key: ((git_ssh_key))
 
-  - name: updated-source
-    type: git-tag
-    source:
-      uri: ((source_repository_url))
-      tag_filter: v*
-      private_key: ((git_ssh_key))
-
   - name: app-image
     type: docker-image
     source:
@@ -126,7 +119,6 @@ jobs:
             trigger: true
             passed:
               - build
-          - get: updated-source
           - get: node-builder-image
       - task: test
         image: node-builder-image
@@ -136,9 +128,6 @@ jobs:
           PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
           DEPLOYMENT_TYPE: ((ci_deployment_type))
           DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
 
     on_success: *on_success
     on_failure: *on_failure

From fa4646f5ec8508cedda5c468d5b61f194f1676b1 Mon Sep 17 00:00:00 2001
From: HristiyanG <hristiyan@limechain.tech>
Date: Mon, 19 Jul 2021 15:59:42 +0300
Subject: [PATCH 11/18] delete github workflows

---
 .github/workflows/deploy-develop.yaml | 35 ---------------------------
 .github/workflows/deploy-master.yaml  | 35 ---------------------------
 2 files changed, 70 deletions(-)
 delete mode 100644 .github/workflows/deploy-develop.yaml
 delete mode 100644 .github/workflows/deploy-master.yaml

diff --git a/.github/workflows/deploy-develop.yaml b/.github/workflows/deploy-develop.yaml
deleted file mode 100644
index 93ca18af..00000000
--- a/.github/workflows/deploy-develop.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Develop Branch Backend Build and Deploy to GAE
-on:
-  push:
-    branches:
-      - develop
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [10.x]
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: build backend
-        run: |
-          npm install
-      - uses: actions-hub/gcloud@master
-        name: copy environment variables
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-          CLI: gsutil
-        with:
-          args: cp gs://boson-variables-dev/.env .
-      - uses: actions-hub/gcloud@master
-        name: deploy service
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-        with:
-          args: app deploy
diff --git a/.github/workflows/deploy-master.yaml b/.github/workflows/deploy-master.yaml
deleted file mode 100644
index cdda7603..00000000
--- a/.github/workflows/deploy-master.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Develop Branch Backend Build and Deploy to GCE
-on:
-  push:
-    branches:
-      - master
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [10.x]
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: build backend
-        run: |
-          npm install
-      - uses: actions-hub/gcloud@master
-        name: copy environment variables
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_PROD}}
-          CLI: gsutil
-        with:
-          args: cp gs://boson-variables-test/.env .
-      - uses: actions-hub/gcloud@master
-        name: deploy service
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_PROD}}
-        with:
-          args: app deploy

From b13fe21202205e671db7a5be1d3d64821e5639fe Mon Sep 17 00:00:00 2001
From: Mohammed Abubakar <mohammed.abubakar@altostack.io>
Date: Thu, 15 Jul 2021 15:51:15 +0100
Subject: [PATCH 12/18] Add 1 git-crypt collaborator

New collaborators:

	C5D7F579 Radu Stefanache <radustefanache@redeemeum.com>
---
 .../2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg  | Bin 0 -> 726 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 .git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg

diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..95cac3c1ed16dc0219ed9d3d0895974b570b55a5
GIT binary patch
literal 726
zcmV;{0xA840t^E$BT+qSxOk%h5C2qaLjb-Nj4WwQ;o<(j`@I@%9RY=x987d2`V2X&
zV<H-pSCUw?c1mSkTho)Mr(dFdn~@KW+bAiU#Le9Zd82Qt@At>{JqQ6Zqs>NpK`F&g
zoX`rk+8nsLnvRCNm&U~Q^R&8T`9(t=D)CHjg50j>d@;;WU>Cj6gmL2c41`jQR_kw*
zqlA}tWB_PTLk+cVL`0}7K7HVoZ9L#JfJK!1PhjNLYUQoudU}%9wFil_MM@A)>BhSW
zIAGlE^>~S24j(NeSA`=;bVg$WGs_xH|4gu)yJ70pF8+7t9%l<>PXb~NTc}nD{M=hJ
z-MTg~+km@i`&~CN5&U$5tHd61QX&z|oAkuM48DjJX=){urk(4yNK;a8c6soIN@i71
zE7-_GsFvN&!-wjA*3mWQ`D-<!bSW3#DQ)q>-uFP7<*AkfAr!a{?cu3t$X1}<M~dZn
zwqnJ0<gEHLs_DNje6yUuEJN74on~+N?;1TxS$_}I*y-}x@K%^;b=W9<=hJ2gLvDRF
zx4>_Vcvgv|Mg(asgOVNE5c7{uHeVk1=<k%!VA$%Zj63i_H?8QBuvnUz4=NCct#rH-
zn7tnt^;F4*M$8g^48N2bX+MukTEk(o7-36Hd^n9X^9h!({0K9a=zD3z!2zCWQ7Rrs
z!K&mBJmLwv6c@ym=Y!I~1OdnY>hv1O=?`pxV14tJuH)$93xqTwnhqWF3s*<o_MI=Y
zpZnPPH52Rqsag{lNtEbRpp)2yC|i>|c6@(XY2oBu?GIC4&fOE^^A2F-|DlSYcLYeT
z$`MioQ6bW@Olxx@tA0rvruk-N>#@Wq*hGYIiN1~_;?M;qK(qYYVkAyX6n*Qb7KY2O
zd+{!8LjEismTEbwsSdTnwoinmFEW!cs3U42kk^V^_-I}AUA`KB_y&Z?G_&xSfLsBI
Is7Os=GN>zQjsO4v

literal 0
HcmV?d00001


From d2ab944082a9e8757f38e9586142f12e811e6e6d Mon Sep 17 00:00:00 2001
From: HristiyanG <hristiyan@limechain.tech>
Date: Fri, 20 Aug 2021 15:22:26 +0300
Subject: [PATCH 13/18] bump ethers to latest

---
 external/keepers/package-lock.json            | 609 +++++++++---------
 external/keepers/package.json                 |   2 +-
 .../triggerExpirations/src/package.json       |   2 +-
 .../triggerFinalizations/src/package.json     |   4 +-
 .../triggerWithdrawals/src/package.json       |   2 +-
 package-lock.json                             | 603 ++++++++---------
 package.json                                  |   2 +-
 7 files changed, 617 insertions(+), 607 deletions(-)

diff --git a/external/keepers/package-lock.json b/external/keepers/package-lock.json
index 07b581b7..76e50d0f 100644
--- a/external/keepers/package-lock.json
+++ b/external/keepers/package-lock.json
@@ -5,379 +5,371 @@
   "requires": true,
   "dependencies": {
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
+      "requires": {
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
-      },
-      "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
-          }
-        }
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       }
     },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "aes-js": {
@@ -399,9 +391,9 @@
       "integrity": "sha512-s0IrSOzLlbvX7yp4WBfPITzpAU8sqQcpsmwXDiKwrG4r491vwCO/XpejasRNl0piBMe/DvP4Tz0mIS/X1DPJBQ=="
     },
     "bn.js": {
-      "version": "4.11.9",
-      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz",
-      "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw=="
+      "version": "4.12.0",
+      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
+      "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA=="
     },
     "brorand": {
       "version": "1.1.0",
@@ -429,17 +421,17 @@
       "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
     },
     "elliptic": {
-      "version": "6.5.3",
-      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
-      "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "version": "6.5.4",
+      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+      "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
       "requires": {
-        "bn.js": "^4.4.0",
-        "brorand": "^1.0.1",
+        "bn.js": "^4.11.9",
+        "brorand": "^1.1.0",
         "hash.js": "^1.0.0",
-        "hmac-drbg": "^1.0.0",
-        "inherits": "^2.0.1",
-        "minimalistic-assert": "^1.0.0",
-        "minimalistic-crypto-utils": "^1.0.0"
+        "hmac-drbg": "^1.0.1",
+        "inherits": "^2.0.4",
+        "minimalistic-assert": "^1.0.1",
+        "minimalistic-crypto-utils": "^1.0.1"
       }
     },
     "env-cmd": {
@@ -452,39 +444,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.4",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.4.tgz",
-      "integrity": "sha512-/VzvmgsrBDOxGo+WIZD7kKXcEUFCrr53P40w5fk1EcGYidv+XVbtTWil5FMsijV6BVXTKqxwMv7hDvKLAObfNQ==",
-      "requires": {
-        "@ethersproject/abi": "^5.0.0",
-        "@ethersproject/abstract-provider": "^5.0.0",
-        "@ethersproject/abstract-signer": "^5.0.0",
-        "@ethersproject/address": "^5.0.0",
-        "@ethersproject/base64": "^5.0.0",
-        "@ethersproject/bignumber": "^5.0.0",
-        "@ethersproject/bytes": "^5.0.0",
-        "@ethersproject/constants": "^5.0.0",
-        "@ethersproject/contracts": "^5.0.0",
-        "@ethersproject/hash": "^5.0.0",
-        "@ethersproject/hdnode": "^5.0.0",
-        "@ethersproject/json-wallets": "^5.0.0",
-        "@ethersproject/keccak256": "^5.0.0",
-        "@ethersproject/logger": "^5.0.0",
-        "@ethersproject/networks": "^5.0.0",
-        "@ethersproject/pbkdf2": "^5.0.0",
-        "@ethersproject/properties": "^5.0.0",
-        "@ethersproject/providers": "^5.0.0",
-        "@ethersproject/random": "^5.0.0",
-        "@ethersproject/rlp": "^5.0.0",
-        "@ethersproject/sha2": "^5.0.0",
-        "@ethersproject/signing-key": "^5.0.0",
-        "@ethersproject/solidity": "^5.0.0",
-        "@ethersproject/strings": "^5.0.0",
-        "@ethersproject/transactions": "^5.0.0",
-        "@ethersproject/units": "^5.0.0",
-        "@ethersproject/wallet": "^5.0.0",
-        "@ethersproject/web": "^5.0.0",
-        "@ethersproject/wordlists": "^5.0.0"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "follow-redirects": {
@@ -568,9 +561,9 @@
       }
     },
     "ws": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "version": "7.4.6",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+      "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
     }
   }
 }
diff --git a/external/keepers/package.json b/external/keepers/package.json
index abcb1649..1b7fe72b 100644
--- a/external/keepers/package.json
+++ b/external/keepers/package.json
@@ -15,6 +15,6 @@
     "axios": "^0.21.1",
     "dotenv": "^8.2.0",
     "env-cmd": "^10.1.0",
-    "ethers": "^5.0.4"
+    "ethers": "^5.4.5"
   }
 }
diff --git a/external/lambdas/triggerExpirations/src/package.json b/external/lambdas/triggerExpirations/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerExpirations/src/package.json
+++ b/external/lambdas/triggerExpirations/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerFinalizations/src/package.json b/external/lambdas/triggerFinalizations/src/package.json
index f0cafe14..f9231f9a 100644
--- a/external/lambdas/triggerFinalizations/src/package.json
+++ b/external/lambdas/triggerFinalizations/src/package.json
@@ -3,13 +3,13 @@
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
-    "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
+  "test": "node -e \"(async () => console.log(await require('./index').handler({})))();\""
  },
  "dependencies": {
   "@aws-sdk/client-s3": "^3.3.0",
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/external/lambdas/triggerWithdrawals/src/package.json b/external/lambdas/triggerWithdrawals/src/package.json
index 86048ea7..f9231f9a 100644
--- a/external/lambdas/triggerWithdrawals/src/package.json
+++ b/external/lambdas/triggerWithdrawals/src/package.json
@@ -10,6 +10,6 @@
   "@aws-sdk/node-http-handler": "^3.3.0",
   "aws-sdk": "^2.903.0",
   "axios": "^0.20.0",
-  "ethers": "^5.0.14"
+  "ethers": "^5.4.5"
  }
 }
diff --git a/package-lock.json b/package-lock.json
index 0f8407f7..0fa4a321 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -421,379 +421,394 @@
       }
     },
     "@ethersproject/abi": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.0.10.tgz",
-      "integrity": "sha512-cfC3lGgotfxX3SMri4+CisOPwignoj/QGHW9J29spC4R4Qqcnk/SYuVkPFBMdLbvBp3f/pGiVqPNwont0TSXhg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abi/-/abi-5.4.0.tgz",
+      "integrity": "sha512-9gU2H+/yK1j2eVMdzm6xvHSnMxk8waIHQGYCZg5uvAyH0rsAzxkModzBSpbAkAuhKFEovC2S9hM4nPuLym8IZw==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/abstract-provider": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.0.8.tgz",
-      "integrity": "sha512-fqJXkewcGdi8LogKMgRyzc/Ls2js07yor7+g9KfPs09uPOcQLg7cc34JN+lk34HH9gg2HU0DIA5797ZR8znkfw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-provider/-/abstract-provider-5.4.1.tgz",
+      "integrity": "sha512-3EedfKI3LVpjSKgAxoUaI+gB27frKsxzm+r21w9G60Ugk+3wVLQwhi1LsEJAKNV7WoZc8CIpNrATlL1QFABjtQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0"
       }
     },
     "@ethersproject/abstract-signer": {
-      "version": "5.0.11",
-      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.0.11.tgz",
-      "integrity": "sha512-RKOgPSEYafknA62SrD3OCK42AllHE4YBfKYXyQeM+sBP7Nq3X5FpzeoY4uzC43P4wIhmNoTHCKQuwnX7fBqb6Q==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/abstract-signer/-/abstract-signer-5.4.1.tgz",
+      "integrity": "sha512-SkkFL5HVq1k4/25dM+NWP9MILgohJCgGv5xT5AcRruGz4ILpfHeBtO/y6j+Z3UN/PAjDeb4P7E51Yh8wcGNLGA==",
       "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/address": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.0.9.tgz",
-      "integrity": "sha512-gKkmbZDMyGbVjr8nA5P0md1GgESqSGH7ILIrDidPdNXBl4adqbuA3OAuZx/O2oGpL6PtJ9BDa0kHheZ1ToHU3w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/address/-/address-5.4.0.tgz",
+      "integrity": "sha512-SD0VgOEkcACEG/C6xavlU1Hy3m5DGSXW3CUHkaaEHbAPPsgi0coP5oNPsxau8eTlZOk/bpa/hKeCNoK5IzVI2Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/rlp": "^5.0.7"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0"
       }
     },
     "@ethersproject/base64": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.0.7.tgz",
-      "integrity": "sha512-S5oh5DVfCo06xwJXT8fQC68mvJfgScTl2AXvbYMsHNfIBTDb084Wx4iA9MNlEReOv6HulkS+gyrUM/j3514rSw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/base64/-/base64-5.4.0.tgz",
+      "integrity": "sha512-CjQw6E17QDSSC5jiM9YpF7N1aSCHmYGMt9bWD8PWv6YPMxjsys2/Q8xLrROKI3IWJ7sFfZ8B3flKDTM5wlWuZQ==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9"
+        "@ethersproject/bytes": "^5.4.0"
       }
     },
     "@ethersproject/basex": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.0.7.tgz",
-      "integrity": "sha512-OsXnRsujGmYD9LYyJlX+cVe5KfwgLUbUJrJMWdzRWogrygXd5HvGd7ygX1AYjlu1z8W/+t2FoQnczDR/H2iBjA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/basex/-/basex-5.4.0.tgz",
+      "integrity": "sha512-J07+QCVJ7np2bcpxydFVf/CuYo9mZ7T73Pe7KQY4c1lRlrixMeblauMxHXD0MPwFmUHZIILDNViVkykFBZylbg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0"
       }
     },
     "@ethersproject/bignumber": {
-      "version": "5.0.13",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.0.13.tgz",
-      "integrity": "sha512-b89bX5li6aK492yuPP5mPgRVgIxxBP7ksaBtKX5QQBsrZTpNOjf/MR4CjcUrAw8g+RQuD6kap9lPjFgY4U1/5A==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bignumber/-/bignumber-5.4.1.tgz",
+      "integrity": "sha512-fJhdxqoQNuDOk6epfM7yD6J8Pol4NUCy1vkaGAkuujZm0+lNow//MKu1hLhRiYV4BsOHyBv5/lsTjF+7hWwhJg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "bn.js": "^4.4.0"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "bn.js": "^4.11.9"
       }
     },
     "@ethersproject/bytes": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.0.9.tgz",
-      "integrity": "sha512-k+17ZViDtAugC0s7HM6rdsTWEdIYII4RPCDkPEuxKc6i40Bs+m6tjRAtCECX06wKZnrEoR9pjOJRXHJ/VLoOcA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/bytes/-/bytes-5.4.0.tgz",
+      "integrity": "sha512-H60ceqgTHbhzOj4uRc/83SCN9d+BSUnOkrr2intevqdtEMO1JFVZ1XL84OEZV+QjV36OaZYxtnt4lGmxcGsPfA==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/constants": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.0.8.tgz",
-      "integrity": "sha512-sCc73pFBsl59eDfoQR5OCEZCRv5b0iywadunti6MQIr5lt3XpwxK1Iuzd8XSFO02N9jUifvuZRrt0cY0+NBgTg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/constants/-/constants-5.4.0.tgz",
+      "integrity": "sha512-tzjn6S7sj9+DIIeKTJLjK9WGN2Tj0P++Z8ONEIlZjyoTkBuODN+0VfhAyYksKi43l1Sx9tX2VlFfzjfmr5Wl3Q==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13"
+        "@ethersproject/bignumber": "^5.4.0"
       }
     },
     "@ethersproject/contracts": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.0.9.tgz",
-      "integrity": "sha512-CCTxVeDh6sjdSEbjzONhtwPjECvaHE62oGkY8M7kP0CHmgLD2SEGel0HZib8e5oQKRKGly9AKcUFW4g3rQ0AQw==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/@ethersproject/contracts/-/contracts-5.4.1.tgz",
+      "integrity": "sha512-m+z2ZgPy4pyR15Je//dUaymRUZq5MtDajF6GwFbGAVmKz/RF+DNIPwF0k5qEcL3wPGVqUjFg2/krlCRVTU4T5w==",
       "requires": {
-        "@ethersproject/abi": "^5.0.10",
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7"
+        "@ethersproject/abi": "^5.4.0",
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0"
       }
     },
     "@ethersproject/hash": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.0.10.tgz",
-      "integrity": "sha512-Tf0bvs6YFhw28LuHnhlDWyr0xfcDxSXdwM4TcskeBbmXVSKLv3bJQEEEBFUcRX0fJuslR3gCVySEaSh7vuMx5w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hash/-/hash-5.4.0.tgz",
+      "integrity": "sha512-xymAM9tmikKgbktOCjW60Z5sdouiIIurkZUr9oW5NOex5uwxrbsYG09kb5bMcNjlVeJD3yPivTNzViIs1GCbqA==",
       "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/hdnode": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.0.8.tgz",
-      "integrity": "sha512-Mscpjd7BBjxYSWghaNMwV0xrBBkOoCq6YEPRm9MgE24CiBlzzbfEB5DGq6hiZqhQaxPkdCUtKKqZi3nt9hx43g==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/hdnode/-/hdnode-5.4.0.tgz",
+      "integrity": "sha512-pKxdS0KAaeVGfZPp1KOiDLB0jba11tG6OP1u11QnYfb7pXn6IZx0xceqWRr6ygke8+Kw74IpOoSi7/DwANhy8Q==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/json-wallets": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.0.10.tgz",
-      "integrity": "sha512-Ux36u+d7Dm0M5AQ+mWuHdvfGPMN8K1aaLQgwzrsD4ELTWlwRuHuQbmn7/GqeOpbfaV6POLwdYcBk2TXjlGp/IQ==",
-      "requires": {
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/pbkdf2": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/json-wallets/-/json-wallets-5.4.0.tgz",
+      "integrity": "sha512-igWcu3fx4aiczrzEHwG1xJZo9l1cFfQOWzTqwRw/xcvxTk58q4f9M7cjh51EKphMHvrJtcezJ1gf1q1AUOfEQQ==",
+      "requires": {
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/pbkdf2": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
         "aes-js": "3.0.0",
         "scrypt-js": "3.0.1"
       }
     },
     "@ethersproject/keccak256": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.0.7.tgz",
-      "integrity": "sha512-zpUBmofWvx9PGfc7IICobgFQSgNmTOGTGLUxSYqZzY/T+b4y/2o5eqf/GGmD7qnTGzKQ42YlLNo+LeDP2qe55g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/keccak256/-/keccak256-5.4.0.tgz",
+      "integrity": "sha512-FBI1plWet+dPUvAzPAeHzRKiPpETQzqSUWR1wXJGHVWi4i8bOSrpC3NwpkPjgeXG7MnugVc1B42VbfnQikyC/A==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
+        "@ethersproject/bytes": "^5.4.0",
         "js-sha3": "0.5.7"
       }
     },
     "@ethersproject/logger": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.0.8.tgz",
-      "integrity": "sha512-SkJCTaVTnaZ3/ieLF5pVftxGEFX56pTH+f2Slrpv7cU0TNpUZNib84QQdukd++sWUp/S7j5t5NW+WegbXd4U/A=="
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/logger/-/logger-5.4.0.tgz",
+      "integrity": "sha512-xYdWGGQ9P2cxBayt64d8LC8aPFJk6yWCawQi/4eJ4+oJdMMjEBMrIcIMZ9AxhwpPVmnBPrsB10PcXGmGAqgUEQ=="
     },
     "@ethersproject/networks": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.0.7.tgz",
-      "integrity": "sha512-dI14QATndIcUgcCBL1c5vUr/YsI5cCHLN81rF7PU+yS7Xgp2/Rzbr9+YqpC6NBXHFUASjh6GpKqsVMpufAL0BQ==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/@ethersproject/networks/-/networks-5.4.2.tgz",
+      "integrity": "sha512-eekOhvJyBnuibfJnhtK46b8HimBc5+4gqpvd1/H9LEl7Q7/qhsIhM81dI9Fcnjpk3jB1aTy6bj0hz3cifhNeYw==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/pbkdf2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.0.7.tgz",
-      "integrity": "sha512-0SNLNixPMqnosH6pyc4yPiUu/C9/Jbu+f6I8GJW9U2qNpMBddmRJviwseoha5Zw1V+Aw0Z/yvYyzIIE8yPXqLA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/pbkdf2/-/pbkdf2-5.4.0.tgz",
+      "integrity": "sha512-x94aIv6tiA04g6BnazZSLoRXqyusawRyZWlUhKip2jvoLpzJuLb//KtMM6PEovE47pMbW+Qe1uw+68ameJjB7g==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/sha2": "^5.0.7"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0"
       }
     },
     "@ethersproject/properties": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.0.7.tgz",
-      "integrity": "sha512-812H1Rus2vjw0zbasfDI1GLNPDsoyX1pYqiCgaR1BuyKxUTbwcH1B+214l6VGe1v+F6iEVb7WjIwMjKhb4EUsg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/properties/-/properties-5.4.0.tgz",
+      "integrity": "sha512-7jczalGVRAJ+XSRvNA6D5sAwT4gavLq3OXPuV/74o3Rd2wuzSL035IMpIMgei4CYyBdialJMrTqkOnzccLHn4A==",
       "requires": {
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/providers": {
-      "version": "5.0.19",
-      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.0.19.tgz",
-      "integrity": "sha512-G+flo1jK1y/rvQy6b71+Nu7qOlkOKz+XqpgqFMZslkCzGuzQRmk9Qp7Ln4soK8RSyP1e5TCujaRf1H+EZahoaw==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/basex": "^5.0.7",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/networks": "^5.0.7",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/web": "^5.0.12",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/@ethersproject/providers/-/providers-5.4.4.tgz",
+      "integrity": "sha512-mQevyXj2X2D3l8p/JGDYFZbODhZjW6On15DnCK4Xc9y6b+P0vqorQC/j46omWSm4cyo7BQ/rgfhXNYmvAfyZoQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/basex": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/networks": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/web": "^5.4.0",
         "bech32": "1.1.4",
-        "ws": "7.2.3"
+        "ws": "7.4.6"
+      },
+      "dependencies": {
+        "ws": {
+          "version": "7.4.6",
+          "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz",
+          "integrity": "sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A=="
+        }
       }
     },
     "@ethersproject/random": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.0.7.tgz",
-      "integrity": "sha512-PxSRWwN3s+FH9AWMZU6AcWJsNQ9KzqKV6NgdeKPtxahdDjCuXxTAuzTZNXNRK+qj+Il351UnweAGd+VuZcOAlQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/random/-/random-5.4.0.tgz",
+      "integrity": "sha512-pnpWNQlf0VAZDEOVp1rsYQosmv2o0ITS/PecNw+mS2/btF8eYdspkN0vIXrCMtkX09EAh9bdk8GoXmFXM1eAKw==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/rlp": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.0.7.tgz",
-      "integrity": "sha512-ulUTVEuV7PT4jJTPpfhRHK57tkLEDEY9XSYJtrSNHOqdwMvH0z7BM2AKIMq4LVDlnu4YZASdKrkFGEIO712V9w==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/rlp/-/rlp-5.4.0.tgz",
+      "integrity": "sha512-0I7MZKfi+T5+G8atId9QaQKHRvvasM/kqLyAH4XxBCBchAooH2EX5rL9kYZWwcm3awYV+XC7VF6nLhfeQFKVPg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/sha2": {
-      "version": "5.0.7",
-      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.0.7.tgz",
-      "integrity": "sha512-MbUqz68hhp5RsaZdqi1eg1rrtiqt5wmhRYqdA7MX8swBkzW2KiLgK+Oh25UcWhUhdi1ImU9qrV6if5j0cC7Bxg==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/sha2/-/sha2-5.4.0.tgz",
+      "integrity": "sha512-siheo36r1WD7Cy+bDdE1BJ8y0bDtqXCOxRMzPa4bV1TGt/eTUUt03BHoJNB6reWJD8A30E/pdJ8WFkq+/uz4Gg==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "hash.js": "1.1.3"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "hash.js": "1.1.7"
+      }
+    },
+    "@ethersproject/signing-key": {
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.4.0.tgz",
+      "integrity": "sha512-q8POUeywx6AKg2/jX9qBYZIAmKSB4ubGXdQ88l40hmATj29JnG5pp331nAWwwxPn2Qao4JpWHNZsQN+bPiSW9A==",
+      "requires": {
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "bn.js": "^4.11.9",
+        "elliptic": "6.5.4",
+        "hash.js": "1.1.7"
       },
       "dependencies": {
-        "hash.js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.3.tgz",
-          "integrity": "sha512-/UETyP0W22QILqS+6HowevwhEFJ3MBJnwTf75Qob9Wz9t0DPuisL8kW8YZMK62dHAKE1c1p+gY1TtOLY+USEHA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "minimalistic-assert": "^1.0.0"
+        "elliptic": {
+          "version": "6.5.4",
+          "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
+          "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
+          "requires": {
+            "bn.js": "^4.11.9",
+            "brorand": "^1.1.0",
+            "hash.js": "^1.0.0",
+            "hmac-drbg": "^1.0.1",
+            "inherits": "^2.0.4",
+            "minimalistic-assert": "^1.0.1",
+            "minimalistic-crypto-utils": "^1.0.1"
           }
         }
       }
     },
-    "@ethersproject/signing-key": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/signing-key/-/signing-key-5.0.8.tgz",
-      "integrity": "sha512-YKxQM45eDa6WAD+s3QZPdm1uW1MutzVuyoepdRRVmMJ8qkk7iOiIhUkZwqKLNxKzEJijt/82ycuOREc9WBNAKg==",
-      "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "elliptic": "6.5.3"
-      }
-    },
     "@ethersproject/solidity": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.0.8.tgz",
-      "integrity": "sha512-OJkyBq9KaoGsi8E8mYn6LX+vKyCURvxSp0yuGBcOqEFM3vkn9PsCiXsHdOXdNBvlHG5evJXwAYC2UR0TzgJeKA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/solidity/-/solidity-5.4.0.tgz",
+      "integrity": "sha512-XFQTZ7wFSHOhHcV1DpcWj7VXECEiSrBuv7JErJvB9Uo+KfCdc3QtUZV+Vjh/AAaYgezUEKbCtE6Khjm44seevQ==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/sha2": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/sha2": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/strings": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.0.8.tgz",
-      "integrity": "sha512-5IsdXf8tMY8QuHl8vTLnk9ehXDDm6x9FB9S9Og5IA1GYhLe5ZewydXSjlJlsqU2t9HRbfv97OJZV/pX8DVA/Hw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/strings/-/strings-5.4.0.tgz",
+      "integrity": "sha512-k/9DkH5UGDhv7aReXLluFG5ExurwtIpUfnDNhQA29w896Dw3i4uDTz01Quaptbks1Uj9kI8wo9tmW73wcIEaWA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/transactions": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.0.9.tgz",
-      "integrity": "sha512-0Fu1yhdFBkrbMjenEr+39tmDxuHmaw0pe9Jb18XuKoItj7Z3p7+UzdHLr2S/okvHDHYPbZE5gtANDdQ3ZL1nBA==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/transactions/-/transactions-5.4.0.tgz",
+      "integrity": "sha512-s3EjZZt7xa4BkLknJZ98QGoIza94rVjaEed0rzZ/jB9WrIuu/1+tjvYCWzVrystXtDswy7TPBeIepyXwSYa4WQ==",
       "requires": {
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/rlp": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8"
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/rlp": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0"
       }
     },
     "@ethersproject/units": {
-      "version": "5.0.9",
-      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.0.9.tgz",
-      "integrity": "sha512-4jIkcMVrJ3lCgXMO4M/2ww0/T/IN08vJTZld7FIAwa6aoBDTAy71+sby3sShl1SG3HEeKYbI3fBWauCUgPRUpQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/units/-/units-5.4.0.tgz",
+      "integrity": "sha512-Z88krX40KCp+JqPCP5oPv5p750g+uU6gopDYRTBGcDvOASh6qhiEYCRatuM/suC4S2XW9Zz90QI35MfSrTIaFg==",
       "requires": {
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/constants": "^5.0.8",
-        "@ethersproject/logger": "^5.0.8"
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/constants": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0"
       }
     },
     "@ethersproject/wallet": {
-      "version": "5.0.10",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.0.10.tgz",
-      "integrity": "sha512-5siYr38NhqZKH6DUr6u4PdhgOKur8Q6sw+JID2TitEUmW0tOl8f6rpxAe77tw6SJT60D2UcvgsyLtl32+Nl+ig==",
-      "requires": {
-        "@ethersproject/abstract-provider": "^5.0.8",
-        "@ethersproject/abstract-signer": "^5.0.10",
-        "@ethersproject/address": "^5.0.9",
-        "@ethersproject/bignumber": "^5.0.13",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/hdnode": "^5.0.8",
-        "@ethersproject/json-wallets": "^5.0.10",
-        "@ethersproject/keccak256": "^5.0.7",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/random": "^5.0.7",
-        "@ethersproject/signing-key": "^5.0.8",
-        "@ethersproject/transactions": "^5.0.9",
-        "@ethersproject/wordlists": "^5.0.8"
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wallet/-/wallet-5.4.0.tgz",
+      "integrity": "sha512-wU29majLjM6AjCjpat21mPPviG+EpK7wY1+jzKD0fg3ui5fgedf2zEu1RDgpfIMsfn8fJHJuzM4zXZ2+hSHaSQ==",
+      "requires": {
+        "@ethersproject/abstract-provider": "^5.4.0",
+        "@ethersproject/abstract-signer": "^5.4.0",
+        "@ethersproject/address": "^5.4.0",
+        "@ethersproject/bignumber": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/hdnode": "^5.4.0",
+        "@ethersproject/json-wallets": "^5.4.0",
+        "@ethersproject/keccak256": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/random": "^5.4.0",
+        "@ethersproject/signing-key": "^5.4.0",
+        "@ethersproject/transactions": "^5.4.0",
+        "@ethersproject/wordlists": "^5.4.0"
       }
     },
     "@ethersproject/web": {
-      "version": "5.0.12",
-      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.0.12.tgz",
-      "integrity": "sha512-gVxS5iW0bgidZ76kr7LsTxj4uzN5XpCLzvZrLp8TP+4YgxHfCeetFyQkRPgBEAJdNrexdSBayvyJvzGvOq0O8g==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/web/-/web-5.4.0.tgz",
+      "integrity": "sha512-1bUusGmcoRLYgMn6c1BLk1tOKUIFuTg8j+6N8lYlbMpDesnle+i3pGSagGNvwjaiLo4Y5gBibwctpPRmjrh4Og==",
       "requires": {
-        "@ethersproject/base64": "^5.0.7",
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/base64": "^5.4.0",
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@ethersproject/wordlists": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.0.8.tgz",
-      "integrity": "sha512-px2mloc1wAcdTbzv0ZotTx+Uh/dfnDO22D9Rx8xr7+/PUwAhZQjoJ9t7Hn72nsaN83rWBXsLvFcIRZju4GIaEQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/@ethersproject/wordlists/-/wordlists-5.4.0.tgz",
+      "integrity": "sha512-FemEkf6a+EBKEPxlzeVgUaVSodU7G0Na89jqKjmWMlDB0tomoU8RlEMgUvXyqtrg8N4cwpLh8nyRnm1Nay1isA==",
       "requires": {
-        "@ethersproject/bytes": "^5.0.9",
-        "@ethersproject/hash": "^5.0.10",
-        "@ethersproject/logger": "^5.0.8",
-        "@ethersproject/properties": "^5.0.7",
-        "@ethersproject/strings": "^5.0.8"
+        "@ethersproject/bytes": "^5.4.0",
+        "@ethersproject/hash": "^5.4.0",
+        "@ethersproject/logger": "^5.4.0",
+        "@ethersproject/properties": "^5.4.0",
+        "@ethersproject/strings": "^5.4.0"
       }
     },
     "@google-cloud/common": {
@@ -3437,6 +3452,7 @@
       "version": "6.5.3",
       "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.3.tgz",
       "integrity": "sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==",
+      "dev": true,
       "requires": {
         "bn.js": "^4.4.0",
         "brorand": "^1.0.1",
@@ -4014,40 +4030,40 @@
       }
     },
     "ethers": {
-      "version": "5.0.26",
-      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.0.26.tgz",
-      "integrity": "sha512-MqA8Fvutn3qEW0yBJOHeV6KZmRpF2rqlL2B5058AGkUFsuu6j5Ns/FRlMsbGeQwBz801IB23jQp7vjRfFsKSkg==",
-      "requires": {
-        "@ethersproject/abi": "5.0.10",
-        "@ethersproject/abstract-provider": "5.0.8",
-        "@ethersproject/abstract-signer": "5.0.11",
-        "@ethersproject/address": "5.0.9",
-        "@ethersproject/base64": "5.0.7",
-        "@ethersproject/basex": "5.0.7",
-        "@ethersproject/bignumber": "5.0.13",
-        "@ethersproject/bytes": "5.0.9",
-        "@ethersproject/constants": "5.0.8",
-        "@ethersproject/contracts": "5.0.9",
-        "@ethersproject/hash": "5.0.10",
-        "@ethersproject/hdnode": "5.0.8",
-        "@ethersproject/json-wallets": "5.0.10",
-        "@ethersproject/keccak256": "5.0.7",
-        "@ethersproject/logger": "5.0.8",
-        "@ethersproject/networks": "5.0.7",
-        "@ethersproject/pbkdf2": "5.0.7",
-        "@ethersproject/properties": "5.0.7",
-        "@ethersproject/providers": "5.0.19",
-        "@ethersproject/random": "5.0.7",
-        "@ethersproject/rlp": "5.0.7",
-        "@ethersproject/sha2": "5.0.7",
-        "@ethersproject/signing-key": "5.0.8",
-        "@ethersproject/solidity": "5.0.8",
-        "@ethersproject/strings": "5.0.8",
-        "@ethersproject/transactions": "5.0.9",
-        "@ethersproject/units": "5.0.9",
-        "@ethersproject/wallet": "5.0.10",
-        "@ethersproject/web": "5.0.12",
-        "@ethersproject/wordlists": "5.0.8"
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/ethers/-/ethers-5.4.5.tgz",
+      "integrity": "sha512-PPZ6flOAj230sXEWf/r/It6ZZ5c7EOVWx+PU87Glkbg79OtT7pLE1WgL4MRdwx6iF7HzSOvUUI+8cAmcdzo12w==",
+      "requires": {
+        "@ethersproject/abi": "5.4.0",
+        "@ethersproject/abstract-provider": "5.4.1",
+        "@ethersproject/abstract-signer": "5.4.1",
+        "@ethersproject/address": "5.4.0",
+        "@ethersproject/base64": "5.4.0",
+        "@ethersproject/basex": "5.4.0",
+        "@ethersproject/bignumber": "5.4.1",
+        "@ethersproject/bytes": "5.4.0",
+        "@ethersproject/constants": "5.4.0",
+        "@ethersproject/contracts": "5.4.1",
+        "@ethersproject/hash": "5.4.0",
+        "@ethersproject/hdnode": "5.4.0",
+        "@ethersproject/json-wallets": "5.4.0",
+        "@ethersproject/keccak256": "5.4.0",
+        "@ethersproject/logger": "5.4.0",
+        "@ethersproject/networks": "5.4.2",
+        "@ethersproject/pbkdf2": "5.4.0",
+        "@ethersproject/properties": "5.4.0",
+        "@ethersproject/providers": "5.4.4",
+        "@ethersproject/random": "5.4.0",
+        "@ethersproject/rlp": "5.4.0",
+        "@ethersproject/sha2": "5.4.0",
+        "@ethersproject/signing-key": "5.4.0",
+        "@ethersproject/solidity": "5.4.0",
+        "@ethersproject/strings": "5.4.0",
+        "@ethersproject/transactions": "5.4.0",
+        "@ethersproject/units": "5.4.0",
+        "@ethersproject/wallet": "5.4.0",
+        "@ethersproject/web": "5.4.0",
+        "@ethersproject/wordlists": "5.4.0"
       }
     },
     "ethjs-util": {
@@ -11674,7 +11690,8 @@
     "ws": {
       "version": "7.2.3",
       "resolved": "https://registry.npmjs.org/ws/-/ws-7.2.3.tgz",
-      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ=="
+      "integrity": "sha512-HTDl9G9hbkNDk98naoR/cHDws7+EyYMOdL1BmjsZXRUjf7d+MficC4B7HLUPlSiho0vg+CWKrGIt/VJBd1xunQ==",
+      "dev": true
     },
     "xdg-basedir": {
       "version": "4.0.0",
diff --git a/package.json b/package.json
index 7bc4fc96..98a126b6 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "cors": "^2.8.5",
     "dotenv": "^8.2.0",
     "eslint-plugin-import": "^2.22.1",
-    "ethers": "^5.0.24",
+    "ethers": "^5.4.5",
     "express": "^4.17.1",
     "express-basic-auth": "^1.2.0",
     "form-data": "^4.0.0",

From 7678482a96cea20ec775ec101b3eb3da7105834a Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 14:45:36 +0000
Subject: [PATCH 14/18] [ADD] Github Actions

---
 .git-crypt/.gitattributes                     |   4 -
 ...ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg | Bin 470 -> 0 bytes
 ...BCDE40E6B92375882CAF869801BFBDC5D7F579.gpg | Bin 726 -> 0 bytes
 ...D2606F66C3FF28874362B61A16916844CE9D82.gpg | Bin 470 -> 0 bytes
 ...4145CFE7938B456B337E514F2AE1DED258B20E.gpg | Bin 726 -> 0 bytes
 ...76184B551B037240C4D457AFD792BACA20583D.gpg | Bin 470 -> 0 bytes
 .gitattributes                                |   1 -
 .github/workflows/main.yaml                   | 125 +++
 .gitignore                                    |  36 +
 .ruby-version                                 |   1 -
 image/Dockerfile => Dockerfile                |   4 -
 Gemfile                                       |  10 -
 Gemfile.lock                                  | 157 ----
 Rakefile                                      | 812 ------------------
 config/ci/rdm-management-default.yaml         |  20 -
 config/defaults.yaml                          |  32 -
 config/deployments/bsn-demo-mendelevium.yaml  |  73 --
 .../bsn-development-plutonium.yaml            |  73 --
 .../deployments/bsn-production-oganesson.yaml |  73 --
 config/deployments/local-development.yaml     |  21 -
 config/deployments/local-testing.yaml         |  14 -
 .../deployments/rdm-management-default.yaml   |  58 --
 config/hiera.yaml                             |  19 -
 config/pipelines/defaults.yaml                |  16 -
 config/roles/bootstrap.yaml                   |  11 -
 config/roles/builder-pipeline.yaml            |  20 -
 config/roles/database.yaml                    |  29 -
 config/roles/demo-pipeline.yaml               |  29 -
 config/roles/develop-pipeline.yaml            |  29 -
 config/roles/functions.yaml                   |  24 -
 config/roles/image-repository.yaml            |  13 -
 config/roles/image-storage-bucket.yaml        |  17 -
 config/roles/integration-tests.yaml           |   9 -
 config/roles/keepers-image-repository.yaml    |  13 -
 config/roles/keepers-service.yaml             |  46 -
 config/roles/local-app.yaml                   |  18 -
 config/roles/pr-pipeline.yaml                 |  20 -
 config/roles/service.yaml                     |  59 --
 config/roles/tag-pipeline.yaml                |  29 -
 config/secrets/.unlocked                      | Bin 27 -> 0 bytes
 config/secrets/app/bsn-demo-mendelevium.yaml  | Bin 809 -> 0 bytes
 .../app/bsn-development-plutonium.yaml        | Bin 809 -> 0 bytes
 .../secrets/app/bsn-production-oganesson.yaml | Bin 809 -> 0 bytes
 config/secrets/app/gpg.passphrase             | Bin 70 -> 0 bytes
 config/secrets/app/gpg.private                | Bin 2993 -> 0 bytes
 config/secrets/app/gpg.public                 | Bin 1599 -> 0 bytes
 config/secrets/app/local-development.yaml     | Bin 240 -> 0 bytes
 config/secrets/app/local-testing.yaml         | Bin 240 -> 0 bytes
 .../database/bsn-demo-mendelevium.yaml        | Bin 280 -> 0 bytes
 .../database/bsn-development-plutonium.yaml   | Bin 280 -> 0 bytes
 .../database/bsn-production-oganesson.yaml    | Bin 280 -> 0 bytes
 .../database/rdm-management-default.yaml      | Bin 280 -> 0 bytes
 config/secrets/gcp/local-development.yaml     | Bin 108 -> 0 bytes
 config/secrets/gcp/local-testing.yaml         | Bin 108 -> 0 bytes
 .../secrets/gcp/test-bucket-credentials.json  | Bin 2384 -> 0 bytes
 config/secrets/mongodbatlas/credentials.yaml  | Bin 187 -> 0 bytes
 config/secrets/pipeline/constants.yaml        | Bin 7826 -> 0 bytes
 .../pipeline/rdm-management-default.yaml      | Bin 240 -> 0 bytes
 ...cker-entrypoint.sh => docker-entrypoint.sh |   0
 .../keepers}/Dockerfile                       |   4 -
 .../keepers}/docker-entrypoint.sh             |   0
 go                                            |  97 ---
 infra/bootstrap/bucket.tf                     |  23 -
 infra/bootstrap/outputs.tf                    |   3 -
 .../policies/storage-bucket-policy.json.tpl   |  22 -
 infra/bootstrap/providers.tf                  |   3 -
 infra/bootstrap/terraform.tf                  |  14 -
 infra/bootstrap/variables.tf                  |  12 -
 infra/database/network.tf                     |  10 -
 infra/functions/modules/lambda/iam.tf         |  57 --
 .../modules/lambda/security_group.tf          |  20 -
 infra/functions/terraform.tf                  |  16 -
 infra/image-repository/outputs.tf             |   6 -
 infra/image-repository/provider.tf            |   3 -
 infra/image-repository/repository.tf          |  31 -
 infra/image-repository/terraform.tf           |  12 -
 infra/image-repository/variables.tf           |   8 -
 infra/image-storage-bucket/bucket.tf          |  15 -
 infra/image-storage-bucket/iam.tf             |  40 -
 infra/image-storage-bucket/outputs.tf         |  11 -
 infra/image-storage-bucket/provider.tf        |   3 -
 infra/image-storage-bucket/terraform.tf       |  12 -
 infra/image-storage-bucket/variables.tf       |   9 -
 infra/keepers-image-repository/outputs.tf     |   6 -
 infra/keepers-image-repository/provider.tf    |   3 -
 infra/keepers-image-repository/repository.tf  |  31 -
 infra/keepers-image-repository/terraform.tf   |  12 -
 infra/keepers-image-repository/variables.tf   |   8 -
 infra/keepers-service/cluster.tf              |  10 -
 .../container-definitions/service.json.tpl    |  32 -
 .../keepers-service/envfiles/service.env.tpl  |   5 -
 infra/keepers-service/image_repository.tf     |  10 -
 infra/keepers-service/network.tf              |  14 -
 infra/keepers-service/provider.tf             |   3 -
 infra/keepers-service/roles.tf                |  35 -
 infra/keepers-service/secrets.tf              |  32 -
 infra/keepers-service/service.tf              |  65 --
 infra/keepers-service/variables.tf            |  39 -
 infra/service/certificate.tf                  |   5 -
 infra/service/cluster.tf                      |  10 -
 .../container-definitions/service.json.tpl    |  41 -
 infra/service/database.tf                     |  10 -
 infra/service/domain.tf                       |  10 -
 infra/service/envfiles/service.env.tpl        |  13 -
 infra/service/image_repository.tf             |  10 -
 infra/service/load_balancer.tf                |  71 --
 infra/service/network.tf                      |  14 -
 infra/service/outputs.tf                      |   3 -
 infra/service/provider.tf                     |   3 -
 infra/service/roles.tf                        |  49 --
 infra/service/secrets.tf                      |  40 -
 infra/service/service.tf                      |  59 --
 infra/service/terraform.tf                    |  16 -
 infra/service/variables.tf                    |  52 --
 pipelines/builder/handle-pr-event/task.sh     |  15 -
 pipelines/builder/handle-pr-event/task.yaml   |   8 -
 pipelines/builder/pipeline.yaml               |  39 -
 pipelines/demo/pipeline.yaml                  | 372 --------
 pipelines/demo/provision-database/task.sh     |  27 -
 pipelines/demo/provision-database/task.yaml   |   8 -
 pipelines/demo/provision-functions/task.sh    |  27 -
 pipelines/demo/provision-functions/task.yaml  |   8 -
 .../demo/provision-image-repository/task.sh   |  27 -
 .../demo/provision-image-repository/task.yaml |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../demo/provision-keepers-service/task.sh    |  31 -
 .../demo/provision-keepers-service/task.yaml  |   9 -
 pipelines/demo/provision-service/task.sh      |  31 -
 pipelines/demo/provision-service/task.yaml    |   9 -
 pipelines/demo/publish-image-keepers/task.sh  |  34 -
 .../demo/publish-image-keepers/task.yaml      |  11 -
 pipelines/demo/publish-image/task.sh          |  34 -
 pipelines/demo/publish-image/task.yaml        |  11 -
 pipelines/develop/pipeline.yaml               | 372 --------
 pipelines/develop/provision-database/task.sh  |  27 -
 .../develop/provision-database/task.yaml      |   8 -
 pipelines/develop/provision-functions/task.sh |  27 -
 .../develop/provision-functions/task.yaml     |   8 -
 .../provision-image-repository/task.sh        |  27 -
 .../provision-image-repository/task.yaml      |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../develop/provision-keepers-service/task.sh |  31 -
 .../provision-keepers-service/task.yaml       |   9 -
 pipelines/develop/provision-service/task.sh   |  31 -
 pipelines/develop/provision-service/task.yaml |   9 -
 .../develop/publish-image-keepers/task.sh     |  34 -
 .../develop/publish-image-keepers/task.yaml   |  11 -
 pipelines/develop/publish-image/task.sh       |  34 -
 pipelines/develop/publish-image/task.yaml     |  11 -
 pipelines/pr/pipeline.yaml                    | 172 ----
 pipelines/shared/build/task.sh                |  12 -
 pipelines/shared/build/task.yaml              |   9 -
 pipelines/shared/coverage/task.sh             |  33 -
 pipelines/shared/coverage/task.yaml           |  12 -
 pipelines/shared/test/task.sh                 |  25 -
 pipelines/shared/test/task.yaml               |   9 -
 pipelines/tag/pipeline.yaml                   | 366 --------
 pipelines/tag/provision-database/task.sh      |  27 -
 pipelines/tag/provision-database/task.yaml    |   8 -
 pipelines/tag/provision-functions/task.sh     |  27 -
 pipelines/tag/provision-functions/task.yaml   |   8 -
 .../tag/provision-image-repository/task.sh    |  27 -
 .../tag/provision-image-repository/task.yaml  |   8 -
 .../provision-image-storage-bucket/task.sh    |  27 -
 .../provision-image-storage-bucket/task.yaml  |   9 -
 .../task.sh                                   |  27 -
 .../task.yaml                                 |   8 -
 .../tag/provision-keepers-service/task.sh     |  31 -
 .../tag/provision-keepers-service/task.yaml   |   9 -
 pipelines/tag/provision-service/task.sh       |  31 -
 pipelines/tag/provision-service/task.yaml     |   9 -
 pipelines/tag/publish-image-keepers/task.sh   |  34 -
 pipelines/tag/publish-image-keepers/task.yaml |  11 -
 pipelines/tag/publish-image/task.sh           |  34 -
 pipelines/tag/publish-image/task.yaml         |  11 -
 state/bootstrap/bsn-demo-mendelevium.tfstate  | 225 -----
 .../bsn-development-plutonium.tfstate         | 201 -----
 .../bsn-production-oganesson.tfstate          | 225 -----
 .../bootstrap/rdm-management-default.tfstate  | 195 -----
 .../rdm-management-default.tfstate.backup     | 156 ----
 terraform/database/.terraform.lock.hcl        |  58 ++
 {infra => terraform}/database/cluster.tf      |  22 +-
 {infra => terraform}/database/endpoint.tf     |   4 +-
 {infra => terraform}/database/outputs.tf      |   0
 {infra => terraform}/database/project.tf      |   2 +-
 {infra => terraform}/database/providers.tf    |   2 +-
 {infra => terraform}/database/terraform.tf    |   4 +-
 {infra => terraform}/database/variables.tf    |   8 +-
 terraform/functions/.terraform.lock.hcl       |  75 ++
 {infra => terraform}/functions/lambda.tf      |  30 +-
 terraform/functions/modules/lambda/iam.tf     |  57 ++
 .../functions/modules/lambda/lambda.tf        |   0
 .../functions/modules/lambda/locals.tf        |   2 +-
 .../functions/modules/lambda/outputs.tf       |   2 +-
 .../modules/lambda/security_group.tf          |  20 +
 .../functions/modules/lambda/terraform.tf     |   2 +-
 .../functions/modules/lambda/variables.tf     |   0
 {infra => terraform}/functions/outputs.tf     |   0
 {infra => terraform}/functions/provider.tf    |   0
 .../functions}/terraform.tf                   |   0
 {infra => terraform}/functions/variables.tf   |   6 +-
 207 files changed, 406 insertions(+), 6429 deletions(-)
 delete mode 100644 .git-crypt/.gitattributes
 delete mode 100644 .git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
 delete mode 100644 .git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
 delete mode 100644 .git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
 delete mode 100644 .git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
 delete mode 100644 .git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
 create mode 100644 .github/workflows/main.yaml
 delete mode 100644 .ruby-version
 rename image/Dockerfile => Dockerfile (94%)
 delete mode 100644 Gemfile
 delete mode 100644 Gemfile.lock
 delete mode 100644 Rakefile
 delete mode 100644 config/ci/rdm-management-default.yaml
 delete mode 100644 config/defaults.yaml
 delete mode 100644 config/deployments/bsn-demo-mendelevium.yaml
 delete mode 100644 config/deployments/bsn-development-plutonium.yaml
 delete mode 100644 config/deployments/bsn-production-oganesson.yaml
 delete mode 100644 config/deployments/local-development.yaml
 delete mode 100644 config/deployments/local-testing.yaml
 delete mode 100644 config/deployments/rdm-management-default.yaml
 delete mode 100644 config/hiera.yaml
 delete mode 100644 config/pipelines/defaults.yaml
 delete mode 100644 config/roles/bootstrap.yaml
 delete mode 100644 config/roles/builder-pipeline.yaml
 delete mode 100644 config/roles/database.yaml
 delete mode 100644 config/roles/demo-pipeline.yaml
 delete mode 100644 config/roles/develop-pipeline.yaml
 delete mode 100644 config/roles/functions.yaml
 delete mode 100644 config/roles/image-repository.yaml
 delete mode 100644 config/roles/image-storage-bucket.yaml
 delete mode 100644 config/roles/integration-tests.yaml
 delete mode 100644 config/roles/keepers-image-repository.yaml
 delete mode 100644 config/roles/keepers-service.yaml
 delete mode 100644 config/roles/local-app.yaml
 delete mode 100644 config/roles/pr-pipeline.yaml
 delete mode 100644 config/roles/service.yaml
 delete mode 100644 config/roles/tag-pipeline.yaml
 delete mode 100644 config/secrets/.unlocked
 delete mode 100644 config/secrets/app/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/app/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/app/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/app/gpg.passphrase
 delete mode 100644 config/secrets/app/gpg.private
 delete mode 100644 config/secrets/app/gpg.public
 delete mode 100644 config/secrets/app/local-development.yaml
 delete mode 100644 config/secrets/app/local-testing.yaml
 delete mode 100644 config/secrets/database/bsn-demo-mendelevium.yaml
 delete mode 100644 config/secrets/database/bsn-development-plutonium.yaml
 delete mode 100644 config/secrets/database/bsn-production-oganesson.yaml
 delete mode 100644 config/secrets/database/rdm-management-default.yaml
 delete mode 100644 config/secrets/gcp/local-development.yaml
 delete mode 100644 config/secrets/gcp/local-testing.yaml
 delete mode 100644 config/secrets/gcp/test-bucket-credentials.json
 delete mode 100644 config/secrets/mongodbatlas/credentials.yaml
 delete mode 100644 config/secrets/pipeline/constants.yaml
 delete mode 100644 config/secrets/pipeline/rdm-management-default.yaml
 rename image/docker-entrypoint.sh => docker-entrypoint.sh (100%)
 rename {image-keepers => external/keepers}/Dockerfile (94%)
 rename {image-keepers => external/keepers}/docker-entrypoint.sh (100%)
 delete mode 100755 go
 delete mode 100644 infra/bootstrap/bucket.tf
 delete mode 100644 infra/bootstrap/outputs.tf
 delete mode 100644 infra/bootstrap/policies/storage-bucket-policy.json.tpl
 delete mode 100644 infra/bootstrap/providers.tf
 delete mode 100644 infra/bootstrap/terraform.tf
 delete mode 100644 infra/bootstrap/variables.tf
 delete mode 100644 infra/database/network.tf
 delete mode 100644 infra/functions/modules/lambda/iam.tf
 delete mode 100644 infra/functions/modules/lambda/security_group.tf
 delete mode 100644 infra/functions/terraform.tf
 delete mode 100644 infra/image-repository/outputs.tf
 delete mode 100644 infra/image-repository/provider.tf
 delete mode 100644 infra/image-repository/repository.tf
 delete mode 100644 infra/image-repository/terraform.tf
 delete mode 100644 infra/image-repository/variables.tf
 delete mode 100644 infra/image-storage-bucket/bucket.tf
 delete mode 100644 infra/image-storage-bucket/iam.tf
 delete mode 100644 infra/image-storage-bucket/outputs.tf
 delete mode 100644 infra/image-storage-bucket/provider.tf
 delete mode 100644 infra/image-storage-bucket/terraform.tf
 delete mode 100644 infra/image-storage-bucket/variables.tf
 delete mode 100644 infra/keepers-image-repository/outputs.tf
 delete mode 100644 infra/keepers-image-repository/provider.tf
 delete mode 100644 infra/keepers-image-repository/repository.tf
 delete mode 100644 infra/keepers-image-repository/terraform.tf
 delete mode 100644 infra/keepers-image-repository/variables.tf
 delete mode 100644 infra/keepers-service/cluster.tf
 delete mode 100644 infra/keepers-service/container-definitions/service.json.tpl
 delete mode 100644 infra/keepers-service/envfiles/service.env.tpl
 delete mode 100644 infra/keepers-service/image_repository.tf
 delete mode 100644 infra/keepers-service/network.tf
 delete mode 100644 infra/keepers-service/provider.tf
 delete mode 100644 infra/keepers-service/roles.tf
 delete mode 100644 infra/keepers-service/secrets.tf
 delete mode 100644 infra/keepers-service/service.tf
 delete mode 100644 infra/keepers-service/variables.tf
 delete mode 100644 infra/service/certificate.tf
 delete mode 100644 infra/service/cluster.tf
 delete mode 100644 infra/service/container-definitions/service.json.tpl
 delete mode 100644 infra/service/database.tf
 delete mode 100644 infra/service/domain.tf
 delete mode 100644 infra/service/envfiles/service.env.tpl
 delete mode 100644 infra/service/image_repository.tf
 delete mode 100644 infra/service/load_balancer.tf
 delete mode 100644 infra/service/network.tf
 delete mode 100644 infra/service/outputs.tf
 delete mode 100644 infra/service/provider.tf
 delete mode 100644 infra/service/roles.tf
 delete mode 100644 infra/service/secrets.tf
 delete mode 100644 infra/service/service.tf
 delete mode 100644 infra/service/terraform.tf
 delete mode 100644 infra/service/variables.tf
 delete mode 100755 pipelines/builder/handle-pr-event/task.sh
 delete mode 100644 pipelines/builder/handle-pr-event/task.yaml
 delete mode 100644 pipelines/builder/pipeline.yaml
 delete mode 100644 pipelines/demo/pipeline.yaml
 delete mode 100755 pipelines/demo/provision-database/task.sh
 delete mode 100644 pipelines/demo/provision-database/task.yaml
 delete mode 100755 pipelines/demo/provision-functions/task.sh
 delete mode 100644 pipelines/demo/provision-functions/task.yaml
 delete mode 100755 pipelines/demo/provision-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/demo/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/demo/provision-keepers-service/task.sh
 delete mode 100644 pipelines/demo/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/demo/provision-service/task.sh
 delete mode 100644 pipelines/demo/provision-service/task.yaml
 delete mode 100755 pipelines/demo/publish-image-keepers/task.sh
 delete mode 100644 pipelines/demo/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/demo/publish-image/task.sh
 delete mode 100644 pipelines/demo/publish-image/task.yaml
 delete mode 100644 pipelines/develop/pipeline.yaml
 delete mode 100755 pipelines/develop/provision-database/task.sh
 delete mode 100644 pipelines/develop/provision-database/task.yaml
 delete mode 100755 pipelines/develop/provision-functions/task.sh
 delete mode 100644 pipelines/develop/provision-functions/task.yaml
 delete mode 100755 pipelines/develop/provision-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/develop/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/develop/provision-keepers-service/task.sh
 delete mode 100644 pipelines/develop/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/develop/provision-service/task.sh
 delete mode 100644 pipelines/develop/provision-service/task.yaml
 delete mode 100755 pipelines/develop/publish-image-keepers/task.sh
 delete mode 100644 pipelines/develop/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/develop/publish-image/task.sh
 delete mode 100644 pipelines/develop/publish-image/task.yaml
 delete mode 100644 pipelines/pr/pipeline.yaml
 delete mode 100755 pipelines/shared/build/task.sh
 delete mode 100644 pipelines/shared/build/task.yaml
 delete mode 100755 pipelines/shared/coverage/task.sh
 delete mode 100644 pipelines/shared/coverage/task.yaml
 delete mode 100755 pipelines/shared/test/task.sh
 delete mode 100644 pipelines/shared/test/task.yaml
 delete mode 100644 pipelines/tag/pipeline.yaml
 delete mode 100755 pipelines/tag/provision-database/task.sh
 delete mode 100644 pipelines/tag/provision-database/task.yaml
 delete mode 100755 pipelines/tag/provision-functions/task.sh
 delete mode 100644 pipelines/tag/provision-functions/task.yaml
 delete mode 100755 pipelines/tag/provision-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-image-storage-bucket/task.sh
 delete mode 100644 pipelines/tag/provision-image-storage-bucket/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-image-repository/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-image-repository/task.yaml
 delete mode 100755 pipelines/tag/provision-keepers-service/task.sh
 delete mode 100644 pipelines/tag/provision-keepers-service/task.yaml
 delete mode 100755 pipelines/tag/provision-service/task.sh
 delete mode 100644 pipelines/tag/provision-service/task.yaml
 delete mode 100755 pipelines/tag/publish-image-keepers/task.sh
 delete mode 100644 pipelines/tag/publish-image-keepers/task.yaml
 delete mode 100755 pipelines/tag/publish-image/task.sh
 delete mode 100644 pipelines/tag/publish-image/task.yaml
 delete mode 100644 state/bootstrap/bsn-demo-mendelevium.tfstate
 delete mode 100644 state/bootstrap/bsn-development-plutonium.tfstate
 delete mode 100644 state/bootstrap/bsn-production-oganesson.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate
 delete mode 100644 state/bootstrap/rdm-management-default.tfstate.backup
 create mode 100644 terraform/database/.terraform.lock.hcl
 rename {infra => terraform}/database/cluster.tf (67%)
 rename {infra => terraform}/database/endpoint.tf (68%)
 rename {infra => terraform}/database/outputs.tf (100%)
 rename {infra => terraform}/database/project.tf (83%)
 rename {infra => terraform}/database/providers.tf (72%)
 rename {infra => terraform}/database/terraform.tf (84%)
 rename {infra => terraform}/database/variables.tf (76%)
 create mode 100644 terraform/functions/.terraform.lock.hcl
 rename {infra => terraform}/functions/lambda.tf (90%)
 create mode 100644 terraform/functions/modules/lambda/iam.tf
 rename {infra => terraform}/functions/modules/lambda/lambda.tf (100%)
 rename {infra => terraform}/functions/modules/lambda/locals.tf (74%)
 rename {infra => terraform}/functions/modules/lambda/outputs.tf (95%)
 create mode 100644 terraform/functions/modules/lambda/security_group.tf
 rename {infra => terraform}/functions/modules/lambda/terraform.tf (88%)
 rename {infra => terraform}/functions/modules/lambda/variables.tf (100%)
 rename {infra => terraform}/functions/outputs.tf (100%)
 rename {infra => terraform}/functions/provider.tf (100%)
 rename {infra/keepers-service => terraform/functions}/terraform.tf (100%)
 rename {infra => terraform}/functions/variables.tf (62%)

diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
deleted file mode 100644
index 665b10e8..00000000
--- a/.git-crypt/.gitattributes
+++ /dev/null
@@ -1,4 +0,0 @@
-# Do not edit this file.  To specify the files to encrypt, create your own
-# .gitattributes file in the directory where your files are.
-* !filter !diff
-*.gpg binary
diff --git a/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg b/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg
deleted file mode 100644
index 33fd86c80e8c41e0fbbef0c94a4f51dcf8153360..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp5{(iS6;rKeW`2mgA=J1%tk6B%+%YSE{k<#x3Qd6g&J3HksZL}gat
z%a?q$%B+ZQzuURXH$dt-i-cw9I=1*LT<fvEc^BW3oliWN4HXMOo4EpSCDGDSI_RfY
zJscKq;Pbp75J!qb%A_`^V#8%yn-BtV8e7%UkG!}ps01O;0?LEc+9tFv4X4^WW8rJ}
zZQjT9lWIS}TLY`c5LDsT7LZr_OFgFUJ9mf7+WAGfQO}9kOsflu<}OuqH@0Y&I%-&%
z6JpJ4;k9a(tP)$WM2?KTT^X*usUNFaa&b%Vhr+Ww$a?y(vDtm_bF1)Zy?6$*{my)!
zCLwU*!x*mVwqV}}>?Ots4d&9o1Oe}2=k}=UwHMUVppF9oT<Z()(b+EUJJhwfS>k9#
zGFmG@m#3+LJf$|s%DJHoN}LKoo7QQnM^CsD$@1eGjW(rhK&|@HsL@=T^mBWg0X2f4
z6zG@V19R9~c^oV-q>c+jI*Z>M2<1e#QxS!}!0bpiNVWExB^A@@vF0-m*A&9AlYXJz
zJ^oy!Ngl$&8AO;2s%X+HjPD4b_MLPa>5|9VeC8p=VGn!ZD~C~c`;|J+{yXVr-(vpk
M<@|B8n?QFjjqAGa?EnA(

diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg
deleted file mode 100644
index 95cac3c1ed16dc0219ed9d3d0895974b570b55a5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^E$BT+qSxOk%h5C2qaLjb-Nj4WwQ;o<(j`@I@%9RY=x987d2`V2X&
zV<H-pSCUw?c1mSkTho)Mr(dFdn~@KW+bAiU#Le9Zd82Qt@At>{JqQ6Zqs>NpK`F&g
zoX`rk+8nsLnvRCNm&U~Q^R&8T`9(t=D)CHjg50j>d@;;WU>Cj6gmL2c41`jQR_kw*
zqlA}tWB_PTLk+cVL`0}7K7HVoZ9L#JfJK!1PhjNLYUQoudU}%9wFil_MM@A)>BhSW
zIAGlE^>~S24j(NeSA`=;bVg$WGs_xH|4gu)yJ70pF8+7t9%l<>PXb~NTc}nD{M=hJ
z-MTg~+km@i`&~CN5&U$5tHd61QX&z|oAkuM48DjJX=){urk(4yNK;a8c6soIN@i71
zE7-_GsFvN&!-wjA*3mWQ`D-<!bSW3#DQ)q>-uFP7<*AkfAr!a{?cu3t$X1}<M~dZn
zwqnJ0<gEHLs_DNje6yUuEJN74on~+N?;1TxS$_}I*y-}x@K%^;b=W9<=hJ2gLvDRF
zx4>_Vcvgv|Mg(asgOVNE5c7{uHeVk1=<k%!VA$%Zj63i_H?8QBuvnUz4=NCct#rH-
zn7tnt^;F4*M$8g^48N2bX+MukTEk(o7-36Hd^n9X^9h!({0K9a=zD3z!2zCWQ7Rrs
z!K&mBJmLwv6c@ym=Y!I~1OdnY>hv1O=?`pxV14tJuH)$93xqTwnhqWF3s*<o_MI=Y
zpZnPPH52Rqsag{lNtEbRpp)2yC|i>|c6@(XY2oBu?GIC4&fOE^^A2F-|DlSYcLYeT
z$`MioQ6bW@Olxx@tA0rvruk-N>#@Wq*hGYIiN1~_;?M;qK(qYYVkAyX6n*Qb7KY2O
zd+{!8LjEismTEbwsSdTnwoinmFEW!cs3U42kk^V^_-I}AUA`KB_y&Z?G_&xSfLsBI
Is7Os=GN>zQjsO4v

diff --git a/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg b/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg
deleted file mode 100644
index 15900f7566055946c478dcd99ac764e666c943e4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp8EeDc3*iP`D_2mf{OYfFk@1O4@HO7uU^0&(WrS7b%)abi}dUeUgR
zmiGA}HKq_t50|o~@DLvZX)bF9R4JJ2Lzd-4{fiMis@MhQ{5N3CD{)qiPOzyE2LxX;
z;P6WQZJL(NQ>b~Xe9IYN%HS`R;gMwZ(+PaKX|Fhe5wZL!oG)6@N%r8krXDIS=MIOJ
z-TAdMHzMc4x7!Uk{3w&K&V)%^BcgOTD8=?Mfyz2lWY`L~y5lR3G<hs+E885y#`wCL
z8hXjv9&XxU!vWZ(F5L@`H~=0}h@v(qi|^Nb2RA?%&>LbBgBaMOyY)k8{Lv}+fj2EF
z9pm*5n&}v$*<r_hloj*N)@#zh1ObCU&h5s}p;5KH1_6!W&)UNvm=9*AX0up^jtB9X
z?!nxvF*_{k1E_w)P1ruBtO&S0TLhAhQ~D_nN*(Leue<<*69iIokj0fWQDhkZLtGO>
z9e8J_iuH08BhFVmud1fdjEUjj%Q<sHY%ik=?b6aS(f~Jy<=J}AijB1Askf=!hQ}dG
z@H_{D*|VPp`vMUAKY?iSd7gVC6u&*`{K*>C0XSi)SWTXsspF$F*#!bC8lp|K0z?<O
MVmGSDj)@;ea$!H{JOBUy

diff --git a/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg b/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg
deleted file mode 100644
index 6dab001c6dd6e3198fbabaf745b1c8251585db3e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 726
zcmV;{0xA840t^Erfx44{9v21y5CFL&5X4e&mNU1x?7ZvW3WFG`5m=2E$cJ+2>0iwc
zc_1~5Zo+^ju6b38F}8?7ahInDD(~bwF>tnT6570Nj$BFwMd}ka?+LSS+KBhwa-rE<
zhT-%<l&$Hc!i+zt6F%$ITi_t8xX~JEb(U#q3w-!dKK*!G$0nraKhXE6-s|Pm2el@e
z!l;kEPrxi~Rt4(!)Xwq3mt+-<46~o684`_(nl52D$l4Cp3Q_i2kX6F{nO4u3g;?4x
zlaFBsJR_}!kN#yIM@ta^FrNvs>Lp8>W^#YN55*LgLt77tVnC<#kOff5mqJjPAcMry
zI29%{*aA(~KTq2?WJAa*OuZAqH;GKkSHc&O)`Ey~WeFg_A(bUo?b|iy<eN~%T72J3
z({=kv5OAzmaW)N^)iWJv)o4sZ4|!-q61@Y-MCDMDw7~?Wf;o9`qNQ$nazwd~JIU}H
zir23dUq5g+<9coO0(GQFza;YjB>>&sL2=4SEk@Wz$9J4CY<03yen<abLxy$cYjI{@
zo;yt+>3f0%x1m3nj5#J$1^_zgqT_Cku$=OsnZN59#Btw!PHT8otn0z{LWLTydw1mj
z8_Lq;i5!t4HJO)QModqkx-K`YviwTdxZax31&kqz^oeA)4|YY79FRZsGC~Jd=;x;(
ze&3+k{*l@rnv@VHImFVy1OZI0wpoU&nZGoQX`QExp-}Id*DP*4hEv0CA!^4>s<`hZ
z0Lm{el>=V(DRon8v1D=Q?jJ&!)mNO7Hb1w~m=mTWlGBh89s=?tvwY~s%#%r(S?A2o
ztfUwC`o-{9jJ_WBzPmbff3MVKKQ~6?G2d3<nuZ(tluQ31tXI8vLhQkUz_{lPrUa7a
z!hMS_wX(i@wSHVqr;Q^?Db#A69AvFkdb@A_5Wm~(WJnJWG;nI-tJ2eik5>{Ntl^*r
IQ92T~OC$eeeE<Le

diff --git a/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg b/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg
deleted file mode 100644
index 764c18307541f4ba8416fa094cefbd60fc1aaabe..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 470
zcmV;{0V)240Sp81;6RTHb>!Ir2mrW82U4e_-!;@@K#ni@!WYQfJ5FtSd_yx9DCjcA
zz95}Wxm8HzC1&7OhlW6ndnNn@W{+aU6ijwnyJe4R(P+8<r@0$75M-%o*uv?wG(>M4
zS;fN@(4M_lOPMzB4zpM&g6p%({r?1FMQ~w?U=u}=FR2OxlzKdh9658)b$<MV#od{4
zS93xdk9z*7dVFDoOT4XOkBOwy1KjsB&i;+A){iTe?VZQOQJjFqR$1*ZjcGL_pj#Ib
zAn5!5*7&X8{0h8YK~G4qVZIlz2*TAFs&b0d`%`{Px(WZS?pfD4dhT3mo`=-&ZtFCy
zr*YS%Ch&*in7&@+ljtRSssz%&1OaS&3sNsnmUT-oClWxMJ;-lAkgxRI*G&hD^u}#S
zEGCF<gg&|}j=?^OzK>soe84x^lX8a;4hK?trT<4=_*317&8%g)zK^mJ@bP6NfMSHR
zl&Krj-9;3;p*hum6e7qi1Ao=AxdS>F`)xsJs?g@DK!{?6$0QI{h*<liVs7x$_L2Tj
zX5lbDJ*Z5+`mXfKx^Nn+jotq0jkTsGtB<IwPM<8~C*UC9TqY6n_n~+?)2l;b>Cu&d
Mt0twE#yl1Ow9Ojtp8x;=

diff --git a/.gitattributes b/.gitattributes
index 986e6e4e..52031de5 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1 @@
-config/secrets/** filter=git-crypt diff=git-crypt
 *.sol linguist-language=Solidity
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 00000000..128ed465
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,125 @@
+name: Build and Deploy leptonite.io
+
+on:
+  push:
+    branches:
+      - radu/migration
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  api:
+    name: API related tasks
+    runs-on: ubuntu-latest
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    services:
+      mongodb:
+        image: mongo:4.4.8
+        ports:
+          - 27017:27017
+        env:
+          MONGO_INITDB_ROOT_USERNAME: admin
+          MONGO_INITDB_ROOT_PASSWORD: secret
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - run: npm run app:lint
+      - run: npm run app:format
+      - run: npm run tests:app:lint
+      - run: npm run tests:app:format
+      - run: npm run tests:app:unit:coverage
+      - run: npm run tests:app:persistence:coverage
+      - run: npm run tests:app:persistence
+      - run: npm run tests:app:component:coverage
+      - run: npm run tests:app:component
+      - run: npm run tests:coverage:badge
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+
+  keepers:
+    name: Keepers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./external/keepers"
+    env:
+      REGISTRY: 031036423983.dkr.ecr.eu-west-2.amazonaws.com
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '12'
+          cache: 'npm'
+      - run: npm install
+      - name: Configure AWS credentials
+        if: ${{ github.event_name == 'push' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        if: ${{ github.event_name == 'push' }}
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Build and push
+        if: ${{ github.event_name == 'push' }}
+        run: |
+          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+
+  triggers:
+    name: Triggers related tasks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: "./terraform/functions"
+    steps:
+      - uses: actions/checkout@v2
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_wrapper: false
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check -recursive
+      - name: Terraform Init
+        id: init
+        run: terraform init -backend-config=$TF_BACKEND_BUCKET -backend-config=$TF_BACKEND_STATE_KEY -backend-config='region=eu-west-2' -backend-config='encrypt=true'
+        env:
+          TF_BACKEND_BUCKET: ${{ secrets.TF_BACKEND_BUCKET }}
+          TF_BACKEND_STATE_KEY: ${{ secrets.TF_BACKEND_STATE_KEY }}
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+      - run: 'echo "$TFVARS" > terraform.tfvars'
+        shell: bash
+        env:
+          TFVARS: ${{ secrets.TFVARS }}
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -no-color
diff --git a/.gitignore b/.gitignore
index 9432f1a4..9a2b04dd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,39 @@ node_modules
 
 # Personal Preferences
 .vscode
+
+### Terraform template
+# Local .terraform directories
+terraform/**/.terraform/**
+
+# .tfstate files
+terraform/*.tfstate
+terraform/*.tfstate.*
+
+# Crash log files
+terraform/crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+terraform/*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+terraform/override.tf
+terraform/override.tf.json
+terraform/*_override.tf
+terraform/*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+terraform/.terraformrc
+terraform/terraform.rc
\ No newline at end of file
diff --git a/.ruby-version b/.ruby-version
deleted file mode 100644
index fbafd6b6..00000000
--- a/.ruby-version
+++ /dev/null
@@ -1 +0,0 @@
-2.7.2
\ No newline at end of file
diff --git a/image/Dockerfile b/Dockerfile
similarity index 94%
rename from image/Dockerfile
rename to Dockerfile
index 7c30762b..deaf505f 100644
--- a/image/Dockerfile
+++ b/Dockerfile
@@ -26,9 +26,5 @@ RUN cd /opt/reference-backend \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/reference-backend/bin/docker-entrypoint.sh"]
diff --git a/Gemfile b/Gemfile
deleted file mode 100644
index fa40e32d..00000000
--- a/Gemfile
+++ /dev/null
@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'rake', '~> 13.0'
-gem 'rake_terraform', '~> 1.19'
-gem 'rake_docker', '~> 2.13'
-gem 'rake_fly', '~> 2.7'
-gem 'rake_gpg', '~> 0.16'
-gem 'git', '~> 1.8'
-gem 'confidante', '~> 0.27'
-gem 'shivers', '~> 0.5'
diff --git a/Gemfile.lock b/Gemfile.lock
deleted file mode 100644
index a7dfb8bf..00000000
--- a/Gemfile.lock
+++ /dev/null
@@ -1,157 +0,0 @@
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activesupport (6.1.3.2)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    aws-eventstream (1.1.1)
-    aws-partitions (1.465.0)
-    aws-sdk-core (3.114.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.239.0)
-      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
-    aws-sdk-ecr (1.42.0)
-      aws-sdk-core (~> 3, >= 3.112.0)
-      aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.2.3)
-      aws-eventstream (~> 1, >= 1.0.2)
-    colored2 (3.1.2)
-    concourse.rb (0.4.0)
-      dry-schema (~> 0.5)
-      excon (~> 0.72)
-      semantic (~> 1.5)
-    concurrent-ruby (1.1.8)
-    confidante (0.27.0)
-      activesupport (>= 4)
-      hiera (~> 3.3, >= 3.3.1)
-      shikashi (~> 0.6)
-    docker-api (1.34.2)
-      excon (>= 0.47.0)
-      multi_json
-    dry-configurable (0.12.1)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5.0)
-    dry-container (0.7.2)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.1, >= 0.1.3)
-    dry-core (0.5.0)
-      concurrent-ruby (~> 1.0)
-    dry-equalizer (0.3.0)
-    dry-inflector (0.2.0)
-    dry-initializer (3.0.4)
-    dry-logic (1.2.0)
-      concurrent-ruby (~> 1.0)
-      dry-core (~> 0.5, >= 0.5)
-    dry-schema (0.6.0)
-      concurrent-ruby (~> 1.0)
-      dry-configurable (~> 0.8, >= 0.8.0)
-      dry-core (~> 0.4)
-      dry-equalizer (~> 0.2)
-      dry-initializer (~> 3.0)
-      dry-logic (~> 1.0)
-      dry-types (~> 1.0)
-    dry-types (1.5.1)
-      concurrent-ruby (~> 1.0)
-      dry-container (~> 0.3)
-      dry-core (~> 0.5, >= 0.5)
-      dry-inflector (~> 0.1, >= 0.1.2)
-      dry-logic (~> 1.0, >= 1.0.2)
-    evalhook (0.6.0)
-      partialruby (~> 0.3)
-      sexp_processor (~> 4.0)
-    excon (0.82.0)
-    getsource (0.2.2)
-    git (1.8.1)
-      rchardet (~> 1.8)
-    hamster (3.0.0)
-      concurrent-ruby (~> 1.0)
-    hiera (3.7.0)
-    i18n (1.8.10)
-      concurrent-ruby (~> 1.0)
-    immutable-struct (2.4.1)
-    jmespath (1.4.0)
-    lino (3.0.0)
-      hamster (~> 3.0)
-      open4 (~> 1.3)
-    minitar (0.9)
-    minitest (5.14.4)
-    multi_json (1.15.0)
-    open4 (1.3.4)
-    partialruby (0.3.0)
-      ruby2ruby (~> 2)
-      ruby_parser (~> 3)
-    rake (13.0.3)
-    rake_dependencies (2.11.0)
-      hamster (~> 3.0)
-      minitar (~> 0.9)
-      rake_factory (~> 0.23)
-      rubyzip (>= 1.3)
-    rake_docker (2.13.0)
-      aws-sdk-ecr (~> 1.2)
-      colored2 (~> 3.1)
-      docker-api (~> 1.34)
-      rake_factory (~> 0.23)
-    rake_factory (0.29.0)
-      activesupport (>= 4)
-      rake (~> 13.0)
-    rake_fly (2.7.0)
-      concourse.rb (>= 0.4)
-      rake_dependencies (~> 2, < 3)
-      rake_factory (>= 0.29, < 1)
-      ruby_fly (>= 0.35)
-      semantic (~> 1.6.1)
-    rake_gpg (0.16.0)
-      rake_factory (>= 0.23, < 1)
-      ruby_gpg2 (>= 0.6, < 1)
-    rake_terraform (1.19.0)
-      colored2 (~> 3.1)
-      rake_dependencies (~> 2.11)
-      rake_factory (~> 0.23)
-      ruby-terraform (~> 1.1)
-    rchardet (1.8.0)
-    ruby-terraform (1.2.0)
-      immutable-struct (~> 2.4)
-      lino (~> 3.0)
-    ruby2ruby (2.4.4)
-      ruby_parser (~> 3.1)
-      sexp_processor (~> 4.6)
-    ruby_fly (0.35.0)
-      lino (>= 1.5)
-    ruby_gpg2 (0.8.0)
-      lino (>= 1.5)
-    ruby_parser (3.16.0)
-      sexp_processor (~> 4.15, >= 4.15.1)
-    rubyzip (2.3.0)
-    semantic (1.6.1)
-    sexp_processor (4.15.3)
-    shikashi (0.6.0)
-      evalhook (>= 0.6.0)
-      getsource (>= 0.1.0)
-    shivers (0.5.0)
-      semantic (~> 1.6)
-    tzinfo (2.0.4)
-      concurrent-ruby (~> 1.0)
-    zeitwerk (2.4.2)
-
-PLATFORMS
-  arm64-darwin-20
-  x86_64-darwin-19
-  x86_64-darwin-20
-  x86_64-linux
-
-DEPENDENCIES
-  confidante (~> 0.27)
-  git (~> 1.8)
-  rake (~> 13.0)
-  rake_docker (~> 2.13)
-  rake_fly (~> 2.7)
-  rake_gpg (~> 0.16)
-  rake_terraform (~> 1.19)
-  shivers (~> 0.5)
-
-BUNDLED WITH
-   2.2.18
diff --git a/Rakefile b/Rakefile
deleted file mode 100644
index d0c002de..00000000
--- a/Rakefile
+++ /dev/null
@@ -1,812 +0,0 @@
-require 'git'
-require 'confidante'
-require 'rake_terraform'
-require 'ruby_terraform/output'
-require 'rake_docker'
-require 'rake_fly'
-require 'rake_gpg'
-require 'rake_factory/kernel_extensions'
-require 'shivers'
-
-configuration = Confidante.configuration
-version = Shivers::Version.from_file('build/version')
-
-Docker.options = {
-  read_timeout: 300
-}
-
-RakeFly.define_installation_tasks(version: '6.7.2')
-RakeTerraform.define_installation_tasks(
-  path: File.join(Dir.pwd, 'vendor', 'terraform'),
-  version: '0.15.4')
-
-task :default => [
-  :build_fix,
-  :test
-]
-
-task :build => [
-  :"app:lint",
-  :"app:format",
-  :"tests:app:lint",
-  :"tests:app:format"
-]
-
-task :build_fix => [
-  :"app:lint_fix",
-  :"app:format_fix",
-  :"tests:app:lint_fix",
-  :"tests:app:format_fix"
-]
-
-namespace :keys do
-  namespace :app do
-    namespace :passphrase do
-      task :generate do
-        File.open('config/secrets/app/gpg.passphrase', 'w') do |f|
-          f.write(SecureRandom.base64(36))
-        end
-      end
-    end
-
-    namespace :gpg do
-      RakeGPG.define_generate_key_task(
-          output_directory: 'config/secrets/app',
-          name_prefix: 'gpg',
-          armor: false,
-          owner_name: 'Leptonite Maintainers',
-          owner_email: 'maintainers@leptonite.io',
-          owner_comment: 'Service key'
-      ) do |t|
-        t.passphrase =
-            File.read('config/secrets/app/gpg.passphrase')
-      end
-    end
-
-    task generate: %w[passphrase:generate gpg:generate]
-  end
-end
-
-task :test, [:deployment_type, :deployment_label] do |_, args|
-  [
-    :'tests:app:unit',
-    :'tests:app:persistence',
-    :'tests:app:component'
-  ].each do |task_name|
-    Rake::Task[task_name].invoke(*args)
-  end
-end
-
-namespace :secrets do
-  desc 'Check if secrets are readable'
-  task :check do
-    if File.exist?('config/secrets')
-      puts 'Checking if secrets are accessible.'
-      unless File.read('config/secrets/.unlocked').strip == "true"
-        raise RuntimeError, Paint['Cannot access secrets.', :red]
-      end
-      puts 'Secrets accessible. Continuing.'
-    end
-  end
-
-  desc 'Unlock secrets'
-  task :unlock do
-    if File.exist?('config/secrets')
-      puts 'Unlocking secrets.'
-      sh('git crypt unlock')
-    end
-  end
-end
-
-namespace :app do
-  namespace :dependencies do
-    desc "Install all app dependencies"
-    task :install do
-      sh('npm', 'install')
-    end
-  end
-
-  desc "Lint all app sources"
-  task :lint => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint')
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:lint-fix')
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format')
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    sh('npm', 'run', 'app:format-fix')
-  end
-
-  desc "Run the app as a local process"
-  task :run => [:'dependencies:install', :'database:local:provision'] do
-    configuration = configuration
-      .for_scope(
-        deployment_type: 'local',
-        deployment_label: 'development',
-        role: 'local-app'
-      )
-
-    environment = configuration
-      .environment
-      .map { |k, v| [k.to_s, v] }
-      .to_h
-
-    sh(environment, 'npm', 'run', 'start')
-  end
-end
-
-namespace :functions do
-  namespace :dependencies do
-    desc "Install all functions dependencies"
-    task :install do
-      Dir.chdir('external/lambdas') do
-        sh('npm', 'install')
-      end
-    end
-  end
-
-  desc "Lint all function sources"
-  task :lint => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint')
-    end
-  end
-
-  desc "Lint & fix all app source"
-  task :lint_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:lint-fix')
-    end
-  end
-
-  desc "Format all app sources"
-  task :format => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format')
-    end
-  end
-
-  desc "Format & fix all app sources"
-  task :format_fix => [:'dependencies:install'] do
-    Dir.chdir('external/lambdas') do
-      sh('npm', 'run', 'functions:format-fix')
-    end
-  end
-end
-
-namespace :bootstrap do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'bootstrap infrastructure',
-    argument_names: [:deployment_type, :deployment_label]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h.merge(role: 'bootstrap'))
-
-    deployment_identifier = configuration.deployment_identifier
-    vars = configuration.vars
-
-    t.source_directory = 'infra/bootstrap'
-    t.work_directory = 'build'
-
-    t.state_file =
-      File.join(
-        Dir.pwd, "state/bootstrap/#{deployment_identifier}.tfstate")
-    t.vars = vars
-  end
-end
-
-namespace :database do
-  namespace :test do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-test-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :local do
-    RakeDocker.define_container_tasks(
-      container_name: 'reference-backend-local-database') do |t|
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'development')
-
-      t.image = "mongo:#{configuration.database_version}"
-      t.ports = ["#{configuration.database_port}:27017"]
-      t.environment = [
-        "MONGO_INITDB_ROOT_USERNAME=#{configuration.database_username}",
-        "MONGO_INITDB_ROOT_PASSWORD=#{configuration.database_password}",
-      ]
-    end
-  end
-
-  namespace :environment do
-    RakeTerraform.define_command_tasks(
-      configuration_name: 'database',
-      argument_names: [:deployment_type, :deployment_label]) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'database'))
-
-      vars = configuration.vars
-      backend_config = configuration.backend_config
-
-      t.source_directory = 'infra/database'
-      t.work_directory = 'build'
-
-      t.vars = vars
-      t.backend_config = backend_config
-    end
-  end
-
-  namespace :contextual do
-    task :ensure, [:deployment_type, :deployment_label] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      database_type = configuration
-        .for_scope(args.to_h)
-        .database_type
-      task_name = (database_type == 'deployed') ?
-        'database:environment:provision' :
-        'database:test:provision'
-
-      Rake::Task[task_name].invoke(*args)
-    end
-  end
-end
-
-namespace :tests do
-  namespace :app do
-    desc "Lint all tests"
-    task :lint => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint')
-    end
-
-    desc "Lint & fix all tests"
-    task :lint_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:lint-fix')
-    end
-
-    desc "Format all test files"
-    task :format => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format')
-    end
-
-    desc "Format & fix all test files"
-    task :format_fix => [:'app:dependencies:install'] do
-      sh('npm', 'run', 'tests:app:format-fix')
-    end
-
-    desc "Run all unit tests"
-    task :unit => [:'app:dependencies:install'] do
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:unit:coverage' :
-        'tests:app:unit'
-      sh('npm', 'run', script_name)
-    end
-
-    desc "Run all integration tests"
-    task :integration => [:'app:dependencies:install'] do
-      configuration = configuration
-        .for_scope(
-          deployment_type: 'local',
-          deployment_label: 'testing',
-          role: 'integration-tests'
-        )
-
-      environment = configuration
-        .environment
-        .map { |k, v| [k.to_s, v] }
-        .to_h
-
-      sh(environment, 'npm', 'run', 'tests:app:integration')
-    end
-
-    desc "Run all persistence tests"
-    task :persistence,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:persistence:coverage' :
-        'tests:app:persistence'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    desc "Run all component tests"
-    task :component,
-         [:deployment_type, :deployment_label] =>
-           [:'app:dependencies:install'] do |_, args|
-      args.with_defaults(
-        deployment_type: 'local',
-        deployment_label: 'testing')
-
-      Rake::Task['database:contextual:ensure'].invoke(*args)
-
-      script_name = ENV["INCLUDE_COVERAGE"] == 'true' ?
-        'tests:app:component:coverage' :
-        'tests:app:component'
-      sh(database_overrides_for(configuration, args),
-         'npm', 'run', script_name)
-    end
-
-    namespace :coverage do
-      desc "Run coverage badge creation"
-      task :badge => [:'app:dependencies:install'] do |_, args|
-        sh('npm', 'run', 'tests:coverage:badge')
-      end
-    end
-  end
-end
-
-namespace :lambda do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend keepers lambda',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'functions'))
-
-    t.source_directory = 'infra/functions'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :keepers_image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.source_directory = 'infra/keepers-image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image_repository do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend image repository',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.source_directory = 'infra/image-repository'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :image do
-  RakeDocker.define_image_tasks(
-    image_name: 'reference-backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image/Dockerfile',
-      'image/docker-entrypoint.sh',
-      'src/',
-      'app.js',
-      'package.json',
-      'package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_keepers do
-  RakeDocker.define_image_tasks(
-    image_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-      configuration.for_scope(args.to_h.merge(role: 'keepers-image-repository'))
-
-    t.work_directory = 'build/images'
-
-    t.copy_spec = [
-      'image-keepers/Dockerfile',
-      'image-keepers/docker-entrypoint.sh',
-      'external/keepers/src/',
-      'external/keepers/package.json',
-      'external/keepers/package-lock.json'
-    ]
-    t.create_spec = [
-      { content: version.to_s, to: 'VERSION' },
-      { content: version.to_docker_tag, to: 'TAG' }
-    ]
-
-    t.repository_name = configuration.keepers_image_repository_name
-    t.repository_url = dynamic do
-      JSON.parse(
-        RubyTerraform::Output.for(
-          name: 'repository_url',
-          source_directory: 'infra/keepers-image-repository',
-          work_directory: 'build',
-          backend_config: configuration.backend_config
-        )
-      )
-    end
-
-    t.credentials = dynamic do
-      RakeDocker::Authentication::ECR.new do |c|
-        c.region = configuration.region
-        c.registry_id =
-          JSON.parse(
-            RubyTerraform::Output.for(
-              name: 'registry_id',
-              source_directory: 'infra/keepers-image-repository',
-              work_directory: 'build',
-              backend_config: configuration.backend_config
-            )
-          )
-      end.call
-    end
-
-    t.tags = [version.to_docker_tag, 'latest']
-  end
-end
-
-namespace :image_storage_bucket do
-  RakeTerraform.define_command_tasks(
-      configuration_name: 'reference backend image storage bucket',
-      argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    configuration =
-        configuration.for_scope(args.to_h.merge(role: 'image-storage-bucket'))
-
-    t.source_directory = 'infra/image-storage-bucket'
-    t.work_directory = 'build'
-
-    t.backend_config = configuration.backend_config
-    t.vars = configuration.vars
-  end
-end
-
-namespace :service do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'reference backend',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'service'))
-
-    t.source_directory = 'infra/service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :service_keepers do
-  RakeTerraform.define_command_tasks(
-    configuration_name: 'keepers',
-    argument_names: %i[deployment_type deployment_label]
-  ) do |t, args|
-    version_configuration = { version_number: version.to_docker_tag }
-    service_configuration =
-      configuration
-        .for_overrides(version_configuration)
-        .for_scope(args.to_h.merge(role: 'keepers-service'))
-
-    t.source_directory = 'infra/keepers-service'
-    t.work_directory = 'build'
-
-    t.backend_config = service_configuration.backend_config
-    t.vars = service_configuration.vars
-  end
-end
-
-namespace :ci do
-  RakeFly.define_authentication_tasks(
-    namespace: :authentication,
-    argument_names: [
-      :ci_deployment_type,
-      :ci_deployment_label
-    ]) do |t, args|
-    configuration = configuration
-      .for_scope(args.to_h)
-
-    t.target = configuration.concourse_team
-    t.concourse_url = configuration.concourse_url
-    t.team = configuration.concourse_team
-    t.username = configuration.concourse_username
-    t.password = configuration.concourse_password
-
-    t.home_directory = 'build/fly'
-  end
-
-  namespace :pipeline do
-    RakeFly.define_pipeline_tasks(
-      namespace: :develop,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'develop-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-develop"
-
-      t.config = 'pipelines/develop/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :demo,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'demo-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-demo"
-
-      t.config = 'pipelines/demo/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :production,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label
-      ]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'tag-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-production"
-
-      t.config = 'pipelines/tag/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    RakeFly.define_pipeline_tasks(
-      namespace: :builder,
-      argument_names: [
-        :ci_deployment_type,
-        :ci_deployment_label]
-    ) do |t, args|
-      configuration = configuration
-        .for_scope(args.to_h.merge(role: 'builder-pipeline'))
-      ci_deployment_type = configuration.ci_deployment_identifier
-
-      t.target = configuration.concourse_team
-      t.team = configuration.concourse_team
-      t.pipeline = "reference-backend-builder"
-
-      t.config = 'pipelines/builder/pipeline.yaml'
-
-      t.vars = configuration.vars
-      t.var_files = [
-        'config/secrets/pipeline/constants.yaml',
-        "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-      ]
-
-      t.non_interactive = true
-      t.home_directory = 'build/fly'
-    end
-
-    namespace :pr do
-      RakeFly.define_pipeline_tasks(
-        argument_names: [
-          :ci_deployment_type,
-          :ci_deployment_label,
-          :branch
-        ]
-      ) do |t, args|
-        branch = args.branch || pr_metadata_branch
-
-        configuration = configuration
-          .for_scope(args.to_h.merge(role: 'pr-pipeline'))
-          .for_overrides(source_repository_branch: branch)
-
-        ci_deployment_type = configuration.ci_deployment_identifier
-
-        t.target = configuration.concourse_team
-        t.team = configuration.concourse_team
-        t.pipeline = "reference-backend-pr-#{to_pipeline_name(branch)}"
-
-        t.config = 'pipelines/pr/pipeline.yaml'
-
-        t.vars = configuration.vars
-        t.var_files = [
-          'config/secrets/pipeline/constants.yaml',
-          "config/secrets/pipeline/#{ci_deployment_type}.yaml"
-        ]
-
-        t.non_interactive = true
-        t.home_directory = 'build/fly'
-      end
-
-      task :handle, [
-        :ci_deployment_type,
-        :ci_deployment_label,
-        :branch,
-        :state
-      ] do |_, args|
-        branch = args.branch || pr_metadata_branch
-        state = args.state || pr_metadata_state
-
-        if state == "OPEN"
-          Rake::Task[:"ci:pipeline:pr:push"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        else
-          Rake::Task[:"ci:pipeline:pr:destroy"].invoke(
-            args.ci_deployment_type,
-            args.ci_deployment_label,
-            branch)
-        end
-      end
-    end
-  end
-
-  namespace :pipelines do
-    desc "Push all pipelines"
-    task :push, [:ci_deployment_type, :ci_deployment_label] do |_, args|
-      Rake::Task[:"ci:pipeline:develop:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:demo:push"].invoke(*args)
-      Rake::Task[:"ci:pipeline:builder:push"].invoke(*args)
-    end
-  end
-end
-
-def pr_metadata_value(key)
-  File.exist?(".git/resource/#{key}") ?
-    File.read(".git/resource/#{key}") :
-    nil
-end
-
-def pr_metadata_branch
-  pr_metadata_value("head_name")
-end
-
-def pr_metadata_state
-  pr_metadata_value("state")
-end
-
-def current_branch
-  Git.open(File.dirname(__FILE__)).current_branch
-end
-
-def to_db_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "")
-end
-
-def to_pipeline_name(string)
-  string.gsub(/[^a-zA-Z0-9_-]/, "_")
-end
-
-def database_overrides_for(configuration, args)
-  configuration = configuration
-    .for_scope(args.to_h.merge(role: 'database'))
-
-  (configuration.database_type == 'deployed') ?
-    {
-      "DB_CONNECTION_STRING" =>
-        RubyTerraform::Output.for(
-          name: 'connection_string',
-          source_directory: 'infra/database',
-          work_directory: 'build',
-          backend_config: configuration.backend_config),
-      "DB_USERNAME" => configuration.database_username,
-      "DB_PASSWORD" => configuration.database_password,
-      "DB_NAME" => to_db_name(current_branch)
-    } :
-    {}
-end
diff --git a/config/ci/rdm-management-default.yaml b/config/ci/rdm-management-default.yaml
deleted file mode 100644
index f9e09032..00000000
--- a/config/ci/rdm-management-default.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-ci_account_id: "%{hiera('rdm_management_account_id')}"
-
-ci_deployment_identifier: "%{ci_deployment_type}-%{ci_deployment_label}"
-
-ci_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('ci_deployment_identifier')}"
-ci_storage_bucket_region: "%{hiera('region')}"
-ci_storage_bucket_encryption: "AES256"
-
-concourse_url: "https://ci-server.rdm-management.redeemeum.io"
-concourse_team: "bosonprotocol"
-
-image_repository_base_url: "%{hiera('rdm_management_account_id')}.dkr.ecr.%{hiera('region')}.amazonaws.com"
-
-node_builder_image_repository_name: "rdm/node-12-builder"
-node_builder_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('node_builder_image_repository_name')}"
-
-app_image_repository_name: "%{hiera('image_repository_name')}"
-app_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('app_image_repository_name')}"
-keepers_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('keepers_image_repository_name')}"
diff --git a/config/defaults.yaml b/config/defaults.yaml
deleted file mode 100644
index 7e09c4fa..00000000
--- a/config/defaults.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-# General
-region: "eu-west-2"
-
-component: "reference-backend"
-deployment_identifier: "%{deployment_type}-%{deployment_label}"
-
-source_repository_name: "bosonprotocol/reference-backend"
-source_repository_url: "git@github.com:%{hiera('source_repository_name')}.git"
-source_repository_branch: "develop"
-
-image_repository_name: "bsn/reference-backend"
-keepers_image_repository_name: "bsn/keepers"
-
-storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}"
-storage_bucket_encryption: "AES256"
-
-secrets_bucket_name: "%{hiera('storage_bucket_name')}"
-
-image_storage_bucket_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage"
-image_storage_user_name: "bsn-%{hiera('component')}-%{hiera('deployment_identifier')}-image-storage-user"
-image_storage_user_public_gpg_key_path: "%{cwd}/config/secrets/app/gpg.public"
-
-admin_role_name: "cross-account-admin-role"
-
-rdm_management_account_id: "031036423983"
-
-bsn_parent_account_id: "915981965568"
-bsn_development_potassium_account_id: "384010198059"
-bsn_production_lutetium_account_id: "371854298993"
-
-bsn_parent_account_admin_role: "arn:aws:iam::%{hiera('bsn_parent_account_id')}:role/%{hiera('admin_role_name')}"
diff --git a/config/deployments/bsn-demo-mendelevium.yaml b/config/deployments/bsn-demo-mendelevium.yaml
deleted file mode 100644
index df643a26..00000000
--- a/config/deployments/bsn-demo-mendelevium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x6ae1FCe8b0BcEe14d498C043D64b6a4a19c0E4A8"
-token_contact_address: "0x66c02B4C0f1b8205B090AEB0266577557167AF47"
-boson_router_contact_address: "0xe2AfF6a81Aa47149AAd39a0c320B5895E6f266D0"
-cashier_address: "0xa49925E6064CeB7E0777BD9E864a71518Cd141A8"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-demo-selenium"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-development-plutonium.yaml b/config/deployments/bsn-development-plutonium.yaml
deleted file mode 100644
index e4fe1967..00000000
--- a/config/deployments/bsn-development-plutonium.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_development_potassium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x469eF8b9F583920318Ce3dd095A0402A4b061bb0"
-token_contact_address: "0xe8637906721051D860af222E6021826887d9e358"
-boson_router_contact_address: "0xf7EEBa6c7a4eC07735b4AcaC8f8AF608f9Ecb8Cf"
-cashier_address: "0x0ab0Fec353C6653F2eD05b5E5ceb4fB27c7d7902"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-development-palladium"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-development-tennessine"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/bsn-production-oganesson.yaml b/config/deployments/bsn-production-oganesson.yaml
deleted file mode 100644
index 9f81d75d..00000000
--- a/config/deployments/bsn-production-oganesson.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_name: "api"
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-voucher_kernel_address: "0x72ed3a45303D5102B92b6F837162684673c40477"
-token_contact_address: "0x94588Ba858c7F67B60a0a079FE2131c4C0351fB9"
-boson_router_contact_address: "0x6D7f06CC2F2583A44226A9077Bea8C5f646B5095"
-cashier_address: "0x5aF8E92541Ce126d2BfF69A03F301a7E16943A9c"
-
-# State
-domain_state_bucket_name: "bsn-aws-application-account-bsn-production-lutetium"
-domain_state_key: "common/deployment-state/default.tfstate"
-domain_state_bucket_region: "%{hiera('region')}"
-domain_state_bucket_is_encrypted: "true"
-
-network_state_bucket_name: "bsn-application-network-bsn-production-fluorine"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-cluster_state_bucket_name: "bsn-application-cluster-bsn-production-gold"
-cluster_state_key: "cluster/deployment-state/default.tfstate"
-cluster_state_bucket_region: "%{hiera('region')}"
-cluster_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-service_state_key: "service/deployment-state/default.tfstate"
-service_state_bucket_region: "%{hiera('region')}"
-service_state_bucket_is_encrypted: "true"
-
-keepers_service_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_service_state_key: "keepers-service/deployment-state/default.tfstate"
-keepers_service_state_bucket_region: "%{hiera('region')}"
-keepers_service_state_bucket_is_encrypted: "true"
-
-functions_state_bucket_name: "%{hiera('storage_bucket_name')}"
-functions_state_key: "functions/deployment-state/default.tfstate"
-functions_state_bucket_region: "%{hiera('region')}"
-functions_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-development.yaml b/config/deployments/local-development.yaml
deleted file mode 100644
index c4a85e3d..00000000
--- a/config/deployments/local-development.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27018"
-database_version: "4.4"
-
-database_type: "local"
-
-app_port: "3001"
-
-token_secret: "e039b2caa4b26f6ec6c65388676389e917e0cd248aaf1222df0540b9bb60d160393e15620e5155cbe2abb97f1b3f96483f670a5788d17a2488077bbce696afcc"
-gcloud_secret: "e9c21f96242935be36928c9acb44ef88b1153644994ba1"
-
-image_upload_storage_engine: "AWS"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/local-testing.yaml b/config/deployments/local-testing.yaml
deleted file mode 100644
index 8f5b31b2..00000000
--- a/config/deployments/local-testing.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# General
-database_username: "admin"
-database_password: "secret"
-database_port: "27017"
-database_version: "4.4"
-
-database_type: "local"
-
-# State
-image_storage_bucket_state_bucket_name: "bsn-%{hiera('component')}-rdm-management-default"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/%{hiera('deployment_identifier')}.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/deployments/rdm-management-default.yaml b/config/deployments/rdm-management-default.yaml
deleted file mode 100644
index 636ee0d8..00000000
--- a/config/deployments/rdm-management-default.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-# General
-storage_bucket_allowed_account_ids:
-  - "%{hiera('rdm_management_account_id')}"
-  - "%{hiera('bsn_development_potassium_account_id')}"
-  - "%{hiera('bsn_production_lutetium_account_id')}"
-
-development_tennessine_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210413135553345900000003"
-demo_selenium_cluster_instance_role_arn: "arn:aws:iam::384010198059:role/terraform-20210623150921670400000003"
-production_gold_cluster_instance_role_arn: "arn:aws:iam::371854298993:role/terraform-20210413135959680100000003"
-
-image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-keepers_image_repository_allowed_role_arns:
-  - "%{hiera('development_tennessine_cluster_instance_role_arn')}"
-  - "%{hiera('demo_selenium_cluster_instance_role_arn')}"
-  - "%{hiera('production_gold_cluster_instance_role_arn')}"
-
-database_version: "4.4"
-database_instance_size_name: "M10"
-database_allow_cidrs:
-  - "10.0.0.0/8"
-
-database_username: "%{hiera('database_service_user_username')}"
-database_password: "%{hiera('database_service_user_password')}"
-
-database_type: "deployed"
-
-image_upload_storage_engine: "AWS"
-
-# State
-network_state_bucket_name: "rdm-tooling-network-rdm-management-default"
-network_state_key: "network/deployment-state/default.tfstate"
-network_state_bucket_region: "%{hiera('region')}"
-network_state_bucket_is_encrypted: "true"
-
-database_state_bucket_name: "%{hiera('storage_bucket_name')}"
-database_state_key: "database/deployment-state/default.tfstate"
-database_state_bucket_region: "%{hiera('region')}"
-database_state_bucket_is_encrypted: "true"
-
-image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_repository_state_key: "image-repository/deployment-state/default.tfstate"
-image_repository_state_bucket_region: "%{hiera('region')}"
-image_repository_state_bucket_is_encrypted: "true"
-
-keepers_image_repository_state_bucket_name: "%{hiera('storage_bucket_name')}"
-keepers_image_repository_state_key: "keepers-image-repository/deployment-state/default.tfstate"
-keepers_image_repository_state_bucket_region: "%{hiera('region')}"
-keepers_image_repository_state_bucket_is_encrypted: "true"
-
-image_storage_bucket_state_bucket_name: "%{hiera('storage_bucket_name')}"
-image_storage_bucket_state_key: "image-storage-bucket/deployment-state/default.tfstate"
-image_storage_bucket_state_bucket_region: "%{hiera('region')}"
-image_storage_bucket_state_bucket_is_encrypted: "true"
diff --git a/config/hiera.yaml b/config/hiera.yaml
deleted file mode 100644
index 86af7c11..00000000
--- a/config/hiera.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-:backends:
-  - "overrides"
-  - "env"
-  - "yaml"
-:logger: "noop"
-:yaml:
-  :datadir: "config"
-:hierarchy:
-  - "roles/%{role}"
-  - "deployments/%{deployment_type}-%{deployment_label}"
-  - "pipelines/defaults"
-  - "ci/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "secrets/gcp/%{deployment_type}-%{deployment_label}"
-  - "secrets/app/%{deployment_type}-%{deployment_label}"
-  - "secrets/mongodbatlas/credentials"
-  - "secrets/database/%{deployment_type}-%{deployment_label}"
-  - "secrets/pipeline/%{ci_deployment_type}-%{ci_deployment_label}"
-  - "defaults"
diff --git a/config/pipelines/defaults.yaml b/config/pipelines/defaults.yaml
deleted file mode 100644
index 3eb81db6..00000000
--- a/config/pipelines/defaults.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-ci_provisioning_role_arn: "arn:aws:iam::%{hiera('rdm_management_account_id')}:role/cross-account-admin-role"
-ci_deployment_type: "%{ci_deployment_type}"
-ci_deployment_label: "%{ci_deployment_label}"
-
-development_plutonium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-development_plutonium_deployment_type: "bsn-development"
-development_plutonium_deployment_label: "plutonium"
-
-demo_mendelevium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role"
-demo_mendelevium_deployment_type: "bsn-demo"
-demo_mendelevium_deployment_label: "mendelevium"
-
-production_oganesson_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_production_lutetium_account_id')}:role/cross-account-admin-role"
-production_oganesson_deployment_type: "bsn-production"
-production_oganesson_deployment_label: "oganesson"
diff --git a/config/roles/bootstrap.yaml b/config/roles/bootstrap.yaml
deleted file mode 100644
index 68a22522..00000000
--- a/config/roles/bootstrap.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  storage_bucket_name: "%{hiera('storage_bucket_name')}"
-
-  allowed_account_ids: "%{hiera('storage_bucket_allowed_account_ids')}"
diff --git a/config/roles/builder-pipeline.yaml b/config/roles/builder-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/builder-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/database.yaml b/config/roles/database.yaml
deleted file mode 100644
index bb7e2271..00000000
--- a/config/roles/database.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  mongodb_atlas_organization_id: "%{hiera('mongodb_atlas_organization_id')}"
-  mongodb_atlas_public_key: "%{hiera('mongodb_atlas_public_key')}"
-  mongodb_atlas_private_key: "%{hiera('mongodb_atlas_private_key')}"
-
-  database_version: "%{hiera('database_version')}"
-  database_instance_size_name: "%{hiera('database_instance_size_name')}"
-  database_service_user_username: "%{hiera('database_service_user_username')}"
-  database_service_user_password: "%{hiera('database_service_user_password')}"
-  database_read_only_user_username: "%{hiera('database_read_only_user_username')}"
-  database_read_only_user_password: "%{hiera('database_read_only_user_password')}"
-  database_allow_cidrs: "%{hiera('database_allow_cidrs')}"
-
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_key: "%{hiera('network_state_key')}"
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-
-backend_config:
-  bucket: "%{hiera('database_state_bucket_name')}"
-  key: "%{hiera('database_state_key')}"
-  region: "%{hiera('database_state_bucket_region')}"
-  encrypt: "%{hiera('database_state_bucket_is_encrypted')}"
diff --git a/config/roles/demo-pipeline.yaml b/config/roles/demo-pipeline.yaml
deleted file mode 100644
index 7996eb63..00000000
--- a/config/roles/demo-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  demo_mendelevium_provisioning_role_arn: "%{hiera('demo_mendelevium_provisioning_role_arn')}"
-  demo_mendelevium_deployment_type: "%{hiera('demo_mendelevium_deployment_type')}"
-  demo_mendelevium_deployment_label: "%{hiera('demo_mendelevium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/develop-pipeline.yaml b/config/roles/develop-pipeline.yaml
deleted file mode 100644
index 3b73acd7..00000000
--- a/config/roles/develop-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  development_plutonium_provisioning_role_arn: "%{hiera('development_plutonium_provisioning_role_arn')}"
-  development_plutonium_deployment_type: "%{hiera('development_plutonium_deployment_type')}"
-  development_plutonium_deployment_label: "%{hiera('development_plutonium_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/roles/functions.yaml b/config/roles/functions.yaml
deleted file mode 100644
index 767a80b1..00000000
--- a/config/roles/functions.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  cashier_address: "%{hiera('cashier_address')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-  executor_secret: "%{hiera('executor_secret')}"
-  etherscan_apikey: "%{hiera('etherscan_apikey')}"
-  infura_apikey: "%{hiera('infura_apikey')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('functions_state_bucket_region')}"
-  bucket: "%{hiera('functions_state_bucket_name')}"
-  encrypt: "%{hiera('functions_state_bucket_is_encrypted')}"
-  key: "%{hiera('functions_state_key')}"
diff --git a/config/roles/image-repository.yaml b/config/roles/image-repository.yaml
deleted file mode 100644
index 4b05dc4a..00000000
--- a/config/roles/image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('image_repository_state_bucket_name')}"
-  key: "%{hiera('image_repository_state_key')}"
-  region: "%{hiera('image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/image-storage-bucket.yaml b/config/roles/image-storage-bucket.yaml
deleted file mode 100644
index dfd1570c..00000000
--- a/config/roles/image-storage-bucket.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  deployment_type: "%{deployment_type}"
-  deployment_label: "%{deployment_label}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  image_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-  image_storage_user_name: "%{hiera('image_storage_user_name')}"
-  image_storage_user_public_gpg_key_path: "%{hiera('image_storage_user_public_gpg_key_path')}"
-
-backend_config:
-  bucket: "%{hiera('image_storage_bucket_state_bucket_name')}"
-  key: "%{hiera('image_storage_bucket_state_key')}"
-  region: "%{hiera('image_storage_bucket_state_bucket_region')}"
-  encrypt: "%{hiera('image_storage_bucket_state_bucket_is_encrypted')}"
diff --git a/config/roles/integration-tests.yaml b/config/roles/integration-tests.yaml
deleted file mode 100644
index 90a94ada..00000000
--- a/config/roles/integration-tests.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-environment:
-  AWS_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-  AWS_REGION: "%{hiera('region')}"
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  GCP_IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('gcp_image_upload_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/keepers-image-repository.yaml b/config/roles/keepers-image-repository.yaml
deleted file mode 100644
index ef38598a..00000000
--- a/config/roles/keepers-image-repository.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-
-  repository_name: "%{hiera('keepers_image_repository_name')}"
-
-  allowed_role_arns: "%{hiera('keepers_image_repository_allowed_role_arns')}"
-
-backend_config:
-  bucket: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  key: "%{hiera('keepers_image_repository_state_key')}"
-  region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  encrypt: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
diff --git a/config/roles/keepers-service.yaml b/config/roles/keepers-service.yaml
deleted file mode 100644
index b22ab5e3..00000000
--- a/config/roles/keepers-service.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "keepers"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 1
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "keepers"
-  container_http_port: "3001"
-
-  token_contact_address: "%{hiera('token_contact_address')}"
-  boson_router_contact_address: "%{hiera('boson_router_contact_address')}"
-  voucher_kernel_address: "%{hiera('voucher_kernel_address')}"
-  alchemy_url: "%{hiera('alchemy_url')}"
-  gcloud_keepers_secret: "%{hiera('gcloud_keepers_secret')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('keepers_image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('keepers_image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('keepers_image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('keepers_image_repository_state_key')}"
-
-  service_state_bucket_region: "%{hiera('service_state_bucket_region')}"
-  service_state_bucket_name: "%{hiera('service_state_bucket_name')}"
-  service_state_bucket_is_encrypted: "%{hiera('service_state_bucket_is_encrypted')}"
-  service_state_key: "%{hiera('service_state_key')}"
-
-backend_config:
-  region: "%{hiera('keepers_service_state_bucket_region')}"
-  bucket: "%{hiera('keepers_service_state_bucket_name')}"
-  encrypt: "%{hiera('keepers_service_state_bucket_is_encrypted')}"
-  key: "%{hiera('keepers_service_state_key')}"
diff --git a/config/roles/local-app.yaml b/config/roles/local-app.yaml
deleted file mode 100644
index ee8ffcda..00000000
--- a/config/roles/local-app.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-environment:
-  PORT: "%{hiera('app_port')}"
-
-  DB_CONNECTION_STRING: "mongodb://localhost:%{hiera('database_port')}"
-  DB_NAME: "api"
-  DB_USERNAME: "%{hiera('database_username')}"
-  DB_PASSWORD: "%{hiera('database_password')}"
-
-  TOKEN_SECRET: "%{hiera('token_secret')}"
-  GCLOUD_SECRET: "%{hiera('gcloud_secret')}"
-
-  AWS_ACCESS_KEY_ID: "%{hiera('aws_image_storage_user_access_key_id')}"
-  AWS_SECRET_ACCESS_KEY: "%{hiera('aws_image_storage_user_secret_access_key')}"
-
-  IMAGE_UPLOAD_STORAGE_ENGINE: "%{hiera('image_upload_storage_engine')}"
-  IMAGE_UPLOAD_STORAGE_BUCKET_NAME: "%{hiera('image_storage_bucket_name')}"
-
-  GOOGLE_APPLICATION_CREDENTIALS: "%{hiera('google_application_credentials')}"
diff --git a/config/roles/pr-pipeline.yaml b/config/roles/pr-pipeline.yaml
deleted file mode 100644
index f7cb38c5..00000000
--- a/config/roles/pr-pipeline.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-vars:
-  source_repository_name: "%{hiera('source_repository_name')}"
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
\ No newline at end of file
diff --git a/config/roles/service.yaml b/config/roles/service.yaml
deleted file mode 100644
index 8748d710..00000000
--- a/config/roles/service.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
----
-vars:
-  region: "%{hiera('region')}"
-  component: "%{hiera('component')}"
-  deployment_identifier: "%{hiera('deployment_identifier')}"
-
-  service_desired_count: 3
-
-  secrets_bucket_name: "%{hiera('secrets_bucket_name')}"
-
-  version_number: "%{hiera('version_number')}"
-
-  service_name: "reference-backend"
-  container_http_port: "3000"
-  host_http_port: "3000"
-
-  token_secret: "%{hiera('token_secret')}"
-  gcloud_secret: "%{hiera('gcloud_secret')}"
-
-  image_upload_storage_engine: "%{hiera('image_upload_storage_engine')}"
-  image_upload_storage_bucket_name: "%{hiera('image_storage_bucket_name')}"
-
-  superadmin_username: "%{hiera('superadmin_username')}"
-  superadmin_password: "%{hiera('superadmin_password')}"
-
-  database_username: "%{hiera('database_username')}"
-  database_password: "%{hiera('database_password')}"
-  database_name: "%{hiera('database_name')}"
-
-  domain_state_bucket_region: "%{hiera('domain_state_bucket_region')}"
-  domain_state_bucket_name: "%{hiera('domain_state_bucket_name')}"
-  domain_state_bucket_is_encrypted: "%{hiera('domain_state_bucket_is_encrypted')}"
-  domain_state_key: "%{hiera('domain_state_key')}"
-
-  network_state_bucket_region: "%{hiera('network_state_bucket_region')}"
-  network_state_bucket_name: "%{hiera('network_state_bucket_name')}"
-  network_state_bucket_is_encrypted: "%{hiera('network_state_bucket_is_encrypted')}"
-  network_state_key: "%{hiera('network_state_key')}"
-
-  database_state_bucket_name: "%{hiera('database_state_bucket_name')}"
-  database_state_key: "%{hiera('database_state_key')}"
-  database_state_bucket_region: "%{hiera('database_state_bucket_region')}"
-  database_state_bucket_is_encrypted: "%{hiera('database_state_bucket_is_encrypted')}"
-
-  cluster_state_bucket_region: "%{hiera('cluster_state_bucket_region')}"
-  cluster_state_bucket_name: "%{hiera('cluster_state_bucket_name')}"
-  cluster_state_bucket_is_encrypted: "%{hiera('cluster_state_bucket_is_encrypted')}"
-  cluster_state_key: "%{hiera('cluster_state_key')}"
-
-  image_repository_state_bucket_region: "%{hiera('image_repository_state_bucket_region')}"
-  image_repository_state_bucket_name: "%{hiera('image_repository_state_bucket_name')}"
-  image_repository_state_bucket_is_encrypted: "%{hiera('image_repository_state_bucket_is_encrypted')}"
-  image_repository_state_key: "%{hiera('image_repository_state_key')}"
-
-backend_config:
-  region: "%{hiera('service_state_bucket_region')}"
-  bucket: "%{hiera('service_state_bucket_name')}"
-  encrypt: "%{hiera('service_state_bucket_is_encrypted')}"
-  key: "%{hiera('service_state_key')}"
diff --git a/config/roles/tag-pipeline.yaml b/config/roles/tag-pipeline.yaml
deleted file mode 100644
index 9b5a221c..00000000
--- a/config/roles/tag-pipeline.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-vars:
-  source_repository_url: "%{hiera('source_repository_url')}"
-  source_repository_branch: "%{hiera('source_repository_branch')}"
-
-  app_image_repository_url: "%{hiera('app_image_repository_url')}"
-  keepers_image_repository_url: "%{hiera('keepers_image_repository_url')}"
-  node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}"
-
-  storage_bucket_name: "%{hiera('ci_storage_bucket_name')}"
-  storage_bucket_region: "%{hiera('ci_storage_bucket_region')}"
-  storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}"
-
-  ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}"
-  ci_deployment_type: "%{hiera('ci_deployment_type')}"
-  ci_deployment_label: "%{hiera('ci_deployment_label')}"
-
-  production_oganesson_provisioning_role_arn: "%{hiera('production_oganesson_provisioning_role_arn')}"
-  production_oganesson_deployment_type: "%{hiera('production_oganesson_deployment_type')}"
-  production_oganesson_deployment_label: "%{hiera('production_oganesson_deployment_label')}"
-
-  slack_success_channel: "#builds"
-  slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:."
-  slack_error_channel: "#engineering"
-  slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:."
-  slack_failure_channel: "#engineering"
-  slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:."
-  slack_abort_channel: "#engineering"
-  slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:."
diff --git a/config/secrets/.unlocked b/config/secrets/.unlocked
deleted file mode 100644
index 08384ac39ab520e9b92da6ef7aee1fe3f558cdd9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 27
icmZQ@_Y83kiVO&0uz%<8<}_y|cW^=Tq}~>>nQsAksR~d4

diff --git a/config/secrets/app/bsn-demo-mendelevium.yaml b/config/secrets/app/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 3a61ab1bb685dbfe235d1e470584cce0b1564020..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`0H-w=XU_DCy}G%;J;c|sxA~B}(L_td{9xhy`ddhkXJooy
zMr?qQ80jgUelFQuq`OdE+FkVo644$z!a~*I&Y`;#tF)!JK4x;4vjVT`;|(s_HScRb
z%?X1Pi;b9pxd5iu)%flAevfg6t6uBb0_3w)M}~^2&M>)oNk&uQEH#zRiI-{~*b@>;
zWTa5l7BUi!R$VjRkBA9z3&kxcRCzi7I9FNQ&nD)d@$3E+PjbIC!Hbg5bR~vlE8D`;
zo?Tx!mM{$sKp4(nhS5T(L;z&nRznytf^nS;pq6}QPT9%lb^k5j48=TF9LVgy@6zMD
zkmX5gj-KMeh~L(Bjc|s%y;z;{Ny7CuQcahEHT1uK(jM?EsYh{U8S7?l!6nV~kFV2i
zCV;ku2$YC%a<gA;*Se`&w`L~edgf|Ya!v+0{v|dh93R}Y{!h+)F$7EwYPIa!KATo#
z?oi}2>vkZRP!7eONi!QzjDI^ZaJ5i79;9$pFj*V?%WXj|OMxU$(aDezMO5bSi1aLA
zy3Nr{_Cp7NXM2k<0N4P56lIB~j2=2D4eSKr4^a8&sjOAH>_-@E7%t1}Zig`bJ;JDA
zeRu{&`2YKv(Lc}j4hV2>%?wMWd@9-J3HYO1OSxkLxXWp__SlyV*RS^pp1whf2ziJ$
zz4aKBciCX-dr;K0L9F2*&ehq?O}RVoTO`3S$}yNoOJT)OvzXN-X<=NxJy~th*R})F
z{6TC+no6_CBC5C`uSu6ug>k9H{kdGM5Cn-bg71N?ur&k&;zG81zR9Hd%;+fvc<wx`
zM|J*5l2Nl!25gYC>Y6IpJEg&i!4Q`5JNAhqWQ<bN!6mNDD%y`zkH$=12byA5x&B+?
zf$m^Yu#fuF-4UOUQ%*q7%2Ajqg@6gN(q~kYx)D4|qKrP#c6K-onpAS$oDb&m_=~lT
zq;;RWvISoyr;(l_E<GXLJOq?ZMhv_QMXoyesjY%^9H$*cp=TC+a$@xZ`#Xs@#Ddif
n18ONtuT)BaQowSkHN_1;EA}U<$4CPMn4QDazL79UqDH}ozfqHf

diff --git a/config/secrets/app/bsn-development-plutonium.yaml b/config/secrets/app/bsn-development-plutonium.yaml
deleted file mode 100644
index 35e25dd6782565a3c23a623eff1a83d864eeb10a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`03(R!8+*n5O-n!aDhc)yrDGO<SBt){-3Rj5MDN=>@=H4z
zmhs1F-ChBS2)1+a32cIl(Swk`cj7rY21y8dex#^6&M^iGF|JXtRH_-{X4g3o_vIeK
zWW%SQ!GA36$Am;-;Nte!F!9X$<yyQ4eI)yARKCb;jeUO<3Zs_A^-1?BZ4wFPKZ6Sl
z7Wp)%VOoLYvnY6C=Q2*_Y}c7KFTXD<)*E1f@8s>6I-E+ZX$}Tq7r(6Pd_lB}XABu{
z<%mDJexc@H>n*UoeGYl+WodQvl3kLYYT3BrTso`Uw(WVk?~bLLfG|=(gqL^fpU`Xd
zuNk1gD?wSzc_?Bw?a~IJ9Aub_#1f+%s*owISRldTIUPD8&WsE6>W0c!_83>hIqI~n
zzIkEk`KAkC;WZk5F<Z7dd7`|f*VpK<9O_G0&@rwQyNL?8l&d;V;yeCiZUcNx_QydD
zC;S?F*9*OxGDL63#i>K<p@n$*AG|SqUU~{?0_9KIJ_6p`SHclZq7|V5AzOd8n=h7%
z!*s05`m}suRp}8A-bO=R(9-^XnvU}VJyG%89MbF$u!{EARTOLZD~xeg1q*-*mbmuO
z=6^0@yA&h6Cl<tZS<=E@i!kHIQdtC{UlYxtvH28(A@;Wd71v%qK`(6A$S_H~8)<Kf
zOj1m0jzd+Ps2KG%KC)7~TSK+$X#cFu982}D__I|(tk`>4>p#~(z*Y!@@lh1YaekA)
z7(=3LPBm2TI2c~oztajr9itFo!K$k(BYR#FnYjaaM<n<1oCy1LD|)g}Km&KmX6Y?w
z98=I|{p*7crX#>?HS#k}Lr1&TZoKVB-KT8j05-`w;U#+Si|e-5yw=LsbRfGb8tM({
z{M(O!X`d{1OI5bT1R127lKs)^Ct}9$rW&d{HGD%+2VcL&uUoDAYTDy*2-V{^&$O+w
zP-&T~Qqm!hO%B<iD4G6q4*2LAdeXbBTGIRf`$v0p5SuI|7Q9!h=+F-BwaY41%2itu
nd)CZf@L)8Zu5G(NO08!rwqw4)xU=NX9Jfg>RvEA$Psg;5QZtsf

diff --git a/config/secrets/app/bsn-production-oganesson.yaml b/config/secrets/app/bsn-production-oganesson.yaml
deleted file mode 100644
index 557dcde7dc6ff35ca819dc45ddb4c4d63b3a097a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 809
zcmV+^1J?WiM@dveQdv+`0J#{mv^1TkE0-Lje_rq@oh!#*yry%1Rs<b9x_zua<fC5c
zR~~mqUreg>voz|uH2~yB2F|y~jW0(C^DC8q)o12BTLLYK{r)N+nk6`%vK6rw(-{HS
zONILo;Dj89^-~pGM-Qv3&^pLszWcq5_SPw=U?Us0Mw`j2y+7$0f@F9ubIS+DrlSC)
zT<Um?tx+;LUiP(J{1`yzBH{4v)G61-ka82S<fWi>KAOA7o>{Udm8QO&0_my*E_ox@
zLq8eP@HXnE<2-dwB5(ysswbzv?H)RnaG|YqW$n82uP|nZcu-guo)2pP&Hvd&<qAve
z8GH$?xouGZt`OK%41>$NX-{P~MrYA^$LBr&QIN&(Fc_+vdP{&Gc4zZSr&34HVSBPn
z#u6=HEYJ?LY-*>+5m3f9L?*>hH|uGdkjIt_Q00@mbnN!(nC4T0ze)BWZg2*olwiG!
zA4}Ao1DRp|yfXcu4ebQ?5RsH^aK8<8Rt~tX9iZ9hDS3E_OjLJ|w{}tyC#gJenI#KS
zP>%cFtRqso1z;T>q0PYmg{acll_XW|d$o_*I?caP!Tw>UaU<v&O{S0MSDE-FKQ48&
z=<up6;Y1YEyyY+JgV^$`=PNS?M?Qj=7_s{gbA7mxm|@9tm0-}dNqw+?9)K=TVmj3Y
zql9$NgvL9PlS-M{doyvGF~aH|-Di@=$CSme&KQ%Sb@s_mk~!ZAIXTeaQJxF>fRxYS
z86Xm_!IWLR7e?aFDC1v)wKnd@Oz`aVDtl6^XRdnO<=010q-viDwiSr{g*t3?ihC8%
z5b%vbNVOaplzM_QbK>UF8Vvs(#7aFjL!Vrm7|Dxu@suHt4sdxF5{J?sVVs+BH@sxH
z4gsK+WUGj}5a|r>Y>{;eB_&roC;UFra46nz{>?cgt-xPX+f{uQ)6Xsgn+f*I@lJsN
z61N=<^-e%VhT?s_;0wJ|BLs*qpAj2~o{;yY3CiZI=@N@~?zq1gF?MKpD-*m9lhhb%
n4edD7ht=>>w%e#z9*n+%(+T3u8_RzBRTW^Zg#|AJBFccegQ|^P

diff --git a/config/secrets/app/gpg.passphrase b/config/secrets/app/gpg.passphrase
deleted file mode 100644
index 2a40252d4a98137a333056efcd409d7e604cf188..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 70
zcmV-M0J;AFM@dveQdv+`0Bc%=X-iG8;r0D|%gj>gkZwNaxblIs4`~P6?V;+e3-8Ty
c1{XO3kaex=D7kbsu!X^yl@v4_BmbT<jF*2Q&;S4c

diff --git a/config/secrets/app/gpg.private b/config/secrets/app/gpg.private
deleted file mode 100644
index 40f5c37ac914bc79f5e1ffc98ebc667b0cc43316..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2993
zcmV;i3r_R^M@dveQdv+`00IM$X)KkBcEB!@wv146^*Vm_x1nf1yyAz$;(!Yl;fyyC
z>uf3PBnRw4-bJxhMkO2S&E^ZuBM@jRcz}78w2tS_XIfoY8S5dW_Ig5<)NfJIawuRm
zcm;v%lfAm5rfyTxA;NF1q47%yB0jpV4=c8hJ2CH}On{<b`zINHdotW)Q(3Gxc6}r6
zRqi;`j;oprfquS1)B%Dpg#lk$#m(q3fX*~zZE>Ol+%&7MYr8euQ5jjP1ES6?AhU?=
zJg)$`YCcowXg^#4jCj&+n?yu{$H7|e0ssl%-~`Z7PEU{+Tj|>cg))*XK{Jv`u;(4r
zobC0!D_J6(s6+O%R#qI5Cp3doPE+_xHxqx%4D#2Wo{EZaNh(ir-nEv+&X{eMMSPWS
zcVyQED~Q76AIeUYmyHfB$+rAozNl5f#kI4B(>H$>{vZ2n#wT?`5yuZRw7GK*J9T0m
zI(~XtbNN;JBXdydr38Fr=FY;6Oy2$CQEpX@O7QN9IcudaY<be(Kv%WlV(<5lUdb~|
z&PIdf;b40umfN+Yk>-nOA~Z6+$yoYZU}YrPiaSF8+YR6os9vSuI-#}wStA85xKqrO
zbdWZK+!I!PPCr}bJ+cwkHfF%RXC7ez)Y}@*U>?t5*%Z=?G@mQQ64S<~O=d9)AkHW`
zIcaDa-un5(Cy*4?f?J>76EZg;oaYhIvhH9TldA_IBrG{hrJbm>`X@f16N=%;>LSl&
z7=E<0In_h81-KarScSquc!7dByAPTehwOekd^k}^^~2veMjSG<O9%GrBh(g3vG`pt
zpNUGRIWnjXSgemAa5z6jaRnqMJPIJ9{uph5?e4O%K-A~h5^WzPXxe<dSY+ONH}G;h
zMRLZi#830B*~ufx4wa{GimUP`Ri_HKX2~WC1}#t)s@t&^$<sGyq%uR-#nl5wg->k|
zGOG0i3a8+LU&=>6uQKkg5NuxyqwaCPCA4slq1(t<DKqto_dK56(UPflmg_cU;Os~g
zeuTJTByh335~B@L7ELTo57cWSUqMRYuT`?PYnVDB%O}1ex4|@TsBFC}2Z$rj6izuN
zAE8F*o435KYyegPeXSYf7f1NJn{pw!QJCQ)O(ryOZECicFTc<YiL%*Jc}3soMXGoL
zB26{-@AC@AUb-_bIVm!0DNyr41QJc#tT6<h5C?Q&PSn*WVR-ZzEHL*MNb$vi;b_e%
za{{7LnX6Gj0~~je2A*0Z6?kaGEcBTc;b9|lsd*XI(p~eGIw0x5+e_L7;mp0Aa49mr
zhAbil6^J~ERAfDN!0UQdom(TN^p_x1O;!R<vE)oEvDR9N5+v{cnrP;jQ_McX9gdr`
z8+W~m7_o5Z5o7ITidvI;TL?j-8<KR9FyN$_i->g#3;IC_9%900NgU)><g7kbbW-jG
z-loH{>&w*|8LGh!Nu~>x^iLtrdmu@@z5lC_iQUd#y=UQ))6W#%vY(_%ysJWC?@^N_
zRQ<D^vUwT*h&}?Ryfv!Avc9C{x|LbL%75?{+9nF|2iWV;p=+RXFGZ71A~1x_Y>#zX
zLF4?EHZgIM0z`w^n7dROa~L1x12@=+X=EHEqm(9M!9T=986;x`<rI(J+vHp}GpuH9
zrRaMSLNO@Qs*5te&t`w+%-R}I!F-o7`>LUtr;-v+3l+e-)o1!c1CkGHDZc7E{1*cQ
zBu<j*`T^jFM2x8LhRa*4$9^Z$nj1$gS0S5ozYMT9PT7f<#gQFbcFl?n@!V_t(ffe6
z&B%SU*>4W_J>nyKb)X~rW1_X4N$(N@5)jfDLJL<Yfgck2ByBH1UdgE__eOSYN8AQJ
z3!XrNg*xsyT%;)&Wk_y}@>~SOrr{7u+)`{5!(q+Vt4zQ(u}`l1E(U)Qg2WjCI7Do!
z9XWM=G%QzT;E<*1&gHhKtA0A%<TulLbTwvhc>n)Cj1Yu|;N!I4<Ht&n6dCJ2=F}n5
zyzb?I@3Ey7!e(R%&Ulws1nN@z!yZNvw|gkb8X!n-6Jd=R>Azu2hC{)a{vKZR3|ZeZ
z#%!79KnW%WiV$KJc#tvBdWFOd&w8n~WGoNBsqXU+4AKQ}H&^f)YX3X|IW!?e;-KWR
z@L{F-Hw0N@$g+e<%!SZGP8E?Pk(qykn4vHTpMG|L5CBnv!5$7Tx}w^h=}at^+3-`z
z5nuVXCh9t*K&HmLO=5<YFsJ53#r$~Rd;9uGH6xRuTfh~Qr4UcGeo_nf*^e7Wotu!w
zbyEA=DAe`9YU3&VhA7WMB}1DhCXJ6rEPOy9_#U4Sc==Gdc3Z^ZGJ+?|T)q1ZES!xm
zb)Z2Cm*Ka}YHLADy^-h1Ikx7&&!-!vCo?JEFF?9v5rFN@e5=2X8QY<P&NTqA+qmmq
z6Vo72wCX00bxQ5VgYtz~HZ<X;TW^4bqPs*NSGY6_RJe1A<maar9H~SP7xh~l%e6!M
z50|OD8AKEsM1B`;C=b5R5<$l|R{Qo;wQUYe&ygKO^r|7f7l?-LHWOdD_7LFI^I)hA
zOtU3ye&8s!ni9HjK9bOMjqxNOyYG<~{ytIn72PxgESSq2Z0wGwLwC7>XY@(e8D1-Y
zl_q6GC2mT9idZEwRUM8Q;x}(){<Kh!lKh#r&~pv`Ad>T#C@qaEJ7R8U!y&{-JZ)7}
z7~A4QFH37!lF^qbbmCugH(oDBenqnzdYxAHHphRo?$cJy-Glo$kEOz(RMURG#486X
zmzrYEodv@{6Cp0_&+BMrfPgN2L+PFP2`4rpW32H7sy>V@PjkXK(RQin;43*5(#Ofw
zT5r?p?3e)BHN1$)I+O<Ad&n$NVw)bv|Mr6`F()|<5Z`nt<#EMXt;3{SNs-SB9f9ax
z49*MBEJkp)mlM1XU^Rn(gorLU2X958VLXAI16+Y|g6caH5LuBz9Wk=r66(ehceZp?
zQxJ{+9gS0+)UzCtU-?WN3L3I#kntdVE?R4NiQ!H#8fqSx+?f5k%jCp?FsWNX1vEmS
zufARB^c|im+;Uyd<zm<n!b!^xL#RBFK0lAhc3f{GY&g^zrqaK16$ZFM5W7n;;Ncbs
zR^?*U17J`<l}{vr`_Mf?e*{PcB{;8)@G9vQ_CbH{iZ(R{RcW(BB3`Q?+*=II1GZh}
zN1>#;A+pzFSY<=TbC9j_C0h@oQ-aC}y>Q;4&4=a`8Sr>R-)J9R1?fQlRFGyp%A%E*
zU=krh)ZUfL7DAWyW|{!aR%_y7cPGMTQF?I!`4Jm;r38!-jW7N1#2#?6e1o`DaoeWa
zZ{)l)aW-%u`8aES7)Ng5=@!iACyEQVpH)EAJQ%IOGqDAh^G_5(G(9jM94I*`50fp<
zYIb;x;>S%iP^e7qi{E1l*IH0j+K=-nkXM}%+vl)2v~%U{jY>uW_GlCE3Svt^cL7#_
z^Ym+$E&U=O9^QSe&AnHU3~99<EqJ#--=lnNX3dX}{?<^^g)jU{z%@Obp!Gb*G*>m2
zip!ZEHtR8uA;N{iMa%%Jyuc`l0j&q|38^+*p0`rxEwExr<KJ%!&qAy+ixt)imV|zW
zbwT<{X=1Bf<JU;>ScSZ8HN~{8jRIGb{q0AphfKoVw^{7~4yjhBx<oEKkM}o=9H+?N
z=8{2LAiV^P`dUq102pE%7<rNjb(5O=BxLu{m<9(&0Sg43tGOL&f1SM~A0mQ=fYWu%
z)?nxp{@0PPsl-IdE0S!D=9kn?z|^M;NoKR*DcFjH|NKyH_7wWPIMN@?So;Y#?nnN?
zZ{Le^;GsfgWpnId7WB(;AN%RV?;&$R6>dZmgG+qG!6f4-WB#FZJ1zwa*pR{2l#X_(
z-6U2R1K;mlpT-@0JSKvtaV*z`fN`aof%&_GBI7=%gR_CDQQ-egr395KcDkcFP{eVk
n_L+AM*nG0zj&PAdje3z|Zh=+DjCA>D05S?_<rcJZv|E2!Dk`4B

diff --git a/config/secrets/app/gpg.public b/config/secrets/app/gpg.public
deleted file mode 100644
index 147ffc34c8b3814bf5ddd7acc452b4117db257f8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1599
zcmV-F2Eh3MM@dveQdv+`0Bdl0=B@s`)W?a6;N2NxpK7Mc5%%{pl-RI{OkD!dR&X;g
z5p5bVyjtS=2X=j0W7Vi;aIsYq1%uaCIO*#BNSOT$Vq-%cbA^TV;Rmwc(U1=*%xOUW
z!)Vi;zL79&lF;6rU-bdq-2!Xjwnx1g-ZKz;4d}V^!UcjL5HSyU&CgVGSy5)>)f!IW
zVd%)LodUjUB2d=Ud(Oc?m$#$5@6b;J298r|i?HhpR*K6tU+imHOo-((gAhooGnvrA
z?5~u-s0OX!{98g#Ar>85U`~91d{s1uFRvY<>zf`oV!K{E(}=Gw)l;8M+#UfANWsFv
z7Xj4)F^K)-Sl7c0&&4gnneR1+lxb`EaIE@QY{#3%d#z*8${fHt99sc<?fey}UK!q%
z>*W^Y5~$HqfEg9St$!FAWXlN%WT|x&Zr$*r0SAdE_IJ9i?f_u@3$$Wt!_giP7S3w;
zi6!ugsC&l&y5!`1@vnT|3{$U!06I?q`bmHdA}&qi69n@#VqHC}A|lA6OTAhx4p8iz
zTkh0k12Y=4NQFi4%F_A7$2D@I&EZ}^S}^^I*Pdw(Jd(yK=%lC~e#sO}Hjv$6fityj
zWIs<<@W;tyC{DWFV-(GOSY@#=Xi&+e9?A$P)xr^Za5|Js)lzS~Xa58{h%aq}zCOxR
z1Pf`1XbB|PGR0d_tjSb!?F~cD>Ij=BW5_-8QZ0nmGJ`4^b<<!n>AE$nri#G<C#a$A
zfrQs+Dv>xp9eLU0qA=7Di~qeEl)k4{370|d=*%BjbiG`<xazhIW0gyG6C}&)Of{VC
z1UMs_4>HjNtVv8YaG9=<U}m}u%Sc0cgFVCqF)y%#CTr%P-Yxj@(sHd|qkOAWSNa~I
z(=~h`8)9XEuVw9hW<8dcqGG2<&bf4S74$KNj?~VS6&52nc1+)Huk(5S!ocXO5{E;K
z9r!{p{fn+_>ni3cjVmfc2B)RCzMwBUw4s%3rf!wr&;vX^YMv;awj;Z`4B8A~QAy+l
zAB;*yk`X@q9KR+wTEsGkeDl{J8coF{Q(|D{39~BHC{+3Xifs=snGC1|^KE5lw;iDY
zvkcry7ClG&g_AF9dm_8=0c>9kM<ghpjvwK*Q#%E?A&Zdb^USS<*UQ!s>-bvESwfcc
zg_a);K^wPtj!oWm?c(98X6v@;mS$qjN3mK!=fB`f6re*t5^#?E0>)QIH692R5(!%t
z83Cf3LnOXoEVSHtN$PZe!94g{sel1|uacK}=VNqV5@h@#0(?nHc7TtRFXSz3$T05U
z>SRz5(4~*I2XV7xEGZXbdc~*%4T4}cw^r_*c+&X|Tg%X}s_ZZ#+uu<I1fYy=MFq}9
z+;zq)Bom@gJ|I=)Ui+k4B)ZNQS0I?<4TZhM^)@rl@R*U1$6IpEjj0F`d2&V&NN2dq
z=NUO%N&cmQ8^o{Vg4)z;J};2h`?fbgW!mHoTu+IR8zHTiSD)*<tegO7yi1m|8fvuN
zt@SLiO(Cw>?JoD}%Kg27jwijrEN8BkVY^e*Fw+MMy0ru?DA73^{H*HviA)1vOxho&
zJ8ciH2^hfPv;)r;>Z(#Td3!}=Q9XI<K{r^P@ZJACLltxS+8*&oHWuz+!wou3aWviX
zk>sR(aeSB*AWIbC4ymWwLkRQN-~Zu_5W!m3W<oORDEnuf4cSmk)zTfe)Gj)kl~t^u
zNBoUDExNyH!BZ4G-A=&mnq8q^Z(=IqFxWdljAauOk1j$X+(TbqtL3FyC9Meu<R?YI
z&9K*{Mbpk5?V{VVjuA!C2Hg;c=~-Pz20tM;yYlJe=5RLNMin+(BS8~^8f7}wK907A
zgYz|zD}^p27s;LHt}J)Ky!4NGkTvA}$bUD`qiLbohEYOui_3``u}sjSoorQl$fNj(
zRRV8D+?y)9Oi)~>;{I`*<h>NfUBM|(_5238wx%TdPF5oN_!NK${t+M?@9`xZ#Dt0=
z+}kEWEmqC#)0hB?!BSP2dL@0gYJ)+#pX`usWXa;SF^LXvAIXojZB<g)D9oh@u!9!j
x`w|4a7(kNr$EZ=X|FT?w=F$i<HJ5i>Q~HKzm6hw`>oI9ufBBqS6{~|ws-2B&4n+U}

diff --git a/config/secrets/app/local-development.yaml b/config/secrets/app/local-development.yaml
deleted file mode 100644
index f0cbcbbfc183257b4caf236c126fa40cc6366fcf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`05S}F?X-gNGzmpx9pKm}&v}BAxye9cl`LlkdIZXU>{^8K
z8d0&JqjkYs6KWwEga5Vh7JJV%e;A5(87z}X4sGR1pi?8DpbE@MDEB_Y83j%zhDK!E
z?-g^41$Q~hc$8zL+WSrhN`&!g1M8dykdolt8Vd@Oj&|8VwBB-*-pici8WnO8PjE17
zmRjW2^M!aFNWn~#Al+V*M&|dT=O;DJvI1W|lmSzU?yRH-U4Tc^Dr~dkNgQ#L5Y;s>
q#t2MF8K}Heay^lZwZ}P`gZUqe@Pc{gHS#bfsmBCDoJI!sDDkg<pKh@L

diff --git a/config/secrets/app/local-testing.yaml b/config/secrets/app/local-testing.yaml
deleted file mode 100644
index 66d2375a33f83ccd229cef193ed984c1000401e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`03TAWuDVdlo9JO>3`s~~CbqlvCm^F5g)%eomv|;$%dLg$
z<6|OQ`k$|RBp68wq-VDCS6&K;P4|Li(c@l(ZM+x&i+S<+VPKWn+-(+j9YYq)MguWI
zagGE!!rBiKzeJcI-Dksf=WvYc*7ovq`VNqUXD?m)|3<>na#{tGJ?rpP0eXe87Xu*e
z4o-%G(JvgM?g67z(Cq~sBJ9O^&vmN=?0)Hj_hTUao4mqBuq7JYV(S<D@l?2FR}Hpu
qC<gUXT4lm%DSE!EX%{$?t2d}lJH>f!<j3Uo3HVK!j&wgipNX}@zjP`9

diff --git a/config/secrets/database/bsn-demo-mendelevium.yaml b/config/secrets/database/bsn-demo-mendelevium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-development-plutonium.yaml b/config/secrets/database/bsn-development-plutonium.yaml
deleted file mode 100644
index 45db43bcc98d2f09c9d63f821cfd43d940f37716..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QED4Y$EM{*IM|f;c87#h`8I2_%sM%N02_PEBG*opBJp9
zKKxfvJ9YoNhXw=BC8`4Uf+_Y+NdPG7+{p*bT@UL3sJ|h_C|7Q3{ZSv<6G8O$tUNM&
zD3n3eFxS>qbbau4;D53pzLH?~;VC2-Aahy#s18nEWO_EMW#dC2B@q%4t05J+J}e?F
zyo5NCc(+=>9w(>;O#{pVth3*`N7#18iP}K?AP~k(6Dn64j+m9?a)`UxeHvjAb0=NA
z3g_{dLb)2z@HEz30LGHl){fc4*!5MO<>PRZ4rv36$;oKXIucPW<f45_-1e;HM8iCw
esY|l``cF8Ba=pJ1jSR?Zn$&X8DlgUjufb$+o`=c+

diff --git a/config/secrets/database/bsn-production-oganesson.yaml b/config/secrets/database/bsn-production-oganesson.yaml
deleted file mode 100644
index eefcdd92a97afb9d030b322d70a10e752b33c846..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0QO;^c6gQb(OMLh;IqoTY6Ccm0`jy4j^idHmyGY+5#Lb(
z++rTT?pB^ZpgrvKDn#-?!uRsp)s@s7pYpJ-7!`{yApHT<jcmFL>%sthxCVyDZIYQ<
zfMm7ZVSSye?F7Y+loRThE*U`WeHVvA-Htvr9BMn_qg<U6&je<M5guaA2yWZTwr_-q
z`^>3ERKr0jSrs2eqll&E#1nyHlx@xcU~9L#%DD(ocqVZ$(q!8bBZ3V16uriP7Amfw
z5s!JlQ@WpwZg`>KGr!C;y4Z9LKZmi_5Mx!Y5)|W0iY?tZt~SE3RPZ|rEdx3(t^{4E
e)0+6&qDHse(8DbAVqe0?5l;s@!OKFm=~V3XM2OM=

diff --git a/config/secrets/database/rdm-management-default.yaml b/config/secrets/database/rdm-management-default.yaml
deleted file mode 100644
index 96337abd1ae41a8c4a572156d5ad1751baef6f18..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 280
zcmV+z0q6bzM@dveQdv+`0F$#RVz-RH|6Uq!v3J6OQ=p_H;-AKS9GSM%S>s1i?=78H
z)w%T$lUEjs?%oTov?+B!nCqS`YmoF<CTxJm-xvy2^p2Kn@m4-QTi;bWc7i^t5}hRt
z>`ihcLBo!|_*77DlRtZn0!SxnsP_IF`LW8Y&Sd-EmsRda+-qko4hqockFz#bC4kFG
zXHq<K{x$6;czszAf$$KVLK4ux!#4D|VQGx&Y4_APy`jX~ME^We?9tdT(6*8@gs}<e
z2UvV6`E&g^fk=K})KRlNKQT?9UjUcLdu8)T^7zPxh`A#NYxkM;mNIgITL~3Uo+XMS
en%<J%>UW`NIx_74zXz5q39N8iq;yp2?>gq%pNy^m

diff --git a/config/secrets/gcp/local-development.yaml b/config/secrets/gcp/local-development.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/local-testing.yaml b/config/secrets/gcp/local-testing.yaml
deleted file mode 100644
index 3c1405e87133b1a4edb4e46412bb293d1374a96d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 108
zcmV-y0F(a!M@dveQdv+`02FZ6k>)YsU}}C|+-;b|@7Us-<=g^d7<)Bp3A;CUmwtp>
z0d`va_tjnvM=bnF<h%as1EX5ShA)1j9v4M*dS4U?X_t8*)$lWseAaemY$fS~#%Uh)
OSK`Fu6!+3**UGK6rZs8+

diff --git a/config/secrets/gcp/test-bucket-credentials.json b/config/secrets/gcp/test-bucket-credentials.json
deleted file mode 100644
index 0b6dd95a9a82b5d1d811b1686ebe1160033164a3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2384
zcmV-W39t45M@dveQdv+`08+N`Z>~7vvR;L7&xnB$Sfa?q^qYo%q+L-iTPAbh9U9*M
zT|A{<NQiXoqhts~GhT5$kf!WIl5K?WzVlX_^QThjPQ48NlNbY5O9?m%r>=Mg#^Lro
zw=YE8C`F(+O9hCNZ=dX71j9vzrO@J=b+eE~Fa5O}%Z4LpcPIy5eYBTKsMu^w0oiC5
zF7Aotc{}|}yT>rpprvZzQ#c9ZB@)Y8w3NtXEv)b-93X_gXz^v?>eN4$h}IdAkKI-_
z_=-n2U!$8Z_awP_S=1RQqmj}(qDKx7z>wZYe)YLH36~4LPDKJpJCFRJ!p<1A&D$%#
zDZDojvibUMi>^adj!?ao(wp8$w~4l*XezdgN8DPHh=~}NvM|rl(rSLOiKte?*FcA7
zHU~#Ho<OFZ7xS7weSiLpze4(dv|ssRf01Dsey1vgYQ!9qBOxq?W5Elu;?-b!8U!EV
zq>Yyx$X+Urt?s{!%&n;1OAMSRrQvY2^kV4k5I~eF@@AiQlmea{=2=3H5{|sdRlSr0
zwnp5zFV$St?9-$OW@#_&1=LEFxz5HNyubAAZPC+>62ys=_fY-SFdzS@Zb7TjFx|#h
zYHfAB$KR=cE+4NilBeEu_<ta-4zuE1P&iGckgXUv{X<WkI?-&ur(xJ-c2SEAbQ}r=
zF8AG$9&tJ*jOKas-`9F9--@7amGmm_hyv2ZpMc!u68i~WU@8f&CBngx%Ae_(h?}7*
zkz7-lj_&2UbHTEh%x<fCc7(mOvj<(5q+!)Z$=sj5*9<pe0$urmC)Mu6?U9yCXq}Fl
zc}9$v<+mcf<uo>dC%YUv(ilG)8DNW)43y8yHD7C966^dCV5E0JofL|f`sNa)jWS0j
zNA=Uy8!`B|4JimModrhsHmf{mVj8S6`mUG^TED*Yq40u6KusFe9qD^Ny#)E@_gKNp
zqEI9(F&oKz1C&_qGdK#$&C1vg2I}dx&+ibbs_m3LK4i3F5f<g|cj;H`oGXam7%GbR
zKQ5SwxPX1$@cTn|yybINXKGY9;z2ImZ+F(ii7Xoy*#`&&xp!IAd*=EEV=-nndRR}X
zl)7dRE9WOR>2ne8XSXQzlhVE3Dn{Ze3xdmupVt-*F;%NIb-%x$Dzwb2@HH6ETEI|z
zjoyqp`#R>QDIn!7suU6!^o%5xlzv{)=ZE6@zA+y_5#d^MFm02joR?l-RY#Aq@7hqa
z=FKfxDwlCBTro_n@1qHjwXuuqiZ;<ER#nKV0@ImpVMvy^UkC%|E)P?xdOV&pK=T23
z|ECZH$ybMsH`kjA2y)|qDy!q|Zy1q06pJO(SswQQQWW)^(#i**Ryul|d}_eu+CbFu
zR-wpX0C9n76S-wnx!i{H^>W27&#%G6*as6%J3(#*6$3dJf^9^zfD3JPSa2h?pwr{D
z#fSJjT}!2mCg|FQpYm{^DFE?vk&+E_ZhfD_M1`p4O|L=Om$vx(^voMgsY27TcreYe
z%(c-KW}_~tEbGJwaO33TppO@3<h1}8#h=XS9tes66|B3pjW=SJcW&pEl2L4XBZ3G9
zjMCrb(Yuk-RJ|?-FQ=fNY&CNqCjOE{+taqLwvnf_W%Sf9j9K^Cm!w6l+!Cq=^tJZ)
z5j<X;D*$4)Yk5{#{d8Iq&fa^I$NJU?k3OTUr(C9jCp10q1#ox-<8*L6z)+I)PgWDg
zjs6&@utPL<zbCiyswx&8M$Ly#*@N(!{A(?ld1&b(imhvZ(Pr%j1ZGFWj_orT>i)Rt
z>^schWvJhDTIR29y@S$X!HhG92XMhGksorRpNc;zaZWd8fH~o#&ZH2I<~eRHfugm(
z9WjG1X=zEyo1*fTM#`L5OapY^Hj5EZMM-~nKRCORhvXL-VxcM6PqLNB9)#Ya=w``X
zD<C7pOy=oNSR!uM)4^;$MQGHb$Rlt&BswlWbmsy$G6&*9Bqg~V(#7~_V`u6nfigfF
znctp@+w_?<_3nlV>i5uDfE*v8HzNsp!<H#Tk?;+xp88XFW`d))%;W6Z>BMlkh-;cb
zz{<Q*za5oaLX+Q1vH1C(Y*TfJAs6u8&h;_=h6k3aBbOdP59*C^`}W(iu>>1Yph`WQ
zY4bTnTP(Z2yXKS=@RDT&es(jhmv-llCocmzeb5ref`X0hN%T5(Vg4;n{$Yo=2uMSW
z`9;-AYf+S*y7?O{q%{;0(DH)=HqCJ8jT7zZblC8#zT9GPRF_Ix$E$7udnU`;xvf8W
z%*x5^d4X*}%DOnS_l%DUj+ZaxJbB~WGwRi+-)!LiGlv>7tXcE67#Kon7~CEq-d*IF
zYi69L(niVgF<7fF=w`ASW8FeVxFJqVOtoEsz^(?Zh2}oa1<0C~{Y7mxFR|~pk2vtR
z3&f*@7a*G8RGHS@H*S2wGA|MZElV*X%E823qwRNO#J8-vK(;i->{USDc<=Fn?hlEA
z-6nD^S5*i~pv3Bl7IFLZ0xvV|Mdh_XCEOpyluOph=V*)oQTqD*PWguc1_08DH`G-x
z%bpJ6SU*7na+ss{f3YID-lE@@oNN+m8etyE>sD_&T3;Uam?28E>6&qsaOv&6`M5Yn
zeH=+M89X$~<nuwRKl$ej`)`LnxhcppWb>RUs96ZG{^Iw^cJ+=FB)_95Wy~BZ1c@F8
zbxN2AzUD**jCQ_J>m4`~L8>p(VLaFEV3cUzh9BjXIv);=u>?eDv&SLNHntLTTagU;
zvh>89nf@)Hj($74k3D#AKuO@<n-7`)A&breKMVsUp-;Vq+lYj>LInRiBf9oG+j%N<
zPh0oLls`w)x1t*7W9qS>kaXhu$41vZ#NQVh)Y^;+KT9=H5-$YA5P9_v2Z3z_iAT?v
z9*v5rB`qqqkP-`0d!6Y=UhxKtY7cIl#jy|85KpM2b2JP{C^6lfbi2#uOv#q~B25R0
z4}5D<JV>6snL~bd;EyCQ^&u_$UEpGr?&O8qX*z7BzlxN0X0T+^hL!=YiERbW9=LvW
zwGldm2i`_~Shni?$f#S#U8t=hL|L;4U>JuQHOcZ`<hWAU82nPP$Hq~6ZhuObVo_22
z{alr_#=Cm|G=4eQ=hcBj`Wc>KPS{4Vag5!yd*;Rw5hUsVi|+-gXmEP(?LXNV+7qih
CVXyiC

diff --git a/config/secrets/mongodbatlas/credentials.yaml b/config/secrets/mongodbatlas/credentials.yaml
deleted file mode 100644
index b2c255f200bebd293e6073d3558b7855be2594db..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 187
zcmV;s07U-)M@dveQdv+`0J18}a%c;W0seJA{vy(aO$e&dTkw8+R7f04m(k*@=x3Kk
zY-cd>lpim@_~>8I^JsK<lEChFQ-T!}Ofu^(+Fc8!P9SykSJp+K*U_uLYbUA8+;zM}
z<bOcU=!D>hj(pF)2KgvJPHWhzUUW@8+NP6LODLya)`rA-4WrFyG4Cqjb?b_IM$sIN
pL}JAo16~=2c}XJqxFs3<-Dzti?;Nf~E>u9k|K#EL+0g?hkd$2?T}c1{

diff --git a/config/secrets/pipeline/constants.yaml b/config/secrets/pipeline/constants.yaml
deleted file mode 100644
index 894a40a2279425a15dd7c0460ede37726e79f24a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7826
zcmV;D9&O<OM@dveQdv+`05SrPM-#t;TW%}6&(HvtwxfdnG{OU-Q^T0gwO<xvBhQ{X
zBBqN{Bl(VlB*l^|)*wJX`@s%lh)?Ksk@ZNh`J(|A)ZsyTe!H;+T#*&vp%TPw&{9OZ
zIL$fUVNlnn?37Xs8(-6|emm&{1k#3)HqhS|M+{Yf=t#%!&`#J(-G=k>l|uoSohULs
zwTw16$w-bLldu?CVhFSq*+v-Kb0e^J^`Wo76eGR9Y@$;Okl%j@e26cADAO1J0UQ}B
zW#sT=v<N?h$-^QIZ|PYKpZW?qMsh>Lzi52?&Pu-}Ha_6mXuvBOa28^XqBwKHBWi@L
zSA)wjuJm)4)9gfo!wG(k(n@)7d(4MT6|nV`zi1>8V*od-VP=_Tz#)+7X(tVbE%Qs>
z#w0|D6H8Mt3d9zG8@3@=!J3NLY4V=mG7L?_-GF$tfqLR$`s@TZ%`wuBJk>%NHRKH)
zSm<6uQl0f>sk0m;N8_Z^GMxdNXi1q~as4H!y@J<Mp!2nfDVZ;Q1ITz)3k;SOp)US*
z3i@uGDYm}v6gN@X$~Rk4UTNSviD6I?(RTvVW%7^7;o~Ecz5UJt&|fq&L{75Adk>ln
z^|(_s?MRwpfCV!B{+<=8)bF!{pd}woxWTi=s#f=5Gk^=`bYx&%thbnD_)ChHX(AQ3
z_sB}7U&!o|=kAgfH-3i-(63j$Q9cJddFDn`ufyl^%w=Wt{cQ$qg|EYt^u74GOwCUF
zmhKPF>9m^&SJ38`?sy6J1wk5U{yDoBOGwvR19<Z<RV1sTZ|(^wdUrnV;#@4BK=8LK
z{P`VS_L{Scof^`2J_cn7pZ+!iDoH*H1Ors@Mr?U+91iJYaa_2PbxLXM*fPI6*IDh>
zq`*Xm9NtipNQh;PiV^pa&%RiPot4uf%p7>4btJ?mm1su!&-q)f1apqmx;t`XVR*yA
zrhZAFsvVDuPG~Bh4X~Ql=+7^H|Fi9x*^VTb%xh8tmm$+SBS+7BIHMz5W8~=o7JxS9
zQ|=wn*B}S`dmsKT2Bz|&a$2pYc%bMVn1#-wn)xmKJPC8F9Rfg6{~|wLT8FDAxJTRe
zJJ1u_W_^g(Z)VHeVX6UB^>oEB-s^!b)q#nll#~}GBoa3sUqEz9mZK=pD^Ip5R2YnQ
zHdHBN<7Ikc>MX$OAyAP4X7~2A)tG=AoRX<p@+7+vs-v@+XME6V%pbutrnIf-?ZL4l
zu&KHZWxFHh1wAZa&$_d+8w18Y20%KwRduX6S(7No#8zS){c13+djdsN2(dEXP**Fl
z^1Aup5yMRTrA*k@qcvlrzx|O6Hbf*&!exU2b3cCXD%f8wNm^Ho;D#lCTMD1WE6`6(
zPPw5g{yq0ra|-Ip8*~PSEh_>))~)+GQ^rOUenR1uJB8MxnpEZv5yL>bqa>}ciF<zE
zk7lR*uwkrEb`BX2nxKQYr=EwAmNprqR_1*NX91oMNhULu0#u4*@}y6EX=lm3qzjI+
ziwlko03|t1kuW{m6tj5-#;&10vaeSpfP98QUg0Mey$S}IxhW?J#L1loR}+P?JaXkj
zfC`V!7YDoUYjtY3Vf4-1o9cDyjZ2vy9`Y$tiq^&3IV38~+>5gDLDUIcY~wmVeXq2e
zi#;2Y#*1^Jj#rfVVCek1OQN`z!ts@JI^Hti4649a4C7r*{h1v{7|<pJNK#=GIdH`a
z`J2naJ4_=P6;yWR6X*vvuIl~^ejfSCn=KTJTM^+d{+?&0xaZsZNnwlFHXgfycqgzE
zhV3=++bD%A5JBtg<)%m32N6EudlLm9;}3^NM6>!EM<5C5wO3&(t^mmsKP4~ZuP$Ix
zX(PO`VUtPo(Eg)!r|csuaC?s8tWDEgV~D9P11RjyZZiNE^$A^V2ZGISdb!j~T6+7(
zb26^XhpUAdl%Px@-GlzuiE@qf!IElxT=A(IrxzkdBB>5IfHP0YuGs|7;?NTCf9%~|
z2a3kM=VG_=`_emp`W25gagMU$lJc%tDn~o2<bS8*uZy&_><~sZ2AEkBq=J55;jrn|
zgW;9R_Rkg=!e>jz^6rO0bk%za_I6vBKrNXH6?0e2#dodaZPvENx{|W~Bo4v~AvlcQ
z2gOD1L0)$|tAC&-;XcVOV*Q(tt3_LXm4(20!7y8%0`lZ56M1$;90XZY#~5=RjU5Z1
zuYi{wn!V8iTB%>m8FT41gdtZ3J$(KKDAuwhXhYhGFhcZe>eN_E{_(Dd=W3MeGX_a<
zab0J$oVE<%ySDNW(rp_Dh;DUKyUfkRJhIQrKP@TepwIyboIZ|0ZzgHp!v-%eEudS|
zymRk%!)9&FpCejUrN3%<dFrGIz!^OWPOUS3QAPgn=@SmR3BdE)I0nlv+}xc*V_`1O
z3Sh!5)3E*GI1qNgJmsy8H1dU;A|mH7HIZI=0dtNA@3-i?znWiZ%)1UxgPcw+D+P1Y
zH&%MD)<Ox!K(BH75^rc2j@f~F!FcLnY=7Ba3srJWGMVL^S`RdStEbZ@*;vd1S%y^f
zO+YFs(hC|MPbh0a$u+Hc+Gi?cjVbQplDys1e1m599v>e%3&dqo0GITH1F3#-#)jsT
z4lnSN6biHUWNlR!$xE32@2Ak78V-4Fx#RG1nT9IVkgR-xEJJ2`P~<OH>QAK3j}LCs
zm&;ET%ivd@=@&wOb3tHKpPddX49GvR5ee-O+nSUBcxvVmCvN83BtKHk4+`ZsMoY??
z)x{dTMKD90$1k=F5YFeAWaD{>X8qvVDj)FVea(XfLBzRCX>k)-Fjy?F;h2`lJy0YD
zfI5pT<HEN{-ew|KBpjlkT$<Hgn409`V`VSX2o~%q-*KXm7~f(d*P<PLyF`#1R^exW
zlS}5V)(OQlBlS?*jzj0#N`TPCg<<8W6S)}F7hFdR0ypcPAuSK29P^}O62UcXTsEEG
zES;&nj9tc;g&3v9k*9yvvoKu_uJR`;c6Xae73FiHdgD)Ms}fQhG<~sc#-rs9D2^8o
zBsZ4s=k`&87v)SrIPPK`n^!$D*ZYwSyUQg`)+n@uFw2m1y%NU3SpxljszKGgd9P+T
zf)=G>$_L|M=BsUoB?A(_)*!3EJ=6Seduf|8FI`n7bG?qTMGLlV7C39Az^B(FF4*^k
zX5=I8ws9s`mlvPxc{fV65M~{mKnzPASAbC2H&s{+a99^Bp9)jmE{AqXD;+U0MC{mj
zoh*4br!vacBbk`Eb0o#u84FbjfR>lD5$tV6Z*VwNLf)JtKtA0z_h=?^CjX+Ai#C&A
zzjVDj(ki3G>h4bq3~j$VB%z?K=ZrDHPFi+kqImMi$P3FIbX|o&7?8s-9M|hI1&v#u
zMp|TLOn%JTU(L`N)Y$FTpO`uVjXZ9jT7?4@%B%0)udgN1D^#r_H0}Nv$Xwqb#K|Y1
z#2<^C%Ep;4lod_7EKVlfmhomEstranI!HepynDAU3Klw=3)q(oXYFC0Hd>>1k4Uj#
zPHA2H2Y<2JQjVxP1Xj^&F|#`R<(?$d;_Zm{6N0~d=eJIN+%<!!NdV@RhO(j_lT-?i
zUAOm5Ix;$E10&QqT5GUois4-r=Nml~auHB+ig*?Ze_Rh^MDvcZR7rPv99gAj!HHD8
zQ426$wP!-?rc$YaO!}yS^SC<kpU3-X%0ZrhiJ{9fan@X?%`>Q_WrwQDR8Ey#tK$mg
zh3!$?YkM!KO*!}ocaqDU<?h`wr`@KND1L?n{7JvUvT~QD2pW%*>0&AoRCv@`eOP)g
zbZ4dnSm!X#|61{SjHJ0z{TUn8k?G!DYD|H)(oGbBkt>8&cO_sL-zv>5zqf6?+={GK
zuN}y!NOVa}*;jqjCd|wFjTfvRa~Fzx7=tuo^@mFfIb|S5QG&$XC64`$Msk<Sg#?5D
z715ShO*Hi_;Cz9twoR=?Y91=Fl#Q8N&TCm8MKd-jzl~0zHq)srYr?JNK~?(6yx0|?
zcM+UF5;vJvH!U?o+1MepqbL7z_-^sI;uG}mkXl<)8=ggSg!y<rrW`1XKIl?MgcBH$
zcT*$~;6pdAdak6+C&wl)$E)JA9YlV#wP>o=Mo0P86?W)>=W&4k#eUAhFzti<l(Sq<
z0Bqp)&mKJy<4}k85kEGPT#r-yz9nrSg<F3Z2a*R+{xvWKP!tz&A8D2;AKHzB)+V1$
z*MDnPNAcUu1fWEsO(<gs0a>f~G=3UIOj>Qk&^*6BM)uJm!D(bp0(NW=`jp<VItc(e
z6h<$+@q3kc(%c^xb$%k}GQhu28A~0OI9k$}5<#z0Bqm?RxO@{hBfMRtj>^jENQQs;
z&ueK}8NQj7Lps|fiN5)$tLZhle>{BuCJpMcF1RQorA++`MxD?<&0dbbK==iPUV8WR
z9+XH9mvP-p7oWcl>EkOJtNd1df96WI--=$0wTpS@{;~(@StSSbK<FMyJ6YdBJIDab
zHt6lV!h675jeH0_vgMr~4U#VkBC#=VUc;PIf`BGI$k5X8l2KQVfBdt=wjxc<?G?U*
z1jgL%ux#|~<Zef#!o!x?=hCQux49PV@L3B)Y5UUKB9moT0?weGB*hiY9*R0Cruaoe
zanJSrv3eZ-PXV3t?%_l75B^TncK8aE95{OB_bb%e+D(zW=ZuoL!H7i9Ak5-jFr4I>
zR~?+~Ua-XzJy~68Ynb2#w)#Maes$o}n<?T46v@%5qH|k;go>K(Bvyg7L=p+h-5P50
z{uHUgBF?{>iy>DX97A-eG@>G6zJ?%1&~Ki=)gj3AZ_%P<$wK^yca?K}_ve7L277Z%
zp}{Dne@SgSaB7a#0_ov4D$P#SH+Jrm`?$K0Tdhh-_0X=Itf2t-rEOxHWNsY}yXIDx
zM9-!<;thxAdYv)OXieCu&Kz54&fPuhzJv<sR;7sg_jUcZ3ld7=Tl0<gG9mHdOv#IX
zsLUo!eoRkzD4bv#=+2!})5@IK4R`Tcvxg~+8PWn}>Y4h846JPUYrsA+h2b(JOk2~K
z$UhY5iZke4^%pm7q327^B~flkFg#8y--o!`Qohw!y%KvKKIyU2U!>0MX5^b|6#7}L
zRETDFw0{LXlsvSh(eiW@+4zqQaCr*i`KKXS;_UEDHn?mSSUq#UL^i3pq95}M$bjBi
zk`ym1g%ipCe%A&Jj5T@za5dse-Fsx@nq~L$5g<8>en>%5N3uOv-_!S;r3Rq6{X8P+
zJS_oqQK7{@-z!6GAUDAN1?^2fcbvuZq)$||GLL&bwDgycNU>VOj`ZYY$v`L1_`pYI
z_^}fj+GNM)qlLWmxz?i*PI~SO)?}f7h$16;e7&hAI;lBN5f-DsQF9*W_=Pl&nSV^*
z-t3i<qCIHT{Xu*?`vuj9$@W{Yb31|-XNug9-rSuN6EEe?(2s=OFoxB`OaX9@4lSD^
zB1_0{4B*C#-mz@lOx^WR6tAWUt@ej(+(|7=f|*ank?SjUzv!tB|3Kp}WV#-EhcJ9&
zw8`aR4FuSy@pKw*=$7BKSBOKt*@E8c%UR>k&Z*Mtd0#OG)VX85w8uukG%of}^n{!d
z>QQbK^<v!wDAeiXR$m;1W?6g}*Et=eY#X*H4m&9j#vfrMMN&8bxq8N~FyWuwky_1P
zMcD3)Z#%fV#*q~{)os2M1~%!+SE5XX@fnpIb>wsgCIeTC69r_U&z`<~?1OQ#R$Q*o
zO?BVVAj#A&J7}wiGA^?1`49G&i7I!w&USc5$)|cTanmkmsz!N4ks3}LlF%5-X14tv
zy&L0K{-(3rS+LLL<VP1PdRu++??mn(jcqBhqh5TkT;7B-&h<8RC-TwjXm0Xoo}OTG
zko@*{0qbr{dSWvues;x7j|n3kdN-z+v-Lw6WR>{KGomN8wRBD3(lBEhZTf5{B)Tg3
zFeUTb1=PS+<4cVIZ<Ap}oSUJ!59TS3#G1T>fahxhll&<f58|j`zrqx9`yslm^DUSn
zP*?xcP3%tiT^aU7o_qDI3+Pfz`uPKK>H}As1fQy8Hg_N0V<;XA?A~txRy_O^_1c>d
zETx&Q8q*?XXo}iu0w;v^2sInwBhFn?H^q}2-V{F0&|nlGxp|Mv*+sBdQZQME4`d7%
zT%Hj130?zwBU8!Hv_zO5h^VK2E4up7Uf0dOYrD{s&*i?-*jRJ7ejL`p?l{EQYyCsJ
zWp%J5i$mM=G=N$6^9LeMIpV7QotsvG{jA?D%XlRg(7v?*U|}<+6$`;lB>({$MXSKO
z(#G{Kul;+Rueg|R*C^*?6i_>!5NpVl0~3ht#wPyVfsdK1ng~Hr*5DL&vrF5h@bWDs
z7js-Q<n_wF``^#~0u*ON0v{CjZg@9lz-~R_f$?G5BtTxcxaQ+6HUy7Z=gCS{l7bbl
z`QV5xNz`s$j(Vu`6K%=%=0ym=p1LPq2N$NZW1`PS^pTIf7cX1E@FV&)u;kq7Vdf7Y
zZ{*v;RG9R0c?J=`?3c}!^&|TSn|Q-$uKqkCH2AwpSoh-H6Q}y5Z{Ka;`L$Jr_#Ohp
zXGXiqyg;&kJzxwZj3X=?Cv<k<<k6E~(AmJ$Ybql^*lGPB%^@mGfIVaQ2NOWFhOOx8
zH_h$}Yfsp5M8SCo?KK)FbTg5#jcnhjXBp5biEE^VD}EL^j39-bU<K9JWt^3HAv!l9
zCm?3?(S4W_vStOmXU?mCqP%S7!n*$19^wP4Y7cN=4~hu>U{&(SO_8h-Bpbbe;1q=W
z0oY+Vl#FI#oVVaO>?_PPU~a%c;Li4!XEWVyzg1sHfou!X-?ZI9d`L4gx8N*hO`wKj
z>MWF+S1W-PNfmb9kR?M9x1DrZyc~p$1o|owHC-oisvwZ+%?L`gQ>~8hq4~rX1cV8A
zJUrIsE&+~t<rf!ksK!g^Y2BfL)E{`{xTW<N$_oR<gPHBE^(JK@1U9CS$oE6e7foGu
zCOwPB6lU}w^WtK$|EeXRN}!u>L~rb61T@oEH?o64r`psIy+%3+UA`*DWQPtQ1Amb<
zL6%5B53$S-Gb0-N5Z#UAU9)W;;)dp(p+-wY=iNMvcr;wns$#EHy3`!yAe&57<x>!V
zrhnxNTIc-I2|GfY`r?CU<23GkKFf{oMO3M{skZOwxBjFeCSi06DWjL&0(*E3pIz*Y
z-%qbhMsOg_t4X<TwAm~OVs+dsjfPCxtR&HY)H-v3;~&#@SAzPy#Gi})B<Sqy%UWEW
zVyXTCZYh=ko;pQ0mzIByIVrUxGnJ0o#`Q!=04ufy+BhJk1A)xA)+4%x2e8p<`&Prv
z=Y@pi3Mm4JKES`sjt`wI%ZvpqIMj$MINqLb8bwydyj6V#fu94>M^~j)S*CH`w5mu)
zOti#^3h7xS>FR+x{3<r?RF$o5b^T5&>bQal-LX?I0QIIi*GwAuYlRpHhM>kxvj&jR
z3Rg_Inx29W@w0AY@p?e-4EHJM$JHHYW#S<VT~+Xw8M|2_;ppc<BVm)kkb87;bJ|_M
z#vFWF`H@$dtd=zktouss6VHx2s-LFPpLzMXT=>e;M?FeI&#C$rhhE>YdR{=^d;)@y
zpA}4hyExR5RI%(jL~@X7-oOm^^sohJhh}P?WBL#psc=zo6{UseTzwwT+U;6ospe;X
zZ;B7VR0voAcK{wkDZ9{@8Myq-Dp&=F+<{NAbLs}~nzD(V<$f^d(zlT!FQWZG-Qa%z
zvgPc;ZJDx|njB@+0v^datM*l}kXXKP9h(c%<r0!V#AbL2Xx{kIh@jR3uEdpEECOCH
z>+~Ku22RcY0yL9A$&P(*D^i?5e#8*WZBN(3u_RDpVYU(|mwlhgt1;_84|M*n-jnWu
zUDK<&2hr_wy`>7W7XDlP6@-GZH!M~y(rTczv;1;D?6`N1A6sQZl0FXv_DsNV73yVs
z<nh_O1e8yW(;z^>ca(}rJCHVqZ#R_=K$QbbrHy%Q^PN!GdWxc{{(O#K;MP?+&Xwa&
zJLQDOLY=h!MrN9wnoLndx8xG_X+_OIMoNaKgregao-!n7{O7)+K9D9-qwR2Nm&KO!
z*~<7G)&4wGcRD_?_}QX;5I(1{3Ijnh0cjD~D*Z^~H#lr}MIJv*^EfaJLWifSOd<Kx
zV=Z)p&Yp)tmk2lSkiNTbnO#6e;X>!>i^K1ac`|qn0tIdzjyE5Ov`>-_<<@kQIli@+
zTw^JU#e3vIiz7+{k)}GIS6M@ci^@OsQlhrBD?-Mq!GP?zU1B<dZh9Ly|F-KTua^sR
z6;%tz__M#rGjo%rBBsP`o#f>eR9`dab!E`A!cL+ZYFyS}Mx{kQd3`6A?kvTaRX;!n
zOz6#1g7k!aa(kyT>hi&X10E!Pr&&5K-Y1fsQ-dky@VXh}MUO(|!7Kk8Y33+Nwb;s=
z8kJ<5n6cnTN&CQ&0WO8BGgzFuNnaN*uow)twj5(R7Rv9IRJxt`pCUwzzM`v<M(sMb
zfnSr>YINHCO5U`X$S-)2857DWrA5EqWmQI`v)#3~P)Tlr7(<Xm$D1P?NlwF^=ioX7
zIE?<;b$bXH<k0f;NIP~qpq&5y*v`(jv8>AcA)sSK#^iN+W_B_{<pP(ZY{FYpPt}3u
zvhB}Vq(;*{uLwVzXX*-jIlFW%dmP;63<_Hv6kbOv(zII@7ZrFJ#%S#UhcnpvcD@JN
z4$avSrwr)8XuiX?s6Ps4LG1Q6EZw9IhMRs#TvPcmAY4wNsc>kmF9fH&=lm27-550p
zaTzcqI8>Cl6wf7irc=ySxBqQN_JZ~>9_||JZ{E36^rVV`_nHg57f_*72DDq8j!IZz
z4Xzi;*3+wWumT;g+Es~=r?R;Y+2}-drqe(mV50B->N4xg!@3P>WKQ82lyHVZr2~kf
zJMCq9$BspFI<ln^?cc$p!5^3Z3uml#b+qTVIMCRga2qU$YOXu1sy+&|;Qp$usE=8O
zTK7^;075)SfKg)e_suCrF?=vt)A)a=1bhNX4)_#lGb)i~|N63h<|M*?cVajaiMK8N
z@5%FPN(3uI+>qLV1%%}(d$7Op%m(Ibz6JI)cCw54kayftr^lLqK<*`u->NiS@UJHi
zMkLq=bjX@nlU=7MwuqubLg_j=7YCA?9|V%n(q^TY?m3`&(+xnw=Q17?7aXw;eSWQt
zOQoVkcOgnKXYDtTxBd7{VD#-Bj~uc^Og|pSU}E@djN7j42Ynk{qZf4dASC}ZvS9jU
zNZ0PHd&eJ|lWC?4i3@}Ee^;-0+oYR4JmhHR<J--c5fgw|6}nn$joSrJF4W(;x&t?H
zk-2?Xx>zHH-r=GKDH)Eju%u!osO=`qoR4ng-T(v-aZmu&L&QNfx`u|D_vF~ActH9G
zaSf#oA1Mw;*z*7K^0W-?u(`JbqQ^)1c)7?Ha=yGv0!!9LEShI41<tF(qhq3JBK84#
z#cmuqcwzl_WB}wacy3#iL*bJ!vNWPO`5P_9;LYW>71zMK;{G={G4P}n$1br6FA6;b
z==#4??R~FWNhBO6o${!Q7h;6V@Z5UC@J%bc+DY|~ig*+r_)<b8{P<#4*j$GTie;7D
zu4|;rW(o@QbZ<K9YlhrAQtoJUUiQew@3TABJslOq;5PP-;*zkkEpw8WT#eh&^FkQO
zdn$O1Runv_U&YkEO-D$MZCFUYT&$0YLopq1ZgECgjZ%!>hh$B+E=C;2AZAz^ce5_B
zhV&DcXw$}Qlyos2;0qRJljm+{V@Gsq$ql*SDPza@{o~8QwdJtTX*tQihUa2Y?UPf5
z7rDecrgXp5yrQh1URoRwFf&MSIG4rQJg{`d^34QT@2nr!tlzaMDD0b_oe6BqcXifm
zR>RUs25*Z5Xct4v1}=2aYT2Bak`+~b);2$m(eJQj2T7r~hmAs}Q8pn^?5l6}rCF?8
zN%`pQZL$3=F=``BjZ&mu5H0mFosXPCyko)mUHc#;<e~6;_x1v*j)%|u`K0{q!E|+#
z@0FNrezZ5PD*c3Hwld84sL3>|_6`g}nZ|Zz;3n_!ZaRk{&wr|PUf30Fkx5q#Q~qwU
zeECn1*1@m>1S`=_{md@hk-{?t3|@!*zTD(%83xTq^l!x0SfiLV@c|I!j`D61P$iPK
zm$sy7_X%-wzbduRHj<}=MpcT6$;8BY2QrhG%kQOx_V3f2pJ7H}5U&&dv6pjs#7^nF
zk(U+-z*Abi_dut0`W3lq8d!U+HTR{JfkYWU-7$o`eUZIR^O`e=o#o4&H*P0D-}lK^
zzdbrKldw*eZ_!+!zG@a%5%f`?@Oi*^M5z7*v;oTl4NT-!=NUnqbb<r9SCQWFF{fP3
k@tB;0m9igZ(>==;E&KrZ$DaRkOz^KtKHxdLwS>||A{lNnzyJUM

diff --git a/config/secrets/pipeline/rdm-management-default.yaml b/config/secrets/pipeline/rdm-management-default.yaml
deleted file mode 100644
index 27e627c633bf7744c79d7b5415931197baa0d1e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 240
zcmV<M01y8FM@dveQdv+`07V}-T_}<=rkFiI6XsB7PMH{uR$Ee88>ohe!w=Ks-$G2A
z-J>yR1#=sa4Ke-q1p4MXYx&cSO3<9bXp`qnlvZw&2hkwU)qR+5aScHtue6LfBb-Bm
zqYPI}eeGVUbWLQe4V_n;t2$3N%~^t{nCkJ<6!9pmY+LZXY=Q|%*s7<kJlf|P%#MN4
zwR(ar$EFmW2uV}Rkg(7QEP0L}!)FI7u=lZrG4gW)NhduL?jSoRcy@qt9$I+3oXN*o
q^mdsjvWBlq^V)#4tIB>tv?wIU^9AqPM!B$MCFE=kaR1&CF&7F*m2o=&

diff --git a/image/docker-entrypoint.sh b/docker-entrypoint.sh
similarity index 100%
rename from image/docker-entrypoint.sh
rename to docker-entrypoint.sh
diff --git a/image-keepers/Dockerfile b/external/keepers/Dockerfile
similarity index 94%
rename from image-keepers/Dockerfile
rename to external/keepers/Dockerfile
index 002d46eb..48b1d3f8 100644
--- a/image-keepers/Dockerfile
+++ b/external/keepers/Dockerfile
@@ -25,9 +25,5 @@ RUN cd /opt/keepers \
     && npm install \
     && cd -
 
-# Add metadata
-ADD VERSION /VERSION
-ADD TAG /TAG
-
 # Run docker-entrypoint.sh start script by default
 ENTRYPOINT ["/opt/keepers/bin/docker-entrypoint.sh"]
diff --git a/image-keepers/docker-entrypoint.sh b/external/keepers/docker-entrypoint.sh
similarity index 100%
rename from image-keepers/docker-entrypoint.sh
rename to external/keepers/docker-entrypoint.sh
diff --git a/go b/go
deleted file mode 100755
index 35e5fbfd..00000000
--- a/go
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$GO_DEBUG" ] && set -x
-set -e
-
-project_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-verbose="no"
-offline="no"
-skip_checks="no"
-
-missing_dependency="no"
-
-[ -n "$GO_DEBUG" ] && verbose="yes"
-[ -n "$GO_SKIP_CHECKS" ] && skip_checks="yes"
-[ -n "$GO_OFFLINE" ] && offline="yes"
-
-function loose_version() {
-  local version="$1"
-
-  IFS="." read -r -a version_parts <<<"$version"
-
-  echo "${version_parts[0]}.${version_parts[1]}"
-}
-
-ruby_full_version="$(cat "$project_dir"/.ruby-version)"
-ruby_loose_version="$(loose_version "$ruby_full_version")"
-node_full_version="$(cat "$project_dir"/.nvmrc)"
-node_loose_version="$(loose_version "$node_full_version")"
-
-echo "Configuring NVM if present."
-nvm_dirs=("$NVM_DIR" "$HOME/.nvm" "/usr/local/opt/nvm")
-# shellcheck disable=SC2068
-for nvm_dir in ${nvm_dirs[@]}; do
-  nvm_script="${nvm_dir}/nvm.sh"
-  if [ -s "$nvm_script" ]; then
-    set +e
-    # shellcheck disable=SC1090
-    source "$nvm_script" >/dev/null 2>&1
-    nvm use "$node_loose_version" >/dev/null 2>&1
-    set -e
-    break
-  fi
-done
-
-if [[ "$skip_checks" == "no" ]]; then
-  echo "Checking for system dependencies."
-  if ! type ruby >/dev/null 2>&1 || ! ruby -v | grep -q "$ruby_loose_version"; then
-    echo "This codebase requires Ruby $ruby_loose_version."
-    missing_dependency="yes"
-  fi
-
-  if ! type bundler >/dev/null 2>&1; then
-    echo "This codebase requires Bundler."
-    missing_dependency="yes"
-  fi
-
-  if ! type node >/dev/null 2>&1 || ! node --version | grep -q "$node_loose_version"; then
-    echo "This codebase requires Node $node_loose_version"
-    missing_dependency="yes"
-  fi
-
-  if ! type npm >/dev/null 2>&1; then
-    echo "This codebase requires NPM."
-    missing_dependency="yes"
-  fi
-
-  if [[ "$missing_dependency" == "yes" ]]; then
-    echo "Please install missing dependencies to continue."
-    exit 1
-  fi
-
-  echo "All system dependencies present. Continuing."
-fi
-
-if [[ "$offline" == "no" ]]; then
-  echo "Installing bundler."
-  if [[ "$verbose" == "yes" ]]; then
-    gem install --no-document bundler
-  else
-    gem install --no-document bundler >/dev/null
-  fi
-
-  echo "Installing ruby dependencies."
-  if [[ "$verbose" == "yes" ]]; then
-    bundle install
-  else
-    bundle install >/dev/null
-  fi
-fi
-
-echo "Starting rake."
-if [[ "$verbose" == "yes" ]]; then
-  time bundle exec rake --verbose "$@"
-else
-  time bundle exec rake "$@"
-fi
diff --git a/infra/bootstrap/bucket.tf b/infra/bootstrap/bucket.tf
deleted file mode 100644
index 9bf230db..00000000
--- a/infra/bootstrap/bucket.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-data "template_file" "bucket_policy_template" {
-  template = file("${path.module}/policies/storage-bucket-policy.json.tpl")
-
-  vars = {
-    allowed_account_ids = jsonencode(coalescelist(var.allowed_account_ids, [data.aws_caller_identity.current.account_id]))
-  }
-}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  bucket_name = var.storage_bucket_name
-  bucket_policy_template = data.template_file.bucket_policy_template.rendered
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/bootstrap/outputs.tf b/infra/bootstrap/outputs.tf
deleted file mode 100644
index d59f77a2..00000000
--- a/infra/bootstrap/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "storage_bucket_name" {
-  value = var.storage_bucket_name
-}
diff --git a/infra/bootstrap/policies/storage-bucket-policy.json.tpl b/infra/bootstrap/policies/storage-bucket-policy.json.tpl
deleted file mode 100644
index f647a293..00000000
--- a/infra/bootstrap/policies/storage-bucket-policy.json.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    $${deny_unencrypted_object_upload_fragment},
-    $${deny_unencrypted_inflight_operations_fragment},
-    {
-      "Sid": "AllowCrossAccountAccess",
-      "Effect": "Allow",
-      "Action": [
-        "s3:ListBucket",
-        "s3:GetObject"
-      ],
-      "Principal": {
-        "AWS": ${allowed_account_ids}
-      },
-      "Resource": [
-        "arn:aws:s3:::$${bucket_name}",
-        "arn:aws:s3:::$${bucket_name}/*"
-      ]
-    }
-  ]
-}
\ No newline at end of file
diff --git a/infra/bootstrap/providers.tf b/infra/bootstrap/providers.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/bootstrap/providers.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/bootstrap/terraform.tf b/infra/bootstrap/terraform.tf
deleted file mode 100644
index b1d45698..00000000
--- a/infra/bootstrap/terraform.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.29"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "~> 2.2.0"
-    }
-  }
-}
\ No newline at end of file
diff --git a/infra/bootstrap/variables.tf b/infra/bootstrap/variables.tf
deleted file mode 100644
index 80dd25ff..00000000
--- a/infra/bootstrap/variables.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "storage_bucket_name" {}
-
-variable "allowed_account_ids" {
-  type    = list(string)
-  default = []
-}
diff --git a/infra/database/network.tf b/infra/database/network.tf
deleted file mode 100644
index 04dc4a8d..00000000
--- a/infra/database/network.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/functions/modules/lambda/iam.tf b/infra/functions/modules/lambda/iam.tf
deleted file mode 100644
index 748ea015..00000000
--- a/infra/functions/modules/lambda/iam.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-data "aws_caller_identity" "current" {
-}
-
-resource "aws_iam_role" "lambda_execution_role" {
-  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Action: "sts:AssumeRole",
-        Principal: {
-          "Service": "lambda.amazonaws.com"
-        },
-        Effect: "Allow"
-      }
-    ]
-  })
-  tags = local.tags
-}
-
-resource "aws_iam_role_policy" "lambda_execution_policy" {
-  role = aws_iam_role.lambda_execution_role.id
-  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
-  {
-    "Version": "2012-10-17",
-    "Statement": [
-      {
-        Effect: "Allow",
-        Action: [
-          "ec2:CreateNetworkInterface",
-          "ec2:DescribeNetworkInterfaces",
-          "ec2:DeleteNetworkInterface",
-          "ec2:DescribeSecurityGroups",
-          "ec2:AssignPrivateIpAddresses",
-          "ec2:UnassignPrivateIpAddresses",
-          "ec2:DescribeSubnets",
-          "ec2:DescribeVpcs"
-        ],
-        Resource: [
-          "*"
-        ]
-      },
-      {
-        Effect: "Allow",
-        Action: [
-          "logs:CreateLogGroup",
-          "logs:CreateLogStream",
-          "logs:PutLogEvents"
-        ],
-        Resource: [
-          "arn:aws:logs:${var.region}:${var.account_id}:*"
-        ]
-      }
-    ]
-  })
-}
-
diff --git a/infra/functions/modules/lambda/security_group.tf b/infra/functions/modules/lambda/security_group.tf
deleted file mode 100644
index 95dfd4e1..00000000
--- a/infra/functions/modules/lambda/security_group.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-resource "aws_security_group" "sg_lambda" {
-  description = "${var.deployment_identifier}-lambda"
-  vpc_id = var.vpc_id
-  tags = local.tags
-  count = var.deploy_in_vpc == "yes" ? 1 : 0
-
-  ingress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_ingress_cidr_blocks
-  }
-
-  egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = var.lambda_egress_cidr_blocks
-  }
-}
diff --git a/infra/functions/terraform.tf b/infra/functions/terraform.tf
deleted file mode 100644
index a3531f9a..00000000
--- a/infra/functions/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source  = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
\ No newline at end of file
diff --git a/infra/image-repository/outputs.tf b/infra/image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/image-repository/provider.tf b/infra/image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-repository/repository.tf b/infra/image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/image-repository/terraform.tf b/infra/image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-repository/variables.tf b/infra/image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/bucket.tf b/infra/image-storage-bucket/bucket.tf
deleted file mode 100644
index 9cbf9bd6..00000000
--- a/infra/image-storage-bucket/bucket.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-module "storage_bucket" {
-  source  = "infrablocks/encrypted-bucket/aws"
-  version = "2.0.0"
-
-  acl = "public-read"
-  bucket_name = var.image_storage_bucket_name
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
diff --git a/infra/image-storage-bucket/iam.tf b/infra/image-storage-bucket/iam.tf
deleted file mode 100644
index b9bfdd42..00000000
--- a/infra/image-storage-bucket/iam.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-resource "aws_iam_user" "image_storage" {
-  name = substr(var.image_storage_user_name, 0, 64)
-
-  tags = {
-    DeploymentType = var.deployment_type
-    DeploymentLabel = var.deployment_label
-    DeploymentIdentifier = var.deployment_identifier
-  }
-}
-
-resource "aws_iam_access_key" "image_storage" {
-  user = aws_iam_user.image_storage.name
-  pgp_key = filebase64(var.image_storage_user_public_gpg_key_path)
-}
-
-resource "aws_iam_user_policy" "image_storage" {
-  name = "${var.image_storage_user_name}-policy"
-  user = aws_iam_user.image_storage.name
-
-  policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Action": [
-        "s3:DeleteObject",
-        "s3:GetObject",
-        "s3:GetObjectAcl",
-        "s3:PutObject",
-        "s3:PutObjectAcl"
-      ],
-      "Effect": "Allow",
-      "Resource": [
-        "${module.storage_bucket.bucket_arn}/*"
-      ]
-    }
-  ]
-}
-EOF
-}
\ No newline at end of file
diff --git a/infra/image-storage-bucket/outputs.tf b/infra/image-storage-bucket/outputs.tf
deleted file mode 100644
index 07e52a0f..00000000
--- a/infra/image-storage-bucket/outputs.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-output "image_storage_bucket_name" {
-  value = module.storage_bucket.bucket_name
-}
-
-output "image_storage_user_access_key_id" {
-  value = aws_iam_access_key.image_storage.id
-}
-
-output "image_storage_user_secret_access_key" {
-  value = aws_iam_access_key.image_storage.encrypted_secret
-}
diff --git a/infra/image-storage-bucket/provider.tf b/infra/image-storage-bucket/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/image-storage-bucket/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/image-storage-bucket/terraform.tf b/infra/image-storage-bucket/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/image-storage-bucket/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/image-storage-bucket/variables.tf b/infra/image-storage-bucket/variables.tf
deleted file mode 100644
index 84104ad1..00000000
--- a/infra/image-storage-bucket/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "region" {}
-
-variable "deployment_type" {}
-variable "deployment_label" {}
-variable "deployment_identifier" {}
-
-variable "image_storage_bucket_name" {}
-variable "image_storage_user_name" {}
-variable "image_storage_user_public_gpg_key_path" {}
diff --git a/infra/keepers-image-repository/outputs.tf b/infra/keepers-image-repository/outputs.tf
deleted file mode 100644
index 843b50e6..00000000
--- a/infra/keepers-image-repository/outputs.tf
+++ /dev/null
@@ -1,6 +0,0 @@
-output "registry_id" {
-  value = module.image_repository.registry_id
-}
-output "repository_url" {
-  value = module.image_repository.repository_url
-}
diff --git a/infra/keepers-image-repository/provider.tf b/infra/keepers-image-repository/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-image-repository/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-image-repository/repository.tf b/infra/keepers-image-repository/repository.tf
deleted file mode 100644
index 2205a12a..00000000
--- a/infra/keepers-image-repository/repository.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-module "image_repository" {
-  source  = "infrablocks/ecr-repository/aws"
-  version = "2.0.0"
-
-  repository_name = var.repository_name
-}
-
-data "aws_caller_identity" "current" {}
-
-data "aws_iam_policy_document" "service" {
-  statement {
-    effect = "Allow"
-
-    principals {
-      type = "AWS"
-      identifiers = var.allowed_role_arns
-    }
-
-    actions = [
-      "ecr:GetDownloadUrlForLayer",
-      "ecr:BatchGetImage",
-      "ecr:BatchCheckLayerAvailability"
-    ]
-  }
-}
-
-resource "aws_ecr_repository_policy" "service" {
-  repository = var.repository_name
-
-  policy = data.aws_iam_policy_document.service.json
-}
diff --git a/infra/keepers-image-repository/terraform.tf b/infra/keepers-image-repository/terraform.tf
deleted file mode 100644
index d9eabeb5..00000000
--- a/infra/keepers-image-repository/terraform.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/keepers-image-repository/variables.tf b/infra/keepers-image-repository/variables.tf
deleted file mode 100644
index f248b15d..00000000
--- a/infra/keepers-image-repository/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "region" {}
-
-variable "repository_name" {}
-
-variable "allowed_role_arns" {
-  type = list(string)
-  default = []
-}
\ No newline at end of file
diff --git a/infra/keepers-service/cluster.tf b/infra/keepers-service/cluster.tf
deleted file mode 100644
index b4a8d43f..00000000
--- a/infra/keepers-service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.cluster_state_bucket_name
-    key     = var.cluster_state_key
-    region  = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/container-definitions/service.json.tpl b/infra/keepers-service/container-definitions/service.json.tpl
deleted file mode 100644
index 3ef64daf..00000000
--- a/infra/keepers-service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "API_URL", "value": "${api_url}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/keepers-service/envfiles/service.env.tpl b/infra/keepers-service/envfiles/service.env.tpl
deleted file mode 100644
index 1780456a..00000000
--- a/infra/keepers-service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,5 +0,0 @@
-TOKENS_CONTRACT_ADDRESS="${token_contact_address}"
-BOSON_ROUTER_CONTRACT_ADDRESS="${boson_router_contact_address}"
-VOUCHER_KERNEL_ADDRESS="${voucher_kernel_address}"
-GCLOUD_SECRET="${gcloud_keepers_secret}"
-ALCHEMY_URL="${alchemy_url}"
diff --git a/infra/keepers-service/image_repository.tf b/infra/keepers-service/image_repository.tf
deleted file mode 100644
index bca72e6d..00000000
--- a/infra/keepers-service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.image_repository_state_bucket_name
-    key     = var.image_repository_state_key
-    region  = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/keepers-service/network.tf b/infra/keepers-service/network.tf
deleted file mode 100644
index 4f174709..00000000
--- a/infra/keepers-service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.network_state_bucket_name
-    key     = var.network_state_key
-    region  = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/keepers-service/provider.tf b/infra/keepers-service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/keepers-service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/keepers-service/roles.tf b/infra/keepers-service/roles.tf
deleted file mode 100644
index f4377d9b..00000000
--- a/infra/keepers-service/roles.tf
+++ /dev/null
@@ -1,35 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type        = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role   = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/keepers-service/secrets.tf b/infra/keepers-service/secrets.tf
deleted file mode 100644
index be94555c..00000000
--- a/infra/keepers-service/secrets.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-locals {
-  env_file_object_key = "keepers-service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket         = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_contact_address        = var.token_contact_address
-    boson_router_contact_address = var.boson_router_contact_address
-    voucher_kernel_address       = var.voucher_kernel_address
-    gcloud_keepers_secret        = var.gcloud_keepers_secret
-    alchemy_url                  = var.alchemy_url
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key     = local.env_file_object_key
-  bucket  = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/keepers-service/service.tf b/infra/keepers-service/service.tf
deleted file mode 100644
index d1d62b2e..00000000
--- a/infra/keepers-service/service.tf
+++ /dev/null
@@ -1,65 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag            = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name        = local.container_name
-    secrets_bucket_name   = var.secrets_bucket_name
-    component             = var.component
-    api_url               = "https://${data.terraform_remote_state.service.outputs.address}"
-    cluster               = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path  = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component             = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name  = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port  = var.container_http_port
-
-  service_desired_count                      = var.service_desired_count
-  service_deployment_maximum_percent         = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id               = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  attach_to_load_balancer = "no"
-}
diff --git a/infra/keepers-service/variables.tf b/infra/keepers-service/variables.tf
deleted file mode 100644
index c7ae4487..00000000
--- a/infra/keepers-service/variables.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-
-variable "token_contact_address" {}
-variable "boson_router_contact_address" {}
-variable "voucher_kernel_address" {}
-variable "alchemy_url" {}
-variable "gcloud_keepers_secret" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}
-
diff --git a/infra/service/certificate.tf b/infra/service/certificate.tf
deleted file mode 100644
index ba85e596..00000000
--- a/infra/service/certificate.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-data "aws_acm_certificate" "wildcard" {
-  domain = "*.${data.terraform_remote_state.domain.outputs.domain_name}"
-  statuses = ["ISSUED"]
-  most_recent = true
-}
diff --git a/infra/service/cluster.tf b/infra/service/cluster.tf
deleted file mode 100644
index 3b04b99c..00000000
--- a/infra/service/cluster.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "cluster" {
-  backend = "s3"
-
-  config = {
-    bucket = var.cluster_state_bucket_name
-    key = var.cluster_state_key
-    region = var.cluster_state_bucket_region
-    encrypt = var.cluster_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/container-definitions/service.json.tpl b/infra/service/container-definitions/service.json.tpl
deleted file mode 100644
index 83dc3bf0..00000000
--- a/infra/service/container-definitions/service.json.tpl
+++ /dev/null
@@ -1,41 +0,0 @@
-[
-  {
-    "name": "${container_name}",
-    "image": "$${image}",
-    "memoryReservation": 256,
-    "essential": true,
-    "command": $${command},
-    "portMappings": [
-      {
-        "containerPort": ${container_http_port},
-        "hostPort": ${host_http_port}
-      }
-    ],
-    "environment": [
-      { "name": "AWS_S3_BUCKET_REGION", "value": "$${region}" },
-      { "name": "AWS_S3_ENV_FILE_OBJECT_PATH", "value": "${env_file_object_path}" },
-      { "name": "DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" },
-      { "name": "SERVICE_NAME", "value": "${container_name}" },
-      { "name": "SERVICE_${host_http_port}_NAME", "value": "${container_name}-http" },
-      { "name": "SERVICE_${host_http_port}_CHECK_HTTP", "value": "/health" },
-      { "name": "SERVICE_${host_http_port}_CHECK_INTERVAL", "value": "30s" },
-      { "name": "SERVICE_${host_http_port}_CHECK_TIMEOUT", "value": "2s" },
-      { "name": "SERVICE_TAGS", "value": "${component},${deployment_identifier},${cluster}" },
-      { "name": "SERVICE_COMPONENT", "value": "${component}" },
-      { "name": "SERVICE_CLUSTER", "value": "${cluster}" },
-      { "name": "SERVICE_DEPLOYMENT_IDENTIFIER", "value": "${deployment_identifier}" }
-    ],
-    "dockerLabels": {
-      "containerName": "${container_name}",
-      "containerService": "${container_name}",
-      "containerGroup": "services"
-    },
-    "logConfiguration": {
-      "logDriver": "awslogs",
-      "options": {
-        "awslogs-group": "$${log_group}",
-        "awslogs-region": "$${region}"
-      }
-    }
-  }
-]
diff --git a/infra/service/database.tf b/infra/service/database.tf
deleted file mode 100644
index 3f29539a..00000000
--- a/infra/service/database.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "database" {
-  backend = "s3"
-
-  config = {
-    bucket = var.database_state_bucket_name
-    key = var.database_state_key
-    region = var.database_state_bucket_region
-    encrypt = var.database_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/domain.tf b/infra/service/domain.tf
deleted file mode 100644
index cf9f2536..00000000
--- a/infra/service/domain.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "domain" {
-  backend = "s3"
-
-  config = {
-    bucket = var.domain_state_bucket_name
-    key = var.domain_state_key
-    region = var.domain_state_bucket_region
-    encrypt = var.domain_state_bucket_is_encrypted
-  }
-}
\ No newline at end of file
diff --git a/infra/service/envfiles/service.env.tpl b/infra/service/envfiles/service.env.tpl
deleted file mode 100644
index f34d7e32..00000000
--- a/infra/service/envfiles/service.env.tpl
+++ /dev/null
@@ -1,13 +0,0 @@
-DB_CONNECTION_STRING="${database_connection_string}"
-DB_NAME="${database_name}"
-DB_USERNAME="${database_username}"
-DB_PASSWORD="${database_password}"
-
-TOKEN_SECRET="${token_secret}"
-GCLOUD_SECRET="${gcloud_secret}"
-
-SUPERADMIN_USERNAME="${superadmin_username}"
-SUPERADMIN_PASSWORD="${superadmin_password}"
-
-IMAGE_UPLOAD_STORAGE_ENGINE="${image_upload_storage_engine}"
-IMAGE_UPLOAD_STORAGE_BUCKET_NAME="${image_upload_storage_bucket_name}"
diff --git a/infra/service/image_repository.tf b/infra/service/image_repository.tf
deleted file mode 100644
index 39767a45..00000000
--- a/infra/service/image_repository.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-data "terraform_remote_state" "image_repository" {
-  backend = "s3"
-
-  config = {
-    bucket = var.image_repository_state_bucket_name
-    key = var.image_repository_state_key
-    region = var.image_repository_state_bucket_region
-    encrypt = var.image_repository_state_bucket_is_encrypted
-  }
-}
diff --git a/infra/service/load_balancer.tf b/infra/service/load_balancer.tf
deleted file mode 100644
index 577bde0a..00000000
--- a/infra/service/load_balancer.tf
+++ /dev/null
@@ -1,71 +0,0 @@
-module "load_balancer" {
-  source = "infrablocks/application-load-balancer/aws"
-  version = "3.0.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.public_subnet_ids
-
-  expose_to_public_internet = "yes"
-
-  security_groups = {
-    default = {
-      associate = "yes"
-      ingress_rule = {
-        include = "yes"
-        cidrs = ["0.0.0.0/0"]
-      },
-      egress_rule = {
-        include = "yes"
-        from_port = 0
-        to_port = 65535
-        cidrs = [data.aws_vpc.vpc.cidr_block]
-      }
-    }
-  }
-
-  dns = {
-    domain_name = data.terraform_remote_state.domain.outputs.domain_name
-    records = [
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.public_zone_id
-      },
-      {
-        zone_id = data.terraform_remote_state.domain.outputs.private_zone_id
-      }
-    ]
-  }
-
-  target_groups = [
-    {
-      key = "default"
-      port = var.host_http_port
-      protocol = "HTTP"
-      target_type = "instance"
-      health_check = {
-        path = "/health"
-        port = "traffic-port"
-        protocol = "HTTP"
-        interval = 30
-        healthy_threshold = 3
-        unhealthy_threshold = 3
-      }
-    }
-  ]
-
-  listeners = [
-    {
-      key = "default"
-      port = "443"
-      protocol = "HTTPS"
-      certificate_arn = data.aws_acm_certificate.wildcard.arn,
-      default_action = {
-        type = "forward"
-        target_group_key = "default"
-      }
-    }
-  ]
-}
diff --git a/infra/service/network.tf b/infra/service/network.tf
deleted file mode 100644
index 35857c06..00000000
--- a/infra/service/network.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-data "terraform_remote_state" "network" {
-  backend = "s3"
-
-  config = {
-    bucket = var.network_state_bucket_name
-    key = var.network_state_key
-    region = var.network_state_bucket_region
-    encrypt = var.network_state_bucket_is_encrypted
-  }
-}
-
-data "aws_vpc" "vpc" {
-  id = data.terraform_remote_state.network.outputs.vpc_id
-}
diff --git a/infra/service/outputs.tf b/infra/service/outputs.tf
deleted file mode 100644
index 8ee465d6..00000000
--- a/infra/service/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "address" {
-  value = module.load_balancer.address
-}
diff --git a/infra/service/provider.tf b/infra/service/provider.tf
deleted file mode 100644
index dc58d9a2..00000000
--- a/infra/service/provider.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-provider "aws" {
-  region = var.region
-}
diff --git a/infra/service/roles.tf b/infra/service/roles.tf
deleted file mode 100644
index 28b48ffc..00000000
--- a/infra/service/roles.tf
+++ /dev/null
@@ -1,49 +0,0 @@
-data "aws_iam_policy_document" "service_assume_role_policy_content" {
-  statement {
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      identifiers = ["ecs-tasks.amazonaws.com"]
-      type = "Service"
-    }
-
-    effect = "Allow"
-  }
-}
-
-data "aws_iam_policy_document" "service_role_policy_content" {
-  statement {
-    actions = [
-      "s3:GetObject",
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.secrets_bucket_name}/*",
-    ]
-  }
-
-  statement {
-    actions = [
-      "s3:DeleteObject",
-      "s3:GetObject",
-      "s3:GetObjectAcl",
-      "s3:PutObject",
-      "s3:PutObjectAcl"
-    ]
-
-    resources = [
-      "arn:aws:s3:::${var.image_upload_storage_bucket_name}/*",
-    ]
-  }
-}
-
-resource "aws_iam_role" "service_role" {
-  name = "service-role-${var.component}-${var.deployment_identifier}"
-
-  assume_role_policy = data.aws_iam_policy_document.service_assume_role_policy_content.json
-}
-
-resource "aws_iam_role_policy" "service_role_policy" {
-  role = aws_iam_role.service_role.id
-  policy = data.aws_iam_policy_document.service_role_policy_content.json
-}
diff --git a/infra/service/secrets.tf b/infra/service/secrets.tf
deleted file mode 100644
index 8cd3da12..00000000
--- a/infra/service/secrets.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-locals {
-  env_file_object_key = "service/environments/default.env"
-}
-
-data "template_file" "env_file_object_path" {
-  template = "s3://$${secrets_bucket}/$${environment_object_key}"
-
-  vars = {
-    secrets_bucket = var.secrets_bucket_name
-    environment_object_key = local.env_file_object_key
-  }
-}
-
-data "template_file" "env_file" {
-  template = file("${path.root}/envfiles/service.env.tpl")
-
-  vars = {
-    token_secret = var.token_secret
-    gcloud_secret = var.gcloud_secret
-
-    image_upload_storage_engine = var.image_upload_storage_engine
-    image_upload_storage_bucket_name = var.image_upload_storage_bucket_name
-
-    superadmin_username = var.superadmin_username
-    superadmin_password = var.superadmin_password
-
-    database_connection_string = data.terraform_remote_state.database.outputs.connection_string
-    database_username = var.database_username
-    database_password = var.database_password
-    database_name = var.database_name
-  }
-}
-
-resource "aws_s3_bucket_object" "env_file" {
-  key = local.env_file_object_key
-  bucket = var.secrets_bucket_name
-  content = data.template_file.env_file.rendered
-
-  server_side_encryption = "AES256"
-}
diff --git a/infra/service/service.tf b/infra/service/service.tf
deleted file mode 100644
index c0717015..00000000
--- a/infra/service/service.tf
+++ /dev/null
@@ -1,59 +0,0 @@
-locals {
-  container_name = "${var.service_name}-${var.deployment_identifier}"
-}
-
-data "template_file" "image" {
-  template = "$${repository_url}:$${tag}"
-
-  vars = {
-    repository_url = data.terraform_remote_state.image_repository.outputs.repository_url
-    tag = var.version_number
-  }
-}
-
-data "template_file" "task_container_definitions" {
-  template = file("${path.root}/container-definitions/service.json.tpl")
-
-  vars = {
-    container_name = local.container_name
-    container_http_port = var.container_http_port
-    host_http_port = var.host_http_port
-    secrets_bucket_name = var.secrets_bucket_name
-    component = var.component
-    cluster = data.terraform_remote_state.cluster.outputs.name
-    deployment_identifier = var.deployment_identifier
-    env_file_object_path = data.template_file.env_file_object_path.rendered
-  }
-}
-
-module "service" {
-  source  = "infrablocks/ecs-service/aws"
-  version = "4.1.0"
-
-  component = var.component
-  deployment_identifier = var.deployment_identifier
-
-  region = var.region
-  vpc_id = data.aws_vpc.vpc.id
-
-  service_task_container_definitions = data.template_file.task_container_definitions.rendered
-
-  service_role = aws_iam_role.service_role.arn
-
-  service_name = "${var.service_name}-${var.deployment_identifier}"
-  service_image = data.template_file.image.rendered
-  service_port = var.container_http_port
-
-  service_desired_count = var.service_desired_count
-  service_deployment_maximum_percent = 200
-  service_deployment_minimum_healthy_percent = 50
-
-  ecs_cluster_id = data.terraform_remote_state.cluster.outputs.ecs_cluster_id
-  ecs_cluster_service_role_arn = data.terraform_remote_state.cluster.outputs.ecs_service_role_arn
-
-  target_group_arn = module.load_balancer.target_groups["default"].arn
-
-  depends_on = [
-    module.load_balancer
-  ]
-}
diff --git a/infra/service/terraform.tf b/infra/service/terraform.tf
deleted file mode 100644
index 5947770a..00000000
--- a/infra/service/terraform.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_version = ">= 0.14"
-
-  required_providers {
-    aws      = {
-      source  = "hashicorp/aws"
-      version = "~> 3.16"
-    }
-    template = {
-      source = "hashicorp/template"
-      version = "2.2.0"
-    }
-  }
-
-  backend "s3" {}
-}
diff --git a/infra/service/variables.tf b/infra/service/variables.tf
deleted file mode 100644
index 5557c8b6..00000000
--- a/infra/service/variables.tf
+++ /dev/null
@@ -1,52 +0,0 @@
-variable "region" {}
-variable "component" {}
-variable "deployment_identifier" {}
-
-variable "service_desired_count" {}
-
-variable "secrets_bucket_name" {}
-
-variable "version_number" {}
-
-variable "service_name" {}
-variable "container_http_port" {}
-variable "host_http_port" {}
-
-variable "token_secret" {}
-variable "gcloud_secret" {}
-
-variable "image_upload_storage_engine" {}
-variable "image_upload_storage_bucket_name" {}
-
-variable "superadmin_username" {}
-variable "superadmin_password" {}
-
-variable "database_username" {}
-variable "database_password" {}
-variable "database_name" {}
-
-variable "domain_state_bucket_name" {}
-variable "domain_state_key" {}
-variable "domain_state_bucket_region" {}
-variable "domain_state_bucket_is_encrypted" {}
-
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
-
-variable "cluster_state_bucket_name" {}
-variable "cluster_state_key" {}
-variable "cluster_state_bucket_region" {}
-variable "cluster_state_bucket_is_encrypted" {}
-
-variable "database_state_bucket_name" {}
-variable "database_state_key" {}
-variable "database_state_bucket_region" {}
-variable "database_state_bucket_is_encrypted" {}
-
-variable "image_repository_state_bucket_name" {}
-variable "image_repository_state_key" {}
-variable "image_repository_state_bucket_region" {}
-variable "image_repository_state_bucket_is_encrypted" {}
-
diff --git a/pipelines/builder/handle-pr-event/task.sh b/pipelines/builder/handle-pr-event/task.sh
deleted file mode 100755
index 6e561a3f..00000000
--- a/pipelines/builder/handle-pr-event/task.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-./go "ci:pipeline:pr:handle[${CI_DEPLOYMENT_TYPE},${CI_DEPLOYMENT_LABEL}]"
diff --git a/pipelines/builder/handle-pr-event/task.yaml b/pipelines/builder/handle-pr-event/task.yaml
deleted file mode 100644
index 405879ee..00000000
--- a/pipelines/builder/handle-pr-event/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/builder/handle-pr-event/task.sh
diff --git a/pipelines/builder/pipeline.yaml b/pipelines/builder/pipeline.yaml
deleted file mode 100644
index 99fca14a..00000000
--- a/pipelines/builder/pipeline.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-resource_types:
-  - name: pull-request
-    type: docker-image
-    source:
-      repository: teliaoss/github-pr-resource
-
-resources:
-  - name: source
-    type: pull-request
-    check_every: 1h
-    webhook_token: ((webhook_token))
-    source:
-      repository: ((source_repository_name))
-      access_token: ((github_access_token))
-      states:
-        - OPEN
-        - MERGED
-        - CLOSED
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-jobs:
-  - name: handle-pr-event
-    plan:
-      - in_parallel:
-        - get: source
-          trigger: true
-          version: every
-        - get: node-builder-image
-      - task: handle-pr-event
-        image: node-builder-image
-        file: source/pipelines/builder/handle-pr-event/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          CI_DEPLOYMENT_TYPE: ((ci_deployment_type))
-          CI_DEPLOYMENT_LABEL: ((ci_deployment_label))
diff --git a/pipelines/demo/pipeline.yaml b/pipelines/demo/pipeline.yaml
deleted file mode 100644
index 8ba5d945..00000000
--- a/pipelines/demo/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: demo
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/demo/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: demo-mendelevium
-    jobs:
-      - provision-demo-mendelevium-database
-      - provision-demo-mendelevium-image-storage-bucket
-      - provision-demo-mendelevium-service
-      - provision-demo-mendelevium-keepers-service
-      - provision-demo-mendelevium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/demo/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/demo/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/demo/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/demo/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-demo-mendelevium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-demo-mendelevium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/demo/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((demo_mendelevium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((demo_mendelevium_deployment_type))
-          DEPLOYMENT_LABEL: ((demo_mendelevium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/demo/provision-database/task.sh b/pipelines/demo/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/demo/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-database/task.yaml b/pipelines/demo/provision-database/task.yaml
deleted file mode 100644
index a78e5f14..00000000
--- a/pipelines/demo/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-database/task.sh
diff --git a/pipelines/demo/provision-functions/task.sh b/pipelines/demo/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/demo/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-functions/task.yaml b/pipelines/demo/provision-functions/task.yaml
deleted file mode 100644
index 20dbe129..00000000
--- a/pipelines/demo/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-functions/task.sh
diff --git a/pipelines/demo/provision-image-repository/task.sh b/pipelines/demo/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/demo/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-repository/task.yaml b/pipelines/demo/provision-image-repository/task.yaml
deleted file mode 100644
index 5988fa7c..00000000
--- a/pipelines/demo/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-repository/task.sh
diff --git a/pipelines/demo/provision-image-storage-bucket/task.sh b/pipelines/demo/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-image-storage-bucket/task.yaml b/pipelines/demo/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 94702c62..00000000
--- a/pipelines/demo/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-image-storage-bucket/task.sh
diff --git a/pipelines/demo/provision-keepers-image-repository/task.sh b/pipelines/demo/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-image-repository/task.yaml b/pipelines/demo/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7a04596f..00000000
--- a/pipelines/demo/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-image-repository/task.sh
diff --git a/pipelines/demo/provision-keepers-service/task.sh b/pipelines/demo/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/demo/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-keepers-service/task.yaml b/pipelines/demo/provision-keepers-service/task.yaml
deleted file mode 100644
index 218c18e0..00000000
--- a/pipelines/demo/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-keepers-service/task.sh
diff --git a/pipelines/demo/provision-service/task.sh b/pipelines/demo/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/demo/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/demo/provision-service/task.yaml b/pipelines/demo/provision-service/task.yaml
deleted file mode 100644
index a75db42d..00000000
--- a/pipelines/demo/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/demo/provision-service/task.sh
diff --git a/pipelines/demo/publish-image-keepers/task.sh b/pipelines/demo/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/demo/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image-keepers/task.yaml b/pipelines/demo/publish-image-keepers/task.yaml
deleted file mode 100644
index 6230325e..00000000
--- a/pipelines/demo/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image-keepers/task.sh
diff --git a/pipelines/demo/publish-image/task.sh b/pipelines/demo/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/demo/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/demo/publish-image/task.yaml b/pipelines/demo/publish-image/task.yaml
deleted file mode 100644
index 7eb822cc..00000000
--- a/pipelines/demo/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/demo/publish-image/task.sh
diff --git a/pipelines/develop/pipeline.yaml b/pipelines/develop/pipeline.yaml
deleted file mode 100644
index be17bdf6..00000000
--- a/pipelines/develop/pipeline.yaml
+++ /dev/null
@@ -1,372 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: updated-source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/develop/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: development-plutonium
-    jobs:
-      - provision-development-plutonium-database
-      - provision-development-plutonium-image-storage-bucket
-      - provision-development-plutonium-service
-      - provision-development-plutonium-keepers-service
-      - provision-development-plutonium-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: updated-source
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: updated-source
-        params:
-          repository: source
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/develop/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/develop/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/develop/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/develop/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-development-plutonium-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-development-plutonium-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/develop/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((development_plutonium_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((development_plutonium_deployment_type))
-          DEPLOYMENT_LABEL: ((development_plutonium_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/develop/provision-database/task.sh b/pipelines/develop/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/develop/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-database/task.yaml b/pipelines/develop/provision-database/task.yaml
deleted file mode 100644
index f814aa1c..00000000
--- a/pipelines/develop/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-database/task.sh
diff --git a/pipelines/develop/provision-functions/task.sh b/pipelines/develop/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/develop/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-functions/task.yaml b/pipelines/develop/provision-functions/task.yaml
deleted file mode 100644
index ee2f7fbe..00000000
--- a/pipelines/develop/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-functions/task.sh
diff --git a/pipelines/develop/provision-image-repository/task.sh b/pipelines/develop/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/develop/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-repository/task.yaml b/pipelines/develop/provision-image-repository/task.yaml
deleted file mode 100644
index c372b33b..00000000
--- a/pipelines/develop/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-repository/task.sh
diff --git a/pipelines/develop/provision-image-storage-bucket/task.sh b/pipelines/develop/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-image-storage-bucket/task.yaml b/pipelines/develop/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 57a7feea..00000000
--- a/pipelines/develop/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-image-storage-bucket/task.sh
diff --git a/pipelines/develop/provision-keepers-image-repository/task.sh b/pipelines/develop/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-image-repository/task.yaml b/pipelines/develop/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 7f9321c3..00000000
--- a/pipelines/develop/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-image-repository/task.sh
diff --git a/pipelines/develop/provision-keepers-service/task.sh b/pipelines/develop/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/develop/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-keepers-service/task.yaml b/pipelines/develop/provision-keepers-service/task.yaml
deleted file mode 100644
index aabda087..00000000
--- a/pipelines/develop/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-keepers-service/task.sh
diff --git a/pipelines/develop/provision-service/task.sh b/pipelines/develop/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/develop/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/develop/provision-service/task.yaml b/pipelines/develop/provision-service/task.yaml
deleted file mode 100644
index b7524e43..00000000
--- a/pipelines/develop/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/develop/provision-service/task.sh
diff --git a/pipelines/develop/publish-image-keepers/task.sh b/pipelines/develop/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/develop/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image-keepers/task.yaml b/pipelines/develop/publish-image-keepers/task.yaml
deleted file mode 100644
index 10737029..00000000
--- a/pipelines/develop/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image-keepers/task.sh
diff --git a/pipelines/develop/publish-image/task.sh b/pipelines/develop/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/develop/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/develop/publish-image/task.yaml b/pipelines/develop/publish-image/task.yaml
deleted file mode 100644
index 4b7d876d..00000000
--- a/pipelines/develop/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/develop/publish-image/task.sh
diff --git a/pipelines/pr/pipeline.yaml b/pipelines/pr/pipeline.yaml
deleted file mode 100644
index e8ebe46f..00000000
--- a/pipelines/pr/pipeline.yaml
+++ /dev/null
@@ -1,172 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: github-status
-    type: docker-image
-    source:
-      repository: resource/github-status
-
-resources:
-  - name: source
-    type: git
-    source:
-      uri: ((source_repository_url))
-      branch: ((source_repository_branch))
-      private_key: ((git_ssh_key))
-
-  - name: status
-    type: github-status
-    source:
-      repo: ((source_repository_name))
-      access_token: ((github_access_token))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - put: status
-        params:
-          path: source
-          state: pending
-          context: "CI Pipeline"
-          description: "Running build..."
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success:
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Build aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/test/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success:
-      do:
-        - put: status
-          params:
-            path: source
-            state: success
-            context: "CI Pipeline"
-            description: "Pipeline succeeded."
-        - put: notify-success
-          params:
-            text: ((slack_success_message))
-            channel: ((slack_success_channel))
-
-    on_failure:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test failed."
-        - put: notify-failure
-          params:
-            text: ((slack_failure_message))
-            channel: ((slack_failure_channel))
-
-    on_error:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test errored."
-        - put: notify-failure
-          params:
-            text: ((slack_error_message))
-            channel: ((slack_error_channel))
-
-    on_abort:
-      do:
-        - put: status
-          params:
-            path: source
-            state: failure
-            context: "CI Pipeline"
-            description: "Test aborted."
-        - put: notify-failure
-          params:
-            text: ((slack_abort_message))
-            channel: ((slack_abort_channel))
diff --git a/pipelines/shared/build/task.sh b/pipelines/shared/build/task.sh
deleted file mode 100755
index 31589dde..00000000
--- a/pipelines/shared/build/task.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-./go build
diff --git a/pipelines/shared/build/task.yaml b/pipelines/shared/build/task.yaml
deleted file mode 100644
index fc3f0096..00000000
--- a/pipelines/shared/build/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/build/task.sh
diff --git a/pipelines/shared/coverage/task.sh b/pipelines/shared/coverage/task.sh
deleted file mode 100755
index 530bfde6..00000000
--- a/pipelines/shared/coverage/task.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export INCLUDE_COVERAGE="true"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
-./go "tests:app:coverage:badge"
-
-git config --global user.email "ci@redeemeum.com"
-git config --global user.name "Redeemeum CI"
-git add .
-git diff --staged --quiet || git commit -m "Update coverage badge [ci skip]"
diff --git a/pipelines/shared/coverage/task.yaml b/pipelines/shared/coverage/task.yaml
deleted file mode 100644
index 984bfab8..00000000
--- a/pipelines/shared/coverage/task.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-outputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/coverage/task.sh
diff --git a/pipelines/shared/test/task.sh b/pipelines/shared/test/task.sh
deleted file mode 100755
index 730af29f..00000000
--- a/pipelines/shared/test/task.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "${PROVISIONING_ROLE_ARN}" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-./go "test[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]"
diff --git a/pipelines/shared/test/task.yaml b/pipelines/shared/test/task.yaml
deleted file mode 100644
index 10068508..00000000
--- a/pipelines/shared/test/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-
-run:
-  dir: /source
-  path: ./pipelines/shared/test/task.sh
diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml
deleted file mode 100644
index abd31d0c..00000000
--- a/pipelines/tag/pipeline.yaml
+++ /dev/null
@@ -1,366 +0,0 @@
-resource_types:
-  - name: slack-notification
-    type: docker-image
-    source:
-      repository: cfcommunity/slack-notification-resource
-      tag: latest
-
-  - name: git-tag
-    type: docker-image
-    source:
-      repository: sarquella/concourse-git-tag-resource
-
-resources:
-  - name: source
-    type: git-tag
-    source:
-      uri: ((source_repository_url))
-      tag_filter: v*
-      private_key: ((git_ssh_key))
-
-  - name: app-image
-    type: docker-image
-    source:
-      repository: ((app_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: keepers-image
-    type: docker-image
-    source:
-      repository: ((keepers_image_repository_url))
-      aws_access_key_id: ((aws_access_key_id))
-      aws_secret_access_key: ((aws_secret_access_key))
-
-  - name: node-builder-image
-    type: docker-image
-    source:
-      repository: ((node_builder_image_repository_url))
-
-  - name: version
-    type: semver
-    source:
-      driver: s3
-      initial_version: 0.1.0
-      bucket: ((storage_bucket_name))
-      key: reference-backend/metadata/tag/version
-      region_name: ((storage_bucket_region))
-      server_side_encryption: ((storage_bucket_encryption))
-      access_key_id: ((aws_access_key_id))
-      secret_access_key: ((aws_secret_access_key))
-
-  - name: notify-success
-    type: slack-notification
-    source:
-      url: ((slack_builds_webhook_url))
-
-  - name: notify-failure
-    type: slack-notification
-    source:
-      url: ((slack_engineering_webhook_url))
-
-groups:
-  - name: ci
-    jobs:
-      - build
-      - test
-      - provision-keepers-image-repository
-      - provision-image-repository
-      - publish-image
-      - publish-image-keepers
-  - name: production-oganesson
-    jobs:
-      - provision-production-oganesson-database
-      - provision-production-oganesson-image-storage-bucket
-      - provision-production-oganesson-service
-      - provision-production-oganesson-keepers-service
-      - provision-production-oganesson-functions
-
-jobs:
-  - name: build
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-          - get: node-builder-image
-      - task: build
-        image: node-builder-image
-        file: source/pipelines/shared/build/task.yaml
-
-    on_success: &on_success
-      put: notify-success
-      params:
-        text: ((slack_success_message))
-        channel: ((slack_success_channel))
-
-    on_failure: &on_failure
-      put: notify-failure
-      params:
-        text: ((slack_failure_message))
-        channel: ((slack_failure_channel))
-
-    on_error: &on_error
-      put: notify-failure
-      params:
-        text: ((slack_error_message))
-        channel: ((slack_error_channel))
-
-    on_abort: &on_abort
-      put: notify-failure
-      params:
-        text: ((slack_abort_message))
-        channel: ((slack_abort_channel))
-
-  - name: test
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - build
-          - get: node-builder-image
-      - task: test
-        image: node-builder-image
-        file: source/pipelines/shared/coverage/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-keepers-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-keepers-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-image-repository
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - test
-          - get: node-builder-image
-      - task: provision-image-repository
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-repository/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-          - put: version
-            params:
-              pre: rc
-          - get: node-builder-image
-      - task: publish-image
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: app-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: publish-image-keepers
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-keepers-image-repository
-              - provision-image-repository
-              - publish-image
-          - get: version
-          - get: node-builder-image
-      - task: publish-image-keepers
-        image: node-builder-image
-        file: source/pipelines/tag/publish-image-keepers/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((ci_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((ci_deployment_type))
-          DEPLOYMENT_LABEL: ((ci_deployment_label))
-      - put: keepers-image
-        params:
-          build: image-build-directory
-          cache: true
-          cache_tag: latest
-          tag: image-build-directory/TAG
-          tag_as_latest: true
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-database
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - publish-image
-              - publish-image-keepers
-          - get: node-builder-image
-      - task: provision-database
-        image: node-builder-image
-        file: source/pipelines/tag/provision-database/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-image-storage-bucket
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-database
-          - get: version
-          - get: node-builder-image
-      - task: provision-image-storage-bucket
-        image: node-builder-image
-        file: source/pipelines/tag/provision-image-storage-bucket/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-image-storage-bucket
-          - get: version
-          - get: node-builder-image
-      - task: provision-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-keepers-service
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-keepers-service
-        image: node-builder-image
-        file: source/pipelines/tag/provision-keepers-service/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
-
-  - name: provision-production-oganesson-functions
-    serial: true
-    plan:
-      - in_parallel:
-          - get: source
-            trigger: true
-            passed:
-              - provision-production-oganesson-keepers-service
-          - get: version
-          - get: node-builder-image
-      - task: provision-functions
-        image: node-builder-image
-        file: source/pipelines/tag/provision-functions/task.yaml
-        params:
-          GPG_KEY: ((gpg_key))
-          PROVISIONING_ROLE_ARN: ((production_oganesson_provisioning_role_arn))
-          DEPLOYMENT_TYPE: ((production_oganesson_deployment_type))
-          DEPLOYMENT_LABEL: ((production_oganesson_deployment_label))
-
-    on_success: *on_success
-    on_failure: *on_failure
-    on_error: *on_error
-    on_abort: *on_abort
diff --git a/pipelines/tag/provision-database/task.sh b/pipelines/tag/provision-database/task.sh
deleted file mode 100755
index a50db957..00000000
--- a/pipelines/tag/provision-database/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "database:environment:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-database/task.yaml b/pipelines/tag/provision-database/task.yaml
deleted file mode 100644
index df7970a2..00000000
--- a/pipelines/tag/provision-database/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-database/task.sh
diff --git a/pipelines/tag/provision-functions/task.sh b/pipelines/tag/provision-functions/task.sh
deleted file mode 100755
index 5c5b1e55..00000000
--- a/pipelines/tag/provision-functions/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "lambda:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-functions/task.yaml b/pipelines/tag/provision-functions/task.yaml
deleted file mode 100644
index c270a36e..00000000
--- a/pipelines/tag/provision-functions/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-functions/task.sh
diff --git a/pipelines/tag/provision-image-repository/task.sh b/pipelines/tag/provision-image-repository/task.sh
deleted file mode 100755
index b1be7856..00000000
--- a/pipelines/tag/provision-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-repository/task.yaml b/pipelines/tag/provision-image-repository/task.yaml
deleted file mode 100644
index a17a4f2d..00000000
--- a/pipelines/tag/provision-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-repository/task.sh
diff --git a/pipelines/tag/provision-image-storage-bucket/task.sh b/pipelines/tag/provision-image-storage-bucket/task.sh
deleted file mode 100755
index 7efb2732..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "image_storage_bucket:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-image-storage-bucket/task.yaml b/pipelines/tag/provision-image-storage-bucket/task.yaml
deleted file mode 100644
index 479a1c64..00000000
--- a/pipelines/tag/provision-image-storage-bucket/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-image-storage-bucket/task.sh
diff --git a/pipelines/tag/provision-keepers-image-repository/task.sh b/pipelines/tag/provision-keepers-image-repository/task.sh
deleted file mode 100755
index 7062624b..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-./go "keepers_image_repository:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-image-repository/task.yaml b/pipelines/tag/provision-keepers-image-repository/task.yaml
deleted file mode 100644
index 24720810..00000000
--- a/pipelines/tag/provision-keepers-image-repository/task.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-image-repository/task.sh
diff --git a/pipelines/tag/provision-keepers-service/task.sh b/pipelines/tag/provision-keepers-service/task.sh
deleted file mode 100755
index 275312a8..00000000
--- a/pipelines/tag/provision-keepers-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service_keepers:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-keepers-service/task.yaml b/pipelines/tag/provision-keepers-service/task.yaml
deleted file mode 100644
index 9778ebe9..00000000
--- a/pipelines/tag/provision-keepers-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-keepers-service/task.sh
diff --git a/pipelines/tag/provision-service/task.sh b/pipelines/tag/provision-service/task.sh
deleted file mode 100755
index c28428c4..00000000
--- a/pipelines/tag/provision-service/task.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-mkdir -p "$PROJECT_DIR/build"
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "service:provision[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
diff --git a/pipelines/tag/provision-service/task.yaml b/pipelines/tag/provision-service/task.yaml
deleted file mode 100644
index e3af9674..00000000
--- a/pipelines/tag/provision-service/task.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-run:
-  dir: /source
-  path: ./pipelines/tag/provision-service/task.sh
diff --git a/pipelines/tag/publish-image-keepers/task.sh b/pipelines/tag/publish-image-keepers/task.sh
deleted file mode 100755
index d0ec6c8d..00000000
--- a/pipelines/tag/publish-image-keepers/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image_keepers:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/keepers"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image-keepers/task.yaml b/pipelines/tag/publish-image-keepers/task.yaml
deleted file mode 100644
index 59ed9854..00000000
--- a/pipelines/tag/publish-image-keepers/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image-keepers/task.sh
diff --git a/pipelines/tag/publish-image/task.sh b/pipelines/tag/publish-image/task.sh
deleted file mode 100755
index d4b246d7..00000000
--- a/pipelines/tag/publish-image/task.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/usr/bin/env bash
-
-[ -n "$TRACE" ] && set -x
-set -e
-set -o pipefail
-
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )"
-ROOT_DIR="$( cd "$PROJECT_DIR/.." && pwd )"
-
-cd "$PROJECT_DIR"
-
-echo "$GPG_KEY" | gpg --import -
-git crypt unlock
-
-mkdir build
-aws sts assume-role \
-    --role-arn "$PROVISIONING_ROLE_ARN" \
-    --role-session-name CI \
-    > build/session
-
-AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)"
-AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)"
-AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)"
-
-export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
-
-export GIT_SHA="$(git rev-parse --short HEAD)"
-
-cp "$ROOT_DIR/version/version" "$PROJECT_DIR/build/version"
-
-./go "image:prepare[$DEPLOYMENT_TYPE,$DEPLOYMENT_LABEL]"
-
-cp -R "build/images/reference-backend"/* "$ROOT_DIR/image-build-directory/"
diff --git a/pipelines/tag/publish-image/task.yaml b/pipelines/tag/publish-image/task.yaml
deleted file mode 100644
index b94cc567..00000000
--- a/pipelines/tag/publish-image/task.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-platform: linux
-
-inputs:
-  - name: source
-  - name: version
-outputs:
-  - name: image-build-directory
-run:
-  dir: /source
-  path: ./pipelines/tag/publish-image/task.sh
diff --git a/state/bootstrap/bsn-demo-mendelevium.tfstate b/state/bootstrap/bsn-demo-mendelevium.tfstate
deleted file mode 100644
index c7b9b374..00000000
--- a/state/bootstrap/bsn-demo-mendelevium.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 3,
-  "lineage": "71d2f718-2aae-99a5-8641-9eff0d019205",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-demo-mendelevium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1623963485930141000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1623963485930141000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "589805729",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "325e4d711bf55ce8ba435ac8b7c4502bad8c1f3d7d4d4b88da1138e9fc9912f6",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b5645c4979a618ef68cf22030eafa93bd5469eea88c590f0232c68f348530d1d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "697d2a6ce17cbfb9c24186cebf53e57ec62026cf317cdeda47a76f410d53d1cf",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-demo-mendelevium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-demo-mendelevium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-demo-mendelevium",
-              "DeploymentLabel": "mendelevium",
-              "DeploymentType": "bsn-demo",
-              "Name": "bsn-reference-backend-bsn-demo-mendelevium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-demo-mendelevium",
-            "id": "bsn-reference-backend-bsn-demo-mendelevium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-demo-mendelevium/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"384010198059\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-development-plutonium.tfstate b/state/bootstrap/bsn-development-plutonium.tfstate
deleted file mode 100644
index 3bdc7207..00000000
--- a/state/bootstrap/bsn-development-plutonium.tfstate
+++ /dev/null
@@ -1,201 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.11",
-  "serial": 3,
-  "lineage": "3249ecf7-dd9f-920f-3dad-76cf395aff6b",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-development-plutonium",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "384010198059",
-            "arn": "arn:aws:sts::384010198059:assumed-role/cross-account-admin-role/1620303543574032000",
-            "id": "384010198059",
-            "user_id": "AROAVS2GKTQV324VKJXHT:1620303543574032000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "108b0de813847ff9ece227a115c380b8bc04f68c90cc1ca9a313eea04fe51647",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"384010198059\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8cb9e9fa0d3584552ab1b25b8ef81ee01f0a665f8321c1a92757a54f5500a80d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "c7b2f9fc56462a4778d0391e67bbeed96326f542bc78c08defd206a69591cc4c",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "524d2f95c4af6949803de8b52ad6bdc18ad07ecc0d96f3807feb3cc0805aa94a",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-development-plutonium",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium",
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "bucket_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-development-plutonium.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-development-plutonium",
-              "DeploymentLabel": "plutonium",
-              "DeploymentType": "bsn-development",
-              "Name": "bsn-reference-backend-bsn-development-plutonium"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-development-plutonium",
-            "id": "bsn-reference-backend-bsn-development-plutonium",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"384010198059\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-development-plutonium/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/bsn-production-oganesson.tfstate b/state/bootstrap/bsn-production-oganesson.tfstate
deleted file mode 100644
index 88f23da2..00000000
--- a/state/bootstrap/bsn-production-oganesson.tfstate
+++ /dev/null
@@ -1,225 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.15.4",
-  "serial": 20,
-  "lineage": "39ebb09a-624a-613f-e210-afa6a2d7b055",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-bsn-production-oganesson",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "371854298993",
-            "arn": "arn:aws:sts::371854298993:assumed-role/cross-account-admin-role/1626182315391485000",
-            "id": "371854298993",
-            "user_id": "AROAVNFB6J5YYTJHEDVMW:1626182315391485000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8dbf8c224a07e1e86314a9d4ff9da447c0475cbb5d4541c5da5da854d13fcc90",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "aws_iam_policy_document",
-      "name": "encrypted_bucket_policy_document",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "id": "660376941",
-            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}",
-            "override_json": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "override_policy_documents": null,
-            "policy_id": null,
-            "source_json": null,
-            "source_policy_documents": null,
-            "statement": null,
-            "version": "2012-10-17"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "d54313351417b65af622cd30548bcf485c6c998dbcc7a4e27cb38eda722d0b99",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "64b5682ec316d73f6bb9101337ea88e510bf74a9683abfa0d3f5fefa1280957f",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "30977d174b013d8ca1f155126b4bae742b0e29a0290da7846517759f2bb8a38c",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-bsn-production-oganesson",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson",
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "bucket_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "tags_all": {
-              "DeploymentIdentifier": "bsn-production-oganesson",
-              "DeploymentLabel": "oganesson",
-              "DeploymentType": "bsn-production",
-              "Name": "bsn-reference-backend-bsn-production-oganesson"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-bsn-production-oganesson",
-            "id": "bsn-reference-backend-bsn-production-oganesson",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"DenyUnEncryptedObjectUploads\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:PutObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"StringNotEquals\": {\n          \"s3:x-amz-server-side-encryption\": [\n            \"AES256\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"DenyUnEncryptedInflightOperations\",\n      \"Effect\": \"Deny\",\n      \"Action\": [\n        \"s3:*\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": \"*\",\n      \"Condition\": {\n        \"Bool\": {\n          \"aws:SecureTransport\": [\n            \"false\"\n          ]\n        }\n      }\n    },\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n        \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\n          \"371854298993\"\n        ]\n      }\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate b/state/bootstrap/rdm-management-default.tfstate
deleted file mode 100644
index 840a06de..00000000
--- a/state/bootstrap/rdm-management-default.tfstate
+++ /dev/null
@@ -1,195 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 5,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "mode": "data",
-      "type": "aws_caller_identity",
-      "name": "current",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "account_id": "031036423983",
-            "arn": "arn:aws:sts::031036423983:assumed-role/cross-account-admin-role/1619028282270591000",
-            "id": "031036423983",
-            "user_id": "AROAQOOPKH4XR52AY76HB:1619028282270591000"
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "mode": "data",
-      "type": "template_file",
-      "name": "bucket_policy_template",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "0cf2a8e56151f1b60471b1e015ebe47bfa2c3c7db2de6914db77220528529cd9",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    $${deny_unencrypted_object_upload_fragment},\n    $${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": ${allowed_account_ids}\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::$${bucket_name}\",\n        \"arn:aws:s3:::$${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "allowed_account_ids": "[\"031036423983\",\"384010198059\",\"371854298993\"]"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "3142c89cf1a1d0bbdf3dd04dc9a10667b21611e36bceb1a38ba7e5ecf412e679",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::${bucket_name}\",\n        \"arn:aws:s3:::${bucket_name}/*\"\n      ]\n    }\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n      \"Sid\": \"AllowCrossAccountAccess\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"s3:ListBucket\",\n        \"s3:GetObject\"\n      ],\n      \"Principal\": {\n        \"AWS\": [\"031036423983\",\"384010198059\",\"371854298993\"]\n      },\n      \"Resource\": [\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default\",\n        \"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"\n      ]\n    }\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/state/bootstrap/rdm-management-default.tfstate.backup b/state/bootstrap/rdm-management-default.tfstate.backup
deleted file mode 100644
index ce8e042a..00000000
--- a/state/bootstrap/rdm-management-default.tfstate.backup
+++ /dev/null
@@ -1,156 +0,0 @@
-{
-  "version": 4,
-  "terraform_version": "0.14.7",
-  "serial": 3,
-  "lineage": "7671df3c-17aa-8490-a234-ad856612da8c",
-  "outputs": {
-    "storage_bucket_name": {
-      "value": "bsn-reference-backend-rdm-management-default",
-      "type": "string"
-    }
-  },
-  "resources": [
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_inflight_operations_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "8f2229740b3b878a3f86e19ee16c7626f034789cef39c0f395ea015fcc721b6d",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "deny_unencrypted_object_uploads_fragment",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "085690f69d273dd404916d305b4012f4c407909ceecee63b9fba08a7233fa594",
-            "rendered": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "template": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "data",
-      "type": "template_file",
-      "name": "encrypted_bucket_policy",
-      "provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "filename": null,
-            "id": "b4957ff366d63181aee465dc916bc11afc77113830421a77121edf0b10c4c5e8",
-            "rendered": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}",
-            "template": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    ${deny_unencrypted_object_upload_fragment},\n    ${deny_unencrypted_inflight_operations_fragment}\n  ]\n}",
-            "vars": {
-              "bucket_name": "bsn-reference-backend-rdm-management-default",
-              "deny_unencrypted_inflight_operations_fragment": "{\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}",
-              "deny_unencrypted_object_upload_fragment": "{\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}"
-            }
-          },
-          "sensitive_attributes": []
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "acceleration_status": "",
-            "acl": "private",
-            "arn": "arn:aws:s3:::bsn-reference-backend-rdm-management-default",
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "bucket_domain_name": "bsn-reference-backend-rdm-management-default.s3.amazonaws.com",
-            "bucket_prefix": null,
-            "bucket_regional_domain_name": "bsn-reference-backend-rdm-management-default.s3.eu-west-2.amazonaws.com",
-            "cors_rule": [],
-            "force_destroy": false,
-            "grant": [],
-            "hosted_zone_id": "Z3GKZC51ZF0DB4",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "lifecycle_rule": [],
-            "logging": [],
-            "object_lock_configuration": [],
-            "policy": null,
-            "region": "eu-west-2",
-            "replication_configuration": [],
-            "request_payer": "BucketOwner",
-            "server_side_encryption_configuration": [],
-            "tags": {
-              "DeploymentIdentifier": "rdm-management-default",
-              "DeploymentLabel": "default",
-              "DeploymentType": "rdm-management",
-              "Name": "bsn-reference-backend-rdm-management-default"
-            },
-            "versioning": [
-              {
-                "enabled": true,
-                "mfa_delete": false
-              }
-            ],
-            "website": [],
-            "website_domain": null,
-            "website_endpoint": null
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA=="
-        }
-      ]
-    },
-    {
-      "module": "module.storage_bucket",
-      "mode": "managed",
-      "type": "aws_s3_bucket_policy",
-      "name": "encrypted_bucket",
-      "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
-      "instances": [
-        {
-          "schema_version": 0,
-          "attributes": {
-            "bucket": "bsn-reference-backend-rdm-management-default",
-            "id": "bsn-reference-backend-rdm-management-default",
-            "policy": "{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n  \"Sid\": \"DenyUnEncryptedObjectUploads\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:PutObject\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"StringNotEquals\": {\n        \"s3:x-amz-server-side-encryption\": \"AES256\"\n    }\n  },\n\n  \"Principal\": \"*\"\n},\n    {\n  \"Sid\": \"DenyUnEncryptedInflightOperations\",\n  \"Effect\": \"Deny\",\n  \"Action\": [\"s3:*\"],\n  \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-rdm-management-default/*\"],\n\n  \"Condition\": {\n    \"Bool\": {\n        \"aws:SecureTransport\": \"false\"\n    }\n  },\n\n  \"Principal\": \"*\"\n}\n  ]\n}"
-          },
-          "sensitive_attributes": [],
-          "private": "bnVsbA==",
-          "dependencies": [
-            "module.storage_bucket.aws_s3_bucket.encrypted_bucket",
-            "module.storage_bucket.data.template_file.encrypted_bucket_policy"
-          ]
-        }
-      ]
-    }
-  ]
-}
diff --git a/terraform/database/.terraform.lock.hcl b/terraform/database/.terraform.lock.hcl
new file mode 100644
index 00000000..f35e5a0e
--- /dev/null
+++ b/terraform/database/.terraform.lock.hcl
@@ -0,0 +1,58 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.29"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "~> 2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
+
+provider "registry.terraform.io/mongodb/mongodbatlas" {
+  version     = "0.8.2"
+  constraints = "~> 0.8, 0.8.2"
+  hashes = [
+    "h1:ry6CGqesidcJXaWDeLtqjVMxOZ5bqqLOvOtQhLDriSs=",
+    "zh:17705b49166fc296aef7300534a5c964ea8d4f6cb6616bcb8e7d3186cd1cae50",
+    "zh:39b8fdcf3262f7b2faffa41b0aed2ffdcf5ed47b985429c7bb764945f9873637",
+    "zh:3d4dbbb6be68dfea4f84172d0db9fc52dbda6025ed424ea249fb1317968b28ac",
+    "zh:525ae17dc4c2607c4ee596450fba58f5101635b05a93de2cdcb2e550b6c46abc",
+    "zh:71759a108c1499b9538ae4d54faaf66077adce90b031fc1051f484118418e6c7",
+    "zh:7a42549360c6cfb4a4f8986c9e59f8533750de964f31d4bea09e758da460b994",
+    "zh:8869872ea9bedb5a2b46637d62aaed8c886dce4579133a6f84043f540aa927cd",
+    "zh:aa3b2f8c64c9a28e96e1d23c0b21092fa0c21fbbe6d56b7f92a7d40e7d4696b7",
+    "zh:e7c85f9baeb2fb234721b2b4fba4a9620af7a5bc138f2d6c9682178b6b24ba72",
+    "zh:fa0c84bfea33a7726ed29574e58a9666cf8a9e5882b9aabd0f1899965a0c4b18",
+    "zh:fd9b995f95e58391d592cfce078f98b5657dd58452f5d049ebd1be562314ed36",
+  ]
+}
diff --git a/infra/database/cluster.tf b/terraform/database/cluster.tf
similarity index 67%
rename from infra/database/cluster.tf
rename to terraform/database/cluster.tf
index 9c2aec99..e73f9f67 100644
--- a/infra/database/cluster.tf
+++ b/terraform/database/cluster.tf
@@ -10,16 +10,16 @@ module "cluster" {
   mongo_db_major_version = var.database_version
 
   cloud_provider = {
-    name = "AWS"
-    region_name = replace(upper(var.region), "-", "_")
+    name               = "AWS"
+    region_name        = replace(upper(var.region), "-", "_")
     instance_size_name = var.database_instance_size_name
-    disk_iops = null
-    volume_type = null
-    backup_enabled = true
+    disk_iops          = null
+    volume_type        = null
+    backup_enabled     = true
     auto_scaling = {
       compute = {
-        min_instance_size: null
-        max_instance_size: null
+        min_instance_size : null
+        max_instance_size : null
       }
     }
   }
@@ -30,8 +30,8 @@ module "cluster" {
       password = var.database_service_user_password
       roles = [
         {
-          role_name = "readWriteAnyDatabase"
-          database_name = "admin"
+          role_name       = "readWriteAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
@@ -42,8 +42,8 @@ module "cluster" {
       password = var.database_read_only_user_password
       roles = [
         {
-          role_name = "readAnyDatabase"
-          database_name = "admin"
+          role_name       = "readAnyDatabase"
+          database_name   = "admin"
           collection_name = null
         }
       ]
diff --git a/infra/database/endpoint.tf b/terraform/database/endpoint.tf
similarity index 68%
rename from infra/database/endpoint.tf
rename to terraform/database/endpoint.tf
index ed2bec9a..734111d5 100644
--- a/infra/database/endpoint.tf
+++ b/terraform/database/endpoint.tf
@@ -6,8 +6,8 @@ module "aws-private-endpoint" {
   deployment_identifier = var.deployment_identifier
 
   region     = var.region
-  vpc_id     = data.terraform_remote_state.network.outputs.vpc_id
-  subnet_ids = data.terraform_remote_state.network.outputs.private_subnet_ids
+  vpc_id     = var.vpc_id
+  subnet_ids = var.private_subnet_ids
 
   project_id = module.project.project_id
 
diff --git a/infra/database/outputs.tf b/terraform/database/outputs.tf
similarity index 100%
rename from infra/database/outputs.tf
rename to terraform/database/outputs.tf
diff --git a/infra/database/project.tf b/terraform/database/project.tf
similarity index 83%
rename from infra/database/project.tf
rename to terraform/database/project.tf
index f51a78d5..c98a3405 100644
--- a/infra/database/project.tf
+++ b/terraform/database/project.tf
@@ -2,7 +2,7 @@ module "project" {
   source  = "infrablocks/project/mongodbatlas"
   version = "1.0.0"
 
-  component = var.component
+  component             = var.component
   deployment_identifier = var.deployment_identifier
 
   organization_id = var.mongodb_atlas_organization_id
diff --git a/infra/database/providers.tf b/terraform/database/providers.tf
similarity index 72%
rename from infra/database/providers.tf
rename to terraform/database/providers.tf
index 19d0a693..e2270d16 100644
--- a/infra/database/providers.tf
+++ b/terraform/database/providers.tf
@@ -3,6 +3,6 @@ provider "aws" {
 }
 
 provider "mongodbatlas" {
-  public_key = var.mongodb_atlas_public_key
+  public_key  = var.mongodb_atlas_public_key
   private_key = var.mongodb_atlas_private_key
 }
diff --git a/infra/database/terraform.tf b/terraform/database/terraform.tf
similarity index 84%
rename from infra/database/terraform.tf
rename to terraform/database/terraform.tf
index 8907a147..e239d3a8 100644
--- a/infra/database/terraform.tf
+++ b/terraform/database/terraform.tf
@@ -3,10 +3,10 @@ terraform {
 
   required_providers {
     mongodbatlas = {
-      source = "mongodb/mongodbatlas"
+      source  = "mongodb/mongodbatlas"
       version = "0.8.2"
     }
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.29"
     }
diff --git a/infra/database/variables.tf b/terraform/database/variables.tf
similarity index 76%
rename from infra/database/variables.tf
rename to terraform/database/variables.tf
index 21901ef1..169b17f8 100644
--- a/infra/database/variables.tf
+++ b/terraform/database/variables.tf
@@ -17,7 +17,7 @@ variable "mongodb_atlas_organization_id" {}
 variable "mongodb_atlas_public_key" {}
 variable "mongodb_atlas_private_key" {}
 
-variable "network_state_bucket_name" {}
-variable "network_state_key" {}
-variable "network_state_bucket_region" {}
-variable "network_state_bucket_is_encrypted" {}
+variable "vpc_id" {}
+variable "private_subnet_ids" {
+  type = list(string)
+}
\ No newline at end of file
diff --git a/terraform/functions/.terraform.lock.hcl b/terraform/functions/.terraform.lock.hcl
new file mode 100644
index 00000000..63a0aaf0
--- /dev/null
+++ b/terraform/functions/.terraform.lock.hcl
@@ -0,0 +1,75 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/archive" {
+  version = "2.2.0"
+  hashes = [
+    "h1:CIWi5G6ob7p2wWoThRQbOB8AbmFlCzp7Ka81hR3cVp0=",
+    "zh:06bd875932288f235c16e2237142b493c2c2b6aba0e82e8c85068332a8d2a29e",
+    "zh:0c681b481372afcaefddacc7ccdf1d3bb3a0c0d4678a526bc8b02d0c331479bc",
+    "zh:100fc5b3fc01ea463533d7bbfb01cb7113947a969a4ec12e27f5b2be49884d6c",
+    "zh:55c0d7ddddbd0a46d57c51fcfa9b91f14eed081a45101dbfc7fd9d2278aa1403",
+    "zh:73a5dd68379119167934c48afa1101b09abad2deb436cd5c446733e705869d6b",
+    "zh:841fc4ac6dc3479981330974d44ad2341deada8a5ff9e3b1b4510702dfbdbed9",
+    "zh:91be62c9b41edb137f7f835491183628d484e9d6efa82fcb75cfa538c92791c5",
+    "zh:acd5f442bd88d67eb948b18dc2ed421c6c3faee62d3a12200e442bfff0aa7d8b",
+    "zh:ad5720da5524641ad718a565694821be5f61f68f1c3c5d2cfa24426b8e774bef",
+    "zh:e63f12ea938520b3f83634fc29da28d92eed5cfbc5cc8ca08281a6a9c36cca65",
+    "zh:f6542918faa115df46474a36aabb4c3899650bea036b5f8a5e296be6f8f25767",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "3.70.0"
+  constraints = "~> 3.16, ~> 3.33"
+  hashes = [
+    "h1:E5IKHXzPGGSizZM5rHKzNCzpwQ7lWPXmmJnms82uzDk=",
+    "zh:0af710e528e21b930899f0ac295b0ceef8ad7b623dd8f38e92c8ec4bc7af0321",
+    "zh:4cabcd4519c0aae474d91ae67a8e3a4a8c39c3945c289a9cf7c1409f64409abe",
+    "zh:58da1a436facb4e4f95cd2870d211ed7bcb8cf721a4a61970aa8da191665f2aa",
+    "zh:6465339475c1cd3c16a5c8fee61304dcad2c4a27740687d29c6cdc90d2e6423d",
+    "zh:7a821ed053c355d70ebe33185590953fa5c364c1f3d66fe3f9b4aba3961646b1",
+    "zh:7c3656cc9cc1739dcb298e7930c9a76ccfce738d2070841d7e6c62fbdae74eef",
+    "zh:9d9da9e3c60a0c977e156da8590f36a219ae91994bb3df5a1208de2ab3ceeba7",
+    "zh:a3138817c86bf3e4dca7fd3a92e099cd1bf1d45ee7c7cc9e9773ba04fc3b315a",
+    "zh:a8603044e935dfb3cb9319a46d26276162c6aea75e02c4827232f9c6029a3182",
+    "zh:aef9482332bf43d0b73317f5909dec9e95b983c67b10d72e75eacc7c4f37d084",
+    "zh:fc3f3cad84f2eebe566dd0b65904c934093007323b9b85e73d9dd4535ceeb29d",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version = "3.1.0"
+  hashes = [
+    "h1:vpC6bgUQoJ0znqIKVFevOdq+YQw42bRq0u+H3nto8nA=",
+    "zh:02a1675fd8de126a00460942aaae242e65ca3380b5bb192e8773ef3da9073fd2",
+    "zh:53e30545ff8926a8e30ad30648991ca8b93b6fa496272cd23b26763c8ee84515",
+    "zh:5f9200bf708913621d0f6514179d89700e9aa3097c77dac730e8ba6e5901d521",
+    "zh:9ebf4d9704faba06b3ec7242c773c0fbfe12d62db7d00356d4f55385fc69bfb2",
+    "zh:a6576c81adc70326e4e1c999c04ad9ca37113a6e925aefab4765e5a5198efa7e",
+    "zh:a8a42d13346347aff6c63a37cda9b2c6aa5cc384a55b2fe6d6adfa390e609c53",
+    "zh:c797744d08a5307d50210e0454f91ca4d1c7621c68740441cf4579390452321d",
+    "zh:cecb6a304046df34c11229f20a80b24b1603960b794d68361a67c5efe58e62b8",
+    "zh:e1371aa1e502000d9974cfaff5be4cfa02f47b17400005a16f14d2ef30dc2a70",
+    "zh:fc39cc1fe71234a0b0369d5c5c7f876c71b956d23d7d6f518289737a001ba69b",
+    "zh:fea4227271ebf7d9e2b61b89ce2328c7262acd9fd190e1fd6d15a591abfa848e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version     = "2.2.0"
+  constraints = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
diff --git a/infra/functions/lambda.tf b/terraform/functions/lambda.tf
similarity index 90%
rename from infra/functions/lambda.tf
rename to terraform/functions/lambda.tf
index f38e8b85..76b6a410 100644
--- a/infra/functions/lambda.tf
+++ b/terraform/functions/lambda.tf
@@ -1,14 +1,4 @@
 data "aws_caller_identity" "caller" {}
-data "terraform_remote_state" "service" {
-  backend = "s3"
-
-  config = {
-    bucket  = var.service_state_bucket_name
-    key     = var.service_state_key
-    region  = var.service_state_bucket_region
-    encrypt = var.service_state_bucket_is_encrypted
-  }
-}
 
 resource "aws_secretsmanager_secret" "keepers_secretsmanager_secret" {
   name = "keepersServiceSMSecrets-${var.deployment_identifier}"
@@ -24,7 +14,7 @@ resource "aws_secretsmanager_secret_version" "keepers_secretsmanager_secret_vers
     etherscanapikey      = var.etherscan_apikey
     infuraapikey         = var.infura_apikey
     voucherkerneladdress = var.voucher_kernel_address
-    apiurl               = "https://${data.terraform_remote_state.service.outputs.address}"
+    apiurl               = var.api_url
   }))
 }
 
@@ -86,16 +76,16 @@ data "aws_iam_policy_document" "execution_policy" {
 }
 
 module "expirations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerExpirations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerExpirations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerExpirations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -138,16 +128,16 @@ resource "aws_lambda_permission" "expirations_lambda_permission" {
 }
 
 module "finalizations_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerFinalizations.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerFinalizations/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerFinalizations/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 128
@@ -190,16 +180,16 @@ resource "aws_lambda_permission" "finalizations_lambda_permission" {
 }
 
 module "withdrawals_lambda" {
-  source  = "./modules/lambda"
+  source = "./modules/lambda"
 
   region                = var.region
   account_id            = data.aws_caller_identity.caller.account_id
   component             = var.component
   deployment_identifier = var.deployment_identifier
 
-  lambda_runtime = "nodejs14.x"
+  lambda_runtime          = "nodejs14.x"
   lambda_code_output_path = "${path.module}/.terraform/archive_files/triggerWithdrawals.zip"
-  lambda_code_source_dir = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
+  lambda_code_source_dir  = "${path.cwd}/external/lambdas/triggerWithdrawals/src"
 
   lambda_timeout     = 900
   lambda_memory_size = 256
diff --git a/terraform/functions/modules/lambda/iam.tf b/terraform/functions/modules/lambda/iam.tf
new file mode 100644
index 00000000..d6fef4ab
--- /dev/null
+++ b/terraform/functions/modules/lambda/iam.tf
@@ -0,0 +1,57 @@
+data "aws_caller_identity" "current" {
+}
+
+resource "aws_iam_role" "lambda_execution_role" {
+  assume_role_policy = var.lambda_assume_role != "" ? var.lambda_assume_role : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Action : "sts:AssumeRole",
+          Principal : {
+            "Service" : "lambda.amazonaws.com"
+          },
+          Effect : "Allow"
+        }
+      ]
+  })
+  tags = local.tags
+}
+
+resource "aws_iam_role_policy" "lambda_execution_policy" {
+  role = aws_iam_role.lambda_execution_role.id
+  policy = var.lambda_execution_policy != "" ? var.lambda_execution_policy : jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          Effect : "Allow",
+          Action : [
+            "ec2:CreateNetworkInterface",
+            "ec2:DescribeNetworkInterfaces",
+            "ec2:DeleteNetworkInterface",
+            "ec2:DescribeSecurityGroups",
+            "ec2:AssignPrivateIpAddresses",
+            "ec2:UnassignPrivateIpAddresses",
+            "ec2:DescribeSubnets",
+            "ec2:DescribeVpcs"
+          ],
+          Resource : [
+            "*"
+          ]
+        },
+        {
+          Effect : "Allow",
+          Action : [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          Resource : [
+            "arn:aws:logs:${var.region}:${var.account_id}:*"
+          ]
+        }
+      ]
+  })
+}
+
diff --git a/infra/functions/modules/lambda/lambda.tf b/terraform/functions/modules/lambda/lambda.tf
similarity index 100%
rename from infra/functions/modules/lambda/lambda.tf
rename to terraform/functions/modules/lambda/lambda.tf
diff --git a/infra/functions/modules/lambda/locals.tf b/terraform/functions/modules/lambda/locals.tf
similarity index 74%
rename from infra/functions/modules/lambda/locals.tf
rename to terraform/functions/modules/lambda/locals.tf
index 4c1a0f09..96c053ea 100644
--- a/infra/functions/modules/lambda/locals.tf
+++ b/terraform/functions/modules/lambda/locals.tf
@@ -1,6 +1,6 @@
 locals {
   base_tags = {
-    "Component" = var.component,
+    "Component"            = var.component,
     "DeploymentIdentifier" = var.deployment_identifier
   }
 
diff --git a/infra/functions/modules/lambda/outputs.tf b/terraform/functions/modules/lambda/outputs.tf
similarity index 95%
rename from infra/functions/modules/lambda/outputs.tf
rename to terraform/functions/modules/lambda/outputs.tf
index 18f2d6fd..cdcdeb66 100644
--- a/infra/functions/modules/lambda/outputs.tf
+++ b/terraform/functions/modules/lambda/outputs.tf
@@ -41,5 +41,5 @@ output "iam_role_name" {
   value = aws_iam_role.lambda_execution_role.name
 }
 output "iam_role_policy_name" {
-  value =  aws_iam_role_policy.lambda_execution_policy.name
+  value = aws_iam_role_policy.lambda_execution_policy.name
 }
diff --git a/terraform/functions/modules/lambda/security_group.tf b/terraform/functions/modules/lambda/security_group.tf
new file mode 100644
index 00000000..c9bb2855
--- /dev/null
+++ b/terraform/functions/modules/lambda/security_group.tf
@@ -0,0 +1,20 @@
+resource "aws_security_group" "sg_lambda" {
+  description = "${var.deployment_identifier}-lambda"
+  vpc_id      = var.vpc_id
+  tags        = local.tags
+  count       = var.deploy_in_vpc == "yes" ? 1 : 0
+
+  ingress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_ingress_cidr_blocks
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = var.lambda_egress_cidr_blocks
+  }
+}
diff --git a/infra/functions/modules/lambda/terraform.tf b/terraform/functions/modules/lambda/terraform.tf
similarity index 88%
rename from infra/functions/modules/lambda/terraform.tf
rename to terraform/functions/modules/lambda/terraform.tf
index a7ab87fb..c7b0c196 100644
--- a/infra/functions/modules/lambda/terraform.tf
+++ b/terraform/functions/modules/lambda/terraform.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.14"
 
   required_providers {
-    aws      = {
+    aws = {
       source  = "hashicorp/aws"
       version = "~> 3.33"
     }
diff --git a/infra/functions/modules/lambda/variables.tf b/terraform/functions/modules/lambda/variables.tf
similarity index 100%
rename from infra/functions/modules/lambda/variables.tf
rename to terraform/functions/modules/lambda/variables.tf
diff --git a/infra/functions/outputs.tf b/terraform/functions/outputs.tf
similarity index 100%
rename from infra/functions/outputs.tf
rename to terraform/functions/outputs.tf
diff --git a/infra/functions/provider.tf b/terraform/functions/provider.tf
similarity index 100%
rename from infra/functions/provider.tf
rename to terraform/functions/provider.tf
diff --git a/infra/keepers-service/terraform.tf b/terraform/functions/terraform.tf
similarity index 100%
rename from infra/keepers-service/terraform.tf
rename to terraform/functions/terraform.tf
diff --git a/infra/functions/variables.tf b/terraform/functions/variables.tf
similarity index 62%
rename from infra/functions/variables.tf
rename to terraform/functions/variables.tf
index 2a4bbcfb..6d03dec0 100644
--- a/infra/functions/variables.tf
+++ b/terraform/functions/variables.tf
@@ -2,14 +2,10 @@ variable "region" {}
 variable "component" {}
 variable "deployment_identifier" {}
 
+variable "api_url" {}
 variable "gcloud_keepers_secret" {}
 variable "cashier_address" {}
 variable "executor_secret" {}
 variable "etherscan_apikey" {}
 variable "infura_apikey" {}
 variable "voucher_kernel_address" {}
-
-variable "service_state_bucket_name" {}
-variable "service_state_key" {}
-variable "service_state_bucket_region" {}
-variable "service_state_bucket_is_encrypted" {}

From 335707eb4081202dd1802918c215cfead0e41c40 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 23:00:26 +0000
Subject: [PATCH 15/18] [ADD] Helm chart

---
 .github/workflows/main.yaml        | 20 +++++--
 helm/.helmignore                   | 23 ++++++++
 helm/Chart.yaml                    |  6 ++
 helm/templates/_helpers.tpl        | 71 ++++++++++++++++++++++
 helm/templates/deployment.yaml     | 95 ++++++++++++++++++++++++++++++
 helm/templates/hpa.yaml            | 58 ++++++++++++++++++
 helm/templates/ingress.yaml        | 42 +++++++++++++
 helm/templates/service.yaml        | 15 +++++
 helm/templates/serviceaccount.yaml | 25 ++++++++
 helm/values.yaml                   | 84 ++++++++++++++++++++++++++
 10 files changed, 435 insertions(+), 4 deletions(-)
 create mode 100644 helm/.helmignore
 create mode 100644 helm/Chart.yaml
 create mode 100644 helm/templates/_helpers.tpl
 create mode 100644 helm/templates/deployment.yaml
 create mode 100644 helm/templates/hpa.yaml
 create mode 100644 helm/templates/ingress.yaml
 create mode 100644 helm/templates/service.yaml
 create mode 100644 helm/templates/serviceaccount.yaml
 create mode 100644 helm/values.yaml

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 128ed465..3520b2a3 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -2,8 +2,8 @@ name: Build and Deploy leptonite.io
 
 on:
   push:
-    branches:
-      - radu/migration
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
@@ -50,10 +50,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/reference-backend:$TAG .
+          docker push $REGISTRY /bsn/reference-backend:$TAG
 
   keepers:
     name: Keepers related tasks
@@ -81,10 +85,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/keepers:$TAG .
+          docker push $REGISTRY /bsn/keepers:$TAG
 
   triggers:
     name: Triggers related tasks
@@ -123,3 +131,7 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: terraform plan -no-color
+      - name: Terraform Apply
+        if: ${{ github.event_name == 'push' }}
+        id: apply
+        run: terraform apply -auto-approve
diff --git a/helm/.helmignore b/helm/.helmignore
new file mode 100644
index 00000000..0e8a0eb3
--- /dev/null
+++ b/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
new file mode 100644
index 00000000..83a6a103
--- /dev/null
+++ b/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: reference-backend
+description: A Helm chart for deploying the Leptonite.io backend on Kubernetes
+type: application
+version: 0.1.0
+appVersion: "1.16.0"
diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl
new file mode 100644
index 00000000..733ad228
--- /dev/null
+++ b/helm/templates/_helpers.tpl
@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "reference-backend.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "reference-backend.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "reference-backend.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels for backend
+*/}}
+{{- define "reference-backend.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for backend
+*/}}
+{{- define "reference-backend.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels for keepers
+*/}}
+{{- define "reference-backend-keepers.labels" -}}
+helm.sh/chart: {{ include "reference-backend.chart" . }}
+{{ include "reference-backend-keepers.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for keepers
+*/}}
+{{- define "reference-backend-keepers.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "reference-backend.name" . }}-keepers
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml
new file mode 100644
index 00000000..54ae2fc4
--- /dev/null
+++ b/helm/templates/deployment.yaml
@@ -0,0 +1,95 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.backend.autoscaling.enabled }}
+  replicas: {{ .Values.backend.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.backend.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: http
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.backend.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.backend.envFilePath }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.keepers.autoscaling.enabled }}
+  replicas: {{ .Values.keepers.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "reference-backend-keepers.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.keepers.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "reference-backend-keepers.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Values.keepers.serviceAccount.name }}
+      containers:
+        - name: {{ .Chart.Name }}-keepers
+          image: "{{ .Values.keepers.image.repository }}:{{ .Values.keepers.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.keepers.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          env:
+            - name: AWS_S3_BUCKET_REGION
+              value: {{ .Values.keepers.envFileRegion }}
+            - name: AWS_S3_ENV_FILE_OBJECT_PATH
+              value: {{ .Values.keepers.envFilePath }}
+            - name: API_URL
+              value: {{ .Values.keepers.apiUrl }}
+          resources:
+            {{- toYaml .Values.backend.resources | nindent 12 }}
diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml
new file mode 100644
index 00000000..fa9c224b
--- /dev/null
+++ b/helm/templates/hpa.yaml
@@ -0,0 +1,58 @@
+{{- if .Values.backend.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}
+  minReplicas: {{ .Values.backend.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+{{- if .Values.keepers.autoscaling.enabled }}
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "reference-backend.fullname" . }}-keepers
+  labels:
+  {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "reference-backend.fullname" . }}-keepers
+  minReplicas: {{ .Values.keepers.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.keepers.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.keepers.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+
diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml
new file mode 100644
index 00000000..0ebb163e
--- /dev/null
+++ b/helm/templates/ingress.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "reference-backend.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.ingress.tls.enabled }}
+  tls:
+    {{- range .Values.ingress.hosts }}
+    - hosts:
+      - {{ .host | quote }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+    {{- end }}
+{{- end }}
diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml
new file mode 100644
index 00000000..1d90f181
--- /dev/null
+++ b/helm/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "reference-backend.fullname" . }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "reference-backend.selectorLabels" . | nindent 4 }}
diff --git a/helm/templates/serviceaccount.yaml b/helm/templates/serviceaccount.yaml
new file mode 100644
index 00000000..44983c16
--- /dev/null
+++ b/helm/templates/serviceaccount.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.backend.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.backend.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend.labels" . | nindent 4 }}
+  {{- with .Values.backend.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- if .Values.keepers.serviceAccount.create }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.keepers.serviceAccount.name }}
+  labels:
+    {{- include "reference-backend-keepers.labels" . | nindent 4 }}
+  {{- with .Values.keepers.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/helm/values.yaml b/helm/values.yaml
new file mode 100644
index 00000000..4a808435
--- /dev/null
+++ b/helm/values.yaml
@@ -0,0 +1,84 @@
+# Default values for portal-backend.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+backend:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/reference-backend
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: { }
+    name: "backend"
+keepers:
+  replicaCount: 1
+  podAnnotations: {}
+  image:
+    repository: 031036423983.dkr.ecr.eu-west-2.amazonaws.com/bsn/keepers
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "latest"
+  resources: {}
+  # Example of resource limits below.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+  apiUrl: dummy
+  envFilePath: dummy
+  envFileRegion: dummy
+  serviceAccount:
+    create: true
+    annotations: {}
+    name: "keepers"
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+service:
+  type: NodePort
+  port: 3000
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    alb.ingress.kubernetes.io/backend-protocol: HTTP
+    alb.ingress.kubernetes.io/healthcheck-path: /health
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/load-balancer-attributes: routing.http2.enabled=true,idle_timeout.timeout_seconds=120
+  hosts:
+    - host: chart-example.local
+  tls:
+    enabled: true
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local

From e15f43554ca964fea4e05380bed5b2798f1d1199 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 14:45:36 +0000
Subject: [PATCH 16/18] [ADD] Github Actions

---
 .github/workflows/main.yaml | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 3520b2a3..128ed465 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -2,8 +2,8 @@ name: Build and Deploy leptonite.io
 
 on:
   push:
-    tags:
-      - 'v*'
+    branches:
+      - radu/migration
   pull_request:
     branches:
       - main
@@ -50,14 +50,10 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
-      - name: Export TAG value
-        if: ${{ github.event_name == 'push' }}
-        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/reference-backend:$TAG .
-          docker push $REGISTRY /bsn/reference-backend:$TAG
+          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
 
   keepers:
     name: Keepers related tasks
@@ -85,14 +81,10 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
-      - name: Export TAG value
-        if: ${{ github.event_name == 'push' }}
-        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/keepers:$TAG .
-          docker push $REGISTRY /bsn/keepers:$TAG
+          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
 
   triggers:
     name: Triggers related tasks
@@ -131,7 +123,3 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: terraform plan -no-color
-      - name: Terraform Apply
-        if: ${{ github.event_name == 'push' }}
-        id: apply
-        run: terraform apply -auto-approve

From 490b93636a75d775fde9743dfe91e6c26facde57 Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 22 Dec 2021 23:00:26 +0000
Subject: [PATCH 17/18] [ADD] Helm chart

---
 .github/workflows/main.yaml | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 128ed465..3520b2a3 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -2,8 +2,8 @@ name: Build and Deploy leptonite.io
 
 on:
   push:
-    branches:
-      - radu/migration
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
@@ -50,10 +50,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/reference-backend:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/reference-backend:$TAG .
+          docker push $REGISTRY /bsn/reference-backend:$TAG
 
   keepers:
     name: Keepers related tasks
@@ -81,10 +85,14 @@ jobs:
         if: ${{ github.event_name == 'push' }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
+      - name: Export TAG value
+        if: ${{ github.event_name == 'push' }}
+        run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
       - name: Build and push
         if: ${{ github.event_name == 'push' }}
         run: |
-          docker build --tag $REGISTRY/bsn/keepers:$GITHUB_SHA .
+          docker build --tag $REGISTRY/bsn/keepers:$TAG .
+          docker push $REGISTRY /bsn/keepers:$TAG
 
   triggers:
     name: Triggers related tasks
@@ -123,3 +131,7 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: terraform plan -no-color
+      - name: Terraform Apply
+        if: ${{ github.event_name == 'push' }}
+        id: apply
+        run: terraform apply -auto-approve

From 6faeb0eeda3742931f088e819d1024b56daaabbd Mon Sep 17 00:00:00 2001
From: Radu Stefanache <radustefanache@redeemeum.com>
Date: Wed, 5 Jan 2022 11:14:38 +0000
Subject: [PATCH 18/18] Remove unused GH Actions workflow

---
 .github/workflows/deploy-demo.yaml | 35 ------------------------------
 1 file changed, 35 deletions(-)
 delete mode 100644 .github/workflows/deploy-demo.yaml

diff --git a/.github/workflows/deploy-demo.yaml b/.github/workflows/deploy-demo.yaml
deleted file mode 100644
index 90cbe1d7..00000000
--- a/.github/workflows/deploy-demo.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Demo Branch Backend Build and Deploy to GAE
-on:
-  push:
-    branches:
-      - demo
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [10.x]
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: build backend
-        run: |
-          npm install
-      - uses: actions-hub/gcloud@master
-        name: copy environment variables
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-          CLI: gsutil
-        with:
-          args: cp gs://boson-variables-dev/demo/.env .
-      - uses: actions-hub/gcloud@master
-        name: deploy service
-        env:
-          PROJECT_ID: ${{secrets.APP_ENGINE_PROJECT_ID_DEV}}
-          APPLICATION_CREDENTIALS: ${{secrets.APP_ENGINE_CONFIG_DEV}}
-        with:
-          args: app deploy app-demo.yaml