From c11715a87549af3b659b5c4c7fa6fbbba4f85937 Mon Sep 17 00:00:00 2001
From: deeplow <francisco@freedom.press>
Date: Mon, 24 Jun 2024 11:39:16 -0400
Subject: [PATCH] Fix issue blocking sd-viewer & sd-app to be marked internal

The issue was due to a double yaml intruction, which when rendered
and interpreted lead to the first `set` to be ignored.

Fixes: https://github.com/freedomofpress/securedrop-workstation/issues/1097
---
 securedrop_salt/sd-app.sls    | 7 +++----
 securedrop_salt/sd-viewer.sls | 7 +++----
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/securedrop_salt/sd-app.sls b/securedrop_salt/sd-app.sls
index 5dc44328..61a6db1d 100644
--- a/securedrop_salt/sd-app.sls
+++ b/securedrop_salt/sd-app.sls
@@ -30,15 +30,14 @@ sd-app:
         - sd-client
         - sd-workstation
     - features:
-    {% if d.environment == "prod" %}
       - set:
+        - vm-config.SD_MIME_HANDLING: sd-app
+{% if d.environment == "prod" %}
         - internal: 1
-    {% endif %}
+{% endif %}
       - enable:
         - service.paxctld
         - service.securedrop-mime-handling
-      - set:
-        - vm-config.SD_MIME_HANDLING: sd-app
     - require:
       - qvm: sd-small-{{ sdvars.distribution }}-template
 
diff --git a/securedrop_salt/sd-viewer.sls b/securedrop_salt/sd-viewer.sls
index 4f5ac0fa..f01815a9 100644
--- a/securedrop_salt/sd-viewer.sls
+++ b/securedrop_salt/sd-viewer.sls
@@ -38,15 +38,14 @@ sd-viewer:
         - sd-viewer-vm
         - sd-{{ sdvars.distribution }}
     - features:
-    {% if d.environment == "prod" %}
       - set:
+        - vm-config.SD_MIME_HANDLING: sd-viewer
+{% if d.environment == "prod" %}
         - internal: 1
-    {% endif %}
+{% endif %}
       - enable:
         - service.paxctld
         - service.securedrop-mime-handling
-      - set:
-        - vm-config.SD_MIME_HANDLING: sd-viewer
     - require:
       - qvm: sd-large-{{ sdvars.distribution }}-template