When a portfolio state machine transitions to the COMPLETED state, an
email is sent to the PPOC letting them know it's ready, and provides
them with their username needed to create a password.
If the app is making a TLS connection to Redis, the new config setting
REDIS_SSLMODE determines whether CA verification should be performed.
Acceptable values are Python `None` or strings "none", "optional", and
"required".
Adds all the new config items to the INI file and adjusts some naming
conventions so that these values sort together. Also adds defaults for
some values where they're known.
To comply with security guidelines, we need to destroy the session when
a user logs out. This means that the session's key in the Redis cache
needs to be deleted. Flask expects to _always_ have a session object. If
the current session object does not exist in the Redis cache, Flask will
reserialize and store it at the end of the request. In order for
session deletion to work, we need to delete the key for the existing
session and then replace the session object with a new, empty one.
This also updates the SessionLimiter class so that the session prefix is
configurable.
This got lost somewhere along the way (almost certainly by me), so this
commit tries to make it explicit. The app needs to be able to configure
the session cookie domain name so that it is valid for both the main
site domain and the authentication subdomain. For instance, if the site
is runnning at uat.atat.code.mil and authentication happens at
auth-uat.atat.code.mil, SESSION_COOKIE_DOMAIN should be set to
atat.code.mil so that it's valid for both.
This adds the setting to the base INI file and a default for our K8s
clusters.
The implementation here is meant to wrap a library of JSON policy
documents. Policies should be added to directories corresponding to
where they will be defined (portfolio, application, environment).
Functionality for parsing portfolio policy definitions is included. When
the policies need to be defined on a management group, the
AzureCloudProvider can iterate the appropriate tier of the policy
manager and add those definitions.
These settings are used in the deployed instance and mentioned elsewhere
in the README, but were missing from the base INI file and the
Configuration Guide section of the README.
This updates the configuration handling for the Redis connection string.
The motivation is so that the Redis password can be managed separately
via Azure Key Vault and eventually be rotated independently of the rest
of the connection URI.
This also tweaks the method we use to build the DATABASE_URI and removes
some stale config from the CI config file.
Our content security policy in non-dev environments didn't allow uploading to azure blob storage. This adds a configurable blob storage base URL to allow regions to specify which storage endpoint they expect the upload request to use.
This value is set as the Access-Control-Allow-Origin header value for
the application. When using Azure CDN, the CDN will consume this header
when it populates its cache and use it on subsequent requests.
It would be possible to make this the same as the Flask SERVER_NAME
value. We explicitly set SERVER_NAME for Celery worker processes because
they need that information to contruct URLs outside of the request cycle
(Flask can infer the server name within a request cycle). I decided not
to rely on SERVER_NAME though because it has side effects:
- It determines what `url_for` uses as the host domain (which would be
fine).
- It makes it so that the Flask app can only server requests to that
domain (probably fine, but it felt like too big a side effect).
Additionally, SERVER_NAME does not include the scheme. For all of these
reasons I opted to make CDN_ORIGIN a separate config value.
Supplying this will prevent queue clashes between various ATAT sites
sharing the same Redis instance.
Note that the Celery documentation is currently wrong about the name for
configuring this:
https://docs.celeryproject.org/en/latest/userguide/configuration.html#std:setting-task_default_queue
It specifies `CELERY_TASK_DEFAULT_QUEUE`, but
`CELERY_DEFAULT_QUEUE` is the value that Celery currently looks for.
This appears to be fixed in on an upcoming release:
https://github.com/celery/celery/issues/5575
This is worth keeping an eye on, since the configuration key could
change in the future.
This will allow us to force SSL connections to the database in
production by setting two values:
- PGSSLMODE should be set to "verify-full". This forces the client to
verify the server against a known CA: https://www.postgresql.org/docs/10/libpq-ssl.html
- PGSSLROOTCERT should be set to the path of the public cert for the
relevant CA.
When the database connection is made, these values are passed to the
adapter. For local development, PGSSLMODE is set to "prefer" and
PGSSLROOTCERT is left unset.
Kubernetes config has been added to maintain the root CAs for both Azure
and AWS as k8s ConfigMap objects. These are mounted into the containers
and referenced by PGSSLROOTCERT in the container environment.
The Celery worker cannot render URLs for the app without having a
SERVER_NAME value set. AT-AT's ability to send notifications when an
environment is ready is broken as a result.
This commit sets a null default value for SERVER_NAME in the default
config file. A setting must exist in the INI file in order to be
over-written by an environment variable, which is why we declare it as
null here. There is an additional kwarg, "allow_no_value", that must be
passed to ConfigParser to allow null values.
This also applies the correct domains as SERVER_NAME environment
variables in the Kubernetes ConfigMaps for the AWS and Azure Celery
workers.
This applies configuration changes for the Flask app and adds changes to
the Dockerfile so that the build can make a CSP-specific JS bundle. It
adds `write_dotenv` script that creates the appropriate `.env` file for
the `parcel` bundler depending on how the `CSP` environment variable is
set.
- Configure K8s environment variables for Flask CSP usage
- Supply default CSP config setting to Flask app
- Declare the CSP arg in the Dockerfile
- Supply extra Docker build args to CD
- Fix top-level reference to boto3 in file_upload module
- Add back missing sample NGINX config for docker-compose build
- Applies our previous CSP namespacing pattern to the upload classes.
- Removes code and config for previous uploader implementation.
- Removes Attachment model's ability to upload files directly and
adjusts tests that expected that behavior.
We can use string interpolation in the file rather than building it when
making the config. Adding the value to the config allows us to override
it with an environment variable, if we want to (as we do for the UAT
environment).
