darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2025-12-12 16:14:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added API_PUBLIC_URL to GitHub Secrets and updated deploy workflows with new API_PUBLIC_URL

Browse Source
This commit is contained in:
Beverly Nguyen
2025-05-19 17:22:28 -07:00
parent 3c1574d070
commit bc2738a97a
3 changed files with 106 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
.github/workflows/deploy-demo.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "^1.7.5"
terraform_version: '^1.7.5'
terraform_wrapper: false
- name: Terraform init
@@ -50,19 +50,20 @@ jobs:
DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }}
SECRET_KEY: ${{ secrets.SECRET_KEY }}
ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }}
ADMIN_CLIENT_USERNAME: "notify-admin"
ADMIN_CLIENT_USERNAME: 'notify-admin'
NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
NR_BROWSER_KEY: ${{ secrets.NR_BROWSER_KEY }}
COMMIT_HASH: ${{ github.sha }}
LOGIN_PEM: ${{ secrets.LOGIN_PEM }}
LOGIN_DOT_GOV_CLIENT_ID: "urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov"
LOGIN_DOT_GOV_USER_INFO_URL: "https://secure.login.gov/api/openid_connect/userinfo"
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: "https://secure.login.gov/api/openid_connect/token"
LOGIN_DOT_GOV_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://notify-demo.app.cloud.gov/sign-out"
LOGIN_DOT_GOV_BASE_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?"
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: "https://notify-demo.app.cloud.gov/sign-out"
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: "https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://notify-demo.app.cloud.gov/sign-in&response_type=code&scope=openid+email&state=STATE"
LOGIN_DOT_GOV_CERTS_URL: "https://secure.login.gov/api/openid_connect/certs"
LOGIN_DOT_GOV_CLIENT_ID: 'urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov'
LOGIN_DOT_GOV_USER_INFO_URL: 'https://secure.login.gov/api/openid_connect/userinfo'
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: 'https://secure.login.gov/api/openid_connect/token'
LOGIN_DOT_GOV_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://notify-demo.app.cloud.gov/sign-out'
LOGIN_DOT_GOV_BASE_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?'
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: 'https://notify-demo.app.cloud.gov/sign-out'
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: 'https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://notify-demo.app.cloud.gov/sign-in&response_type=code&scope=openid+email&state=STATE'
LOGIN_DOT_GOV_CERTS_URL: 'https://secure.login.gov/api/openid_connect/certs'
API_PUBLIC_URL: ${{ secrets.API_PUBLIC_URL }}
with:
cf_username: ${{ secrets.CLOUDGOV_USERNAME }}
cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
@@ -87,6 +88,7 @@ jobs:
--var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL"
--var LOGIN_DOT_GOV_CERTS_URL="$LOGIN_DOT_GOV_CERTS_URL"
--var LOGIN_PEM="$LOGIN_PEM"
--var API_PUBLIC_URL="$API_PUBLIC_URL"
--strategy rolling
- name: Deploy egress proxy

22
.github/workflows/deploy-prod.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "^1.7.5"
terraform_version: '^1.7.5'
terraform_wrapper: false
- name: Terraform init
@@ -50,19 +50,20 @@ jobs:
DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }}
SECRET_KEY: ${{ secrets.SECRET_KEY }}
ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }}
ADMIN_CLIENT_USERNAME: "notify-admin"
ADMIN_CLIENT_USERNAME: 'notify-admin'
NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
NR_BROWSER_KEY: ${{ secrets.NR_BROWSER_KEY }}
COMMIT_HASH: ${{ github.sha }}
LOGIN_PEM: ${{ secrets.LOGIN_PEM }}
LOGIN_DOT_GOV_CLIENT_ID: "urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov"
LOGIN_DOT_GOV_USER_INFO_URL: "https://secure.login.gov/api/openid_connect/userinfo"
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: "https://secure.login.gov/api/openid_connect/token"
LOGIN_DOT_GOV_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://beta.notify.gov/sign-out"
LOGIN_DOT_GOV_BASE_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?"
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: "https://beta.notify.gov/sign-out"
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: "https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://beta.notify.gov/sign-in&response_type=code&scope=openid+email&state=STATE"
LOGIN_DOT_GOV_CERTS_URL: "https://secure.login.gov/api/openid_connect/certs"
LOGIN_DOT_GOV_CLIENT_ID: 'urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov'
LOGIN_DOT_GOV_USER_INFO_URL: 'https://secure.login.gov/api/openid_connect/userinfo'
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: 'https://secure.login.gov/api/openid_connect/token'
LOGIN_DOT_GOV_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://beta.notify.gov/sign-out'
LOGIN_DOT_GOV_BASE_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?'
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: 'https://beta.notify.gov/sign-out'
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: 'https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://beta.notify.gov/sign-in&response_type=code&scope=openid+email&state=STATE'
LOGIN_DOT_GOV_CERTS_URL: 'https://secure.login.gov/api/openid_connect/certs'
API_PUBLIC_URL: ${{ secrets.API_PUBLIC_URL }}
with:
cf_username: ${{ secrets.CLOUDGOV_USERNAME }}
cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
@@ -87,6 +88,7 @@ jobs:
--var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL"
--var LOGIN_DOT_GOV_CERTS_URL="$LOGIN_DOT_GOV_CERTS_URL"
--var LOGIN_PEM="$LOGIN_PEM"
--var API_PUBLIC_URL="$API_PUBLIC_URL"
--strategy rolling
- name: Deploy egress proxy

24
.github/workflows/deploy.yml vendored
View File

@@ -26,7 +26,7 @@ jobs:
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "^1.7.5"
terraform_version: '^1.7.5'
terraform_wrapper: false
- name: Terraform init
@@ -49,26 +49,26 @@ jobs:
- name: Create requirements.txt
run: poetry export --without-hashes --format=requirements.txt > requirements.txt
- name: Deploy to cloud.gov
uses: cloud-gov/cg-cli-tools@main
env:
DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }}
SECRET_KEY: ${{ secrets.SECRET_KEY }}
ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }}
ADMIN_CLIENT_USERNAME: "notify-admin"
ADMIN_CLIENT_USERNAME: 'notify-admin'
NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
NR_BROWSER_KEY: ${{ secrets.NR_BROWSER_KEY }}
COMMIT_HASH: ${{ github.sha }}
LOGIN_PEM: ${{ secrets.LOGIN_PEM }}
LOGIN_DOT_GOV_CLIENT_ID: "urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov"
LOGIN_DOT_GOV_USER_INFO_URL: "https://secure.login.gov/api/openid_connect/userinfo"
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: "https://secure.login.gov/api/openid_connect/token"
LOGIN_DOT_GOV_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://notify-staging.app.cloud.gov/sign-out"
LOGIN_DOT_GOV_BASE_LOGOUT_URL: "https://secure.login.gov/openid_connect/logout?"
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: "https://notify-staging.app.cloud.gov/sign-out"
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: "https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://notify-staging.app.cloud.gov/sign-in&response_type=code&scope=openid+email&state=STATE"
LOGIN_DOT_GOV_CERTS_URL: "https://secure.login.gov/api/openid_connect/certs"
LOGIN_DOT_GOV_CLIENT_ID: 'urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov'
LOGIN_DOT_GOV_USER_INFO_URL: 'https://secure.login.gov/api/openid_connect/userinfo'
LOGIN_DOT_GOV_ACCESS_TOKEN_URL: 'https://secure.login.gov/api/openid_connect/token'
LOGIN_DOT_GOV_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&post_logout_redirect_uri=https://notify-staging.app.cloud.gov/sign-out'
LOGIN_DOT_GOV_BASE_LOGOUT_URL: 'https://secure.login.gov/openid_connect/logout?'
LOGIN_DOT_GOV_SIGNOUT_REDIRECT: 'https://notify-staging.app.cloud.gov/sign-out'
LOGIN_DOT_GOV_INITIAL_SIGNIN_URL: 'https://secure.login.gov/openid_connect/authorize?acr_values=http%3A%2F%2Fidmanagement.gov%2Fns%2Fassurance%2Fial%2F1&client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:notify-gov&nonce=NONCE&prompt=select_account&redirect_uri=https://notify-staging.app.cloud.gov/sign-in&response_type=code&scope=openid+email&state=STATE'
LOGIN_DOT_GOV_CERTS_URL: 'https://secure.login.gov/api/openid_connect/certs'
API_PUBLIC_URL: ${{ secrets.API_PUBLIC_URL }}
with:
cf_username: ${{ secrets.CLOUDGOV_USERNAME }}
cf_password: ${{ secrets.CLOUDGOV_PASSWORD }}
@@ -93,9 +93,9 @@ jobs:
--var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL"
--var LOGIN_DOT_GOV_CERTS_URL="$LOGIN_DOT_GOV_CERTS_URL"
--var LOGIN_PEM="$LOGIN_PEM"
--var API_PUBLIC_URL="$API_PUBLIC_URL"
--strategy rolling
- name: Deploy egress proxy
uses: ./.github/actions/deploy-proxy
env: