From 3745e6fc0d48b86fe9cd003c49a925f130ddb986 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 14 Feb 2023 12:13:42 -0500 Subject: [PATCH 01/10] Run pipenv update --- Pipfile.lock | 82 ++++++++++++++++++++++++++-------------------------- 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index 1c943b795..0c93ed458 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -743,24 +743,24 @@ }, "newrelic": { "hashes": [ - "sha256:05ceedb760a2f76fc8477f969520426656f6949d5b5bb5634a430a9d9d5c18fb", - "sha256:2d12c4c96187c7a51958d3145dcbfebcbb6fe48d9d3219804e558da3769992a3", - "sha256:37821d6d47288605ed9de138b8ec5498bd597dd91bc296af7733e5b864c40cc1", - "sha256:6a13e6956042eeb8cf013a219f936c88293b8d6460234c5d772fd53640264d3a", - "sha256:720929793f4e17838b354fa997caa0d6474710149ac68c3aea23c29ba9123d1c", - "sha256:8810ea27ae22c7621caf61971f3b3ab1356d237317c2cffe80f605b73f5bcb37", - "sha256:9571efebcc330c157cab9a8d0c6d55f6d7ec146370c59423716534e9989d880d", - "sha256:a5650024071525256df7d74a9bc887840889c35d1e7ade51eda8eedb25d85e95", - "sha256:a8aeae34a518ac961e6c972f9d9479a008925faa585c9a89a9307c79927d92e4", - "sha256:b425ec7653bc7e6e73f2a7f55e707cd9341ac90696c0f3dcafc3ac6776aec959", - "sha256:c006ff70fbc87fe1f201cec0d22b5d209a58bbe31a2530fefe457f051ce44b86", - "sha256:d529e272cb433cee50bab89e2f01ec57ac1b8511845f9b777dfadd3eab3842dd", - "sha256:d79df5fb486ca2a0997f4f9cda9a7e8de39ae07df8161b5ab2742f22bcf50974", - "sha256:f3f66de81c4cce20474017397f372ef11cb52a629c97c2e1fe5c445e31c2bf07", - "sha256:fd33ec7e227701ceafb8e3894dcc3dafae5dbffc4a43814ad9e7976fdb418696" + "sha256:2163cb63db50dfd792066ffcf4c14909bb252f39147313332fe545b1b2539b15", + "sha256:29f1cb2e00d14ed15744acf417703f1be4ed29a0e1488242c618bdde123db37b", + "sha256:3de16fee3e9ac6b3384504f22bb7af1d913e7531c20dcc895833133e2aa4735c", + "sha256:51e2391f50ca2deda749e5bfae1cc2791474cf1a814ccb1111837bff9db9447b", + "sha256:53583c56b480cc5cd9ed71341232f8e26c2f01ec508ff8ecc384159bd6a31c3c", + "sha256:66f3fa85eb3b2ab54d0637b108ea1c82f628f5f050417f8ddcab38bd1607a170", + "sha256:7e9fa97cd9f686090a64f7cdef776225163b33b751cbf4b2861b5b96da40d870", + "sha256:8024f13e705bc29bc13cf58438737f3fe6f4e66b364f8758585f8bea409ceb41", + "sha256:802bbda6c88d7e912b7220f17fba63e022a69d8b0cc3c2e3781395e4bf732c60", + "sha256:877daddeeb3959982ae5bd9b5f2a30c25e6f5f43d92fecf7d870e040c1da0c95", + "sha256:9425e17405ab3e1d15c4c3b48f193bb8f75cd60c402bed670d5ee2a911b684ef", + "sha256:a15169b13f333db8691a9cb8f81498d5ccd54f965a4097abc1d23eb884a0b2f2", + "sha256:a3b835fde21c405017562fc1daeb5cfa790a099f055654333f5c993ad0b26c9e", + "sha256:a78612d6fdad07e0c2bd98f109898f99ac99ead65ba22a249f275af6fb307078", + "sha256:a8aaa35bdbfe9681e59030c45e5cf56f80a6b059ec14898e0f71e1a2f06b354b" ], "index": "pypi", - "version": "==8.5.0" + "version": "==8.6.0" }, "notifications-python-client": { "hashes": [ @@ -772,7 +772,7 @@ "notifications-utils": { "editable": true, "git": "https://github.com/GSA/notifications-utils.git", - "ref": "1cad77b5da352537c5a555d0e94ad9bb334ba194" + "ref": "b3b0c05aec06ffe7cc2dc5671a6b8f7b3b3786bc" }, "numpy": { "hashes": [ @@ -832,10 +832,10 @@ }, "phonenumbers": { "hashes": [ - "sha256:2e3fd1f3fde226b289489275517c76edf223eafd9f43a2c2c36498a44b73d4b0", - "sha256:6eb2faf29c19f946baf10f1c977a1f856cab90819fe7735b8e141d5407420c4a" + "sha256:1531b42c8c49a1f06b08598441bf1f11fe2618f707c6fc96b581b44aa4f2b0e3", + "sha256:f8bd92975ba7463b7828ae2f95e1037b7e0ab8f023e9e8ffb7c560fd7f5d66d7" ], - "version": "==8.13.5" + "version": "==8.13.6" }, "prometheus-client": { "hashes": [ @@ -1059,11 +1059,11 @@ }, "python-json-logger": { "hashes": [ - "sha256:3b03487b14eb9e4f77e4fc2a023358b5394b82fd89cecf5586259baed57d8c6f", - "sha256:764d762175f99fcc4630bd4853b09632acb60a6224acb27ce08cd70f0b1b81bd" + "sha256:3af8e5b907b4a5b53cae249205ee3a3d3472bd7ad9ddfaec136eec2f2faf4995", + "sha256:ed33182c2b438a366775c25c1219ebbd5bd7f71694c644d6b3b3861e19565ae3" ], - "markers": "python_version >= '3.5'", - "version": "==2.0.4" + "markers": "python_version >= '3.6'", + "version": "==2.0.6" }, "pytz": { "hashes": [ @@ -1154,11 +1154,11 @@ }, "setuptools": { "hashes": [ - "sha256:16ccf598aab3b506593c17378473978908a2734d7336755a8769b480906bec1c", - "sha256:b440ee5f7e607bb8c9de15259dba2583dd41a38879a7abc1d43a71c59524da48" + "sha256:23c86b4e44432bfd8899384afc08872ec166a24f48a3f99f293b0a557e6a6b5d", + "sha256:daec07fd848d80676694d6bf69c009d28910aeece68a38dbe88b7e1bb6dba12e" ], "markers": "python_version >= '3.7'", - "version": "==67.2.0" + "version": "==67.3.1" }, "shapely": { "hashes": [ @@ -1220,11 +1220,11 @@ }, "soupsieve": { "hashes": [ - "sha256:3b2503d3c7084a42b1ebd08116e5f81aadfaea95863628c80a3b774a11b7c759", - "sha256:fc53893b3da2c33de295667a0e19f078c14bf86544af307354de5fcf12a3f30d" + "sha256:49e5368c2cda80ee7e84da9dbe3e110b70a4575f196efb74e51b94549d921955", + "sha256:e28dba9ca6c7c00173e34e4ba57448f0688bb681b7c5e8bf4971daafc093d69a" ], - "markers": "python_version >= '3.6'", - "version": "==2.3.2.post1" + "markers": "python_version >= '3.7'", + "version": "==2.4" }, "sqlalchemy": { "hashes": [ @@ -2028,11 +2028,11 @@ }, "pytest-forked": { "hashes": [ - "sha256:8b67587c8f98cbbadfdd804539ed5455b6ed03802203485dd2f53c1422d7440e", - "sha256:bbbb6717efc886b9d64537b41fb1497cfaf3c9601276be8da2cccfea5a3c8ad8" + "sha256:4dafd46a9a600f65d822b8f605133ecf5b3e1941ebb3588e943b4e3eb71a5a3f", + "sha256:810958f66a91afb1a1e2ae83089d8dc1cd2437ac96b12963042fbb9fb4d16af0" ], - "markers": "python_version >= '3.6'", - "version": "==1.4.0" + "markers": "python_version >= '3.7'", + "version": "==1.6.0" }, "pytest-mock": { "hashes": [ @@ -2149,11 +2149,11 @@ }, "setuptools": { "hashes": [ - "sha256:16ccf598aab3b506593c17378473978908a2734d7336755a8769b480906bec1c", - "sha256:b440ee5f7e607bb8c9de15259dba2583dd41a38879a7abc1d43a71c59524da48" + "sha256:23c86b4e44432bfd8899384afc08872ec166a24f48a3f99f293b0a557e6a6b5d", + "sha256:daec07fd848d80676694d6bf69c009d28910aeece68a38dbe88b7e1bb6dba12e" ], "markers": "python_version >= '3.7'", - "version": "==67.2.0" + "version": "==67.3.1" }, "six": { "hashes": [ @@ -2180,11 +2180,11 @@ }, "stevedore": { "hashes": [ - "sha256:7f8aeb6e3f90f96832c301bff21a7eb5eefbe894c88c506483d355565d88cc1a", - "sha256:aa6436565c069b2946fe4ebff07f5041e0c8bf18c7376dd29edf80cf7d524e4e" + "sha256:2c428d2338976279e8eb2196f7a94910960d9f7ba2f41f3988511e95ca447021", + "sha256:bd5a71ff5e5e5f5ea983880e4a1dd1bb47f8feebbb3d95b592398e2f02194771" ], "markers": "python_version >= '3.8'", - "version": "==4.1.1" + "version": "==5.0.0" }, "toml": { "hashes": [ From 3d4ff1a1f069bbe20b041c216a48441d45a52a64 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 14 Feb 2023 12:15:22 -0500 Subject: [PATCH 02/10] Switch back to official egress proxy repo --- .github/actions/deploy-proxy/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/deploy-proxy/action.yml b/.github/actions/deploy-proxy/action.yml index 13a773fa0..ff9d1cbe8 100644 --- a/.github/actions/deploy-proxy/action.yml +++ b/.github/actions/deploy-proxy/action.yml @@ -9,10 +9,10 @@ inputs: required: true proxy_repo: description: git repo for cg-egress-proxy - default: https://github.com/rahearn/cg-egress-proxy.git + default: https://github.com/GSA-TTS/cg-egress-proxy.git proxy_version: description: git ref to be deployed - default: new-relic-connection + default: main runs: using: composite steps: From ba0114809508ff8bd4e57b6ddec73397d0cd04af Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Feb 2023 07:42:56 +0000 Subject: [PATCH 03/10] Bump werkzeug from 2.2.2 to 2.2.3 Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.2.2 to 2.2.3. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/2.2.2...2.2.3) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Pipfile.lock | 57 ++++++++++++++++++++++++++-------------------------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index 0c93ed458..fa292a56c 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -410,11 +410,11 @@ }, "geojson": { "hashes": [ - "sha256:ea1df8246bdeb2bbf20d0756720911893414f9cee46b336a1e882d2cd60cfba1", - "sha256:fae22bb8c69da4cbff743e654d8f55cc45f6aedf19be3c962e7a15f607b5fa4d" + "sha256:e49df982b204ed481e4c1236c57f587adf71537301cf8faf7120ab27d73c7568", + "sha256:ff3d75acab60b1e66504a11f7ea12c104bad32ff3c410a807788663b966dee4a" ], - "markers": "python_version <= '3.11' and python_version >= '3.7'", - "version": "==3.0.0" + "markers": "python_version < '3.12' and python_version >= '3.7'", + "version": "==3.0.1" }, "govuk-bank-holidays": { "hashes": [ @@ -1112,6 +1112,7 @@ "sha256:1eec3741cda408d3a5f84b78d089c8b8d895f21b3b050988351e925faf202864", "sha256:5deb072d26e67d2be1712603bfb7947ec3431fb0eec9c578994052e33035af6d" ], + "markers": "python_version >= '3.7'", "version": "==4.5.1" }, "requests": { @@ -1119,7 +1120,7 @@ "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa", "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" ], - "markers": "python_version >= '3.7' and python_version < '4'", + "markers": "python_version >= '3.7' and python_full_version < '4.0.0'", "version": "==2.28.2" }, "rfc3339-validator": { @@ -1141,7 +1142,7 @@ "sha256:78f9a9bf4e7be0c5ded4583326e7461e3a3c5aae24073648b4bdfa797d78c9d2", "sha256:9d689e6ca1b3038bc82bf8d23e944b6b6037bc02301a574935b2dd946e0353b9" ], - "markers": "python_version >= '3.5' and python_version < '4'", + "markers": "python_full_version >= '3.5.0' and python_full_version < '4.0.0'", "version": "==4.7.2" }, "s3transfer": { @@ -1154,11 +1155,11 @@ }, "setuptools": { "hashes": [ - "sha256:23c86b4e44432bfd8899384afc08872ec166a24f48a3f99f293b0a557e6a6b5d", - "sha256:daec07fd848d80676694d6bf69c009d28910aeece68a38dbe88b7e1bb6dba12e" + "sha256:95f00380ef2ffa41d9bba85d95b27689d923c93dfbafed4aecd7cf988a25e012", + "sha256:bb6d8e508de562768f2027902929f8523932fcd1fb784e6d573d2cafac995a48" ], "markers": "python_version >= '3.7'", - "version": "==67.3.1" + "version": "==67.3.2" }, "shapely": { "hashes": [ @@ -1277,11 +1278,11 @@ }, "typing-extensions": { "hashes": [ - "sha256:1511434bb92bf8dd198c12b1cc812e800d4181cfcb867674e0f8279cc93087aa", - "sha256:16fa4864408f655d35ec496218b85f79b3437c829e93320c7c9215ccfd92489e" + "sha256:5cb5f4a79139d699607b3ef622a1dedafa84e115ab0024e0d9c044a9479ca7cb", + "sha256:fb33085c39dd998ac16d1431ebc293a8b3eedd00fd4a32de0ff79002c19511b4" ], "markers": "python_version < '3.10'", - "version": "==4.4.0" + "version": "==4.5.0" }, "uri-template": { "hashes": [ @@ -1329,11 +1330,11 @@ }, "werkzeug": { "hashes": [ - "sha256:7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", - "sha256:f979ab81f58d7318e064e99c4506445d60135ac5cd2e177a2de0089bfd4c9bd5" + "sha256:2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", + "sha256:56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612" ], "index": "pypi", - "version": "==2.2.2" + "version": "==2.2.3" }, "wrapt": { "hashes": [ @@ -1624,7 +1625,7 @@ "sha256:1ccd482024a30b95c4fffb3fe567a9df97b705f34c1075f8abde8537867600c3", "sha256:8981ca462fba91469c268d684a03f72c89c7a807674d884f83a28d8c2822a9b6" ], - "markers": "python_version >= '3.6' and python_version < '4.0'", + "markers": "python_version >= '3.6' and python_version < '4'", "version": "==3.1.5" }, "execnet": { @@ -1945,7 +1946,7 @@ "sha256:4659bc2a667783e7a15d190f6fccf8b2486685b6dba4c19c3876314769c57526", "sha256:b4fa3a7a0be38243123cf9d1f3518da10c51bdb165a2b2985566247f9155a7d3" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==32.0.1" }, "pluggy": { @@ -2105,7 +2106,7 @@ "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa", "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" ], - "markers": "python_version >= '3.7' and python_version < '4'", + "markers": "python_version >= '3.7' and python_full_version < '4.0.0'", "version": "==2.28.2" }, "requests-mock": { @@ -2136,7 +2137,7 @@ "sha256:125d96d20c92b946b983d0d392b84ff945461e5a06d3867e9f9e575f8697b67f", "sha256:8aa57747f3fc3e977684f0176a88e789be314a99f99b43b75d1e9cb5dc6db9e9" ], - "markers": "python_full_version >= '3.7.0'", + "markers": "python_version >= '3.7'", "version": "==13.3.1" }, "s3transfer": { @@ -2149,11 +2150,11 @@ }, "setuptools": { "hashes": [ - "sha256:23c86b4e44432bfd8899384afc08872ec166a24f48a3f99f293b0a557e6a6b5d", - "sha256:daec07fd848d80676694d6bf69c009d28910aeece68a38dbe88b7e1bb6dba12e" + "sha256:95f00380ef2ffa41d9bba85d95b27689d923c93dfbafed4aecd7cf988a25e012", + "sha256:bb6d8e508de562768f2027902929f8523932fcd1fb784e6d573d2cafac995a48" ], "markers": "python_version >= '3.7'", - "version": "==67.3.1" + "version": "==67.3.2" }, "six": { "hashes": [ @@ -2204,10 +2205,10 @@ }, "types-toml": { "hashes": [ - "sha256:a2286a053aea6ab6ff814659272b1d4a05d86a1dd52b807a87b23511993b46c5", - "sha256:f37244eff4cd7eace9cb70d0bac54d3eba77973aa4ef26c271ac3d1c6503a48e" + "sha256:306b1bb8b5bbc5f1b60387dbcc4b489e79f8490ce20e93af5f422a68b470d94b", + "sha256:c8748dd225b28eb80ce712e2d7d61b57599815e7b48d07ef53df51ed148fa6b1" ], - "version": "==0.10.8.3" + "version": "==0.10.8.4" }, "urllib3": { "hashes": [ @@ -2226,11 +2227,11 @@ }, "werkzeug": { "hashes": [ - "sha256:7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", - "sha256:f979ab81f58d7318e064e99c4506445d60135ac5cd2e177a2de0089bfd4c9bd5" + "sha256:2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", + "sha256:56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612" ], "index": "pypi", - "version": "==2.2.2" + "version": "==2.2.3" }, "xmltodict": { "hashes": [ From e26bc5095cac29e90a27fdc58beb0674d182b406 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Fri, 17 Feb 2023 11:54:17 -0500 Subject: [PATCH 04/10] Use cryptographically secure random number for sms codes Also, increase token length to 6 digits --- app/dao/users_dao.py | 15 ++++----------- tests/app/dao/test_users_dao.py | 16 ++-------------- 2 files changed, 6 insertions(+), 25 deletions(-) diff --git a/app/dao/users_dao.py b/app/dao/users_dao.py index d24ac1414..0cab0ab34 100644 --- a/app/dao/users_dao.py +++ b/app/dao/users_dao.py @@ -1,6 +1,6 @@ import uuid from datetime import datetime, timedelta -from random import SystemRandom +from secrets import randbelow from sqlalchemy import func from sqlalchemy.orm import joinedload @@ -19,16 +19,9 @@ def _remove_values_for_keys_if_present(dict, keys): dict.pop(key, None) -def create_secret_code(): - return ''.join(get_non_repeating_random_digits(5)) - - -def get_non_repeating_random_digits(length): - output = [None] * length - for index in range(length): - while output[index] in {None, output[index - 1]}: - output[index] = str(SystemRandom().randrange(10)) - return output +def create_secret_code(length=6): + random_number = randbelow(10 ** length) + return f"{random_number:06d}" def save_user_attribute(usr, update_dict=None): diff --git a/tests/app/dao/test_users_dao.py b/tests/app/dao/test_users_dao.py index 2e953a4e7..a8e28db62 100644 --- a/tests/app/dao/test_users_dao.py +++ b/tests/app/dao/test_users_dao.py @@ -183,21 +183,9 @@ def test_create_secret_code_different_subsequent_codes(): assert code1 != code2 -def test_create_secret_code_returns_5_digits(): +def test_create_secret_code_returns_6_digits(): code = create_secret_code() - assert len(str(code)) == 5 - - -def test_create_secret_code_never_repeats_consecutive_digits(mocker): - mocker.patch('app.dao.users_dao.SystemRandom.randrange', side_effect=[ - 1, 1, 1, - 2, - 3, - 4, 4, - 1, # Repeated allowed if not consecutive - 9, 9, # Not called because we have 5 digits now - ]) - assert create_secret_code() == '12341' + assert len(str(code)) == 6 @freeze_time('2018-07-07 12:00:00') From 596e25af42dc833d361c8c86e9ee6181a90cb7c0 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 21 Feb 2023 16:48:27 -0500 Subject: [PATCH 05/10] Move demo terraform to commercial prod AWS account --- terraform/demo/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/demo/main.tf b/terraform/demo/main.tf index 57e982a0b..558e21c07 100644 --- a/terraform/demo/main.tf +++ b/terraform/demo/main.tf @@ -63,7 +63,7 @@ module "ses_email" { cf_space_name = local.cf_space_name name = "${local.app_name}-ses-${local.env}" recursive_delete = local.recursive_delete - aws_region = "us-gov-west-1" + aws_region = "us-west-2" email_domain = "notify.sandbox.10x.gsa.gov" email_receipt_error = "notify-support@gsa.gov" } @@ -79,6 +79,6 @@ module "ses_email" { # cf_space_name = local.cf_space_name # name = "${local.app_name}-sns-${local.env}" # recursive_delete = local.recursive_delete -# aws_region = "us-gov-east-1" +# aws_region = "us-east-1" # monthly_spend_limit = 25 # } From e62b257061759aec8d356c7f9d11da2e8b054ced Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 21 Feb 2023 16:48:42 -0500 Subject: [PATCH 06/10] Update sandbox sns terraform now that service sharing is blocked --- terraform/sandbox/main.tf | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/terraform/sandbox/main.tf b/terraform/sandbox/main.tf index fc44306ee..b1f7770b2 100644 --- a/terraform/sandbox/main.tf +++ b/terraform/sandbox/main.tf @@ -67,17 +67,13 @@ module "ses_email" { email_receipt_error = "notify-support@gsa.gov" } -############################################################### -# By default, sandbox uses the shared service instance from the -# staging space -############################################################### -# module "sns_sms" { -# source = "../shared/sns" -# -# cf_org_name = local.cf_org_name -# cf_space_name = local.cf_space_name -# name = "${local.app_name}-sns-${local.env}" -# recursive_delete = local.recursive_delete -# aws_region = "us-west-2" -# monthly_spend_limit = 1 -# } +module "sns_sms" { + source = "../shared/sns" + + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-sns-${local.env}" + recursive_delete = local.recursive_delete + aws_region = "us-east-2" + monthly_spend_limit = 1 +} From eec618dff840a9ef40791705b6b13684249a5cfe Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Wed, 22 Feb 2023 10:10:00 -0500 Subject: [PATCH 07/10] Enable sns service in demo --- terraform/demo/main.tf | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/terraform/demo/main.tf b/terraform/demo/main.tf index 558e21c07..cdd8190d1 100644 --- a/terraform/demo/main.tf +++ b/terraform/demo/main.tf @@ -68,17 +68,13 @@ module "ses_email" { email_receipt_error = "notify-support@gsa.gov" } -######################################################################### -# Wait for SNS is out of sandbox and spending limit is increased -# before activating this module -######################################################################### -# module "sns_sms" { -# source = "../shared/sns" +module "sns_sms" { + source = "../shared/sns" -# cf_org_name = local.cf_org_name -# cf_space_name = local.cf_space_name -# name = "${local.app_name}-sns-${local.env}" -# recursive_delete = local.recursive_delete -# aws_region = "us-east-1" -# monthly_spend_limit = 25 -# } + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-sns-${local.env}" + recursive_delete = local.recursive_delete + aws_region = "us-east-1" + monthly_spend_limit = 25 +} From 71010e78d8838a4078d724f6fd3607772111fb52 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Wed, 22 Feb 2023 10:48:15 -0500 Subject: [PATCH 08/10] Fix formatting for secret code to ensure 0 padding no matter the passed length --- app/dao/users_dao.py | 2 +- tests/app/dao/test_users_dao.py | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/app/dao/users_dao.py b/app/dao/users_dao.py index 0cab0ab34..da773cf83 100644 --- a/app/dao/users_dao.py +++ b/app/dao/users_dao.py @@ -21,7 +21,7 @@ def _remove_values_for_keys_if_present(dict, keys): def create_secret_code(length=6): random_number = randbelow(10 ** length) - return f"{random_number:06d}" + return "{:0{length}d}".format(random_number, length=length) def save_user_attribute(usr, update_dict=None): diff --git a/tests/app/dao/test_users_dao.py b/tests/app/dao/test_users_dao.py index a8e28db62..21d6d6558 100644 --- a/tests/app/dao/test_users_dao.py +++ b/tests/app/dao/test_users_dao.py @@ -185,7 +185,13 @@ def test_create_secret_code_different_subsequent_codes(): def test_create_secret_code_returns_6_digits(): code = create_secret_code() - assert len(str(code)) == 6 + assert len(code) == 6 + + +def test_create_secret_code_can_customize_digits(): + code_length = 10 + code = create_secret_code(code_length) + assert len(code) == code_length @freeze_time('2018-07-07 12:00:00') From 5899ab83011b8ca6d12fd9cfa41c20d2097d323d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Feb 2023 20:12:40 +0000 Subject: [PATCH 09/10] Bump markdown-it-py from 2.1.0 to 2.2.0 Bumps [markdown-it-py](https://github.com/executablebooks/markdown-it-py) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/executablebooks/markdown-it-py/releases) - [Changelog](https://github.com/executablebooks/markdown-it-py/blob/master/CHANGELOG.md) - [Commits](https://github.com/executablebooks/markdown-it-py/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: markdown-it-py dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Pipfile.lock | 170 +++++++++++++++++++++++++-------------------------- 1 file changed, 85 insertions(+), 85 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index fa292a56c..d51ee08d9 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -772,7 +772,7 @@ "notifications-utils": { "editable": true, "git": "https://github.com/GSA/notifications-utils.git", - "ref": "b3b0c05aec06ffe7cc2dc5671a6b8f7b3b3786bc" + "ref": "2feb97a7de98ce20172d4287f6a84b4116ce021a" }, "numpy": { "hashes": [ @@ -847,11 +847,11 @@ }, "prompt-toolkit": { "hashes": [ - "sha256:3e163f254bef5a03b146397d7c1963bd3e2812f0964bb9a24e6ec761fd28db63", - "sha256:aa64ad242a462c5ff0363a7b9cfe696c20d55d9fc60c11fd8e632d064804d305" + "sha256:6a2948ec427dfcc7c983027b1044b355db6aaa8be374f54ad2015471f7d81c5b", + "sha256:d5d73d4b5eb1a92ba884a88962b157f49b71e06c4348b417dd622b25cdd3800b" ], - "markers": "python_full_version >= '3.6.2'", - "version": "==3.0.36" + "markers": "python_version >= '3.7'", + "version": "==3.0.37" }, "psycopg2-binary": { "hashes": [ @@ -1059,11 +1059,11 @@ }, "python-json-logger": { "hashes": [ - "sha256:3af8e5b907b4a5b53cae249205ee3a3d3472bd7ad9ddfaec136eec2f2faf4995", - "sha256:ed33182c2b438a366775c25c1219ebbd5bd7f71694c644d6b3b3861e19565ae3" + "sha256:23e7ec02d34237c5aa1e29a070193a4ea87583bb4e7f8fd06d3de8264c4b2e1c", + "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" ], "markers": "python_version >= '3.6'", - "version": "==2.0.6" + "version": "==2.0.7" }, "pytz": { "hashes": [ @@ -1120,7 +1120,7 @@ "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa", "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" ], - "markers": "python_version >= '3.7' and python_full_version < '4.0.0'", + "markers": "python_version >= '3.7' and python_version < '4.0'", "version": "==2.28.2" }, "rfc3339-validator": { @@ -1142,7 +1142,7 @@ "sha256:78f9a9bf4e7be0c5ded4583326e7461e3a3c5aae24073648b4bdfa797d78c9d2", "sha256:9d689e6ca1b3038bc82bf8d23e944b6b6037bc02301a574935b2dd946e0353b9" ], - "markers": "python_full_version >= '3.5.0' and python_full_version < '4.0.0'", + "markers": "python_version >= '3.5' and python_version < '4.0'", "version": "==4.7.2" }, "s3transfer": { @@ -1155,11 +1155,11 @@ }, "setuptools": { "hashes": [ - "sha256:95f00380ef2ffa41d9bba85d95b27689d923c93dfbafed4aecd7cf988a25e012", - "sha256:bb6d8e508de562768f2027902929f8523932fcd1fb784e6d573d2cafac995a48" + "sha256:e5fd0a713141a4a105412233c63dc4e17ba0090c8e8334594ac790ec97792330", + "sha256:f106dee1b506dee5102cc3f3e9e68137bbad6d47b616be7991714b0c62204251" ], "markers": "python_version >= '3.7'", - "version": "==67.3.2" + "version": "==67.4.0" }, "shapely": { "hashes": [ @@ -1408,11 +1408,11 @@ }, "zipp": { "hashes": [ - "sha256:23f70e964bc11a34cef175bc90ba2914e1e4545ea1e3e2f67c079671883f9cb6", - "sha256:e8b2a36ea17df80ffe9e2c4fda3f693c3dad6df1697d3cd3af232db680950b0b" + "sha256:188834565033387710d046e3fe96acfc9b5e86cbca7f39ff69cf21a4128198b7", + "sha256:9e5421e176ef5ab4c0ad896624e87a7b2f07aca746c9b2aa305952800cb8eecb" ], "markers": "python_version >= '3.7'", - "version": "==3.13.0" + "version": "==3.14.0" } }, "develop": { @@ -1536,60 +1536,60 @@ "toml" ], "hashes": [ - "sha256:04481245ef966fbd24ae9b9e537ce899ae584d521dfbe78f89cad003c38ca2ab", - "sha256:0c45948f613d5d18c9ec5eaa203ce06a653334cf1bd47c783a12d0dd4fd9c851", - "sha256:10188fe543560ec4874f974b5305cd1a8bdcfa885ee00ea3a03733464c4ca265", - "sha256:218fe982371ac7387304153ecd51205f14e9d731b34fb0568181abaf7b443ba0", - "sha256:29571503c37f2ef2138a306d23e7270687c0efb9cab4bd8038d609b5c2393a3a", - "sha256:2a60d6513781e87047c3e630b33b4d1e89f39836dac6e069ffee28c4786715f5", - "sha256:2bf1d5f2084c3932b56b962a683074a3692bce7cabd3aa023c987a2a8e7612f6", - "sha256:3164d31078fa9efe406e198aecd2a02d32a62fecbdef74f76dad6a46c7e48311", - "sha256:32df215215f3af2c1617a55dbdfb403b772d463d54d219985ac7cd3bf124cada", - "sha256:33d1ae9d4079e05ac4cc1ef9e20c648f5afabf1a92adfaf2ccf509c50b85717f", - "sha256:33ff26d0f6cc3ca8de13d14fde1ff8efe1456b53e3f0273e63cc8b3c84a063d8", - "sha256:38da2db80cc505a611938d8624801158e409928b136c8916cd2e203970dde4dc", - "sha256:3b155caf3760408d1cb903b21e6a97ad4e2bdad43cbc265e3ce0afb8e0057e73", - "sha256:3b946bbcd5a8231383450b195cfb58cb01cbe7f8949f5758566b881df4b33baf", - "sha256:3baf5f126f30781b5e93dbefcc8271cb2491647f8283f20ac54d12161dff080e", - "sha256:4b14d5e09c656de5038a3f9bfe5228f53439282abcab87317c9f7f1acb280352", - "sha256:51b236e764840a6df0661b67e50697aaa0e7d4124ca95e5058fa3d7cbc240b7c", - "sha256:63ffd21aa133ff48c4dff7adcc46b7ec8b565491bfc371212122dd999812ea1c", - "sha256:6a43c7823cd7427b4ed763aa7fb63901ca8288591323b58c9cd6ec31ad910f3c", - "sha256:755e89e32376c850f826c425ece2c35a4fc266c081490eb0a841e7c1cb0d3bda", - "sha256:7a726d742816cb3a8973c8c9a97539c734b3a309345236cd533c4883dda05b8d", - "sha256:7c7c0d0827e853315c9bbd43c1162c006dd808dbbe297db7ae66cd17b07830f0", - "sha256:7ed681b0f8e8bcbbffa58ba26fcf5dbc8f79e7997595bf071ed5430d8c08d6f3", - "sha256:7ee5c9bb51695f80878faaa5598040dd6c9e172ddcf490382e8aedb8ec3fec8d", - "sha256:8361be1c2c073919500b6601220a6f2f98ea0b6d2fec5014c1d9cfa23dd07038", - "sha256:8ae125d1134bf236acba8b83e74c603d1b30e207266121e76484562bc816344c", - "sha256:9817733f0d3ea91bea80de0f79ef971ae94f81ca52f9b66500c6a2fea8e4b4f8", - "sha256:98b85dd86514d889a2e3dd22ab3c18c9d0019e696478391d86708b805f4ea0fa", - "sha256:9ccb092c9ede70b2517a57382a601619d20981f56f440eae7e4d7eaafd1d1d09", - "sha256:9d58885215094ab4a86a6aef044e42994a2bd76a446dc59b352622655ba6621b", - "sha256:b643cb30821e7570c0aaf54feaf0bfb630b79059f85741843e9dc23f33aaca2c", - "sha256:bc7c85a150501286f8b56bd8ed3aa4093f4b88fb68c0843d21ff9656f0009d6a", - "sha256:beeb129cacea34490ffd4d6153af70509aa3cda20fdda2ea1a2be870dfec8d52", - "sha256:c31b75ae466c053a98bf26843563b3b3517b8f37da4d47b1c582fdc703112bc3", - "sha256:c4e4881fa9e9667afcc742f0c244d9364d197490fbc91d12ac3b5de0bf2df146", - "sha256:c5b15ed7644ae4bee0ecf74fee95808dcc34ba6ace87e8dfbf5cb0dc20eab45a", - "sha256:d12d076582507ea460ea2a89a8c85cb558f83406c8a41dd641d7be9a32e1274f", - "sha256:d248cd4a92065a4d4543b8331660121b31c4148dd00a691bfb7a5cdc7483cfa4", - "sha256:d47dd659a4ee952e90dc56c97d78132573dc5c7b09d61b416a9deef4ebe01a0c", - "sha256:d4a5a5879a939cb84959d86869132b00176197ca561c664fc21478c1eee60d75", - "sha256:da9b41d4539eefd408c46725fb76ecba3a50a3367cafb7dea5f250d0653c1040", - "sha256:db61a79c07331e88b9a9974815c075fbd812bc9dbc4dc44b366b5368a2936063", - "sha256:ddb726cb861c3117a553f940372a495fe1078249ff5f8a5478c0576c7be12050", - "sha256:ded59300d6330be27bc6cf0b74b89ada58069ced87c48eaf9344e5e84b0072f7", - "sha256:e2617759031dae1bf183c16cef8fcfb3de7617f394c813fa5e8e46e9b82d4222", - "sha256:e5cdbb5cafcedea04924568d990e20ce7f1945a1dd54b560f879ee2d57226912", - "sha256:ec8e767f13be637d056f7e07e61d089e555f719b387a7070154ad80a0ff31801", - "sha256:ef382417db92ba23dfb5864a3fc9be27ea4894e86620d342a116b243ade5d35d", - "sha256:f2cba5c6db29ce991029b5e4ac51eb36774458f0a3b8d3137241b32d1bb91f06", - "sha256:f5b4198d85a3755d27e64c52f8c95d6333119e49fd001ae5798dac872c95e0f8", - "sha256:ffeeb38ee4a80a30a6877c5c4c359e5498eec095878f1581453202bfacc8fbc2" + "sha256:049806ae2df69468c130f04f0fab4212c46b34ba5590296281423bb1ae379df2", + "sha256:08e3dd256b8d3e07bb230896c8c96ec6c5dffbe5a133ba21f8be82b275b900e8", + "sha256:0f03c229f1453b936916f68a47b3dfb5e84e7ad48e160488168a5e35115320c8", + "sha256:171dd3aa71a49274a7e4fc26f5bc167bfae5a4421a668bc074e21a0522a0af4b", + "sha256:1856a8c4aa77eb7ca0d42c996d0ca395ecafae658c1432b9da4528c429f2575c", + "sha256:28563a35ef4a82b5bc5160a01853ce62b9fceee00760e583ffc8acf9e3413753", + "sha256:2c15bd09fd5009f3a79c8b3682b52973df29761030b692043f9834fc780947c4", + "sha256:2c9fffbc39dc4a6277e1525cab06c161d11ee3995bbc97543dc74fcec33e045b", + "sha256:2d7daf3da9c7e0ed742b3e6b4de6cc464552e787b8a6449d16517b31bbdaddf5", + "sha256:32e6a730fd18b2556716039ab93278ccebbefa1af81e6aa0c8dba888cf659e6e", + "sha256:34d7211be69b215ad92298a962b2cd5a4ef4b17c7871d85e15d3d1b6dc8d8c96", + "sha256:358d3bce1468f298b19a3e35183bdb13c06cdda029643537a0cc37e55e74e8f1", + "sha256:3713a8ec18781fda408f0e853bf8c85963e2d3327c99a82a22e5c91baffcb934", + "sha256:40785553d68c61e61100262b73f665024fd2bb3c6f0f8e2cd5b13e10e4df027b", + "sha256:4655ecd813f4ba44857af3e9cffd133ab409774e9d2a7d8fdaf4fdfd2941b789", + "sha256:465ea431c3b78a87e32d7d9ea6d081a1003c43a442982375cf2c247a19971961", + "sha256:4b8fd32f85b256fc096deeb4872aeb8137474da0c0351236f93cbedc359353d6", + "sha256:4c1153a6156715db9d6ae8283480ae67fb67452aa693a56d7dae9ffe8f7a80da", + "sha256:577a8bc40c01ad88bb9ab1b3a1814f2f860ff5c5099827da2a3cafc5522dadea", + "sha256:59a427f8a005aa7254074719441acb25ac2c2f60c1f1026d43f846d4254c1c2f", + "sha256:5e29a64e9586194ea271048bc80c83cdd4587830110d1e07b109e6ff435e5dbc", + "sha256:74cd60fa00f46f28bd40048d6ca26bd58e9bee61d2b0eb4ec18cea13493c003f", + "sha256:7efa21611ffc91156e6f053997285c6fe88cfef3fb7533692d0692d2cb30c846", + "sha256:7f992b32286c86c38f07a8b5c3fc88384199e82434040a729ec06b067ee0d52c", + "sha256:875b03d92ac939fbfa8ae74a35b2c468fc4f070f613d5b1692f9980099a3a210", + "sha256:88ae5929f0ef668b582fd7cad09b5e7277f50f912183cf969b36e82a1c26e49a", + "sha256:8d5302eb84c61e758c9d68b8a2f93a398b272073a046d07da83d77b0edc8d76b", + "sha256:90e7a4cbbb7b1916937d380beb1315b12957b8e895d7d9fb032e2038ac367525", + "sha256:9240a0335365c29c968131bdf624bb25a8a653a9c0d8c5dbfcabf80b59c1973c", + "sha256:932048364ff9c39030c6ba360c31bf4500036d4e15c02a2afc5a76e7623140d4", + "sha256:93db11da6e728587e943dff8ae1b739002311f035831b6ecdb15e308224a4247", + "sha256:971b49dbf713044c3e5f6451b39f65615d4d1c1d9a19948fa0f41b0245a98765", + "sha256:9cc9c41aa5af16d845b53287051340c363dd03b7ef408e45eec3af52be77810d", + "sha256:9dbb21561b0e04acabe62d2c274f02df0d715e8769485353ddf3cf84727e31ce", + "sha256:a6ceeab5fca62bca072eba6865a12d881f281c74231d2990f8a398226e1a5d96", + "sha256:ad12c74c6ce53a027f5a5ecbac9be20758a41c85425c1bbab7078441794b04ee", + "sha256:b09dd7bef59448c66e6b490cc3f3c25c14bc85d4e3c193b81a6204be8dd355de", + "sha256:bd67df6b48db18c10790635060858e2ea4109601e84a1e9bfdd92e898dc7dc79", + "sha256:bf9e02bc3dee792b9d145af30db8686f328e781bd212fdef499db5e9e4dd8377", + "sha256:bfa065307667f1c6e1f4c3e13f415b0925e34e56441f5fda2c84110a4a1d8bda", + "sha256:c160e34e388277f10c50dc2c7b5e78abe6d07357d9fe7fcb2f3c156713fd647e", + "sha256:c243b25051440386179591a8d5a5caff4484f92c980fb6e061b9559da7cc3f64", + "sha256:c3c4beddee01c8125a75cde3b71be273995e2e9ec08fbc260dd206b46bb99969", + "sha256:cd38140b56538855d3d5722c6d1b752b35237e7ea3f360047ce57f3fade82d98", + "sha256:d7f2a7df523791e6a63b40360afa6792a11869651307031160dc10802df9a252", + "sha256:da32526326e8da0effb452dc32a21ffad282c485a85a02aeff2393156f69c1c3", + "sha256:dc4f9a89c82faf6254d646180b2e3aa4daf5ff75bdb2c296b9f6a6cf547e26a7", + "sha256:f0557289260125a6c453ad5673ba79e5b6841d9a20c9e101f758bfbedf928a77", + "sha256:f332d61fbff353e2ef0f3130a166f499c3fad3a196e7f7ae72076d41a6bfb259", + "sha256:f3ff4205aff999164834792a3949f82435bc7c7655c849226d5836c3242d7451", + "sha256:ffa637a2d5883298449a5434b699b22ef98dd8e2ef8a1d9e60fa9cfe79813411" ], "markers": "python_version >= '3.7'", - "version": "==7.1.0" + "version": "==7.2.0" }, "cryptography": { "hashes": [ @@ -1670,11 +1670,11 @@ }, "gitpython": { "hashes": [ - "sha256:769c2d83e13f5d938b7688479da374c4e3d49f71549aaf462b646db9602ea6f8", - "sha256:cd455b0000615c60e286208ba540271af9fe531fa6a87cc590a7298785ab2882" + "sha256:8ce3bcf69adfdf7c7d503e78fd3b1c492af782d58893b650adb2ac8912ddd573", + "sha256:f04893614f6aa713a60cbbe1e6a97403ef633103cdd0ef5eb6efe0deb98dbe8d" ], "markers": "python_version >= '3.7'", - "version": "==3.1.30" + "version": "==3.1.31" }, "honcho": { "hashes": [ @@ -1751,11 +1751,11 @@ }, "markdown-it-py": { "hashes": [ - "sha256:93de681e5c021a432c63147656fe21790bc01231e0cd2da73626f1aa3ac0fe27", - "sha256:cf7e59fed14b5ae17c0006eff14a2d9a00ed5f3a846148153899a0224e2c07da" + "sha256:5a35f8d1870171d9acc47b99612dc146129b631baf04970128b568f190d0cc30", + "sha256:7c9a5e412688bc771c67432cbfebcdd686c93ce6484913dccf06cb5a0bea35a1" ], - "markers": "python_version >= '3.7'", - "version": "==2.1.0" + "index": "pypi", + "version": "==2.2.0" }, "markupsafe": { "hashes": [ @@ -1919,11 +1919,11 @@ }, "pip": { "hashes": [ - "sha256:aee438284e82c8def684b0bcc50b1f6ed5e941af97fa940e83e2e8ef1a59da9b", - "sha256:b5f88adff801f5ef052bcdef3daa31b55eb67b0fccd6d0106c206fa248e0463c" + "sha256:236bcb61156d76c4b8a05821b988c7b8c35bf0da28a4b614e8d6ab5212c25c6f", + "sha256:cd015ea1bfb0fcef59d8a286c1f8bebcb983f6317719d415dc5351efb7cd7024" ], "markers": "python_version >= '3.7'", - "version": "==23.0" + "version": "==23.0.1" }, "pip-api": { "hashes": [ @@ -2106,7 +2106,7 @@ "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa", "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" ], - "markers": "python_version >= '3.7' and python_full_version < '4.0.0'", + "markers": "python_version >= '3.7' and python_version < '4.0'", "version": "==2.28.2" }, "requests-mock": { @@ -2150,11 +2150,11 @@ }, "setuptools": { "hashes": [ - "sha256:95f00380ef2ffa41d9bba85d95b27689d923c93dfbafed4aecd7cf988a25e012", - "sha256:bb6d8e508de562768f2027902929f8523932fcd1fb784e6d573d2cafac995a48" + "sha256:e5fd0a713141a4a105412233c63dc4e17ba0090c8e8334594ac790ec97792330", + "sha256:f106dee1b506dee5102cc3f3e9e68137bbad6d47b616be7991714b0c62204251" ], "markers": "python_version >= '3.7'", - "version": "==67.3.2" + "version": "==67.4.0" }, "six": { "hashes": [ @@ -2205,10 +2205,10 @@ }, "types-toml": { "hashes": [ - "sha256:306b1bb8b5bbc5f1b60387dbcc4b489e79f8490ce20e93af5f422a68b470d94b", - "sha256:c8748dd225b28eb80ce712e2d7d61b57599815e7b48d07ef53df51ed148fa6b1" + "sha256:2432017febe43174af0f3c65f03116e3d3cf43e7e1406b8200e106da8cf98992", + "sha256:bf80fce7d2d74be91148f47b88d9ae5adeb1024abef22aa2fdbabc036d6b8b3c" ], - "version": "==0.10.8.4" + "version": "==0.10.8.5" }, "urllib3": { "hashes": [ From b8f66155dc53d3e15a1248e0d4aeafa0afafd08f Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 28 Feb 2023 11:38:58 -0500 Subject: [PATCH 10/10] Add a mail-from subdomain to staging and prod ses --- terraform/production/main.tf | 1 + terraform/shared/ses/main.tf | 1 + terraform/shared/ses/variables.tf | 6 ++++++ terraform/staging/main.tf | 1 + 4 files changed, 9 insertions(+) diff --git a/terraform/production/main.tf b/terraform/production/main.tf index 5730fbe2a..7008d93b8 100644 --- a/terraform/production/main.tf +++ b/terraform/production/main.tf @@ -63,6 +63,7 @@ module "ses_email" { recursive_delete = local.recursive_delete aws_region = "us-gov-west-1" email_domain = "notify.gov" + mail_from_subdomain = "mail" email_receipt_error = "notify-support@gsa.gov" } diff --git a/terraform/shared/ses/main.tf b/terraform/shared/ses/main.tf index de7ca2a2b..a29a8ce10 100644 --- a/terraform/shared/ses/main.tf +++ b/terraform/shared/ses/main.tf @@ -23,6 +23,7 @@ resource "cloudfoundry_service_instance" "ses" { json_params = jsonencode({ region = var.aws_region domain = var.email_domain + mail_from_subdomain = var.mail_from_subdomain email_receipt_error = var.email_receipt_error enable_feedback_notifications = true }) diff --git a/terraform/shared/ses/variables.tf b/terraform/shared/ses/variables.tf index c56468cc6..74e852cf6 100644 --- a/terraform/shared/ses/variables.tf +++ b/terraform/shared/ses/variables.tf @@ -34,3 +34,9 @@ variable "email_receipt_error" { type = string description = "email address to list in SPF records for errors to be sent to" } + +variable "mail_from_subdomain" { + type = string + description = "Subdomain of email_domain to set as the mail-from header" + default = "" +} diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index c5f0f56ab..5e9c071d3 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -64,6 +64,7 @@ module "ses_email" { name = "${local.app_name}-ses-${local.env}" recursive_delete = local.recursive_delete aws_region = "us-west-2" + mail_from_subdomain = "mail" email_receipt_error = "notify-support@gsa.gov" }