darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-16 10:12:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use credentials output by terraform/development

Browse Source
This commit is contained in:
Ryan Ahearn
2023-03-13 12:59:44 -04:00
parent 627149402c
commit 84e7e9b5cf
7 changed files with 24 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/checks.yml vendored
View File

@@ -13,8 +13,7 @@ env:
FLASK_APP: application.py
WERKZEUG_DEBUG_PIN: off
REDIS_ENABLED: 0
AWS_REGION: us-west-2
AWS_US_TOLL_FREE_NUMBER: "+18446120782"
AWS_US_TOLL_FREE_NUMBER: "+18556438890"
jobs:
build:

4
.github/workflows/daily_checks.yml vendored
View File

@@ -16,10 +16,8 @@ env:
NEW_RELIC_ENVIRONMENT: test
FLASK_APP: application.py
WERKZEUG_DEBUG_PIN: off
NOTIFY_EMAIL_DOMAIN: dispostable.com
REDIS_ENABLED: 0
AWS_REGION: us-west-2
AWS_US_TOLL_FREE_NUMBER: "+18446120782"
AWS_US_TOLL_FREE_NUMBER: "+18556438890"
jobs:
pip-audit:

17
app/cloudfoundry_config.py
View File

@@ -34,51 +34,52 @@ class CloudfoundryConfig:
@property
def ses_email_domain(self):
try:
return self._ses_credentials('domain_arn').split('/')[-1]
domain_arn = self._ses_credentials('domain_arn')
except KeyError:
return getenv('NOTIFY_EMAIL_DOMAIN', 'notify.sandbox.10x.gsa.gov')
domain_arn = getenv('SES_DOMAIN_ARN', 'dev.notify.gov')
return domain_arn.split('/')[-1]
@property
def ses_region(self):
try:
return self._ses_credentials('region')
except KeyError:
return getenv('AWS_REGION')
return getenv('SES_AWS_REGION', 'us-west-1')
@property
def ses_access_key(self):
try:
return self._ses_credentials('smtp_user')
except KeyError:
return getenv('AWS_ACCESS_KEY_ID')
return getenv('SES_AWS_ACCESS_KEY_ID')
@property
def ses_secret_key(self):
try:
return self._ses_credentials('secret_access_key')
except KeyError:
return getenv('AWS_SECRET_ACCESS_KEY')
return getenv('SES_AWS_SECRET_ACCESS_KEY')
@property
def sns_access_key(self):
try:
return self._sns_credentials('aws_access_key_id')
except KeyError:
return getenv('AWS_ACCESS_KEY_ID')
return getenv('SNS_AWS_ACCESS_KEY_ID')
@property
def sns_secret_key(self):
try:
return self._sns_credentials('aws_secret_access_key')
except KeyError:
return getenv('AWS_SECRET_ACCESS_KEY')
return getenv('SNS_AWS_SECRET_ACCESS_KEY')
@property
def sns_region(self):
try:
return self._sns_credentials('region')
except KeyError:
return getenv('AWS_REGION')
return getenv('SNS_AWS_REGION', 'us-west-1')
@property
def sns_topic_arns(self):

18
app/config.py
View File

@@ -93,7 +93,6 @@ class Config(object):
EXPIRE_CACHE_EIGHT_DAYS = 8 * 24 * 60 * 60
# AWS Settings
AWS_REGION = getenv('AWS_REGION')
AWS_US_TOLL_FREE_NUMBER = getenv("AWS_US_TOLL_FREE_NUMBER")
# Whether to ignore POSTs from SNS for replies to SMS we sent
RECEIVE_INBOUND_SMS = False
@@ -279,12 +278,12 @@ class Config(object):
DOCUMENT_DOWNLOAD_API_KEY = getenv('DOCUMENT_DOWNLOAD_API_KEY', 'auth-token')
def _default_s3_credentials(bucket_name):
def _s3_credentials_from_env(bucket_prefix):
return {
'bucket': bucket_name,
'access_key_id': getenv('AWS_ACCESS_KEY_ID'),
'secret_access_key': getenv('AWS_SECRET_ACCESS_KEY'),
'region': getenv('AWS_REGION')
'bucket': getenv(f"{bucket_prefix}_BUCKET_NAME"),
'access_key_id': getenv(f"{bucket_prefix}_AWS_ACCESS_KEY_ID"),
'secret_access_key': getenv(f"{bucket_prefix}_AWS_SECRET_ACCESS_KEY"),
'region': getenv(f"{bucket_prefix}_AWS_REGION")
}
@@ -294,8 +293,8 @@ class Development(Config):
DVLA_EMAIL_ADDRESSES = ['success@simulator.amazonses.com']
# Buckets
CSV_UPLOAD_BUCKET = _default_s3_credentials('local-notifications-csv-upload')
CONTACT_LIST_BUCKET = _default_s3_credentials('local-contact-list')
CSV_UPLOAD_BUCKET = _s3_credentials_from_env('CSV')
CONTACT_LIST_BUCKET = _s3_credentials_from_env('CONTACT')
# credential overrides
DANGEROUS_SALT = 'development-notify-salt'
@@ -317,9 +316,6 @@ class Test(Development):
'10d1b9c9-0072-4fa9-ae1c-595e333841da',
]
CSV_UPLOAD_BUCKET = _default_s3_credentials('test-notifications-csv-upload')
CONTACT_LIST_BUCKET = _default_s3_credentials('test-contact-list')
# this is overriden in CI
SQLALCHEMY_DATABASE_URI = getenv('SQLALCHEMY_DATABASE_TEST_URI')

6
tests/app/aws/test_s3.py
View File

@@ -3,9 +3,9 @@ from os import getenv
from app.aws.s3 import get_s3_file
default_access_key = getenv('AWS_ACCESS_KEY_ID')
default_secret_key = getenv('AWS_SECRET_ACCESS_KEY')
default_region = getenv('AWS_REGION')
default_access_key = getenv('CSV_AWS_ACCESS_KEY_ID')
default_secret_key = getenv('CSV_AWS_SECRET_ACCESS_KEY')
default_region = getenv('CSV_AWS_REGION')
def single_s3_object_stub(key='foo', last_modified=None):

2
tests/app/clients/test_aws_sns.py
View File

@@ -15,7 +15,7 @@ def test_send_sms_successful_returns_aws_sns_response(notify_api, mocker):
Message=content,
MessageAttributes={
'AWS.SNS.SMS.SMSType': {'DataType': 'String', 'StringValue': 'Transactional'},
'AWS.MM.SMS.OriginationNumber': {'DataType': 'String', 'StringValue': '+18446120782'}
'AWS.MM.SMS.OriginationNumber': {'DataType': 'String', 'StringValue': '+18556438890'}
}
)

3
tests/app/delivery/test_send_to_providers.py
View File

@@ -11,6 +11,7 @@ from requests import HTTPError
import app
from app import aws_sns_client, notification_provider_clients
from app.cloudfoundry_config import cloud_config
from app.dao import notifications_dao
from app.dao.provider_details_dao import get_provider_details_by_identifier
from app.delivery import send_to_providers
@@ -164,7 +165,7 @@ def test_should_send_personalised_template_to_correct_email_provider_and_persist
)
app.aws_ses_client.send_email.assert_called_once_with(
'"Sample service" <sample.service@notify.sandbox.10x.gsa.gov>',
f"\"Sample service\" <sample.service@{cloud_config.ses_email_domain}>",
'jo.smith@example.com',
'Jo <em>some HTML</em>',
body='Hello Jo\nThis is an email from GOV.\u200bUK with <em>some HTML</em>\n',