From 914a7cc969c665676dc1d0b84551775c20dc18c7 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 24 Jan 2023 13:43:37 -0500 Subject: [PATCH 1/3] Updates for sandbox env --- deploy-config/sandbox.yml | 6 +++--- newrelic.ini | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-config/sandbox.yml b/deploy-config/sandbox.yml index 70e1da125..aafa9b491 100644 --- a/deploy-config/sandbox.yml +++ b/deploy-config/sandbox.yml @@ -6,6 +6,6 @@ worker_memory: 512M scheduler_memory: 256M public_api_route: notify-api-sandbox.app.cloud.gov admin_base_url: https://notify-sandbox.app.cloud.gov -ADMIN_CLIENT_SECRET: dev-notify-secret-key -DANGEROUS_SALT: dev-notify-salt -SECRET_KEY: dev-notify-secret-key +ADMIN_CLIENT_SECRET: sandbox-notify-secret-key +DANGEROUS_SALT: sandbox-notify-salt +SECRET_KEY: sandbox-notify-secret-key diff --git a/newrelic.ini b/newrelic.ini index 638dbf84e..394ae3c1a 100644 --- a/newrelic.ini +++ b/newrelic.ini @@ -205,7 +205,7 @@ monitor_mode = false [newrelic:sandbox] app_name = us-notify-api (Sandbox) -monitor_mode = false +monitor_mode = true [newrelic:staging] app_name = us-notify-api (Staging) From c54a207c5755abaab101f954578f705a97605376 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 24 Jan 2023 13:48:38 -0500 Subject: [PATCH 2/3] Update proxy settings to enable sending data to new relic --- .github/actions/deploy-proxy/action.yml | 4 ++-- deploy-config/egress_proxy/notify-api-demo.allow.acl | 1 + deploy-config/egress_proxy/notify-api-staging.allow.acl | 1 + manifest.yml | 1 + 4 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/actions/deploy-proxy/action.yml b/.github/actions/deploy-proxy/action.yml index 2c1f4e882..13a773fa0 100644 --- a/.github/actions/deploy-proxy/action.yml +++ b/.github/actions/deploy-proxy/action.yml @@ -9,10 +9,10 @@ inputs: required: true proxy_repo: description: git repo for cg-egress-proxy - default: https://github.com/GSA/cg-egress-proxy.git + default: https://github.com/rahearn/cg-egress-proxy.git proxy_version: description: git ref to be deployed - default: main + default: new-relic-connection runs: using: composite steps: diff --git a/deploy-config/egress_proxy/notify-api-demo.allow.acl b/deploy-config/egress_proxy/notify-api-demo.allow.acl index 13db9062b..7061eef91 100644 --- a/deploy-config/egress_proxy/notify-api-demo.allow.acl +++ b/deploy-config/egress_proxy/notify-api-demo.allow.acl @@ -1,3 +1,4 @@ email.us-west-2.amazonaws.com sns.us-west-2.amazonaws.com gov-collector.newrelic.com +*.apps.internal diff --git a/deploy-config/egress_proxy/notify-api-staging.allow.acl b/deploy-config/egress_proxy/notify-api-staging.allow.acl index 13db9062b..7061eef91 100644 --- a/deploy-config/egress_proxy/notify-api-staging.allow.acl +++ b/deploy-config/egress_proxy/notify-api-staging.allow.acl @@ -1,3 +1,4 @@ email.us-west-2.amazonaws.com sns.us-west-2.amazonaws.com gov-collector.newrelic.com +*.apps.internal diff --git a/manifest.yml b/manifest.yml index 130b2ff2e..ae64daf6c 100644 --- a/manifest.yml +++ b/manifest.yml @@ -51,3 +51,4 @@ applications: AWS_US_TOLL_FREE_NUMBER: +18446120782 REQUESTS_CA_BUNDLE: "/etc/ssl/certs/ca-certificates.crt" + NEW_RELIC_CA_BUNDLE_PATH: "/etc/ssl/certs/ca-certificates.crt" From b46dfe98d82d65a1e819881f28ea5df33416f6a6 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Tue, 24 Jan 2023 15:57:43 -0500 Subject: [PATCH 3/3] Remove wildcard matcher on egress allow --- deploy-config/egress_proxy/notify-api-demo.allow.acl | 2 +- deploy-config/egress_proxy/notify-api-staging.allow.acl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-config/egress_proxy/notify-api-demo.allow.acl b/deploy-config/egress_proxy/notify-api-demo.allow.acl index 7061eef91..fcd95f284 100644 --- a/deploy-config/egress_proxy/notify-api-demo.allow.acl +++ b/deploy-config/egress_proxy/notify-api-demo.allow.acl @@ -1,4 +1,4 @@ email.us-west-2.amazonaws.com sns.us-west-2.amazonaws.com gov-collector.newrelic.com -*.apps.internal +egress-proxy-notify-api-demo.apps.internal diff --git a/deploy-config/egress_proxy/notify-api-staging.allow.acl b/deploy-config/egress_proxy/notify-api-staging.allow.acl index 7061eef91..9f16b1edf 100644 --- a/deploy-config/egress_proxy/notify-api-staging.allow.acl +++ b/deploy-config/egress_proxy/notify-api-staging.allow.acl @@ -1,4 +1,4 @@ email.us-west-2.amazonaws.com sns.us-west-2.amazonaws.com gov-collector.newrelic.com -*.apps.internal +egress-proxy-notify-api-staging.apps.internal