darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-04 18:31:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
06-16-2025
notifications-api/manifest.yml
Carlo Costino a6bc7b4985 Add one more cert environment variable 
This changeset adds an additional environment variable to enforce usage of the correct CA certificate in case any libraries override it.

Please see https://cloud.gov/docs/management/container-to-container/#addressing-certificate-validation-errors for more details.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
2025-06-05 17:41:03 -04:00

60 lines
2.1 KiB
YAML
Raw Permalink Blame History

---
applications:
- name: notify-api-((env))
buildpack: python_buildpack
stack: cflinuxfs4
instances: 1
disk_quota: 1G
routes:
- route: ((public_api_route))
- route: notify-api-((env)).apps.internal
services:
- notify-api-rds-((env))
- notify-api-redis-v70-((env))
- notify-api-csv-upload-bucket-((env))
- name: notify-api-ses-((env))
parameters:
notification_webhook: "https://((public_api_route))/notifications/email/ses"
- notify-api-sns-((env))
processes:
- type: web
instances: ((web_instances))
memory: ((web_memory))
command: ./scripts/migrate_and_run_web.sh
- type: worker
instances: ((worker_instances))
memory: ((worker_memory))
command: newrelic-admin run-program celery -A run_celery.notify_celery worker --loglevel=INFO --pool=threads --concurrency=10 --prefetch-multiplier=2
- type: scheduler
instances: 1
memory: ((scheduler_memory))
command: celery -A run_celery.notify_celery beat --loglevel=INFO
env:
NOTIFY_APP_NAME: api
FLASK_APP: application.py
FLASK_DEBUG: "false"
NEW_RELIC_CONFIG_FILE: newrelic.ini
NEW_RELIC_ENVIRONMENT: ((env))
NEW_RELIC_LICENSE_KEY: ((NEW_RELIC_LICENSE_KEY))
REDIS_ENABLED: ((redis_enabled))
NOTIFY_ENVIRONMENT: ((env))
API_HOST_NAME: https://((public_api_route))
ADMIN_BASE_URL: ((admin_base_url))
NOTIFY_E2E_TEST_EMAIL: ((NOTIFY_E2E_TEST_EMAIL))
NOTIFY_E2E_TEST_PASSWORD: ((NOTIFY_E2E_TEST_PASSWORD))
LOGIN_DOT_GOV_REGISTRATION_URL: ((LOGIN_DOT_GOV_REGISTRATION_URL))
# Credentials variables
INTERNAL_CLIENT_API_KEYS: '{"notify-admin":["((ADMIN_CLIENT_SECRET))"]}'
DANGEROUS_SALT: ((DANGEROUS_SALT))
SECRET_KEY: ((SECRET_KEY))
AWS_US_TOLL_FREE_NUMBER: ((default_toll_free_number))
SSL_CERT_FILE: "/etc/ssl/certs/ca-certificates.crt"
REQUESTS_CA_BUNDLE: "/etc/ssl/certs/ca-certificates.crt"
NEW_RELIC_CA_BUNDLE_PATH: "/etc/ssl/certs/ca-certificates.crt"
Reference in New Issue View Git Blame Copy Permalink