Compare commits
18 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
e81789f8c6 | ||
 Khwezi Mngoma
|
17a74ca750 | ||
|
khwezi
|
b9f3274633 | ||
|
Khwezi Mngoma
|
53b3018d9e | ||
|
khwezi
|
552e9ff1b4 | ||
|
Khwezi Mngoma
|
8002920a07 | ||
|
khwezi
|
629dbe7cfe | ||
|
Khwezi Mngoma
|
285cb29867 | ||
|
khwezi
|
25acd67485 | ||
|
Khwezi Mngoma
|
596ab396a4 | ||
|
khwezi
|
d3672a6db9 | ||
|
Khwezi Mngoma
|
9cbde6e622 | ||
|
khwezi
|
a8056e7a9a | ||
|
Khwezi Mngoma
|
8ddf769fab | ||
|
khwezi
|
4458a1e189 | ||
|
Khwezi Mngoma
|
44741d2162 | ||
|
khwezi
|
2aeeb7a240 | ||
|
Khwezi Mngoma
|
5204816370 |
@@ -18,13 +18,13 @@
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="LiteCharms.Features" Version="1.125.0" />
|
||||
<PackageReference Include="LiteCharms.Features" Version="1.132.0" />
|
||||
</ItemGroup>
|
||||
|
||||
<!-- UI -->
|
||||
<ItemGroup>
|
||||
<PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
|
||||
<PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.125.0" />
|
||||
<PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.132.0" />
|
||||
|
||||
<!-- Global Usings -->
|
||||
<Using Include="Blazored.Toast.Services" />
|
||||
@@ -55,6 +55,8 @@
|
||||
<Using Include="System.Globalization" />
|
||||
<Using Include="System.Security.Claims" />
|
||||
<Using Include="Microsoft.Extensions.Options" />
|
||||
<Using Include="Microsoft.EntityFrameworkCore" />
|
||||
<Using Include="Microsoft.AspNetCore.HttpOverrides" />
|
||||
<Using Include="Microsoft.AspNetCore.Components.Authorization" />
|
||||
<Using Include="Microsoft.AspNetCore.Components.Routing" />
|
||||
<Using Include="Microsoft.AspNetCore.Components.Web" />
|
||||
|
||||
@@ -2,26 +2,27 @@ using LiteCharms.Features.Extensions;
|
||||
using LiteCharms.Features.Mediator;
|
||||
using LiteCharms.Features.MidrandBooks.Extensions;
|
||||
using LiteCharms.Features.MidrandBooks.Payments;
|
||||
using Microsoft.AspNetCore.HttpOverrides;
|
||||
using LiteCharms.Features.Postgres;
|
||||
using MidrandBookshop.Components;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using static LiteCharms.Features.Extensions.Quartz;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.Services.AddAntiforgery();
|
||||
|
||||
builder.Services.AddRazorComponents()
|
||||
.AddInteractiveServerComponents();
|
||||
|
||||
builder.AddMonitoring();
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
|
||||
builder.Services.AddMediator();
|
||||
builder.Services.AddLiteCharmsWebSecurity(builder.Configuration);
|
||||
|
||||
builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
|
||||
builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));
|
||||
|
||||
builder.Services.AddQuartzSchedulerClient(MidrandShopSchedulerName, builder.Configuration);
|
||||
|
||||
builder.Services.AddMediator();
|
||||
builder.Services.AddEmailServices(builder.Configuration);
|
||||
builder.Services.AddEmailServiceBus();
|
||||
|
||||
@@ -29,10 +30,14 @@ builder.Services.AddHttpClient();
|
||||
builder.Services.AddScoped<CartService>();
|
||||
builder.Services.AddShopServices(includeLocalStorage: true);
|
||||
builder.Services.AddHashServices(builder.Configuration);
|
||||
builder.Services.AddSecurityApiSdk(builder.Configuration);
|
||||
builder.Services.AddPayfastServices(builder.Configuration);
|
||||
|
||||
builder.Services.AddDataProtectionDatabase(builder.Configuration);
|
||||
builder.Services.AddMidrandShopDatabase(builder.Configuration);
|
||||
|
||||
builder.Services.AddSecurityApiSdk(builder.Configuration);
|
||||
builder.Services.AddLiteCharmsWebSecurity(builder.Configuration);
|
||||
|
||||
builder.Services.AddMidrandShopPostgresHealthCheck();
|
||||
builder.Services.AddMidrandShopQuartzHealthCheck();
|
||||
builder.Services.AddHealthChecksSupport(builder.Configuration);
|
||||
@@ -45,7 +50,35 @@ builder.Services.Configure<ForwardedHeadersOptions>(options =>
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
builder.WebHost.ConfigureKestrel(options =>
|
||||
{
|
||||
var certBase64 = builder.Configuration["DataProtection:Certificate"];
|
||||
var certPassword = builder.Configuration["DataProtection:Password"];
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(certBase64))
|
||||
{
|
||||
var rawBytes = Convert.FromBase64String(certBase64);
|
||||
var kestrelCert = X509CertificateLoader.LoadPkcs12(rawBytes, certPassword);
|
||||
|
||||
options.ListenAnyIP(8443, listenOptions =>
|
||||
{
|
||||
listenOptions.UseHttps(kestrelCert);
|
||||
});
|
||||
}
|
||||
else
|
||||
options.ListenAnyIP(8080);
|
||||
});
|
||||
|
||||
app.UseForwardedHeaders();
|
||||
app.UseCookiePolicy();
|
||||
|
||||
using var security = app.Services.CreateScope();
|
||||
{
|
||||
var dataProtectionContext = security.ServiceProvider.GetRequiredService<DataProtectionDbContext>();
|
||||
|
||||
await dataProtectionContext.Database.MigrateAsync();
|
||||
}
|
||||
|
||||
app.AddSecurityEndpoints();
|
||||
|
||||
var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
"commandName": "Project",
|
||||
"dotnetRunMessages": true,
|
||||
"launchBrowser": false,
|
||||
"applicationUrl": "https://localhost:7021;http://localhost:5053",
|
||||
"applicationUrl": "https://localhost:8440;http://localhost:8083",
|
||||
"environmentVariables": {
|
||||
"ASPNETCORE_ENVIRONMENT": "Development"
|
||||
}
|
||||
|
||||
+44
-17
@@ -10,8 +10,8 @@ metadata:
|
||||
name: midrandbooks-config
|
||||
namespace: midrandbooks-uat
|
||||
data:
|
||||
ASPNETCORE_ENVIRONMENT: "Development"
|
||||
ASPNETCORE_URLS: "http://0.0.0.0:8080"
|
||||
ASPNETCORE_ENVIRONMENT: "Development"
|
||||
ASPNETCORE_URLS: "https://0.0.0.0:8443"
|
||||
Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889"
|
||||
Monitoring__ServiceName: "MidrandBooks.Uat"
|
||||
HasherSettings__MinHashLength: "11"
|
||||
@@ -27,7 +27,6 @@ data:
|
||||
PayfastSettings__ValidHosts__4: "payment.payfast.io"
|
||||
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
|
||||
LiteCharmsSettings__Audience: "midrandbooks-api"
|
||||
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
|
||||
LiteCharmsClientSettings__Authority: "https://sts.security.khongisa.co.za"
|
||||
LiteCharmsClientSettings__GrantType: "client_credentials"
|
||||
LiteCharmsClientSettings__Scope: "midrandbooks-api"
|
||||
@@ -40,6 +39,7 @@ metadata:
|
||||
type: Opaque
|
||||
data:
|
||||
connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
|
||||
dataprotection-connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
|
||||
connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl
|
||||
aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw==
|
||||
hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0=
|
||||
@@ -52,6 +52,8 @@ data:
|
||||
payfast-merchantkey: anU2bmF2bjBqY2JmMA==
|
||||
litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
|
||||
litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
|
||||
dataprotection-cert: TUlJS2dBSUJBekNDQ2pZR0NTcUdTSWIzRFFFSEFhQ0NDaWNFZ2dvak1JSUtIekNDQkZJR0NTcUdTSWIzRFFFSEJxQ0NCRU13Z2dRL0FnRUFNSUlFT0FZSktvWklodmNOQVFjQk1GY0dDU3FHU0liM0RRRUZEVEJLTUNrR0NTcUdTSWIzRFFFUkREUWEwZ0F3RUFBaUFCQURBTkJnbGdoa2dCWlFNRUFnRUZBQUFTb0VFS2Y2bE55USt1REU4ZjNCOWw5T3pGNG9mSmw5cUtkK3lKTTVBNXEy d0RBRUNIMXBPL2hVRXpsTkFnSUlBQT09
|
||||
dataprotection-password: OWlIUSMmcl41eWZYRXc=
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
@@ -71,7 +73,7 @@ metadata:
|
||||
name: midrandbooks
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
replicas: 2
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: midrandbooks
|
||||
@@ -99,11 +101,21 @@ spec:
|
||||
memory: "256Mi"
|
||||
cpu: "100m"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
- containerPort: 8443
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: midrandbooks-config
|
||||
env:
|
||||
- name: DataProtection__Certificate
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: midrandbooks-secrets
|
||||
key: dataprotection-cert
|
||||
- name: DataProtection__Password
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: midrandbooks-secrets
|
||||
key: dataprotection-password
|
||||
- name: LiteCharmsSettings__ClientId
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -164,6 +176,11 @@ spec:
|
||||
secretKeyRef:
|
||||
name: midrandbooks-secrets
|
||||
key: connection-string
|
||||
- name: ConnectionStrings__PostgresDataProtection
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: midrandbooks-secrets
|
||||
key: dataprotection-connection-string
|
||||
- name: Monitoring__ApiKey
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -172,23 +189,25 @@ spec:
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /app/wwwroot/content
|
||||
resources:
|
||||
subPath: bookshop-content
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /health
|
||||
port: 8080
|
||||
port: 8443
|
||||
scheme: HTTPS
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /health
|
||||
port: 8080
|
||||
port: 8443
|
||||
scheme: HTTPS
|
||||
initialDelaySeconds: 3
|
||||
periodSeconds: 5
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: midrandbooks-pvc
|
||||
claimName: midrandbooks-pvc
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
@@ -196,14 +215,20 @@ metadata:
|
||||
name: midrandbooks-service
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: https
|
||||
port: 443
|
||||
targetPort: 8443
|
||||
selector:
|
||||
app: midrandbooks
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
port: 80
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: ServersTransport
|
||||
metadata:
|
||||
name: midrandbooks-bypass-backend-validation
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
insecureSkipVerify: true
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
@@ -218,10 +243,12 @@ spec:
|
||||
kind: Rule
|
||||
services:
|
||||
- name: midrandbooks-service
|
||||
port: 80
|
||||
port: 443
|
||||
scheme: https
|
||||
serversTransport: midrandbooks-bypass-backend-validation
|
||||
sticky:
|
||||
cookie:
|
||||
name: "lp-sticky-session"
|
||||
httpOnly: true
|
||||
secure: true
|
||||
tls: {}
|
||||
tls: {}
|
||||
|
||||
Reference in New Issue
Block a user