Merge pull request 'Refactored fowarded header config in app' (#86) from cart into main

Reviewed-on: #86

MidrandBookshop/MidrandBookshop.csproj

@@ -18,13 +18,13 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="LiteCharms.Features" Version="1.130.0" />
+    <PackageReference Include="LiteCharms.Features" Version="1.135.0" />
   </ItemGroup>
 
   <!-- UI -->
   <ItemGroup>
     <PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
-    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.130.0" />
+    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.135.0" />
     
     <!-- Global Usings -->
     <Using Include="Blazored.Toast.Services" />
@@ -62,6 +62,7 @@
     <Using Include="Microsoft.AspNetCore.Components.Web" />
     <Using Include="Microsoft.AspNetCore.WebUtilities" />
     <Using Include="Microsoft.AspNetCore.Components" />
+    <Using Include="System.Security.Cryptography.X509Certificates" />
   </ItemGroup>
 
 </Project>

MidrandBookshop/Program.cs

@@ -1,87 +1,51 @@
 using LiteCharms.Features.Extensions;
-using LiteCharms.Features.Mediator;
-using LiteCharms.Features.MidrandBooks.Extensions;
-using LiteCharms.Features.MidrandBooks.Payments;
 using LiteCharms.Features.Postgres;
+using MidrandBookshop;
 using MidrandBookshop.Components;
 using static LiteCharms.Features.Extensions.Quartz;
 
 var builder = WebApplication.CreateBuilder(args);
 
-builder.Services.AddAntiforgery();
-
-builder.Services.AddRazorComponents()
-    .AddInteractiveServerComponents();
-
 builder.AddMonitoring();
-builder.Services.AddEndpointsApiExplorer();
+builder.Services.RegisterServices(builder.Configuration);
-
-builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
-builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));
-
-builder.Services.AddQuartzSchedulerClient(MidrandShopSchedulerName, builder.Configuration);
-
-builder.Services.AddMediator();
-builder.Services.AddEmailServices(builder.Configuration);
-builder.Services.AddEmailServiceBus();
-
-builder.Services.AddHttpClient();
-builder.Services.AddScoped<CartService>();
-builder.Services.AddShopServices(includeLocalStorage: true);
-builder.Services.AddHashServices(builder.Configuration);
-builder.Services.AddPayfastServices(builder.Configuration);
-
-builder.Services.AddSecurityApiSdk(builder.Configuration);
-builder.Services.AddLiteCharmsWebSecurity(builder.Configuration);
-
-builder.Services.AddDataProtectionDatabase(builder.Configuration);
-builder.Services.AddMidrandShopDatabase(builder.Configuration);
-
-builder.Services.AddMidrandShopPostgresHealthCheck();
-builder.Services.AddMidrandShopQuartzHealthCheck();
-builder.Services.AddHealthChecksSupport(builder.Configuration);
-
-builder.Services.Configure<ForwardedHeadersOptions>(options =>
-{
-    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
-    options.KnownProxies.Clear();
-});
 
 var app = builder.Build();
 
-using var security = app.Services.CreateScope();
-{
-    var dataProtectionContext = security.ServiceProvider.GetRequiredService<DataProtectionDbContext>();
-
-    await dataProtectionContext.Database.MigrateAsync();
-}
-
-app.UseForwardedHeaders();
-app.AddSecurityEndpoints();
-
-var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
-var scheduler = await schedulerFactory.GetScheduler(MidrandShopSchedulerName);
-
-if (!scheduler!.IsStarted)
-    await scheduler.Start();
-
 if (!app.Environment.IsDevelopment())
 {
     app.UseExceptionHandler("/Error", createScopeForErrors: true);
     app.UseHsts();
 }
 
+app.UseForwardedHeaders();
+app.UseHttpsRedirection();
+
+app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages: true);
 app.UseHealthChecks("/health", new HealthCheckOptions
 {
     ResponseWriter = HealthChecks.UI.Client.UIResponseWriter.WriteHealthCheckUIResponse
 });
 
-app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages: true);
-app.UseHttpsRedirection();
-
-app.UseAntiforgery();
-
 app.MapStaticAssets();
+app.UseCookiePolicy();
+
+app.UseAuthentication();
+app.UseAuthorization();
+app.UseAntiforgery();
+app.AddSecurityEndpoints();
+
+using (var security = app.Services.CreateScope())
+{
+    var dataProtectionContext = security.ServiceProvider.GetRequiredService<DataProtectionDbContext>();
+
+    await dataProtectionContext.Database.MigrateAsync();
+}
+
+var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
+var scheduler = await schedulerFactory.GetScheduler(MidrandShopSchedulerName);
+
+if (!scheduler!.IsStarted) await scheduler.Start();
+
 app.MapRazorComponents<App>()
     .AddInteractiveServerRenderMode();
 

MidrandBookshop/Properties/launchSettings.json

@@ -14,7 +14,7 @@
         "commandName": "Project",
         "dotnetRunMessages": true,
         "launchBrowser": false,
-        "applicationUrl": "https://localhost:7021;http://localhost:5053",
+        "applicationUrl": "https://localhost:8440;http://localhost:8083",
         "environmentVariables": {
           "ASPNETCORE_ENVIRONMENT": "Development"
         }

MidrandBookshop/Setup.cs

@@ -0,0 +1,58 @@
+using LiteCharms.Features.Mediator;
+using LiteCharms.Features.MidrandBooks.Payments;
+using LiteCharms.Features.Extensions;
+using LiteCharms.Features.MidrandBooks.Extensions;
+using static LiteCharms.Features.Extensions.Quartz;
+
+namespace MidrandBookshop;
+
+public static class Setup
+{
+    public static IServiceCollection RegisterServices(this IServiceCollection services, IConfiguration configuration)
+    {
+        services.AddAntiforgery();
+
+        services.AddRazorComponents()
+            .AddInteractiveServerComponents();
+        
+        services.AddEndpointsApiExplorer();
+
+        services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
+        services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));
+
+        services.AddQuartzSchedulerClient(MidrandShopSchedulerName, configuration);
+
+        services.AddMediator();
+        services.AddEmailServices(configuration);
+        services.AddEmailServiceBus();
+
+        services.AddHttpClient();
+        services.AddScoped<CartService>();
+        services.AddShopServices(includeLocalStorage: true);
+        services.AddHashServices(configuration);
+        services.AddPayfastServices(configuration);
+
+        services.AddDataProtectionDatabase(configuration);
+        services.AddMidrandShopDatabase(configuration);
+
+        services.AddSecurityApiSdk(configuration);
+        services.AddLiteCharmsWebSecurity(configuration);
+
+        services.AddMidrandShopPostgresHealthCheck();
+        services.AddMidrandShopQuartzHealthCheck();
+        services.AddHealthChecksSupport(configuration);
+
+        services.Configure<ForwardedHeadersOptions>(options =>
+        {
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+
+            options.KnownProxies.Clear();
+            options.KnownIPNetworks.Clear();
+
+            options.ForwardLimit = null;
+            options.RequireHeaderSymmetry = false;
+        });
+
+        return services;
+    }
+}

midrandbooks-uat.yml

@@ -10,8 +10,8 @@ metadata:
   name: midrandbooks-config
   namespace: midrandbooks-uat
 data:
-  ASPNETCORE_ENVIRONMENT: "Development"
+  ASPNETCORE_ENVIRONMENT: "Development"  
-  ASPNETCORE_URLS: "http://0.0.0.0:8080"
+  ASPNETCORE_URLS: "http://0.0.0.0:8443"
   Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889"
   Monitoring__ServiceName: "MidrandBooks.Uat"
   HasherSettings__MinHashLength: "11"
@@ -27,7 +27,6 @@ data:
   PayfastSettings__ValidHosts__4: "payment.payfast.io"
   LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
   LiteCharmsSettings__Audience: "midrandbooks-api"
-  ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
   LiteCharmsClientSettings__Authority: "https://sts.security.khongisa.co.za"
   LiteCharmsClientSettings__GrantType: "client_credentials"
   LiteCharmsClientSettings__Scope: "midrandbooks-api"
@@ -53,7 +52,7 @@ data:
   payfast-merchantkey: anU2bmF2bjBqY2JmMA==
   litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
   litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
-  dataprotection-cert: MIIKgAIBAzCCCjYGCSqGSIb3DQEHAaCCCicEggojMIIKHzCCBFIGCSqGSIb3DQEHBqCCBEMwggQ/AgEAMIIEOAYJKoZIhvcNAQcBMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh9qkaVgGmz/gICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEKb2CyrUL6BTZjUF5py8BLWAggPQ7c0M6pLz8pH5B3xfcC11DeteY9ixT9hpyxYTgcBCfxxv0hunGMxoi0OZc+YGp7YEp8XSAfGd34g9xDs2TmAnwjQqVibGLGR3fpISZH20T5DHaSwgWppxeFVE7UvedixCnkwH6W9EN8cUHVd2ISVN+EhrrOJRVI6X+62uJQwq3BmY9IouuaH8dpMqmtV1xSkVd3W54goY30yZtBlP8s17lRwHXnYJRPa2Qyv0qclyTK46ktmm5eNjWhNZwYmrFgX7yxZqPw/zk2Q1f0tmE7yJpGC6xnpbPhQXxHR2X89OCB6S9hMm3uiEic01fTsaTEBIVoSwT71IZVUCa4wZaer0xS07oWQK3Yl0nu/IfmbJCk+IHRHrBMZ+uOk7EW133n+Cr48mpgr2gvCe/V3KeiDcAQYVfht7ihgME27GV6VD7Z30JmjF7DhON921zh/7NhoIiLKoIMlR1kID39M78yG4n5Xf6YdQbdWE2PTtPtBNJdk0C1vLMOcKVfm4MVnV/B4uiYZXztd0nKMD4v/kgApxDOpw/HYN5psVbAeC3Y1clpP0UsbMJ//VWPMAkpbm/GzIMHleid5rLP7UIgxxopUYOwIP6hl8wnsosOlLo09XNIARoPqANorh6x+9QlhN+58JSYILjnFnkr47EYxZHqCIzCLv1VZdmfpbQ8fKJ02LjGu9SGXsQD3qvQkvLGyegBcp3+8gXka1TiaKTOKHwy85RhH3uq1qW5fV4nxQpvV3+MlEVPRsh7FcMhSeK+66CHOCZ7JEG4JQA7ocd0UkatXksF+ds8yX02ugLX40tmFvnlDg4XXzJ1yEpHc0u+73qqC+9s56qGsm84VZ0hn7Zdc98DrXZ+U7HklZycPnvtpPwxzvlIpfDrbYbU+yj/+iriYDhFt94GzajEKsmlq9HtW8wSWg60mJoUIlz5AV/ZSwT7S8y2WplE+TMFFyg1TjOb4Jq/THpInUInfz+oQjr6w56fPdUkDW7f5+Si3YYWvVfTDgAqT7/xVvliMc8pQ7gZebzeBBjZCmV5qTLeeOphjRL9yMNwHkrVh1qW5eGvHUESgNVdU5B/m1VrctW2NPcVfXMqDg3hvfwapMlEm9LXw/bXtNfK8LJZ0fI7S8USTP8aX/BVkN/wad7V0GjLGJgq5kZTKRFqZDfIy7lH8FcUMZ22Ex0II2uv0ohAnimZtUYkBLPXRiYg4AdOV0YsP6KwU/62uUFiXx/GBmKY4AI2+qT2DcJ0umed9qW/U25H91z9iasrNvE+hXNv4tEzJew+tIYpUvK0jRqLeT1Wjbk8eprTCCBcUGCSqGSIb3DQEHAaCCBbYEggWyMIIFrjCCBaoGCyqGSIb3DQEMCgECoIIFMTCCBS0wVwYJKoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECNV0zVDMR21/AgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQmFQv8M4PJNOzsnkTAj+KWASCBND06MB//M0VAlAOf2k8HYiTg/T3SaFxohZWia0rkyoK/bKYIghehUzSyiQ0jssCrAP/wNz+CpA3WTLXrOiDh8WX/2EjR2/jsvtTKCdbjb07JKWEQp4Q5Ho5uf1catT59dAse+IueVN94liEVEtISWNaIXh+eXpBm2ozZ8DIR4Cn3Ju4Od/oF45pHYgOGiB/kmMoAC02wMOdsVvtKoXPMYsFfw0Zjp9fL5uro6rWXDh9a6v8LKhrkHvYtsyYViE2h8o9mliTgtkjov4e6Lj6nUbEn3IyDe7mrlZ5Me27KW5fWYrjsXM9hQLvLkuUHwm6gKkUqvZygez77BIkO0kH+8Ww3oO0XLXYOHhgAl++wCLGL/BXV3+C9Gb5dvQQGkKyP7eZDKF/TF6jSzK7kGvY1Ik61AKHw1qg7NDHe6Ga3TXQ0D6Uuum/u0tZmDcljOTjVWZR/JDQknF6UNPeB9Q8F3woTixTzyuihR9vxg5ry6Wpfp3+dSut5wwn6mSWIdjvJrJa58FpMDnpZtlEEwd3h4Fva6YswsJD24TfZTXQUIiVXRZTciB9SomLp0n2okjzRZop672yxXeRCKfowxDJHSSAm8PYAF0e2x6QrewMZxQEvueC8uk6+7cjuzq8VbPFx8OAOK7liIAeGshOhMrN8Bl5v0R00ybiH8S3SSp8op/wEcAWFrhXM1epS8AyIjNRXShB3KZhNPUh8XpJH4ATXgmyInI9MVt5FYhepjj8PsBEbDTSvQN2czxi0Yabc3vqMe+q+uNoK9kXnoI8cVK0RjsWm/Cf5QANgPEUX8kcFBuZbgQ68xL1/JeX9bRX/QIS4YojQY7F4mZulHRJQhseOuMRwe2yafMgkusjBPSgD0Nmw55/kzWssYLqoocLZ08DFV7eCQgamu0SWdjeIVGmo27PnbQuLUnJMc6ncBLIrbp711NfGilCb4j77/ol1Sff3KNiphkoIc51lfHQ3QqBLZbbosRBaPxIlH8soZP8Zr1R/sGjTyth4epKIBZL6/R0iopzJcTMbrUcqrMmHIPCuYdcX+hHFhSEochSH9wJee4Bd8/T8tXmMUmBUvKTRRfHkc7s/exCfLLf8qOX23RUpkdI5ufoLQEOepROj7ekPUGyMyOxrwkCPtaaRjOpv9MKbdL6p5EBGzJ0Tlr+ztClerhgNFu9eg/5t9WaLXrl+KBThsayjzS7qZppPkxvEiSBgCFeRK863l+uW2uQnmN8m53iGLP84K2NCBPPmJ3uzp1PbH/MBwXzFnml+ojLL4BoorTmgSPThhHvLnMP11tOYkN2WAHvzP2JK1A2Zv6VMVnAOGbG+wDmqsAmQZ7BuyQrxfASqpg+HLTxqad776/zvp4zuY3JVbrlm6cT6pDn+uJG5HKFtp/pA5X9oAYnSbIDWMjRhaTLIweCblMEEMTsS95iEcobhvU6s3nTSASFIZ95RhaBHcluQ1ydNYeaZMRFWx9SPrKEUOJiz9LwiTL1jKtAtnwhrBdO6i0S7Jbb+UW4bgGr5XRrTTGJDWIL7zrw/53axCz6TKgrWK1NbcCuGKktX5wB+Vq1eQYP4V2aboabryJiAio8gFCtgA7bE0p1OWs2VcCy2zWv+UM7kZyXEye8vXj5C1CypnE+n5r36O2ZSzFmMCMGCSqGSIb3DQEJFTEWBBQ1lQ+totrkZkQb7uE6lOz/gPzqKTA/BgkqhkiG9w0BCRQxMh4wAEwAaQB0AGUAQwBoAGEAcgBtAHMARABhAHQAYQBQAHIAbwB0AGUAYwB0AGkAbwBuMEEwMTANBglghkgBZQMEAgEFAAQgAW7Ot+6j9Xu4nT7pL9rF43iOnSd5qLd+yJM5A5q2wDAECH1pO/hUEzlNAgIIAA==
+  dataprotection-cert: TUlJS2dBSUJBekNDQ2pZR0NTcUdTSWIzRFFFSEFhQ0NDaWNFZ2dvak1JSUtIekNDQkZJR0NTcUdTSWIzRFFFSEJxQ0NCRU13Z2dRL0FnRUFNSUlFT0FZSktvWklodmNOQVFjQk1GY0dDU3FHU0liM0RRRUZEVEJLTUNrR0NTcUdTSWIzRFFFRkREQWNCQWg5cWthVmdHbXovZ0lDQ0FBd0RBWUlLb1pJaHZjTkFna0ZBREFkQmdsZ2hrZ0JaUU1FQVNvRUVLYjJDeXJVTDZCVFpqVUY1cHk4QkxXQWdnUFE3YzBNNnBMejhwSDVCM3hmY0MxMURldGVZOWl4VDlocHl4WVRnY0JDZnh4djBodW5HTXhvaTBPWmMrWUdwN1lFcDhYU0FmR2QzNGc5eERzMlRtQW53alFxVmliR0xHUjNmcElTWkgyMFQ1REhhU3dnV3BweGVGVkU3VXZlZGl4Q25rd0g2VzlFTjhjVUhWZDJJU1ZOK0VocnJPSlJWSTZYKzYydUpRd3EzQm1ZOUlvdXVhSDhkcE1xbXRWMXhTa1ZkM1c1NGdvWTMweVp0QmxQOHMxN2xSd0hYbllKUlBhMlF5djBxY2x5VEs0Nmt0bW01ZU5qV2hOWndZbXJGZ1g3eXhacVB3L3prMlExZjB0bUU3eUpwR0M2eG5wYlBoUVh4SFIyWDg5T0NCNlM5aE1tM3VpRWljMDFmVHNhVEVCSVZvU3dUNzFJWlZVQ2E0d1phZXIweFMwN29XUUszWWwwbnUvSWZtYkpDaytJSFJIckJNWit1T2s3RVcxMzNuK0NyNDhtcGdyMmd2Q2UvVjNLZWlEY0FRWVZmaHQ3aWhnTUUyN0dWNlZEN1ozMEptakY3RGhPTjkyMXpoLzdOaG9JaUxLb0lNbFIxa0lEMzlNNzh5RzRuNVhmNllkUWJkV0UyUFR0UHRCTkpkazBDMXZMTU9jS1ZmbTRNVm5WL0I0dWlZWlh6dGQwbktNRDR2L2tnQXB4RE9wdy9IWU41cHNWYkFlQzNZMWNscFAwVXNiTUovL1ZXUE1Ba3BibS9HeklNSGxlaWQ1ckxQN1VJZ3h4b3BVWU93SVA2aGw4d25zb3NPbExvMDlYTklBUm9QcUFOb3JoNngrOVFsaE4rNThKU1lJTGpuRm5rcjQ3RVl4WkhxQ0l6Q0x2MVZaZG1mcGJROGZLSjAyTGpHdTlTR1hzUUQzcXZRa3ZMR3llZ0JjcDMrOGdYa2ExVGlhS1RPS0h3eTg1UmhIM3VxMXFXNWZWNG54UXB2VjMrTWxFVlBSc2g3RmNNaFNlSys2NkNIT0NaN0pFRzRKUUE3b2NkMFVrYXRYa3NGK2RzOHlYMDJ1Z0xYNDB0bUZ2bmxEZzRYWHpKMXlFcEhjMHUrNzNxcUMrOXM1NnFHc204NFZaMGhuN1pkYzk4RHJYWitVN0hrbFp5Y1BudnRwUHd4enZsSXBmRHJiWWJVK3lqLytpcmlZRGhGdDk0R3phakVLc21scTlIdFc4d1NXZzYwbUpvVUlsejVBVi9aU3dUN1M4eTJXcGxFK1RNRkZ5ZzFUak9iNEpxL1RIcEluVUluZnorb1FqcjZ3NTZmUGRVa0RXN2Y1K1NpM1lZV3ZWZlREZ0FxVDcveFZ2bGlNYzhwUTdnWmViemVCQmpaQ21WNXFUTGVlT3BoalJMOXlNTndIa3JWaDFxVzVlR3ZIVUVTZ05WZFU1Qi9tMVZyY3RXMk5QY1ZmWE1xRGczaHZmd2FwTWxFbTlMWHcvYlh0TmZLOExKWjBmSTdTOFVTVFA4YVgvQlZrTi93YWQ3VjBHakxHSmdxNWtaVEtSRnFaRGZJeTdsSDhGY1VNWjIyRXgwSUkydXYwb2hBbmltWnRVWWtCTFBYUmlZZzRBZE9WMFlzUDZLd1UvNjJ1VUZpWHgvR0JtS1k0QUkyK3FUMkRjSjB1bWVkOXFXL1UyNUg5MXo5aWFzck52RStoWE52NHRFekpldyt0SVlwVXZLMGpScUxlVDFXamJrOGVwclRDQ0JjVUdDU3FHU0liM0RRRUhBYUNDQmJZRWdnV3lNSUlGcmpDQ0Jhb0dDeXFHU0liM0RRRU1DZ0VDb0lJRk1UQ0NCUzB3VndZSktvWklodmNOQVFVTk1Fb3dLUVlKS29aSWh2Y05BUVVNTUJ3RUNOVjB6VkRNUjIxL0FnSUlBREFNQmdncWhraUc5dzBDQ1FVQU1CMEdDV0NHU0FGbEF3UUJLZ1FRbUZRdjhNNFBKTk96c25rVEFqK0tXQVNDQk5EMDZNQi8vTTBWQWxBT2YyazhIWWlUZy9UM1NhRnhvaFpXaWEwcmt5b0svYktZSWdoZWhVelN5aVEwanNzQ3JBUC93TnorQ3BBM1dUTFhyT2lEaDhXWC8yRWpSMi9qc3Z0VEtDZGJqYjA3SktXRVFwNFE1SG81dWYxY2F0VDU5ZEFzZStJdWVWTjk0bGlFVkV0SVNXTmFJWGgrZVhwQm0yb3paOERJUjRDbjNKdTRPZC9vRjQ1cEhZZ09HaUIva21Nb0FDMDJ3TU9kc1Z2dEtvWFBNWXNGZncwWmpwOWZMNXVybzZyV1hEaDlhNnY4TEtocmtIdll0c3lZVmlFMmg4bzltbGlUZ3Rram92NGU2TGo2blViRW4zSXlEZTdtcmxaNU1lMjdLVzVmV1lyanNYTTloUUx2TGt1VUh3bTZnS2tVcXZaeWdlejc3QklrTzBrSCs4V3czb08wWExYWU9IaGdBbCsrd0NMR0wvQlhWMytDOUdiNWR2UVFHa0t5UDdlWkRLRi9URjZqU3pLN2tHdlkxSWs2MUFLSHcxcWc3TkRIZTZHYTNUWFEwRDZVdXVtL3UwdFptRGNsak9UalZXWlIvSkRRa25GNlVOUGVCOVE4RjN3b1RpeFR6eXVpaFI5dnhnNXJ5NldwZnAzK2RTdXQ1d3duNm1TV0lkanZKckphNThGcE1EbnBadGxFRXdkM2g0RnZhNllzd3NKRDI0VGZaVFhRVUlpVlhSWlRjaUI5U29tTHAwbjJva2p6UlpvcDY3Mnl4WGVSQ0tmb3d4REpIU1NBbThQWUFGMGUyeDZRcmV3TVp4UUV2dWVDOHVrNis3Y2p1enE4VmJQRng4T0FPSzdsaUlBZUdzaE9oTXJOOEJsNXYwUjAweWJpSDhTM1NTcDhvcC93RWNBV0ZyaFhNMWVwUzhBeUlqTlJYU2hCM0taaE5QVWg4WHBKSDRBVFhnbXlJbkk5TVZ0NUZZaGVwamo4UHNCRWJEVFN2UU4yY3p4aTBZYWJjM3ZxTWUrcSt1Tm9LOWtYbm9JOGNWSzBSanNXbS9DZjVRQU5nUEVVWDhrY0ZCdVpiZ1E2OHhMMS9KZVg5YlJYL1FJUzRZb2pRWTdGNG1adWxIUkpRaHNlT3VNUndlMnlhZk1na3VzakJQU2dEME5tdzU1L2t6V3NzWUxxb29jTFowOERGVjdlQ1FnYW11MFNXZGplSVZHbW8yN1BuYlF1TFVuSk1jNm5jQkxJcmJwNzExTmZHaWxDYjRqNzcvb2wxU2ZmM0tOaXBoa29JYzUxbGZIUTNRcUJMWmJib3NSQmFQeElsSDhzb1pQOFpyMVIvc0dqVHl0aDRlcEtJQlpMNi9SMGlvcHpKY1RNYnJVY3FyTW1ISVBDdVlkY1graEhGaFNFb2NoU0g5d0plZTRCZDgvVDh0WG1NVW1CVXZLVFJSZkhrYzdzL2V4Q2ZMTGY4cU9YMjNSVXBrZEk1dWZvTFFFT2VwUk9qN2VrUFVHeU15T3hyd2tDUHRhYVJqT3B2OU1LYmRMNnA1RUJHekowVGxyK3p0Q2xlcmhnTkZ1OWVnLzV0OVdhTFhybCtLQlRoc2F5anpTN3FacHBQa3h2RWlTQmdDRmVSSzg2M2wrdVcydVFubU44bTUzaUdMUDg0SzJOQ0JQUG1KM3V6cDFQYkgvTUJ3WHpGbm1sK29qTEw0Qm9vclRtZ1NQVGhoSHZMbk1QMTF0T1lrTjJXQUh2elAySksxQTJadjZWTVZuQU9HYkcrd0RtcXNBbVFaN0J1eVFyeGZBU3FwZytITFR4cWFkNzc2L3p2cDR6dVkzSlZicmxtNmNUNnBEbit1Skc1SEtGdHAvcEE1WDlvQVluU2JJRFdNalJoYVRMSXdlQ2JsTUVFTVRzUzk1aUVjb2JodlU2czNuVFNBU0ZJWjk1UmhhQkhjbHVRMXlkTlllYVpNUkZXeDlTUHJLRVVPSml6OUx3aVRMMWpLdEF0bndockJkTzZpMFM3SmJiK1VXNGJnR3I1WFJyVFRHSkRXSUw3enJ3LzUzYXhDejZUS2dyV0sxTmJjQ3VHS2t0WDV3QitWcTFlUVlQNFYyYWJvYWJyeUppQWlvOGdGQ3RnQTdiRTBwMU9XczJWY0N5MnpXditVTTdrWnlYRXllOHZYajVDMUN5cG5FK241cjM2TzJaU3pGbU1DTUdDU3FHU0liM0RRRUpGVEVXQkJRMWxRK3RvdHJrWmtRYjd1RTZsT3ovZ1B6cUtUQS9CZ2txaGtpRzl3MEJDUlF4TWg0d0FFd0FhUUIwQUdVQVF3Qm9BR0VBY2dCdEFITUFSQUJoQUhRQVlRQlFBSElBYndCMEFHVUFZd0IwQUdrQWJ3QnVNRUV3TVRBTkJnbGdoa2dCWlFNRUFnRUZBQVFnQVc3T3QrNmo5WHU0blQ3cEw5ckY0M2lPblNkNXFMZCt5Sk01QTVxMndEQUVDSDFwTy9oVUV6bE5BZ0lJQUE9PQ==
   dataprotection-password: OWlIUSMmcl41eWZYRXc=
 ---
 apiVersion: v1
@@ -74,7 +73,7 @@ metadata:
   name: midrandbooks
   namespace: midrandbooks-uat
 spec:
-  replicas: 2
+  replicas: 1
   selector:
     matchLabels:
       app: midrandbooks
@@ -102,7 +101,7 @@ spec:
               memory: "256Mi"
               cpu: "100m"
           ports:
-            - containerPort: 8080
+            - containerPort: 8443
           envFrom:
             - configMapRef:
                 name: midrandbooks-config
@@ -194,13 +193,15 @@ spec:
           livenessProbe:
             httpGet:
               path: /health
-              port: 8080
+              port: 8443
+              scheme: HTTP
             initialDelaySeconds: 5
             periodSeconds: 10
           readinessProbe:
             httpGet:
               path: /health
-              port: 8080
+              port: 8443
+              scheme: HTTP
             initialDelaySeconds: 3
             periodSeconds: 5
       volumes:
@@ -214,14 +215,20 @@ metadata:
   name: midrandbooks-service
   namespace: midrandbooks-uat
 spec:
-  type: ClusterIP
+  ports:
+    - name: https
+      port: 443
+      targetPort: 8443
   selector:
     app: midrandbooks
-  ports:
+---
-    - name: http
+apiVersion: traefik.io/v1alpha1
-      protocol: TCP
+kind: ServersTransport
-      port: 80
+metadata:
-      targetPort: 8080
+  name: midrandbooks-bypass-backend-validation
+  namespace: midrandbooks-uat
+spec:
+  insecureSkipVerify: true
 ---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
@@ -236,10 +243,7 @@ spec:
       kind: Rule
       services:
         - name: midrandbooks-service
-          port: 80
+          port: 443
-          sticky:
+          scheme: http
-            cookie:
+          serversTransport: midrandbooks-bypass-backend-validation
-              name: "lp-sticky-session"
+  tls: {}
-              httpOnly: true
-              secure: true
-  tls: {}