Compare commits
14 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
e81789f8c6 | ||
 Khwezi Mngoma
|
17a74ca750 | ||
|
khwezi
|
b9f3274633 | ||
|
Khwezi Mngoma
|
53b3018d9e | ||
|
khwezi
|
552e9ff1b4 | ||
|
Khwezi Mngoma
|
8002920a07 | ||
|
khwezi
|
629dbe7cfe | ||
|
Khwezi Mngoma
|
285cb29867 | ||
|
khwezi
|
25acd67485 | ||
|
Khwezi Mngoma
|
596ab396a4 | ||
|
khwezi
|
d3672a6db9 | ||
|
Khwezi Mngoma
|
9cbde6e622 | ||
|
khwezi
|
a8056e7a9a | ||
|
Khwezi Mngoma
|
8ddf769fab |
@@ -18,13 +18,13 @@
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="LiteCharms.Features" Version="1.130.0" />
|
||||
<PackageReference Include="LiteCharms.Features" Version="1.132.0" />
|
||||
</ItemGroup>
|
||||
|
||||
<!-- UI -->
|
||||
<ItemGroup>
|
||||
<PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
|
||||
<PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.130.0" />
|
||||
<PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.132.0" />
|
||||
|
||||
<!-- Global Usings -->
|
||||
<Using Include="Blazored.Toast.Services" />
|
||||
|
||||
@@ -4,6 +4,7 @@ using LiteCharms.Features.MidrandBooks.Extensions;
|
||||
using LiteCharms.Features.MidrandBooks.Payments;
|
||||
using LiteCharms.Features.Postgres;
|
||||
using MidrandBookshop.Components;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using static LiteCharms.Features.Extensions.Quartz;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
@@ -31,12 +32,12 @@ builder.Services.AddShopServices(includeLocalStorage: true);
|
||||
builder.Services.AddHashServices(builder.Configuration);
|
||||
builder.Services.AddPayfastServices(builder.Configuration);
|
||||
|
||||
builder.Services.AddSecurityApiSdk(builder.Configuration);
|
||||
builder.Services.AddLiteCharmsWebSecurity(builder.Configuration);
|
||||
|
||||
builder.Services.AddDataProtectionDatabase(builder.Configuration);
|
||||
builder.Services.AddMidrandShopDatabase(builder.Configuration);
|
||||
|
||||
builder.Services.AddSecurityApiSdk(builder.Configuration);
|
||||
builder.Services.AddLiteCharmsWebSecurity(builder.Configuration);
|
||||
|
||||
builder.Services.AddMidrandShopPostgresHealthCheck();
|
||||
builder.Services.AddMidrandShopQuartzHealthCheck();
|
||||
builder.Services.AddHealthChecksSupport(builder.Configuration);
|
||||
@@ -49,6 +50,28 @@ builder.Services.Configure<ForwardedHeadersOptions>(options =>
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
builder.WebHost.ConfigureKestrel(options =>
|
||||
{
|
||||
var certBase64 = builder.Configuration["DataProtection:Certificate"];
|
||||
var certPassword = builder.Configuration["DataProtection:Password"];
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(certBase64))
|
||||
{
|
||||
var rawBytes = Convert.FromBase64String(certBase64);
|
||||
var kestrelCert = X509CertificateLoader.LoadPkcs12(rawBytes, certPassword);
|
||||
|
||||
options.ListenAnyIP(8443, listenOptions =>
|
||||
{
|
||||
listenOptions.UseHttps(kestrelCert);
|
||||
});
|
||||
}
|
||||
else
|
||||
options.ListenAnyIP(8080);
|
||||
});
|
||||
|
||||
app.UseForwardedHeaders();
|
||||
app.UseCookiePolicy();
|
||||
|
||||
using var security = app.Services.CreateScope();
|
||||
{
|
||||
var dataProtectionContext = security.ServiceProvider.GetRequiredService<DataProtectionDbContext>();
|
||||
@@ -56,7 +79,6 @@ using var security = app.Services.CreateScope();
|
||||
await dataProtectionContext.Database.MigrateAsync();
|
||||
}
|
||||
|
||||
app.UseForwardedHeaders();
|
||||
app.AddSecurityEndpoints();
|
||||
|
||||
var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
"commandName": "Project",
|
||||
"dotnetRunMessages": true,
|
||||
"launchBrowser": false,
|
||||
"applicationUrl": "https://localhost:7021;http://localhost:5053",
|
||||
"applicationUrl": "https://localhost:8440;http://localhost:8083",
|
||||
"environmentVariables": {
|
||||
"ASPNETCORE_ENVIRONMENT": "Development"
|
||||
}
|
||||
|
||||
+25
-16
@@ -10,8 +10,8 @@ metadata:
|
||||
name: midrandbooks-config
|
||||
namespace: midrandbooks-uat
|
||||
data:
|
||||
ASPNETCORE_ENVIRONMENT: "Development"
|
||||
ASPNETCORE_URLS: "http://0.0.0.0:8080"
|
||||
ASPNETCORE_ENVIRONMENT: "Development"
|
||||
ASPNETCORE_URLS: "https://0.0.0.0:8443"
|
||||
Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889"
|
||||
Monitoring__ServiceName: "MidrandBooks.Uat"
|
||||
HasherSettings__MinHashLength: "11"
|
||||
@@ -27,7 +27,6 @@ data:
|
||||
PayfastSettings__ValidHosts__4: "payment.payfast.io"
|
||||
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
|
||||
LiteCharmsSettings__Audience: "midrandbooks-api"
|
||||
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
|
||||
LiteCharmsClientSettings__Authority: "https://sts.security.khongisa.co.za"
|
||||
LiteCharmsClientSettings__GrantType: "client_credentials"
|
||||
LiteCharmsClientSettings__Scope: "midrandbooks-api"
|
||||
@@ -53,7 +52,7 @@ data:
|
||||
payfast-merchantkey: anU2bmF2bjBqY2JmMA==
|
||||
litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
|
||||
litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
|
||||
dataprotection-cert: MIIKgAIBAzCCCjYGCSqGSIb3DQEHAaCCCicEggojMIIKHzCCBFIGCSqGSIb3DQEHBqCCBEMwggQ/AgEAMIIEOAYJKoZIhvcNAQcBMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh9qkaVgGmz/gICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEKb2CyrUL6BTZjUF5py8BLWAggPQ7c0M6pLz8pH5B3xfcC11DeteY9ixT9hpyxYTgcBCfxxv0hunGMxoi0OZc+YGp7YEp8XSAfGd34g9xDs2TmAnwjQqVibGLGR3fpISZH20T5DHaSwgWppxeFVE7UvedixCnkwH6W9EN8cUHVd2ISVN+EhrrOJRVI6X+62uJQwq3BmY9IouuaH8dpMqmtV1xSkVd3W54goY30yZtBlP8s17lRwHXnYJRPa2Qyv0qclyTK46ktmm5eNjWhNZwYmrFgX7yxZqPw/zk2Q1f0tmE7yJpGC6xnpbPhQXxHR2X89OCB6S9hMm3uiEic01fTsaTEBIVoSwT71IZVUCa4wZaer0xS07oWQK3Yl0nu/IfmbJCk+IHRHrBMZ+uOk7EW133n+Cr48mpgr2gvCe/V3KeiDcAQYVfht7ihgME27GV6VD7Z30JmjF7DhON921zh/7NhoIiLKoIMlR1kID39M78yG4n5Xf6YdQbdWE2PTtPtBNJdk0C1vLMOcKVfm4MVnV/B4uiYZXztd0nKMD4v/kgApxDOpw/HYN5psVbAeC3Y1clpP0UsbMJ//VWPMAkpbm/GzIMHleid5rLP7UIgxxopUYOwIP6hl8wnsosOlLo09XNIARoPqANorh6x+9QlhN+58JSYILjnFnkr47EYxZHqCIzCLv1VZdmfpbQ8fKJ02LjGu9SGXsQD3qvQkvLGyegBcp3+8gXka1TiaKTOKHwy85RhH3uq1qW5fV4nxQpvV3+MlEVPRsh7FcMhSeK+66CHOCZ7JEG4JQA7ocd0UkatXksF+ds8yX02ugLX40tmFvnlDg4XXzJ1yEpHc0u+73qqC+9s56qGsm84VZ0hn7Zdc98DrXZ+U7HklZycPnvtpPwxzvlIpfDrbYbU+yj/+iriYDhFt94GzajEKsmlq9HtW8wSWg60mJoUIlz5AV/ZSwT7S8y2WplE+TMFFyg1TjOb4Jq/THpInUInfz+oQjr6w56fPdUkDW7f5+Si3YYWvVfTDgAqT7/xVvliMc8pQ7gZebzeBBjZCmV5qTLeeOphjRL9yMNwHkrVh1qW5eGvHUESgNVdU5B/m1VrctW2NPcVfXMqDg3hvfwapMlEm9LXw/bXtNfK8LJZ0fI7S8USTP8aX/BVkN/wad7V0GjLGJgq5kZTKRFqZDfIy7lH8FcUMZ22Ex0II2uv0ohAnimZtUYkBLPXRiYg4AdOV0YsP6KwU/62uUFiXx/GBmKY4AI2+qT2DcJ0umed9qW/U25H91z9iasrNvE+hXNv4tEzJew+tIYpUvK0jRqLeT1Wjbk8eprTCCBcUGCSqGSIb3DQEHAaCCBbYEggWyMIIFrjCCBaoGCyqGSIb3DQEMCgECoIIFMTCCBS0wVwYJKoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECNV0zVDMR21/AgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQmFQv8M4PJNOzsnkTAj+KWASCBND06MB//M0VAlAOf2k8HYiTg/T3SaFxohZWia0rkyoK/bKYIghehUzSyiQ0jssCrAP/wNz+CpA3WTLXrOiDh8WX/2EjR2/jsvtTKCdbjb07JKWEQp4Q5Ho5uf1catT59dAse+IueVN94liEVEtISWNaIXh+eXpBm2ozZ8DIR4Cn3Ju4Od/oF45pHYgOGiB/kmMoAC02wMOdsVvtKoXPMYsFfw0Zjp9fL5uro6rWXDh9a6v8LKhrkHvYtsyYViE2h8o9mliTgtkjov4e6Lj6nUbEn3IyDe7mrlZ5Me27KW5fWYrjsXM9hQLvLkuUHwm6gKkUqvZygez77BIkO0kH+8Ww3oO0XLXYOHhgAl++wCLGL/BXV3+C9Gb5dvQQGkKyP7eZDKF/TF6jSzK7kGvY1Ik61AKHw1qg7NDHe6Ga3TXQ0D6Uuum/u0tZmDcljOTjVWZR/JDQknF6UNPeB9Q8F3woTixTzyuihR9vxg5ry6Wpfp3+dSut5wwn6mSWIdjvJrJa58FpMDnpZtlEEwd3h4Fva6YswsJD24TfZTXQUIiVXRZTciB9SomLp0n2okjzRZop672yxXeRCKfowxDJHSSAm8PYAF0e2x6QrewMZxQEvueC8uk6+7cjuzq8VbPFx8OAOK7liIAeGshOhMrN8Bl5v0R00ybiH8S3SSp8op/wEcAWFrhXM1epS8AyIjNRXShB3KZhNPUh8XpJH4ATXgmyInI9MVt5FYhepjj8PsBEbDTSvQN2czxi0Yabc3vqMe+q+uNoK9kXnoI8cVK0RjsWm/Cf5QANgPEUX8kcFBuZbgQ68xL1/JeX9bRX/QIS4YojQY7F4mZulHRJQhseOuMRwe2yafMgkusjBPSgD0Nmw55/kzWssYLqoocLZ08DFV7eCQgamu0SWdjeIVGmo27PnbQuLUnJMc6ncBLIrbp711NfGilCb4j77/ol1Sff3KNiphkoIc51lfHQ3QqBLZbbosRBaPxIlH8soZP8Zr1R/sGjTyth4epKIBZL6/R0iopzJcTMbrUcqrMmHIPCuYdcX+hHFhSEochSH9wJee4Bd8/T8tXmMUmBUvKTRRfHkc7s/exCfLLf8qOX23RUpkdI5ufoLQEOepROj7ekPUGyMyOxrwkCPtaaRjOpv9MKbdL6p5EBGzJ0Tlr+ztClerhgNFu9eg/5t9WaLXrl+KBThsayjzS7qZppPkxvEiSBgCFeRK863l+uW2uQnmN8m53iGLP84K2NCBPPmJ3uzp1PbH/MBwXzFnml+ojLL4BoorTmgSPThhHvLnMP11tOYkN2WAHvzP2JK1A2Zv6VMVnAOGbG+wDmqsAmQZ7BuyQrxfASqpg+HLTxqad776/zvp4zuY3JVbrlm6cT6pDn+uJG5HKFtp/pA5X9oAYnSbIDWMjRhaTLIweCblMEEMTsS95iEcobhvU6s3nTSASFIZ95RhaBHcluQ1ydNYeaZMRFWx9SPrKEUOJiz9LwiTL1jKtAtnwhrBdO6i0S7Jbb+UW4bgGr5XRrTTGJDWIL7zrw/53axCz6TKgrWK1NbcCuGKktX5wB+Vq1eQYP4V2aboabryJiAio8gFCtgA7bE0p1OWs2VcCy2zWv+UM7kZyXEye8vXj5C1CypnE+n5r36O2ZSzFmMCMGCSqGSIb3DQEJFTEWBBQ1lQ+totrkZkQb7uE6lOz/gPzqKTA/BgkqhkiG9w0BCRQxMh4wAEwAaQB0AGUAQwBoAGEAcgBtAHMARABhAHQAYQBQAHIAbwB0AGUAYwB0AGkAbwBuMEEwMTANBglghkgBZQMEAgEFAAQgAW7Ot+6j9Xu4nT7pL9rF43iOnSd5qLd+yJM5A5q2wDAECH1pO/hUEzlNAgIIAA==
|
||||
dataprotection-cert: TUlJS2dBSUJBekNDQ2pZR0NTcUdTSWIzRFFFSEFhQ0NDaWNFZ2dvak1JSUtIekNDQkZJR0NTcUdTSWIzRFFFSEJxQ0NCRU13Z2dRL0FnRUFNSUlFT0FZSktvWklodmNOQVFjQk1GY0dDU3FHU0liM0RRRUZEVEJLTUNrR0NTcUdTSWIzRFFFUkREUWEwZ0F3RUFBaUFCQURBTkJnbGdoa2dCWlFNRUFnRUZBQUFTb0VFS2Y2bE55USt1REU4ZjNCOWw5T3pGNG9mSmw5cUtkK3lKTTVBNXEy d0RBRUNIMXBPL2hVRXpsTkFnSUlBQT09
|
||||
dataprotection-password: OWlIUSMmcl41eWZYRXc=
|
||||
---
|
||||
apiVersion: v1
|
||||
@@ -74,7 +73,7 @@ metadata:
|
||||
name: midrandbooks
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
replicas: 2
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: midrandbooks
|
||||
@@ -102,7 +101,7 @@ spec:
|
||||
memory: "256Mi"
|
||||
cpu: "100m"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
- containerPort: 8443
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: midrandbooks-config
|
||||
@@ -194,13 +193,15 @@ spec:
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /health
|
||||
port: 8080
|
||||
port: 8443
|
||||
scheme: HTTPS
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /health
|
||||
port: 8080
|
||||
port: 8443
|
||||
scheme: HTTPS
|
||||
initialDelaySeconds: 3
|
||||
periodSeconds: 5
|
||||
volumes:
|
||||
@@ -214,14 +215,20 @@ metadata:
|
||||
name: midrandbooks-service
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: https
|
||||
port: 443
|
||||
targetPort: 8443
|
||||
selector:
|
||||
app: midrandbooks
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
port: 80
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: ServersTransport
|
||||
metadata:
|
||||
name: midrandbooks-bypass-backend-validation
|
||||
namespace: midrandbooks-uat
|
||||
spec:
|
||||
insecureSkipVerify: true
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
@@ -236,10 +243,12 @@ spec:
|
||||
kind: Rule
|
||||
services:
|
||||
- name: midrandbooks-service
|
||||
port: 80
|
||||
port: 443
|
||||
scheme: https
|
||||
serversTransport: midrandbooks-bypass-backend-validation
|
||||
sticky:
|
||||
cookie:
|
||||
name: "lp-sticky-session"
|
||||
httpOnly: true
|
||||
secure: true
|
||||
tls: {}
|
||||
tls: {}
|
||||
|
||||
Reference in New Issue
Block a user