Docker image cache test

.drone.yml

@@ -23,7 +23,7 @@ trigger:
 kind: pipeline
 type: docker
 name: package
-
+ 
 steps:
   - name: docker-build
     image: plugins/docker
@@ -31,6 +31,10 @@ steps:
       registry: nexus.khongisa.co.za
       repo: nexus.khongisa.co.za/midrandbooks
       tags: [ latest, "1.${DRONE_BUILD_NUMBER}" ]
+      use_cache: true
+      cache_from: nexus.khongisa.co.za/midrandbooks:latest
+      build_args:
+        - BUILDKIT_INLINE_CACHE=1
       custom_labels:
         - org.opencontainers.image.source=https://gitea.khongisa.co.za/litecharms/midrandbooks
         - org.opencontainers.image.version=1.${DRONE_BUILD_NUMBER}

MidrandBookshop/Components/Layout/MainLayout.razor.cs

@@ -27,13 +27,9 @@ public partial class MainLayout(CartService cartService) : IDisposable
         Navigation.LocationChanged += OnLocationChanged;
         cartService.OnCartChanged += CartService_OnCartChanged;
 
-        SyncSearchQueryFromUrl();
-    }
+        await cartService.LoadCartFromStorageAsync();
 
-    protected override async Task OnAfterRenderAsync(bool firstRender)
-    {
-        if (firstRender) 
-            await cartService.LoadCartFromStorageAsync();
+        SyncSearchQueryFromUrl();
     }
 
     private async void CartService_OnCartChanged() => await InvokeAsync(StateHasChanged);
@@ -104,7 +100,7 @@ public partial class MainLayout(CartService cartService) : IDisposable
 
     private void ToggleCart() => IsCartOpen = !IsCartOpen;
 
-    private async void ChangeQuantity(CartItem item, int delta)
+    private async Task ChangeQuantity(CartItem item, int delta)
     {
         var peekQuantity = item.Quantity + delta;
 
@@ -115,7 +111,7 @@ public partial class MainLayout(CartService cartService) : IDisposable
         await cartService.SaveCartToStorageAsync();
     }
 
-    private async void RemoveFromCart(CartItem item)
+    private async Task RemoveFromCart(CartItem item)
     {
         cartService.RemoveOneItem(item.Price!.Id);
 

MidrandBookshop/Components/Pages/Checkout.razor.cs

@@ -1,13 +1,10 @@
 using LiteCharms.Features.Api.Configuration;
 using LiteCharms.Features.Hasher;
 using LiteCharms.Features.MidrandBooks.AuthorBooks;
-using LiteCharms.Features.MidrandBooks.Customers;
-using LiteCharms.Features.MidrandBooks.Customers.Models;
 using LiteCharms.Features.MidrandBooks.Orders;
 using LiteCharms.Features.MidrandBooks.Orders.Models;
 using LiteCharms.Features.MidrandBooks.Payments;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
-using LiteCharms.Features.MidrandBooks.Products;
 
 namespace MidrandBookshop.Components.Pages;
 
@@ -19,14 +16,13 @@ public partial class Checkout()
     [Inject] public BooksService BooksService { get; set; } = default!;
     [Inject] public CartService CartService { get; set; } = default!;
     [Inject] public PayfastService PayfastService { get; set; } = default!;
-    [Inject] public CustomerService CustomerService { get; set; } = default!;
-    [Inject] public ProductService ProductService { get; set; } = default!;
     [Inject] public IOptions<PayfastSettings> PayfastOptions { get; set; } = default!;
     [Inject] private AuthenticationStateProvider AuthStateProvider { get; set; } = default!;
     [Inject] public IJSRuntime JSRuntime { get; set; } = default!;
+    [Inject] private HydrationService HydrationService { get; set; } = default!;
+    [Inject] private CancellationToken CancellationToken { get; set; } = default!;
 
     private Cart ShoppingCart => CartService.ShoppingCart;
-    private AuthenticationState? AuthState { get; set; }
     private ClaimsPrincipal? User { get; set; }
     private bool IsProcessing { get; set; }
 
@@ -37,18 +33,31 @@ public partial class Checkout()
 
     protected override async Task OnInitializedAsync()
     {
-        AuthState = await AuthStateProvider.GetAuthenticationStateAsync();
-        User = AuthState!.User;
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        User = authState!.User;
 
         Navigation.LocationChanged += OnLocationChanged;
         CartService.OnCartChanged += CartService_OnCartChanged;
+
+        await CartService.LoadCartFromStorageAsync();
+    }
+
+    protected override async Task OnAfterRenderAsync(bool firstRender)
+    {
+        if (firstRender == false && HydrationService.CartHydrated == false)
+        {
+            await HydrationService.EnsureCustomerExistsAsync(CancellationToken);
+            await HydrationService.RehydrateCartFromPendingOrderAsync(CancellationToken);
+
+            CartService.NotifyStateChanged();
+        }
     }
 
     private async void CartService_OnCartChanged() => await InvokeAsync(StateHasChanged);
 
     private void OnLocationChanged(object? sender, LocationChangedEventArgs e) => StateHasChanged();
 
-    private async void ChangeQuantity(CartItem item, int delta)
+    private async Task ChangeQuantity(CartItem item, int delta)
     {
         var peekQuantity = item.Quantity + delta;
 
@@ -59,7 +68,7 @@ public partial class Checkout()
         await CartService.SaveCartToStorageAsync();
     }
 
-    private async void RemoveFromCart(CartItem item)
+    private async Task RemoveFromCart(CartItem item)
     {
         CartService.RemoveOneItem(item.Price!.Id);
 
@@ -72,37 +81,31 @@ public partial class Checkout()
 
         try
         {
-            // 1. Instantly disable the button to prevent duplicate click submissions
             IsProcessing = true;
-            StateHasChanged(); // Force Blazor Server to push the disabled state over SignalR immediately
 
-            var customerEmail = User?.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value!;
+            StateHasChanged();
 
-            // 2. Create customer if ShoppingCart.CustomerId is null
-            if (ShoppingCart.CustomerId == null)
+            Result<long> orderResult;
+
+            var customerId = (long)ShoppingCart.CustomerId!;
+
+            if (!ShoppingCart.OrderId.HasValue)
             {
-                var existingCustomer = await CustomerService.GetCustomerAsync(customerEmail);
+                CreateOrder request = new(ShoppingCart.TotalAmount, null);
 
-                if (existingCustomer.IsSuccess)
-                    ShoppingCart.CustomerId = existingCustomer.Value.Id;
-
-                if (existingCustomer.IsFailed)
-                {
-                    var customerCreate = await CustomerService.CreateCustomerAsync(new CreateCustomer { Email = customerEmail });
-
-                    if (customerCreate.IsSuccess)
-                        ShoppingCart.CustomerId = customerCreate.Value;
-                }
+                orderResult = await OrderService.CreateOrderAsync(customerId, request, CancellationToken);
+                ShoppingCart.OrderId = orderResult.Value;
             }
 
-            // 3. Create order using shopping cart and assign the ShoppingCart.OrderId
-
-            var order = await OrderService.CreateOrderAsync(ShoppingCart.CustomerId!.Value, new CreateOrder(ShoppingCart.TotalAmount, null));
             List<CreateOrderItem> orderItems = [];
 
+            var orderId = (long)ShoppingCart.OrderId;
+
+            await OrderService.ClearOrderItemsAsync(orderId, CancellationToken);
+
             foreach (var item in ShoppingCart.Items)
             {
-                var bookRequest = await BooksService.GetBookByProductIdAsync(item.Price!.Id);
+                var bookRequest = await BooksService.GetBookByProductIdAsync(item.Price!.Id, CancellationToken);
 
                 if (bookRequest.IsSuccess)
                 {
@@ -111,22 +114,21 @@ public partial class Checkout()
                 }
             }
 
-            var paymentGen = await PaymentService.CreatePaymentAsync(ShoppingCart.TotalAmount, order.Value, HashService.HashEncodeLongId(order.Value).Value);
-            var merchantPaymentId = HashService.HashEncodeLongId(order.Value).Value;
+            var orderHash = HashService.HashEncodeLongId(orderId).Value;
+            var paymentGen = await PaymentService.CreatePaymentAsync(ShoppingCart.TotalAmount, orderId, orderHash, CancellationToken);
 
-            await PaymentService.WriteLedgerEntryAsync(new CreateLedgerEntry
+            CreateLedgerEntry ledgerRequest = new()
             {
-                OrderId = order.Value,
-                CustomerId = ShoppingCart.CustomerId.Value,
-                PaymentGatewayId = 1,
-                PaymentGatewayReference = merchantPaymentId,
+                OrderId = orderId,
+                CustomerId = customerId,
+                PaymentGatewayId = 1, // TODO: lookup value to match user selection
+                PaymentGatewayReference = orderHash,
                 PaymentId = paymentGen.Value,
                 Status = LiteCharms.Features.LedgerStatuses.Sent,
-            });
+            };
+            await PaymentService.WriteLedgerEntryAsync(ledgerRequest, CancellationToken);
 
-            var addItemsResult = await OrderService.AddItemsToOrderAsync(order.Value, [.. orderItems]);
-
-            // 4. Generate the signed Payfast form payload using your backend service            
+            var addItemsResult = await OrderService.AddItemsToOrderAsync(orderId, [.. orderItems], CancellationToken);
             var hostAddress = Navigation.BaseUri.TrimEnd('/');
 
             CheckoutPayload = new Dictionary<string, string>
@@ -136,8 +138,8 @@ public partial class Checkout()
                 { "return_url", $"{hostAddress}/payment-success" },
                 { "cancel_url", $"{hostAddress}/payment-failed" },
                 { "notify_url", "https://api.uat.midrandbooks.co.za/v1/payments/payfast/confirm" },
-                { "email_address", customerEmail },
-                { "m_payment_id", merchantPaymentId },
+                { "email_address", User?.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value! },
+                { "m_payment_id", orderHash },
                 { "amount", ShoppingCart.TotalAmount.ToString("F2", CultureInfo.InvariantCulture) },
                 { "item_name", "MidrandBooks Sale" },
             };
@@ -147,7 +149,6 @@ public partial class Checkout()
 
             StateHasChanged();
 
-            // 6. Execute programmatic submit directly into the sandbox
             await JSRuntime.InvokeVoidAsync("eval", "document.getElementById('payfastForm').submit();");
         }
         catch

MidrandBookshop/Components/Pages/Home.razor.cs

@@ -2,6 +2,7 @@
 using LiteCharms.Features.MidrandBooks.AuthorBooks;
 using LiteCharms.Features.MidrandBooks.Authors;
 using LiteCharms.Features.MidrandBooks.Categories;
+using LiteCharms.Features.MidrandBooks.Payments;
 using LiteCharms.Features.MidrandBooks.Products;
 using LiteCharms.Features.MidrandBooks.Products.Models;
 using LiteCharms.Features.Models;
@@ -15,6 +16,9 @@ public partial class Home : ComponentBase
     [Inject] private AuthorService AuthorService { get; set; } = default!;
     [Inject] private CategoryService CategoryService { get; set; } = default!;
     [Inject] private NavigationManager Navigation { get; set; } = default!;
+    [Inject] private HydrationService HydrationService { get; set; } = default!;
+    [Inject] private CancellationToken CancellationToken { get; set; } = default!;
+    [Inject] private CartService CartService { get; set; } = default!;
 
     [SupplyParameterFromQuery(Name = "q")] public string? SharedSearchQuery { get; set; }
     [SupplyParameterFromQuery] public long? AuthorId { get; set; }
@@ -95,6 +99,17 @@ public partial class Home : ComponentBase
 
     private bool HasMoreItems => FilteredData.Count() > VisibleCount;
 
+    protected override async Task OnInitializedAsync() => await CartService.LoadCartFromStorageAsync();
+
+    protected override async Task OnAfterRenderAsync(bool firstRender)
+    {
+        if (firstRender == false && HydrationService.CartHydrated == false)
+        {
+            await HydrationService.EnsureCustomerExistsAsync(CancellationToken);
+            await HydrationService.RehydrateCartFromPendingOrderAsync(CancellationToken);
+        }
+    }
+
     protected override async Task OnParametersSetAsync() => await LoadCatalogDataAsync();
 
     private async Task LoadCatalogDataAsync()

MidrandBookshop/HydrationService.cs

@@ -0,0 +1,116 @@
+using LiteCharms.Features.MidrandBooks.AuthorBooks;
+using LiteCharms.Features.MidrandBooks.Authors;
+using LiteCharms.Features.MidrandBooks.Customers;
+using LiteCharms.Features.MidrandBooks.Customers.Models;
+using LiteCharms.Features.MidrandBooks.Orders;
+using LiteCharms.Features.MidrandBooks.Payments;
+using LiteCharms.Features.MidrandBooks.Payments.Models;
+using LiteCharms.Features.MidrandBooks.Products;
+
+namespace MidrandBookshop;
+
+public sealed class HydrationService(AuthenticationStateProvider authStateProvider, CustomerService customerService,
+    ProductService productService, OrderService orderService, BooksService booksService, AuthorService authorService, 
+    CartService cartService)
+{
+    private Cart ShoppingCart => cartService.ShoppingCart;
+
+    private AuthenticationState? AuthState { get; set; }
+    private ClaimsPrincipal? User { get; set; }
+
+    public bool CartHydrated { get; set; }
+
+    public async Task EnsureCustomerExistsAsync(CancellationToken cancellationToken = default)
+    {
+        if (ShoppingCart.CustomerId > 0) return;
+
+        AuthState = await authStateProvider.GetAuthenticationStateAsync();
+        User = AuthState!.User;
+
+        if (User?.Identity?.IsAuthenticated == false) return;
+
+        var email = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value!;
+
+        var existingCustomer = await customerService.GetCustomerAsync(email, cancellationToken);
+
+        if (existingCustomer.IsSuccess)
+            ShoppingCart.CustomerId = existingCustomer.Value.Id;
+
+        if (existingCustomer.IsFailed)
+        {
+            var name = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value ?? string.Empty;
+            var lastname = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)?.Value ?? string.Empty;
+            var mobile = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.MobilePhone)?.Value ?? string.Empty;
+
+            var customerCreate = await customerService.CreateCustomerAsync(new CreateCustomer { Email = email }, cancellationToken);
+
+            if (customerCreate.IsSuccess && !string.IsNullOrWhiteSpace(name))
+            {
+                ShoppingCart.CustomerId = customerCreate.Value;
+
+                if (!string.IsNullOrWhiteSpace(name))
+                    await customerService.CreateCustomerContactAsync((long)ShoppingCart.CustomerId, new CreateCustomerContact
+                    {
+                        Email = email,
+                        Name = name,
+                        LastName = lastname,
+                        Phone = mobile,
+                        Type = LiteCharms.Features.ContactTypes.Personal
+                    }, cancellationToken);
+            }
+        }
+    }
+
+    public async Task RehydrateCartFromPendingOrderAsync(CancellationToken cancellationToken = default)
+    {
+        if (User?.Identity?.IsAuthenticated == false) return;
+
+        if (ShoppingCart.OrderId > 0 && ShoppingCart.CustomerId > 0)
+        {
+            cartService.CalculateTotalPrice();
+            CartHydrated = true;
+
+            return;
+        }
+
+        var orderResult = await orderService.GetPendingOrderAsync((long)ShoppingCart.CustomerId!, cancellationToken);
+
+        if (orderResult.IsFailed) return;
+
+        if(orderResult.Value.Id == ShoppingCart.OrderId)
+        {
+            cartService.CalculateTotalPrice();
+            CartHydrated = true;
+
+            return;
+        }
+
+        var orderItemsResult = await orderService.GetOrderItemsAsync((long)orderResult.Value.Id!, cancellationToken);
+
+        ShoppingCart.OrderId = orderResult.Value.Id;
+
+        if(orderItemsResult.IsFailed) return;
+
+        foreach (var item in orderItemsResult.Value)
+        {
+            var priceFetchResult = await productService.GetProductPriceAsync(item.ProductPriceId, cancellationToken);
+
+            if (priceFetchResult.IsFailed) continue;
+
+            var bookFetchResult = await booksService.GetBookByProductIdAsync(priceFetchResult.Value.ProductId, cancellationToken);
+
+            if (bookFetchResult.IsFailed) continue;
+
+            var authorFetchResult = await authorService.GetAuthorAsync(bookFetchResult.Value.AuthorId, cancellationToken);
+
+            if (authorFetchResult.IsFailed) continue;
+            
+            if(!ShoppingCart.Items.Any(i => i.Price!.Id == item.ProductPriceId))
+                cartService.AddItem(priceFetchResult.Value, bookFetchResult.Value.Product!, authorFetchResult.Value);
+        }
+
+        CartHydrated = true;
+
+        await cartService.SaveCartToStorageAsync();
+    }
+}

MidrandBookshop/MidrandBookshop.csproj

@@ -18,13 +18,13 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="LiteCharms.Features" Version="1.135.0" />
+    <PackageReference Include="LiteCharms.Features" Version="1.137.0" />
   </ItemGroup>
 
   <!-- UI -->
   <ItemGroup>
     <PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
-    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.135.0" />
+    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.137.0" />
     
     <!-- Global Usings -->
     <Using Include="Blazored.Toast.Services" />

MidrandBookshop/Properties/launchSettings.json

@@ -14,7 +14,7 @@
         "commandName": "Project",
         "dotnetRunMessages": true,
         "launchBrowser": false,
-        "applicationUrl": "https://localhost:8440;http://localhost:8083",
+        "applicationUrl": "https://localhost:8443;http://localhost:8080",
         "environmentVariables": {
           "ASPNETCORE_ENVIRONMENT": "Development"
         }

MidrandBookshop/Setup.cs

@@ -10,6 +10,7 @@ public static class Setup
 {
     public static IServiceCollection RegisterServices(this IServiceCollection services, IConfiguration configuration)
     {
+        services.AddCancellationToken();
         services.AddAntiforgery();
 
         services.AddRazorComponents()
@@ -28,6 +29,7 @@ public static class Setup
 
         services.AddHttpClient();
         services.AddScoped<CartService>();
+        services.AddScoped<HydrationService>();
         services.AddShopServices(includeLocalStorage: true);
         services.AddHashServices(configuration);
         services.AddPayfastServices(configuration);
@@ -45,7 +47,12 @@ public static class Setup
         services.Configure<ForwardedHeadersOptions>(options =>
         {
             options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+
             options.KnownProxies.Clear();
+            options.KnownIPNetworks.Clear();
+
+            options.ForwardLimit = null;
+            options.RequireHeaderSymmetry = false;
         });
 
         return services;

midrandbooks-uat.yml

@@ -1,4 +1,3 @@
----
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -32,30 +31,6 @@ data:
   LiteCharmsClientSettings__Scope: "midrandbooks-api"
 ---
 apiVersion: v1
-kind: Secret
-metadata:
-  name: midrandbooks-secrets
-  namespace: midrandbooks-uat
-type: Opaque
-data:  
-  connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
-  dataprotection-connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
-  connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl
-  aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw==
-  hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0=  
-  bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
-  bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
-  litecharms-clientid: bWlkcmFuZGJvb2tzLXVhdA==
-  litecharms-clientsecret: c2VjcmV0Xzc3OGJkODM3NWFjNGE3Mzg2N2QxZDdhNjcwODJlZTJjNGU4NmUwODYwYmI0Y2ZlZWI5NDExOTQ5OTk2ZThhOGU=
-  payfast-passphrase: OUdBSVIwdFdwaFgwcU8=
-  payfast-merchantid: MTAwNDkzMDc=
-  payfast-merchantkey: anU2bmF2bjBqY2JmMA==
-  litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
-  litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
-  dataprotection-cert: TUlJS2dBSUJBekNDQ2pZR0NTcUdTSWIzRFFFSEFhQ0NDaWNFZ2dvak1JSUtIekNDQkZJR0NTcUdTSWIzRFFFSEJxQ0NCRU13Z2dRL0FnRUFNSUlFT0FZSktvWklodmNOQVFjQk1GY0dDU3FHU0liM0RRRUZEVEJLTUNrR0NTcUdTSWIzRFFFRkREQWNCQWg5cWthVmdHbXovZ0lDQ0FBd0RBWUlLb1pJaHZjTkFna0ZBREFkQmdsZ2hrZ0JaUU1FQVNvRUVLYjJDeXJVTDZCVFpqVUY1cHk4QkxXQWdnUFE3YzBNNnBMejhwSDVCM3hmY0MxMURldGVZOWl4VDlocHl4WVRnY0JDZnh4djBodW5HTXhvaTBPWmMrWUdwN1lFcDhYU0FmR2QzNGc5eERzMlRtQW53alFxVmliR0xHUjNmcElTWkgyMFQ1REhhU3dnV3BweGVGVkU3VXZlZGl4Q25rd0g2VzlFTjhjVUhWZDJJU1ZOK0VocnJPSlJWSTZYKzYydUpRd3EzQm1ZOUlvdXVhSDhkcE1xbXRWMXhTa1ZkM1c1NGdvWTMweVp0QmxQOHMxN2xSd0hYbllKUlBhMlF5djBxY2x5VEs0Nmt0bW01ZU5qV2hOWndZbXJGZ1g3eXhacVB3L3prMlExZjB0bUU3eUpwR0M2eG5wYlBoUVh4SFIyWDg5T0NCNlM5aE1tM3VpRWljMDFmVHNhVEVCSVZvU3dUNzFJWlZVQ2E0d1phZXIweFMwN29XUUszWWwwbnUvSWZtYkpDaytJSFJIckJNWit1T2s3RVcxMzNuK0NyNDhtcGdyMmd2Q2UvVjNLZWlEY0FRWVZmaHQ3aWhnTUUyN0dWNlZEN1ozMEptakY3RGhPTjkyMXpoLzdOaG9JaUxLb0lNbFIxa0lEMzlNNzh5RzRuNVhmNllkUWJkV0UyUFR0UHRCTkpkazBDMXZMTU9jS1ZmbTRNVm5WL0I0dWlZWlh6dGQwbktNRDR2L2tnQXB4RE9wdy9IWU41cHNWYkFlQzNZMWNscFAwVXNiTUovL1ZXUE1Ba3BibS9HeklNSGxlaWQ1ckxQN1VJZ3h4b3BVWU93SVA2aGw4d25zb3NPbExvMDlYTklBUm9QcUFOb3JoNngrOVFsaE4rNThKU1lJTGpuRm5rcjQ3RVl4WkhxQ0l6Q0x2MVZaZG1mcGJROGZLSjAyTGpHdTlTR1hzUUQzcXZRa3ZMR3llZ0JjcDMrOGdYa2ExVGlhS1RPS0h3eTg1UmhIM3VxMXFXNWZWNG54UXB2VjMrTWxFVlBSc2g3RmNNaFNlSys2NkNIT0NaN0pFRzRKUUE3b2NkMFVrYXRYa3NGK2RzOHlYMDJ1Z0xYNDB0bUZ2bmxEZzRYWHpKMXlFcEhjMHUrNzNxcUMrOXM1NnFHc204NFZaMGhuN1pkYzk4RHJYWitVN0hrbFp5Y1BudnRwUHd4enZsSXBmRHJiWWJVK3lqLytpcmlZRGhGdDk0R3phakVLc21scTlIdFc4d1NXZzYwbUpvVUlsejVBVi9aU3dUN1M4eTJXcGxFK1RNRkZ5ZzFUak9iNEpxL1RIcEluVUluZnorb1FqcjZ3NTZmUGRVa0RXN2Y1K1NpM1lZV3ZWZlREZ0FxVDcveFZ2bGlNYzhwUTdnWmViemVCQmpaQ21WNXFUTGVlT3BoalJMOXlNTndIa3JWaDFxVzVlR3ZIVUVTZ05WZFU1Qi9tMVZyY3RXMk5QY1ZmWE1xRGczaHZmd2FwTWxFbTlMWHcvYlh0TmZLOExKWjBmSTdTOFVTVFA4YVgvQlZrTi93YWQ3VjBHakxHSmdxNWtaVEtSRnFaRGZJeTdsSDhGY1VNWjIyRXgwSUkydXYwb2hBbmltWnRVWWtCTFBYUmlZZzRBZE9WMFlzUDZLd1UvNjJ1VUZpWHgvR0JtS1k0QUkyK3FUMkRjSjB1bWVkOXFXL1UyNUg5MXo5aWFzck52RStoWE52NHRFekpldyt0SVlwVXZLMGpScUxlVDFXamJrOGVwclRDQ0JjVUdDU3FHU0liM0RRRUhBYUNDQmJZRWdnV3lNSUlGcmpDQ0Jhb0dDeXFHU0liM0RRRU1DZ0VDb0lJRk1UQ0NCUzB3VndZSktvWklodmNOQVFVTk1Fb3dLUVlKS29aSWh2Y05BUVVNTUJ3RUNOVjB6VkRNUjIxL0FnSUlBREFNQmdncWhraUc5dzBDQ1FVQU1CMEdDV0NHU0FGbEF3UUJLZ1FRbUZRdjhNNFBKTk96c25rVEFqK0tXQVNDQk5EMDZNQi8vTTBWQWxBT2YyazhIWWlUZy9UM1NhRnhvaFpXaWEwcmt5b0svYktZSWdoZWhVelN5aVEwanNzQ3JBUC93TnorQ3BBM1dUTFhyT2lEaDhXWC8yRWpSMi9qc3Z0VEtDZGJqYjA3SktXRVFwNFE1SG81dWYxY2F0VDU5ZEFzZStJdWVWTjk0bGlFVkV0SVNXTmFJWGgrZVhwQm0yb3paOERJUjRDbjNKdTRPZC9vRjQ1cEhZZ09HaUIva21Nb0FDMDJ3TU9kc1Z2dEtvWFBNWXNGZncwWmpwOWZMNXVybzZyV1hEaDlhNnY4TEtocmtIdll0c3lZVmlFMmg4bzltbGlUZ3Rram92NGU2TGo2blViRW4zSXlEZTdtcmxaNU1lMjdLVzVmV1lyanNYTTloUUx2TGt1VUh3bTZnS2tVcXZaeWdlejc3QklrTzBrSCs4V3czb08wWExYWU9IaGdBbCsrd0NMR0wvQlhWMytDOUdiNWR2UVFHa0t5UDdlWkRLRi9URjZqU3pLN2tHdlkxSWs2MUFLSHcxcWc3TkRIZTZHYTNUWFEwRDZVdXVtL3UwdFptRGNsak9UalZXWlIvSkRRa25GNlVOUGVCOVE4RjN3b1RpeFR6eXVpaFI5dnhnNXJ5NldwZnAzK2RTdXQ1d3duNm1TV0lkanZKckphNThGcE1EbnBadGxFRXdkM2g0RnZhNllzd3NKRDI0VGZaVFhRVUlpVlhSWlRjaUI5U29tTHAwbjJva2p6UlpvcDY3Mnl4WGVSQ0tmb3d4REpIU1NBbThQWUFGMGUyeDZRcmV3TVp4UUV2dWVDOHVrNis3Y2p1enE4VmJQRng4T0FPSzdsaUlBZUdzaE9oTXJOOEJsNXYwUjAweWJpSDhTM1NTcDhvcC93RWNBV0ZyaFhNMWVwUzhBeUlqTlJYU2hCM0taaE5QVWg4WHBKSDRBVFhnbXlJbkk5TVZ0NUZZaGVwamo4UHNCRWJEVFN2UU4yY3p4aTBZYWJjM3ZxTWUrcSt1Tm9LOWtYbm9JOGNWSzBSanNXbS9DZjVRQU5nUEVVWDhrY0ZCdVpiZ1E2OHhMMS9KZVg5YlJYL1FJUzRZb2pRWTdGNG1adWxIUkpRaHNlT3VNUndlMnlhZk1na3VzakJQU2dEME5tdzU1L2t6V3NzWUxxb29jTFowOERGVjdlQ1FnYW11MFNXZGplSVZHbW8yN1BuYlF1TFVuSk1jNm5jQkxJcmJwNzExTmZHaWxDYjRqNzcvb2wxU2ZmM0tOaXBoa29JYzUxbGZIUTNRcUJMWmJib3NSQmFQeElsSDhzb1pQOFpyMVIvc0dqVHl0aDRlcEtJQlpMNi9SMGlvcHpKY1RNYnJVY3FyTW1ISVBDdVlkY1graEhGaFNFb2NoU0g5d0plZTRCZDgvVDh0WG1NVW1CVXZLVFJSZkhrYzdzL2V4Q2ZMTGY4cU9YMjNSVXBrZEk1dWZvTFFFT2VwUk9qN2VrUFVHeU15T3hyd2tDUHRhYVJqT3B2OU1LYmRMNnA1RUJHekowVGxyK3p0Q2xlcmhnTkZ1OWVnLzV0OVdhTFhybCtLQlRoc2F5anpTN3FacHBQa3h2RWlTQmdDRmVSSzg2M2wrdVcydVFubU44bTUzaUdMUDg0SzJOQ0JQUG1KM3V6cDFQYkgvTUJ3WHpGbm1sK29qTEw0Qm9vclRtZ1NQVGhoSHZMbk1QMTF0T1lrTjJXQUh2elAySksxQTJadjZWTVZuQU9HYkcrd0RtcXNBbVFaN0J1eVFyeGZBU3FwZytITFR4cWFkNzc2L3p2cDR6dVkzSlZicmxtNmNUNnBEbit1Skc1SEtGdHAvcEE1WDlvQVluU2JJRFdNalJoYVRMSXdlQ2JsTUVFTVRzUzk1aUVjb2JodlU2czNuVFNBU0ZJWjk1UmhhQkhjbHVRMXlkTlllYVpNUkZXeDlTUHJLRVVPSml6OUx3aVRMMWpLdEF0bndockJkTzZpMFM3SmJiK1VXNGJnR3I1WFJyVFRHSkRXSUw3enJ3LzUzYXhDejZUS2dyV0sxTmJjQ3VHS2t0WDV3QitWcTFlUVlQNFYyYWJvYWJyeUppQWlvOGdGQ3RnQTdiRTBwMU9XczJWY0N5MnpXditVTTdrWnlYRXllOHZYajVDMUN5cG5FK241cjM2TzJaU3pGbU1DTUdDU3FHU0liM0RRRUpGVEVXQkJRMWxRK3RvdHJrWmtRYjd1RTZsT3ovZ1B6cUtUQS9CZ2txaGtpRzl3MEJDUlF4TWg0d0FFd0FhUUIwQUdVQVF3Qm9BR0VBY2dCdEFITUFSQUJoQUhRQVlRQlFBSElBYndCMEFHVUFZd0IwQUdrQWJ3QnVNRUV3TVRBTkJnbGdoa2dCWlFNRUFnRUZBQVFnQVc3T3QrNmo5WHU0blQ3cEw5ckY0M2lPblNkNXFMZCt5Sk01QTVxMndEQUVDSDFwTy9oVUV6bE5BZ0lJQUE9PQ==
-  dataprotection-password: OWlIUSMmcl41eWZYRXc=
----
-apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: midrandbooks-pvc
@@ -73,7 +48,8 @@ metadata:
   name: midrandbooks
   namespace: midrandbooks-uat
 spec:
-  replicas: 1
+  replicas: 2
+  revisionHistoryLimit: 0
   selector:
     matchLabels:
       app: midrandbooks
@@ -105,91 +81,35 @@ spec:
           envFrom:
             - configMapRef:
                 name: midrandbooks-config
+            - secretRef:
+                name: midrandbooks-secrets          
           env:
             - name: DataProtection__Certificate
               valueFrom:
                 secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-cert
+                  name: litecharms-certs
+                  key: litecharms.pfx
             - name: DataProtection__Password
               valueFrom:
                 secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-password
-            - name: LiteCharmsSettings__ClientId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-clientid
-            - name: LiteCharmsSettings__ClientSecret
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-clientsecret
-            - name: BookshopS3Settings__AccessKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: bookshop-s3-accesskey
-            - name: BookshopS3Settings__SecretKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: bookshop-s3-secretkey
-            - name: HasherSettings__Salt
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: hasher-salt
-            - name: PayfastSettings__Passphrase
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-passphrase
-            - name: PayfastSettings__MerchantId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-merchantid
-            - name: PayfastSettings__MerchantKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-merchantkey
-            - name: LiteCharmsClientSettings__ClientId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-client-clientid
-            - name: LiteCharmsClientSettings__ClientSecret
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-client-clientsecret
-            - name: ConnectionStrings__PostgresScheduler
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: connection-string-quartz
-            - name: ConnectionStrings__PostgresMidrandBooks
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: connection-string
-            - name: ConnectionStrings__PostgresDataProtection
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-connection-string
-            - name: Monitoring__ApiKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: aspire-apikey
+                  name: litecharms-certs
+                  key: passphrase
           volumeMounts:
+            - name: cluster-certs-volume
+              mountPath: /tmp/litecharms-raw-certs
+              readOnly: true
             - name: data
-              mountPath: /app/wwwroot/content
+              mountPath: /app/content
               subPath: bookshop-content
+          lifecycle:
+            postStart:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - |
+                    cp /tmp/litecharms-raw-certs/litecharms.crt /usr/local/share/ca-certificates/litecharms.crt
+                    update-ca-certificates
           livenessProbe:
             httpGet:
               path: /health
@@ -207,7 +127,10 @@ spec:
       volumes:
         - name: data
           persistentVolumeClaim:
-            claimName: midrandbooks-pvc        
+            claimName: midrandbooks-pvc
+        - name: cluster-certs-volume
+          secret:
+            secretName: litecharms-certs
 ---
 apiVersion: v1
 kind: Service
@@ -223,20 +146,11 @@ spec:
     app: midrandbooks
 ---
 apiVersion: traefik.io/v1alpha1
-kind: ServersTransport
-metadata:
-  name: midrandbooks-bypass-backend-validation
-  namespace: midrandbooks-uat
-spec:
-  insecureSkipVerify: true
----
-apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
   name: midrandbooks-web-secure
   namespace: midrandbooks-uat
 spec:
-  insecureSkipVerify: true
   entryPoints:
     - websecure
   routes:
@@ -245,6 +159,10 @@ spec:
       services:
         - name: midrandbooks-service
           port: 443
+          sticky:
+            cookie:
+              name: "lp-sticky-session"
+              httpOnly: true
+              secure: true
           scheme: http
-          serversTransport: midrandbooks-bypass-backend-validation
-  tls: {}
+  tls: {}