Merge pull request 'cart' (#98) from cart into main

Reviewed-on: #98

.drone.yml

@@ -23,7 +23,7 @@ trigger:
 kind: pipeline
 type: docker
 name: package
-
+ 
 steps:
   - name: docker-build
     image: plugins/docker
@@ -31,6 +31,10 @@ steps:
       registry: nexus.khongisa.co.za
       repo: nexus.khongisa.co.za/midrandbooks
       tags: [ latest, "1.${DRONE_BUILD_NUMBER}" ]
+      use_cache: true
+      cache_from: nexus.khongisa.co.za/midrandbooks:latest
+      build_args:
+        - BUILDKIT_INLINE_CACHE=1
       custom_labels:
         - org.opencontainers.image.source=https://gitea.khongisa.co.za/litecharms/midrandbooks
         - org.opencontainers.image.version=1.${DRONE_BUILD_NUMBER}

MidrandBookshop/Components/Pages/Checkout.razor.cs

@@ -19,7 +19,6 @@ public partial class Checkout()
     [Inject] public IOptions<PayfastSettings> PayfastOptions { get; set; } = default!;
     [Inject] private AuthenticationStateProvider AuthStateProvider { get; set; } = default!;
     [Inject] public IJSRuntime JSRuntime { get; set; } = default!;
-    [Inject] private HydrationService HydrationService { get; set; } = default!;
     [Inject] private CancellationToken CancellationToken { get; set; } = default!;
 
     private Cart ShoppingCart => CartService.ShoppingCart;
@@ -38,19 +37,6 @@ public partial class Checkout()
 
         Navigation.LocationChanged += OnLocationChanged;
         CartService.OnCartChanged += CartService_OnCartChanged;
-
-        await CartService.LoadCartFromStorageAsync();
-    }
-
-    protected override async Task OnAfterRenderAsync(bool firstRender)
-    {
-        if (firstRender == false && HydrationService.CartHydrated == false)
-        {
-            await HydrationService.EnsureCustomerExistsAsync(CancellationToken);
-            await HydrationService.RehydrateCartFromPendingOrderAsync(CancellationToken);
-
-            CartService.NotifyStateChanged();
-        }
     }
 
     private async void CartService_OnCartChanged() => await InvokeAsync(StateHasChanged);
@@ -117,13 +103,26 @@ public partial class Checkout()
             var orderHash = HashService.HashEncodeLongId(orderId).Value;
             var paymentGen = await PaymentService.CreatePaymentAsync(ShoppingCart.TotalAmount, orderId, orderHash, CancellationToken);
 
+            long paymentId = 0;
+
+            if (paymentGen.IsSuccess) paymentId = paymentGen.Value;
+
+            if(paymentGen.IsFailed)
+            {
+                var paymentFetch = await PaymentService.GetOrderPaymentAsync(orderId, CancellationToken);
+
+                if (paymentFetch.IsFailed) return;
+
+                paymentId = paymentFetch.Value.Id;
+            }
+
             CreateLedgerEntry ledgerRequest = new()
             {
                 OrderId = orderId,
                 CustomerId = customerId,
-                PaymentGatewayId = 1, // TODO: lookup value to match user selection
+                PaymentGatewayId = 1,
                 PaymentGatewayReference = orderHash,
-                PaymentId = paymentGen.Value,
+                PaymentId = paymentId,
                 Status = LiteCharms.Features.LedgerStatuses.Sent,
             };
             await PaymentService.WriteLedgerEntryAsync(ledgerRequest, CancellationToken);
@@ -135,8 +134,8 @@ public partial class Checkout()
             {
                 { "merchant_id", PayfastOptions.Value.MerchantId! },
                 { "merchant_key", PayfastOptions.Value.MerchantKey! },
-                { "return_url", $"{hostAddress}/payment-success" },
-                { "cancel_url", $"{hostAddress}/payment-failed" },
+                { "return_url", $"{hostAddress}/payment-success?reference={orderHash}" },
+                { "cancel_url", $"{hostAddress}/payment-failed?reference={orderHash}" },
                 { "notify_url", "https://api.uat.midrandbooks.co.za/v1/payments/payfast/confirm" },
                 { "email_address", User?.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value! },
                 { "m_payment_id", orderHash },

MidrandBookshop/Components/Pages/Home.razor.cs

@@ -99,14 +99,18 @@ public partial class Home : ComponentBase
 
     private bool HasMoreItems => FilteredData.Count() > VisibleCount;
 
-    protected override async Task OnInitializedAsync() => await CartService.LoadCartFromStorageAsync();
+    protected override async Task OnInitializedAsync()
+    {
+        if (CartService.ShoppingCart.Items.Count == 0)
+            await CartService.LoadCartFromStorageAsync();
+    }
 
     protected override async Task OnAfterRenderAsync(bool firstRender)
     {
         if (firstRender == false && HydrationService.CartHydrated == false)
         {
-            await HydrationService.EnsureCustomerExistsAsync(CancellationToken);
-            await HydrationService.RehydrateCartFromPendingOrderAsync(CancellationToken);
+            if(!CartService.ShoppingCart.CustomerId.HasValue)
+                await HydrationService.EnsureCustomerExistsAsync(CancellationToken);
         }
     }
 

MidrandBookshop/Components/Pages/PaymentFailed.razor

@@ -1,5 +1,6 @@
 @page "/payment-failed"
 @rendermode InteractiveServer
+@inject NavigationManager Navigation
 @attribute [Authorize]
 
 <div class="container py-5">
@@ -13,18 +14,16 @@
                         <line x1="12" y1="16" x2="12.01" y2="16"></line>
                     </svg>
                 </div>
-                <h1 class="fw-bold mb-3">Payment Failed</h1>
-                <p class="text-muted fs-5">We couldn't process your transaction. Don't worry, no money was deducted from your account, and your cart items are safe.</p>
+                <h1 class="fw-bold mb-3">Payment Cancelled</h1>
+                <p class="text-muted fs-5">We couldn't process your transaction. Don't worry, no money was deducted from your account.</p>
 
                 <div class="bg-light p-3 rounded mt-4">
                     <p class="mb-0 text-muted small text-uppercase fw-bold">Common Causes</p>
-                    <p class="mb-0 fs-6 text-dark mt-1">Insufficient funds, incorrect card details, or a temporary bank gateway timeout.</p>
+                    <p class="mb-0 fs-6 text-dark mt-1">The order was cancelled / insufficient funds, incorrect card details, or a temporary bank gateway timeout.</p>
                 </div>
             </div>
 
-            <div class="d-grid gap-3 mt-5">
-                <a href="/checkout" class="btn btn-dark btn-lg rounded-pill py-3">Try Again</a>
-
+            <div class="d-grid gap-3 mt-5">                
                 <div class="row g-3">
                     <div class="col-6">
                         <a href="/" class="btn btn-outline-dark w-100 rounded-pill py-3">View Store</a>
@@ -35,7 +34,7 @@
                 </div>
             </div>
 
-            <p class="mt-5 text-muted small">If you noticed a charge or have any order questions, please contact our support desk with your account email <strong>user@email.com</strong>.</p>
+            <p class="mt-5 text-muted small">If you noticed a charge or have any order questions, please contact our support desk with your account email <strong>shop@litecharms.co.za</strong>.</p>
         </div>
     </div>
 </div>

MidrandBookshop/Components/Pages/PaymentFailed.razor.cs

@@ -0,0 +1,72 @@
+using LiteCharms.Features;
+using LiteCharms.Features.Hasher;
+using LiteCharms.Features.MidrandBooks.Customers;
+using LiteCharms.Features.MidrandBooks.Orders;
+using LiteCharms.Features.MidrandBooks.Payments;
+using LiteCharms.Features.MidrandBooks.Payments.Models;
+
+namespace MidrandBookshop.Components.Pages;
+
+public partial class PaymentFailed
+{
+    [Inject] public CartService CartService { get; set; } = default!;
+    [Inject] public OrderService OrderService { get; set; } = default!;
+    [Inject] private CustomerService CustomerService { get; set; } = default!;
+    [Inject] public PaymentService PaymentService { get; set; } = default!;
+    [Inject] public HashService HashService { get; set; } = default!;
+    [Inject] private AuthenticationStateProvider AuthStateProvider { get; set; } = default!;
+    [Inject] private CancellationToken CancellationToken { get; set; } = default!;
+
+    private ClaimsPrincipal? User { get; set; }
+
+    [Parameter]
+    [SupplyParameterFromQuery(Name = "reference")]
+    public string? PaymentReference { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        User = authState!.User;
+
+        if (User?.Identity?.IsAuthenticated == false) Navigation.NavigateTo("/login");
+    }
+
+    protected override async Task OnAfterRenderAsync(bool firstRender)
+    {
+        if (!firstRender) return;
+
+        long orderId = HashService.DecodeLongIdHash(PaymentReference!).Value;
+
+        var customerEmail = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value!;
+
+        var customerFetch = await CustomerService.GetCustomerAsync(customerEmail, CancellationToken);
+
+        if (customerFetch.IsFailed) return;
+
+        long customerId = customerFetch.Value.Id;
+
+        var orderUpdateResult = await OrderService.UpdateOrderStatusAsync(orderId, OrderStatus.Cancelled, CancellationToken);
+
+        if (orderUpdateResult.IsFailed) return;
+
+        var paymentIdFetch = await PaymentService.GetOrderPaymentAsync(orderId, CancellationToken);
+
+        if (paymentIdFetch.IsFailed) return;
+
+        await PaymentService.WriteLedgerEntryAsync(new CreateLedgerEntry
+        {
+            CustomerId = customerId,
+            OrderId = orderId,
+            PaymentGatewayId = 1,
+            PaymentGatewayReference = PaymentReference,
+            PaymentId = paymentIdFetch.Value.Id,
+            Status = LedgerStatuses.Cancelled
+
+        }, CancellationToken);
+
+        CartService.Clear();
+        CartService.ShoppingCart.OrderId = null;
+        await CartService.SaveCartToStorageAsync();
+        CartService.NotifyStateChanged();
+    }
+}

MidrandBookshop/Components/Pages/PaymentSuccess.razor

@@ -1,5 +1,6 @@
 @page "/payment-success"
 @rendermode InteractiveServer
+@inject NavigationManager Navigation
 @attribute [Authorize]
 
 <div class="container py-5">
@@ -16,7 +17,7 @@
                 <p class="text-muted fs-5">Thank you for shopping with Midrand Books. Your order has been received and is being processed.</p>
                 <div class="bg-light p-3 rounded mt-4">
                     <p class="mb-0 text-muted small text-uppercase fw-bold">Order Number</p>
-                    <h5 class="fw-bold mb-0">#MB-2026-8834</h5>
+                    <h5 class="fw-bold mb-0">@PaymentReference</h5>
                 </div>
             </div>
 
@@ -27,12 +28,12 @@
                         <a href="/account" class="btn btn-outline-dark w-100 rounded-pill py-3">Order History</a>
                     </div>
                     <div class="col-6">
-                        <a href="/track-order" class="btn btn-outline-dark w-100 rounded-pill py-3">Track Order</a>
+                        <a href="/account" class="btn btn-outline-dark w-100 rounded-pill py-3">Track Order</a>
                     </div>
                 </div>
             </div>
 
-            <p class="mt-5 text-muted small">You will receive a confirmation email shortly at <strong>user@email.com</strong>.</p>
+            <p class="mt-5 text-muted small">You will receive a confirmation email shortly at <strong>@CustomerEmail</strong>.</p>
         </div>
     </div>
 </div>

MidrandBookshop/Components/Pages/PaymentSuccess.razor.cs

@@ -0,0 +1,69 @@
+using LiteCharms.Features;
+using LiteCharms.Features.Hasher;
+using LiteCharms.Features.MidrandBooks.Customers;
+using LiteCharms.Features.MidrandBooks.Payments;
+using LiteCharms.Features.MidrandBooks.Payments.Models;
+
+namespace MidrandBookshop.Components.Pages;
+
+public partial class PaymentSuccess
+{
+    [Inject] private CartService CartService { get; set; } = default!;
+    [Inject] private CustomerService CustomerService { get; set; } = default!;
+    [Inject] private PaymentService PaymentService { get; set; } = default!;
+    [Inject] private HashService HashService { get; set; } = default!;
+    [Inject] private AuthenticationStateProvider AuthStateProvider { get; set; } = default!;
+    [Inject] private CancellationToken CancellationToken { get; set; } = default!;
+
+    [Parameter]
+    [SupplyParameterFromQuery(Name = "reference")]
+    public string? PaymentReference { get; set; }
+
+    private ClaimsPrincipal? User { get; set; }
+
+    private string? CustomerEmail { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        User = authState!.User;
+
+        if (User?.Identity?.IsAuthenticated == false) Navigation.NavigateTo("/login");
+    }
+
+    protected override async Task OnAfterRenderAsync(bool firstRender)
+    {
+        if (!firstRender) return;
+
+        long orderId = HashService.DecodeLongIdHash(PaymentReference!).Value;
+        string orderHash = HashService.HashEncodeLongId(orderId).Value;
+
+        CustomerEmail = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)!.Value!;
+
+        var customerFetch = await CustomerService.GetCustomerAsync(CustomerEmail, CancellationToken);
+
+        if (customerFetch.IsFailed) return;
+
+        long customerId = customerFetch.Value.Id;
+
+        var paymentIdFetch = await PaymentService.GetOrderPaymentAsync(orderId, CancellationToken);
+
+        if (paymentIdFetch.IsFailed) return;
+
+        await PaymentService.WriteLedgerEntryAsync(new CreateLedgerEntry
+        {
+            CustomerId = customerId,
+            OrderId = orderId,
+            PaymentGatewayId = 1,
+            PaymentGatewayReference = orderHash,
+            PaymentId = paymentIdFetch.Value.Id,
+            Status = LedgerStatuses.Changed
+
+        }, CancellationToken);
+
+        CartService.Clear();
+        CartService.ShoppingCart.OrderId = null;
+        await CartService.SaveCartToStorageAsync();
+        CartService.NotifyStateChanged();
+    }
+}

MidrandBookshop/HydrationService.cs

@@ -38,13 +38,13 @@ public sealed class HydrationService(AuthenticationStateProvider authStateProvid
 
         if (existingCustomer.IsFailed)
         {
-            var name = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)!.Value!;
-            var lastname = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)!.Value!;
-            var mobile = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.MobilePhone)!.Value!;
+            var name = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value ?? string.Empty;
+            var lastname = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)?.Value ?? string.Empty;
+            var mobile = User!.Claims.FirstOrDefault(c => c.Type == ClaimTypes.MobilePhone)?.Value ?? string.Empty;
 
             var customerCreate = await customerService.CreateCustomerAsync(new CreateCustomer { Email = email }, cancellationToken);
 
-            if (customerCreate.IsSuccess)
+            if (customerCreate.IsSuccess && !string.IsNullOrWhiteSpace(name))
             {
                 ShoppingCart.CustomerId = customerCreate.Value;
 
@@ -65,7 +65,7 @@ public sealed class HydrationService(AuthenticationStateProvider authStateProvid
     {
         if (User?.Identity?.IsAuthenticated == false) return;
 
-        if (ShoppingCart.OrderId > 0 && ShoppingCart.CustomerId > 0)
+        if (ShoppingCart.OrderId.HasValue && ShoppingCart.CustomerId.HasValue)
         {
             cartService.CalculateTotalPrice();
             CartHydrated = true;

MidrandBookshop/Program.cs

@@ -18,7 +18,7 @@ if (!app.Environment.IsDevelopment())
 }
 
 app.UseForwardedHeaders();
-//app.UseHttpsRedirection();
+app.UseHttpsRedirection();
 
 app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages: true);
 app.UseHealthChecks("/health", new HealthCheckOptions

midrandbooks-uat.yml

@@ -1,4 +1,3 @@
----
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -32,30 +31,6 @@ data:
   LiteCharmsClientSettings__Scope: "midrandbooks-api"
 ---
 apiVersion: v1
-kind: Secret
-metadata:
-  name: midrandbooks-secrets
-  namespace: midrandbooks-uat
-type: Opaque
-data:  
-  connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
-  dataprotection-connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
-  connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl
-  aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw==
-  hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0=  
-  bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
-  bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
-  litecharms-clientid: bWlkcmFuZGJvb2tzLXVhdA==
-  litecharms-clientsecret: c2VjcmV0Xzc3OGJkODM3NWFjNGE3Mzg2N2QxZDdhNjcwODJlZTJjNGU4NmUwODYwYmI0Y2ZlZWI5NDExOTQ5OTk2ZThhOGU=
-  payfast-passphrase: OUdBSVIwdFdwaFgwcU8=
-  payfast-merchantid: MTAwNDkzMDc=
-  payfast-merchantkey: anU2bmF2bjBqY2JmMA==
-  litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
-  litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
-  dataprotection-cert: TUlJS2dBSUJBekNDQ2pZR0NTcUdTSWIzRFFFSEFhQ0NDaWNFZ2dvak1JSUtIekNDQkZJR0NTcUdTSWIzRFFFSEJxQ0NCRU13Z2dRL0FnRUFNSUlFT0FZSktvWklodmNOQVFjQk1GY0dDU3FHU0liM0RRRUZEVEJLTUNrR0NTcUdTSWIzRFFFRkREQWNCQWg5cWthVmdHbXovZ0lDQ0FBd0RBWUlLb1pJaHZjTkFna0ZBREFkQmdsZ2hrZ0JaUU1FQVNvRUVLYjJDeXJVTDZCVFpqVUY1cHk4QkxXQWdnUFE3YzBNNnBMejhwSDVCM3hmY0MxMURldGVZOWl4VDlocHl4WVRnY0JDZnh4djBodW5HTXhvaTBPWmMrWUdwN1lFcDhYU0FmR2QzNGc5eERzMlRtQW53alFxVmliR0xHUjNmcElTWkgyMFQ1REhhU3dnV3BweGVGVkU3VXZlZGl4Q25rd0g2VzlFTjhjVUhWZDJJU1ZOK0VocnJPSlJWSTZYKzYydUpRd3EzQm1ZOUlvdXVhSDhkcE1xbXRWMXhTa1ZkM1c1NGdvWTMweVp0QmxQOHMxN2xSd0hYbllKUlBhMlF5djBxY2x5VEs0Nmt0bW01ZU5qV2hOWndZbXJGZ1g3eXhacVB3L3prMlExZjB0bUU3eUpwR0M2eG5wYlBoUVh4SFIyWDg5T0NCNlM5aE1tM3VpRWljMDFmVHNhVEVCSVZvU3dUNzFJWlZVQ2E0d1phZXIweFMwN29XUUszWWwwbnUvSWZtYkpDaytJSFJIckJNWit1T2s3RVcxMzNuK0NyNDhtcGdyMmd2Q2UvVjNLZWlEY0FRWVZmaHQ3aWhnTUUyN0dWNlZEN1ozMEptakY3RGhPTjkyMXpoLzdOaG9JaUxLb0lNbFIxa0lEMzlNNzh5RzRuNVhmNllkUWJkV0UyUFR0UHRCTkpkazBDMXZMTU9jS1ZmbTRNVm5WL0I0dWlZWlh6dGQwbktNRDR2L2tnQXB4RE9wdy9IWU41cHNWYkFlQzNZMWNscFAwVXNiTUovL1ZXUE1Ba3BibS9HeklNSGxlaWQ1ckxQN1VJZ3h4b3BVWU93SVA2aGw4d25zb3NPbExvMDlYTklBUm9QcUFOb3JoNngrOVFsaE4rNThKU1lJTGpuRm5rcjQ3RVl4WkhxQ0l6Q0x2MVZaZG1mcGJROGZLSjAyTGpHdTlTR1hzUUQzcXZRa3ZMR3llZ0JjcDMrOGdYa2ExVGlhS1RPS0h3eTg1UmhIM3VxMXFXNWZWNG54UXB2VjMrTWxFVlBSc2g3RmNNaFNlSys2NkNIT0NaN0pFRzRKUUE3b2NkMFVrYXRYa3NGK2RzOHlYMDJ1Z0xYNDB0bUZ2bmxEZzRYWHpKMXlFcEhjMHUrNzNxcUMrOXM1NnFHc204NFZaMGhuN1pkYzk4RHJYWitVN0hrbFp5Y1BudnRwUHd4enZsSXBmRHJiWWJVK3lqLytpcmlZRGhGdDk0R3phakVLc21scTlIdFc4d1NXZzYwbUpvVUlsejVBVi9aU3dUN1M4eTJXcGxFK1RNRkZ5ZzFUak9iNEpxL1RIcEluVUluZnorb1FqcjZ3NTZmUGRVa0RXN2Y1K1NpM1lZV3ZWZlREZ0FxVDcveFZ2bGlNYzhwUTdnWmViemVCQmpaQ21WNXFUTGVlT3BoalJMOXlNTndIa3JWaDFxVzVlR3ZIVUVTZ05WZFU1Qi9tMVZyY3RXMk5QY1ZmWE1xRGczaHZmd2FwTWxFbTlMWHcvYlh0TmZLOExKWjBmSTdTOFVTVFA4YVgvQlZrTi93YWQ3VjBHakxHSmdxNWtaVEtSRnFaRGZJeTdsSDhGY1VNWjIyRXgwSUkydXYwb2hBbmltWnRVWWtCTFBYUmlZZzRBZE9WMFlzUDZLd1UvNjJ1VUZpWHgvR0JtS1k0QUkyK3FUMkRjSjB1bWVkOXFXL1UyNUg5MXo5aWFzck52RStoWE52NHRFekpldyt0SVlwVXZLMGpScUxlVDFXamJrOGVwclRDQ0JjVUdDU3FHU0liM0RRRUhBYUNDQmJZRWdnV3lNSUlGcmpDQ0Jhb0dDeXFHU0liM0RRRU1DZ0VDb0lJRk1UQ0NCUzB3VndZSktvWklodmNOQVFVTk1Fb3dLUVlKS29aSWh2Y05BUVVNTUJ3RUNOVjB6VkRNUjIxL0FnSUlBREFNQmdncWhraUc5dzBDQ1FVQU1CMEdDV0NHU0FGbEF3UUJLZ1FRbUZRdjhNNFBKTk96c25rVEFqK0tXQVNDQk5EMDZNQi8vTTBWQWxBT2YyazhIWWlUZy9UM1NhRnhvaFpXaWEwcmt5b0svYktZSWdoZWhVelN5aVEwanNzQ3JBUC93TnorQ3BBM1dUTFhyT2lEaDhXWC8yRWpSMi9qc3Z0VEtDZGJqYjA3SktXRVFwNFE1SG81dWYxY2F0VDU5ZEFzZStJdWVWTjk0bGlFVkV0SVNXTmFJWGgrZVhwQm0yb3paOERJUjRDbjNKdTRPZC9vRjQ1cEhZZ09HaUIva21Nb0FDMDJ3TU9kc1Z2dEtvWFBNWXNGZncwWmpwOWZMNXVybzZyV1hEaDlhNnY4TEtocmtIdll0c3lZVmlFMmg4bzltbGlUZ3Rram92NGU2TGo2blViRW4zSXlEZTdtcmxaNU1lMjdLVzVmV1lyanNYTTloUUx2TGt1VUh3bTZnS2tVcXZaeWdlejc3QklrTzBrSCs4V3czb08wWExYWU9IaGdBbCsrd0NMR0wvQlhWMytDOUdiNWR2UVFHa0t5UDdlWkRLRi9URjZqU3pLN2tHdlkxSWs2MUFLSHcxcWc3TkRIZTZHYTNUWFEwRDZVdXVtL3UwdFptRGNsak9UalZXWlIvSkRRa25GNlVOUGVCOVE4RjN3b1RpeFR6eXVpaFI5dnhnNXJ5NldwZnAzK2RTdXQ1d3duNm1TV0lkanZKckphNThGcE1EbnBadGxFRXdkM2g0RnZhNllzd3NKRDI0VGZaVFhRVUlpVlhSWlRjaUI5U29tTHAwbjJva2p6UlpvcDY3Mnl4WGVSQ0tmb3d4REpIU1NBbThQWUFGMGUyeDZRcmV3TVp4UUV2dWVDOHVrNis3Y2p1enE4VmJQRng4T0FPSzdsaUlBZUdzaE9oTXJOOEJsNXYwUjAweWJpSDhTM1NTcDhvcC93RWNBV0ZyaFhNMWVwUzhBeUlqTlJYU2hCM0taaE5QVWg4WHBKSDRBVFhnbXlJbkk5TVZ0NUZZaGVwamo4UHNCRWJEVFN2UU4yY3p4aTBZYWJjM3ZxTWUrcSt1Tm9LOWtYbm9JOGNWSzBSanNXbS9DZjVRQU5nUEVVWDhrY0ZCdVpiZ1E2OHhMMS9KZVg5YlJYL1FJUzRZb2pRWTdGNG1adWxIUkpRaHNlT3VNUndlMnlhZk1na3VzakJQU2dEME5tdzU1L2t6V3NzWUxxb29jTFowOERGVjdlQ1FnYW11MFNXZGplSVZHbW8yN1BuYlF1TFVuSk1jNm5jQkxJcmJwNzExTmZHaWxDYjRqNzcvb2wxU2ZmM0tOaXBoa29JYzUxbGZIUTNRcUJMWmJib3NSQmFQeElsSDhzb1pQOFpyMVIvc0dqVHl0aDRlcEtJQlpMNi9SMGlvcHpKY1RNYnJVY3FyTW1ISVBDdVlkY1graEhGaFNFb2NoU0g5d0plZTRCZDgvVDh0WG1NVW1CVXZLVFJSZkhrYzdzL2V4Q2ZMTGY4cU9YMjNSVXBrZEk1dWZvTFFFT2VwUk9qN2VrUFVHeU15T3hyd2tDUHRhYVJqT3B2OU1LYmRMNnA1RUJHekowVGxyK3p0Q2xlcmhnTkZ1OWVnLzV0OVdhTFhybCtLQlRoc2F5anpTN3FacHBQa3h2RWlTQmdDRmVSSzg2M2wrdVcydVFubU44bTUzaUdMUDg0SzJOQ0JQUG1KM3V6cDFQYkgvTUJ3WHpGbm1sK29qTEw0Qm9vclRtZ1NQVGhoSHZMbk1QMTF0T1lrTjJXQUh2elAySksxQTJadjZWTVZuQU9HYkcrd0RtcXNBbVFaN0J1eVFyeGZBU3FwZytITFR4cWFkNzc2L3p2cDR6dVkzSlZicmxtNmNUNnBEbit1Skc1SEtGdHAvcEE1WDlvQVluU2JJRFdNalJoYVRMSXdlQ2JsTUVFTVRzUzk1aUVjb2JodlU2czNuVFNBU0ZJWjk1UmhhQkhjbHVRMXlkTlllYVpNUkZXeDlTUHJLRVVPSml6OUx3aVRMMWpLdEF0bndockJkTzZpMFM3SmJiK1VXNGJnR3I1WFJyVFRHSkRXSUw3enJ3LzUzYXhDejZUS2dyV0sxTmJjQ3VHS2t0WDV3QitWcTFlUVlQNFYyYWJvYWJyeUppQWlvOGdGQ3RnQTdiRTBwMU9XczJWY0N5MnpXditVTTdrWnlYRXllOHZYajVDMUN5cG5FK241cjM2TzJaU3pGbU1DTUdDU3FHU0liM0RRRUpGVEVXQkJRMWxRK3RvdHJrWmtRYjd1RTZsT3ovZ1B6cUtUQS9CZ2txaGtpRzl3MEJDUlF4TWg0d0FFd0FhUUIwQUdVQVF3Qm9BR0VBY2dCdEFITUFSQUJoQUhRQVlRQlFBSElBYndCMEFHVUFZd0IwQUdrQWJ3QnVNRUV3TVRBTkJnbGdoa2dCWlFNRUFnRUZBQVFnQVc3T3QrNmo5WHU0blQ3cEw5ckY0M2lPblNkNXFMZCt5Sk01QTVxMndEQUVDSDFwTy9oVUV6bE5BZ0lJQUE9PQ==
-  dataprotection-password: OWlIUSMmcl41eWZYRXc=
----
-apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: midrandbooks-pvc
@@ -73,7 +48,8 @@ metadata:
   name: midrandbooks
   namespace: midrandbooks-uat
 spec:
-  replicas: 1
+  replicas: 2
+  revisionHistoryLimit: 0
   selector:
     matchLabels:
       app: midrandbooks
@@ -105,91 +81,35 @@ spec:
           envFrom:
             - configMapRef:
                 name: midrandbooks-config
+            - secretRef:
+                name: midrandbooks-secrets          
           env:
             - name: DataProtection__Certificate
               valueFrom:
                 secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-cert
+                  name: litecharms-certs
+                  key: litecharms.pfx
             - name: DataProtection__Password
               valueFrom:
                 secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-password
-            - name: LiteCharmsSettings__ClientId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-clientid
-            - name: LiteCharmsSettings__ClientSecret
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-clientsecret
-            - name: BookshopS3Settings__AccessKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: bookshop-s3-accesskey
-            - name: BookshopS3Settings__SecretKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: bookshop-s3-secretkey
-            - name: HasherSettings__Salt
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: hasher-salt
-            - name: PayfastSettings__Passphrase
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-passphrase
-            - name: PayfastSettings__MerchantId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-merchantid
-            - name: PayfastSettings__MerchantKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: payfast-merchantkey
-            - name: LiteCharmsClientSettings__ClientId
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-client-clientid
-            - name: LiteCharmsClientSettings__ClientSecret
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: litecharms-client-clientsecret
-            - name: ConnectionStrings__PostgresScheduler
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: connection-string-quartz
-            - name: ConnectionStrings__PostgresMidrandBooks
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: connection-string
-            - name: ConnectionStrings__PostgresDataProtection
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: dataprotection-connection-string
-            - name: Monitoring__ApiKey
-              valueFrom:
-                secretKeyRef:
-                  name: midrandbooks-secrets
-                  key: aspire-apikey
+                  name: litecharms-certs
+                  key: passphrase
           volumeMounts:
+            - name: cluster-certs-volume
+              mountPath: /tmp/litecharms-raw-certs
+              readOnly: true
             - name: data
-              mountPath: /app/wwwroot/content
+              mountPath: /app/content
               subPath: bookshop-content
+          lifecycle:
+            postStart:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - |
+                    cp /tmp/litecharms-raw-certs/litecharms.crt /usr/local/share/ca-certificates/litecharms.crt
+                    update-ca-certificates
           livenessProbe:
             httpGet:
               path: /health
@@ -207,7 +127,10 @@ spec:
       volumes:
         - name: data
           persistentVolumeClaim:
-            claimName: midrandbooks-pvc        
+            claimName: midrandbooks-pvc
+        - name: cluster-certs-volume
+          secret:
+            secretName: litecharms-certs
 ---
 apiVersion: v1
 kind: Service
@@ -223,14 +146,6 @@ spec:
     app: midrandbooks
 ---
 apiVersion: traefik.io/v1alpha1
-kind: ServersTransport
-metadata:
-  name: midrandbooks-bypass-backend-validation
-  namespace: midrandbooks-uat
-spec:
-  insecureSkipVerify: true
----
-apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
   name: midrandbooks-web-secure
@@ -250,5 +165,4 @@ spec:
               httpOnly: true
               secure: true
           scheme: http
-          serversTransport: midrandbooks-bypass-backend-validation
-  tls: {}
+  tls: {}