diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml index e78fa121..ba9c4d3f 100644 --- a/.github/workflows/merge.yml +++ b/.github/workflows/merge.yml @@ -28,9 +28,9 @@ jobs: - name: frontend file: frontend/openshift.deploy.yml overwrite: true - parameters: - -p VITE_USER_POOLS_ID=${{ vars.VITE_USER_POOLS_ID }} - -p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }} + parameters: + -p VITE_USER_POOLS_ID=${{ vars.VITE_USER_POOLS_ID }} + -p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }} steps: - uses: bcgov-nr/action-deployer-openshift@v1.4.0 with: @@ -61,10 +61,10 @@ jobs: - name: frontend file: frontend/openshift.deploy.yml overwrite: true - parameters: - -p VITE_USER_POOLS_ID=${{ vars.VITE_USER_POOLS_ID }} - -p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }} - -p VITE_REDIRECT_SIGN_OUT="${{ vars.VITE_REDIRECT_SIGN_OUT }}" + parameters: + -p VITE_USER_POOLS_ID=${{ vars.VITE_USER_POOLS_ID }} + -p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }} + -p VITE_REDIRECT_SIGN_OUT="${{ vars.VITE_REDIRECT_SIGN_OUT }}" steps: - uses: bcgov-nr/action-deployer-openshift@v1.4.0 with: diff --git a/frontend/Caddyfile b/frontend/Caddyfile index 4bd8f840..a50dc145 100644 --- a/frontend/Caddyfile +++ b/frontend/Caddyfile @@ -23,10 +23,10 @@ Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" X-Content-Type-Options "nosniff" Strict-Transport-Security "max-age=31536000" - Content-Security-Policy "base-uri 'self'; connect-src 'self' https://*.gov.bc.ca https://*.amazoncognito.com https://cognito-idp.ca-central-1.amazonaws.com; default-src 'self'; font-src 'self'; frame-src 'self' https://*.gov.bc.ca; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'report-sample' 'self' https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.7/dist/umd/popper.min.js https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.min.js; style-src 'report-sample' 'self' https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css; worker-src 'none';" + Content-Security-Policy "base-uri 'self'; connect-src 'self' https://*.gov.bc.ca https://*.amazoncognito.com https://*.cloudfront.net https://cognito-idp.ca-central-1.amazonaws.com; default-src 'self'; font-src 'self'; frame-src 'self' https://*.gov.bc.ca; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'report-sample' 'self' https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.7/dist/umd/popper.min.js https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.min.js; style-src 'report-sample' 'self' https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css; worker-src 'none';" Referrer-Policy "same-origin" } - + handle /env.js { header Content-Type "text/javascript" respond `window.config = {"VITE_USER_POOLS_ID":"{$VITE_USER_POOLS_ID}","VITE_USER_POOLS_WEB_CLIENT_ID":"{$VITE_USER_POOLS_WEB_CLIENT_ID}","VITE_REDIRECT_SIGN_OUT":"{$VITE_REDIRECT_SIGN_OUT}","VITE_ZONE":"{$VITE_ZONE}","VITE_CHES_FROM_EMAIL":"{$VITE_CHES_FROM_EMAIL}","VITE_CHES_ADMIN_EMAIL":"{$VITE_CHES_ADMIN_EMAIL}"};` diff --git a/frontend/openshift.deploy.yml b/frontend/openshift.deploy.yml index 8335704e..fae124e9 100644 --- a/frontend/openshift.deploy.yml +++ b/frontend/openshift.deploy.yml @@ -113,28 +113,22 @@ objects: env: - name: BACKEND_URL value: "https://${NAME}-${ZONE}-backend.${DOMAIN}:443" + - name: LOG_LEVEL + value: "${LOG_LEVEL}" - name: VITE_AWS_DOMAIN value: "${VITE_AWS_DOMAIN}" - name: VITE_CHES_FROM_EMAIL value: "${VITE_CHES_FROM_EMAIL}" - name: VITE_CHES_ADMIN_EMAIL value: "${VITE_CHES_ADMIN_EMAIL}" + - name: VITE_REDIRECT_SIGN_OUT + value: "${VITE_REDIRECT_SIGN_OUT}" - name: VITE_USER_POOLS_ID value: "${VITE_USER_POOLS_ID}" - name: VITE_USER_POOLS_WEB_CLIENT_ID value: "${VITE_USER_POOLS_WEB_CLIENT_ID}" - name: VITE_ZONE value: "${ZONE}" - - name: LOG_LEVEL - value: "${LOG_LEVEL}" - - name: VITE_USER_POOLS_ID - value: "${VITE_USER_POOLS_ID}" - - name: VITE_USER_POOLS_WEB_CLIENT_ID - value: "${VITE_USER_POOLS_WEB_CLIENT_ID}" - - name: VITE_REDIRECT_SIGN_OUT - value: "${VITE_REDIRECT_SIGN_OUT}" - - name: VITE_ZONE - value: "${ZONE}" ports: - containerPort: 3000 protocol: TCP diff --git a/test.out b/test.out new file mode 100644 index 00000000..fb3113f9 --- /dev/null +++ b/test.out @@ -0,0 +1,147 @@ +{ + "apiVersion": "apps.openshift.io/v1", + "kind": "DeploymentConfig", + "metadata": { + "labels": { + "app": "nr-results-exam-test" + }, + "name": "nr-results-exam-test-frontend" + }, + "spec": { + "replicas": 1, + "selector": { + "deploymentconfig": "nr-results-exam-test-frontend" + }, + "strategy": { + "type": "Rolling" + }, + "template": { + "metadata": { + "labels": { + "app": "nr-results-exam-test", + "deploymentconfig": "nr-results-exam-test-frontend" + } + }, + "spec": { + "containers": [ + { + "env": [ + { + "name": "BACKEND_URL", + "value": "https://nr-results-exam-test-backend.apps.silver.devops.gov.bc.ca:443" + }, + { + "name": "VITE_AWS_DOMAIN", + "value": "test-fam-user-pool-domain.auth.ca-central-1.amazoncognito.com" + }, + { + "name": "VITE_CHES_FROM_EMAIL", + "value": "jaskiratsingh.grewal@gov.bc.ca" + }, + { + "name": "VITE_CHES_ADMIN_EMAIL", + "value": "jaski.grewal@gmail.com" + }, + { + "name": "VITE_USER_POOLS_ID", + "value": "ca-central-1_t2HSZBHur" + }, + { + "name": "VITE_USER_POOLS_WEB_CLIENT_ID", + "value": "3g6n2ha1loi4kp1jhaq359vrvb" + }, + { + "name": "LOG_LEVEL", + "value": "info" + }, + { + "name": "VITE_USER_POOLS_ID", + "value": "ca-central-1_t2HSZBHur" + }, + { + "name": "VITE_USER_POOLS_WEB_CLIENT_ID", + "value": "3g6n2ha1loi4kp1jhaq359vrvb" + }, + { + "name": "VITE_REDIRECT_SIGN_OUT", + "value": "43hjhdf5dvi17opb0jgucfpvm7" + }, + { + "name": "VITE_ZONE", + "value": "test" + } + ], + "image": "nr-results-exam-test-frontend:latest", + "imagePullPolicy": "Always", + "livenessProbe": { + "failureThreshold": 3, + "httpGet": { + "path": "/", + "port": 3000, + "scheme": "HTTP" + }, + "initialDelaySeconds": 15, + "periodSeconds": 30, + "successThreshold": 1, + "timeoutSeconds": 5 + }, + "name": "nr-results-exam", + "ports": [ + { + "containerPort": 3000, + "protocol": "TCP" + } + ], + "readinessProbe": { + "failureThreshold": 30, + "httpGet": { + "path": "/", + "port": 3000, + "scheme": "HTTP" + }, + "initialDelaySeconds": 5, + "periodSeconds": 2, + "successThreshold": 1, + "timeoutSeconds": 2 + }, + "resources": { + "limits": { + "cpu": "75m", + "memory": "150Mi" + }, + "requests": { + "cpu": "25m", + "memory": "50Mi" + } + }, + "securityContext": { + "capabilities": { + "add": [ + "NET_BIND_SERVICE" + ] + } + } + } + ] + } + }, + "triggers": [ + { + "type": "ConfigChange" + }, + { + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "nr-results-exam" + ], + "from": { + "kind": "ImageStreamTag", + "name": "nr-results-exam-test-frontend:latest" + } + }, + "type": "ImageChange" + } + ] + } +}