feat(compute01): Deploy demarches simplifiees

2023-09-24 13:16:22 +02:00 · 2023-09-24 13:16:22 +02:00 · 9f24f1d98d
commit 9f24f1d98d
parent eb329666ce
16 changed files with 5257 additions and 1 deletions
--- a/machines/compute01/ds-fr/package/patches/build.patch
+++ b/machines/compute01/ds-fr/package/patches/build.patch
@ -0,0 +1,64 @@
+diff --git a/config/environments/production.rb b/config/environments/production.rb
+index 16d8c8e84..6262b8782 100644
+--- a/config/environments/production.rb
+++ b/config/environments/production.rb
+@@ -118,7 +118,7 @@ Rails.application.configure do
+   # the I18n.default_locale when a translation cannot be found).
+   config.i18n.fallbacks = true
+ 
+-  config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE").to_sym
+  config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE", 'local').to_sym
+ 
+   # Send deprecation notices to registered listeners.
+   config.active_support.deprecation = :notify
+@@ -174,5 +174,5 @@ Rails.application.configure do
+   # The Content-Security-Policy is NOT in Report-Only mode
+   config.content_security_policy_report_only = false
+ 
+-  config.lograge.enabled = ENV['LOGRAGE_ENABLED'] == 'enabled'
+  config.lograge.enabled = ENV.fetch('LOGRAGE_ENABLED', 'disabled') == 'enabled'
+ end
+
+diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
+index 135495216..4d4bcf8dc 100644
+--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
+@@ -23,7 +23,7 @@ Rails.application.config.content_security_policy do |policy|
+   connect_whitelist = ["wss://*.crisp.chat", "*.crisp.chat", "app.franceconnect.gouv.fr", "openmaptiles.geo.data.gouv.fr", "openmaptiles.github.io", "tiles.geo.api.gouv.fr", "wxs.ign.fr"]
+   connect_whitelist << ENV.fetch('APP_HOST')
+   connect_whitelist << "*.amazonaws.com" if Rails.configuration.active_storage.service == :amazon
+-  connect_whitelist += [URI(ENV["SENTRY_DSN_JS"]).host, URI(ENV["SENTRY_DSN_RAILS"]).host].compact.uniq
+  connect_whitelist += [URI(ENV.fetch("SENTRY_DSN_JS", '')).host, URI(ENV.fetch("SENTRY_DSN_RAILS", '')).host].compact.uniq
+   connect_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
+   connect_whitelist << URI(API_ADRESSE_URL).host if API_ADRESSE_URL.present?
+   connect_whitelist << URI(API_EDUCATION_URL).host if API_EDUCATION_URL.present?
+@@ -39,7 +39,7 @@ Rails.application.config.content_security_policy do |policy|
+   # Everything else: allow us
+   # Add the error source in the violation notification
+   default_whitelist = ["fonts.gstatic.com", "in-automate.sendinblue.com", "player.vimeo.com", "app.franceconnect.gouv.fr", "*.crisp.chat", "crisp.chat", "*.crisp.help", "*.sibautomation.com", "sibautomation.com", "data"]
+-  default_whitelist += [URI(ENV["SENTRY_DSN_JS"]).host, URI(ENV["SENTRY_DSN_RAILS"]).host].compact.uniq
+  default_whitelist += [URI(ENV.fetch("SENTRY_DSN_JS", '')).host, URI(ENV.fetch("SENTRY_DSN_RAILS", '')).host].compact.uniq
+   default_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
+   policy.default_src(:self, :data, :blob, :report_sample, *default_whitelist)
+
+diff --git a/config/initializers/mailcatcher.rb b/config/initializers/mailcatcher.rb
+index 8b931f704..dbeceb4ec 100644
+--- a/config/initializers/mailcatcher.rb
+++ b/config/initializers/mailcatcher.rb
+@@ -1,4 +1,4 @@
+-if ENV.fetch('MAILCATCHER_ENABLED') == 'enabled'
+if ENV.fetch('MAILCATCHER_ENABLED', 'disabled') == 'enabled'
+   ActiveSupport.on_load(:action_mailer) do
+     module Mailcatcher
+       class SMTP < ::Mail::SMTP; end
+
+diff --git a/config/initializers/mailtrap.rb b/config/initializers/mailtrap.rb
+index 6d1faa04b..658673ed1 100644
+--- a/config/initializers/mailtrap.rb
+++ b/config/initializers/mailtrap.rb
+@@ -1,4 +1,4 @@
+-if ENV.fetch('MAILTRAP_ENABLED') == 'enabled'
+if ENV.fetch('MAILTRAP_ENABLED', 'disabled') == 'enabled'
+   ActiveSupport.on_load(:action_mailer) do
+     module Mailtrap
+       class SMTP < ::Mail::SMTP; end
--- a/machines/compute01/ds-fr/package/patches/garage.patch
+++ b/machines/compute01/ds-fr/package/patches/garage.patch
@ -0,0 +1,16 @@
+diff --git a/config/storage.yml b/config/storage.yml
+index d2b2d241f..1b2744504 100644
+--- a/config/storage.yml
+++ b/config/storage.yml
+@@ -19,3 +19,11 @@ amazon:
+   secret_access_key: <%= ENV.fetch("S3_SECRET_ACCESS_KEY", "") %>
+   region: <%= ENV.fetch("S3_REGION", "") %>
+   bucket: <%= ENV.fetch("S3_BUCKET", "") %>
+garage:
+  service: S3
+  access_key_id: <%= ENV.fetch("S3_ACCESS_KEY_ID", "") %>
+  secret_access_key: <%= ENV.fetch("S3_SECRET_ACCESS_KEY", "") %>
+  region: <%= ENV.fetch("S3_REGION", "garage") %>
+  bucket: <%= ENV.fetch("S3_BUCKET", "") %>
+  endpoint: <%= ENV.fetch("S3_ENDPOINT", "") %>
+  force_path_style: <%= ENV.fetch("S3_FORCE_PATH_STYLE", "").present? %>
--- a/machines/compute01/ds-fr/package/patches/replay_routing_engine_for_a_cloned_procedure.patch
+++ b/machines/compute01/ds-fr/package/patches/replay_routing_engine_for_a_cloned_procedure.patch
@ -0,0 +1,35 @@
+diff --git a/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake b/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
+index 9d4f3a284..04d62a63b 100644
+--- a/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
+++ b/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
+@@ -4,18 +4,18 @@ namespace :after_party do
+     puts "Running deploy task 'replay_routing_engine_for_a_cloned_procedure'"
+ 
+     # Put your task implementation HERE.
+-    dossiers = Procedure
+-      .find(76266)
+-      .dossiers
+-      .en_construction
+-
+-    progress = ProgressReport.new(dossiers.count)
+-
+-    dossiers.find_each do |dossier|
+-      RoutingEngine.compute(dossier)
+-      progress.inc
+-    end
+-    progress.finish
+    # dossiers = Procedure
+    #   .find(76266)
+    #   .dossiers
+    #   .en_construction
+    #
+    # progress = ProgressReport.new(dossiers.count)
+    #
+    # dossiers.find_each do |dossier|
+    #   RoutingEngine.compute(dossier)
+    #   progress.inc
+    # end
+    # progress.finish
+ 
+     # Update task as completed.  If you remove the line below, the task will
+     # run with every deploy (or every time you call after_party:run).
--- a/machines/compute01/ds-fr/package/patches/secrets-fc.patch
+++ b/machines/compute01/ds-fr/package/patches/secrets-fc.patch
@ -0,0 +1,39 @@
+diff --git a/config/secrets.yml b/config/secrets.yml
+index 866fa6159..6fd49ee59 100644
+--- a/config/secrets.yml
+++ b/config/secrets.yml
+@@ -23,10 +23,10 @@ defaults: &defaults
+     identifier: <%= ENV['FC_PARTICULIER_ID'] %>
+     secret: <%= ENV['FC_PARTICULIER_SECRET'] %>
+     redirect_uri: https://<%= ENV['APP_HOST'] %>/france_connect/particulier/callback
+-    authorization_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/authorize
+-    token_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/token
+-    userinfo_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/userinfo
+-    logout_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/logout
+    authorization_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/ui/oauth2
+    token_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/token
+    userinfo_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/openid/demarches_dgn/userinfo
+    logout_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/token/revoke
+   agent_connect:
+     identifier: <%= ENV['AGENT_CONNECT_ID'] %>
+     secret: <%= ENV['AGENT_CONNECT_SECRET'] %>
+diff --git a/app/services/france_connect_service.rb b/app/services/france_connect_service.rb
+index 31b2491c4..fd3d80530 100644
+--- a/app/services/france_connect_service.rb
+++ b/app/services/france_connect_service.rb
+@@ -23,11 +23,15 @@ class FranceConnectService
+ 
+   def self.retrieve_user_informations_particulier(code)
+     client = FranceConnectParticulierClient.new(code)
+    Rails.logger.fatal("Client: #{client.inspect}")
+    Rails.logger.fatal("Client token: #{client.access_token!(client_auth_method: :secret).userinfo!.inspect}")
+ 
+     user_info = client.access_token!(client_auth_method: :secret)
+       .userinfo!
+       .raw_attributes
+ 
+    Rails.logger.fatal("Info: #{user_info.inspect}")
+
+     FranceConnectInformation.new(
+       gender: user_info[:gender],
+       given_name: user_info[:given_name],
--- a/machines/compute01/ds-fr/package/patches/smtp_settings.patch
+++ b/machines/compute01/ds-fr/package/patches/smtp_settings.patch
@ -0,0 +1,14 @@
+diff --git a/config/environments/production.rb b/config/environments/production.rb
+index 16d8c8e84..e0326d26d 100644
+--- a/config/environments/production.rb
+++ b/config/environments/production.rb
+@@ -86,7 +86,8 @@ Rails.application.configure do
+       user_name:            ENV.fetch("SMTP_USER"),
+       password:             ENV.fetch("SMTP_PASS"),
+       authentication:       ENV.fetch("SMTP_AUTHENTICATION"),
+-      enable_starttls_auto: ENV.fetch("SMTP_TLS").present?
+      enable_starttls_auto: ENV.fetch("SMTP_TLS").present?,
+      ssl:                  ENV.fetch("SMTP_SSL").present?
+     }
+   elsif ENV['SENDMAIL_ENABLED'] == 'enabled'
+     config.action_mailer.delivery_method = :sendmail