Use Mandrill's HTTPS API to deliver emails#1506
Conversation
| ice_nine (0.11.2) | ||
| iniparse (1.4.2) | ||
| jmespath (1.3.1) | ||
| json (2.1.0) |
There was a problem hiding this comment.
Note that I came in here and manually changed the Gemfile.lock since the Mandrill API gem has json >= 1.7.7 < 2.0 as a dependency.
There is a PR to fix to bump the json version number, but it looks like it has been open since December 2016 with lots of +1s and little movement.
config/initializers/mandrill.rb
Outdated
| @@ -0,0 +1,5 @@ | |||
| if Rails.env.production? | |||
There was a problem hiding this comment.
What if we just guarded this with Figaro.env.mandrill_api_token.present?
config/application.yml.example
Outdated
| logins_per_ip_limit: '2' | ||
| logins_per_ip_period: '60' | ||
| max_mail_events: '2' | ||
| mandrill_api_token: '123abc' |
There was a problem hiding this comment.
Are you familiar with our process for adding new configs like this? We'll need a corresponding devops PR.
There was a problem hiding this comment.
Yep, we're pairing on this later today.
There was a problem hiding this comment.
This is an excellent reference for a PR requiring a corresponding application.yml config change:
|
Tested this out this morning. It works! |
|
The PR to add the token in the devops repo is here: 18f/identity-devops#392 |
|
Looks like this melted on CI. I'll look into that. |
|
Fixed CI and pulled in the latest from master earlier today. This should be ready for review, but we'll want to hold off on merging until the corresponding devops PR is handled |
jmhooper
added
status - do not merge
status - ready for review
and removed
status - work in progress
labels
|
I got the 👍 from @timothy-spencer that all the devops changes have been deployed and this is ready to go. |
**Why**: For our LOA3 ATO we need to configure our firewall to only allow HTTPS traffic. This will prevent us from sending emails over 587 with SMTPS. Set MandrilDM API key when key is present **Why**: Whether the Mandrill API key is present is a better indicator of whether we want to use Mandrill than which environment we are in Remove smtp settings from application.yml.example **Why**: We no longer need the SMTP settings in the production now that we are using the Mandrill API to deliver emails.
jmhooper
force-pushed
the
jmhooper-mandrill-mailer
branch
from
7c1ac9a to
2117969
Compare
3 participants
Why: For our LOA3 ATO we need to configure our firewall to only allow HTTPS traffic. This will prevent us from sending emails over 587 with SMTPS.
This commit uses mandril_dm which provides an ActionMailer delivery method built on top of the mandril-api gem.
With the current setup, the gem is only installed and configured in production, causing the production environments to diverge a bit from development, which is worrisome.
This setup also requires a Mandrill API token, which I don't have at the moment, so I've yet to actually test this out to make sure it works. I'm marking it
WIPuntil I get to that. Also, regarding the API tokens, deploying this will require adding the Mandrill API token to the env for the production apps.