Paf 49 test cert 2

.drone.yml

@@ -22,6 +22,8 @@ trigger:
   branch:
     - feature/*
     - master
+    - PAF-49-test-private-link
+    - PAF-49-test-cert-2
 
 linting: &linting
   pull: if-not-exists
@@ -62,6 +64,8 @@ steps:
         include:
         - master
         - feature/*
+        - PAF-49-test-private-link
+        - PAF-49-test-cert-2
       event: [push, pull_request]
 
   - name: setup_deploy
@@ -122,6 +126,8 @@ steps:
         include:
           - master
           - feature/*
+          - PAF-49-test-private-link
+          - PAF-49-test-cert-2
       event: [push, pull_request]
 
   - name: image_to_quay
@@ -139,6 +145,8 @@ steps:
         include:
           - master
           - feature/*
+          - PAF-49-test-private-link
+          - PAF-49-test-cert-2
       event: [push, pull_request]
 
   # Deploy to pull request UAT environment.
@@ -158,6 +166,14 @@ steps:
           - master
           - feature/*
       event: pull_request
+<<<<<<< HEAD
+=======
+=======
+          - PAF-49-test-private-link
+          - PAF-49-test-cert-2
+      event: [push, pull_request]
+>>>>>>> 93e26e0 (Pvt link add deploy branch)
+>>>>>>> c6e67e2 (fast build CI)
 
   - name: setup_branch
     pull: if-not-exists

@

@@ -0,0 +1,21 @@
+rebased
+
+# Please enter the commit message for your changes. Lines starting
+# with '#' will be ignored, and an empty message aborts the commit.
+#
+# On branch PAF-49-test-cert-2
+# Your branch and 'origin/PAF-49-test-cert-2' have diverged,
+# and have 103 and 83 different commits each, respectively.
+#   (use "git pull" to merge the remote branch into yours)
+#
+# Last commands done (13 commands done):
+#    pick a79e1d1 Paf 210 work for british government (#131)
+#    pick 0b1f93f rebased
+# Next commands to do (11 remaining commands):
+#    pick 4926892 PAF-50 Deploy ims-resolver
+#    pick a9bb1f5 Update README about IMS API docs
+# You are currently editing a commit while rebasing branch 'PAF-49-test-cert-2' on '51fa1a4'.
+#
+# Changes to be committed:
+#	modified:   server.js
+#

README.md

@@ -8,7 +8,11 @@ The PAF app will send data to an AWS SQS (Simple Queue Service), the [ims-resolv
 
 ## IMS API integration
 
+<<<<<<< HEAD
 There is some sensitive information about IMS integration.  The documentation of this can be found in an internal repo
+=======
+There is some sensitive information about IMS integration.  The documentation of this can be found in an internal repo 
+>>>>>>> 6067174 (Update README about IMS API docs)
 https://github.com/UKHomeOffice/ims-integration-documentation
 
 ## Getting Started

apps/paf/behaviours/disable-file-upload.js

@@ -1,13 +1,13 @@
 module.exports = superclass => class extends superclass {
   locals(req, res) {
-    const locals = super.locals(req, res);
-    const images = req.sessionModel.get('images');
-    if (images && images.length >= 3) {
+  const locals = super.locals(req, res);
+  const images = req.sessionModel.get('images');
+  if (images && images.length >= 3) {
     // disable file upload if attachment limit reached.
-      req.form.options.fields['other-info-file-upload'].attributes = [{attribute: 'disabled'}];
-      return locals;
-    }
-    req.form.options.fields['other-info-file-upload'].attributes = [];
+    req.form.options.fields['other-info-file-upload'].attributes = [{attribute: 'disabled'}];
     return locals;
   }
-};
+  req.form.options.fields['other-info-file-upload'].attributes = [];
+  return locals;
+}
+}

apps/paf/behaviours/save-file.js

@@ -1,9 +1,7 @@
 'use strict';
 
 const _ = require('lodash');
-const config = require('../../../config');
 const Model = require('../models/file-upload');
-const fileSizeNum = size => size.match(/\d+/g)[0];
 
 module.exports = name => superclass => class extends superclass {
   process(req) {
@@ -22,41 +20,7 @@ module.exports = name => superclass => class extends superclass {
     if (!Object.keys(req.form.errors).length) {
       req.form.values['other-info-file-upload'] = null;
     }
-    const maxNum = fileSizeNum(config.upload.maxFileSize);
-    const maxSize = config.upload.maxFileSize.match(/[a-zA-Z]+/g)[0].toUpperCase();
-    return Object.assign({}, super.locals(req, res, next), {
-      maxFileSize: `${maxNum} ${maxSize}`
-    });
-  }
-
-  validateField(key, req) {
-    if (req.form.values['other-info-file-upload']) {
-      const fileUpload = _.get(req.files, `${name}`);
-      if (fileUpload) {
-        const uploadSize = fileUpload.size;
-        const mimetype = fileUpload.mimetype;
-        const uploadSizeTooBig = uploadSize > (fileSizeNum(config.upload.maxFileSize) * 1000000);
-        const uploadSizeBeyondServerLimits = uploadSize === null;
-        const invalidMimetype = !config.upload.allowedMimeTypes.includes(mimetype);
-        const invalidSize = uploadSizeTooBig || uploadSizeBeyondServerLimits;
-
-        if (invalidSize || invalidMimetype) {
-          return new this.ValidationError(key, {
-            key,
-            type: invalidSize ? 'maxFileSize' : 'fileType',
-            redirect: undefined
-          });
-        }
-      } else {
-        return new this.ValidationError(key, {
-          key,
-          type: 'required',
-          redirect: undefined
-        });
-      }
-    }
-
-    return super.validateField(key, req);
+    return super.locals(req, res, next);
   }
 
   saveValues(req, res, next) {

apps/paf/index.js

@@ -1,5 +1,4 @@
 'use strict';
-/* eslint-disable max-len */
 const saveImage = require('./behaviours/save-file');
 const removeImage = require('./behaviours/remove-file');
 const CombineAndLoopFields = require('hof').components.combineAndLoopFields;
@@ -701,7 +700,7 @@ module.exports = {
         target: '/add-other-info-file-upload',
         condition: req => {
           if (req.form.values['other-info-file-upload']) {
-            return true;
+            return true
           }
           return false;
         }

apps/paf/models/file-upload.js

@@ -14,7 +14,6 @@ module.exports = class UploadModel extends Model {
 
   async save() {
     const result = await new Promise((resolve, reject) => {
-      console.log("url: " + config.upload.hostname);
       const attributes = {
         url: config.upload.hostname
       };
@@ -73,4 +72,4 @@ module.exports = class UploadModel extends Model {
       });
     });
   }
-};
+};

apps/paf/translations/src/en/validation.json

@@ -318,34 +318,6 @@
   "when-to-contact": {
     "maxlength": "You can't use more than {{maxlength}} characters for your answer"
   },
-  "boat-country-departure": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "airline-country-departure": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "crime-location-country": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "crime-another-location-country": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "train-country-departure": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "report-person-location-outside-uk-address-country": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
-  "report-person-location-travel-to-uk-country": {
-    "required": "Enter a valid country",
-    "notUrl": "Enter a valid country on the list"
-  },
   "other-info-file-upload": {
     "maxFileSize": "Select a file that is smaller than 100 MB",
     "fileType": "This file is not a valid file format you can upload to this service."

assets/scss/app.scss

@@ -231,48 +231,6 @@ pre.looped-records {
   word-break: break-all;
 }
 
-.crime-nav {
-  background-color: #1d70b8;
-}
-.crime-nav > a {
-  color: white !important;
-}
-
-.person-nav {
-  background-color: #1d70b8;
-}
-.person-nav > a {
-  color: white !important;
-}
-
-.organisation-nav {
-  background-color: #1d70b8;
-}
-.organisation-nav > a {
-  color: white !important;
-}
-
-.other-info-nav {
-  background-color: #1d70b8;
-}
-.other-info-nav > a {
-  color: white !important;
-}
-
-.about-you-nav {
-  background-color: #1d70b8;
-}
-.about-you-nav > a {
-  color: white !important;
-}
-
-.check-answers-nav {
-  background-color: #1d70b8;
-}
-.check-answers-nav > a {
-  color: white !important;
-}
-
 .time-input__item {
   display: inline-block;
   margin-right: 20px;
@@ -288,4 +246,3 @@ display: block;
 .time-input__item .govuk-error-message {
   display: none;
 }
-

bin/deploy.sh

@@ -4,17 +4,18 @@ set -e
 export INGRESS_INTERNAL_ANNOTATIONS=$HOF_CONFIG/ingress-internal-annotations.yaml
 export INGRESS_EXTERNAL_ANNOTATIONS=$HOF_CONFIG/ingress-external-annotations.yaml
 export CONFIGMAP_VALUES=$HOF_CONFIG/configmap-values.yaml
+export CONFIGMAP1_VALUES=$HOF_CONFIG/cacert-store.yaml
 export NGINX_SETTINGS=$HOF_CONFIG/nginx-settings.yaml
 export FILEVAULT_NGINX_SETTINGS=$HOF_CONFIG/filevault-nginx-settings.yaml
 export FILEVAULT_INGRESS_EXTERNAL_ANNOTATIONS=$HOF_CONFIG/filevault-ingress-external-annotations.yaml
 
-kd='kd --insecure-skip-tls-verify --timeout 10m --check-interval 10s'
+kd='kd --insecure-skip-tls-verify --timeout 20m --check-interval 10s'
 
 if [[ $1 == 'tear_down' ]]; then
   export KUBE_NAMESPACE=$BRANCH_ENV
   export DRONE_SOURCE_BRANCH=$(cat /root/.dockersock/branch_name.txt)
   $kd --delete -f kube/configmaps/configmap.yml
-  $kd --delete -f kube/redis -f kube/app -f kube/ims-resolver -f kube/file-vault
+  $kd --delete -f kube/redis -f kube/app -f kube/ims-resolver
   # echo "Torn Down UAT Branch - paf-$DRONE_SOURCE_BRANCH.internal.$BRANCH_ENV.homeoffice.gov.uk"
   echo "Torn Down Branch - paf-${DRONE_SOURCE_BRANCH}.internal.${BRANCH_ENV}.homeoffice.gov.uk"
   exit 0
@@ -26,6 +27,7 @@ export DRONE_SOURCE_BRANCH=$(echo $DRONE_SOURCE_BRANCH | tr '[:upper:]' '[:lower
 if [[ ${KUBE_NAMESPACE} == ${BRANCH_ENV} ]]; then
   $kd -f kube/file-vault/file-vault-ingress.yml
   $kd -f kube/configmaps
+  $kd -f kube/certmounts
   $kd -f kube/certs
   $kd -f kube/redis
   $kd -f kube/app

certs.js

@@ -0,0 +1,20 @@
+const https = require('https');
+const fs = require('fs');
+
+
+
+
+const getCertificate = function getRequest(){
+    https.get('https://ho-it-prp1-i-ie-ims.report-and-manage-intelligence.np.immigrationservices.phz/lagan/services/FL', options, (res) => {
+    // Handle the response
+    });
+}
+
+const options = {
+    ca: fs.readFileSync('/etc/ssl/certs/ims-prp1-ca.crt')
+    };
+
+module.exports = {
+    getCertificate: getCertificate,
+    options : options
+};

config.js

@@ -38,12 +38,4 @@ module.exports = {
     clientId: process.env.KEYCLOAK_CLIENT_ID,
     secret: process.env.KEYCLOAK_SECRET
   },
-  awsSqs: {
-    region: process.env.AWS_REGION || 'eu-west-2',
-    queueUrl: process.env.SQS_URL,
-    credentials: {
-      accessKeyId: process.env.ACCESS_KEY_ID,
-      secretAccessKey: process.env.SECRET_ACCESS_KEY
-    }
-  }
 };

kube/app/deployment.yml

@@ -155,14 +155,17 @@ spec:
           resources:
             requests:
               cpu: "100m"
-              memory: "256Mi"
-            limits:
-              cpu: "250m"
-              memory: "512Mi"
+              memory: "200Mi"
           volumeMounts:
             - mountPath: /public
               name: public
-
+        #     - name: cacert-store
+        #       mountPath: /etc/ssl/certs/ims-prp1-ca.crt
+        #       readOnly: false
+        # volumes:
+        #   - name: cacert-store
+        #     configMap:
+        #       name: cacert-store        
         - name: nginx-proxy
           # nginx-proxy-govuk:v4
           image: quay.io/ukhomeofficedigital/nginx-proxy-govuk@sha256:4470064d0b1d20ae08c5fd85551576cb687f342a22d6cb456fda9b2c4ce8c8df
@@ -184,4 +187,4 @@ spec:
             runAsNonRoot: true
       volumes:
         - name: public
-          emptyDir: {}
+          emptyDir: {}

kube/certmounts/certmounts.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cacert-store
+data:
+  ims-prp1-ca.crt: |
+{{ file .CONFIGMAP1_VALUES }}

kube/configmaps/configmap.yml

@@ -16,3 +16,4 @@ metadata:
     {{ end }}
 data:
 {{ file .CONFIGMAP_VALUES | indent 2 }}
+{{ file .CONFIGMAP1_VALUES | indent 2 }}