Merge branch 'master' into feature/EUI-1685-global-tokens

hmcts · Mar 30, 2020 · dd36e25 · dd36e25
2 parents 26fbfaa + 7fc425c
commit dd36e25
Show file tree

Hide file tree

Showing 28 changed files with 346 additions and 53 deletions.
diff --git a/Jenkinsfile_CNP b/Jenkinsfile_CNP
@@ -30,9 +30,10 @@ def secrets = [
   'rpx-${env}': [
     secret('mc-s2s-client-secret', 'S2S_SECRET'),
     secret('mc-idam-client-secret', 'IDAM_SECRET'),
+    secret('webapp-redis-connection-string', 'REDISCLOUD_URL'),
     secret('test-email', 'TEST_EMAIL'),
     secret('test-password', 'TEST_PASSWORD'),
-    secret('APPINSIGHTS-INSTRUMENTATIONKEY-MO', 'APPINSIGHTS_INSTRUMENTATIONKEY')
+    secret('appinsights-instrumentationkey-mc', 'APPINSIGHTS_INSTRUMENTATIONKEY')
   ],
   ]
 

diff --git a/Jenkinsfile_parameterized b/Jenkinsfile_parameterized
@@ -25,7 +25,7 @@ def channel   = '#xui-pipeline'
 List<LinkedHashMap<String, Object>> secrets = [
   secret('mc-s2s-client-secret',                 'S2S_SECRET'),
   secret('mc-idam-client-secret',              'IDAM_SECRET'),
-  secret('AppInsightsInstrumentationKey', 'APPINSIGHTS_INSTRUMENTATIONKEY')
+  secret('appinsights-instrumentationkey-mc', 'APPINSIGHTS_INSTRUMENTATIONKEY')
 ]
 
 static LinkedHashMap<String, Object> secret(String secretName, String envVar) {

diff --git a/README.md b/README.md
@@ -183,4 +183,4 @@ Extended version of script below:
 (https://robferguson.org/blog/2017/09/09/a-simple-logging-service-for-angular-4/)
 
 END
-Trigger2
+Trigger6
diff --git a/api/application.ts b/api/application.ts
@@ -3,16 +3,16 @@ import * as cookieParser from 'cookie-parser'
 import * as express from 'express'
 import * as session from 'express-session'
 import * as helmet from 'helmet'
-import * as sessionFileStore from 'session-file-store'
 import * as auth from './auth'
-import {getConfigValue, showFeature} from './configuration'
+import { getConfigValue, showFeature } from './configuration'
 import {
     APP_INSIGHTS_KEY,
     COOKIES_TOKEN,
     COOKIES_USER_ID,
     FEATURE_APP_INSIGHTS_ENABLED,
     FEATURE_HELMET_ENABLED,
     FEATURE_PROXY_ENABLED,
+    FEATURE_REDIS_ENABLED,
     FEATURE_SECURE_COOKIE_ENABLED,
     FEATURE_TERMS_AND_CONDITIONS_ENABLED,
     HELMET,
@@ -21,6 +21,8 @@ import {
     MICROSERVICE,
     NOW,
     PROTOCOL,
+    REDIS_KEY_PREFIX,
+    REDIS_TTL,
     SERVICE_S2S_PATH,
     SERVICES_DOCUMENTS_API_PATH,
     SERVICES_EM_ANNO_API_URL,
@@ -38,7 +40,9 @@ import {errorStack} from './lib/errorStack'
 import * as log4jui from './lib/log4jui'
 import authInterceptor from './lib/middleware/auth'
 import {JUILogger} from './lib/models'
+import { getStore } from './lib/sessionStore'
 import * as tunnel from './lib/tunnel'
+import openRoutes from './openRoutes'
 import * as postCodeLookup from './postCodeLookup'
 import {router as printRouter} from './print/routes'
 import routes from './routes'
@@ -51,8 +55,6 @@ if (showFeature(FEATURE_HELMET_ENABLED)) {
     app.use(helmet(getConfigValue(HELMET)))
 }
 
-const FileStore = sessionFileStore(session)
-
 app.set('trust proxy', 1)
 app.use(
     session({
@@ -66,9 +68,7 @@ app.use(
         saveUninitialized: true,
         secret: getConfigValue(SESSION_SECRET),
         // TODO: remove this and use values from cookie token instead
-        store: new FileStore({
-            path: getConfigValue(NOW) ? '/tmp/sessions' : '.sessions',
-        }),
+        store: getStore(),
     })
 )
 
@@ -81,6 +81,8 @@ app.use(bodyParser.urlencoded({extended: true}))
 tunnel.init()
 
 app.get('/oauth2/callback', auth.authenticateUser)
+app.use('/external', openRoutes)
+
 app.get('/api/logout', (req, res) => {
     auth.doLogout(req, res)
 })
@@ -130,6 +132,10 @@ app.get('/health', (req, res) => {
         featureAppInsightEnabled: showFeature(FEATURE_APP_INSIGHTS_ENABLED),
         featureProxyEnabled: showFeature(FEATURE_PROXY_ENABLED),
         featureTermsAndConditionsEnabled: showFeature(FEATURE_TERMS_AND_CONDITIONS_ENABLED),
+        featureRedisEnabled: showFeature(FEATURE_REDIS_ENABLED),
+        // 6th set
+        redisKeyPrefix: getConfigValue(REDIS_KEY_PREFIX),
+        redisTtl: getConfigValue(REDIS_TTL),
     })
 })
 // separate route for document upload/view

diff --git a/api/configuration/references.ts b/api/configuration/references.ts
@@ -9,12 +9,13 @@
  * This file should be representative of the .json files in /config
  */
 export const S2S_SECRET = 'secrets.rpx.mc-s2s-client-secret'
+export const REDIS_CLOUD_URL = 'secrets.rpx.webapp-redis-connection-string'
 
 export const COOKIES_TOKEN = 'cookies.token'
 export const COOKIES_USER_ID = 'cookies.userId'
 export const COOKIES_SESSION_ID = 'cookies.sessionId'
 
-export const APP_INSIGHTS_KEY = 'secrets.rpx.AppInsightsInstrumentationKey'
+export const APP_INSIGHTS_KEY = 'secrets.rpx.appinsights-instrumentationkey-mc'
 
 export const LOGGING = 'logging'
 export const MAX_LOG_LINE = 'maxLogLine'
@@ -59,4 +60,11 @@ export const FEATURE_APP_INSIGHTS_ENABLED = 'appInsightsEnabled'
 export const FEATURE_PROXY_ENABLED = 'proxyEnabled'
 export const FEATURE_TERMS_AND_CONDITIONS_ENABLED = 'termsAndConditionsEnabled'
 export const FEATURE_HELMET_ENABLED = 'helmetEnabled'
+export const FEATURE_REDIS_ENABLED = 'redisEnabled'
+
 export const HELMET = 'helmet'
+
+export const REDIS_KEY_PREFIX = 'redis.prefix'
+export const REDIS_TTL = 'redis.ttl'
+
+export const USER_TIMEOUT_IN_SECONDS = 'userTimeoutInSeconds'
diff --git a/api/configurationUI/index.ts b/api/configurationUI/index.ts
@@ -0,0 +1,26 @@
+import * as express from 'express'
+import {getConfigValue} from '../configuration'
+import {
+  PROTOCOL,
+  SERVICES_IDAM_CLIENT_ID,
+  SERVICES_IDAM_LOGIN_URL,
+  SERVICES_IDAM_OAUTH_CALLBACK_URL,
+} from '../configuration/references'
+
+export const router = express.Router({mergeParams: true})
+
+router.get('/', configurationUIRoute)
+
+/**
+ * All the following environmental variables are passed to the UI.
+ */
+async function configurationUIRoute(req, res) {
+  res.status(200).send({
+    clientId: getConfigValue(SERVICES_IDAM_CLIENT_ID),
+    idamWeb: getConfigValue(SERVICES_IDAM_LOGIN_URL),
+    oAuthCallback: getConfigValue(SERVICES_IDAM_OAUTH_CALLBACK_URL),
+    protocol: getConfigValue(PROTOCOL),
+  })
+}
+
+export default router
diff --git a/api/lib/sessionStore.ts b/api/lib/sessionStore.ts
@@ -0,0 +1,59 @@
+import * as connectRedis from 'connect-redis'
+import * as session from 'express-session'
+import * as redis from 'redis'
+import * as sessionFileStore from 'session-file-store'
+import {getConfigValue, showFeature} from '../configuration'
+import {
+  FEATURE_REDIS_ENABLED,
+  NOW,
+  REDIS_CLOUD_URL,
+  REDIS_KEY_PREFIX,
+  REDIS_TTL
+} from '../configuration/references'
+
+const RedisStore = connectRedis(session)
+const FileStore = sessionFileStore(session)
+
+let store = null
+
+export const getRedisStore = () => {
+    console.log('using RedisStore')
+
+    const tlsOptions = {
+      prefix: getConfigValue(REDIS_KEY_PREFIX),
+    }
+
+    const redisClient = redis.createClient(
+      getConfigValue(REDIS_CLOUD_URL),
+      tlsOptions
+    )
+
+    redisClient.on('ready', () => {
+        console.log('redis client connected successfully')
+    })
+
+    redisClient.on('error', console.error)
+
+    return new RedisStore({
+        client: redisClient,
+        ttl: getConfigValue(REDIS_TTL),
+    })
+}
+
+export const getFileStore = () => {
+    console.log('using FileStore')
+    return new FileStore({
+        path: getConfigValue(NOW) ? '/tmp/sessions' : '.sessions',
+    })
+}
+
+export const getStore = () => {
+    if (!store) {
+        if (showFeature(FEATURE_REDIS_ENABLED)) {
+            store = getRedisStore()
+        } else {
+            store = getFileStore()
+        }
+    }
+    return store
+}
diff --git a/api/local.ts b/api/local.ts
@@ -9,6 +9,7 @@ import {
   COOKIES_TOKEN,
   FEATURE_APP_INSIGHTS_ENABLED,
   FEATURE_PROXY_ENABLED,
+  FEATURE_REDIS_ENABLED,
   FEATURE_SECURE_COOKIE_ENABLED,
   FEATURE_TERMS_AND_CONDITIONS_ENABLED,
   HEALTH,
@@ -55,6 +56,8 @@ console.log('Proxy enabled:')
 console.log(showFeature(FEATURE_PROXY_ENABLED))
 console.log('Terms and Conditions enabled:')
 console.log(showFeature(FEATURE_TERMS_AND_CONDITIONS_ENABLED))
+console.log('Redis enabled:')
+console.log(showFeature(FEATURE_REDIS_ENABLED))
 console.log('END CHECK OF ENVIRONMENTAL VARIABLES')
 
 console.log(getConfigValue(S2S_SECRET))

diff --git a/api/openRoutes.ts b/api/openRoutes.ts
@@ -0,0 +1,8 @@
+import * as express from 'express'
+import getConfigurationUIRouter from './configurationUI'
+
+const router = express.Router({ mergeParams: true })
+
+router.use('/configuration-ui', getConfigurationUIRouter)
+
+export default router
diff --git a/api/package.json b/api/package.json
@@ -10,7 +10,7 @@
         "watch": "nodemon  -r dotenv-extended/config --watch '**/*.ts' --exec ts-node local.ts",
         "test": "mocha -r dotenv-extended/config",
         "test:watch": "mocha --watch --recursive --watch-extensions ts",
-        "start": "cd ../dist/jui-backend && node server.js"
+        "start": "node -r dotenv-extended/config ../dist/rpx-exui/api/server.bundle.js"
     },
     "private": true,
     "dependencies": {}

diff --git a/api/server.ts b/api/server.ts
@@ -10,6 +10,7 @@ import {
   COOKIES_TOKEN,
   FEATURE_APP_INSIGHTS_ENABLED,
   FEATURE_PROXY_ENABLED,
+  FEATURE_REDIS_ENABLED,
   FEATURE_SECURE_COOKIE_ENABLED,
   FEATURE_TERMS_AND_CONDITIONS_ENABLED,
   HEALTH,
@@ -78,6 +79,8 @@ console.log('Proxy enabled:')
 console.log(showFeature(FEATURE_PROXY_ENABLED))
 console.log('Terms and Conditions enabled:')
 console.log(showFeature(FEATURE_TERMS_AND_CONDITIONS_ENABLED))
+console.log('Redis enabled:')
+console.log(showFeature(FEATURE_REDIS_ENABLED))
 console.log('END CHECK OF ENVIRONMENTAL VARIABLES')
 
 console.log('s2s secret')

diff --git a/charts/xui-webapp/Chart.yaml b/charts/xui-webapp/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 name: xui-webapp
 home: https://github.com/hmcts/rpx-xui-webapp
-version: 0.1.31
+version: 0.1.39
 description: Expert UI
 maintainers:
   - name: HMCTS RPX XUI
diff --git a/charts/xui-webapp/requirements.yaml b/charts/xui-webapp/requirements.yaml
@@ -1,4 +1,8 @@
 dependencies:
   - name: nodejs
-    version: 1.9.0
+    version: ~1.9.0
     repository: '@hmctspublic'
+  - name: redis
+    version: ~7.1.0
+    repository: "@stable"
+    condition: redis.enabled
diff --git a/charts/xui-webapp/values.preview.template.yaml b/charts/xui-webapp/values.preview.template.yaml
@@ -5,3 +5,7 @@ nodejs:
      NODE_TLS_REJECT_UNAUTHORIZED: 0
      SERVICES_IDAM_API_URL: https://idam-api.aat.platform.hmcts.net
      SERVICES_IDAM_LOGIN_URL: https://idam-web-public.aat.platform.hmcts.net
+     REDISCLOUD_URL: redis://ignore:fake-password@${SERVICE_NAME}-redis-master:6379
+redis:
+  enabled: true
+
diff --git a/charts/xui-webapp/values.yaml b/charts/xui-webapp/values.yaml
@@ -1,3 +1,13 @@
+redis:
+  enabled: false
+  cluster:
+    enabled: false
+    slaveCount: 0
+  password: fake-password
+  master:
+    persistence:
+      enabled: false
+
 nodejs:
   aadIdentityName: xui
   applicationPort: 3000
@@ -42,18 +52,27 @@ nodejs:
     SERVICES_S2S: http://rpe-service-auth-provider-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal
     # Services T&Cs
     SERVICES_TERMS_AND_CONDITIONS: http://xui-terms-and-conditions-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal
+
+    #Feature Flags
     FEATURE_APP_INSIGHTS_ENABLED: true
     FEATURE_SECURE_COOKIE_ENABLED: true
     FEATURE_PROXY_ENABLED: false
-    FEATURE_TERMS_AND_CONDITIONS_ENABLED: true
+    FEATURE_TERMS_AND_CONDITIONS_ENABLED: false
     FEATURE_HELMET_ENABLED: true
+    FEATURE_REDIS_ENABLED: true
+
+    # Redis
+    REDIS_KEY_PREFIX: 'activity:'
+    REDIS_TTL: 6000
+
   keyVaults:
     rpx:
       resourceGroup: rpx
       secrets:
         - mc-s2s-client-secret
         - mc-idam-client-secret
-        - AppInsightsInstrumentationKey
+        - appinsights-instrumentationkey-mc
+        - webapp-redis-connection-string
   # Don't modify below here
   image: ${IMAGE_NAME}
   ingressHost: ${SERVICE_FQDN}
diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json
@@ -43,9 +43,10 @@
   "sessionSecret": "SESSION_SECRET",
   "secrets": {
     "rpx": {
-      "AppInsightsInstrumentationKey": "APPINSIGHTS_INSTRUMENTATIONKEY",
+      "appinsights-instrumentationkey-mc": "APPINSIGHTS_INSTRUMENTATIONKEY",
       "mc-s2s-client-secret": "S2S_SECRET",
-      "mc-idam-client-secret": "IDAM_SECRET"
+      "mc-idam-client-secret": "IDAM_SECRET",
+      "webapp-redis-connection-string": "REDISCLOUD_URL"
     }
   },
   "jurisdictions": "JURISDICTIONS",
@@ -73,10 +74,18 @@
     "helmetEnabled": {
       "__name": "FEATURE_HELMET_ENABLED",
       "__format": "json"
+    },
+    "redisEnabled": {
+      "__name": "FEATURE_REDIS_ENABLED",
+      "__format": "json"
     }
   },
   "helmet": {
     "__name": "HELMET_CONFIG",
     "__format": "json"
+  },
+  "redis": {
+    "prefix": "REDIS_KEY_PREFIX",
+    "ttl": "REDIS_TTL"
   }
 }