From 3a17d45a97c84ecb4321cbfb467b54d247de1ee8 Mon Sep 17 00:00:00 2001
From: kurt-mcrae <kurtm60@gmail.com>
Date: Sun, 24 Nov 2024 18:53:19 +1100
Subject: [PATCH] Update config to allow injection of env vars for container
 deployment

---
 .env.sample                                   |  8 +++++
 .gitignore                                    |  2 ++
 .../Extensions/ServiceCollectionExtensions.cs | 32 +++++++++++-------
 backend/Program.cs                            |  5 +--
 compose.yaml                                  | 33 ++++++++++++++-----
 5 files changed, 58 insertions(+), 22 deletions(-)
 create mode 100644 .env.sample

diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..e665319
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,8 @@
+# Database credentials
+DB_USER=postgres
+DB_PASSWORD=password
+
+# NSW Fuel API credentials
+NSW_FUEL_API_KEY=1MYSRAx5yvqHUZc6VGtxix6oMA2qgfRT
+NSW_FUEL_API_SECRET=BMvWacw15Et8uFGF
+NSW_FUEL_API_AUTH_HEADER=MU1ZU1JBeDV5dnFIVVpjNlZHdHhpeDZvTUEycWdmUlQ6Qk12V2FjdzE1RXQ4dUZHRg==
diff --git a/.gitignore b/.gitignore
index 458bc63..3967081 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,5 @@ backend/obj/
 backend/bin/
 backend/appsettings.Production.json
 backend/.idea*
+
+.env
diff --git a/backend/Extensions/ServiceCollectionExtensions.cs b/backend/Extensions/ServiceCollectionExtensions.cs
index d971b21..88303a4 100644
--- a/backend/Extensions/ServiceCollectionExtensions.cs
+++ b/backend/Extensions/ServiceCollectionExtensions.cs
@@ -14,10 +14,8 @@ public static class ServiceCollectionExtensions
 {
     public static IServiceCollection ConfigureServices(this IServiceCollection services, IConfiguration configuration)
     {
-        var connectionString = configuration
-            .GetSection(nameof(TimescaleDbConfig))
-            .Get<TimescaleDbConfig>()!
-            .ConnectionString;
+        var connectionString = Environment.GetEnvironmentVariable("TIMESCALE_DB_CONNECTION") ??
+                               configuration.GetSection("TimescaleDbConfig").Get<TimescaleDbConfig>()!.ConnectionString;
 
         return services
             .AddSingleton<INswFuelApiService, NswFuelApiService>()
@@ -62,20 +60,30 @@ public static class ServiceCollectionExtensions
 
     public static void SetupConfiguration(this IServiceCollection services, IConfiguration configuration)
     {
+        var nswFuelApiConfig = new NswFuelApiConfig
+        {
+            BaseUrl = Environment.GetEnvironmentVariable("NSW_FUEL_API_BASE_URL") ??
+                      configuration.GetSection(nameof(NswFuelApiConfig)).Get<NswFuelApiConfig>()?.BaseUrl!,
+            ApiKey = Environment.GetEnvironmentVariable("NSW_FUEL_API_KEY") ??
+                     configuration.GetSection(nameof(NswFuelApiConfig)).Get<NswFuelApiConfig>()?.ApiKey!,
+            ApiSecret = Environment.GetEnvironmentVariable("NSW_FUEL_API_SECRET") ??
+                        configuration.GetSection(nameof(NswFuelApiConfig)).Get<NswFuelApiConfig>()?.ApiSecret!,
+            AuthorisationHeader = Environment.GetEnvironmentVariable("NSW_FUEL_API_AUTH_HEADER") ??
+                                  configuration.GetSection(nameof(NswFuelApiConfig)).Get<NswFuelApiConfig>()
+                                      ?.AuthorisationHeader!
+        };
+
         services
-            .AddSingleton(configuration.GetSection(nameof(NswFuelApiConfig)).Get<NswFuelApiConfig>()!)
+            .AddSingleton(nswFuelApiConfig)
             .AddSingleton(configuration.GetSection(nameof(SuburbBoundaryApiConfig)).Get<SuburbBoundaryApiConfig>()!);
     }
 
     public static void SetupDatabase(this IServiceCollection services, IConfiguration configuration)
     {
-        var connectionString = configuration
-            .GetSection(nameof(TimescaleDbConfig))
-            .Get<TimescaleDbConfig>()!
-            .ConnectionString;
+        var connectionString = Environment.GetEnvironmentVariable("TIMESCALE_DB_CONNECTION") ??
+                               configuration.GetSection("TimescaleDbConfig").Get<TimescaleDbConfig>()!.ConnectionString;
 
-        services
-            .AddSingleton<IDbConnectionFactory>(_ =>
-                new OrmLiteConnectionFactory(connectionString, PostgreSqlDialect.Provider));
+        services.AddSingleton<IDbConnectionFactory>(_ =>
+            new OrmLiteConnectionFactory(connectionString, PostgreSqlDialect.Provider));
     }
 }
\ No newline at end of file
diff --git a/backend/Program.cs b/backend/Program.cs
index e5fc5ce..d8d209d 100644
--- a/backend/Program.cs
+++ b/backend/Program.cs
@@ -30,13 +30,14 @@ builder.Services.AddSwaggerGen(c => c.EnableAnnotations());
 
 if (!isDevelopment)
 {
-    var allowedOrigins = builder.Configuration.GetSection("AllowedOrigins").Get<string[]>();
+    var allowedOrigins = Environment.GetEnvironmentVariable("ALLOWED_ORIGINS")?.Split(',') ??
+                         configuration.GetSection("AllowedOrigins").Get<string[]>();
 
     builder.Services.AddCors(options =>
     {
         options.AddDefaultPolicy(policy =>
         {
-            policy.WithOrigins(allowedOrigins ?? ["*"])
+            policy.WithOrigins(allowedOrigins ?? [])
                 .AllowAnyHeader()
                 .AllowAnyMethod();
         });
diff --git a/compose.yaml b/compose.yaml
index 8442a09..967eb30 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -1,11 +1,11 @@
 version: '3.8'
 
 networks:
-  fuel-app-network:
+  app-network:
     driver: bridge
 
 volumes:
-  timescaledb-data: #named volume for persisting database
+  timescaledb-data:
     driver: local
 
 services:
@@ -17,27 +17,39 @@ services:
     restart: unless-stopped
     container_name: backend-prod
     networks:
-      - fuel-app-network
+      - app-network
     depends_on:
       timescaledb-prod:
-        condition: service_healthy #wait for the database before starting the backend
+        condition: service_healthy
     ports:
+      #adjust the port for the API here. For example, "6000:5000" would expose port 6000 instead
       - "5000:5000"
+    environment:
+      - ASPNETCORE_ENVIRONMENT=Production
+      #adjust the ports here if you change the exposed port on the frontend
+      - ALLOWED_ORIGINS=http://localhost:3000,http://frontend-prod:3000
+      - TIMESCALE_DB_CONNECTION=Host=timescaledb-prod;Port=5432;Database=postgres;Username=${DB_USER};Password=${DB_PASSWORD}
+      - NSW_FUEL_API_BASE_URL=https://api.onegov.nsw.gov.au
+      - NSW_FUEL_API_KEY=${NSW_FUEL_API_KEY}
+      - NSW_FUEL_API_SECRET=${NSW_FUEL_API_SECRET}
+      - NSW_FUEL_API_AUTH_HEADER=${NSW_FUEL_API_AUTH_HEADER}
 
   timescaledb-prod:
     image: timescale/timescaledb-ha:pg16
     ports:
+      #this is exposed only to the docker network, so don't worry about this
       - "5432:5432"
     environment:
-      - POSTGRES_PASSWORD=password
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
+      - POSTGRES_USER=${DB_USER}
     restart: unless-stopped
     container_name: timescaledb-prod
     networks:
-      - fuel-app-network
+      - app-network
     volumes:
       - timescaledb-data:/var/lib/postgresql/data
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      test: ["CMD-SHELL", "pg_isready -U ${DB_USER}"]
       interval: 10s
       timeout: 5s
       retries: 5
@@ -50,6 +62,11 @@ services:
     restart: unless-stopped
     container_name: frontend-prod
     networks:
-      - fuel-app-network
+      - app-network
     ports:
+      #adjust the port for the frontend here. For example, "8080:3000" would expose port 8080 instead
       - "3000:3000"
+    environment:
+      #update this to the correct port if you adjust the API port above
+      - API_BASE_URL=http://backend-prod:5000
+      - DEPLOYMENT_ENVIRONMENT=production