From e6f69e97d92962068f3971394c94698c750c8dcf Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Thu, 12 Dec 2024 14:29:33 -0500 Subject: [PATCH 1/8] ADR update --- adr/012-configs.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 adr/012-configs.md diff --git a/adr/012-configs.md b/adr/012-configs.md new file mode 100644 index 0000000..c523050 --- /dev/null +++ b/adr/012-configs.md @@ -0,0 +1,36 @@ +# 11. Azure Alerts + +Date: 2024-12-12 + +## Decision + +We will store partner config settings in an Azure container + +## Status + +Accepted. + +## Context + +In order to enable the usage of partner specific settings in the different parts of the app we are going to store the settings +in a config container in our Azure storage. Each partner will have it's own separate file in the container to minimize potential +blast radius when changing settings. + + +## Impact + +### Positive + +- We can continue to meet our partners where they are by having partner specific settings in the app in order to provide any needed customizations. + +### Negative + +- Some added complexity for the implementation of configs. + +### Risks + +- None + +## Related Issues + +- #1082 From 2b286b07a961bb7218be9adea15e485ba54ab3ae Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Thu, 12 Dec 2024 14:29:33 -0500 Subject: [PATCH 2/8] ADR update --- adr/012-configs.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 adr/012-configs.md diff --git a/adr/012-configs.md b/adr/012-configs.md new file mode 100644 index 0000000..c523050 --- /dev/null +++ b/adr/012-configs.md @@ -0,0 +1,36 @@ +# 11. Azure Alerts + +Date: 2024-12-12 + +## Decision + +We will store partner config settings in an Azure container + +## Status + +Accepted. + +## Context + +In order to enable the usage of partner specific settings in the different parts of the app we are going to store the settings +in a config container in our Azure storage. Each partner will have it's own separate file in the container to minimize potential +blast radius when changing settings. + + +## Impact + +### Positive + +- We can continue to meet our partners where they are by having partner specific settings in the app in order to provide any needed customizations. + +### Negative + +- Some added complexity for the implementation of configs. + +### Risks + +- None + +## Related Issues + +- #1082 From 3343e2852d162fbde1e54e99ea85c29787df14e5 Mon Sep 17 00:00:00 2001 From: Sylvie Date: Tue, 17 Dec 2024 10:46:35 -0600 Subject: [PATCH 3/8] notes and grammar Co-Authored-By: jcrichlake <145698165+jcrichlake@users.noreply.github.com> --- adr/012-configs.md | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/adr/012-configs.md b/adr/012-configs.md index c523050..4fcb143 100644 --- a/adr/012-configs.md +++ b/adr/012-configs.md @@ -1,4 +1,4 @@ -# 11. Azure Alerts +# 12. Partner configuration Date: 2024-12-12 @@ -12,20 +12,35 @@ Accepted. ## Context -In order to enable the usage of partner specific settings in the different parts of the app we are going to store the settings -in a config container in our Azure storage. Each partner will have it's own separate file in the container to minimize potential +In order to enable the usage of partner-specific settings in the different parts of the app, we are going to store the settings +in a config container in our Azure storage account. Each partner will have its own separate file within the container to minimize potential blast radius when changing settings. +## Notes +- config files should only contain non-secret values +- secrets will use a consistent naming pattern based on the partner ID used in config (so we can dynamically assemble the key names in code) +- config keys are their file names (minus .json) and match org names in ReportStream + +README +- skipping PR env? Defaults? +- config structure? and/or what settings are included? Maybe not, it was just easy to make it flat +- config loading timing? YAGNI on automagic refresh - restart app to reload configs. This should go somewhere, maybe in a +- folder structure - partner first with import etc inside of it. This might belong in another ADR +- add config for Flexion to enable testing + + ## Impact ### Positive - We can continue to meet our partners where they are by having partner specific settings in the app in order to provide any needed customizations. +- We can create separate testing config for the Flexion organizations ### Negative - Some added complexity for the implementation of configs. +- Initial implementation of the config will require either restarting or redeploying the app ### Risks From 4e21b64e898b160e8b4645a7c580b669984a3a2d Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Wed, 18 Dec 2024 10:04:30 -0500 Subject: [PATCH 4/8] Adding configs readme --- adr/012-configs.md | 7 ------- docs/configs.md | 7 +++++++ 2 files changed, 7 insertions(+), 7 deletions(-) create mode 100644 docs/configs.md diff --git a/adr/012-configs.md b/adr/012-configs.md index 4fcb143..391c1e4 100644 --- a/adr/012-configs.md +++ b/adr/012-configs.md @@ -22,13 +22,6 @@ blast radius when changing settings. - secrets will use a consistent naming pattern based on the partner ID used in config (so we can dynamically assemble the key names in code) - config keys are their file names (minus .json) and match org names in ReportStream -README -- skipping PR env? Defaults? -- config structure? and/or what settings are included? Maybe not, it was just easy to make it flat -- config loading timing? YAGNI on automagic refresh - restart app to reload configs. This should go somewhere, maybe in a -- folder structure - partner first with import etc inside of it. This might belong in another ADR -- add config for Flexion to enable testing - ## Impact diff --git a/docs/configs.md b/docs/configs.md new file mode 100644 index 0000000..c78d317 --- /dev/null +++ b/docs/configs.md @@ -0,0 +1,7 @@ +README +- skipping PR env? Defaults? +- config structure? and/or what settings are included? Maybe not, it was just easy to make it flat +- config loading timing? YAGNI on automagic refresh - restart app to reload configs. This should go somewhere, maybe in a +- folder structure - partner first with import etc inside of it. This might belong in another ADR +- add config for Flexion to enable testing + From 7b985d234460ae1fbd5aeb59b332b63bbc547f98 Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Wed, 18 Dec 2024 15:37:14 -0500 Subject: [PATCH 5/8] Adding FAQ and clarifying comments --- adr/012-configs.md | 1 - docs/configs.md | 12 ++++++------ src/config/config.go | 3 +++ 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/adr/012-configs.md b/adr/012-configs.md index 391c1e4..f854a01 100644 --- a/adr/012-configs.md +++ b/adr/012-configs.md @@ -22,7 +22,6 @@ blast radius when changing settings. - secrets will use a consistent naming pattern based on the partner ID used in config (so we can dynamically assemble the key names in code) - config keys are their file names (minus .json) and match org names in ReportStream - ## Impact ### Positive diff --git a/docs/configs.md b/docs/configs.md index c78d317..986b4b0 100644 --- a/docs/configs.md +++ b/docs/configs.md @@ -1,7 +1,7 @@ -README -- skipping PR env? Defaults? -- config structure? and/or what settings are included? Maybe not, it was just easy to make it flat -- config loading timing? YAGNI on automagic refresh - restart app to reload configs. This should go somewhere, maybe in a -- folder structure - partner first with import etc inside of it. This might belong in another ADR -- add config for Flexion to enable testing +# FAQ + +- We don't load configs in the PR environment. +- See [The partner settings struct](/src/config/config.go) for the config structure +- Configs load prior to the application running. Any changes to the config will require a restart of the Azure container to load those changes +- For local non-partner specific testing, we have a Flexion based config that can be used in non-prod environments diff --git a/src/config/config.go b/src/config/config.go index a047d23..8addfaa 100644 --- a/src/config/config.go +++ b/src/config/config.go @@ -8,6 +8,9 @@ import ( "slices" ) +/* +The below struct is the struct for the values of partner configs. If adding new configs add to this struct +*/ type PartnerSettings struct { DisplayName string `json:"displayName"` // full name if we need pretty names IsActive bool `json:"isActive"` From e830c63ad2581be9ddae8486e14193cb346fe28a Mon Sep 17 00:00:00 2001 From: Sylvie Date: Fri, 20 Dec 2024 10:06:22 -0600 Subject: [PATCH 6/8] lil bit of shuffling Co-Authored-By: jcrichlake <145698165+jcrichlake@users.noreply.github.com> --- adr/012-configs.md | 8 +------- docs/configs.md | 10 +++++++--- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/adr/012-configs.md b/adr/012-configs.md index f854a01..08f04cb 100644 --- a/adr/012-configs.md +++ b/adr/012-configs.md @@ -16,12 +16,6 @@ In order to enable the usage of partner-specific settings in the different parts in a config container in our Azure storage account. Each partner will have its own separate file within the container to minimize potential blast radius when changing settings. - -## Notes -- config files should only contain non-secret values -- secrets will use a consistent naming pattern based on the partner ID used in config (so we can dynamically assemble the key names in code) -- config keys are their file names (minus .json) and match org names in ReportStream - ## Impact ### Positive @@ -40,4 +34,4 @@ blast radius when changing settings. ## Related Issues -- #1082 +- #[1082](https://github.com/CDCgov/trusted-intermediary/issues/1082) diff --git a/docs/configs.md b/docs/configs.md index 986b4b0..d5d7dff 100644 --- a/docs/configs.md +++ b/docs/configs.md @@ -1,7 +1,11 @@ # FAQ - -- We don't load configs in the PR environment. +- We use the partner's organization name in ReportStream as the partner ID +- Config files are the partner ID plus `.json` +- Config keys in code are the partner ID +- We don't load configs in the PR environment - See [The partner settings struct](/src/config/config.go) for the config structure - Configs load prior to the application running. Any changes to the config will require a restart of the Azure container to load those changes - For local non-partner specific testing, we have a Flexion based config that can be used in non-prod environments - +- Config files should only contain non-secret values. Secrets will remain in Azure Key Vault + - secrets will use a consistent naming pattern based on the same partner ID used in config + (so we can dynamically assemble the key names in code) From 6887a3c946a7f2895b49fff2a8481b4a06ac6177 Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Fri, 20 Dec 2024 15:51:40 -0500 Subject: [PATCH 7/8] Adding link to secrets readme --- docs/configs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configs.md b/docs/configs.md index d5d7dff..f7bd7dd 100644 --- a/docs/configs.md +++ b/docs/configs.md @@ -8,4 +8,4 @@ - For local non-partner specific testing, we have a Flexion based config that can be used in non-prod environments - Config files should only contain non-secret values. Secrets will remain in Azure Key Vault - secrets will use a consistent naming pattern based on the same partner ID used in config - (so we can dynamically assemble the key names in code) + (so we can dynamically assemble the key names in code) [see here](../SECRETS.md) From 2b33f91175d79bfdc4212851924c3ca479357034 Mon Sep 17 00:00:00 2001 From: jcrichlake Date: Mon, 23 Dec 2024 11:19:53 -0500 Subject: [PATCH 8/8] Clarifying ADR language --- adr/012-configs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adr/012-configs.md b/adr/012-configs.md index 08f04cb..6e137b6 100644 --- a/adr/012-configs.md +++ b/adr/012-configs.md @@ -4,7 +4,7 @@ Date: 2024-12-12 ## Decision -We will store partner config settings in an Azure container +We will store partner SFTP config settings in an Azure container ## Status