Preprod (#185)

.github/workflows/ppd.yml

@@ -0,0 +1,73 @@
+name: Preprod - Build & Deploy to Scaleway
+
+on:
+  push:
+    branches: [preprod]
+
+env:
+  PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4
+  NAMESPACE_ID: a052faf9-a712-41d7-bbfa-8293ee948e70
+  CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreppdw9e10llz
+  IMAGE_NAME: back
+  CONTAINER_NAME: back
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Copy SSH
+        run: cp ~/.ssh/id_rsa id_rsa
+      - name: Login to Scaleway Container Registry
+        uses: docker/login-action@v3
+        with:
+          username: nologin
+          password: ${{ secrets.SCW_SECRET_KEY }}
+          registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }}
+      - name: Build the Docker Image
+        run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+      - name: Push the Docker Image to Scaleway Container Registry
+        run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+  deploy-to-scaleway:
+    needs: build-and-push-image
+    runs-on: ubuntu-latest
+    environment: preprod
+    steps:
+      - name: Install CLI
+        uses: scaleway/action-scw@v0
+      - name: Get container ID
+        run: |
+          echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV
+        env:
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
+      - name: Deploy the container based on the new image
+        run: |
+            env_string=""
+            while IFS= read -r line; do
+              if [[ "$line" == *"="* ]]; then
+                key=$(echo "$line" | cut -d '=' -f 1)
+                value=$(echo "$line" | cut -d '=' -f 2-)
+                if [[ -n "$key" ]]; then
+                  env_string+="environment-variables.$key=$value "
+                fi
+              fi
+            done <<< "$ENV_VARS"
+            env_string=$(echo $env_string | sed 's/ $//')
+            scw container container update ${{ env.CONTAINER_ID }} $env_string       
+        env:
+          ENV_VARS: ${{ secrets.ENV }}
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}

.github/workflows/prd.yml

@@ -0,0 +1,73 @@
+name: Prod - Build & Deploy to Scaleway
+
+on:
+  push:
+    branches: [main]
+
+env:
+  PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4
+  NAMESPACE_ID: 17374437-5428-468c-9f41-d89787ffce0e
+  CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffreprdg7h5bbub
+  IMAGE_NAME: back
+  CONTAINER_NAME: back
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Copy SSH
+        run: cp ~/.ssh/id_rsa id_rsa
+      - name: Login to Scaleway Container Registry
+        uses: docker/login-action@v3
+        with:
+          username: nologin
+          password: ${{ secrets.SCW_SECRET_KEY }}
+          registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }}
+      - name: Build the Docker Image
+        run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+      - name: Push the Docker Image to Scaleway Container Registry
+        run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+  deploy-to-scaleway:
+    needs: build-and-push-image
+    runs-on: ubuntu-latest
+    environment: prod
+    steps:
+      - name: Install CLI
+        uses: scaleway/action-scw@v0
+      - name: Get container ID
+        run: |
+          echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV
+        env:
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
+      - name: Deploy the container based on the new image
+        run: |
+            env_string=""
+            while IFS= read -r line; do
+              if [[ "$line" == *"="* ]]; then
+                key=$(echo "$line" | cut -d '=' -f 1)
+                value=$(echo "$line" | cut -d '=' -f 2-)
+                if [[ -n "$key" ]]; then
+                  env_string+="environment-variables.$key=$value "
+                fi
+              fi
+            done <<< "$ENV_VARS"
+            env_string=$(echo $env_string | sed 's/ $//')
+            scw container container update ${{ env.CONTAINER_ID }} $env_string       
+        env:
+          ENV_VARS: ${{ secrets.ENV }}
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}

.github/workflows/stg.yml

@@ -0,0 +1,73 @@
+name: Staging - Build & Deploy to Scaleway
+
+on:
+  push:
+    branches: [staging]
+
+env:
+  PROJECT_ID: c0ed1e9e-d945-461f-920c-98c844ef1ad4
+  NAMESPACE_ID: 9f949ff2-97bc-4979-ade2-1994dcaabde0
+  CONTAINER_REGISTRY_ENDPOINT: rg.fr-par.scw.cloud/funcscwlecoffrestgqhhn4ixh
+  IMAGE_NAME: back
+  CONTAINER_NAME: back
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Copy SSH
+        run: cp ~/.ssh/id_rsa id_rsa
+      - name: Login to Scaleway Container Registry
+        uses: docker/login-action@v3
+        with:
+          username: nologin
+          password: ${{ secrets.SCW_SECRET_KEY }}
+          registry: ${{ env.CONTAINER_REGISTRY_ENDPOINT }}
+      - name: Build the Docker Image
+        run: docker build . -t ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+      - name: Push the Docker Image to Scaleway Container Registry
+        run: docker push ${{ env.CONTAINER_REGISTRY_ENDPOINT }}/${{ env.IMAGE_NAME }}
+  deploy-to-scaleway:
+    needs: build-and-push-image
+    runs-on: ubuntu-latest
+    environment: staging
+    steps:
+      - name: Install CLI
+        uses: scaleway/action-scw@v0
+      - name: Get container ID
+        run: |
+          echo "CONTAINER_ID=$(scw container container list namespace-id=${{env.NAMESPACE_ID}} -o json | jq -r '.[] | select(.name == "${{ env.CONTAINER_NAME }}") | .id')" >> $GITHUB_ENV
+        env:
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}
+      - name: Deploy the container based on the new image
+        run: |
+            env_string=""
+            while IFS= read -r line; do
+              if [[ "$line" == *"="* ]]; then
+                key=$(echo "$line" | cut -d '=' -f 1)
+                value=$(echo "$line" | cut -d '=' -f 2-)
+                if [[ -n "$key" ]]; then
+                  env_string+="environment-variables.$key=$value "
+                fi
+              fi
+            done <<< "$ENV_VARS"
+            env_string=$(echo $env_string | sed 's/ $//')
+            scw container container update ${{ env.CONTAINER_ID }} $env_string       
+        env:
+          ENV_VARS: ${{ secrets.ENV }}
+          SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+          SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+          SCW_DEFAULT_PROJECT_ID: ${{ env.PROJECT_ID }}
+          SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_ORGANIZATION_ID }}

devops/stg.values.yaml

@@ -18,10 +18,10 @@ lecoffreBack:
     limits:
       memory: 2Gi
   ingress: 
-    host: api.stg.lecoffre.smart-chain.fr
+    host: api-tp.stg.lecoffre.smart-chain.fr
     tls:
       hosts: 
-      - api.stg.lecoffre.smart-chain.fr 
+      - api-tp.stg.lecoffre.smart-chain.fr 
       secretName: api-tls
     annotations:
       kubernetes.io/ingress.class: nginx

src/app/api/idnot/OfficeController.ts

@@ -0,0 +1,34 @@
+import { Response, Request } from "express";
+import { Controller, Get } from "@ControllerPattern/index";
+import ApiController from "@Common/system/controller-pattern/ApiController";
+import { Service } from "typedi";
+import IdNotService from "@Services/common/IdNotService/IdNotService";
+
+@Controller()
+@Service()
+export default class UserController extends ApiController {
+	constructor (private idNotService: IdNotService) {
+		super();
+	}
+
+	@Get("/api/v1/idnot/office/:uid/office-memberships")
+	protected async getOfficeMemberships(req: Request, response: Response) {
+		try {
+            const uid = req.params["uid"];
+            if (!uid) {
+                this.httpBadRequest(response, "uid is required");
+                return;
+            }
+
+			const officeMemberships = await this.idNotService.getOfficeMemberships(uid);
+			this.httpSuccess(response, officeMemberships);
+		} catch (error) {
+			console.log(error);
+			this.httpInternalError(response);
+			return;
+		}
+	}
+}
+
+
+

src/app/index.ts

@@ -48,7 +48,7 @@ import UserNotificationController from "./api/notary/UserNotificationController"
 import AuthController from "./api/customer/AuthController";
 import NotaryOfficeRibController from "./api/notary/OfficeRibController";
 import CustomerOfficeRibController from "./api/customer/OfficeRibController";
-
+import IdNotOfficeController from "./api/idnot/OfficeController";
 /**
  * @description This allow to declare all controllers used in the application
  */
@@ -104,5 +104,6 @@ export default {
 		Container.get(AuthController);
 		Container.get(NotaryOfficeRibController);
 		Container.get(CustomerOfficeRibController);
+		Container.get(IdNotOfficeController)
 	},
 };

src/common/config/variables/Variables.ts

@@ -186,10 +186,10 @@ export class BackendVariables {
 		this.OVH_CONSUMER_KEY = process.env["OVH_CONSUMER_KEY"]!;
 		this.OVH_SMS_SERVICE_NAME = process.env["OVH_SMS_SERVICE_NAME"]!;
 		this.SMS_FACTOR_TOKEN = process.env["SMS_FACTOR_TOKEN"]!;
-		this.SCW_ACCESS_KEY_ID = process.env["SCW_ACCESS_KEY_ID"]!;
+		this.SCW_ACCESS_KEY_ID = process.env["ACCESS_KEY_ID"]!;
-		this.SCW_ACCESS_KEY_SECRET = process.env["SCW_ACCESS_KEY_SECRET"]!;
+		this.SCW_ACCESS_KEY_SECRET = process.env["ACCESS_KEY_SECRET"]!;
-		this.SCW_BUCKET_ENDPOINT = process.env["SCW_BUCKET_ENDPOINT"]!;
+		this.SCW_BUCKET_ENDPOINT = process.env["BUCKET_ENDPOINT"]!;
-		this.SCW_BUCKET_NAME = process.env["SCW_BUCKET_NAME"]!;
+		this.SCW_BUCKET_NAME = process.env["BUCKET_NAME"]!;
 	}
 	public async validate(groups?: string[]) {
 		const validationOptions = groups ? { groups } : undefined;

src/services/common/IdNotService/IdNotService.ts

@@ -120,13 +120,16 @@ export default class IdNotService extends BaseService {
 			redirect_uri: this.variables.IDNOT_REDIRECT_URL,
 			code: code,
 			grant_type: "authorization_code",
-		});
+		});		
 		
 		const token = await fetch(this.variables.IDNOT_BASE_URL + this.variables.IDNOT_CONNEXION_URL + "?" + query, { method: "POST" });
+		
 		if(token.status !== 200) console.error(await token.text());
 		
 		const decodedToken = (await token.json()) as IIdNotToken;
+		
 		const decodedIdToken = jwt.decode(decodedToken.id_token) as IdNotJwtPayload;
+		
 
 		return decodedIdToken;
 	}
@@ -173,6 +176,19 @@ export default class IdNotService extends BaseService {
 		}
 	}
 
+	public async getOfficeMemberships(officeId: string) {
+		const officeInfos = await this.officeService.getByUid(officeId);		
+		const office = Office.hydrate<Office>(officeInfos!);
+		const searchParams = new URLSearchParams({
+			key: this.variables.IDNOT_API_KEY,
+		});
+		return (await (
+			await fetch(`${this.variables.IDNOT_API_BASE_URL}/api/pp/v2/entites/${office.idNot}/personnes?` + searchParams, {
+				method: "GET",
+			})
+		).json()) as any;		
+	}
+
 	public getOfficeStatus(statusName: string) {
 		switch (statusName) {
 			case "Pourvu":