Skip to content

Commit 28c5fda

Browse files
author
[Arusey]
committed
chore(block requests):block localhosts requests to deployment enviroments
- Block requests from localhoste being made to deployment enviroments Finishes #166203947
1 parent 25781ff commit 28c5fda

File tree

2 files changed

+16
-9
lines changed

2 files changed

+16
-9
lines changed

.circleci/config.yml

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -36,9 +36,9 @@ gcloud_setup: &gcloud_setup
3636
run:
3737
name: setup gcloud
3838
command: |
39-
# install
39+
# install
4040
sudo curl https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz > /tmp/google-cloud-sdk.tar.gz
41-
sudo mkdir -p /usr/local/gcloud
41+
sudo mkdir -p /usr/local/gcloud
4242
sudo tar -C /usr/local/gcloud -xvf /tmp/google-cloud-sdk.tar.gz
4343
sudo /usr/local/gcloud/google-cloud-sdk/install.sh --quiet
4444
echo PATH=$PATH:/usr/local/gcloud/google-cloud-sdk/bin >> ~/.bashrc
@@ -190,7 +190,7 @@ jobs:
190190
command: |
191191
./cc-test-reporter before-build
192192
. venv/bin/activate
193-
coverage combine parallel-coverage/
193+
coverage combine parallel-coverage/
194194
coverage xml
195195
coverage report
196196
./cc-test-reporter format-coverage -o ./.coverage -t coverage.py
@@ -221,18 +221,21 @@ jobs:
221221
echo "CELERY_BROKER_URL"=$(echo $IMAGE_CELERY_BROKER_URL_PRODUCTION) >> .env
222222
echo "CELERY_RESULT_BACKEND"=$(echo $IMAGE_CELERY_RESULT_BACKEND_PRODUCTION) >> .env
223223
echo "MRM_PUSH_URL"=$(echo $IMAGE_MRM_PUSH_URL_PRODUCTION) >> .env
224+
echo "PROD_REQUEST_URL"=$(echo $IMAGE_PROD_REQUEST_URL) >> .env
224225
elif [ "$CIRCLE_BRANCH" == develop ]; then
225226
echo "DEV_DATABASE_URL"=$(echo $IMAGE_DEV_DATABASE_URL_STAGING) >> .env
226227
echo "DATABASE_URL"=$(echo $IMAGE_DATABASE_URL_STAGING) >> .env
227228
echo "CELERY_BROKER_URL"=$(echo $IMAGE_CELERY_BROKER_URL_STAGING) >> .env
228229
echo "CELERY_RESULT_BACKEND"=$(echo $IMAGE_CELERY_RESULT_BACKEND_STAGING) >> .env
229230
echo "MRM_PUSH_URL"=$(echo $IMAGE_MRM_PUSH_URL_STAGING) >> .env
231+
echo "PROD_REQUEST_URL"=$(echo $IMAGE_PROD_REQUEST_URL) >> .env
230232
else
231233
echo "DEV_DATABASE_URL"=$(echo $IMAGE_DEV_DATABASE_URL_SANDBOX) >> .env
232234
echo "DATABASE_URL"=$(echo $IMAGE_DATABASE_URL_SANDBOX) >> .env
233235
echo "CELERY_BROKER_URL"=$(echo $IMAGE_CELERY_BROKER_URL_SANDBOX) >> .env
234236
echo "CELERY_RESULT_BACKEND"=$(echo $IMAGE_CELERY_RESULT_BACKEND_SANDBOX) >> .env
235237
echo "MRM_PUSH_URL"=$(echo $IMAGE_MRM_PUSH_URL_SANDBOX) >> .env
238+
echo "PROD_REQUEST_URL"=$(echo $IMAGE_PROD_REQUEST_URL) >> .env
236239
fi
237240
echo "SECRET_KEY"=$(echo $IMAGE_SECRET_KEY) >> .env
238241
echo "MAIL_SERVER"=$(echo $IMAGE_MAIL_SERVER) >> .env
@@ -301,13 +304,13 @@ jobs:
301304
command: |
302305
if [ "$CIRCLE_BRANCH" == master ] || [ "$CIRCLE_BRANCH" == develop ]; then
303306
touch google-service-key.json
304-
echo $GOOGLE_CREDENTIALS_STAGING | base64 --decode >> google-service-key.json
307+
echo $GOOGLE_CREDENTIALS_STAGING | base64 --decode >> google-service-key.json
305308
gcloud auth activate-service-account --key-file google-service-key.json
306309
gcloud --quiet config set project ${GOOGLE_PROJECT_ID_STAGING}
307310
gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}
308311
else
309312
touch google-service-key.json
310-
echo $GOOGLE_CREDENTIALS_SANDBOX | base64 --decode >> google-service-key.json
313+
echo $GOOGLE_CREDENTIALS_SANDBOX | base64 --decode >> google-service-key.json
311314
gcloud auth activate-service-account --key-file google-service-key.json
312315
gcloud --quiet config set project ${GOOGLE_PROJECT_ID_SANDBOX}
313316
gcloud --quiet config set compute/zone ${GOOGLE_COMPUTE_ZONE}

app.py

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,27 @@
1+
import os
12
from flask import Flask, render_template
2-
33
from flask_graphql import GraphQLView
4-
from flask_cors import CORS
54
from flask_json import FlaskJSON
65

76
from flask_mail import Mail
87
from config import config
98
from helpers.database import db_session
109
from schema import schema
10+
from flask_cors import CORS
1111
from healthcheck_schema import healthcheck_schema
1212
from helpers.auth.authentication import Auth
1313
from api.analytics.analytics_request import AnalyticsRequest
1414

1515
mail = Mail()
1616

17-
1817
def create_app(config_name):
1918
app = Flask(__name__)
20-
CORS(app)
2119
FlaskJSON(app)
20+
if config_name == 'development' or 'testing':
21+
CORS(app, resources={r"/mrm": {"origins": "*"}})
22+
if config_name == 'production':
23+
CORS(app, resources={
24+
r"/mrm": {"origins": os.environ.get("PROD_REQUEST_URL").split(',')}}) # noqa 501
2225
app.config.from_object(config[config_name])
2326
config[config_name].init_app(app)
2427
mail.init_app(app)
@@ -35,6 +38,7 @@ def index():
3538
graphiql=True # for having the GraphiQL interface
3639
)
3740
)
41+
3842
app.add_url_rule(
3943
'/_healthcheck',
4044
view_func=GraphQLView.as_view(

0 commit comments

Comments
 (0)