Merge pull request #24 from DFE-Digital/patch/builder-services

Add missing services to frontend project
DFE-Digital · Jan 6, 2025 · ab08828 · ab08828
2 parents 29b4755 + 3654505
commit ab08828
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 6 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -30,6 +30,7 @@ COPY ./src/${PROJECT_NAME}.Utils/${PROJECT_NAME}.Utils.csproj
 COPY ./src/Tests/${PROJECT_NAME}.Api.Tests.Integration/${PROJECT_NAME}.Api.Tests.Integration.csproj ./src/Tests/${PROJECT_NAME}.Api.Tests.Integration/
 COPY ./src/Tests/${PROJECT_NAME}.Application.Tests/${PROJECT_NAME}.Application.Tests.csproj         ./src/Tests/${PROJECT_NAME}.Application.Tests/
 COPY ./src/Tests/${PROJECT_NAME}.Domain.Tests/${PROJECT_NAME}.Domain.Tests.csproj                   ./src/Tests/${PROJECT_NAME}.Domain.Tests/
+COPY ./src/Tests/${PROJECT_NAME}.Frontend.Tests/${PROJECT_NAME}.Frontend.Tests.csproj                   ./src/Tests/${PROJECT_NAME}.Frontend.Tests/
 COPY ./src/Tests/${PROJECT_NAME}.Tests.Common/${PROJECT_NAME}.Tests.Common.csproj                   ./src/Tests/${PROJECT_NAME}.Tests.Common/
 
 # Mount GitHub Token as a Docker secret so that NuGet Feed can be accessed

diff --git a/...nce.Infrastructure/Dfe.RegionalImprovementForStandardsAndExcellence.Infrastructure.csproj b/...nce.Infrastructure/Dfe.RegionalImprovementForStandardsAndExcellence.Infrastructure.csproj
@@ -13,6 +13,7 @@
     </PackageReference>
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.10" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.10" />
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks.EntityFrameworkCore" Version="8.0.8" />
     <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="8.0.0" />
     <PackageReference Include="Microsoft.Identity.Web" Version="3.3.1" />
   </ItemGroup>

diff --git a/...mentForStandardsAndExcellence.Infrastructure/InfrastructureServiceCollectionExtensions.cs b/...mentForStandardsAndExcellence.Infrastructure/InfrastructureServiceCollectionExtensions.cs
@@ -31,7 +31,15 @@ public static IServiceCollection AddInfrastructureDependencyGroup(
             // Utils
             services.AddScoped<IDateTimeProvider, DateTimeProvider>();
 
+            // Health check
+            AddInfrastructureHealthCheck(services);
+
             return services;
         }
+
+        public static void AddInfrastructureHealthCheck(this IServiceCollection services) {
+            services.AddHealthChecks()
+                .AddDbContextCheck<RegionalImprovementForStandardsAndExcellenceContext>("RISE Database");
+        }
     }
 }
diff --git a/src/Dfe.RegionalImprovementForStandardsAndExcellence/Program.cs b/src/Dfe.RegionalImprovementForStandardsAndExcellence/Program.cs
@@ -1,18 +1,15 @@
-
 using Microsoft.AspNetCore.CookiePolicy;
-
 using Dfe.Academisation.CorrelationIdMiddleware;
 using Dfe.RegionalImprovementForStandardsAndExcellence.Frontend.Models;
 using Dfe.RegionalImprovementForStandardsAndExcellence.Frontend.Services;
 using Dfe.RegionalImprovementForStandardsAndExcellence.Frontend.Services.AzureAd;
 using Dfe.RegionalImprovementForStandardsAndExcellence.Frontend.Services.Http;
 using Microsoft.Identity.Web;
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.Extensions.Configuration;
 using System.Security.Claims;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.HttpOverrides;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -74,11 +71,20 @@
         options.Scope.Add("User.Read");
     });
 
+// Enforce HTTPS in ASP.NET Core
+// @link https://learn.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?
+builder.Services.AddHsts(options =>
+{
+    options.Preload = true;
+    options.IncludeSubDomains = true;
+    options.MaxAge = TimeSpan.FromDays(365);
+});
+
 builder.Services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme,
    options =>
    {
        options.AccessDeniedPath = "/access-denied";
-       options.Cookie.Name = ".Rise.Login";
+       options.Cookie.Name = ".RISE.Login";
        options.Cookie.HttpOnly = true;
        options.Cookie.IsEssential = true;
        options.ExpireTimeSpan = _authenticationExpiration;
@@ -118,12 +124,23 @@
 
 var app = builder.Build();
 
+var forwardOptions = new ForwardedHeadersOptions
+{
+    ForwardedHeaders = ForwardedHeaders.All,
+    RequireHeaderSymmetry = false
+};
+forwardOptions.KnownNetworks.Clear();
+forwardOptions.KnownProxies.Clear();
+app.UseForwardedHeaders(forwardOptions);
+
 // Configure the HTTP request pipeline.
 if (!app.Environment.IsDevelopment())
 {
     app.UseExceptionHandler("/Error");
     // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
     app.UseHsts();
+} else {
+    app.UseDeveloperExceptionPage();
 }
 
 app.UseHttpsRedirection();
@@ -146,6 +163,8 @@
     endpoints.MapControllerRoute("default", "{controller}/{action}/");
 });
 
+app.UseHealthChecks("/health");
+
 app.Run();
 
-public partial class Program { } // Make the Program class partial for testing
+public partial class Program { } // Make the Program class partial for testing