From b2aa8e0b5ba7082afbac73f7dd323914b8670ab4 Mon Sep 17 00:00:00 2001
From: romer8 <gio.busrom@gmail.com>
Date: Wed, 23 Oct 2024 12:03:16 -0600
Subject: [PATCH] update to CSRF_TRUSTED_ORIGINS env variable on helm and sls
 files

---
 charts/ciroh/ci/prod_aws_values.yaml   |  2 ++
 charts/ciroh/templates/deployment.yaml |  2 ++
 salt/config.sls                        | 15 ++++++++-------
 salt/mde.sls                           |  4 ++--
 4 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/charts/ciroh/ci/prod_aws_values.yaml b/charts/ciroh/ci/prod_aws_values.yaml
index c821273..7f503bb 100644
--- a/charts/ciroh/ci/prod_aws_values.yaml
+++ b/charts/ciroh/ci/prod_aws_values.yaml
@@ -131,6 +131,8 @@ tethys:
       configMap:
         name: 'cirohportal-prod-configmap'
   env:
+    PUBLIC_PORTAL_PROTOCOL:
+      value: 'https'
     TETHYS_DB_ENGINE:
       value: 'django.db.backends.postgresql'
     SKIP_DB_SETUP:
diff --git a/charts/ciroh/templates/deployment.yaml b/charts/ciroh/templates/deployment.yaml
index 386e1ea..e389f3b 100644
--- a/charts/ciroh/templates/deployment.yaml
+++ b/charts/ciroh/templates/deployment.yaml
@@ -40,6 +40,8 @@ spec:
             # Tethys settings defined outside the env
             - name: ALLOWED_HOSTS
               value: "\"[{{- range .Values.ingresses.external.hosts }}{{ .host }},{{- end }}]\""
+            - name: CSRF_TRUSTED_ORIGINS
+              value: "\"[{{- range $index, $host := .Values.ingresses.external.hosts }}{{ if $index }},{{ end }}{{ $.Values.tethys.env.PUBLIC_PORTAL_PROTOCOL.value }}://{{ $host.host }}{{- end }}]\""
             # redis values
             - name: CHANNEL_LAYERS_CONFIG 
               value: "\"{'hosts':[{'host':\ {{ .Values.redis.fullnameOverride }}-master,\ 'port':\ {{ .Values.redis.master.containerPorts.redis }}}]}\""
diff --git a/salt/config.sls b/salt/config.sls
index ce8a6f0..e776eca 100644
--- a/salt/config.sls
+++ b/salt/config.sls
@@ -7,9 +7,8 @@
 {% set CHANNEL_LAYERS_BACKEND = salt['environ.get']('CHANNEL_LAYERS_BACKEND') %}
 {% set CHANNEL_LAYERS_CONFIG = salt['environ.get']('CHANNEL_LAYERS_CONFIG') %}
 {% set PREFIX_URL = salt['environ.get']('PREFIX_URL') %}
-
-
 {% set ALLOWED_HOSTS = salt['environ.get']('ALLOWED_HOSTS') %}
+{% set CSRF_TRUSTED_ORIGINS = salt['environ.get']('CSRF_TRUSTED_ORIGINS') %}
 
 
 Pre_Apps_Settings:
@@ -24,33 +23,35 @@ Set_Tethys_Settings_For_Apps:
         tethys settings --set FILE_UPLOAD_MAX_MEMORY_SIZE {{ FILE_UPLOAD_MAX_MEMORY_SIZE }} &&
         tethys settings --set DATA_UPLOAD_MAX_MEMORY_SIZE {{ FILE_UPLOAD_MAX_MEMORY_SIZE }} &&
         tethys settings --set DATA_UPLOAD_MAX_NUMBER_FIELDS {{ FILE_UPLOAD_MAX_MEMORY_SIZE }}
-    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/init_apps_setup_complete" ];"
+    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/config_complete" ];"
 
 Set_White_Listed_Origins:
   cmd.run:
     - name: >
-        tethys settings --set CSRF_TRUSTED_ORIGINS {{ ALLOWED_HOSTS }}
+        tethys settings --set CSRF_TRUSTED_ORIGINS {{ CSRF_TRUSTED_ORIGINS }}
+    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/config_complete" ];"
 
 {% if PREFIX_URL %}
 Set_Prefix_URL_Tethys_Settings:
   cmd.run:
     - name: >
         tethys settings --set PREFIX_URL {{ PREFIX_URL }}
+    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/config_complete" ];"
 {% endif %}
 
 Sync_Apps:
   cmd.run:
     - name: tethys db sync
     - shell: /bin/bash
-    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/init_apps_setup_complete" ];"
+    - unless: /bin/bash -c "[ -f "{{ TETHYS_PERSIST }}/config_complete" ];"
 
 Sync_App_Persistent_Stores:
   cmd.run:
     - name: tethys syncstores all
     - shell: /bin/bash
-    - unless: /bin/bash -c "[ -f "${TETHYS_PERSIST}/init_apps_setup_complete" ];"
+    - unless: /bin/bash -c "[ -f "${TETHYS_PERSIST}/config_complete" ];"
 
 Flag_Complete_Setup:
   cmd.run:
-    - name: touch ${TETHYS_PERSIST}/init_apps_setup_complete
+    - name: touch ${TETHYS_PERSIST}/config_complete
     - shell: /bin/bash
diff --git a/salt/mde.sls b/salt/mde.sls
index 9d893c9..f60fb32 100644
--- a/salt/mde.sls
+++ b/salt/mde.sls
@@ -15,8 +15,8 @@ Link_Persistent_Stores_Database_MDE:
 Set_MDE_Settings:
   cmd.run:
     - name: > 
-        tethys app_settings set metdataexplorer disclaimer_header {{ MDE_CS_DISCLAIMER_HEADER }} &&
-        tethys app_settings set metdataexplorer disclaimer_message {{ MDE_CS_DISCLAIMER_MESSAGE }}
+        tethys app_settings set metdataexplorer disclaimer_header "{{ MDE_CS_DISCLAIMER_HEADER }}" &&
+        tethys app_settings set metdataexplorer disclaimer_message "{{ MDE_CS_DISCLAIMER_MESSAGE }}"
 
     - shell: /bin/bash
     - unless: /bin/bash -c "[ -f "${TETHYS_PERSIST}/mde_complete" ];"