Add connect-src for snowplower, fix main docker

bcgov · May 1, 2024 · d354fb3 · d354fb3
1 parent 878c4cc
commit d354fb3
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 7 deletions.
diff --git a/alcs-frontend/Dockerfile b/alcs-frontend/Dockerfile
@@ -5,14 +5,16 @@ FROM node:20-alpine AS build
 WORKDIR /app
 
 # Copy package.json file
-COPY package.json .
+COPY package.json package-lock.json ./
 
 # Install dependencies
-RUN npm install
+RUN npm ci
 
 # Copy the source code to the /app directory
 COPY . .
 
+ENV NODE_OPTIONS="--max-old-space-size=2048"
+
 # Build the application
 RUN npm run build --  --output-path=dist --output-hashing=all
 

diff --git a/portal-frontend/Dockerfile b/portal-frontend/Dockerfile
@@ -13,6 +13,8 @@ RUN npm ci
 # Copy the source code to the /app directory
 COPY . .
 
+ENV NODE_OPTIONS="--max-old-space-size=2048"
+
 # Build the application
 RUN npm run build --  --output-path=dist --output-hashing=all
 

diff --git a/portal-frontend/nginx.conf b/portal-frontend/nginx.conf
@@ -19,7 +19,7 @@ http {
         add_header 'X-XSS-Protection' '1; mode=block';
         add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload';
         add_header 'Cache-control' 'no-cache';
-        add_header 'Content-Security-Policy' "default-src 'self'; img-src 'self'; style-src 'unsafe-inline' 'self'; connect-src $ENABLED_CONNECT_SRC; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src https://nrs.objectstore.gov.bc.ca; frame-src https://nrs.objectstore.gov.bc.ca; script-src 'self' https://www2.gov.bc.ca sha256-evje5KswYvntfuZqc5jmvUSANhIntI7Or6vVnjxGGQE=;";
+        add_header 'Content-Security-Policy' "default-src 'self'; img-src 'self'; style-src 'unsafe-inline' 'self'; connect-src $ENABLED_CONNECT_SRC https://spm.apps.gov.bc.ca; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src https://nrs.objectstore.gov.bc.ca; frame-src https://nrs.objectstore.gov.bc.ca; script-src 'self' https://www2.gov.bc.ca 'sha256-evje5KswYvntfuZqc5jmvUSANhIntI7Or6vVnjxGGQE=';";
         add_header 'Permissions-Policy' 'camera=(), geolocation=(), microphone=()';
         add_header 'Referrer-Policy' 'same-origin';
 

diff --git a/services/config/default.json b/services/config/default.json
@@ -32,7 +32,9 @@
     "AUTH_SERVER": "test.loginproxy.gov.bc.ca",
     "AUTH_SERVER_URL": "https://test.loginproxy.gov.bc.ca/auth",
     "AUTH_TOKEN_URL": "https://test.loginproxy.gov.bc.ca/auth/realms/standard/protocol/openid-connect/token",
-    "SCOPES": ["openid"],
+    "SCOPES": [
+      "openid"
+    ],
     "REALM": "standard"
   },
   "SITEMINDER": {
@@ -61,12 +63,14 @@
     "MAX_FILE_SIZE": 104857600
   },
   "REDIS": {
-    "HOST": "localhost",
+    "HOST": "redis",
     "PORT": "6379",
-    "PASSWORD": ""
+    "PASSWORD": "redis"
   },
   "EMAIL": {
-    "DEFAULT_ADMINS": [""]
+    "DEFAULT_ADMINS": [
+      ""
+    ]
   },
   "GRPC": {
     "BIND_URL": "localhost:50057",