From cb5808cd593747abbd464b3d199612f13efa9337 Mon Sep 17 00:00:00 2001 From: ThrawnCA Date: Tue, 19 Jul 2022 09:28:51 +1000 Subject: [PATCH 1/2] [QOL-9113] update S3 Filestore to fix type sniffing for Office docs --- vars/shared-CKANTest.var.yml | 2 +- vars/shared-OpenData.var.yml | 2 +- vars/shared-Publications.var.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/shared-CKANTest.var.yml b/vars/shared-CKANTest.var.yml index 398a0df5..db103142 100644 --- a/vars/shared-CKANTest.var.yml +++ b/vars/shared-CKANTest.var.yml @@ -31,7 +31,7 @@ extensions: description: "CKAN Extension to keep uploaded files in S3" type: "git" url: "https://github.com/qld-gov-au/ckanext-s3filestore.git" - version: "0.7.7-qgov" + version: "0.7.7-qgov.2" CKANExtSSMConfig: &CKANExtSSMConfig name: "ckanext-ssm-config-{{ Environment }}" diff --git a/vars/shared-OpenData.var.yml b/vars/shared-OpenData.var.yml index 13ac4f5f..a6b4c810 100644 --- a/vars/shared-OpenData.var.yml +++ b/vars/shared-OpenData.var.yml @@ -31,7 +31,7 @@ extensions: description: "CKAN Extension to keep uploaded files in S3" type: "git" url: "https://github.com/qld-gov-au/ckanext-s3filestore.git" - version: "0.7.7-qgov" + version: "0.7.7-qgov.2" CKANExtSSMConfig: &CKANExtSSMConfig name: "ckanext-ssm-config-{{ Environment }}" diff --git a/vars/shared-Publications.var.yml b/vars/shared-Publications.var.yml index f8ebb217..f83daa5e 100644 --- a/vars/shared-Publications.var.yml +++ b/vars/shared-Publications.var.yml @@ -22,7 +22,7 @@ extensions: description: "CKAN Extension to keep uploaded files in S3" type: "git" url: "https://github.com/qld-gov-au/ckanext-s3filestore.git" - version: "0.7.7-qgov" + version: "0.7.7-qgov.2" CKANExtSSMConfig: &CKANExtSSMConfig name: "ckanext-ssm-config-{{ Environment }}" From 89e87c18532e4421e4b944a606f8994e497e8808 Mon Sep 17 00:00:00 2001 From: william dutton Date: Wed, 20 Jul 2022 12:04:17 +1000 Subject: [PATCH 2/2] QOL-9116 add squiz sso pass through --- templates/cloudfront.cfn.yml.j2 | 66 +++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/templates/cloudfront.cfn.yml.j2 b/templates/cloudfront.cfn.yml.j2 index bea1b2d6..c65a7b9c 100644 --- a/templates/cloudfront.cfn.yml.j2 +++ b/templates/cloudfront.cfn.yml.j2 @@ -665,6 +665,72 @@ Resources: LambdaFunctionAssociations: - EventType: 'viewer-request' LambdaFunctionARN: !Ref LambdaAtEdgeViewerRequestVersion + - PathPattern: /logout* #SSO + TargetOriginId: 'CmsOrigin' + AllowedMethods: + - GET + - HEAD + - OPTIONS + - PUT + - PATCH + - POST + - DELETE + Compress: true + DefaultTTL: 0 + MaxTTL: 0 + MinTTL: 0 + ForwardedValues: + Cookies: + Forward: all + QueryString: true + Headers: + - "Accept" + - "Accept-Charset" + - "Accept-Datetime" + - "Accept-Encoding" + - "Accept-Language" + - "Authorization" + - "Origin" + - "Accept" + - "Host" + - "Referer" + ViewerProtocolPolicy: redirect-to-https + LambdaFunctionAssociations: + - EventType: 'viewer-request' + LambdaFunctionARN: !Ref LambdaAtEdgeViewerRequestVersion + - PathPattern: /oauth-account-manager* #SSO + TargetOriginId: 'CmsOrigin' + AllowedMethods: + - GET + - HEAD + - OPTIONS + - PUT + - PATCH + - POST + - DELETE + Compress: true + DefaultTTL: 0 + MaxTTL: 0 + MinTTL: 0 + ForwardedValues: + Cookies: + Forward: all + QueryString: true + Headers: + - "Accept" + - "Accept-Charset" + - "Accept-Datetime" + - "Accept-Encoding" + - "Accept-Language" + - "Authorization" + - "Origin" + - "Accept" + - "Host" + - "Referer" + ViewerProtocolPolicy: redirect-to-https + LambdaFunctionAssociations: + - EventType: 'viewer-request' + LambdaFunctionARN: !Ref LambdaAtEdgeViewerRequestVersion {% endif %} - PathPattern: !Sub "/${AttachmentBucketName}/*" # S3 uploaded files