This is the authenticator repository for funding service design microservices. This service provides an API and associated model implementation required for authentication of frontend, assessment and other FSD services.
This service depends on:
- A redis instance for storing magic links
- fund-store
- account-store
- notification
If you want an overview of how this service functions including architecture and features there's a fuller description in the /docs/README here.
This repo uses pybable for translation. Useful commands contained in tasks.py, more detail available here
Details on how our pipelines work and the release process is available here
Paketo is used to build the docker image which gets deployed to our test and production environments. Details available here
For Authenticator,
envs needs to include values for each of:
AUTHENTICATOR_HOSTACCOUNT_STORE_API_HOSTAPPLICANT_FRONTEND_HOSTASSESSMENT_FRONTEND_HOSTFUND_STORE_API_HOSTRSA256_PUBLIC_KEY_BASE64RSA256_PRIVATE_KEY_BASE64AZURE_AD_CLIENT_IDAZURE_AD_CLIENT_SECRETAZURE_AD_TENANT_IDSECRET_KEYCOOKIE_DOMAINSENTRY_DSNGITHUB_SHAALLOW_ASSESSMENT_LOGIN_VIA_MAGIC_LINKPOST_AWARD_FRONTEND_HOST
Copilot is used for infrastructure deployment. Instructions are available here, with the following values for the authenticator:
- service-name: fsd-authenticator
- image-name: funding-service-design-authenticator
Authenticator has a different set of requirements for PR reviewers, as it is relied upon by multiple services (pre-award and post-award). It requires a minimum of 2 reviewers to approve a PR before merge, and will auto-request a review from the following 2 teams when a PR is raised:
- fsd-post-award-deployers
- fsd-pre-award-deployers These teams are configured in the CODEOWNERS file. Github cannot enforce the 2 reviews coming from 2 different teams, so please make sure you have 2 appropriate reviews before merging.