Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate to new email service #2321

Closed
2 of 7 tasks
adborden opened this issue Oct 22, 2020 · 5 comments
Closed
2 of 7 tasks

Migrate to new email service #2321

adborden opened this issue Oct 22, 2020 · 5 comments
Assignees
@mogul @FuhuXia
Labels
component/ssb
Milestone
Sprint 20210624

Comments

@adborden
Copy link
Contributor

adborden commented Oct 22, 2020
edited by mogul
Loading

User Story

In order to gain more reliability into delivery of Data.gov's harvest report emails, agency data managers want data.gov to move to a new email service compatible with cloud.gov and non-GSA domains.

Acceptance Criteria

  • GIVEN I run cf login -a api.fr.cloud.gov --sso and authenticate
    AND I run cf target -o gsa-datagov -s <development|staging|production>
    WHEN I run cf marketplace
    THEN I see an AWS SES service and plans listed
  • GIVEN I run cf login -a api.fr.cloud.gov --sso and authenticate
    AND I run cf target -o gsa-datagov -s <development|staging|production>
    WHEN I run cf create-service csb-aws-ses common datagov-ses -p
    THEN I see the instance is running
    AND I can cf bind-service <app-name> <instance-name>
    AND I can see SMTP credentials for the AWS SES instance in cf env <app-name>
    AND I can see a successful mail delivery when I use those credentials for sending mail.

Background

#507

This could happen via a PR to csb-brokerpak-aws, but we need to weigh that route's compliance impact vs other options, if any.

Security Considerations (required)

This will be a new brokered service provided by the SSB. We will need to extend our SSP content to include SES wherever we already reference Solr.

Sketch
@adborden adborden mentioned this issue Oct 26, 2020
Closed
@adborden
Copy link
Contributor Author

adborden commented Feb 8, 2021

Adding that for cloud.gov we need a new email service anyway. This would cover more than just harvesting.

@FuhuXia FuhuXia self-assigned this Mar 26, 2021
@mogul mogul mentioned this issue Mar 26, 2021
Closed
7 tasks
@adborden
Copy link
Contributor Author

Just a reminder, production DNS for data.gov is still managed by GSA so I don't think we'll be able to automate much DKIM or SPF with terraform.

@FuhuXia
Copy link
Member

FuhuXia commented Apr 15, 2021

Terraform part of this story is being addressed in this branch. https://github.com/FuhuXia/csb-brokerpak-aws/tree/aws-ses
The binding outputs include ses_smtp_server, ses_smtp_user, and ses_smtp_password.

ssb-dev.datagov.us is hard coded as a default domain, since that is the only domain I found available in the route53, no DKIM during the provisioning.

Next step will be releasing the brokerpak and trying it on cloud.gov.

@FuhuXia
Copy link
Member

FuhuXia commented May 10, 2021

PR GSA/csb-brokerpak-aws#16 created.

@mogul mogul self-assigned this May 12, 2021
@mogul
Copy link
Contributor

mogul commented May 13, 2021

I moved this back to In Progress until the .brokerpak is actually being deployed by the SSB.

@mogul mogul added this to the Sprint 20210624 milestone Jun 24, 2021
@mogul mogul closed this as completed Jun 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mogul mogul

@FuhuXia FuhuXia

Labels
component/ssb
Projects
None yet
Milestone
Sprint 20210624
Development

No branches or pull requests
3 participants
@mogul @adborden @FuhuXia