From fd4ec6da19ab0550a0894eb593a42c914c262426 Mon Sep 17 00:00:00 2001 From: Peter Lieverdink Date: Mon, 30 Oct 2023 13:00:06 +1100 Subject: [PATCH 1/3] feat: Use the Amazon SES API to send mail, for speed and reliability. SESv2 API calls allow us to send multiple identical emails without using BCC and the API calls are much quicker than routing SMTP via a third party app. It also allow us to use role based authentication on the server, so removes the need to rotate credentials every 90 days. All included settings are defaults, which maintain php mail() for dev environments. Production settings should be injected via Ansible and not read from the site git repo. Refs: OPS-9523 --- composer.json | 2 + composer.lock | 400 ++++++++++++++++++++++++++++- config/amazon_ses.settings.yml | 3 + config/aws.profile.amazon_ses.yml | 12 + config/mailsystem.settings.yml | 6 + config_dev/mailsystem.settings.yml | 6 + 6 files changed, 428 insertions(+), 1 deletion(-) create mode 100644 config/amazon_ses.settings.yml create mode 100644 config/aws.profile.amazon_ses.yml create mode 100644 config/mailsystem.settings.yml create mode 100644 config_dev/mailsystem.settings.yml diff --git a/composer.json b/composer.json index 5efe86f..a13ef85 100644 --- a/composer.json +++ b/composer.json @@ -25,6 +25,7 @@ "cweagans/composer-patches": "^1.7", "drupal/admin_denied": "^2.0", "drupal/allowed_formats": "^3.0", + "drupal/amazon_ses": "^3.0", "drupal/components": "^3.0@beta", "drupal/config_filter": "^2.4", "drupal/config_split": "^2.0@rc", @@ -38,6 +39,7 @@ "drupal/imageapi_optimize_webp": "^2.0", "drupal/imagemagick": "^3.4", "drupal/layout_paragraphs": "^2.0", + "drupal/mailsystem": "^4.4", "drupal/maintenance200": "^1.1", "drupal/memcache": "^2.5", "drupal/metatag": "^2.0", diff --git a/composer.lock b/composer.lock index 7360e0a..04008ea 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "180067b6e5343c1dab0ada59cfc04944", + "content-hash": "fcc6a86b9cc9b6dcb7a903faf0589adb", "packages": [ { "name": "asm89/stack-cors", @@ -62,6 +62,155 @@ }, "time": "2022-01-18T09:12:03+00:00" }, + { + "name": "aws/aws-crt-php", + "version": "v1.2.3", + "source": { + "type": "git", + "url": "https://github.com/awslabs/aws-crt-php.git", + "reference": "5545a4fa310aec39f54279fdacebcce33b3ff382" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/awslabs/aws-crt-php/zipball/5545a4fa310aec39f54279fdacebcce33b3ff382", + "reference": "5545a4fa310aec39f54279fdacebcce33b3ff382", + "shasum": "" + }, + "require": { + "php": ">=5.5" + }, + "require-dev": { + "phpunit/phpunit": "^4.8.35||^5.6.3||^9.5", + "yoast/phpunit-polyfills": "^1.0" + }, + "suggest": { + "ext-awscrt": "Make sure you install awscrt native extension to use any of the functionality." + }, + "type": "library", + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "AWS SDK Common Runtime Team", + "email": "aws-sdk-common-runtime@amazon.com" + } + ], + "description": "AWS Common Runtime for PHP", + "homepage": "https://github.com/awslabs/aws-crt-php", + "keywords": [ + "amazon", + "aws", + "crt", + "sdk" + ], + "support": { + "issues": "https://github.com/awslabs/aws-crt-php/issues", + "source": "https://github.com/awslabs/aws-crt-php/tree/v1.2.3" + }, + "time": "2023-10-16T20:10:06+00:00" + }, + { + "name": "aws/aws-sdk-php", + "version": "3.283.14", + "source": { + "type": "git", + "url": "https://github.com/aws/aws-sdk-php.git", + "reference": "331894cd4751a06a4e5b3e4e2918a9233c9568dc" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/331894cd4751a06a4e5b3e4e2918a9233c9568dc", + "reference": "331894cd4751a06a4e5b3e4e2918a9233c9568dc", + "shasum": "" + }, + "require": { + "aws/aws-crt-php": "^1.2.3", + "ext-json": "*", + "ext-pcre": "*", + "ext-simplexml": "*", + "guzzlehttp/guzzle": "^6.5.8 || ^7.4.5", + "guzzlehttp/promises": "^1.4.0 || ^2.0", + "guzzlehttp/psr7": "^1.9.1 || ^2.4.5", + "mtdowling/jmespath.php": "^2.6", + "php": ">=7.2.5", + "psr/http-message": "^1.0 || ^2.0" + }, + "require-dev": { + "andrewsville/php-token-reflection": "^1.4", + "aws/aws-php-sns-message-validator": "~1.0", + "behat/behat": "~3.0", + "composer/composer": "^1.10.22", + "dms/phpunit-arraysubset-asserts": "^0.4.0", + "doctrine/cache": "~1.4", + "ext-dom": "*", + "ext-openssl": "*", + "ext-pcntl": "*", + "ext-sockets": "*", + "nette/neon": "^2.3", + "paragonie/random_compat": ">= 2", + "phpunit/phpunit": "^5.6.3 || ^8.5 || ^9.5", + "psr/cache": "^1.0", + "psr/simple-cache": "^1.0", + "sebastian/comparator": "^1.2.3 || ^4.0", + "yoast/phpunit-polyfills": "^1.0" + }, + "suggest": { + "aws/aws-php-sns-message-validator": "To validate incoming SNS notifications", + "doctrine/cache": "To use the DoctrineCacheAdapter", + "ext-curl": "To send requests using cURL", + "ext-openssl": "Allows working with CloudFront private distributions and verifying received SNS messages", + "ext-sockets": "To use client-side monitoring" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "files": [ + "src/functions.php" + ], + "psr-4": { + "Aws\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Amazon Web Services", + "homepage": "http://aws.amazon.com" + } + ], + "description": "AWS SDK for PHP - Use Amazon Web Services in your PHP project", + "homepage": "http://aws.amazon.com/sdkforphp", + "keywords": [ + "amazon", + "aws", + "cloud", + "dynamodb", + "ec2", + "glacier", + "s3", + "sdk" + ], + "support": { + "forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80", + "issues": "https://github.com/aws/aws-sdk-php/issues", + "source": "https://github.com/aws/aws-sdk-php/tree/3.283.14" + }, + "time": "2023-10-27T18:06:59+00:00" + }, { "name": "behat/mink", "version": "v1.10.0", @@ -2276,6 +2425,125 @@ "issues": "https://www.drupal.org/project/issues/allowed_formats" } }, + { + "name": "drupal/amazon_ses", + "version": "3.0.1", + "source": { + "type": "git", + "url": "https://git.drupalcode.org/project/amazon_ses.git", + "reference": "3.0.1" + }, + "dist": { + "type": "zip", + "url": "https://ftp.drupal.org/files/projects/amazon_ses-3.0.1.zip", + "reference": "3.0.1", + "shasum": "2dbb10219056e21f0bb60d37df5b459caea635e2" + }, + "require": { + "aws/aws-sdk-php": "^3.54", + "drupal/aws": "^2.0", + "drupal/core": "^9.1 || ^10" + }, + "type": "drupal-module", + "extra": { + "drupal": { + "version": "3.0.1", + "datestamp": "1671308264", + "security-coverage": { + "status": "covered", + "message": "Covered by Drupal's security advisory policy" + } + } + }, + "notification-url": "https://packages.drupal.org/8/downloads", + "license": [ + "GPL-2.0+" + ], + "authors": [ + { + "name": "Ben Davis (davisben)", + "homepage": "https://www.drupal.org/u/davisben", + "role": "Maintainer" + }, + { + "name": "Ryan Palmer", + "homepage": "https://www.drupal.org/user/44161" + }, + { + "name": "tkuldeep17", + "homepage": "https://www.drupal.org/user/2498278" + } + ], + "description": "Allows site email to be sent using Amazon SES.", + "homepage": "http://drupal.org/project/amazon_ses", + "support": { + "source": "https://git.drupalcode.org/project/amazon_ses", + "issues": "http://drupal.org/project/issues/amazon_ses" + } + }, + { + "name": "drupal/aws", + "version": "2.0.3", + "source": { + "type": "git", + "url": "https://git.drupalcode.org/project/aws.git", + "reference": "2.0.3" + }, + "dist": { + "type": "zip", + "url": "https://ftp.drupal.org/files/projects/aws-2.0.3.zip", + "reference": "2.0.3", + "shasum": "683b5ed0698bb6c64db8a34b42fff2571807becc" + }, + "require": { + "aws/aws-sdk-php": "^3.54", + "drupal/core": "^9.2 || ^10" + }, + "type": "drupal-module", + "extra": { + "drupal": { + "version": "2.0.3", + "datestamp": "1671308573", + "security-coverage": { + "status": "covered", + "message": "Covered by Drupal's security advisory policy" + } + } + }, + "notification-url": "https://packages.drupal.org/8/downloads", + "license": [ + "GPL-2.0+" + ], + "authors": [ + { + "name": "Ben Davis (davisben)", + "homepage": "https://www.drupal.org/u/davisben", + "role": "Maintainer" + }, + { + "name": "dragonwize", + "homepage": "https://www.drupal.org/user/137882" + }, + { + "name": "mpriscella", + "homepage": "https://www.drupal.org/user/2354820" + }, + { + "name": "recidive", + "homepage": "https://www.drupal.org/user/12564" + }, + { + "name": "yas", + "homepage": "https://www.drupal.org/user/17536" + } + ], + "description": "Provides a unified AWS profile management system.", + "homepage": "http://drupal.org/project/aws", + "support": { + "source": "https://git.drupalcode.org/project/aws", + "issues": "https://drupal.org/project/issues/aws" + } + }, { "name": "drupal/coder", "version": "8.3.22", @@ -3529,6 +3797,70 @@ "issues": "https://www.drupal.org/project/issues/layout_paragraphs" } }, + { + "name": "drupal/mailsystem", + "version": "4.4.0", + "source": { + "type": "git", + "url": "https://git.drupalcode.org/project/mailsystem.git", + "reference": "8.x-4.4" + }, + "dist": { + "type": "zip", + "url": "https://ftp.drupal.org/files/projects/mailsystem-8.x-4.4.zip", + "reference": "8.x-4.4", + "shasum": "49b2e9efd090cdb4a282c7638b1c76d6723c47b6" + }, + "require": { + "drupal/core": "^9 || ^10" + }, + "type": "drupal-module", + "extra": { + "drupal": { + "version": "8.x-4.4", + "datestamp": "1657576306", + "security-coverage": { + "status": "covered", + "message": "Covered by Drupal's security advisory policy" + } + } + }, + "notification-url": "https://packages.drupal.org/8/downloads", + "license": [ + "GPL-2.0-or-later" + ], + "authors": [ + { + "name": "Berdir", + "homepage": "https://www.drupal.org/user/214652" + }, + { + "name": "Les Lim", + "homepage": "https://www.drupal.org/user/84263" + }, + { + "name": "Manuel Garcia", + "homepage": "https://www.drupal.org/user/213194" + }, + { + "name": "miro_dietiker", + "homepage": "https://www.drupal.org/user/227761" + }, + { + "name": "Nafes", + "homepage": "https://www.drupal.org/user/2489926" + }, + { + "name": "pillarsdotnet", + "homepage": "https://www.drupal.org/user/36148" + } + ], + "description": "Mail System", + "homepage": "https://www.drupal.org/project/mailsystem", + "support": { + "source": "https://git.drupalcode.org/project/mailsystem" + } + }, { "name": "drupal/maintenance200", "version": "1.1.0", @@ -5980,6 +6312,72 @@ }, "time": "2022-02-23T02:02:42+00:00" }, + { + "name": "mtdowling/jmespath.php", + "version": "2.7.0", + "source": { + "type": "git", + "url": "https://github.com/jmespath/jmespath.php.git", + "reference": "bbb69a935c2cbb0c03d7f481a238027430f6440b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/jmespath/jmespath.php/zipball/bbb69a935c2cbb0c03d7f481a238027430f6440b", + "reference": "bbb69a935c2cbb0c03d7f481a238027430f6440b", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "symfony/polyfill-mbstring": "^1.17" + }, + "require-dev": { + "composer/xdebug-handler": "^3.0.3", + "phpunit/phpunit": "^8.5.33" + }, + "bin": [ + "bin/jp.php" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.7-dev" + } + }, + "autoload": { + "files": [ + "src/JmesPath.php" + ], + "psr-4": { + "JmesPath\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + } + ], + "description": "Declaratively specify how to extract elements from a JSON document", + "keywords": [ + "json", + "jsonpath" + ], + "support": { + "issues": "https://github.com/jmespath/jmespath.php/issues", + "source": "https://github.com/jmespath/jmespath.php/tree/2.7.0" + }, + "time": "2023-08-25T10:54:48+00:00" + }, { "name": "myclabs/deep-copy", "version": "1.11.1", diff --git a/config/amazon_ses.settings.yml b/config/amazon_ses.settings.yml new file mode 100644 index 0000000..93a8e9f --- /dev/null +++ b/config/amazon_ses.settings.yml @@ -0,0 +1,3 @@ +from_address: starterkit@test.test +throttle: true +queue: false diff --git a/config/aws.profile.amazon_ses.yml b/config/aws.profile.amazon_ses.yml new file mode 100644 index 0000000..9a74922 --- /dev/null +++ b/config/aws.profile.amazon_ses.yml @@ -0,0 +1,12 @@ +uuid: 5e4ba0be-7f26-41ac-aa7d-b55feb6afce9 +langcode: en +status: true +dependencies: { } +id: amazon_ses +name: 'Amazon SES' +default: 1 +aws_role_arn: '' +aws_access_key_id: '' +aws_secret_access_key: '' +region: 'us-east-1' +encryption_profile: _none diff --git a/config/mailsystem.settings.yml b/config/mailsystem.settings.yml new file mode 100644 index 0000000..c5da4bb --- /dev/null +++ b/config/mailsystem.settings.yml @@ -0,0 +1,6 @@ +_core: + default_config_hash: IhwTepsVwtbtbcT5GzQKhCXDCRvbk3MNkWqPiuiZ10s +theme: current +defaults: + sender: amazon_ses_mail + formatter: amazon_ses_mail diff --git a/config_dev/mailsystem.settings.yml b/config_dev/mailsystem.settings.yml new file mode 100644 index 0000000..77640b6 --- /dev/null +++ b/config_dev/mailsystem.settings.yml @@ -0,0 +1,6 @@ +_core: + default_config_hash: IhwTepsVwtbtbcT5GzQKhCXDCRvbk3MNkWqPiuiZ10s +theme: current +defaults: + sender: php_mail + formatter: php_mail From 806f767ac4a5146271c9fc3b64cf3fc3792768bb Mon Sep 17 00:00:00 2001 From: Peter Lieverdink Date: Mon, 30 Oct 2023 13:09:17 +1100 Subject: [PATCH 2/3] fix: Fair enough, do enable the new modules so their config can be imported. --- config/core.extension.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config/core.extension.yml b/config/core.extension.yml index ec9a5c9..bd5e99c 100644 --- a/config/core.extension.yml +++ b/config/core.extension.yml @@ -3,6 +3,8 @@ _core: module: admin_denied: 0 allowed_formats: 0 + amazon_ses: 0 + aws: 0 block: 0 breakpoint: 0 ckeditor5: 0 @@ -37,6 +39,7 @@ module: layout_paragraphs: 0 link: 0 locale: 0 + mailsystem: 0 maintenance200: 0 media: 0 media_library: 0 From 3469925e38cdcfb1492a0f9df90417a3c0b225d8 Mon Sep 17 00:00:00 2001 From: Peter Lieverdink Date: Tue, 31 Oct 2023 09:31:44 +1100 Subject: [PATCH 3/3] fix: Default to using what we use now, which will work on dev and can be overridden on prod. --- config/mailsystem.settings.yml | 4 ++-- config_dev/mailsystem.settings.yml | 6 ------ 2 files changed, 2 insertions(+), 8 deletions(-) delete mode 100644 config_dev/mailsystem.settings.yml diff --git a/config/mailsystem.settings.yml b/config/mailsystem.settings.yml index c5da4bb..77640b6 100644 --- a/config/mailsystem.settings.yml +++ b/config/mailsystem.settings.yml @@ -2,5 +2,5 @@ _core: default_config_hash: IhwTepsVwtbtbcT5GzQKhCXDCRvbk3MNkWqPiuiZ10s theme: current defaults: - sender: amazon_ses_mail - formatter: amazon_ses_mail + sender: php_mail + formatter: php_mail diff --git a/config_dev/mailsystem.settings.yml b/config_dev/mailsystem.settings.yml deleted file mode 100644 index 77640b6..0000000 --- a/config_dev/mailsystem.settings.yml +++ /dev/null @@ -1,6 +0,0 @@ -_core: - default_config_hash: IhwTepsVwtbtbcT5GzQKhCXDCRvbk3MNkWqPiuiZ10s -theme: current -defaults: - sender: php_mail - formatter: php_mail