sfe: Export emails to mailing list at submission time (#8378)

Export the requester's email address at submission time if they've
indicated the "Yes, email me more information" option in the the
Fundraising field.

Author: beautifulentropy

cmd/sfe/main.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/letsencrypt/boulder/cmd"
 	"github.com/letsencrypt/boulder/config"
+	emailpb "github.com/letsencrypt/boulder/email/proto"
 	"github.com/letsencrypt/boulder/features"
 	bgrpc "github.com/letsencrypt/boulder/grpc"
 	rapb "github.com/letsencrypt/boulder/ra/proto"
@@ -40,8 +41,9 @@ type Config struct {
 
 		TLS cmd.TLSConfig
 
-		RAService *cmd.GRPCClientConfig
-		SAService *cmd.GRPCClientConfig
+		RAService     *cmd.GRPCClientConfig
+		SAService     *cmd.GRPCClientConfig
+		EmailExporter *cmd.GRPCClientConfig
 
 		// UnpauseHMACKey validates incoming JWT signatures at the unpause
 		// endpoint. This key must be the same as the one configured for all
@@ -131,6 +133,13 @@ func main() {
 	cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
 	sac := sapb.NewStorageAuthorityReadOnlyClient(saConn)
 
+	var eec emailpb.ExporterClient
+	if c.SFE.EmailExporter != nil {
+		emailExporterConn, err := bgrpc.ClientSetup(c.SFE.EmailExporter, tlsConfig, stats, clk)
+		cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to email-exporter")
+		eec = emailpb.NewExporterClient(emailExporterConn)
+	}
+
 	var zendeskClient *zendesk.Client
 	if c.SFE.Zendesk != nil {
 		zendeskToken, err := c.SFE.Zendesk.Token.Pass()
@@ -176,6 +185,7 @@ func main() {
 		c.SFE.Timeout.Duration,
 		rac,
 		sac,
+		eec,
 		unpauseHMACKey,
 		zendeskClient,
 		limiter,

sfe/overrides.go

@@ -11,6 +11,7 @@ import (
 	"strconv"
 	"strings"
 
+	emailpb "github.com/letsencrypt/boulder/email/proto"
 	berrors "github.com/letsencrypt/boulder/errors"
 	"github.com/letsencrypt/boulder/iana"
 	"github.com/letsencrypt/boulder/policy"
@@ -88,9 +89,11 @@ var (
 	// the CertificatesPerDomainPerAccount rate limit override requests.
 	certificatesPerDomainPerAccountTierOptions = []string{"300", "1000", "5000", "10000", "25000", "50000", "75000", "100000", "175000", "250000", "500000", "1000000", "1750000", "2500000"}
 
+	fundraisingYesOption = "Yes, email me more information."
+
 	// FundraisingOptions is the list of options for the fundraising field.
 	FundraisingOptions = []string{
-		"Yes, email me more information.",
+		fundraisingYesOption,
 		"No, not at this time.",
 	}
 
@@ -754,8 +757,12 @@ func (sfe *SelfServiceFrontEndImpl) submitOverrideRequestHandler(w http.Response
 		return
 	}
 
-	// TODO(#8363): If MailingListFieldName value is true, dispatch a request to
-	// the Salesforce Pardot email exporter.
+	if sfe.ee != nil && baseFields[fundraisingFieldName] == fundraisingYesOption {
+		_, err := sfe.ee.SendContacts(r.Context(), &emailpb.SendContactsRequest{Emails: []string{baseFields[emailAddressFieldName]}})
+		if err != nil {
+			sfe.log.Errf("failed to send contact to email service: %s", err)
+		}
+	}
 
 	// TODO(#8362): If FundraisingFieldName value is true, use the Salesforce
 	// API to create a new Lead record with the provided information.

sfe/overrides_test.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/letsencrypt/boulder/mocks"
 	rl "github.com/letsencrypt/boulder/ratelimits"
 	"github.com/letsencrypt/boulder/sfe/zendesk"
 	"github.com/letsencrypt/boulder/test/zendeskfake"
@@ -143,6 +144,8 @@ func TestSubmitOverrideRequestHandlerErrors(t *testing.T) {
 	sfe.templatePages = minimalTemplates(t)
 	client := createFakeZendeskClientServer(t)
 	sfe.zendeskClient = client
+	mockPardotClient, mockImpl := mocks.NewMockPardotClientImpl()
+	sfe.ee = mocks.NewMockExporterImpl(mockPardotClient)
 
 	// Submit valid JSON with no rateLimit field.
 	rec := httptest.NewRecorder()
@@ -177,6 +180,9 @@ func TestSubmitOverrideRequestHandlerErrors(t *testing.T) {
 	if rec.Code != http.StatusBadRequest {
 		t.Errorf("Both domain and IP: status=%d; expect 400", rec.Code)
 	}
+	if len(mockImpl.GetCreatedContacts()) != 0 {
+		t.Errorf("PardotClient.SendContact called unexpectedly")
+	}
 }
 
 func TestSubmitOverrideRequestHandlerSuccess(t *testing.T) {
@@ -269,6 +275,9 @@ func TestSubmitOverrideRequestHandlerSuccess(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
+			mockPardotClient, mockImpl := mocks.NewMockPardotClientImpl()
+			sfe.ee = mocks.NewMockExporterImpl(mockPardotClient)
+
 			iterationBase := map[string]string{}
 			maps.Copy(iterationBase, testBase)
 			maps.Copy(iterationBase, tt.fields)
@@ -309,6 +318,9 @@ func TestSubmitOverrideRequestHandlerSuccess(t *testing.T) {
 				}
 				break
 			}
+			if len(mockImpl.GetCreatedContacts()) != 1 {
+				t.Errorf("PardotClient.SendContact not called exactly once")
+			}
 		})
 	}
 }

sfe/sfe.go

@@ -18,6 +18,7 @@ import (
 	"go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp"
 
 	"github.com/letsencrypt/boulder/core"
+	emailpb "github.com/letsencrypt/boulder/email/proto"
 	blog "github.com/letsencrypt/boulder/log"
 	"github.com/letsencrypt/boulder/metrics/measured_http"
 	rapb "github.com/letsencrypt/boulder/ra/proto"
@@ -55,6 +56,7 @@ var (
 type SelfServiceFrontEndImpl struct {
 	ra rapb.RegistrationAuthorityClient
 	sa sapb.StorageAuthorityReadOnlyClient
+	ee emailpb.ExporterClient
 
 	log blog.Logger
 	clk clock.Clock
@@ -80,6 +82,7 @@ func NewSelfServiceFrontEndImpl(
 	requestTimeout time.Duration,
 	rac rapb.RegistrationAuthorityClient,
 	sac sapb.StorageAuthorityReadOnlyClient,
+	eec emailpb.ExporterClient,
 	unpauseHMACKey []byte,
 	zendeskClient *zendesk.Client,
 	limiter *rl.Limiter,
@@ -100,6 +103,7 @@ func NewSelfServiceFrontEndImpl(
 		requestTimeout: requestTimeout,
 		ra:             rac,
 		sa:             sac,
+		ee:             eec,
 		unpauseHMACKey: unpauseHMACKey,
 		zendeskClient:  zendeskClient,
 		templatePages:  tmplPages,

sfe/sfe_test.go

@@ -64,6 +64,7 @@ func setupSFE(t *testing.T) (SelfServiceFrontEndImpl, clock.FakeClock) {
 		10*time.Second,
 		&MockRegistrationAuthority{},
 		mockSA,
+		nil,
 		key,
 		nil,
 		limiter,