Try splitting out the postfix/email service into its own container

[mcritchlow]

Descriptive summary

320 added support for postfix by embedding it in the Dockerfile for the app. More ideally, we would have a separate container with the responsibility of sending email. Leaving the application container to run the app itself.

So, let's see if this is possible.

Rationale

Separation of concerns, 1 service per container

[mcritchlow]

In addition to building our own solution, I've found a few dedicated projects for running postfix in an alpine container:

• https://github.com/smpio/postfix-docker (tested w/ our project and works)
• https://github.com/bokysan/docker-postfix (test w/ our project and works, looks a bit more robust and uses environment variables, which would definitely be better)

[mcritchlow]

At the moment, after confirming that bokysan/docker-postfix works, I'm tempted to say we should use that as our solution. That said, I think we might consider forking if we want to make some modification such as pinning the version of Alpine (which i think we'd want to).

[mcritchlow]

We should define a k8s networking policy for this container in the pod:

https://kubernetes.io/docs/concepts/services-networking/network-policies/

such that, only the application container is allowed to ingress to the postfix container

[VivianChu]

It looks like a good solution.

[mcritchlow]

Fixed in #318 , with the caveat that we're waiting on a merged PR upstream to fix the version of alpine.