forked from HHS/TANF-app
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'develop' into 3243-promtail-pipeline
- Loading branch information
Showing
25 changed files
with
529 additions
and
197 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,17 +1,20 @@ | ||
| [secrets] | ||
| providers = git secrets --aws-provider | ||
| patterns = (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16} | ||
| patterns = (\"|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)(\"|')?\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9/\\+=]{40}(\"|')? | ||
| patterns = (\"|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?(\"|')?\\s*(:|=>|=)\\s*(\"|')?[0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4}(\"|')? | ||
| patterns = .+_KEY=.+ | ||
| allowed = [A-Z]+_KEY=..echo \".{S3_CREDENTIALS}\" [|] jq -r .+ | ||
| allowed = ./tdrs-backend/.env.example:.* | ||
| allowed = ./tdrs-backend/docker-compose.yml:57:.* | ||
| allowed = ./tdrs-backend/manifest.proxy.yml:* | ||
|
|
||
| allowed = ./tdrs-frontend/node_modules* | ||
| allowed = regexes.json:.* | ||
| allowed = ./scripts/copy-login-gov-keypair.sh:14:JWT_KEY=.* | ||
| allowed = scripts/deploy-backend.sh:.+:DJANGO_SECRET_KEY=..python -c .from secrets import token_urlsafe. print.token_urlsafe..* | ||
| allowed = .git/config:.* | ||
| allowed = .gitconfig:.* | ||
| allowed = .*DJANGO_SECRET_KEY=.* | ||
| allowed = .*DJANGO_SECRET_KEY=.* #this is auto-generated in deployed environments | ||
| allowed = ./tdrs-backend/manifest.proxy.yml:* | ||
| allowed = ./tdrs-backend/plg/loki/manifest.yml:* | ||
| patterns = (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16} | ||
| patterns = (\"|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)(\"|')?\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9/\\+=]{40}(\"|')? | ||
| patterns = (\"|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?(\"|')?\\s*(:|=>|=)\\s*(\"|')?[0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4}(\"|')? | ||
| patterns = .+_KEY=.+ | ||
| patterns = .+smtp_auth_password: .[^{]+ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| #!/bin/bash | ||
| set -e | ||
|
|
||
| zsh ./scripts/git-secrets-check.sh local |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| #!/bin/bash | ||
| set -e | ||
|
|
||
| task frontend-lint 2>/dev/null | ||
| if [ $? != "0" ]; then | ||
| echo "Frontend lint failed" | ||
| exit 1 | ||
| fi | ||
|
|
||
| task backend-lint 2>/dev/null | ||
| if [ $? != "0" ]; then | ||
| echo "Backend lint failed" | ||
| exit 1 | ||
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -115,3 +115,6 @@ cypress.env.json | |
|
|
||
| # DB seeds | ||
| tdrs-backend/*.pg | ||
|
|
||
| # Log files | ||
| *.log | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,6 +2,11 @@ version: '3' | |
|
|
||
| tasks: | ||
|
|
||
| gitcfg: | ||
| desc: Configure git | ||
| cmds: | ||
| - git config core.hooksPath .githooks | ||
|
|
||
| create-network: | ||
| desc: Create the external network | ||
| cmds: | ||
|
|
@@ -12,10 +17,10 @@ tasks: | |
| dir: tdrs-backend | ||
| cmds: | ||
| - task: create-network | ||
| - docker-compose -f docker-compose.yml up -d --build | ||
| - docker-compose -f docker-compose.yml exec web sh -c "python ./manage.py makemigrations" | ||
| - docker-compose -f docker-compose.yml exec web sh -c "python ./manage.py migrate" | ||
| - docker-compose -f docker-compose.yml down | ||
| - docker compose -f docker-compose.yml up -d --build | ||
| - docker compose -f docker-compose.yml exec web sh -c "python ./manage.py makemigrations" | ||
| - docker compose -f docker-compose.yml exec web sh -c "python ./manage.py migrate" | ||
| - docker compose -f docker-compose.yml down | ||
| - task: sentry-down | ||
|
|
||
| clone-sentry-repo: | ||
|
|
@@ -43,7 +48,7 @@ tasks: | |
| - docker cp .env sentry:/self-hosted/.env | ||
| - docker exec sentry bash -c "cd self-hosted && ./install.sh --skip-user-creation --no-report-self-hosted-issues" | ||
| # create a new user | ||
| - docker exec sentry bash -c "cd self-hosted && docker-compose run --rm web createuser --email [email protected] --password admin --superuser" | ||
| - docker exec sentry bash -c "cd self-hosted && docker compose run --rm web createuser --email [email protected] --password admin --superuser" | ||
| # copy backup.json file to sentry | ||
| - docker cp backup.json sentry:/self-hosted/sentry/backup.json | ||
| # restore backup | ||
|
|
@@ -58,73 +63,73 @@ tasks: | |
| desc: Start sentry service | ||
| dir: sentry | ||
| cmds: | ||
| - docker exec sentry bash -c "cd self-hosted && docker-compose up -d" | ||
| - docker exec sentry bash -c "cd self-hosted && docker compose up -d" | ||
|
|
||
| sentry-down: | ||
| desc: Stop sentry service | ||
| dir: sentry | ||
| cmds: | ||
| - docker exec sentry bash -c "cd self-hosted && docker-compose down" | ||
| - docker exec sentry bash -c "cd self-hosted && docker compose down" | ||
|
|
||
| drop-db: | ||
| desc: Drop the backend database | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml down | ||
| - docker compose -f docker-compose.yml down | ||
| - docker volume rm tdrs-backend_postgres_data | ||
|
|
||
| backend-up: | ||
| desc: Start backend web server | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml up -d | ||
| - docker compose -f docker-compose.yml up -d | ||
|
|
||
| backend-down: | ||
| desc: Stop backend web server | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml down | ||
| - docker compose -f docker-compose.yml down | ||
|
|
||
| backend-logs: | ||
| desc: Show and follow backend web server logs | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml logs -f | ||
| - docker compose -f docker-compose.yml logs -f | ||
|
|
||
| backend-restart: | ||
| desc: Restart backend web server | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml restart | ||
| - docker compose -f docker-compose.yml restart | ||
|
|
||
| backend-bash: | ||
| desc: Open a shell in the backend container | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml exec web sh | ||
| - docker compose -f docker-compose.yml exec web sh | ||
|
|
||
| backend-shell: | ||
| desc: Open a Django shell in the backend container | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml exec web sh -c "python ./manage.py shell" | ||
| - docker compose -f docker-compose.yml exec web sh -c "python ./manage.py shell" | ||
|
|
||
| backend-exec: | ||
| desc: Execute a command in the backend container | ||
| dir: tdrs-backend | ||
| vars: | ||
| CMD: '{{.CMD}}' | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml exec web sh -c "python manage.py {{.CMD}}" | ||
| - docker compose -f docker-compose.yml exec web sh -c "python manage.py {{.CMD}}" | ||
|
|
||
| backend-exec-seed-db: | ||
| desc: Execute seed_db command in the backend container | ||
| dir: tdrs-backend | ||
| vars: | ||
| CMD: '{{.CMD}}' | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml up -d | ||
| - docker-compose -f docker-compose.yml exec web sh -c "python manage.py populate_stts; python ./manage.py seed_db" | ||
| - docker compose -f docker-compose.yml up -d | ||
| - docker compose -f docker-compose.yml exec web sh -c "python manage.py populate_stts; python ./manage.py seed_db" | ||
|
|
||
| backend-pytest: | ||
| desc: 'Run pytest in the backend container E.g: task backend-pytest PYTEST_ARGS="tdpservice/test/ -s -vv"' | ||
|
|
@@ -133,37 +138,37 @@ tasks: | |
| PYTEST_ARGS: '{{.PYTEST_ARGS | default "."}}' | ||
| cmds: | ||
| - task backend-up | ||
| - docker-compose -f docker-compose.yml exec web sh -c "pytest {{.PYTEST_ARGS}}" | ||
| - docker compose -f docker-compose.yml exec web sh -c "pytest {{.PYTEST_ARGS}}" | ||
|
|
||
| backend-remove-volumes: | ||
| desc: Remove the backend volumes | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml down -v | ||
| - docker compose -f docker-compose.yml down -v | ||
|
|
||
| backend-lint: | ||
| desc: Run flake8 in the backend container | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - task backend-up | ||
| - docker-compose -f docker-compose.yml exec web sh -c "flake8 . && if [ $? -eq 0 ]; then echo 'Flake8 linter found no issues'; fi" | ||
| - docker compose -f docker-compose.yml exec -T web sh -c "flake8 . && if [ $? -eq 0 ]; then echo 'Flake8 linter found no issues'; fi" | ||
|
|
||
| backend-pip-lock: | ||
| #TODO: Add a task to lock the pip dependencies | ||
| desc: Lock the pip dependencies | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - task: backend-up | ||
| - docker-compose -f docker-compose.yml exec web sh -c "pipenv lock" | ||
| - docker compose -f docker-compose.yml exec web sh -c "pipenv lock" | ||
|
|
||
| psql: | ||
| desc: Open a psql shell in the backend container | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - task create-network || true | ||
| - docker-compose -f docker-compose.yml up -d postgres | ||
| - docker compose -f docker-compose.yml up -d postgres | ||
| - sleep 5 | ||
| - docker-compose -f docker-compose.yml exec postgres sh -c "psql -U tdpuser -d tdrs_test" | ||
| - docker compose -f docker-compose.yml exec postgres sh -c "psql -U tdpuser -d tdrs_test" | ||
|
|
||
| clean: | ||
| desc: Remove all containers, networks, and volumes | ||
|
|
@@ -177,25 +182,25 @@ tasks: | |
| desc: Start clamav service | ||
| dir: tdrs-backend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml up -d clamav-rest | ||
| - docker compose -f docker-compose.yml up -d clamav-rest | ||
|
|
||
| frontend-up: | ||
| desc: Start frontend web server | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml up -d | ||
| - docker compose -f docker-compose.yml up -d | ||
|
|
||
| frontend-down: | ||
| desc: Stop frontend web server | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml down | ||
| - docker compose -f docker-compose.yml down | ||
|
|
||
| frontend-restart: | ||
| desc: Restart frontend web server | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml restart | ||
| - docker compose -f docker-compose.yml restart | ||
|
|
||
| frontend-av: | ||
| desc: Start frontend with optional clamav service | ||
|
|
@@ -210,43 +215,43 @@ tasks: | |
| desc: Initialize the frontend project | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml up -d --build | ||
| - docker-compose -f docker-compose.yml exec tdp-frontend sh -c "apk add nodejs npm" | ||
| - docker-compose -f docker-compose.yml exec tdp-frontend sh -c "npm install" | ||
| - docker-compose -f docker-compose.yml down | ||
| - docker compose -f docker-compose.yml up -d --build | ||
| - docker compose -f docker-compose.yml exec tdp-frontend sh -c "apk add nodejs npm" | ||
| - docker compose -f docker-compose.yml exec tdp-frontend sh -c "npm install" | ||
| - docker compose -f docker-compose.yml down | ||
|
|
||
| frontend-test: | ||
| desc: Run frontend tests | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.local.yml up tdp-frontend-test -d | ||
| - docker-compose -f docker-compose.local.yml exec tdp-frontend-test sh -c "npm run test" | ||
| - docker compose -f docker-compose.local.yml up tdp-frontend-test -d | ||
| - docker compose -f docker-compose.local.yml exec tdp-frontend-test sh -c "npm run test" | ||
|
|
||
| frontend-test-cov: | ||
| desc: Run frontend tests with coverage | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.local.yml up tdp-frontend-test -d | ||
| - docker-compose -f docker-compose.local.yml exec tdp-frontend-test sh -c "npm run test:cov" | ||
| - docker compose -f docker-compose.local.yml up tdp-frontend-test -d | ||
| - docker compose -f docker-compose.local.yml exec tdp-frontend-test sh -c "npm run test:cov" | ||
|
|
||
| frontend-lint: | ||
| desc: Run eslint in the frontend container | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.local.yml up -d tdp-frontend-test --quiet-pull | ||
| - docker-compose -f docker-compose.yml exec tdp-frontend-test sh -c "npm run lint" | ||
| - docker compose -f docker-compose.local.yml up -d tdp-frontend-test --quiet-pull | ||
| - docker compose -f docker-compose.yml exec -T tdp-frontend-test sh -c "npm run lint" | ||
|
|
||
| frontend-logs: | ||
| desc: Show and follow frontend web server logs | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml logs -f | ||
| - docker compose -f docker-compose.yml logs -f | ||
|
|
||
| frontend-bash: | ||
| desc: Open a shell in the frontend container | ||
| dir: tdrs-frontend | ||
| cmds: | ||
| - docker-compose -f docker-compose.yml exec tdp-frontend bash | ||
| - docker compose -f docker-compose.yml exec tdp-frontend bash | ||
|
|
||
| up: | ||
| desc: Start both frontend and backend web servers | ||
|
|
||
Oops, something went wrong.