Skip to content

Commit

Permalink
Merge pull request #171 from Eastern-Research-Group/staging
Browse files Browse the repository at this point in the history 
Merging v1.0.0 from staging into main
  • Loading branch information
@coobr01
coobr01 authored Jan 19, 2024
2 parents 4efd424 + 55849fb commit 10b444a
Show file tree
Hide file tree
Showing 178 changed files with 109,976 additions and 92 deletions.
23 changes: 23 additions & 0 deletions .github/ISSUE_TEMPLATE/change-request.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
name: Change Request
about: Expert Query Default GitHub Issue Template
title: ''
labels: ''
assignees: ''

---

**Change Agent Contact Information**
Capture as much information about the submitter as possible {Name, email, telephone, submission date/time, etc.}.

**Is this an emergency change request?**
Yes/No

**Does the request impact the security posture of the application/system? Please note, if so, the application's Information System Security Officer (ISSO) will need to be consulted about the change.**
Yes/No

**Describe the change**
Provide a clear and concise description of the change. Include information about how to reproduce any issue(s) including any software version(s) and device make/model(s) used.

**Additional context**
Add other context or screenshots about the change request here.
263 changes: 263 additions & 0 deletions .github/workflows/dev.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,263 @@
# This is a basic workflow to help you get started with Actions

name: Dev Deploy

# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch branches: [ develop ]
push:
branches: [ develop ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
changes:
# The type of runner that the job will run on
runs-on: ubuntu-latest
environment: dev

outputs:
workflows: ${{ steps.filter.outputs.workflows }}
app: ${{ steps.filter.outputs.app }}
etl: ${{ steps.filter.outputs.etl }}

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
workflows:
- '.github/workflows/dev.yml'
app:
- 'app/**'
etl:
- 'etl/**'
app:
# Check if this folder has any changes
needs: changes
if: ${{
needs.changes.outputs.app == 'true' ||
needs.changes.outputs.workflows == 'true' }}

# The type of runner that the job will run on
runs-on: ubuntu-latest
environment: dev

# Set environment variables
env:
APP_NAME: expert-query-dev
CLOUD_SPACE: dev
CF_ORG: ${{ secrets.CF_ORG }}
CF_SPACE: ${{ secrets.CF_SPACE_DEV }}
CF_STACK: cflinuxfs4
CF_USER_DEV: ${{ secrets.CF_USER_DEV }}
CF_PASSWORD_DEV: ${{ secrets.CF_PASSWORD_DEV }}
CF_S3_PUB_ACCESS_KEY: ${{ secrets.CF_DEV_S3_PUB_ACCESS_KEY }}
CF_S3_PUB_BUCKET_ID: ${{ secrets.CF_DEV_S3_PUB_BUCKET_ID }}
CF_S3_PUB_REGION: ${{ secrets.CF_DEV_S3_PUB_REGION }}
CF_S3_PUB_SECRET_KEY: ${{ secrets.CF_DEV_S3_PUB_SECRET_KEY }}
CF_S3_PRIV_ACCESS_KEY: ${{ secrets.CF_DEV_S3_PRIV_ACCESS_KEY }}
CF_S3_PRIV_BUCKET_ID: ${{ secrets.CF_DEV_S3_PRIV_BUCKET_ID }}
CF_S3_PRIV_REGION: ${{ secrets.CF_DEV_S3_PRIV_REGION }}
CF_S3_PRIV_SECRET_KEY: ${{ secrets.CF_DEV_S3_PRIV_SECRET_KEY }}
DB_POOL_MAX: 20
DB_POOL_MIN: 5
DB_NAME: ${{ secrets.DB_NAME_DEV }}
DB_PASSWORD: ${{ secrets.EQ_PASSWORD_DEV }}
DB_USERNAME: ${{ secrets.EQ_USER_DEV }}
EQ_BASIC_USER_NAME: ${{ secrets.EQ_BASIC_USER_NAME }}
EQ_BASIC_USER_PWD: ${{ secrets.EQ_BASIC_USER_PWD }}
EQ_SECRET: ${{ secrets.EQ_SECRET_DEV }}
JSON_PAGE_SIZE: 1000
MAX_QUERY_SIZE: 1000000
MAX_VALUES_QUERY_SIZE: 100
SERVER_BASE_PATH: /expertquery
SERVER_URL: https://owapps-dev.app.cloud.gov/expertquery
STREAM_BATCH_SIZE: 2000
STREAM_HIGH_WATER_MARK: 10000

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3

# Set up node and npm
- uses: actions/setup-node@v3

# Run front-end processes (install, lint, test, bundle)
- name: Cache node modules
uses: actions/cache@v3
with:
path: ~/client/.npm
key: v1-npm-client-deps-${{ hashFiles('**/client/package-lock.json') }}
restore-keys: v1-npm-client-deps-

- name: Install front-end dependencies
run: |
npm install --legacy-peer-deps
npx gulp init
working-directory: app/client

- name: Build front-end files and move to server
run: |
PUBLIC_URL="$SERVER_URL" \
REACT_APP_SERVER_BASE_PATH="$SERVER_BASE_PATH" \
REACT_APP_CLOUD_SPACE="$CLOUD_SPACE" \
npm run build
cd build
cp -r * ../../server/app/public
rm -rf *
working-directory: app/client

# Run CloudFoundry/Cloud.gov deployment
- name: Set up Cloud Foundry CLI
run: |
curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github'
sudo dpkg -i cf-cli_amd64.deb
cf -v
cf api https://api.fr.cloud.gov
cf auth "$CF_USER_DEV" "$CF_PASSWORD_DEV"
cf target -o "$CF_ORG" -s "$CF_SPACE"
- name: Set application-level variables
run: |
cf set-env $APP_NAME "CF_S3_PUB_ACCESS_KEY" "$CF_S3_PUB_ACCESS_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_BUCKET_ID" "$CF_S3_PUB_BUCKET_ID" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_REGION" "$CF_S3_PUB_REGION" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_SECRET_KEY" "$CF_S3_PUB_SECRET_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_ACCESS_KEY" "$CF_S3_PRIV_ACCESS_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_BUCKET_ID" "$CF_S3_PRIV_BUCKET_ID" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_REGION" "$CF_S3_PRIV_REGION" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_SECRET_KEY" "$CF_S3_PRIV_SECRET_KEY" > /dev/null
cf set-env $APP_NAME "DB_POOL_MAX" "$DB_POOL_MAX" > /dev/null
cf set-env $APP_NAME "DB_POOL_MIN" "$DB_POOL_MIN" > /dev/null
cf set-env $APP_NAME "DB_NAME" "$DB_NAME" > /dev/null
cf set-env $APP_NAME "DB_PASSWORD" "$DB_PASSWORD" > /dev/null
cf set-env $APP_NAME "DB_USERNAME" "$DB_USERNAME" > /dev/null
cf set-env $APP_NAME "EQ_BASIC_USER_NAME" "$EQ_BASIC_USER_NAME" > /dev/null
cf set-env $APP_NAME "EQ_BASIC_USER_PWD" "$EQ_BASIC_USER_PWD" > /dev/null
cf set-env $APP_NAME "EQ_SECRET" "$EQ_SECRET" > /dev/null
cf set-env $APP_NAME "JSON_PAGE_SIZE" "$JSON_PAGE_SIZE" > /dev/null
cf set-env $APP_NAME "MAX_QUERY_SIZE" "$MAX_QUERY_SIZE" > /dev/null
cf set-env $APP_NAME "MAX_VALUES_QUERY_SIZE" "$MAX_VALUES_QUERY_SIZE" > /dev/null
cf set-env $APP_NAME "PUBLIC_URL" "$SERVER_URL" > /dev/null
cf set-env $APP_NAME "SERVER_BASE_PATH" "$SERVER_BASE_PATH" > /dev/null
cf set-env $APP_NAME "SERVER_URL" "$SERVER_URL" > /dev/null
cf set-env $APP_NAME "STREAM_BATCH_SIZE" "$STREAM_BATCH_SIZE" > /dev/null
cf set-env $APP_NAME "STREAM_HIGH_WATER_MARK" "$STREAM_HIGH_WATER_MARK" > /dev/null
cf set-env $APP_NAME "TZ" "America/New_York" > /dev/null
- name: Configure Public AWS Credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-access-key-id: ${{ env.CF_S3_PUB_ACCESS_KEY }}
aws-secret-access-key: ${{ env.CF_S3_PUB_SECRET_KEY }}
aws-region: ${{ env.CF_S3_PUB_REGION }}

# Sync static content to public S3 bucket
- name: Sync static content to S3
run: aws s3 sync . s3://$CF_S3_PUB_BUCKET_ID/content
working-directory: app/server/app/content

# Set CORS configuration for public S3 bucket
- name: Set public S3 CORS configuration
run: aws s3api put-bucket-cors --bucket $CF_S3_PUB_BUCKET_ID --cors-configuration file://s3CORS.json
working-directory: app/server/app/config

# Now that front-end is built in server/dist, only push server dir to Cloud.gov
- name: Deploy application to Cloud.gov
run: cf push $APP_NAME --strategy rolling -f ../manifest-dev.yml -p . -t 180 -s $CF_STACK
working-directory: app/server

etl:
# Check if this folder has any changes
needs: changes
if: ${{
needs.changes.outputs.etl == 'true' ||
needs.changes.outputs.workflows == 'true' }}

# The type of runner that the job will run on
runs-on: ubuntu-latest
environment: dev

# Set environment variables
env:
APP_NAME: expert-query-etl-dev
CF_ORG: ${{ secrets.CF_ORG }}
CF_SPACE: ${{ secrets.CF_SPACE_DEV }}
CF_STACK: cflinuxfs4
CF_USER_DEV: ${{ secrets.CF_USER_DEV }}
CF_PASSWORD_DEV: ${{ secrets.CF_PASSWORD_DEV }}
CF_S3_PUB_ACCESS_KEY: ${{ secrets.CF_DEV_S3_PUB_ACCESS_KEY }}
CF_S3_PUB_BUCKET_ID: ${{ secrets.CF_DEV_S3_PUB_BUCKET_ID }}
CF_S3_PUB_REGION: ${{ secrets.CF_DEV_S3_PUB_REGION }}
CF_S3_PUB_SECRET_KEY: ${{ secrets.CF_DEV_S3_PUB_SECRET_KEY }}
CF_S3_PRIV_ACCESS_KEY: ${{ secrets.CF_DEV_S3_PRIV_ACCESS_KEY }}
CF_S3_PRIV_BUCKET_ID: ${{ secrets.CF_DEV_S3_PRIV_BUCKET_ID }}
CF_S3_PRIV_REGION: ${{ secrets.CF_DEV_S3_PRIV_REGION }}
CF_S3_PRIV_SECRET_KEY: ${{ secrets.CF_DEV_S3_PRIV_SECRET_KEY }}
DB_NAME: ${{ secrets.DB_NAME_DEV }}
EQ_PASSWORD: ${{ secrets.EQ_PASSWORD_DEV }}
EQ_USERNAME: ${{ secrets.EQ_USER_DEV }}
GLOSSARY_AUTH: ${{ secrets.GLOSSARY_AUTH }}

steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3

# Set up node and npm
- uses: actions/setup-node@v3

# Run CloudFoundry/Cloud.gov deployment
- name: Set up Cloud Foundry CLI
run: |
curl -v -L -o cf-cli_amd64.deb 'https://cli.run.pivotal.io/stable?release=debian64&version=v7&source=github'
sudo dpkg -i cf-cli_amd64.deb
cf -v
cf api https://api.fr.cloud.gov
cf auth "$CF_USER_DEV" "$CF_PASSWORD_DEV"
cf target -o "$CF_ORG" -s "$CF_SPACE"
- name: Set application-level variables
run: |
cf set-env $APP_NAME "CF_S3_PUB_ACCESS_KEY" "$CF_S3_PUB_ACCESS_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_BUCKET_ID" "$CF_S3_PUB_BUCKET_ID" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_REGION" "$CF_S3_PUB_REGION" > /dev/null
cf set-env $APP_NAME "CF_S3_PUB_SECRET_KEY" "$CF_S3_PUB_SECRET_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_ACCESS_KEY" "$CF_S3_PRIV_ACCESS_KEY" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_BUCKET_ID" "$CF_S3_PRIV_BUCKET_ID" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_REGION" "$CF_S3_PRIV_REGION" > /dev/null
cf set-env $APP_NAME "CF_S3_PRIV_SECRET_KEY" "$CF_S3_PRIV_SECRET_KEY" > /dev/null
cf set-env $APP_NAME "DB_NAME" "$DB_NAME" > /dev/null
cf set-env $APP_NAME "EQ_USERNAME" "$EQ_USERNAME" > /dev/null
cf set-env $APP_NAME "EQ_PASSWORD" "$EQ_PASSWORD" > /dev/null
cf set-env $APP_NAME "GLOSSARY_AUTH" "$GLOSSARY_AUTH" > /dev/null
cf set-env $APP_NAME "TZ" "America/New_York" > /dev/null
- name: Configure Private AWS Credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-access-key-id: ${{ env.CF_S3_PRIV_ACCESS_KEY }}
aws-secret-access-key: ${{ env.CF_S3_PRIV_SECRET_KEY }}
aws-region: ${{ env.CF_S3_PRIV_REGION }}

# Sync private static content to private S3 bucket
- name: Sync private static content to S3
run: aws s3 sync . s3://$CF_S3_PRIV_BUCKET_ID/content-private
working-directory: etl/app/content-private

# Set CORS configuration for private S3 bucket
- name: Set private S3 CORS configuration
run: aws s3api put-bucket-cors --bucket $CF_S3_PRIV_BUCKET_ID --cors-configuration file://s3CORS.json
working-directory: etl/app/config

# Now that front-end is built in server/dist, only push server dir to Cloud.gov
- name: Deploy application to Cloud.gov
run: cf push $APP_NAME --strategy rolling -f manifest-dev.yml -p . -t 180 -s $CF_STACK
working-directory: etl
20 changes: 20 additions & 0 deletions .github/workflows/sonar.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: SonarCloud
on:
push:
branches:
- develop
pull_request:
types: [opened, synchronize, reopened]
jobs:
sonarcloud:
name: SonarCloud
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
Loading

0 comments on commit 10b444a

Please sign in to comment.