rails_template_18f 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: daa50caac6d934e7a1d6611ac427068601ad836f81fab7b088aed2b47de3724b
-  data.tar.gz: 7dd5b479db57b51ce6eadbe53134605a346db5de2e4c490510a59c3ec56f644b
+  metadata.gz: f3b689fcfbc4d7ed1a476adc0b415ed0cbbfc24828937431820b5850db77e564
+  data.tar.gz: 5f95740853330bc904b23c67059a578b3f616cea6228c7c99a19d4eee5c26518
 SHA512:
-  metadata.gz: '08bba6304087afcfda8ac54101628312329963338a36ed488768bdfdc2a296a9b54140df951108eaa8cbc563d29cd35a461379e6039d17a4f910a50b60313890'
-  data.tar.gz: ad54e4be93ee88883503ed96f6a7ace02f00509d584b02e122b7fb66117a2baf6cd19f444f3f74f26c3209280be0204926e3ab2e8c217a1a59d600572b7f9abe
+  metadata.gz: 6c350c36aeddf44806c2ddbd36dbacd626f361890a9a648ec6e58e4dbeba5b60928ece499542bae318f7f7f644af52b55c7b9e9f6639291f7dd00c00229f5334
+  data.tar.gz: 75079b3718a90069ae1484b54b86dac37c89be836bd132afc8bd936fb0e1451aa85882a5fafa8a980f60094ce352fb933d7ae0179a557a9b6196d018d2a681c1

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 ## [Unreleased]
 
+## [0.2.0] - 2022-02-16
+
+- terraform generator
+- DAP generator
+- Newrelic generator
+
 ## [0.1.0] - 2022-02-14
 
 - Initial release

data/Gemfile

@@ -8,3 +8,5 @@ gemspec
 gem "rake", "~> 13.0"
 
 gem "colorize", "~> 0.8"
+
+gem "byebug"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rails_template_18f (0.1.0)
+    rails_template_18f (0.2.0)
       activesupport (~> 7.0.0)
       railties (~> 7.0.0)
 
@@ -32,6 +32,7 @@ GEM
       rspec-rails (>= 2.2)
     ast (2.4.2)
     builder (3.2.4)
+    byebug (11.1.3)
     colorize (0.8.1)
     concurrent-ruby (1.1.9)
     crass (1.0.6)
@@ -122,6 +123,7 @@ PLATFORMS
 
 DEPENDENCIES
   ammeter (~> 1.1)
+  byebug
   colorize (~> 0.8)
   rails_template_18f!
   rake (~> 13.0)

data/README.md

@@ -97,10 +97,10 @@ ActionCable is included to enable the [Turbo Streams](https://turbo.hotwired.dev
 1. Optionally create Github Actions workflows for testing and cloud.gov deploy
 1. Optionally create terraform modules supporting staging & production cloud.gov spaces
 1. Optionally create CircleCI workflows for testing and cloud.gov deploy
-1. Optionally create [Architecture Decision Records](https://adr.github.io/) for above setup
 1. Optionally create a New Relic config with FEDRAMP-specific host
 1. Optionally configure DAP (Digital Analytics Program)
 1. Optionally add base translation files and routes for Spanish, French, and Simplified Chinese (es.yml, fr.yml, and zh.yml)
+1. Create [Architecture Decision Records](https://adr.github.io/) for above setup
 1. Commit the resulting project with git (unless `--skip-git` is passed)
 
 ## Use for an existing Rails project
@@ -110,7 +110,7 @@ ActionCable is included to enable the [Turbo Streams](https://turbo.hotwired.dev
 Add this line to your application's Gemfile:
 
 ```ruby
-gem "rails-template-18f"
+gem "rails_template_18f", group: :development
 ```
 
 And then run:
@@ -119,7 +119,7 @@ And then run:
 
 Or install it yourself as:
 
-  $ gem install rails-template-18f
+  $ gem install rails_template_18f
 
 ### Usage
 
@@ -133,7 +133,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/rahearn/rails-template-18f. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/rahearn/rails-template-18f/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/18f/rails-template. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/18f/rails-template/blob/main/CODE_OF_CONDUCT.md).
 
 ## Code of Conduct
 

data/lib/generators/rails_template18f/circleci/circleci_generator.rb

@@ -1,20 +1,18 @@
 # frozen_string_literal: true
 
+require "rails/generators"
+
 module RailsTemplate18f
   module Generators
     class CircleciGenerator < ::Rails::Generators::Base
-      include ::Rails::Generators::AppName
-      include RailsTemplate18f::TerraformOptions
+      include Base
+      include PipelineOptions
 
       desc <<~DESC
         Description:
           Install CircleCI pipeline files
       DESC
 
-      def self.source_root
-        @source_root ||= File.expand_path(File.join(File.dirname(__FILE__), "templates"))
-      end
-
       def install_needed_gems
         gem "rspec_junit_formatter", "~> 0.5", group: :test
       end
@@ -27,10 +25,28 @@ module RailsTemplate18f
       end
 
       def update_readme
-        insert_into_file "README.md", readme_cicd, after: "## CI/CD\n"
-        insert_into_file "README.md", readme_staging_deploy, after: "#### Staging\n"
-        insert_into_file "README.md", readme_prod_deploy, after: "#### Production\n"
-        insert_into_file "README.md", readme_credentials, after: "#### Credentials and other Secrets\n"
+        if file_content("README.md").match?(/^## CI\/CD$/)
+          insert_into_file "README.md", readme_cicd, after: "## CI/CD\n"
+          insert_into_file "README.md", readme_staging_deploy, after: "#### Staging\n"
+          insert_into_file "README.md", readme_prod_deploy, after: "#### Production\n"
+          insert_into_file "README.md", readme_credentials, after: "#### Credentials and other Secrets\n"
+        else
+          append_to_file "README.md", <<~EOM
+            ## CI/CD
+            #{readme_cicd}
+
+            ### Deployment
+
+            #### Staging
+            #{readme_staging_deploy}
+
+            #### Production
+            #{readme_prod_deploy}
+
+            #### Credentials and other Secrets
+            #{readme_credentials}
+          EOM
+        end
       end
 
       def update_boundary_diagram

data/lib/generators/rails_template18f/dap/dap_generator.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+
+module RailsTemplate18f
+  module Generators
+    class DapGenerator < ::Rails::Generators::Base
+      include Base
+
+      class_option :agency_code, default: "GSA", desc: "Agency code to track DAP metrics"
+
+      desc <<~DESC
+        Description:
+          Install JS snippet for Digital Analytics Program (DAP)
+      DESC
+
+      def update_content_security_policy
+        csp_file = "config/initializers/content_security_policy.rb"
+        gsub_file csp_file, /(policy.img_src .*)$/, '\1, "https://www.google-analytics.com"'
+        gsub_file csp_file, /(policy.script_src .*)$/, '\1, "https://dap.digitalgov.gov", "https://www.google-analytics.com"'
+        if file_content(csp_file).match?(/policy.connect_src/)
+          gsub_file csp_file, /(policy.connect_src .*)$/, '\1, "https://dap.digitalgov.gov", "https://www.google-analytics.com"'
+        else
+          gsub_file csp_file, /((#?)(\s+)policy.script_src .*)$/, "\\1\n\\2\\3policy.connect_src :self, \"https://dap.digitalgov.gov\", \"https://www.google-analytics.com\""
+        end
+      end
+
+      def install_js_snippet
+        insert_into_file "app/views/layouts/application.html.erb", <<EODAP, before: /^\s+<\/head>/
+
+    <% if Rails.env.production? %>
+      <!-- We participate in the US government's analytics program. See the data at analytics.usa.gov. -->
+      <%= javascript_include_tag "https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=#{options[:agency_code]}", async: true, id:"_fed_an_ua_tag" %>
+    <% end %>
+EODAP
+      end
+
+      def update_readme
+        insertion_regex = /^## Documentation$/
+        if file_content("README.md").match?(insertion_regex)
+          insert_into_file "README.md", readme, before: insertion_regex
+        else
+          append_to_file "README.md", readme
+        end
+      end
+
+      def update_boundary_diagram
+        boundary_filename = "doc/compliance/apps/application.boundary.md"
+        insert_into_file boundary_filename, <<EOB, after: "Boundary(gsa_saas, \"GSA-authorized SaaS\") {\n"
+    System_Ext(dap, "DAP", "Analytics collection")
+EOB
+        insert_into_file boundary_filename, <<~EOB, before: "@enduml"
+          Rel(browser, dap, "reports usage", "https (443)")
+          Rel(developer, dap, "View traffic statistics", "https GET (443)")
+        EOB
+      end
+
+      no_tasks do
+        def readme
+          <<~EOM
+            ## Analytics
+
+            Digital Analytics Program (DAP) code has been included for the Production environment, associated with #{options[:agency_code]}.
+
+            If #{app_name.titleize} is for another agency, update the agency line in `app/views/layouts/application.html.erb`
+
+          EOM
+        end
+      end
+    end
+  end
+end

data/lib/generators/rails_template18f/github_actions/github_actions_generator.rb

@@ -1,10 +1,12 @@
 # frozen_string_literal: true
 
+require "rails/generators"
+
 module RailsTemplate18f
   module Generators
     class GithubActionsGenerator < ::Rails::Generators::Base
-      include ::Rails::Generators::AppName
-      include RailsTemplate18f::TerraformOptions
+      include Base
+      include PipelineOptions
 
       class_option :node_version, desc: "Node version to test against in actions"
 
@@ -13,10 +15,6 @@ module RailsTemplate18f
           Install Github Actions workflow files
       DESC
 
-      def self.source_root
-        @source_root ||= File.expand_path("templates", __dir__)
-      end
-
       def install_actions
         directory "github", ".github"
         if !terraform?
@@ -26,10 +24,28 @@ module RailsTemplate18f
       end
 
       def update_readme
-        insert_into_file "README.md", readme_cicd, after: "## CI/CD\n"
-        insert_into_file "README.md", readme_staging_deploy, after: "#### Staging\n"
-        insert_into_file "README.md", readme_prod_deploy, after: "#### Production\n"
-        insert_into_file "README.md", readme_credentials, after: "#### Credentials and other Secrets\n"
+        if file_content("README.md").match?(/^## CI\/CD$/)
+          insert_into_file "README.md", readme_cicd, after: "## CI/CD\n"
+          insert_into_file "README.md", readme_staging_deploy, after: "#### Staging\n"
+          insert_into_file "README.md", readme_prod_deploy, after: "#### Production\n"
+          insert_into_file "README.md", readme_credentials, after: "#### Credentials and other Secrets\n"
+        else
+          append_to_file "README.md", <<~EOM
+            ## CI/CD
+            #{readme_cicd}
+
+            ### Deployment
+
+            #### Staging
+            #{readme_staging_deploy}
+
+            #### Production
+            #{readme_prod_deploy}
+
+            #### Credentials and other Secrets
+            #{readme_credentials}
+          EOM
+        end
       end
 
       def update_boundary_diagram
@@ -48,7 +64,7 @@ EOB
         readme_filename = "terraform/README.md"
         insert_into_file readme_filename, "  |- .force-action-apply\n", after: "  |- secrets.auto.tfvars\n"
         insert_into_file readme_filename, <<~EOM, after: /- `secrets.auto.tfvars`.*$/
-          - `.force-action-apply` is a file that can be updated to force GitHub Actions to run `terraform apply` during the deploy phase
+          \n- `.force-action-apply` is a file that can be updated to force GitHub Actions to run `terraform apply` during the deploy phase
         EOM
       end
 

data/lib/generators/rails_template18f/newrelic/newrelic_generator.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+
+module RailsTemplate18f
+  module Generators
+    class NewrelicGenerator < ::Rails::Generators::Base
+      include Base
+
+      desc <<~DESC
+        Description:
+          Install NewRelic config for FedRAMP collection
+      DESC
+
+      def update_content_security_policy
+        csp_file = "config/initializers/content_security_policy.rb"
+        gsub_file csp_file, /(policy.script_src .*)$/, '\1, "https://js-agent.newrelic.com", "https://*.nr-data.net"'
+        if file_content(csp_file).match?(/policy.connect_src/)
+          gsub_file csp_file, /(policy.connect_src .*)$/, '\1, "https://*.nr-data.net"'
+        else
+          gsub_file csp_file, /((#?)(\s+)policy.script_src .*)$/, "\\1\n\\2\\3policy.connect_src :self, \"https://*.nr-data.net\""
+        end
+      end
+
+      def install_gem
+        gem "newrelic_rpm", "~> 8.4"
+      end
+
+      def install_config
+        template "config/newrelic.yml"
+      end
+
+      def update_cloud_gov_manifest
+        insert_into_file "manifest.yml", "    NEW_RELIC_LOG: stdout\n", before: /^\s+processes:/
+      end
+
+      def update_readme
+        insertion_regex = /^## Documentation$/
+        if file_content("README.md").match?(insertion_regex)
+          insert_into_file "README.md", readme, before: insertion_regex
+        else
+          append_to_file "README.md", readme
+        end
+      end
+
+      def update_boundary_diagram
+        boundary_filename = "doc/compliance/apps/application.boundary.md"
+        insert_into_file boundary_filename, <<EOB, after: "Boundary(gsa_saas, \"GSA-authorized SaaS\") {\n"
+    System_Ext(newrelic, "New Relic", "Monitoring SaaS")
+EOB
+        insert_into_file boundary_filename, <<~EOB, before: "@enduml"
+          Rel(app, newrelic, "reports telemetry (ruby agent)", "tcp (443)")
+          Rel(browser, newrelic, "reports ux metrics (javascript agent)", "https (443)")
+          Rel(developer, newrelic, "Manage performance", "https (443)")
+        EOB
+      end
+
+      no_tasks do
+        def readme
+          <<~EOM
+            ## Monitoring with New Relic
+
+            The [New Relic Ruby agent](https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/introduction-new-relic-ruby) has been installed for monitoring this application.
+
+            The config lives at `config/newrelic.yml`, and points to a [FEDRAMP version of the New Relic service as its host](https://docs.newrelic.com/docs/security/security-privacy/compliance/fedramp-compliant-endpoints/). To access the metrics dashboard, you will need to be connected to VPN.
+
+            ### Getting started
+
+            To get started sending metrics via New Relic APM:
+            1. Add your New Relic license key to the Rails credentials with key `new_relic_key`.
+            1. Optionally, update `app_name` entries in `config/newrelic.yml` with what is registered for your application in New Relic
+            1. Comment out the `agent_enabled: false` line in `config/newrelic.yml`
+            1. Add the [Javascript snippet provided by New Relic](https://docs.newrelic.com/docs/browser/browser-monitoring/installation/install-browser-monitoring-agent) into `application.html.erb`. It is recommended to vary this based on environment (i.e. include one snippet for staging and another for production).
+          EOM
+        end
+      end
+    end
+  end
+end

data/{templates/config/newrelic.yml → lib/generators/rails_template18f/newrelic/templates/config/newrelic.yml.tt}

@@ -10,14 +10,14 @@
 
 common: &default_settings
   # Required license key associated with your New Relic account.
-  license_key: <%= Rails.application.credentials.new_relic_key %>
+  license_key: <%%= Rails.application.credentials.new_relic_key %>
   # FEDRAMP-specific New Relic host
   # https://docs.newrelic.com/docs/security/security-privacy/compliance/fedramp-compliant-endpoints/
   host: 'gov-collector.newrelic.com'
 
   # Your application name. Renaming here affects where data displays in New
   # Relic.  For more details, see https://docs.newrelic.com/docs/apm/new-relic-apm/maintenance/renaming-applications
-  app_name: <APPNAME>
+  app_name: <%= app_name.titleize %>
 
   monitor_mode: true
 
@@ -30,8 +30,8 @@ common: &default_settings
 
   # This line disables agent regardless of other settings.
   # To enable the New Relic agent:
-  # 1) Replace <APPNAME> in this file with the application name you want to show in New Relic
-  # 2) add the New Relic license keys to the appropriate encrypted credentials file(s)
+  # 1) add the New Relic license keys to the appropriate encrypted credentials file(s)
+  # 2) Optionally, update app_name entries in this file with the application name you want to show in New Relic
   # 3) Comment out the line below
   agent_enabled: false
 
@@ -44,7 +44,7 @@ common: &default_settings
 # If your application has other named environments, configure them here.
 development:
   <<: *default_settings
-  app_name: <APPNAME> (Development)
+  app_name: <%= app_name.titleize %> (Development)
 
 test:
   <<: *default_settings
@@ -58,8 +58,8 @@ ci:
 
 staging:
   <<: *default_settings
-  app_name: <APPNAME> (Staging)
+  app_name: <%= app_name.titleize %> (Staging)
 
 production:
   <<: *default_settings
-  app_name: <APPNAME> (Production)
+  app_name: <%= app_name.titleize %> (Production)

data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/main.tf.tt

@@ -9,9 +9,9 @@ module "s3" {
   cf_api_url      = local.cf_api_url
   cf_user         = var.cf_user
   cf_password     = var.cf_password
-  cf_org_name     = "<%= @cloud_gov_organization %>"
-  cf_space_name   = "<%= @cloud_gov_production_space %>"
-  s3_service_name = local.s3_service_name<% if @cloud_gov_organization == "sandbox-gsa" %>
+  cf_org_name     = "<%= cloud_gov_organization %>"
+  cf_space_name   = "<%= cloud_gov_production_space %>"
+  s3_service_name = local.s3_service_name<% if cloud_gov_organization == "sandbox-gsa" %>
   s3_plan_name    = "basic-sandbox"<% end %>
 }
 

data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/run.sh.tt

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 if [[ ! -f "secrets.auto.tfvars" ]]; then
-  ../create_space_deployer.sh <%= @cloud_gov_production_space %> config-bootstrap-deployer > secrets.auto.tfvars
+  ../create_space_deployer.sh <%= cloud_gov_production_space %> config-bootstrap-deployer > secrets.auto.tfvars
 fi
 
 if [[ $# -gt 0 ]]; then

data/lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/teardown_creds.sh.tt

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+../destroy_space_deployer.sh <%= cloud_gov_production_space %> config-bootstrap-deployer
+
+rm secrets.auto.tfvars

data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/production/main.tf.tt

@@ -1,6 +1,6 @@
 locals {
-  cf_org_name      = "<%= @cloud_gov_organization %>"
-  cf_space_name    = "<%= @cloud_gov_production_space %>"
+  cf_org_name      = "<%= cloud_gov_organization %>"
+  cf_space_name    = "<%= cloud_gov_production_space %>"
   env              = "production"
   recursive_delete = false
 }
@@ -17,7 +17,7 @@ module "database" {
   rds_plan_name    = "TKTK-production-rds-plan"
 }
 
-<% if !skip_active_storage? %>
+<% if has_active_storage? %>
 module "s3" {
   source = "../shared/s3"
 
@@ -34,7 +34,7 @@ module "s3" {
 # It can be re-enabled after:
 # 1) the app has first been deployed
 # 2) the route has been manually created by an OrgManager:
-#     `cf create-domain <%= @cloud_gov_organization %> TKTK-production-domain-name`
+#     `cf create-domain <%= cloud_gov_organization %> TKTK-production-domain-name`
 ###########################################################################
 # module "domain" {
 #   source = "../shared/domain"

data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/domain/main.tf.tt

@@ -19,7 +19,7 @@ data "cloudfoundry_app" "app" {
 ###########################################################################
 # Route must be manually created by an OrgManager before terraform is run:
 #
-# cf create-domain <%= @cloud_gov_organization %> TKTK-production-domain-name
+# cf create-domain <%= cloud_gov_organization %> TKTK-production-domain-name
 ###########################################################################
 data "cloudfoundry_domain" "origin_url" {
   name = var.domain_name

data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/staging/main.tf.tt

@@ -1,6 +1,6 @@
 locals {
-  cf_org_name      = "<%= @cloud_gov_organization %>"
-  cf_space_name    = "<%= @cloud_gov_staging_space %>"
+  cf_org_name      = "<%= cloud_gov_organization %>"
+  cf_space_name    = "<%= cloud_gov_staging_space %>"
   env              = "staging"
   recursive_delete = true
 }
@@ -17,7 +17,7 @@ module "database" {
   rds_plan_name    = "micro-psql"
 }
 
-<% if !skip_active_storage? %>
+<% if has_active_storage? %>
 module "s3" {
   source = "../shared/s3"
 
@@ -27,4 +27,4 @@ module "s3" {
   cf_space_name   = local.cf_space_name
   s3_service_name = "<%= app_name %>-s3-${local.env}"
 }
-<% end %>
+<% end %>

data/lib/generators/rails_template18f/terraform/terraform_generator.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+
+module RailsTemplate18f
+  module Generators
+    class TerraformGenerator < ::Rails::Generators::Base
+      include Base
+      include CloudGovOptions
+
+      desc <<~DESC
+        Description:
+          Install terraform files for cloud.gov database and s3 services
+      DESC
+
+      def install
+        directory "terraform", mode: :preserve
+        chmod "terraform/bootstrap/run.sh", 0o755
+        chmod "terraform/bootstrap/teardown_creds.sh", 0o755
+      end
+
+      def ignore_files
+        unless skip_git?
+          append_to_file ".gitignore", <<~EOM
+
+            # Terraform
+            .terraform.lock.hcl
+            **/.terraform/*
+            secrets.auto.tfvars
+            terraform.tfstate
+            terraform.tfstate.backup
+          EOM
+        end
+      end
+
+      def update_readme
+        gsub_file "README.md", /^(### Automatic linting)/, '\1 and terraform formatting'
+        gsub_file "README.md", /(ruby linting) (on every)/, '\1 and terraform formatting \2'
+        gsub_file "README.md", /^Before the first deploy only.*$/, "Follow the instructions in `terraform/README.md` to create the supporting services."
+      end
+
+      def install_githook
+        githook_file = ".githooks/pre-commit"
+        if File.exist?(File.expand_path(githook_file, destination_root))
+          append_to_file githook_file, "\n#{githook_content}"
+        else
+          create_file githook_file, <<~EOM
+            #! /usr/bin/env bash
+            #
+            # This hook runs on `git commit` and will prevent you from committing without
+            # approval from the linter and tests.
+            #
+            # To run, this file must be symlinked to:
+            # .git/hooks/pre-commit
+            #
+            # To bypass this hook, run:
+            # $ git commit --no-verify
+            # $ git commit -n
+
+            #{githook_content}
+          EOM
+          chmod githook_file, 0o755
+        end
+      end
+
+      no_tasks do
+        def githook_content
+          <<~EOM
+            echo "Running Terraform formatter"
+            files=$(git diff --cached --name-only terraform)
+            for f in $files
+            do
+              # Format any *.tf files that were cached/staged
+              if [ -e "$f" ] && [[ $f == *.tf ]]; then
+                terraform fmt "$f"
+                git add "$f"
+              fi
+            done
+          EOM
+        end
+      end
+
+      private
+
+      def terraform_dir_exists?
+        # prevents cloud_gov_* helpers from trying to read non-existant .tf files
+        false
+      end
+
+      def has_active_storage?
+        defined?(::ActiveStorage)
+      end
+    end
+  end
+end