rails_template_18f 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +3 -1
- data/README.md +4 -4
- data/lib/generators/rails_template18f/circleci/circleci_generator.rb +26 -10
- data/lib/generators/rails_template18f/dap/dap_generator.rb +72 -0
- data/lib/generators/rails_template18f/github_actions/github_actions_generator.rb +27 -11
- data/lib/generators/rails_template18f/newrelic/newrelic_generator.rb +79 -0
- data/{templates/config/newrelic.yml → lib/generators/rails_template18f/newrelic/templates/config/newrelic.yml.tt} +7 -7
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/README.md.tt +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/import.sh +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/main.tf.tt +3 -3
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/providers.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/run.sh.tt +1 -1
- data/lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/teardown_creds.sh.tt +5 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/bootstrap/variables.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/create_space_deployer.sh +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/destroy_space_deployer.sh +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/production/main.tf.tt +4 -4
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/production/providers.tf.tt +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/production/variables.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/database/main.tf.tt +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/database/providers.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/database/variables.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/domain/main.tf.tt +1 -1
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/domain/providers.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/domain/variables.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/s3/main.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/s3/providers.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/shared/s3/variables.tf +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/staging/main.tf.tt +4 -4
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/staging/providers.tf.tt +0 -0
- data/{templates → lib/generators/rails_template18f/terraform/templates}/terraform/staging/variables.tf +0 -0
- data/lib/generators/rails_template18f/terraform/terraform_generator.rb +95 -0
- data/lib/rails_template18f/generators/base.rb +36 -0
- data/lib/rails_template18f/generators/cloud_gov_options.rb +57 -0
- data/lib/rails_template18f/generators/pipeline_options.rb +18 -0
- data/lib/rails_template18f/generators.rb +11 -0
- data/lib/rails_template18f/version.rb +1 -1
- data/lib/rails_template_18f.rb +1 -4
- data/template.rb +17 -61
- data/templates/README.md.tt +7 -44
- data/templates/doc/compliance/apps/application.boundary.md.tt +4 -24
- data/templates/githooks/{pre-commit.tt → pre-commit} +0 -15
- data/templates/manifest.yml.tt +1 -2
- metadata +35 -29
- data/lib/rails_template18f/terraform_options.rb +0 -68
- data/templates/terraform/bootstrap/teardown_creds.sh.tt +0 -5
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module RailsTemplate18f
|
4
|
+
module Generators
|
5
|
+
module Base
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
include ::Rails::Generators::AppName
|
8
|
+
|
9
|
+
included do
|
10
|
+
self.source_path = RailsTemplate18f::Generators.const_source_location(name).first
|
11
|
+
end
|
12
|
+
|
13
|
+
class_methods do
|
14
|
+
attr_accessor :source_path
|
15
|
+
|
16
|
+
def source_root
|
17
|
+
@source_root ||= File.expand_path("templates", File.dirname(source_path))
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
private
|
22
|
+
|
23
|
+
def file_content(filename)
|
24
|
+
File.read(File.expand_path(filename, destination_root))
|
25
|
+
end
|
26
|
+
|
27
|
+
def ruby_version
|
28
|
+
RUBY_VERSION
|
29
|
+
end
|
30
|
+
|
31
|
+
def skip_git?
|
32
|
+
!Dir.exist?(File.expand_path(".git", destination_root))
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module RailsTemplate18f
|
4
|
+
module Generators
|
5
|
+
module CloudGovOptions
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
included do
|
9
|
+
class_option :cg_org, desc: "cloud.gov organization name"
|
10
|
+
class_option :cg_staging, desc: "cloud.gov space name for staging"
|
11
|
+
class_option :cg_prod, desc: "cloud.gov space name for production"
|
12
|
+
end
|
13
|
+
|
14
|
+
private
|
15
|
+
|
16
|
+
def cloud_gov_organization
|
17
|
+
if options[:cg_org].present?
|
18
|
+
return options[:cg_org]
|
19
|
+
elsif terraform_dir_exists?
|
20
|
+
staging_main = file_content("terraform/staging/main.tf")
|
21
|
+
if (matches = staging_main.match(/cf_org_name\s+= "(?<org_name>.*)"/))
|
22
|
+
return matches[:org_name]
|
23
|
+
end
|
24
|
+
end
|
25
|
+
"TKTK-cloud.gov-org-name"
|
26
|
+
end
|
27
|
+
|
28
|
+
def cloud_gov_staging_space
|
29
|
+
if options[:cg_staging].present?
|
30
|
+
return options[:cg_staging]
|
31
|
+
elsif terraform_dir_exists?
|
32
|
+
staging_main = file_content("terraform/staging/main.tf")
|
33
|
+
if (matches = staging_main.match(/cf_space_name\s+= "(?<space_name>.*)"/))
|
34
|
+
return matches[:space_name]
|
35
|
+
end
|
36
|
+
end
|
37
|
+
"staging"
|
38
|
+
end
|
39
|
+
|
40
|
+
def cloud_gov_production_space
|
41
|
+
if options[:cg_prod].present?
|
42
|
+
return options[:cg_prod]
|
43
|
+
elsif terraform_dir_exists?
|
44
|
+
prod_main = file_content("terraform/production/main.tf")
|
45
|
+
if (matches = prod_main.match(/cf_space_name\s+= "(?<space_name>.*)"/))
|
46
|
+
return matches[:space_name]
|
47
|
+
end
|
48
|
+
end
|
49
|
+
"prod"
|
50
|
+
end
|
51
|
+
|
52
|
+
def terraform_dir_exists?
|
53
|
+
Dir.exist? File.expand_path("terraform", destination_root)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module RailsTemplate18f
|
4
|
+
module Generators
|
5
|
+
module PipelineOptions
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
include CloudGovOptions
|
8
|
+
|
9
|
+
included do
|
10
|
+
class_option :terraform, type: :boolean, desc: "Generate actions for planning and applying terraform"
|
11
|
+
end
|
12
|
+
|
13
|
+
def terraform?
|
14
|
+
options[:terraform].nil? ? terraform_dir_exists? : options[:terraform]
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
data/lib/rails_template_18f.rb
CHANGED
@@ -1,12 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require_relative "rails_template18f/version"
|
4
|
+
require_relative "rails_template18f/generators"
|
4
5
|
|
5
6
|
module RailsTemplate18f
|
6
|
-
extend ActiveSupport::Autoload
|
7
|
-
|
8
|
-
autoload :TerraformOptions
|
9
|
-
|
10
7
|
class Error < StandardError; end
|
11
8
|
|
12
9
|
class Railtie < ::Rails::Railtie; end
|
data/template.rb
CHANGED
@@ -60,7 +60,6 @@ default_prod_space = "prod"
|
|
60
60
|
|
61
61
|
@github_actions = yes?("Create Github Actions? (y/n)")
|
62
62
|
@circleci_pipeline = yes?("Create CircleCI config? (y/n)")
|
63
|
-
@adrs = yes?("Create initial Architecture Decision Records? (y/n)")
|
64
63
|
@newrelic = yes?("Create FEDRAMP New Relic config files? (y/n)")
|
65
64
|
@dap = yes?("If this will be a public site, should we include Digital Analytics Program code? (y/n)")
|
66
65
|
@supported_languages = [:en]
|
@@ -151,34 +150,16 @@ else
|
|
151
150
|
"policy.style_src :self"
|
152
151
|
end
|
153
152
|
|
154
|
-
script_policy = [":self"]
|
155
|
-
connect_policy = [":self"]
|
156
|
-
image_policy = [":self", ":data"]
|
157
|
-
|
158
|
-
if @newrelic
|
159
|
-
script_policy << '"https://js-agent.newrelic.com"'
|
160
|
-
script_policy << '"https://*.nr-data.net"'
|
161
|
-
connect_policy << '"https://*.nr-data.net"'
|
162
|
-
end
|
163
|
-
|
164
|
-
if @dap
|
165
|
-
image_policy << '"https://www.google-analytics.com"'
|
166
|
-
script_policy << '"https://dap.digitalgov.gov"'
|
167
|
-
script_policy << '"https://www.google-analytics.com"'
|
168
|
-
connect_policy << '"https://dap.digitalgov.gov"'
|
169
|
-
connect_policy << '"https://www.google-analytics.com"'
|
170
|
-
end
|
171
|
-
|
172
153
|
gsub_file csp_initializer, /^# config.*\|policy\|$.+^# end$/m, <<EOM
|
173
154
|
config.content_security_policy do |policy|
|
174
155
|
policy.default_src :self
|
175
156
|
policy.font_src :self
|
176
157
|
policy.form_action :self
|
177
158
|
policy.frame_ancestors :none
|
178
|
-
policy.img_src
|
159
|
+
policy.img_src :self, :data
|
179
160
|
policy.object_src :none
|
180
|
-
policy.script_src
|
181
|
-
policy.connect_src
|
161
|
+
policy.script_src :self
|
162
|
+
policy.connect_src :self
|
182
163
|
#{style_policy}
|
183
164
|
end
|
184
165
|
EOM
|
@@ -188,21 +169,13 @@ uncomment_lines csp_initializer, /end$/
|
|
188
169
|
uncomment_lines csp_initializer, "content_security_policy_nonce"
|
189
170
|
|
190
171
|
if @newrelic
|
191
|
-
|
192
|
-
|
193
|
-
|
172
|
+
after_bundle do
|
173
|
+
generate "rails_template18f:newrelic"
|
174
|
+
end
|
194
175
|
register_announcement("New Relic", <<~EOM)
|
195
176
|
A New Relic config file has been written to `config/newrelic.yml`
|
196
177
|
|
197
|
-
|
198
|
-
1. Replace `<APPNAME>` with what is registered for your application in New Relic
|
199
|
-
2. Add your New Relic license key to the Rails credentials with key `new_relic_key`.
|
200
|
-
3. Comment out the `agent_enabled: false` line
|
201
|
-
|
202
|
-
To enable browser monitoring:
|
203
|
-
4. Embed the Javascript snippet provided by New Relic into `application.html.erb`.
|
204
|
-
It is recommended to vary this based on environment (i.e. include one snippet
|
205
|
-
for staging and another for production).
|
178
|
+
See instructions in README to get started sending data to New Relic
|
206
179
|
EOM
|
207
180
|
end
|
208
181
|
|
@@ -222,11 +195,10 @@ end
|
|
222
195
|
|
223
196
|
copy_file "lib/tasks/scanning.rake"
|
224
197
|
copy_file "env", ".env"
|
198
|
+
copy_file "githooks/pre-commit", ".githooks/pre-commit", mode: :preserve
|
225
199
|
|
226
200
|
unless skip_git?
|
227
201
|
rails_command "credentials:diff --enroll"
|
228
|
-
template "githooks/pre-commit", ".githooks/pre-commit"
|
229
|
-
chmod ".githooks/pre-commit", 0o755
|
230
202
|
append_to_file ".gitignore", <<~EOM
|
231
203
|
|
232
204
|
# Ignore local dotenv overrides
|
@@ -377,19 +349,13 @@ after_bundle do
|
|
377
349
|
end
|
378
350
|
|
379
351
|
if @terraform
|
380
|
-
|
381
|
-
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
386
|
-
|
387
|
-
.terraform.lock.hcl
|
388
|
-
**/.terraform/*
|
389
|
-
secrets.auto.tfvars
|
390
|
-
terraform.tfstate
|
391
|
-
terraform.tfstate.backup
|
392
|
-
EOM
|
352
|
+
after_bundle do
|
353
|
+
generator_arguments = [
|
354
|
+
"--cg-org=#{@cloud_gov_organization}",
|
355
|
+
"--cg-staging=#{@cloud_gov_staging_space}",
|
356
|
+
"--cg-prod=#{@cloud_gov_production_space}"
|
357
|
+
]
|
358
|
+
generate "rails_template18f:terraform", *generator_arguments
|
393
359
|
end
|
394
360
|
if cloud_gov_org_tktk?
|
395
361
|
register_announcement("Terraform", <<~EOM)
|
@@ -437,11 +403,7 @@ if @circleci_pipeline
|
|
437
403
|
EOM
|
438
404
|
end
|
439
405
|
|
440
|
-
|
441
|
-
directory "doc"
|
442
|
-
else
|
443
|
-
directory "doc/compliance"
|
444
|
-
end
|
406
|
+
directory "doc"
|
445
407
|
register_announcement("Documentation", <<~EOM)
|
446
408
|
* Include a short description of your application in doc/compliance/apps/application.boundary.md
|
447
409
|
* Remember to keep your Logical Data Model up to date in doc/compliance/apps/data.logical.md
|
@@ -449,13 +411,7 @@ EOM
|
|
449
411
|
|
450
412
|
if @dap
|
451
413
|
after_bundle do
|
452
|
-
|
453
|
-
|
454
|
-
<% if Rails.env.production? %>
|
455
|
-
<!-- We participate in the US government's analytics program. See the data at analytics.usa.gov. -->
|
456
|
-
<%= javascript_include_tag "https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA", async: true, id:"_fed_an_ua_tag" %>
|
457
|
-
<% end %>
|
458
|
-
EODAP
|
414
|
+
generate "rails_template18f:dap"
|
459
415
|
end
|
460
416
|
register_announcement("Digital Analytics Program", "Update the DAP agency code in app/views/layouts/application.html.erb")
|
461
417
|
end
|
data/templates/README.md.tt
CHANGED
@@ -53,10 +53,9 @@ TBD
|
|
53
53
|
|
54
54
|
The system's Content-Security-Policy header prevents `<script>` and `<style>` tags from working without further
|
55
55
|
configuration. Use `<%%= javascript_tag nonce: true %>` for inline javascript.
|
56
|
-
|
56
|
+
|
57
57
|
See the [CSP compliant script tag helpers](./doc/adr/0004-rails-csp-compliant-script-tag-helpers.md) ADR for
|
58
58
|
more information on setting these up successfully.
|
59
|
-
<% end %>
|
60
59
|
|
61
60
|
## Internationalization
|
62
61
|
|
@@ -101,10 +100,9 @@ Run everything: `bundle exec rake`
|
|
101
100
|
|
102
101
|
When new pages are added to the application, ensure they are added to `./.pa11yci` so that they can be scanned.
|
103
102
|
|
104
|
-
### Automatic linting
|
103
|
+
### Automatic linting
|
105
104
|
|
106
|
-
To enable automatic ruby linting
|
107
|
-
follow the instructions at the top of `.githooks/pre-commit`
|
105
|
+
To enable automatic ruby linting on every `git commit` follow the instructions at the top of `.githooks/pre-commit`
|
108
106
|
|
109
107
|
## CI/CD
|
110
108
|
|
@@ -114,24 +112,16 @@ Each environment has dependencies on a PostgreSQL RDS instance managed by cloud.
|
|
114
112
|
See [cloud.gov docs](https://cloud.gov/docs/services/relational-database/) for information on RDS.
|
115
113
|
|
116
114
|
#### Staging
|
117
|
-
|
118
115
|
<% if !@github_actions && !@circleci_pipeline %>
|
119
|
-
<% if @terraform %>
|
120
|
-
Follow the instructions in `terraform/README.md` to create the supporting services.
|
121
|
-
<% else %>
|
122
116
|
Before the first deploy only, create DB service with `cf create-service aws-rds micro-psql <%= app_name %>-rds-staging`
|
123
|
-
|
117
|
+
|
124
118
|
`cf push --strategy rolling --vars-file config/deployment/staging.yml --var rails_master_key=$(cat config/master.key)`
|
125
119
|
<% end %>
|
126
120
|
|
127
121
|
#### Production
|
128
|
-
|
129
122
|
<% if !@github_actions && !@circleci_pipeline %>
|
130
|
-
<% if @terraform %>
|
131
|
-
Follow the instructions in `terraform/README.md` to create the supporting services.
|
132
|
-
<% else %>
|
133
123
|
Before the first deploy only, create DB service with `cf create-service aws-rds <<SERVICE_PLAN_NAME>> <%= app_name %>-rds-production`
|
134
|
-
|
124
|
+
|
135
125
|
`cf push --strategy rolling --vars-file config/deployment/production.yml --var rails_master_key=$(cat config/credentials/production.key)`
|
136
126
|
<% end %>
|
137
127
|
|
@@ -150,34 +140,8 @@ Otherwise, they are set as a `((variable))` within `manifest.yml` and the variab
|
|
150
140
|
|
151
141
|
Configuration that changes from staging to production, but is public, should be added to `config/deployment/staging.yml` and `config/deployment/production.yml`
|
152
142
|
|
153
|
-
<% if @newrelic %>
|
154
|
-
## Monitoring with New Relic
|
155
|
-
|
156
|
-
The [New Relic Ruby agent](https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/introduction-new-relic-ruby) has been installed for monitoring this application.
|
157
|
-
|
158
|
-
The config lives at `config/newrelic.yml`, and points to a [FEDRAMP version of the New Relic service as its host](https://docs.newrelic.com/docs/security/security-privacy/compliance/fedramp-compliant-endpoints/). To access the metrics dashboard, you will need to be connected to VPN.
|
159
|
-
|
160
|
-
### Getting started
|
161
|
-
|
162
|
-
To get started sending metrics via New Relic APM:
|
163
|
-
1. Replace `<APPNAME>` in `config/newrelic.yml` with what is registered for your application in New Relic
|
164
|
-
1. Add your New Relic license key to the Rails credentials with key `new_relic_key`.
|
165
|
-
1. Comment out the `agent_enabled: false` line in `config/newrelic.yml`
|
166
|
-
1. Add the [Javascript snippet provided by New Relic](https://docs.newrelic.com/docs/browser/browser-monitoring/installation/install-browser-monitoring-agent) into `application.html.erb`. It is recommended to vary this based on environment (i.e. include one snippet for staging and another for production).
|
167
|
-
<% end %>
|
168
|
-
|
169
|
-
<% if @dap %>
|
170
|
-
## Analytics
|
171
|
-
|
172
|
-
Digital Analytics Program (DAP) code has been included for the Production environment, associated with GSA.
|
173
|
-
|
174
|
-
If <%= app_name.titleize %> is for another agency, update the agency line in `app/views/layouts/application.html.erb`
|
175
|
-
<% end %>
|
176
|
-
|
177
143
|
## Documentation
|
178
144
|
|
179
|
-
<% if @adrs %>
|
180
|
-
|
181
145
|
Architectural Decision Records (ADR) are stored in `doc/adr`
|
182
146
|
To create a new ADR, first install [ADR-tools](https://github.com/npryce/adr-tools) if you don't
|
183
147
|
already have it installed.
|
@@ -187,7 +151,6 @@ Then create the ADR:
|
|
187
151
|
* `adr new Title Of Architectural Decision`
|
188
152
|
|
189
153
|
This will create a new, numbered ADR in the `doc/adr` directory.
|
190
|
-
<% end %>
|
191
154
|
|
192
155
|
Compliance diagrams are stored in `doc/compliance`. See the README there for more information on
|
193
156
|
generating diagram updates.
|
@@ -197,8 +160,8 @@ generating diagram updates.
|
|
197
160
|
*This will continue to evolve as the project moves forward.*
|
198
161
|
|
199
162
|
* Pull down the most recent main before checking out a branch
|
200
|
-
* Write your code
|
201
|
-
* If a big architectural decision was made, add an ADR
|
163
|
+
* Write your code
|
164
|
+
* If a big architectural decision was made, add an ADR
|
202
165
|
* Submit a PR
|
203
166
|
* If you added functionality, please add tests.
|
204
167
|
* All tests must pass!
|
@@ -11,6 +11,7 @@ LAYOUT_WITH_LEGEND()
|
|
11
11
|
title application boundary view
|
12
12
|
|
13
13
|
Person_Ext(public, "Public", "A member of the public")
|
14
|
+
Person(developer, "Developer", "Application developers")
|
14
15
|
|
15
16
|
Boundary(device, "Computing Device", "Windows, OS X, Linux, iOS, Android"){
|
16
17
|
System_Ext(browser, "Web Browser", "any modern version")
|
@@ -39,20 +40,10 @@ Boundary(aws, "AWS GovCloud") {
|
|
39
40
|
|
40
41
|
|
41
42
|
Boundary(gsa_saas, "GSA-authorized SaaS") {
|
42
|
-
<% if @dap %>
|
43
|
-
System_Ext(dap, "DAP", "Analytics collection")
|
44
|
-
<% end %>
|
45
|
-
<% if @newrelic %>
|
46
|
-
System_Ext(newrelic, "New Relic", "Monitoring SaaS")
|
47
|
-
<% end %>
|
48
43
|
}
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
<% if @newrelic %>
|
53
|
-
Rel(app, newrelic, "reports telemetry (ruby agent)", "tcp (443)")
|
54
|
-
Rel(browser, newrelic, "reports ux metrics (javascript agent)", "https (443)")
|
55
|
-
<% end %>
|
44
|
+
|
45
|
+
Boundary(cicd, "CI/CD Pipeline") {
|
46
|
+
}
|
56
47
|
|
57
48
|
Rel(browser, aws_alb, "request info, submit requests", "https GET/POST (443)")
|
58
49
|
Rel(aws_alb, cloudgov_router, "proxies requests", "https GET/POST (443)")
|
@@ -61,17 +52,6 @@ Rel(app, app_db, "reads/writes primary data", "psql (5432)")
|
|
61
52
|
<% if !skip_active_storage? %>
|
62
53
|
Rel(app, app_s3, "reads/writes file data", "https (443)")
|
63
54
|
<% end %>
|
64
|
-
|
65
|
-
Person(developer, "Developer", "Application developers")
|
66
|
-
Boundary(cicd, "CI/CD Pipeline") {
|
67
|
-
}
|
68
|
-
|
69
|
-
<% if @dap %>
|
70
|
-
Rel(developer, dap, "View traffic statistics", "https GET (443)")
|
71
|
-
<% end %>
|
72
|
-
<% if @newrelic %>
|
73
|
-
Rel(developer, newrelic, "Manage performance", "https (443)")
|
74
|
-
<% end %>
|
75
55
|
@enduml
|
76
56
|
```
|
77
57
|
|
@@ -18,18 +18,3 @@ if [ $linter_status -ne 0 ]; then
|
|
18
18
|
echo "Fix above before committing. Run 'git commit -n' to bypass linter."
|
19
19
|
exit 1
|
20
20
|
fi
|
21
|
-
|
22
|
-
<% if @terraform %>
|
23
|
-
echo "Running Terraform formatter"
|
24
|
-
# imitates https://github.com/HHS/Head-Start-TTADP/blob/3b72ff05d94fab4cda877c63d8cd6970f0eeffc7/.githooks/pre-commit
|
25
|
-
|
26
|
-
files=$(git diff --cached --name-only terraform)
|
27
|
-
for f in $files
|
28
|
-
do
|
29
|
-
# Format any *.tf files that were cached/staged
|
30
|
-
if [ -e "$f" ] && [[ $f == *.tf ]]; then
|
31
|
-
terraform fmt "$f"
|
32
|
-
git add "$f"
|
33
|
-
fi
|
34
|
-
done
|
35
|
-
<% end %>
|
data/templates/manifest.yml.tt
CHANGED
@@ -8,8 +8,7 @@ applications:
|
|
8
8
|
RAILS_MASTER_KEY: ((rails_master_key))
|
9
9
|
RAILS_ENV: ((env))
|
10
10
|
RAILS_LOG_TO_STDOUT: true
|
11
|
-
RAILS_SERVE_STATIC_FILES: true
|
12
|
-
NEW_RELIC_LOG: stdout<% end %>
|
11
|
+
RAILS_SERVE_STATIC_FILES: true
|
13
12
|
processes:
|
14
13
|
- type: web
|
15
14
|
instances: ((web_instances))
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails_template_18f
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryan Ahearn
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-02-
|
11
|
+
date: 2022-02-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|
@@ -103,6 +103,7 @@ files:
|
|
103
103
|
- lib/generators/rails_template18f/circleci/templates/bin/ci-server-start
|
104
104
|
- lib/generators/rails_template18f/circleci/templates/circleci/config.yml.tt
|
105
105
|
- lib/generators/rails_template18f/circleci/templates/docker-compose.ci.yml
|
106
|
+
- lib/generators/rails_template18f/dap/dap_generator.rb
|
106
107
|
- lib/generators/rails_template18f/github_actions/github_actions_generator.rb
|
107
108
|
- lib/generators/rails_template18f/github_actions/templates/github/actions/run-server/action.yml
|
108
109
|
- lib/generators/rails_template18f/github_actions/templates/github/actions/setup-languages/action.yml.tt
|
@@ -117,7 +118,37 @@ files:
|
|
117
118
|
- lib/generators/rails_template18f/github_actions/templates/github/workflows/rspec.yml.tt
|
118
119
|
- lib/generators/rails_template18f/github_actions/templates/github/workflows/terraform-production.yml
|
119
120
|
- lib/generators/rails_template18f/github_actions/templates/github/workflows/terraform-staging.yml
|
120
|
-
- lib/rails_template18f/
|
121
|
+
- lib/generators/rails_template18f/newrelic/newrelic_generator.rb
|
122
|
+
- lib/generators/rails_template18f/newrelic/templates/config/newrelic.yml.tt
|
123
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/README.md.tt
|
124
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/import.sh
|
125
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/main.tf.tt
|
126
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/providers.tf
|
127
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/run.sh.tt
|
128
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/teardown_creds.sh.tt
|
129
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/variables.tf
|
130
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/create_space_deployer.sh
|
131
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/destroy_space_deployer.sh
|
132
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/production/main.tf.tt
|
133
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/production/providers.tf.tt
|
134
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/production/variables.tf
|
135
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/database/main.tf.tt
|
136
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/database/providers.tf
|
137
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/database/variables.tf
|
138
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/main.tf.tt
|
139
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/providers.tf
|
140
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/variables.tf
|
141
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/main.tf
|
142
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/providers.tf
|
143
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/variables.tf
|
144
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/staging/main.tf.tt
|
145
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/staging/providers.tf.tt
|
146
|
+
- lib/generators/rails_template18f/terraform/templates/terraform/staging/variables.tf
|
147
|
+
- lib/generators/rails_template18f/terraform/terraform_generator.rb
|
148
|
+
- lib/rails_template18f/generators.rb
|
149
|
+
- lib/rails_template18f/generators/base.rb
|
150
|
+
- lib/rails_template18f/generators/cloud_gov_options.rb
|
151
|
+
- lib/rails_template18f/generators/pipeline_options.rb
|
121
152
|
- lib/rails_template18f/version.rb
|
122
153
|
- lib/rails_template_18f.rb
|
123
154
|
- rails-template-18f.gemspec
|
@@ -143,7 +174,6 @@ files:
|
|
143
174
|
- templates/config/locales/es.yml
|
144
175
|
- templates/config/locales/fr.yml
|
145
176
|
- templates/config/locales/zh.yml
|
146
|
-
- templates/config/newrelic.yml
|
147
177
|
- templates/doc/adr/0001-record-architecture-decisions.md.tt
|
148
178
|
- templates/doc/adr/0002-initial-architecture-decisions.md.tt
|
149
179
|
- templates/doc/adr/0003-security-scans.md.tt
|
@@ -154,35 +184,11 @@ files:
|
|
154
184
|
- templates/doc/compliance/rendered/apps/.keep
|
155
185
|
- templates/editorconfig
|
156
186
|
- templates/env
|
157
|
-
- templates/githooks/pre-commit
|
187
|
+
- templates/githooks/pre-commit
|
158
188
|
- templates/lib/tasks/cf.rake
|
159
189
|
- templates/lib/tasks/scanning.rake
|
160
190
|
- templates/manifest.yml.tt
|
161
191
|
- templates/pa11yci
|
162
|
-
- templates/terraform/README.md.tt
|
163
|
-
- templates/terraform/bootstrap/import.sh
|
164
|
-
- templates/terraform/bootstrap/main.tf.tt
|
165
|
-
- templates/terraform/bootstrap/providers.tf
|
166
|
-
- templates/terraform/bootstrap/run.sh.tt
|
167
|
-
- templates/terraform/bootstrap/teardown_creds.sh.tt
|
168
|
-
- templates/terraform/bootstrap/variables.tf
|
169
|
-
- templates/terraform/create_space_deployer.sh
|
170
|
-
- templates/terraform/destroy_space_deployer.sh
|
171
|
-
- templates/terraform/production/main.tf.tt
|
172
|
-
- templates/terraform/production/providers.tf.tt
|
173
|
-
- templates/terraform/production/variables.tf
|
174
|
-
- templates/terraform/shared/database/main.tf.tt
|
175
|
-
- templates/terraform/shared/database/providers.tf
|
176
|
-
- templates/terraform/shared/database/variables.tf
|
177
|
-
- templates/terraform/shared/domain/main.tf.tt
|
178
|
-
- templates/terraform/shared/domain/providers.tf
|
179
|
-
- templates/terraform/shared/domain/variables.tf
|
180
|
-
- templates/terraform/shared/s3/main.tf
|
181
|
-
- templates/terraform/shared/s3/providers.tf
|
182
|
-
- templates/terraform/shared/s3/variables.tf
|
183
|
-
- templates/terraform/staging/main.tf.tt
|
184
|
-
- templates/terraform/staging/providers.tf.tt
|
185
|
-
- templates/terraform/staging/variables.tf
|
186
192
|
- templates/zap.conf
|
187
193
|
homepage: https://github.com/18f/rails-template
|
188
194
|
licenses: []
|
@@ -1,68 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module RailsTemplate18f
|
4
|
-
module TerraformOptions
|
5
|
-
extend ActiveSupport::Concern
|
6
|
-
|
7
|
-
included do
|
8
|
-
class_option :cg_org, desc: "cloud.gov organization name"
|
9
|
-
class_option :cg_staging, desc: "cloud.gov space name for staging"
|
10
|
-
class_option :cg_prod, desc: "cloud.gov space name for production"
|
11
|
-
class_option :terraform, type: :boolean, desc: "Generate actions for planning and applying terraform"
|
12
|
-
end
|
13
|
-
|
14
|
-
private
|
15
|
-
|
16
|
-
def ruby_version
|
17
|
-
RUBY_VERSION
|
18
|
-
end
|
19
|
-
|
20
|
-
def terraform?
|
21
|
-
options[:terraform].nil? ? terraform_dir_exists? : options[:terraform]
|
22
|
-
end
|
23
|
-
|
24
|
-
def cloud_gov_organization
|
25
|
-
if options[:cg_org].present?
|
26
|
-
return options[:cg_org]
|
27
|
-
elsif terraform_dir_exists?
|
28
|
-
staging_main = File.read(terraform_path.join("staging", "main.tf"))
|
29
|
-
if (matches = staging_main.match(/cf_org_name\s+= "(?<org_name>.*)"/))
|
30
|
-
return matches[:org_name]
|
31
|
-
end
|
32
|
-
end
|
33
|
-
"TKTK-cloud.gov-org-name"
|
34
|
-
end
|
35
|
-
|
36
|
-
def cloud_gov_staging_space
|
37
|
-
if options[:cg_staging].present?
|
38
|
-
return options[:cg_staging]
|
39
|
-
elsif terraform_dir_exists?
|
40
|
-
staging_main = File.read(terraform_path.join("staging", "main.tf"))
|
41
|
-
if (matches = staging_main.match(/cf_space_name\s+= "(?<space_name>.*)"/))
|
42
|
-
return matches[:space_name]
|
43
|
-
end
|
44
|
-
end
|
45
|
-
"staging"
|
46
|
-
end
|
47
|
-
|
48
|
-
def cloud_gov_production_space
|
49
|
-
if options[:cg_prod].present?
|
50
|
-
return options[:cg_prod]
|
51
|
-
elsif terraform_dir_exists?
|
52
|
-
prod_main = File.read(terraform_path.join("production", "main.tf"))
|
53
|
-
if (matches = prod_main.match(/cf_space_name\s+= "(?<space_name>.*)"/))
|
54
|
-
return matches[:space_name]
|
55
|
-
end
|
56
|
-
end
|
57
|
-
"prod"
|
58
|
-
end
|
59
|
-
|
60
|
-
def terraform_path
|
61
|
-
Pathname.new File.expand_path("terraform", destination_root)
|
62
|
-
end
|
63
|
-
|
64
|
-
def terraform_dir_exists?
|
65
|
-
Dir.exist? terraform_path
|
66
|
-
end
|
67
|
-
end
|
68
|
-
end
|