rails_template_18f 0.1.0 → 0.4.0

data/template.rb

@@ -10,6 +10,10 @@ def skip_git?
   !!options[:skip_git]
 end
 
+def skip_active_job?
+  !!options[:skip_active_job]
+end
+
 def webpack?
   adjusted_javascript_option == "webpack"
 end
@@ -48,25 +52,24 @@ unless Gem::Dependency.new("rails", "~> 7.0.0").match?("rails", Rails.gem_versio
 end
 
 # ask setup questions
-@terraform = yes?("Create terraform files for cloud.gov services? (y/n)")
+terraform = yes?("Create terraform files for cloud.gov services? (y/n)")
 @cloud_gov_organization = ask("What is your cloud.gov organization name? (Leave blank to fill in later)")
 default_staging_space = "staging"
-@cloud_gov_staging_space = ask("What is your cloud.gov staging space name? (Default: #{default_staging_space})")
+cloud_gov_staging_space = ask("What is your cloud.gov staging space name? (Default: #{default_staging_space})")
 default_prod_space = "prod"
-@cloud_gov_production_space = ask("What is your cloud.gov production space name? (Default: #{default_prod_space})")
+cloud_gov_production_space = ask("What is your cloud.gov production space name? (Default: #{default_prod_space})")
 @cloud_gov_organization = "TKTK-cloud.gov-org-name" if @cloud_gov_organization.blank?
-@cloud_gov_staging_space = default_staging_space if @cloud_gov_staging_space.blank?
-@cloud_gov_production_space = default_prod_space if @cloud_gov_production_space.blank?
+cloud_gov_staging_space = default_staging_space if cloud_gov_staging_space.blank?
+cloud_gov_production_space = default_prod_space if cloud_gov_production_space.blank?
 
 @github_actions = yes?("Create Github Actions? (y/n)")
 @circleci_pipeline = yes?("Create CircleCI config? (y/n)")
-@adrs = yes?("Create initial Architecture Decision Records? (y/n)")
-@newrelic = yes?("Create FEDRAMP New Relic config files? (y/n)")
-@dap = yes?("If this will be a public site, should we include Digital Analytics Program code? (y/n)")
-@supported_languages = [:en]
-@supported_languages.push(:es) if yes?("Add Spanish to supported locales, with starter es.yml? (y/n)")
-@supported_languages.push(:fr) if yes?("Add French to supported locales, with starter fr.yml? (y/n)")
-@supported_languages.push(:zh) if yes?("Add Simplified Chinese to supported locales, with starter zh.yml? (y/n)")
+newrelic = yes?("Create FEDRAMP New Relic config files? (y/n)")
+dap = yes?("If this will be a public site, should we include Digital Analytics Program code? (y/n)")
+supported_languages = []
+supported_languages.push(:es) if yes?("Add Spanish to supported locales, with starter es.yml? (y/n)")
+supported_languages.push(:fr) if yes?("Add French to supported locales, with starter fr.yml? (y/n)")
+supported_languages.push(:zh) if yes?("Add Simplified Chinese to supported locales, with starter zh.yml? (y/n)")
 
 running_node_version = `node --version`.gsub(/^v/, "").strip
 @node_version = ask("What version of NodeJS are you using? (Default: #{running_node_version})")
@@ -151,34 +154,16 @@ else
   "policy.style_src :self"
 end
 
-script_policy = [":self"]
-connect_policy = [":self"]
-image_policy = [":self", ":data"]
-
-if @newrelic
-  script_policy << '"https://js-agent.newrelic.com"'
-  script_policy << '"https://*.nr-data.net"'
-  connect_policy << '"https://*.nr-data.net"'
-end
-
-if @dap
-  image_policy << '"https://www.google-analytics.com"'
-  script_policy << '"https://dap.digitalgov.gov"'
-  script_policy << '"https://www.google-analytics.com"'
-  connect_policy << '"https://dap.digitalgov.gov"'
-  connect_policy << '"https://www.google-analytics.com"'
-end
-
 gsub_file csp_initializer, /^#   config.*\|policy\|$.+^#   end$/m, <<EOM
   config.content_security_policy do |policy|
     policy.default_src :self
     policy.font_src :self
     policy.form_action :self
     policy.frame_ancestors :none
-    policy.img_src #{image_policy.join(", ")}
+    policy.img_src :self, :data
     policy.object_src :none
-    policy.script_src #{script_policy.join(", ")}
-    policy.connect_src #{connect_policy.join(", ")}
+    policy.script_src :self
+    policy.connect_src :self
     #{style_policy}
   end
 EOM
@@ -187,32 +172,13 @@ uncomment_lines csp_initializer, "Rails.application"
 uncomment_lines csp_initializer, /end$/
 uncomment_lines csp_initializer, "content_security_policy_nonce"
 
-if @newrelic
-  gem "newrelic_rpm", "~> 8.4"
-  copy_file "config/newrelic.yml"
-
-  register_announcement("New Relic", <<~EOM)
-    A New Relic config file has been written to `config/newrelic.yml`
-
-    To get started sending metrics via New Relic APM:
-    1. Replace `<APPNAME>` with what is registered for your application in New Relic
-    2. Add your New Relic license key to the Rails credentials with key `new_relic_key`.
-    3. Comment out the `agent_enabled: false` line
-
-    To enable browser monitoring:
-    4. Embed the Javascript snippet provided  by New Relic into `application.html.erb`.
-    It is recommended to vary this based on environment  (i.e. include one snippet
-    for staging and another for production).
-  EOM
-end
-
+# install development & testing gems
 gem_group :development, :test do
   gem "rspec-rails", "~> 5.1"
   gem "dotenv-rails", "~> 2.7"
   gem "brakeman", "~> 5.2"
   gem "bundler-audit", "~> 0.9"
   gem "standard", "~> 1.7"
-  gem "i18n-tasks", "~> 0.9"
 end
 if ENV["RT_DEV"] == "true"
   gem "rails_template_18f", group: :development, path: ENV["PWD"]
@@ -222,11 +188,10 @@ end
 
 copy_file "lib/tasks/scanning.rake"
 copy_file "env", ".env"
+copy_file "githooks/pre-commit", ".githooks/pre-commit", mode: :preserve
 
 unless skip_git?
   rails_command "credentials:diff --enroll"
-  template "githooks/pre-commit", ".githooks/pre-commit"
-  chmod ".githooks/pre-commit", 0o755
   append_to_file ".gitignore", <<~EOM
 
     # Ignore local dotenv overrides
@@ -241,27 +206,7 @@ unless skip_git?
   EOM
 end
 
-# Setup translations
-@supported_languages.each do |language|
-  template "config/locales/#{language}.yml", force: true
-end
-application "config.i18n.available_locales = #{@supported_languages}"
-application "config.i18n.fallbacks = [:en]"
-after_bundle do
-  # Recommended by i18n-tasks
-  run "cp $(i18n-tasks gem-path)/templates/config/i18n-tasks.yml config/"
-end
-insert_into_file "app/helpers/application_helper.rb", <<'EOH', before: /^end$/
-  def format_active_locale(locale_string)
-    link_classes = "usa-nav__link"
-    if locale_string.to_sym == I18n.locale
-      link_classes = "#{link_classes} usa-current"
-    end
-    link_to t("shared.languages.#{locale_string}"), root_path(locale: locale_string), class: link_classes
-  end
-EOH
-
-# setup USWDS
+# setup USWDS and asset pipeline
 copy_file "browserslistrc", ".browserslistrc" if webpack?
 uncomment_lines "Gemfile", "sassc-rails" # use sassc-rails for asset minification in prod
 after_bundle do
@@ -313,7 +258,7 @@ after_bundle do
     @import "uswds-settings.scss";
     @import "../../../node_modules/uswds/dist/scss/uswds.scss";
   EOCSS
-  gsub_file "app/views/layouts/application.html.erb", "<html>", "<html lang=\"en\">"
+  gsub_file "app/views/layouts/application.html.erb", "<html>", '<html lang="<%= I18n.locale %>">'
   gsub_file "app/views/layouts/application.html.erb", /^\s+<%= yield %>/, <<-EOHTML
     <%= render "application/usa_banner" %>
     <%= render "application/header" %>
@@ -328,32 +273,14 @@ end
 directory "app/views/application"
 
 after_bundle do
+  # install and configure RSpec
   generate "rspec:install"
   gsub_file "spec/spec_helper.rb", /^=(begin|end)$/, ""
 
-  # Setup the PagesController, locale routes, and home (root) route
+  # Setup the PagesController and home (root) route
   generate :controller, "pages", "home", "--skip-routes", "--no-helper", "--no-assets"
+  route "root 'pages#home'"
 
-  if @supported_languages.count > 1
-    locale_switching = <<~EOM
-      around_action :switch_locale
-
-      def switch_locale(&action)
-        locale = params[:locale] || I18n.default_locale
-        I18n.with_locale(locale, &action)
-      end
-    EOM
-    insert_into_file "app/controllers/application_controller.rb", locale_switching, before: /^end/
-
-    route <<-'EOM'
-      scope "(:locale)", locale: /#{I18n.available_locales.join('|')}/ do
-        # Your application routes here
-        root 'pages#home'
-      end
-    EOM
-  else
-    route "root 'pages#home'"
-  end
   gsub_file "spec/requests/pages_spec.rb", "/pages/home", "/"
   gsub_file "spec/views/pages/home.html.erb_spec.rb", "  pending \"add some examples to (or delete) \#{__FILE__}\"", <<-EOM
   it "displays the gov banner" do
@@ -362,34 +289,48 @@ after_bundle do
   end
   EOM
 
-  if run_db_setup
-    rails_command "db:create"
-    rails_command "db:migrate"
+  # Setup translations
+  generate "rails_template18f:i18n", "--languages=#{supported_languages.join(",")}", "--force"
+end
+
+# install ADRs and compliance documentation
+directory "doc"
+register_announcement("Documentation", <<~EOM)
+  * Include a short description of your application in doc/compliance/apps/application.boundary.md
+  * Remember to keep your Logical Data Model up to date in doc/compliance/apps/data.logical.md
+EOM
+
+if newrelic
+  after_bundle do
+    generate "rails_template18f:newrelic"
+  end
+  register_announcement("New Relic", <<~EOM)
+    A New Relic config file has been written to `config/newrelic.yml`
+
+    See instructions in README to get started sending data to New Relic
+  EOM
+end
+
+if dap
+  after_bundle do
+    generate "rails_template18f:dap"
   end
+  register_announcement("Digital Analytics Program", "Update the DAP agency code in app/views/layouts/application.html.erb")
 end
 
 # infrastructure & deploy
 template "manifest.yml"
 copy_file "lib/tasks/cf.rake"
 directory "config/deployment"
-after_bundle do
-  run "cp .gitignore .cfignore" unless skip_git?
-end
 
-if @terraform
-  directory "terraform", mode: :preserve
-  chmod "terraform/bootstrap/run.sh", 0o755
-  chmod "terraform/bootstrap/teardown_creds.sh", 0o755
-  unless skip_git?
-    append_to_file ".gitignore", <<~EOM
-
-      # Terraform
-      .terraform.lock.hcl
-      **/.terraform/*
-      secrets.auto.tfvars
-      terraform.tfstate
-      terraform.tfstate.backup
-    EOM
+if terraform
+  after_bundle do
+    generator_arguments = [
+      "--cg-org=#{@cloud_gov_organization}",
+      "--cg-staging=#{cloud_gov_staging_space}",
+      "--cg-prod=#{cloud_gov_production_space}"
+    ]
+    generate "rails_template18f:terraform", *generator_arguments
   end
   if cloud_gov_org_tktk?
     register_announcement("Terraform", <<~EOM)
@@ -402,13 +343,25 @@ if @terraform
   register_announcement("Terraform", "Run the bootstrap script and update the appropriate CI/CD environment variables defined in the Deployment section of the README")
 end
 
+if !skip_active_job?
+  after_bundle do
+    generate "rails_template18f:sidekiq"
+  end
+end
+
+if !skip_active_storage?
+  after_bundle do
+    generate "rails_template18f:active_storage"
+  end
+end
+
 if @github_actions
   after_bundle do
     generator_arguments = [
-      (@terraform ? "--terraform" : "--no-terraform"),
+      (terraform ? "--terraform" : "--no-terraform"),
       "--cg-org=#{@cloud_gov_organization}",
-      "--cg-staging=#{@cloud_gov_staging_space}",
-      "--cg-prod=#{@cloud_gov_production_space}"
+      "--cg-staging=#{cloud_gov_staging_space}",
+      "--cg-prod=#{cloud_gov_production_space}"
     ]
     generate "rails_template18f:github_actions", *generator_arguments
   end
@@ -425,10 +378,10 @@ end
 if @circleci_pipeline
   after_bundle do
     generator_arguments = [
-      (@terraform ? "--terraform" : "--no-terraform"),
+      (terraform ? "--terraform" : "--no-terraform"),
       "--cg-org=#{@cloud_gov_organization}",
-      "--cg-staging=#{@cloud_gov_staging_space}",
-      "--cg-prod=#{@cloud_gov_production_space}"
+      "--cg-staging=#{cloud_gov_staging_space}",
+      "--cg-prod=#{cloud_gov_production_space}"
     ]
     generate "rails_template18f:circleci", *generator_arguments
   end
@@ -437,29 +390,6 @@ if @circleci_pipeline
   EOM
 end
 
-if @adrs
-  directory "doc"
-else
-  directory "doc/compliance"
-end
-register_announcement("Documentation", <<~EOM)
-  * Include a short description of your application in doc/compliance/apps/application.boundary.md
-  * Remember to keep your Logical Data Model up to date in doc/compliance/apps/data.logical.md
-EOM
-
-if @dap
-  after_bundle do
-    insert_into_file "app/views/layouts/application.html.erb", <<-EODAP, before: /^\s+<\/head>/
-
-    <% if Rails.env.production? %>
-      <!-- We participate in the US government's analytics program. See the data at analytics.usa.gov. -->
-      <%= javascript_include_tag "https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA", async: true, id:"_fed_an_ua_tag" %>
-    <% end %>
-    EODAP
-  end
-  register_announcement("Digital Analytics Program", "Update the DAP agency code in app/views/layouts/application.html.erb")
-end
-
 # setup production credentials file
 require "rails/generators"
 require "rails/generators/rails/encryption_key_file/encryption_key_file_generator"
@@ -488,6 +418,11 @@ EOM
 
 # ensure this is the very last step
 after_bundle do
+  if run_db_setup
+    rails_command "db:create"
+    rails_command "db:migrate"
+  end
+
   # x86_64-linux is required to install gems on any linux system such as cloud.gov or CI pipelines
   run "bundle lock --add-platform x86_64-linux"
 
@@ -497,10 +432,11 @@ after_bundle do
   run "bundle exec standardrb --fix"
 
   unless skip_git?
+    run "cp .gitignore .cfignore"
     git add: "."
     git commit: "-a -m 'Initial commit'"
   end
 
-  # Post-install announcement
+  # Post-install announcements
   print_announcements
 end

data/templates/README.md.tt

@@ -53,10 +53,9 @@ TBD
 
 The system's Content-Security-Policy header prevents `<script>` and `<style>` tags from working without further
 configuration. Use `<%%= javascript_tag nonce: true %>` for inline javascript.
-<% if @adrs %>
+
 See the [CSP compliant script tag helpers](./doc/adr/0004-rails-csp-compliant-script-tag-helpers.md) ADR for
 more information on setting these up successfully.
-<% end %>
 
 ## Internationalization
 
@@ -101,10 +100,9 @@ Run everything: `bundle exec rake`
 
 When new pages are added to the application, ensure they are added to `./.pa11yci` so that they can be scanned.
 
-### Automatic linting <% if @terraform %>and terraform formatting<% end %>
+### Automatic linting
 
-To enable automatic ruby linting<% if @terraform %> and terraform formatting<% end %> on every `git commit`
-follow the instructions at the top of `.githooks/pre-commit`
+To enable automatic ruby linting on every `git commit` follow the instructions at the top of `.githooks/pre-commit`
 
 ## CI/CD
 
@@ -114,24 +112,16 @@ Each environment has dependencies on a PostgreSQL RDS instance managed by cloud.
 See [cloud.gov docs](https://cloud.gov/docs/services/relational-database/) for information on RDS.
 
 #### Staging
-
 <% if !@github_actions && !@circleci_pipeline %>
-<% if @terraform %>
-Follow the instructions in `terraform/README.md` to create the supporting services.
-<% else %>
 Before the first deploy only, create DB service with `cf create-service aws-rds micro-psql <%= app_name %>-rds-staging`
-<% end %>
+
 `cf push --strategy rolling --vars-file config/deployment/staging.yml --var rails_master_key=$(cat config/master.key)`
 <% end %>
 
 #### Production
-
 <% if !@github_actions && !@circleci_pipeline %>
-<% if @terraform %>
-Follow the instructions in `terraform/README.md` to create the supporting services.
-<% else %>
 Before the first deploy only, create DB service with `cf create-service aws-rds <<SERVICE_PLAN_NAME>> <%= app_name %>-rds-production`
-<% end %>
+
 `cf push --strategy rolling --vars-file config/deployment/production.yml --var rails_master_key=$(cat config/credentials/production.key)`
 <% end %>
 
@@ -150,34 +140,8 @@ Otherwise, they are set as a `((variable))` within `manifest.yml` and the variab
 
 Configuration that changes from staging to production, but is public, should be added to `config/deployment/staging.yml` and `config/deployment/production.yml`
 
-<% if @newrelic %>
-## Monitoring with New Relic
-
-The [New Relic Ruby agent](https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/introduction-new-relic-ruby) has been installed for monitoring this application.
-
-The config lives at `config/newrelic.yml`, and points to a [FEDRAMP version of the New Relic service as its host](https://docs.newrelic.com/docs/security/security-privacy/compliance/fedramp-compliant-endpoints/). To access the metrics dashboard, you will need to be connected to VPN.
-
-### Getting started
-
-To get started sending metrics via New Relic APM:
-1. Replace `<APPNAME>` in `config/newrelic.yml` with what is registered for your application in New Relic
-1. Add your New Relic license key to the Rails credentials with key `new_relic_key`.
-1. Comment out the `agent_enabled: false` line in `config/newrelic.yml`
-1. Add the [Javascript snippet provided by New Relic](https://docs.newrelic.com/docs/browser/browser-monitoring/installation/install-browser-monitoring-agent) into `application.html.erb`. It is recommended to vary this based on environment (i.e. include one snippet for staging and another for production).
-<% end %>
-
-<% if @dap %>
-## Analytics
-
-Digital Analytics Program (DAP) code has been included for the Production environment, associated with GSA.
-
-If <%= app_name.titleize %> is for another agency, update the agency line in `app/views/layouts/application.html.erb`
-<% end %>
-
 ## Documentation
 
-<% if @adrs %>
-
 Architectural Decision Records (ADR) are stored in `doc/adr`
 To create a new ADR, first install [ADR-tools](https://github.com/npryce/adr-tools) if you don't
 already have it installed.
@@ -187,7 +151,6 @@ Then create the ADR:
 *  `adr new Title Of Architectural Decision`
 
 This will create a new, numbered ADR in the `doc/adr` directory.
-<% end %>
 
 Compliance diagrams are stored in `doc/compliance`. See the README there for more information on
 generating diagram updates.
@@ -197,8 +160,8 @@ generating diagram updates.
 *This will continue to evolve as the project moves forward.*
 
 * Pull down the most recent main before checking out a branch
-* Write your code<% if @adrs %>
-* If a big architectural decision was made, add an ADR<% end %>
+* Write your code
+* If a big architectural decision was made, add an ADR
 * Submit a PR
   * If you added functionality, please add tests.
   * All tests must pass!

data/templates/config/deployment/staging.yml

@@ -1,3 +1,3 @@
 env: staging
 web_instances: 1
-web_memory: 512M
+web_memory: 256M

data/templates/config/environments/ci.rb

@@ -1,7 +1,6 @@
 require_relative "./production"
 
 Rails.application.configure do
-  config.assets.compile = true
   config.public_file_server.enabled = true
 
   logger = ActiveSupport::Logger.new($stdout)

data/templates/doc/compliance/apps/application.boundary.md.tt

@@ -11,6 +11,7 @@ LAYOUT_WITH_LEGEND()
 title application boundary view
 
 Person_Ext(public, "Public", "A member of the public")
+Person(developer, "Developer", "Application developers")
 
 Boundary(device, "Computing Device", "Windows, OS X, Linux, iOS, Android"){
     System_Ext(browser, "Web Browser", "any modern version")
@@ -29,49 +30,21 @@ Boundary(aws, "AWS GovCloud") {
             System_Boundary(inventory, "Application") {
                 Container(app, "<&layers> <%= app_name.titleize %>", "Ruby <%= @ruby_version %>, Rails <%= Rails.version %>", "TKTK Application Description")
                 ContainerDb(app_db, "Application DB", "AWS RDS (PostgreSQL)", "Primary data storage")
-                <% if !skip_active_storage? %>
-                ContainerDb(app_s3, "File Storage", "AWS S3", "User-uploaded file storage")
-                <% end %>
             }
         }
     }
 }
 
-
 Boundary(gsa_saas, "GSA-authorized SaaS") {
-    <% if @dap %>
-    System_Ext(dap, "DAP", "Analytics collection")
-    <% end %>
-    <% if @newrelic %>
-    System_Ext(newrelic, "New Relic", "Monitoring SaaS")
-    <% end %>
 }
-<% if @dap %>
-Rel(browser, dap, "reports usage", "https (443)")
-<% end %>
-<% if @newrelic %>
-Rel(app, newrelic, "reports telemetry (ruby agent)", "tcp (443)")
-Rel(browser, newrelic, "reports ux metrics (javascript agent)", "https (443)")
-<% end %>
+
+Boundary(cicd, "CI/CD Pipeline") {
+}
 
 Rel(browser, aws_alb, "request info, submit requests", "https GET/POST (443)")
 Rel(aws_alb, cloudgov_router, "proxies requests", "https GET/POST (443)")
 Rel(cloudgov_router, app, "proxies requests", "https GET/POST (443)")
 Rel(app, app_db, "reads/writes primary data", "psql (5432)")
-<% if !skip_active_storage? %>
-Rel(app, app_s3, "reads/writes file data", "https (443)")
-<% end %>
-
-Person(developer, "Developer", "Application developers")
-Boundary(cicd, "CI/CD Pipeline") {
-}
-
-<% if @dap %>
-Rel(developer, dap, "View traffic statistics", "https GET (443)")
-<% end %>
-<% if @newrelic %>
-Rel(developer, newrelic, "Manage performance", "https (443)")
-<% end %>
 @enduml
 ```
 

data/templates/githooks/{pre-commit.tt → pre-commit}

@@ -18,18 +18,3 @@ if [ $linter_status -ne 0 ]; then
     echo "Fix above before committing. Run 'git commit -n' to bypass linter."
     exit 1
 fi
-
-<% if @terraform %>
-echo "Running Terraform formatter"
-# imitates https://github.com/HHS/Head-Start-TTADP/blob/3b72ff05d94fab4cda877c63d8cd6970f0eeffc7/.githooks/pre-commit
-
-files=$(git diff --cached --name-only terraform)
-for f in $files
-do
-  # Format any *.tf files that were cached/staged
-  if [ -e "$f" ] && [[ $f == *.tf ]]; then
-    terraform fmt "$f"
-    git add "$f"
-  fi
-done
-<% end %>

data/templates/manifest.yml.tt

@@ -8,8 +8,7 @@ applications:
     RAILS_MASTER_KEY: ((rails_master_key))
     RAILS_ENV: ((env))
     RAILS_LOG_TO_STDOUT: true
-    RAILS_SERVE_STATIC_FILES: true<% if @newrelic %>
-    NEW_RELIC_LOG: stdout<% end %>
+    RAILS_SERVE_STATIC_FILES: true
   processes:
   - type: web
     instances: ((web_instances))