rails_template_18f 0.2.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/Gemfile +0 -2
- data/Gemfile.lock +3 -2
- data/README.md +12 -15
- data/exe/rails_template_18f +60 -0
- data/lib/generators/rails_template18f/active_storage/active_storage_generator.rb +142 -0
- data/lib/generators/rails_template18f/active_storage/templates/app/jobs/file_scan_job.rb +33 -0
- data/lib/generators/rails_template18f/active_storage/templates/app/models/file_upload.rb +25 -0
- data/lib/generators/rails_template18f/active_storage/templates/doc/adr/clamav.md.tt +30 -0
- data/lib/generators/rails_template18f/active_storage/templates/spec/jobs/file_scan_job_spec.rb +35 -0
- data/lib/generators/rails_template18f/active_storage/templates/spec/models/file_upload_spec.rb +38 -0
- data/lib/generators/rails_template18f/circleci/circleci_generator.rb +4 -1
- data/lib/generators/rails_template18f/cloud_gov_config/cloud_gov_config_generator.rb +29 -0
- data/lib/generators/rails_template18f/cloud_gov_config/templates/app/models/cloud_gov_config.rb +15 -0
- data/lib/generators/rails_template18f/cloud_gov_config/templates/spec/models/cloud_gov_config_spec.rb +44 -0
- data/lib/generators/rails_template18f/i18n/i18n_generator.rb +106 -0
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/en.yml.tt +3 -3
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/es.yml +3 -3
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/fr.yml +3 -6
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/zh.yml +0 -0
- data/lib/generators/rails_template18f/i18n_js/i18n_js_generator.rb +59 -0
- data/lib/generators/rails_template18f/i18n_js/templates/lib/tasks/i18n.rake +9 -0
- data/lib/generators/rails_template18f/newrelic/newrelic_generator.rb +2 -0
- data/lib/generators/rails_template18f/sidekiq/sidekiq_generator.rb +72 -0
- data/lib/generators/rails_template18f/sidekiq/templates/config/initializers/redis.rb +14 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/production/main.tf.tt +37 -5
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/main.tf.tt +50 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/providers.tf +16 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/variables.tf +47 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/main.tf.tt +23 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/providers.tf +16 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/variables.tf +42 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/staging/main.tf.tt +37 -5
- data/lib/generators/rails_template18f/terraform/terraform_generator.rb +0 -11
- data/lib/rails_template18f/app_updater.rb +19 -0
- data/lib/rails_template18f/generators/base.rb +37 -5
- data/lib/rails_template18f/generators/cloud_gov_options.rb +0 -4
- data/lib/rails_template18f/version.rb +1 -1
- data/rails-template-18f.gemspec +2 -0
- data/template.rb +78 -96
- data/templates/config/deployment/staging.yml +1 -1
- data/templates/config/environments/ci.rb +0 -1
- data/templates/doc/compliance/apps/application.boundary.md.tt +0 -7
- metadata +59 -8
@@ -0,0 +1,106 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class I18nGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
class_option :languages, default: "es,fr,zh", desc: "Comma separated list of supported language short codes"
|
11
|
+
|
12
|
+
desc <<~DESC
|
13
|
+
Description:
|
14
|
+
Install translation framework and configuration for given languages.
|
15
|
+
Always installs configuration for English
|
16
|
+
DESC
|
17
|
+
|
18
|
+
def install_gem
|
19
|
+
return if gem_installed?("i18n-tasks")
|
20
|
+
gem_group :development, :test do
|
21
|
+
gem "i18n-tasks", "~> 0.9"
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def install_helper_tasks
|
26
|
+
bundle_install do
|
27
|
+
run "cp $(i18n-tasks gem-path)/templates/config/i18n-tasks.yml config/"
|
28
|
+
run "cp $(i18n-tasks gem-path)/templates/rspec/i18n_spec.rb spec/"
|
29
|
+
end
|
30
|
+
insert_into_file "config/i18n-tasks.yml", "\n#{indent("- app/assets/builds", 4)}", after: "exclude:"
|
31
|
+
uncomment_lines "config/i18n-tasks.yml", "ignore_missing:"
|
32
|
+
insert_into_file "config/i18n-tasks.yml", indent(<<~EOM), after: "ignore_missing:\n"
|
33
|
+
- 'shared.languages.*'
|
34
|
+
- 'shared.header.{title,close,demo_banner,menu}'
|
35
|
+
EOM
|
36
|
+
end
|
37
|
+
|
38
|
+
def install_translations
|
39
|
+
inside "config/locales" do
|
40
|
+
template "en.yml"
|
41
|
+
languages.each do |lang|
|
42
|
+
copy_file "#{lang}.yml"
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def configure_i18n
|
48
|
+
application "config.i18n.fallbacks = [:en]"
|
49
|
+
available_regex = /^(\s*config.i18n.available_locales).*$/
|
50
|
+
if file_content("config/application.rb").match?(available_regex)
|
51
|
+
gsub_file "config/application.rb", available_regex, "\\1 = #{supported_languages}"
|
52
|
+
else
|
53
|
+
application "config.i18n.available_locales = #{supported_languages}"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def install_nav_helper
|
58
|
+
inject_into_module "app/helpers/application_helper.rb", "ApplicationHelper", indent(<<~'EOH')
|
59
|
+
def format_active_locale(locale_string)
|
60
|
+
link_classes = "usa-nav__link"
|
61
|
+
if locale_string.to_sym == I18n.locale
|
62
|
+
link_classes = "#{link_classes} usa-current"
|
63
|
+
end
|
64
|
+
link_to t("shared.languages.#{locale_string}"), root_path(locale: locale_string), class: link_classes
|
65
|
+
end
|
66
|
+
EOH
|
67
|
+
end
|
68
|
+
|
69
|
+
def install_around_action
|
70
|
+
return if languages.empty?
|
71
|
+
inject_into_class "app/controllers/application_controller.rb", "ApplicationController", indent(<<~EOM)
|
72
|
+
around_action :switch_locale
|
73
|
+
|
74
|
+
def switch_locale(&action)
|
75
|
+
locale = params[:locale] || I18n.default_locale
|
76
|
+
I18n.with_locale(locale, &action)
|
77
|
+
end
|
78
|
+
EOM
|
79
|
+
end
|
80
|
+
|
81
|
+
def install_route
|
82
|
+
return if languages.empty?
|
83
|
+
return if file_content("config/routes.rb").match?(/scope "\(:locale\)"/)
|
84
|
+
regex = /(^.+\.routes\.draw do\s*$)\n(.*)^end$/m
|
85
|
+
gsub_file "config/routes.rb", regex, <<~'EOR'
|
86
|
+
\1
|
87
|
+
scope "(:locale)", locale: /#{I18n.available_locales.join("|")}/ do
|
88
|
+
# Your application routes go here
|
89
|
+
\2
|
90
|
+
end
|
91
|
+
end
|
92
|
+
EOR
|
93
|
+
end
|
94
|
+
|
95
|
+
private
|
96
|
+
|
97
|
+
def supported_languages
|
98
|
+
@supported_languages ||= [:en, *languages]
|
99
|
+
end
|
100
|
+
|
101
|
+
def languages
|
102
|
+
@languages ||= options[:languages].split(",").map(&:to_sym)
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
@@ -12,11 +12,11 @@ en:
|
|
12
12
|
secure_heading: Secure .gov websites use HTTPS
|
13
13
|
us_flag: U.S. Flag
|
14
14
|
header:
|
15
|
-
title: <%= app_name.titleize %>
|
16
|
-
menu: Menu
|
17
15
|
close: Close
|
18
|
-
primary: Primary navigation
|
19
16
|
demo_banner: TEST SITE - Do not use real personal information (demo purposes only) - TEST SITE
|
17
|
+
menu: Menu
|
18
|
+
primary: Primary navigation
|
19
|
+
title: <%= app_name.titleize %>
|
20
20
|
languages:
|
21
21
|
en: English
|
22
22
|
es: Español
|
@@ -12,8 +12,8 @@ es:
|
|
12
12
|
secure_heading: Los sitios web seguros .gov usan HTTPS
|
13
13
|
us_flag: Bandera de Estados Unidos
|
14
14
|
header:
|
15
|
-
menu: Menú
|
16
15
|
close: Cerrar
|
17
|
-
primary: Navegacion primaria
|
18
16
|
demo_banner: SITIO DE PRUEBA - No utilice información personal real (sólo para propósitos de demostración) - SITIO DE PRUEBA
|
19
|
-
|
17
|
+
menu: Menú
|
18
|
+
primary: Navegacion primaria
|
19
|
+
skip_link: Salte al contenido principal
|
@@ -8,15 +8,12 @@ fr:
|
|
8
8
|
lock: Verrou
|
9
9
|
locked_padlock: Verrou fermé
|
10
10
|
official_site: Un site web officiel du gouvernement des États-Unis
|
11
|
-
secure_description_html: Un <strong>verrou</strong> (%{lock_icon}) ou
|
12
|
-
<strong>https://</strong> signifie que vous êtes connecté en toute
|
13
|
-
sécurité au site Web .gov. Partagez des informations sensibles
|
14
|
-
uniquement sur des sites Web officiels et sécurisés.
|
11
|
+
secure_description_html: Un <strong>verrou</strong> (%{lock_icon}) ou <strong>https://</strong> signifie que vous êtes connecté en toute sécurité au site Web .gov. Partagez des informations sensibles uniquement sur des sites Web officiels et sécurisés.
|
15
12
|
secure_heading: Les sites Web sécurisés .gov utilisent HTTPS
|
16
13
|
us_flag: Drapeau américain
|
17
14
|
header:
|
18
|
-
menu: Menu
|
19
15
|
close: Fermer
|
20
|
-
primary: Navigation primaire
|
21
16
|
demo_banner: SITE DE TEST - N’utilisez pas de véritables données personnelles (il s’agit d’une démonstration seulement) - SITE DE TEST
|
17
|
+
menu: Menu
|
18
|
+
primary: Navigation primaire
|
22
19
|
skip_link: Passer au contenu principal
|
File without changes
|
@@ -0,0 +1,59 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class I18nJsGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
desc <<~DESC
|
11
|
+
Description:
|
12
|
+
Install and configure i18n-js gem to provide translations to JS code.
|
13
|
+
|
14
|
+
By default, will only export translations with keys that match `*.js.*`
|
15
|
+
DESC
|
16
|
+
|
17
|
+
def install_gem_and_tasks
|
18
|
+
return if gem_installed?("i18n-js")
|
19
|
+
gem "i18n-js", "~> 3.9"
|
20
|
+
bundle_install do
|
21
|
+
run "yarn add i18n-js"
|
22
|
+
generate "i18n:js:config"
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def configure_translation_yaml
|
27
|
+
append_to_file "config/i18n-js.yml", <<~EOYAML
|
28
|
+
# remove `only` to include all translations
|
29
|
+
translations:
|
30
|
+
- file: "app/assets/builds/translations.js"
|
31
|
+
only: "*.js.*"
|
32
|
+
EOYAML
|
33
|
+
end
|
34
|
+
|
35
|
+
def configure_asset_pipeline
|
36
|
+
copy_file "lib/tasks/i18n.rake"
|
37
|
+
environment "config.middleware.use I18n::JS::Middleware", env: :development
|
38
|
+
insert_into_file "app/views/layouts/application.html.erb", indent(<<~EOHTML, 4), after: /<%= stylesheet_link_tag "application".*$\n/
|
39
|
+
<%= javascript_include_tag "i18n", "data-turbo-track": "reload" %>
|
40
|
+
<%= javascript_include_tag "translations", "data-turbo-track": "reload" %>
|
41
|
+
EOHTML
|
42
|
+
append_to_file "app/assets/config/manifest.js", <<~EOJS
|
43
|
+
//= link i18n.js
|
44
|
+
//= link translations.js
|
45
|
+
EOJS
|
46
|
+
end
|
47
|
+
|
48
|
+
def ignore_generated_file
|
49
|
+
unless skip_git?
|
50
|
+
append_to_file ".gitignore", <<~EOM
|
51
|
+
|
52
|
+
# Generated by i18n-js
|
53
|
+
/public/javascripts/i18n.js
|
54
|
+
EOM
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# export translations as part of asset precompile
|
2
|
+
|
3
|
+
Rake::Task["assets:precompile"].enhance(["i18n:js:export"])
|
4
|
+
|
5
|
+
if Rake::Task.task_defined?("test:prepare")
|
6
|
+
Rake::Task["test:prepare"].enhance(["i18n:js:export"])
|
7
|
+
elsif Rake::Task.task_defined?("db:test:prepare")
|
8
|
+
Rake::Task["db:test:prepare"].enhance(["i18n:js:export"])
|
9
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class SidekiqGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
desc <<~DESC
|
11
|
+
Description:
|
12
|
+
Install Sidekiq and configure it as the ActiveJob backend
|
13
|
+
DESC
|
14
|
+
|
15
|
+
def install_gem
|
16
|
+
return if gem_installed?("sidekiq")
|
17
|
+
gem "sidekiq", "~> 6.4"
|
18
|
+
bundle_install
|
19
|
+
end
|
20
|
+
|
21
|
+
def configure_server_runner
|
22
|
+
append_to_file "Procfile.dev", "worker: bundle exec sidekiq\n"
|
23
|
+
insert_into_file "manifest.yml", indent(<<~EOYAML), after: /processes:$\n/
|
24
|
+
- type: worker
|
25
|
+
instances: ((worker_instances))
|
26
|
+
memory: ((worker_memory))
|
27
|
+
command: bundle exec sidekiq
|
28
|
+
EOYAML
|
29
|
+
insert_into_file "manifest.yml", "\n - #{app_name}-redis-((env))", after: "services:"
|
30
|
+
inside "config/deployment" do
|
31
|
+
append_to_file "staging.yml", <<~EOYAML
|
32
|
+
worker_instances: 1
|
33
|
+
worker_memory: 256M
|
34
|
+
EOYAML
|
35
|
+
append_to_file "production.yml", <<~EOYAML
|
36
|
+
worker_instances: 1
|
37
|
+
worker_memory: 512M
|
38
|
+
EOYAML
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def configure_active_job
|
43
|
+
generate "rails_template18f:cloud_gov_config", inline: true
|
44
|
+
copy_file "config/initializers/redis.rb"
|
45
|
+
application "config.active_job.queue_adapter = :sidekiq"
|
46
|
+
end
|
47
|
+
|
48
|
+
def configure_sidekiq_ui
|
49
|
+
prepend_to_file "config/routes.rb", "require \"sidekiq/web\"\n\n"
|
50
|
+
route <<~EOR
|
51
|
+
if Rails.env.development?
|
52
|
+
mount Sidekiq::Web => "/sidekiq"
|
53
|
+
end
|
54
|
+
EOR
|
55
|
+
end
|
56
|
+
|
57
|
+
def update_boundary_diagram
|
58
|
+
boundary_filename = "doc/compliance/apps/application.boundary.md"
|
59
|
+
|
60
|
+
insert_into_file boundary_filename, indent(<<~EOB, 16), after: /ContainerDb\(app_db.*$\n/
|
61
|
+
Container(worker, "<&layers> Sidekiq workers", "Ruby #{ruby_version}, Sidekiq", "Perform background work and data processing")
|
62
|
+
ContainerDb(redis, "Redis Database", "AWS ElastiCache (Redis)", "Background job queue")
|
63
|
+
EOB
|
64
|
+
insert_into_file boundary_filename, <<~EOB, before: "@enduml"
|
65
|
+
Rel(app, redis, "enqueue job parameters", "redis")
|
66
|
+
Rel(worker, redis, "dequeues job parameters", "redis")
|
67
|
+
Rel(worker, app_db, "reads/writes primary data", "psql (5432)")
|
68
|
+
EOB
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Rails.application.config.to_prepare do
|
4
|
+
redis_url = CloudGovConfig.dig "aws-elasticache-redis", "credentials", "uri"
|
5
|
+
if redis_url.present?
|
6
|
+
Sidekiq.configure_server do |config|
|
7
|
+
config.redis = {url: redis_url, ssl: true}
|
8
|
+
end
|
9
|
+
|
10
|
+
Sidekiq.configure_client do |config|
|
11
|
+
config.redis = {url: redis_url, ssl: true}
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -16,17 +16,49 @@ module "database" {
|
|
16
16
|
recursive_delete = local.recursive_delete
|
17
17
|
rds_plan_name = "TKTK-production-rds-plan"
|
18
18
|
}
|
19
|
+
<% if has_active_job? %>
|
20
|
+
module "redis" {
|
21
|
+
source = "../shared/redis"
|
19
22
|
|
23
|
+
cf_user = var.cf_user
|
24
|
+
cf_password = var.cf_password
|
25
|
+
cf_org_name = local.cf_org_name
|
26
|
+
cf_space_name = local.cf_space_name
|
27
|
+
env = local.env
|
28
|
+
recursive_delete = local.recursive_delete
|
29
|
+
redis_plan_name = "TKTK-production-redis-plan"
|
30
|
+
}
|
31
|
+
<% end %>
|
20
32
|
<% if has_active_storage? %>
|
21
33
|
module "s3" {
|
22
34
|
source = "../shared/s3"
|
23
35
|
|
24
|
-
cf_user
|
25
|
-
cf_password
|
26
|
-
cf_org_name
|
27
|
-
cf_space_name
|
28
|
-
|
36
|
+
cf_user = var.cf_user
|
37
|
+
cf_password = var.cf_password
|
38
|
+
cf_org_name = local.cf_org_name
|
39
|
+
cf_space_name = local.cf_space_name
|
40
|
+
recursive_delete = local.recursive_delete
|
41
|
+
s3_service_name = "<%= app_name %>-s3-${local.env}"<% if cloud_gov_organization == "sandbox-gsa" %>
|
42
|
+
s3_plan_name = "basic-sandbox"<% end %>
|
29
43
|
}
|
44
|
+
|
45
|
+
###########################################################################
|
46
|
+
# The following lines need to be commented out for the initial `terraform apply`
|
47
|
+
# It can be re-enabled after:
|
48
|
+
# 1) the app has first been deployed
|
49
|
+
# 2) Your organization has sufficient memory. Each clamav app requires 3GB
|
50
|
+
###########################################################################
|
51
|
+
# module "clamav" {
|
52
|
+
# source = "../shared/clamav"
|
53
|
+
#
|
54
|
+
# cf_user = var.cf_user
|
55
|
+
# cf_password = var.cf_password
|
56
|
+
# cf_org_name = local.cf_org_name
|
57
|
+
# cf_space_name = local.cf_space_name
|
58
|
+
# env = local.env
|
59
|
+
# clamav_image = "ajilaag/clamav-rest:20211229"
|
60
|
+
# max_file_size = "30M"
|
61
|
+
# }
|
30
62
|
<% end %>
|
31
63
|
|
32
64
|
###########################################################################
|
@@ -0,0 +1,50 @@
|
|
1
|
+
###
|
2
|
+
# Target space/org
|
3
|
+
###
|
4
|
+
|
5
|
+
data "cloudfoundry_space" "space" {
|
6
|
+
org_name = var.cf_org_name
|
7
|
+
name = var.cf_space_name
|
8
|
+
}
|
9
|
+
|
10
|
+
data "cloudfoundry_domain" "internal" {
|
11
|
+
name = "apps.internal"
|
12
|
+
}
|
13
|
+
|
14
|
+
data "cloudfoundry_app" "app" {
|
15
|
+
name_or_id = "<%= app_name %>-${var.env}"
|
16
|
+
space = data.cloudfoundry_space.space.id
|
17
|
+
}
|
18
|
+
|
19
|
+
###
|
20
|
+
# ClamAV API app
|
21
|
+
###
|
22
|
+
|
23
|
+
resource "cloudfoundry_route" "clamav_route" {
|
24
|
+
space = data.cloudfoundry_space.space.id
|
25
|
+
domain = data.cloudfoundry_domain.internal.id
|
26
|
+
hostname = "<%= app_name %>-clamapi-${var.env}"
|
27
|
+
}
|
28
|
+
|
29
|
+
resource "cloudfoundry_app" "clamav_api" {
|
30
|
+
name = "<%= app_name %>-clamav-api-${var.env}"
|
31
|
+
space = data.cloudfoundry_space.space.id
|
32
|
+
memory = var.clamav_memory
|
33
|
+
disk_quota = 2048
|
34
|
+
timeout = 600
|
35
|
+
docker_image = var.clamav_image
|
36
|
+
routes {
|
37
|
+
route = cloudfoundry_route.clamav_route.id
|
38
|
+
}
|
39
|
+
environment = {
|
40
|
+
MAX_FILE_SIZE = var.max_file_size
|
41
|
+
}
|
42
|
+
}
|
43
|
+
|
44
|
+
resource "cloudfoundry_network_policy" "clamav_routing" {
|
45
|
+
policy {
|
46
|
+
source_app = data.cloudfoundry_app.app.id
|
47
|
+
destination_app = cloudfoundry_app.clamav_api.id
|
48
|
+
port = "9443"
|
49
|
+
}
|
50
|
+
}
|
data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/providers.tf
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
terraform {
|
2
|
+
required_version = "~> 1.0"
|
3
|
+
required_providers {
|
4
|
+
cloudfoundry = {
|
5
|
+
source = "cloudfoundry-community/cloudfoundry"
|
6
|
+
version = "0.15.0"
|
7
|
+
}
|
8
|
+
}
|
9
|
+
}
|
10
|
+
|
11
|
+
provider "cloudfoundry" {
|
12
|
+
api_url = var.cf_api_url
|
13
|
+
user = var.cf_user
|
14
|
+
password = var.cf_password
|
15
|
+
app_logs_max = 30
|
16
|
+
}
|
data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/variables.tf
ADDED
@@ -0,0 +1,47 @@
|
|
1
|
+
variable "cf_api_url" {
|
2
|
+
type = string
|
3
|
+
description = "cloud.gov api url"
|
4
|
+
default = "https://api.fr.cloud.gov"
|
5
|
+
}
|
6
|
+
|
7
|
+
variable "cf_user" {
|
8
|
+
type = string
|
9
|
+
description = "cloud.gov deployer account user"
|
10
|
+
}
|
11
|
+
|
12
|
+
variable "cf_password" {
|
13
|
+
type = string
|
14
|
+
description = "secret; cloud.gov deployer account password"
|
15
|
+
sensitive = true
|
16
|
+
}
|
17
|
+
|
18
|
+
variable "cf_org_name" {
|
19
|
+
type = string
|
20
|
+
description = "cloud.gov organization name"
|
21
|
+
}
|
22
|
+
|
23
|
+
variable "cf_space_name" {
|
24
|
+
type = string
|
25
|
+
description = "cloud.gov space name (staging or prod)"
|
26
|
+
}
|
27
|
+
|
28
|
+
variable "env" {
|
29
|
+
type = string
|
30
|
+
description = "deployment environment (staging, production)"
|
31
|
+
}
|
32
|
+
|
33
|
+
variable "clamav_image" {
|
34
|
+
type = string
|
35
|
+
description = "Docker image to deploy the clamav api app"
|
36
|
+
}
|
37
|
+
|
38
|
+
variable "clamav_memory" {
|
39
|
+
type = number
|
40
|
+
description = "Memory in MB to allocate to clamav app"
|
41
|
+
default = 3072
|
42
|
+
}
|
43
|
+
|
44
|
+
variable "max_file_size" {
|
45
|
+
type = string
|
46
|
+
description = "Maximum file size the API will accept for scanning"
|
47
|
+
}
|
@@ -0,0 +1,23 @@
|
|
1
|
+
###
|
2
|
+
# Target space/org
|
3
|
+
###
|
4
|
+
|
5
|
+
data "cloudfoundry_space" "space" {
|
6
|
+
org_name = var.cf_org_name
|
7
|
+
name = var.cf_space_name
|
8
|
+
}
|
9
|
+
|
10
|
+
###
|
11
|
+
# RDS instance
|
12
|
+
###
|
13
|
+
|
14
|
+
data "cloudfoundry_service" "redis" {
|
15
|
+
name = "aws-elasticache-redis"
|
16
|
+
}
|
17
|
+
|
18
|
+
resource "cloudfoundry_service_instance" "redis" {
|
19
|
+
name = "<%= app_name %>-redis-${var.env}"
|
20
|
+
space = data.cloudfoundry_space.space.id
|
21
|
+
service_plan = data.cloudfoundry_service.redis.service_plans[var.redis_plan_name]
|
22
|
+
recursive_delete = var.recursive_delete
|
23
|
+
}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
terraform {
|
2
|
+
required_version = "~> 1.0"
|
3
|
+
required_providers {
|
4
|
+
cloudfoundry = {
|
5
|
+
source = "cloudfoundry-community/cloudfoundry"
|
6
|
+
version = "0.15.0"
|
7
|
+
}
|
8
|
+
}
|
9
|
+
}
|
10
|
+
|
11
|
+
provider "cloudfoundry" {
|
12
|
+
api_url = var.cf_api_url
|
13
|
+
user = var.cf_user
|
14
|
+
password = var.cf_password
|
15
|
+
app_logs_max = 30
|
16
|
+
}
|
@@ -0,0 +1,42 @@
|
|
1
|
+
variable "cf_api_url" {
|
2
|
+
type = string
|
3
|
+
description = "cloud.gov api url"
|
4
|
+
default = "https://api.fr.cloud.gov"
|
5
|
+
}
|
6
|
+
|
7
|
+
variable "cf_user" {
|
8
|
+
type = string
|
9
|
+
description = "cloud.gov deployer account user"
|
10
|
+
}
|
11
|
+
|
12
|
+
variable "cf_password" {
|
13
|
+
type = string
|
14
|
+
description = "secret; cloud.gov deployer account password"
|
15
|
+
sensitive = true
|
16
|
+
}
|
17
|
+
|
18
|
+
variable "cf_org_name" {
|
19
|
+
type = string
|
20
|
+
description = "cloud.gov organization name"
|
21
|
+
}
|
22
|
+
|
23
|
+
variable "cf_space_name" {
|
24
|
+
type = string
|
25
|
+
description = "cloud.gov space name (staging or prod)"
|
26
|
+
}
|
27
|
+
|
28
|
+
variable "env" {
|
29
|
+
type = string
|
30
|
+
description = "deployment environment (staging, production)"
|
31
|
+
}
|
32
|
+
|
33
|
+
variable "recursive_delete" {
|
34
|
+
type = bool
|
35
|
+
description = "when true, deletes service bindings attached to the resource (not recommended for production)"
|
36
|
+
default = false
|
37
|
+
}
|
38
|
+
|
39
|
+
variable "redis_plan_name" {
|
40
|
+
type = string
|
41
|
+
description = "name of the service plan name to create"
|
42
|
+
}
|
@@ -16,15 +16,47 @@ module "database" {
|
|
16
16
|
recursive_delete = local.recursive_delete
|
17
17
|
rds_plan_name = "micro-psql"
|
18
18
|
}
|
19
|
+
<% if has_active_job? %>
|
20
|
+
module "redis" {
|
21
|
+
source = "../shared/redis"
|
19
22
|
|
23
|
+
cf_user = var.cf_user
|
24
|
+
cf_password = var.cf_password
|
25
|
+
cf_org_name = local.cf_org_name
|
26
|
+
cf_space_name = local.cf_space_name
|
27
|
+
env = local.env
|
28
|
+
recursive_delete = local.recursive_delete
|
29
|
+
redis_plan_name = "redis-dev"
|
30
|
+
}
|
31
|
+
<% end %>
|
20
32
|
<% if has_active_storage? %>
|
21
33
|
module "s3" {
|
22
34
|
source = "../shared/s3"
|
23
35
|
|
24
|
-
cf_user
|
25
|
-
cf_password
|
26
|
-
cf_org_name
|
27
|
-
cf_space_name
|
28
|
-
|
36
|
+
cf_user = var.cf_user
|
37
|
+
cf_password = var.cf_password
|
38
|
+
cf_org_name = local.cf_org_name
|
39
|
+
cf_space_name = local.cf_space_name
|
40
|
+
recursive_delete = local.recursive_delete
|
41
|
+
s3_service_name = "<%= app_name %>-s3-${local.env}"<% if cloud_gov_organization == "sandbox-gsa" %>
|
42
|
+
s3_plan_name = "basic-sandbox"<% end %>
|
29
43
|
}
|
44
|
+
|
45
|
+
###########################################################################
|
46
|
+
# The following lines need to be commented out for the initial `terraform apply`
|
47
|
+
# It can be re-enabled after:
|
48
|
+
# 1) the app has first been deployed
|
49
|
+
# 2) Your organization has sufficient memory. Each clamav app requires 3GB
|
50
|
+
###########################################################################
|
51
|
+
# module "clamav" {
|
52
|
+
# source = "../shared/clamav"
|
53
|
+
#
|
54
|
+
# cf_user = var.cf_user
|
55
|
+
# cf_password = var.cf_password
|
56
|
+
# cf_org_name = local.cf_org_name
|
57
|
+
# cf_space_name = local.cf_space_name
|
58
|
+
# env = local.env
|
59
|
+
# clamav_image = "ajilaag/clamav-rest:20211229"
|
60
|
+
# max_file_size = "30M"
|
61
|
+
# }
|
30
62
|
<% end %>
|
@@ -79,17 +79,6 @@ module RailsTemplate18f
|
|
79
79
|
EOM
|
80
80
|
end
|
81
81
|
end
|
82
|
-
|
83
|
-
private
|
84
|
-
|
85
|
-
def terraform_dir_exists?
|
86
|
-
# prevents cloud_gov_* helpers from trying to read non-existant .tf files
|
87
|
-
false
|
88
|
-
end
|
89
|
-
|
90
|
-
def has_active_storage?
|
91
|
-
defined?(::ActiveStorage)
|
92
|
-
end
|
93
82
|
end
|
94
83
|
end
|
95
84
|
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require "rails/app_updater"
|
2
|
+
|
3
|
+
module AppUpdaterOptions
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
class_methods do
|
7
|
+
def generator_options
|
8
|
+
options = super
|
9
|
+
# These options all end up hardcoded to true in the default `rails app:update`
|
10
|
+
options[:skip_active_job] = !defined?(ActiveJob::Railtie)
|
11
|
+
options[:skip_action_mailbox] = !defined?(ActionMailbox::Engine)
|
12
|
+
options[:skip_action_text] = !defined?(ActionText::Engine)
|
13
|
+
options[:skip_test] = !defined?(Rails::TestUnitRailtie)
|
14
|
+
options
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
Rails::AppUpdater.prepend(AppUpdaterOptions)
|