rails_template_18f 0.2.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/Gemfile +0 -2
- data/Gemfile.lock +3 -2
- data/README.md +12 -15
- data/exe/rails_template_18f +60 -0
- data/lib/generators/rails_template18f/active_storage/active_storage_generator.rb +142 -0
- data/lib/generators/rails_template18f/active_storage/templates/app/jobs/file_scan_job.rb +33 -0
- data/lib/generators/rails_template18f/active_storage/templates/app/models/file_upload.rb +25 -0
- data/lib/generators/rails_template18f/active_storage/templates/doc/adr/clamav.md.tt +30 -0
- data/lib/generators/rails_template18f/active_storage/templates/spec/jobs/file_scan_job_spec.rb +35 -0
- data/lib/generators/rails_template18f/active_storage/templates/spec/models/file_upload_spec.rb +38 -0
- data/lib/generators/rails_template18f/circleci/circleci_generator.rb +4 -1
- data/lib/generators/rails_template18f/cloud_gov_config/cloud_gov_config_generator.rb +29 -0
- data/lib/generators/rails_template18f/cloud_gov_config/templates/app/models/cloud_gov_config.rb +15 -0
- data/lib/generators/rails_template18f/cloud_gov_config/templates/spec/models/cloud_gov_config_spec.rb +44 -0
- data/lib/generators/rails_template18f/i18n/i18n_generator.rb +106 -0
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/en.yml.tt +3 -3
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/es.yml +3 -3
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/fr.yml +3 -6
- data/{templates → lib/generators/rails_template18f/i18n/templates}/config/locales/zh.yml +0 -0
- data/lib/generators/rails_template18f/i18n_js/i18n_js_generator.rb +59 -0
- data/lib/generators/rails_template18f/i18n_js/templates/lib/tasks/i18n.rake +9 -0
- data/lib/generators/rails_template18f/newrelic/newrelic_generator.rb +2 -0
- data/lib/generators/rails_template18f/sidekiq/sidekiq_generator.rb +72 -0
- data/lib/generators/rails_template18f/sidekiq/templates/config/initializers/redis.rb +14 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/production/main.tf.tt +37 -5
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/main.tf.tt +50 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/providers.tf +16 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/variables.tf +47 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/main.tf.tt +23 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/providers.tf +16 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/variables.tf +42 -0
- data/lib/generators/rails_template18f/terraform/templates/terraform/staging/main.tf.tt +37 -5
- data/lib/generators/rails_template18f/terraform/terraform_generator.rb +0 -11
- data/lib/rails_template18f/app_updater.rb +19 -0
- data/lib/rails_template18f/generators/base.rb +37 -5
- data/lib/rails_template18f/generators/cloud_gov_options.rb +0 -4
- data/lib/rails_template18f/version.rb +1 -1
- data/rails-template-18f.gemspec +2 -0
- data/template.rb +78 -96
- data/templates/config/deployment/staging.yml +1 -1
- data/templates/config/environments/ci.rb +0 -1
- data/templates/doc/compliance/apps/application.boundary.md.tt +0 -7
- metadata +59 -8
@@ -0,0 +1,106 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class I18nGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
class_option :languages, default: "es,fr,zh", desc: "Comma separated list of supported language short codes"
|
11
|
+
|
12
|
+
desc <<~DESC
|
13
|
+
Description:
|
14
|
+
Install translation framework and configuration for given languages.
|
15
|
+
Always installs configuration for English
|
16
|
+
DESC
|
17
|
+
|
18
|
+
def install_gem
|
19
|
+
return if gem_installed?("i18n-tasks")
|
20
|
+
gem_group :development, :test do
|
21
|
+
gem "i18n-tasks", "~> 0.9"
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def install_helper_tasks
|
26
|
+
bundle_install do
|
27
|
+
run "cp $(i18n-tasks gem-path)/templates/config/i18n-tasks.yml config/"
|
28
|
+
run "cp $(i18n-tasks gem-path)/templates/rspec/i18n_spec.rb spec/"
|
29
|
+
end
|
30
|
+
insert_into_file "config/i18n-tasks.yml", "\n#{indent("- app/assets/builds", 4)}", after: "exclude:"
|
31
|
+
uncomment_lines "config/i18n-tasks.yml", "ignore_missing:"
|
32
|
+
insert_into_file "config/i18n-tasks.yml", indent(<<~EOM), after: "ignore_missing:\n"
|
33
|
+
- 'shared.languages.*'
|
34
|
+
- 'shared.header.{title,close,demo_banner,menu}'
|
35
|
+
EOM
|
36
|
+
end
|
37
|
+
|
38
|
+
def install_translations
|
39
|
+
inside "config/locales" do
|
40
|
+
template "en.yml"
|
41
|
+
languages.each do |lang|
|
42
|
+
copy_file "#{lang}.yml"
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def configure_i18n
|
48
|
+
application "config.i18n.fallbacks = [:en]"
|
49
|
+
available_regex = /^(\s*config.i18n.available_locales).*$/
|
50
|
+
if file_content("config/application.rb").match?(available_regex)
|
51
|
+
gsub_file "config/application.rb", available_regex, "\\1 = #{supported_languages}"
|
52
|
+
else
|
53
|
+
application "config.i18n.available_locales = #{supported_languages}"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def install_nav_helper
|
58
|
+
inject_into_module "app/helpers/application_helper.rb", "ApplicationHelper", indent(<<~'EOH')
|
59
|
+
def format_active_locale(locale_string)
|
60
|
+
link_classes = "usa-nav__link"
|
61
|
+
if locale_string.to_sym == I18n.locale
|
62
|
+
link_classes = "#{link_classes} usa-current"
|
63
|
+
end
|
64
|
+
link_to t("shared.languages.#{locale_string}"), root_path(locale: locale_string), class: link_classes
|
65
|
+
end
|
66
|
+
EOH
|
67
|
+
end
|
68
|
+
|
69
|
+
def install_around_action
|
70
|
+
return if languages.empty?
|
71
|
+
inject_into_class "app/controllers/application_controller.rb", "ApplicationController", indent(<<~EOM)
|
72
|
+
around_action :switch_locale
|
73
|
+
|
74
|
+
def switch_locale(&action)
|
75
|
+
locale = params[:locale] || I18n.default_locale
|
76
|
+
I18n.with_locale(locale, &action)
|
77
|
+
end
|
78
|
+
EOM
|
79
|
+
end
|
80
|
+
|
81
|
+
def install_route
|
82
|
+
return if languages.empty?
|
83
|
+
return if file_content("config/routes.rb").match?(/scope "\(:locale\)"/)
|
84
|
+
regex = /(^.+\.routes\.draw do\s*$)\n(.*)^end$/m
|
85
|
+
gsub_file "config/routes.rb", regex, <<~'EOR'
|
86
|
+
\1
|
87
|
+
scope "(:locale)", locale: /#{I18n.available_locales.join("|")}/ do
|
88
|
+
# Your application routes go here
|
89
|
+
\2
|
90
|
+
end
|
91
|
+
end
|
92
|
+
EOR
|
93
|
+
end
|
94
|
+
|
95
|
+
private
|
96
|
+
|
97
|
+
def supported_languages
|
98
|
+
@supported_languages ||= [:en, *languages]
|
99
|
+
end
|
100
|
+
|
101
|
+
def languages
|
102
|
+
@languages ||= options[:languages].split(",").map(&:to_sym)
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
@@ -12,11 +12,11 @@ en:
|
|
12
12
|
secure_heading: Secure .gov websites use HTTPS
|
13
13
|
us_flag: U.S. Flag
|
14
14
|
header:
|
15
|
-
title: <%= app_name.titleize %>
|
16
|
-
menu: Menu
|
17
15
|
close: Close
|
18
|
-
primary: Primary navigation
|
19
16
|
demo_banner: TEST SITE - Do not use real personal information (demo purposes only) - TEST SITE
|
17
|
+
menu: Menu
|
18
|
+
primary: Primary navigation
|
19
|
+
title: <%= app_name.titleize %>
|
20
20
|
languages:
|
21
21
|
en: English
|
22
22
|
es: Español
|
@@ -12,8 +12,8 @@ es:
|
|
12
12
|
secure_heading: Los sitios web seguros .gov usan HTTPS
|
13
13
|
us_flag: Bandera de Estados Unidos
|
14
14
|
header:
|
15
|
-
menu: Menú
|
16
15
|
close: Cerrar
|
17
|
-
primary: Navegacion primaria
|
18
16
|
demo_banner: SITIO DE PRUEBA - No utilice información personal real (sólo para propósitos de demostración) - SITIO DE PRUEBA
|
19
|
-
|
17
|
+
menu: Menú
|
18
|
+
primary: Navegacion primaria
|
19
|
+
skip_link: Salte al contenido principal
|
@@ -8,15 +8,12 @@ fr:
|
|
8
8
|
lock: Verrou
|
9
9
|
locked_padlock: Verrou fermé
|
10
10
|
official_site: Un site web officiel du gouvernement des États-Unis
|
11
|
-
secure_description_html: Un <strong>verrou</strong> (%{lock_icon}) ou
|
12
|
-
<strong>https://</strong> signifie que vous êtes connecté en toute
|
13
|
-
sécurité au site Web .gov. Partagez des informations sensibles
|
14
|
-
uniquement sur des sites Web officiels et sécurisés.
|
11
|
+
secure_description_html: Un <strong>verrou</strong> (%{lock_icon}) ou <strong>https://</strong> signifie que vous êtes connecté en toute sécurité au site Web .gov. Partagez des informations sensibles uniquement sur des sites Web officiels et sécurisés.
|
15
12
|
secure_heading: Les sites Web sécurisés .gov utilisent HTTPS
|
16
13
|
us_flag: Drapeau américain
|
17
14
|
header:
|
18
|
-
menu: Menu
|
19
15
|
close: Fermer
|
20
|
-
primary: Navigation primaire
|
21
16
|
demo_banner: SITE DE TEST - N’utilisez pas de véritables données personnelles (il s’agit d’une démonstration seulement) - SITE DE TEST
|
17
|
+
menu: Menu
|
18
|
+
primary: Navigation primaire
|
22
19
|
skip_link: Passer au contenu principal
|
File without changes
|
@@ -0,0 +1,59 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class I18nJsGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
desc <<~DESC
|
11
|
+
Description:
|
12
|
+
Install and configure i18n-js gem to provide translations to JS code.
|
13
|
+
|
14
|
+
By default, will only export translations with keys that match `*.js.*`
|
15
|
+
DESC
|
16
|
+
|
17
|
+
def install_gem_and_tasks
|
18
|
+
return if gem_installed?("i18n-js")
|
19
|
+
gem "i18n-js", "~> 3.9"
|
20
|
+
bundle_install do
|
21
|
+
run "yarn add i18n-js"
|
22
|
+
generate "i18n:js:config"
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def configure_translation_yaml
|
27
|
+
append_to_file "config/i18n-js.yml", <<~EOYAML
|
28
|
+
# remove `only` to include all translations
|
29
|
+
translations:
|
30
|
+
- file: "app/assets/builds/translations.js"
|
31
|
+
only: "*.js.*"
|
32
|
+
EOYAML
|
33
|
+
end
|
34
|
+
|
35
|
+
def configure_asset_pipeline
|
36
|
+
copy_file "lib/tasks/i18n.rake"
|
37
|
+
environment "config.middleware.use I18n::JS::Middleware", env: :development
|
38
|
+
insert_into_file "app/views/layouts/application.html.erb", indent(<<~EOHTML, 4), after: /<%= stylesheet_link_tag "application".*$\n/
|
39
|
+
<%= javascript_include_tag "i18n", "data-turbo-track": "reload" %>
|
40
|
+
<%= javascript_include_tag "translations", "data-turbo-track": "reload" %>
|
41
|
+
EOHTML
|
42
|
+
append_to_file "app/assets/config/manifest.js", <<~EOJS
|
43
|
+
//= link i18n.js
|
44
|
+
//= link translations.js
|
45
|
+
EOJS
|
46
|
+
end
|
47
|
+
|
48
|
+
def ignore_generated_file
|
49
|
+
unless skip_git?
|
50
|
+
append_to_file ".gitignore", <<~EOM
|
51
|
+
|
52
|
+
# Generated by i18n-js
|
53
|
+
/public/javascripts/i18n.js
|
54
|
+
EOM
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# export translations as part of asset precompile
|
2
|
+
|
3
|
+
Rake::Task["assets:precompile"].enhance(["i18n:js:export"])
|
4
|
+
|
5
|
+
if Rake::Task.task_defined?("test:prepare")
|
6
|
+
Rake::Task["test:prepare"].enhance(["i18n:js:export"])
|
7
|
+
elsif Rake::Task.task_defined?("db:test:prepare")
|
8
|
+
Rake::Task["db:test:prepare"].enhance(["i18n:js:export"])
|
9
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rails/generators"
|
4
|
+
|
5
|
+
module RailsTemplate18f
|
6
|
+
module Generators
|
7
|
+
class SidekiqGenerator < ::Rails::Generators::Base
|
8
|
+
include Base
|
9
|
+
|
10
|
+
desc <<~DESC
|
11
|
+
Description:
|
12
|
+
Install Sidekiq and configure it as the ActiveJob backend
|
13
|
+
DESC
|
14
|
+
|
15
|
+
def install_gem
|
16
|
+
return if gem_installed?("sidekiq")
|
17
|
+
gem "sidekiq", "~> 6.4"
|
18
|
+
bundle_install
|
19
|
+
end
|
20
|
+
|
21
|
+
def configure_server_runner
|
22
|
+
append_to_file "Procfile.dev", "worker: bundle exec sidekiq\n"
|
23
|
+
insert_into_file "manifest.yml", indent(<<~EOYAML), after: /processes:$\n/
|
24
|
+
- type: worker
|
25
|
+
instances: ((worker_instances))
|
26
|
+
memory: ((worker_memory))
|
27
|
+
command: bundle exec sidekiq
|
28
|
+
EOYAML
|
29
|
+
insert_into_file "manifest.yml", "\n - #{app_name}-redis-((env))", after: "services:"
|
30
|
+
inside "config/deployment" do
|
31
|
+
append_to_file "staging.yml", <<~EOYAML
|
32
|
+
worker_instances: 1
|
33
|
+
worker_memory: 256M
|
34
|
+
EOYAML
|
35
|
+
append_to_file "production.yml", <<~EOYAML
|
36
|
+
worker_instances: 1
|
37
|
+
worker_memory: 512M
|
38
|
+
EOYAML
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def configure_active_job
|
43
|
+
generate "rails_template18f:cloud_gov_config", inline: true
|
44
|
+
copy_file "config/initializers/redis.rb"
|
45
|
+
application "config.active_job.queue_adapter = :sidekiq"
|
46
|
+
end
|
47
|
+
|
48
|
+
def configure_sidekiq_ui
|
49
|
+
prepend_to_file "config/routes.rb", "require \"sidekiq/web\"\n\n"
|
50
|
+
route <<~EOR
|
51
|
+
if Rails.env.development?
|
52
|
+
mount Sidekiq::Web => "/sidekiq"
|
53
|
+
end
|
54
|
+
EOR
|
55
|
+
end
|
56
|
+
|
57
|
+
def update_boundary_diagram
|
58
|
+
boundary_filename = "doc/compliance/apps/application.boundary.md"
|
59
|
+
|
60
|
+
insert_into_file boundary_filename, indent(<<~EOB, 16), after: /ContainerDb\(app_db.*$\n/
|
61
|
+
Container(worker, "<&layers> Sidekiq workers", "Ruby #{ruby_version}, Sidekiq", "Perform background work and data processing")
|
62
|
+
ContainerDb(redis, "Redis Database", "AWS ElastiCache (Redis)", "Background job queue")
|
63
|
+
EOB
|
64
|
+
insert_into_file boundary_filename, <<~EOB, before: "@enduml"
|
65
|
+
Rel(app, redis, "enqueue job parameters", "redis")
|
66
|
+
Rel(worker, redis, "dequeues job parameters", "redis")
|
67
|
+
Rel(worker, app_db, "reads/writes primary data", "psql (5432)")
|
68
|
+
EOB
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Rails.application.config.to_prepare do
|
4
|
+
redis_url = CloudGovConfig.dig "aws-elasticache-redis", "credentials", "uri"
|
5
|
+
if redis_url.present?
|
6
|
+
Sidekiq.configure_server do |config|
|
7
|
+
config.redis = {url: redis_url, ssl: true}
|
8
|
+
end
|
9
|
+
|
10
|
+
Sidekiq.configure_client do |config|
|
11
|
+
config.redis = {url: redis_url, ssl: true}
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -16,17 +16,49 @@ module "database" {
|
|
16
16
|
recursive_delete = local.recursive_delete
|
17
17
|
rds_plan_name = "TKTK-production-rds-plan"
|
18
18
|
}
|
19
|
+
<% if has_active_job? %>
|
20
|
+
module "redis" {
|
21
|
+
source = "../shared/redis"
|
19
22
|
|
23
|
+
cf_user = var.cf_user
|
24
|
+
cf_password = var.cf_password
|
25
|
+
cf_org_name = local.cf_org_name
|
26
|
+
cf_space_name = local.cf_space_name
|
27
|
+
env = local.env
|
28
|
+
recursive_delete = local.recursive_delete
|
29
|
+
redis_plan_name = "TKTK-production-redis-plan"
|
30
|
+
}
|
31
|
+
<% end %>
|
20
32
|
<% if has_active_storage? %>
|
21
33
|
module "s3" {
|
22
34
|
source = "../shared/s3"
|
23
35
|
|
24
|
-
cf_user
|
25
|
-
cf_password
|
26
|
-
cf_org_name
|
27
|
-
cf_space_name
|
28
|
-
|
36
|
+
cf_user = var.cf_user
|
37
|
+
cf_password = var.cf_password
|
38
|
+
cf_org_name = local.cf_org_name
|
39
|
+
cf_space_name = local.cf_space_name
|
40
|
+
recursive_delete = local.recursive_delete
|
41
|
+
s3_service_name = "<%= app_name %>-s3-${local.env}"<% if cloud_gov_organization == "sandbox-gsa" %>
|
42
|
+
s3_plan_name = "basic-sandbox"<% end %>
|
29
43
|
}
|
44
|
+
|
45
|
+
###########################################################################
|
46
|
+
# The following lines need to be commented out for the initial `terraform apply`
|
47
|
+
# It can be re-enabled after:
|
48
|
+
# 1) the app has first been deployed
|
49
|
+
# 2) Your organization has sufficient memory. Each clamav app requires 3GB
|
50
|
+
###########################################################################
|
51
|
+
# module "clamav" {
|
52
|
+
# source = "../shared/clamav"
|
53
|
+
#
|
54
|
+
# cf_user = var.cf_user
|
55
|
+
# cf_password = var.cf_password
|
56
|
+
# cf_org_name = local.cf_org_name
|
57
|
+
# cf_space_name = local.cf_space_name
|
58
|
+
# env = local.env
|
59
|
+
# clamav_image = "ajilaag/clamav-rest:20211229"
|
60
|
+
# max_file_size = "30M"
|
61
|
+
# }
|
30
62
|
<% end %>
|
31
63
|
|
32
64
|
###########################################################################
|
@@ -0,0 +1,50 @@
|
|
1
|
+
###
|
2
|
+
# Target space/org
|
3
|
+
###
|
4
|
+
|
5
|
+
data "cloudfoundry_space" "space" {
|
6
|
+
org_name = var.cf_org_name
|
7
|
+
name = var.cf_space_name
|
8
|
+
}
|
9
|
+
|
10
|
+
data "cloudfoundry_domain" "internal" {
|
11
|
+
name = "apps.internal"
|
12
|
+
}
|
13
|
+
|
14
|
+
data "cloudfoundry_app" "app" {
|
15
|
+
name_or_id = "<%= app_name %>-${var.env}"
|
16
|
+
space = data.cloudfoundry_space.space.id
|
17
|
+
}
|
18
|
+
|
19
|
+
###
|
20
|
+
# ClamAV API app
|
21
|
+
###
|
22
|
+
|
23
|
+
resource "cloudfoundry_route" "clamav_route" {
|
24
|
+
space = data.cloudfoundry_space.space.id
|
25
|
+
domain = data.cloudfoundry_domain.internal.id
|
26
|
+
hostname = "<%= app_name %>-clamapi-${var.env}"
|
27
|
+
}
|
28
|
+
|
29
|
+
resource "cloudfoundry_app" "clamav_api" {
|
30
|
+
name = "<%= app_name %>-clamav-api-${var.env}"
|
31
|
+
space = data.cloudfoundry_space.space.id
|
32
|
+
memory = var.clamav_memory
|
33
|
+
disk_quota = 2048
|
34
|
+
timeout = 600
|
35
|
+
docker_image = var.clamav_image
|
36
|
+
routes {
|
37
|
+
route = cloudfoundry_route.clamav_route.id
|
38
|
+
}
|
39
|
+
environment = {
|
40
|
+
MAX_FILE_SIZE = var.max_file_size
|
41
|
+
}
|
42
|
+
}
|
43
|
+
|
44
|
+
resource "cloudfoundry_network_policy" "clamav_routing" {
|
45
|
+
policy {
|
46
|
+
source_app = data.cloudfoundry_app.app.id
|
47
|
+
destination_app = cloudfoundry_app.clamav_api.id
|
48
|
+
port = "9443"
|
49
|
+
}
|
50
|
+
}
|
data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/providers.tf
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
terraform {
|
2
|
+
required_version = "~> 1.0"
|
3
|
+
required_providers {
|
4
|
+
cloudfoundry = {
|
5
|
+
source = "cloudfoundry-community/cloudfoundry"
|
6
|
+
version = "0.15.0"
|
7
|
+
}
|
8
|
+
}
|
9
|
+
}
|
10
|
+
|
11
|
+
provider "cloudfoundry" {
|
12
|
+
api_url = var.cf_api_url
|
13
|
+
user = var.cf_user
|
14
|
+
password = var.cf_password
|
15
|
+
app_logs_max = 30
|
16
|
+
}
|
data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/variables.tf
ADDED
@@ -0,0 +1,47 @@
|
|
1
|
+
variable "cf_api_url" {
|
2
|
+
type = string
|
3
|
+
description = "cloud.gov api url"
|
4
|
+
default = "https://api.fr.cloud.gov"
|
5
|
+
}
|
6
|
+
|
7
|
+
variable "cf_user" {
|
8
|
+
type = string
|
9
|
+
description = "cloud.gov deployer account user"
|
10
|
+
}
|
11
|
+
|
12
|
+
variable "cf_password" {
|
13
|
+
type = string
|
14
|
+
description = "secret; cloud.gov deployer account password"
|
15
|
+
sensitive = true
|
16
|
+
}
|
17
|
+
|
18
|
+
variable "cf_org_name" {
|
19
|
+
type = string
|
20
|
+
description = "cloud.gov organization name"
|
21
|
+
}
|
22
|
+
|
23
|
+
variable "cf_space_name" {
|
24
|
+
type = string
|
25
|
+
description = "cloud.gov space name (staging or prod)"
|
26
|
+
}
|
27
|
+
|
28
|
+
variable "env" {
|
29
|
+
type = string
|
30
|
+
description = "deployment environment (staging, production)"
|
31
|
+
}
|
32
|
+
|
33
|
+
variable "clamav_image" {
|
34
|
+
type = string
|
35
|
+
description = "Docker image to deploy the clamav api app"
|
36
|
+
}
|
37
|
+
|
38
|
+
variable "clamav_memory" {
|
39
|
+
type = number
|
40
|
+
description = "Memory in MB to allocate to clamav app"
|
41
|
+
default = 3072
|
42
|
+
}
|
43
|
+
|
44
|
+
variable "max_file_size" {
|
45
|
+
type = string
|
46
|
+
description = "Maximum file size the API will accept for scanning"
|
47
|
+
}
|
@@ -0,0 +1,23 @@
|
|
1
|
+
###
|
2
|
+
# Target space/org
|
3
|
+
###
|
4
|
+
|
5
|
+
data "cloudfoundry_space" "space" {
|
6
|
+
org_name = var.cf_org_name
|
7
|
+
name = var.cf_space_name
|
8
|
+
}
|
9
|
+
|
10
|
+
###
|
11
|
+
# RDS instance
|
12
|
+
###
|
13
|
+
|
14
|
+
data "cloudfoundry_service" "redis" {
|
15
|
+
name = "aws-elasticache-redis"
|
16
|
+
}
|
17
|
+
|
18
|
+
resource "cloudfoundry_service_instance" "redis" {
|
19
|
+
name = "<%= app_name %>-redis-${var.env}"
|
20
|
+
space = data.cloudfoundry_space.space.id
|
21
|
+
service_plan = data.cloudfoundry_service.redis.service_plans[var.redis_plan_name]
|
22
|
+
recursive_delete = var.recursive_delete
|
23
|
+
}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
terraform {
|
2
|
+
required_version = "~> 1.0"
|
3
|
+
required_providers {
|
4
|
+
cloudfoundry = {
|
5
|
+
source = "cloudfoundry-community/cloudfoundry"
|
6
|
+
version = "0.15.0"
|
7
|
+
}
|
8
|
+
}
|
9
|
+
}
|
10
|
+
|
11
|
+
provider "cloudfoundry" {
|
12
|
+
api_url = var.cf_api_url
|
13
|
+
user = var.cf_user
|
14
|
+
password = var.cf_password
|
15
|
+
app_logs_max = 30
|
16
|
+
}
|
@@ -0,0 +1,42 @@
|
|
1
|
+
variable "cf_api_url" {
|
2
|
+
type = string
|
3
|
+
description = "cloud.gov api url"
|
4
|
+
default = "https://api.fr.cloud.gov"
|
5
|
+
}
|
6
|
+
|
7
|
+
variable "cf_user" {
|
8
|
+
type = string
|
9
|
+
description = "cloud.gov deployer account user"
|
10
|
+
}
|
11
|
+
|
12
|
+
variable "cf_password" {
|
13
|
+
type = string
|
14
|
+
description = "secret; cloud.gov deployer account password"
|
15
|
+
sensitive = true
|
16
|
+
}
|
17
|
+
|
18
|
+
variable "cf_org_name" {
|
19
|
+
type = string
|
20
|
+
description = "cloud.gov organization name"
|
21
|
+
}
|
22
|
+
|
23
|
+
variable "cf_space_name" {
|
24
|
+
type = string
|
25
|
+
description = "cloud.gov space name (staging or prod)"
|
26
|
+
}
|
27
|
+
|
28
|
+
variable "env" {
|
29
|
+
type = string
|
30
|
+
description = "deployment environment (staging, production)"
|
31
|
+
}
|
32
|
+
|
33
|
+
variable "recursive_delete" {
|
34
|
+
type = bool
|
35
|
+
description = "when true, deletes service bindings attached to the resource (not recommended for production)"
|
36
|
+
default = false
|
37
|
+
}
|
38
|
+
|
39
|
+
variable "redis_plan_name" {
|
40
|
+
type = string
|
41
|
+
description = "name of the service plan name to create"
|
42
|
+
}
|
@@ -16,15 +16,47 @@ module "database" {
|
|
16
16
|
recursive_delete = local.recursive_delete
|
17
17
|
rds_plan_name = "micro-psql"
|
18
18
|
}
|
19
|
+
<% if has_active_job? %>
|
20
|
+
module "redis" {
|
21
|
+
source = "../shared/redis"
|
19
22
|
|
23
|
+
cf_user = var.cf_user
|
24
|
+
cf_password = var.cf_password
|
25
|
+
cf_org_name = local.cf_org_name
|
26
|
+
cf_space_name = local.cf_space_name
|
27
|
+
env = local.env
|
28
|
+
recursive_delete = local.recursive_delete
|
29
|
+
redis_plan_name = "redis-dev"
|
30
|
+
}
|
31
|
+
<% end %>
|
20
32
|
<% if has_active_storage? %>
|
21
33
|
module "s3" {
|
22
34
|
source = "../shared/s3"
|
23
35
|
|
24
|
-
cf_user
|
25
|
-
cf_password
|
26
|
-
cf_org_name
|
27
|
-
cf_space_name
|
28
|
-
|
36
|
+
cf_user = var.cf_user
|
37
|
+
cf_password = var.cf_password
|
38
|
+
cf_org_name = local.cf_org_name
|
39
|
+
cf_space_name = local.cf_space_name
|
40
|
+
recursive_delete = local.recursive_delete
|
41
|
+
s3_service_name = "<%= app_name %>-s3-${local.env}"<% if cloud_gov_organization == "sandbox-gsa" %>
|
42
|
+
s3_plan_name = "basic-sandbox"<% end %>
|
29
43
|
}
|
44
|
+
|
45
|
+
###########################################################################
|
46
|
+
# The following lines need to be commented out for the initial `terraform apply`
|
47
|
+
# It can be re-enabled after:
|
48
|
+
# 1) the app has first been deployed
|
49
|
+
# 2) Your organization has sufficient memory. Each clamav app requires 3GB
|
50
|
+
###########################################################################
|
51
|
+
# module "clamav" {
|
52
|
+
# source = "../shared/clamav"
|
53
|
+
#
|
54
|
+
# cf_user = var.cf_user
|
55
|
+
# cf_password = var.cf_password
|
56
|
+
# cf_org_name = local.cf_org_name
|
57
|
+
# cf_space_name = local.cf_space_name
|
58
|
+
# env = local.env
|
59
|
+
# clamav_image = "ajilaag/clamav-rest:20211229"
|
60
|
+
# max_file_size = "30M"
|
61
|
+
# }
|
30
62
|
<% end %>
|
@@ -79,17 +79,6 @@ module RailsTemplate18f
|
|
79
79
|
EOM
|
80
80
|
end
|
81
81
|
end
|
82
|
-
|
83
|
-
private
|
84
|
-
|
85
|
-
def terraform_dir_exists?
|
86
|
-
# prevents cloud_gov_* helpers from trying to read non-existant .tf files
|
87
|
-
false
|
88
|
-
end
|
89
|
-
|
90
|
-
def has_active_storage?
|
91
|
-
defined?(::ActiveStorage)
|
92
|
-
end
|
93
82
|
end
|
94
83
|
end
|
95
84
|
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require "rails/app_updater"
|
2
|
+
|
3
|
+
module AppUpdaterOptions
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
class_methods do
|
7
|
+
def generator_options
|
8
|
+
options = super
|
9
|
+
# These options all end up hardcoded to true in the default `rails app:update`
|
10
|
+
options[:skip_active_job] = !defined?(ActiveJob::Railtie)
|
11
|
+
options[:skip_action_mailbox] = !defined?(ActionMailbox::Engine)
|
12
|
+
options[:skip_action_text] = !defined?(ActionText::Engine)
|
13
|
+
options[:skip_test] = !defined?(Rails::TestUnitRailtie)
|
14
|
+
options
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
Rails::AppUpdater.prepend(AppUpdaterOptions)
|