rails_template_18f 0.7.2 → 0.8.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (49) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -0
  3. data/Gemfile.lock +92 -70
  4. data/README.md +60 -63
  5. data/lib/generators/rails_template18f/active_storage/active_storage_generator.rb +0 -43
  6. data/lib/generators/rails_template18f/circleci/templates/circleci/config.yml.tt +17 -0
  7. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/dependency-scans.yml +17 -0
  8. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/deploy-production.yml.tt +3 -1
  9. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/deploy-staging.yml.tt +3 -1
  10. data/lib/generators/rails_template18f/rails_erd/rails_erd_generator.rb +49 -0
  11. data/lib/generators/rails_template18f/rails_erd/templates/erdconfig +9 -0
  12. data/lib/generators/rails_template18f/terraform/templates/terraform/README.md.tt +3 -3
  13. data/lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/main.tf.tt +1 -1
  14. data/lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/run.sh.tt +1 -1
  15. data/lib/generators/rails_template18f/terraform/templates/terraform/bootstrap/teardown_creds.sh.tt +1 -1
  16. data/lib/generators/rails_template18f/terraform/templates/terraform/production/main.tf.tt +11 -6
  17. data/lib/generators/rails_template18f/terraform/templates/terraform/staging/main.tf.tt +9 -5
  18. data/lib/generators/rails_template18f/terraform/terraform_generator.rb +0 -10
  19. data/lib/rails_template18f/generators/pipeline_options.rb +13 -4
  20. data/lib/rails_template18f/version.rb +1 -1
  21. data/template.rb +21 -2
  22. data/templates/Brewfile +3 -0
  23. data/templates/README.md.tt +1 -0
  24. data/templates/bin/ops/create_service_account.sh.tt +72 -0
  25. data/templates/bin/ops/destroy_service_account.sh.tt +53 -0
  26. data/{lib/generators/rails_template18f/terraform/templates/terraform → templates/bin/ops}/set_space_egress.sh.tt +1 -1
  27. data/templates/config/environments/ci.rb +1 -1
  28. data/templates/config/environments/staging.rb +1 -1
  29. data/templates/doc/compliance/README.md +7 -2
  30. data/templates/doc/compliance/TODO.md +37 -0
  31. metadata +9 -22
  32. data/lib/generators/rails_template18f/terraform/templates/terraform/create_space_deployer.sh +0 -33
  33. data/lib/generators/rails_template18f/terraform/templates/terraform/destroy_space_deployer.sh +0 -19
  34. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/main.tf.tt +0 -50
  35. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/providers.tf +0 -16
  36. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/clamav/variables.tf +0 -47
  37. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/database/main.tf.tt +0 -23
  38. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/database/providers.tf +0 -16
  39. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/database/variables.tf +0 -42
  40. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/main.tf.tt +0 -46
  41. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/providers.tf +0 -16
  42. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/domain/variables.tf +0 -47
  43. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/main.tf.tt +0 -23
  44. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/providers.tf +0 -16
  45. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/redis/variables.tf +0 -42
  46. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/main.tf +0 -27
  47. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/providers.tf +0 -16
  48. data/lib/generators/rails_template18f/terraform/templates/terraform/shared/s3/variables.tf +0 -43
  49. data/templates/doc/compliance/apps/data.logical.md +0 -21
@@ -1,50 +0,0 @@
1
- ###
2
- # Target space/org
3
- ###
4
-
5
- data "cloudfoundry_space" "space" {
6
- org_name = var.cf_org_name
7
- name = var.cf_space_name
8
- }
9
-
10
- data "cloudfoundry_domain" "internal" {
11
- name = "apps.internal"
12
- }
13
-
14
- data "cloudfoundry_app" "app" {
15
- name_or_id = "<%= app_name %>-${var.env}"
16
- space = data.cloudfoundry_space.space.id
17
- }
18
-
19
- ###
20
- # ClamAV API app
21
- ###
22
-
23
- resource "cloudfoundry_route" "clamav_route" {
24
- space = data.cloudfoundry_space.space.id
25
- domain = data.cloudfoundry_domain.internal.id
26
- hostname = "<%= app_name %>-clamapi-${var.env}"
27
- }
28
-
29
- resource "cloudfoundry_app" "clamav_api" {
30
- name = "<%= app_name %>-clamav-api-${var.env}"
31
- space = data.cloudfoundry_space.space.id
32
- memory = var.clamav_memory
33
- disk_quota = 2048
34
- timeout = 600
35
- docker_image = var.clamav_image
36
- routes {
37
- route = cloudfoundry_route.clamav_route.id
38
- }
39
- environment = {
40
- MAX_FILE_SIZE = var.max_file_size
41
- }
42
- }
43
-
44
- resource "cloudfoundry_network_policy" "clamav_routing" {
45
- policy {
46
- source_app = data.cloudfoundry_app.app.id
47
- destination_app = cloudfoundry_app.clamav_api.id
48
- port = "9443"
49
- }
50
- }
@@ -1,16 +0,0 @@
1
- terraform {
2
- required_version = "~> 1.0"
3
- required_providers {
4
- cloudfoundry = {
5
- source = "cloudfoundry-community/cloudfoundry"
6
- version = "0.15.0"
7
- }
8
- }
9
- }
10
-
11
- provider "cloudfoundry" {
12
- api_url = var.cf_api_url
13
- user = var.cf_user
14
- password = var.cf_password
15
- app_logs_max = 30
16
- }
@@ -1,47 +0,0 @@
1
- variable "cf_api_url" {
2
- type = string
3
- description = "cloud.gov api url"
4
- default = "https://api.fr.cloud.gov"
5
- }
6
-
7
- variable "cf_user" {
8
- type = string
9
- description = "cloud.gov deployer account user"
10
- }
11
-
12
- variable "cf_password" {
13
- type = string
14
- description = "secret; cloud.gov deployer account password"
15
- sensitive = true
16
- }
17
-
18
- variable "cf_org_name" {
19
- type = string
20
- description = "cloud.gov organization name"
21
- }
22
-
23
- variable "cf_space_name" {
24
- type = string
25
- description = "cloud.gov space name (staging or prod)"
26
- }
27
-
28
- variable "env" {
29
- type = string
30
- description = "deployment environment (staging, production)"
31
- }
32
-
33
- variable "clamav_image" {
34
- type = string
35
- description = "Docker image to deploy the clamav api app"
36
- }
37
-
38
- variable "clamav_memory" {
39
- type = number
40
- description = "Memory in MB to allocate to clamav app"
41
- default = 3072
42
- }
43
-
44
- variable "max_file_size" {
45
- type = string
46
- description = "Maximum file size the API will accept for scanning"
47
- }
@@ -1,23 +0,0 @@
1
- ###
2
- # Target space/org
3
- ###
4
-
5
- data "cloudfoundry_space" "space" {
6
- org_name = var.cf_org_name
7
- name = var.cf_space_name
8
- }
9
-
10
- ###
11
- # RDS instance
12
- ###
13
-
14
- data "cloudfoundry_service" "rds" {
15
- name = "aws-rds"
16
- }
17
-
18
- resource "cloudfoundry_service_instance" "rds" {
19
- name = "<%= app_name %>-rds-${var.env}"
20
- space = data.cloudfoundry_space.space.id
21
- service_plan = data.cloudfoundry_service.rds.service_plans[var.rds_plan_name]
22
- recursive_delete = var.recursive_delete
23
- }
@@ -1,16 +0,0 @@
1
- terraform {
2
- required_version = "~> 1.0"
3
- required_providers {
4
- cloudfoundry = {
5
- source = "cloudfoundry-community/cloudfoundry"
6
- version = "0.15.0"
7
- }
8
- }
9
- }
10
-
11
- provider "cloudfoundry" {
12
- api_url = var.cf_api_url
13
- user = var.cf_user
14
- password = var.cf_password
15
- app_logs_max = 30
16
- }
@@ -1,42 +0,0 @@
1
- variable "cf_api_url" {
2
- type = string
3
- description = "cloud.gov api url"
4
- default = "https://api.fr.cloud.gov"
5
- }
6
-
7
- variable "cf_user" {
8
- type = string
9
- description = "cloud.gov deployer account user"
10
- }
11
-
12
- variable "cf_password" {
13
- type = string
14
- description = "secret; cloud.gov deployer account password"
15
- sensitive = true
16
- }
17
-
18
- variable "cf_org_name" {
19
- type = string
20
- description = "cloud.gov organization name"
21
- }
22
-
23
- variable "cf_space_name" {
24
- type = string
25
- description = "cloud.gov space name (staging or prod)"
26
- }
27
-
28
- variable "env" {
29
- type = string
30
- description = "deployment environment (staging, production)"
31
- }
32
-
33
- variable "recursive_delete" {
34
- type = bool
35
- description = "when true, deletes service bindings attached to the resource (not recommended for production)"
36
- default = false
37
- }
38
-
39
- variable "rds_plan_name" {
40
- type = string
41
- description = "name of the service plan name to create"
42
- }
@@ -1,46 +0,0 @@
1
- ###
2
- # Target space/org
3
- ###
4
-
5
- data "cloudfoundry_space" "space" {
6
- org_name = var.cf_org_name
7
- name = var.cf_space_name
8
- }
9
-
10
- ###
11
- # Route mapping and CDN instance
12
- ###
13
-
14
- data "cloudfoundry_app" "app" {
15
- name_or_id = "<%= app_name %>-${var.env}"
16
- space = data.cloudfoundry_space.space.id
17
- }
18
-
19
- ###########################################################################
20
- # Route must be manually created by an OrgManager before terraform is run:
21
- #
22
- # cf create-domain <%= cloud_gov_organization %> TKTK-production-domain-name
23
- ###########################################################################
24
- data "cloudfoundry_domain" "origin_url" {
25
- name = var.domain_name
26
- }
27
-
28
- resource "cloudfoundry_route" "origin_route" {
29
- domain = data.cloudfoundry_domain.origin_url.id
30
- space = data.cloudfoundry_space.space.id
31
- target {
32
- app = data.cloudfoundry_app.app.id
33
- }
34
- }
35
-
36
- data "cloudfoundry_service" "external_domain" {
37
- name = "external-domain"
38
- }
39
-
40
- resource "cloudfoundry_service_instance" "external_domain_instance" {
41
- name = "<%= app_name %>-domain-${var.env}"
42
- space = data.cloudfoundry_space.space.id
43
- service_plan = data.cloudfoundry_service.external_domain.service_plans[var.cdn_plan_name]
44
- recursive_delete = var.recursive_delete
45
- json_params = "{\"domains\": \"${var.domain_name}\"}"
46
- }
@@ -1,16 +0,0 @@
1
- terraform {
2
- required_version = "~> 1.0"
3
- required_providers {
4
- cloudfoundry = {
5
- source = "cloudfoundry-community/cloudfoundry"
6
- version = "0.15.0"
7
- }
8
- }
9
- }
10
-
11
- provider "cloudfoundry" {
12
- api_url = var.cf_api_url
13
- user = var.cf_user
14
- password = var.cf_password
15
- app_logs_max = 30
16
- }
@@ -1,47 +0,0 @@
1
- variable "cf_api_url" {
2
- type = string
3
- description = "cloud.gov api url"
4
- default = "https://api.fr.cloud.gov"
5
- }
6
-
7
- variable "cf_user" {
8
- type = string
9
- description = "cloud.gov deployer account user"
10
- }
11
-
12
- variable "cf_password" {
13
- type = string
14
- description = "secret; cloud.gov deployer account password"
15
- sensitive = true
16
- }
17
-
18
- variable "cf_org_name" {
19
- type = string
20
- description = "cloud.gov organization name"
21
- }
22
-
23
- variable "cf_space_name" {
24
- type = string
25
- description = "cloud.gov space name (staging or prod)"
26
- }
27
-
28
- variable "env" {
29
- type = string
30
- description = "deployment environment (staging, production)"
31
- }
32
-
33
- variable "recursive_delete" {
34
- type = bool
35
- description = "when true, deletes service bindings attached to the resource (not recommended for production)"
36
- default = false
37
- }
38
-
39
- variable "cdn_plan_name" {
40
- type = string
41
- description = "name of the service plan name to create"
42
- }
43
-
44
- variable "domain_name" {
45
- type = string
46
- description = "DNS name users will be accessing site"
47
- }
@@ -1,23 +0,0 @@
1
- ###
2
- # Target space/org
3
- ###
4
-
5
- data "cloudfoundry_space" "space" {
6
- org_name = var.cf_org_name
7
- name = var.cf_space_name
8
- }
9
-
10
- ###
11
- # RDS instance
12
- ###
13
-
14
- data "cloudfoundry_service" "redis" {
15
- name = "aws-elasticache-redis"
16
- }
17
-
18
- resource "cloudfoundry_service_instance" "redis" {
19
- name = "<%= app_name %>-redis-${var.env}"
20
- space = data.cloudfoundry_space.space.id
21
- service_plan = data.cloudfoundry_service.redis.service_plans[var.redis_plan_name]
22
- recursive_delete = var.recursive_delete
23
- }
@@ -1,16 +0,0 @@
1
- terraform {
2
- required_version = "~> 1.0"
3
- required_providers {
4
- cloudfoundry = {
5
- source = "cloudfoundry-community/cloudfoundry"
6
- version = "0.15.0"
7
- }
8
- }
9
- }
10
-
11
- provider "cloudfoundry" {
12
- api_url = var.cf_api_url
13
- user = var.cf_user
14
- password = var.cf_password
15
- app_logs_max = 30
16
- }
@@ -1,42 +0,0 @@
1
- variable "cf_api_url" {
2
- type = string
3
- description = "cloud.gov api url"
4
- default = "https://api.fr.cloud.gov"
5
- }
6
-
7
- variable "cf_user" {
8
- type = string
9
- description = "cloud.gov deployer account user"
10
- }
11
-
12
- variable "cf_password" {
13
- type = string
14
- description = "secret; cloud.gov deployer account password"
15
- sensitive = true
16
- }
17
-
18
- variable "cf_org_name" {
19
- type = string
20
- description = "cloud.gov organization name"
21
- }
22
-
23
- variable "cf_space_name" {
24
- type = string
25
- description = "cloud.gov space name (staging or prod)"
26
- }
27
-
28
- variable "env" {
29
- type = string
30
- description = "deployment environment (staging, production)"
31
- }
32
-
33
- variable "recursive_delete" {
34
- type = bool
35
- description = "when true, deletes service bindings attached to the resource (not recommended for production)"
36
- default = false
37
- }
38
-
39
- variable "redis_plan_name" {
40
- type = string
41
- description = "name of the service plan name to create"
42
- }
@@ -1,27 +0,0 @@
1
- ###
2
- # Target space/org
3
- ###
4
-
5
- data "cloudfoundry_space" "space" {
6
- org_name = var.cf_org_name
7
- name = var.cf_space_name
8
- }
9
-
10
- ###
11
- # S3 instance
12
- ###
13
-
14
- data "cloudfoundry_service" "s3" {
15
- name = "s3"
16
- }
17
-
18
- resource "cloudfoundry_service_instance" "bucket" {
19
- name = var.s3_service_name
20
- space = data.cloudfoundry_space.space.id
21
- service_plan = data.cloudfoundry_service.s3.service_plans[var.s3_plan_name]
22
- recursive_delete = var.recursive_delete
23
- }
24
-
25
- output "bucket_id" {
26
- value = cloudfoundry_service_instance.bucket.id
27
- }
@@ -1,16 +0,0 @@
1
- terraform {
2
- required_version = "~> 1.0"
3
- required_providers {
4
- cloudfoundry = {
5
- source = "cloudfoundry-community/cloudfoundry"
6
- version = "0.15.0"
7
- }
8
- }
9
- }
10
-
11
- provider "cloudfoundry" {
12
- api_url = var.cf_api_url
13
- user = var.cf_user
14
- password = var.cf_password
15
- app_logs_max = 30
16
- }
@@ -1,43 +0,0 @@
1
- variable "cf_api_url" {
2
- type = string
3
- description = "cloud.gov api url"
4
- default = "https://api.fr.cloud.gov"
5
- }
6
-
7
- variable "cf_user" {
8
- type = string
9
- description = "cloud.gov deployer account user"
10
- }
11
-
12
- variable "cf_password" {
13
- type = string
14
- description = "secret; cloud.gov deployer account password"
15
- sensitive = true
16
- }
17
-
18
- variable "cf_org_name" {
19
- type = string
20
- description = "cloud.gov organization name"
21
- }
22
-
23
- variable "cf_space_name" {
24
- type = string
25
- description = "cloud.gov space name (staging or prod)"
26
- }
27
-
28
- variable "recursive_delete" {
29
- type = bool
30
- description = "when true, deletes service bindings attached to the resource (not recommended for production)"
31
- default = false
32
- }
33
-
34
- variable "s3_service_name" {
35
- type = string
36
- description = "name for the cloud.gov managed service"
37
- }
38
-
39
- variable "s3_plan_name" {
40
- type = string
41
- description = "name of the service plan to create"
42
- default = "basic"
43
- }
@@ -1,21 +0,0 @@
1
- # Logical Data Model
2
-
3
- ![logical data model view](../rendered/apps/data.logical.svg)
4
-
5
- ```plantuml
6
- @startuml
7
- scale 0.65
8
-
9
- ' avoid problems with angled crows feet
10
- skinparam linetype ortho
11
-
12
- class TKTK_Example {
13
- * id : integer <<generated>>
14
- }
15
- @enduml
16
- ```
17
-
18
- ### Notes
19
-
20
- * See the help docs for [Entity Relationship Diagram](https://plantuml.com/ie-diagram) and [Class Diagram](https://plantuml.com/class-diagram) for syntax help.
21
- * We're using the `*` visibility modifier to denote fields that cannot be `null`.