rails_template_18f 1.0.0 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (33) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +12 -0
  3. data/Gemfile.lock +49 -45
  4. data/README.md +102 -29
  5. data/exe/rails_template_18f +0 -21
  6. data/lib/generators/rails_template18f/active_storage/active_storage_generator.rb +2 -2
  7. data/lib/generators/rails_template18f/auditree/auditree_generator.rb +115 -0
  8. data/lib/generators/rails_template18f/auditree/templates/bin/auditree.tt +103 -0
  9. data/lib/generators/rails_template18f/auditree/templates/github/actions/auditree-cmd/action.yml.tt +42 -0
  10. data/lib/generators/rails_template18f/auditree/templates/github/workflows/auditree-validation.yml.tt +38 -0
  11. data/lib/generators/rails_template18f/circleci/templates/circleci/config.yml.tt +8 -7
  12. data/lib/generators/rails_template18f/cloud_gov_config/cloud_gov_config_generator.rb +1 -1
  13. data/lib/generators/rails_template18f/github_actions/github_actions_generator.rb +0 -1
  14. data/lib/generators/rails_template18f/github_actions/templates/github/dependabot.yml.tt +25 -0
  15. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/assemble-ssp.yml.tt +12 -3
  16. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/brakeman-analysis.yml +1 -1
  17. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/rspec.yml.tt +9 -1
  18. data/lib/generators/rails_template18f/github_actions/templates/github/workflows/{validate-ssp.yml.tt → validate-ssp.yml} +1 -1
  19. data/lib/generators/rails_template18f/newrelic/newrelic_generator.rb +1 -1
  20. data/lib/generators/rails_template18f/oscal/oscal_generator.rb +14 -1
  21. data/lib/generators/rails_template18f/oscal/templates/bin/trestle.tt +4 -1
  22. data/lib/generators/rails_template18f/oscal/templates/github/actions/trestle-cmd/action.yml.tt +16 -0
  23. data/lib/generators/rails_template18f/sidekiq/sidekiq_generator.rb +1 -1
  24. data/lib/rails_template18f/version.rb +1 -1
  25. data/rails-template-18f.gemspec +3 -3
  26. data/railsrc +2 -0
  27. data/railsrc-hotwire +2 -0
  28. data/template.rb +26 -11
  29. data/templates/lib/tasks/scanning.rake +1 -1
  30. data/templates/manifest.yml.tt +0 -1
  31. metadata +16 -12
  32. data/lib/generators/rails_template18f/github_actions/templates/github/actions/trestle-cmd/action.yml +0 -20
  33. data/lib/rails_template18f/app_updater.rb +0 -19
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a7f0ec410febea02b2e3cbc4200373ebbe5b2403f2bd643433acd8d493af8729
4
- data.tar.gz: 6a58037093cf649f10bd0ae6166372c8d878e0eecf547baf0ab9be4be91b5d59
3
+ metadata.gz: 957ad56e218689b3d05f7c31ae6354a4e2c42877567ea87478845b30129cef43
4
+ data.tar.gz: f5d6045a2632863b50209c557f7460f61f9bacb90a99883b6b090f6580c528d0
5
5
  SHA512:
6
- metadata.gz: 04c73690530b927f6cf0063c512f580725d19fcad7cce351b24e672b3169167747ae5c344ee437ca078bf4077f53bc7678a0fcdb0b5cf59b3743cec7ecfe79a0
7
- data.tar.gz: 6aabb2b9fa5191ed1f295605d47153e79c753880eb8038591ceee1ac733185ddd23de64a7f0041f602527c12f4f92f627fe4a6379772b14cebe36fe87bcdf102
6
+ metadata.gz: ea0332afd7b819bcd2b03acca406467f9404de6f8e065e980bdabf81ef7083377f8dfc4d6754baaf1a4e6525eaa5190402f7a5307d35fb472960089a62ddba9e
7
+ data.tar.gz: 5720c1340a3065354de210dd4deccb5577656876501514ac09faf91a133511e92796e0cb18aee299e8894b16394fbacde12419e6c97795a3be086242e9afa815
data/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  ## [Unreleased]
2
2
 
3
+ ## [1.2.0] - 2024-09-20
4
+
5
+ - new applications are now on Rails 7.2.x
6
+ - configure dependabot in Github Actions generator
7
+ - fix bin/trestle and bin/auditree so that command line flags are properly passed into the docker containers
8
+ - updates to trestle and auditree github actions
9
+
10
+ ## [1.1.0] - 2024-08-20
11
+
12
+ - add an auditree generator for integration with auditree-devtools and github actions to run it
13
+ - remove the obsolete entry to include nodejs_buildpack in cloud.gov manifest.yml
14
+
3
15
  ## [1.0.0] - 2024-06-27
4
16
 
5
17
  - new applications are now on Rails 7.1.x
data/Gemfile.lock CHANGED
@@ -1,41 +1,43 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rails_template_18f (1.0.0)
5
- activesupport (~> 7.1.0)
4
+ rails_template_18f (1.2.0)
5
+ activesupport (~> 7.2.0)
6
6
  colorize (~> 1.1)
7
- railties (~> 7.1.0)
7
+ railties (~> 7.2.0)
8
8
  thor (~> 1.3)
9
9
 
10
10
  GEM
11
11
  remote: https://rubygems.org/
12
12
  specs:
13
- actionpack (7.1.3.4)
14
- actionview (= 7.1.3.4)
15
- activesupport (= 7.1.3.4)
13
+ actionpack (7.2.0)
14
+ actionview (= 7.2.0)
15
+ activesupport (= 7.2.0)
16
16
  nokogiri (>= 1.8.5)
17
17
  racc
18
- rack (>= 2.2.4)
18
+ rack (>= 2.2.4, < 3.2)
19
19
  rack-session (>= 1.0.1)
20
20
  rack-test (>= 0.6.3)
21
21
  rails-dom-testing (~> 2.2)
22
22
  rails-html-sanitizer (~> 1.6)
23
- actionview (7.1.3.4)
24
- activesupport (= 7.1.3.4)
23
+ useragent (~> 0.16)
24
+ actionview (7.2.0)
25
+ activesupport (= 7.2.0)
25
26
  builder (~> 3.1)
26
27
  erubi (~> 1.11)
27
28
  rails-dom-testing (~> 2.2)
28
29
  rails-html-sanitizer (~> 1.6)
29
- activesupport (7.1.3.4)
30
+ activesupport (7.2.0)
30
31
  base64
31
32
  bigdecimal
32
- concurrent-ruby (~> 1.0, >= 1.0.2)
33
+ concurrent-ruby (~> 1.0, >= 1.3.1)
33
34
  connection_pool (>= 2.2.5)
34
35
  drb
35
36
  i18n (>= 1.6, < 2)
37
+ logger (>= 1.4.2)
36
38
  minitest (>= 5.1)
37
- mutex_m
38
- tzinfo (~> 2.0)
39
+ securerandom (>= 0.3)
40
+ tzinfo (~> 2.0, >= 2.0.5)
39
41
  ammeter (1.1.7)
40
42
  activesupport (>= 3.0)
41
43
  railties (>= 3.0)
@@ -43,43 +45,43 @@ GEM
43
45
  ast (2.4.2)
44
46
  base64 (0.2.0)
45
47
  bigdecimal (3.1.8)
46
- builder (3.2.4)
48
+ builder (3.3.0)
47
49
  byebug (11.1.3)
48
50
  colorize (1.1.0)
49
- concurrent-ruby (1.3.1)
51
+ concurrent-ruby (1.3.4)
50
52
  connection_pool (2.4.1)
51
53
  crass (1.0.6)
52
54
  diff-lcs (1.5.1)
53
55
  drb (2.2.1)
54
- erubi (1.12.0)
56
+ erubi (1.13.0)
55
57
  i18n (1.14.5)
56
58
  concurrent-ruby (~> 1.0)
57
59
  io-console (0.7.2)
58
- irb (1.13.1)
60
+ irb (1.14.0)
59
61
  rdoc (>= 4.0.0)
60
62
  reline (>= 0.4.2)
61
63
  json (2.7.2)
62
64
  language_server-protocol (3.17.0.3)
63
65
  lint_roller (1.1.0)
66
+ logger (1.6.0)
64
67
  loofah (2.22.0)
65
68
  crass (~> 1.0.2)
66
69
  nokogiri (>= 1.12.0)
67
- minitest (5.23.1)
68
- mutex_m (0.2.0)
69
- nokogiri (1.16.5-arm64-darwin)
70
+ minitest (5.25.1)
71
+ nokogiri (1.16.7-arm64-darwin)
70
72
  racc (~> 1.4)
71
- nokogiri (1.16.5-x86_64-darwin)
73
+ nokogiri (1.16.7-x86_64-darwin)
72
74
  racc (~> 1.4)
73
- nokogiri (1.16.5-x86_64-linux)
75
+ nokogiri (1.16.7-x86_64-linux)
74
76
  racc (~> 1.4)
75
- parallel (1.24.0)
76
- parser (3.3.2.0)
77
+ parallel (1.26.3)
78
+ parser (3.3.4.2)
77
79
  ast (~> 2.4.1)
78
80
  racc
79
81
  psych (5.1.2)
80
82
  stringio
81
- racc (1.8.0)
82
- rack (3.0.11)
83
+ racc (1.8.1)
84
+ rack (3.1.7)
83
85
  rack-session (2.0.0)
84
86
  rack (>= 3.0.0)
85
87
  rack-test (2.1.0)
@@ -94,10 +96,10 @@ GEM
94
96
  rails-html-sanitizer (1.6.0)
95
97
  loofah (~> 2.21)
96
98
  nokogiri (~> 1.14)
97
- railties (7.1.3.4)
98
- actionpack (= 7.1.3.4)
99
- activesupport (= 7.1.3.4)
100
- irb
99
+ railties (7.2.0)
100
+ actionpack (= 7.2.0)
101
+ activesupport (= 7.2.0)
102
+ irb (~> 1.13)
101
103
  rackup (>= 1.0.0)
102
104
  rake (>= 12.2)
103
105
  thor (~> 1.0, >= 1.2.2)
@@ -107,23 +109,23 @@ GEM
107
109
  rdoc (6.7.0)
108
110
  psych (>= 4.0.0)
109
111
  regexp_parser (2.9.2)
110
- reline (0.5.8)
112
+ reline (0.5.9)
111
113
  io-console (~> 0.5)
112
- rexml (3.2.8)
113
- strscan (>= 3.0.9)
114
+ rexml (3.3.6)
115
+ strscan
114
116
  rspec (3.13.0)
115
117
  rspec-core (~> 3.13.0)
116
118
  rspec-expectations (~> 3.13.0)
117
119
  rspec-mocks (~> 3.13.0)
118
120
  rspec-core (3.13.0)
119
121
  rspec-support (~> 3.13.0)
120
- rspec-expectations (3.13.0)
122
+ rspec-expectations (3.13.2)
121
123
  diff-lcs (>= 1.2.0, < 2.0)
122
124
  rspec-support (~> 3.13.0)
123
125
  rspec-mocks (3.13.1)
124
126
  diff-lcs (>= 1.2.0, < 2.0)
125
127
  rspec-support (~> 3.13.0)
126
- rspec-rails (6.1.2)
128
+ rspec-rails (6.1.4)
127
129
  actionpack (>= 6.1)
128
130
  activesupport (>= 6.1)
129
131
  railties (>= 6.1)
@@ -132,27 +134,28 @@ GEM
132
134
  rspec-mocks (~> 3.13)
133
135
  rspec-support (~> 3.13)
134
136
  rspec-support (3.13.1)
135
- rubocop (1.63.5)
137
+ rubocop (1.65.1)
136
138
  json (~> 2.3)
137
139
  language_server-protocol (>= 3.17.0)
138
140
  parallel (~> 1.10)
139
141
  parser (>= 3.3.0.2)
140
142
  rainbow (>= 2.2.2, < 4.0)
141
- regexp_parser (>= 1.8, < 3.0)
143
+ regexp_parser (>= 2.4, < 3.0)
142
144
  rexml (>= 3.2.5, < 4.0)
143
145
  rubocop-ast (>= 1.31.1, < 2.0)
144
146
  ruby-progressbar (~> 1.7)
145
147
  unicode-display_width (>= 2.4.0, < 3.0)
146
- rubocop-ast (1.31.3)
148
+ rubocop-ast (1.32.1)
147
149
  parser (>= 3.3.1.0)
148
- rubocop-performance (1.21.0)
150
+ rubocop-performance (1.21.1)
149
151
  rubocop (>= 1.48.1, < 2.0)
150
152
  rubocop-ast (>= 1.31.1, < 2.0)
151
153
  ruby-progressbar (1.13.0)
152
- standard (1.36.0)
154
+ securerandom (0.3.1)
155
+ standard (1.40.0)
153
156
  language_server-protocol (~> 3.17.0.2)
154
157
  lint_roller (~> 1.0)
155
- rubocop (~> 1.63.0)
158
+ rubocop (~> 1.65.0)
156
159
  standard-custom (~> 1.0.0)
157
160
  standard-performance (~> 1.4)
158
161
  standard-custom (1.0.2)
@@ -161,14 +164,15 @@ GEM
161
164
  standard-performance (1.4.0)
162
165
  lint_roller (~> 1.1)
163
166
  rubocop-performance (~> 1.21.0)
164
- stringio (3.1.0)
167
+ stringio (3.1.1)
165
168
  strscan (3.1.0)
166
169
  thor (1.3.1)
167
170
  tzinfo (2.0.6)
168
171
  concurrent-ruby (~> 1.0)
169
172
  unicode-display_width (2.5.0)
173
+ useragent (0.16.10)
170
174
  webrick (1.8.1)
171
- zeitwerk (2.6.15)
175
+ zeitwerk (2.6.17)
172
176
 
173
177
  PLATFORMS
174
178
  arm64-darwin-23
@@ -182,7 +186,7 @@ DEPENDENCIES
182
186
  rails_template_18f!
183
187
  rake (~> 13.0)
184
188
  rspec (~> 3.13)
185
- standard (~> 1.36)
189
+ standard (~> 1.40)
186
190
 
187
191
  BUNDLED WITH
188
- 2.3.15
192
+ 2.5.16
data/README.md CHANGED
@@ -2,40 +2,28 @@
2
2
  ============================
3
3
  The 18F Rails template starts or upgrades Rails projects so that they're more secure, follow compliance rules, and are nearly ready to deploy onto cloud.gov. This gem sets up security checks and compliance diagrams, adds the U.S. Web Design System (USWDS), and much much more — [see the full list of features](#features).
4
4
 
5
- This template will create a new Rails 7.1.x project.
5
+ This template will create a new Rails 7.2.x project.
6
6
 
7
- [See the `rails-7.0` branch for Rails 7.0.x](https://github.com/gsa-tts/rails-template/tree/rails-7.0)
7
+ [See the `rails-7.1` branch for Rails 7.1.x](https://github.com/gsa-tts/rails-template/tree/rails-7.1)
8
8
 
9
- ## Installation
9
+ ## Usage
10
10
 
11
11
  ### For a new Rails project
12
12
 
13
- 1. Install the gem:
13
+ #### Install the gem:
14
14
  ```
15
15
  $ gem install rails_template_18f
16
16
  ```
17
17
 
18
- 2. Decide whether to install Rails with Hotwire, a framework for client-side interactivity using JavaScript
19
- - **For entirely server-side rendered applications**, without any Javascript:
20
- - Use the default configuration (`rails_template_18f new <project name> --no-hotwire`)
21
- - **For applications that need [a bit of client-side interactivity][aBitOfJS]**, but not a full single page application like React or Vue:
22
- - Use Hotwire (`rails_template_18f new <project name> --hotwire`)
23
- - **For single-page applications** where most of the interaction will take place via JavaScript, and which will use a framework like React or Vue:
24
- - Use the default configuration (`rails_template_18f new <project name> --no-hotwire`)
18
+ #### Decide whether to install Rails with Hotwire
25
19
 
26
- The `--hotwire` flag means that [Hotwire](https://hotwired.dev/) and [ActionCable](https://guides.rubyonrails.org/action_cable_overview.html) are installed. ActionCable is included to enable the [Turbo Streams](https://turbo.hotwired.dev/handbook/streams) functionality of Hotwire.
20
+ [Hotwire](hotwire) is a framework for client-side interactivity using JavaScript that stops short of a full Single Page Application (SPA) framework like React or Vue.
27
21
 
28
- Before installing, you may want to consider the other application configuration options in the next section.
22
+ It is a good choice if you need [a bit of client-side interactivity][aBitOfJS]. Do not use Hotwire if you either will have almost no Javascript at all, or if you are going to use a full SPA.
29
23
 
30
- [aBitOfJS]: https://engineering.18f.gov/web-architecture/#:~:text=are%20more%20complex-,If%20your%20use%20case%20requires%20a%20bit%20of%20client%2Dside%20interactivity%2C%20use%20the%20above%20options%20with%20a%20bit%20of%20JavaScript.,-You%20might%20use
24
+ #### Review the defaults and decide if you want to override any of them
31
25
 
32
- #### Advanced configuration
33
-
34
- There are a variety of options that customize your Rails application.
35
-
36
- **Important:** Do not use flags `--skip-bundle` or `--skip-javascript`, or various parts of this template will break.
37
-
38
- #### Default configuration
26
+ <details><summary>Default configuration</summary>
39
27
 
40
28
  ```sh
41
29
  --skip-active-storage # Don't include ActiveStorage for document upload
@@ -49,19 +37,95 @@ There are a variety of options that customize your Rails application.
49
37
  --css=postcss # Use the PostCSS framework for bundling CSS
50
38
  --template=template.rb # Add additional configuration from template.rb
51
39
  --database=postgresql # Use a PostgreSQL database
40
+ --skip-rubocop # Skip rubocop integration in favor of Standard Ruby
41
+ --skip-ci # Skip github actions in favor of our CI generators
52
42
  ```
53
43
 
54
- #### Customizing the installation
44
+ If you are using Hotwire, then `--skip-hotwire` and `--skip-action-cable` are automatically removed from this list, as they are required for the Hotwire functionality.
45
+ </details>
46
+ <br />
47
+
48
+ Add the following options at the end of your `rails_template_18f new` command to overwrite any of those defaults.
55
49
 
56
50
  | Option | Description |
57
51
  |--------|-------------|
58
52
  | `--no-skip-<framework>` | Each of the skipped frameworks listed above (also in `railsrc`) can be overridden on the command line. For example: `--no-skip-active-storage` will include support for `ActiveStorage` document uploads |
59
53
  | `--javascript=esbuild` | Use [esbuild](https://esbuild.github.io/) instead of [webpack](https://webpack.js.org/) for JavaScript bundling. Note that maintaining IE11 support with esbuild may be tricky. |
60
54
 
61
- You probably won't want to customize the template — that defeats the purpose of using this gem!
62
-
63
55
  _TODO: Documentation on whether you can override the `css` and `database` options._
64
56
 
57
+ **Important:** Do not use flags `--skip-bundle` or `--skip-javascript`, or various parts of this template will break.
58
+
59
+ #### Create your application
60
+
61
+ <details><summary>If you are using Hotwire, run:</summary>
62
+
63
+ ```
64
+ $ rails_template_18f new <project name> --hotwire ADDITIONAL_CONFIG_OPTIONS
65
+ ```
66
+ </details>
67
+
68
+ <details><summary>If you are not using Hotwire, run:</summary>
69
+
70
+ ```
71
+ $ rails_template_18f new <project name> ADDITIONAL_CONFIG_OPTIONS
72
+ ```
73
+ </details>
74
+
75
+ #### Answer the setup questions that the template asks
76
+
77
+ The template asks questions to ensure your new application is set up for your use case.
78
+
79
+ <details><summary>Set up docker-trestle integration for Compliance-as-Code?</summary>
80
+
81
+ Answer `y` to integrate with [docker-trestle](https://github.com/gsa-tts/docker-trestle) for creating compliance documents in markdown and [OSCAL](https://pages.nist.gov/OSCAL/).
82
+
83
+ Follow up questions if you answer `y`:
84
+ * "Set up compliance documents as a git submodule?" Answer `y` if you want compliance documents to be stored in a separate git repository and linked to your app as a submodule. Answer `n` to have documents checked directly into your code repo.
85
+ * If you answer `y`, you'll need to provide the address of the compliance repository.
86
+ * "Run compliance checks with auditree?" Answer `y` if you want to integrate with [auditree](https://github.com/gsa-tts/auditree-devtools) for automated compliance checks.
87
+ </details>
88
+
89
+ <details><summary>Create terraform files for cloud.gov services?</summary>
90
+
91
+ Answer `y` to run the `terraform` generator. This includes a `/terraform` folder defining services and infrastructure within cloud.gov as well as support for deploying that infrastructure in your chosen CI/CD pipeline.
92
+ </details>
93
+
94
+ <details><summary>Cloud.gov organization and space names</summary>
95
+
96
+ Provide your cloud.gov organization and space names for use in terraform and deploy scripts.
97
+ </details>
98
+
99
+ <details><summary>Create GitHub Actions?</summary>
100
+
101
+ Answer `y` to create Github Actions workflows for running tests, scans, and deploys. Also configures Dependabot.
102
+ </details>
103
+
104
+ <details><summary>Create CircleCI config?</summary>
105
+
106
+ Answer `y` to create a CircleCI workflow for running tests, scans, and deploys.
107
+ </details>
108
+
109
+ <details><summary>Create FEDRAMP New Relic config files?</summary>
110
+
111
+ Answer `y` to create a default New Relic config that can speak to the Government-flavored New Relic instance, including updating Content Security Policy headers so that browser metrics can be collected.
112
+ </details>
113
+
114
+ <details><summary>If this will be a public site, should we include Digital Analytics Program code?</summary>
115
+
116
+ Answer `y` to set up an integration with DAP.
117
+ </details>
118
+
119
+ <details><summary>Supported locales</summary>
120
+
121
+ Answer `y` for any languages that should be supported out of the box. Translations are supplied for the usa-banner. You will still be responsible for translating any application content.
122
+ </details>
123
+
124
+ <details><summary>Run db setup steps?</summary>
125
+
126
+ Answer `y` to run `rake db:create && rake db:migrate` as part of the app setup. PostgreSQL must be running or this will fail.
127
+ </details>
128
+
65
129
  ### For an existing Rails project
66
130
 
67
131
  Installing this gem in a new Rails project will _TODO: say how it will help_
@@ -74,17 +138,21 @@ gem "rails_template_18f", group: :development
74
138
 
75
139
  And then run:
76
140
 
77
- $ bundle install
141
+ ```sh
142
+ $ bundle install
143
+ ```
78
144
 
79
145
  For a list of commands this gem can perform, run:
80
146
 
81
- $ rails generate | grep 18f
147
+ ```sh
148
+ $ bin/rails generate | grep 18f
149
+ ```
82
150
 
83
- _TODO: Add documentation on each option._
151
+ Run `bin/rails generate rails_template_18f:GENERATOR --help` for information on each generator.
84
152
 
85
153
  ### Features
86
154
 
87
- This template does a lot! The template completes the following to-do list to make your application more secure, closer to standards-compliant, and nearly production-ready.
155
+ <details><summary>This template does a lot! The template completes the following to-do list to make your application more secure, closer to standards-compliant, and nearly production-ready.</summary>
88
156
 
89
157
  1. Create a better default `README`
90
158
  1. Copy `CONTRIBUTING.md` and `LICENSE.md` from the [18F Open Source Policy repo](https://github.com/18F/open-source-policy/)
@@ -110,7 +178,8 @@ This template does a lot! The template completes the following to-do list to mak
110
178
  1. Create boundary and logical data model compliance diagrams
111
179
  1. Create `manifest.yml` and variable files for cloud.gov deployment
112
180
  1. Optionally run the `rake db:create` and `rake db:migrate` setup steps
113
- 1. Optionally integrate with https://github.com/GSA-TTS/compliance-template
181
+ 1. Optionally integrate with https://github.com/GSA-TTS/docker-trestle
182
+ 1. Optionally integrate with https://github.com/GSA-TTS/auditree-devtools
114
183
  1. Optionally create GitHub Actions workflows for testing and cloud.gov deploy
115
184
  1. Optionally create terraform modules supporting staging & production cloud.gov spaces
116
185
  1. Optionally create CircleCI workflows for testing and cloud.gov deploy
@@ -119,6 +188,7 @@ This template does a lot! The template completes the following to-do list to mak
119
188
  1. Optionally add base translation files and routes for Spanish, French, and Simplified Chinese (es.yml, fr.yml, and zh.yml)
120
189
  1. Create [Architecture Decision Records](https://adr.github.io/) for above setup
121
190
  1. Commit the resulting project with git (unless `--skip-git` is passed)
191
+ </details>
122
192
 
123
193
  ## Developing this gem
124
194
 
@@ -133,3 +203,6 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/gsa-tt
133
203
  ## Code of conduct
134
204
 
135
205
  Everyone interacting in the 18F Rails Template project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/gsa-tts/rails-template/blob/main/CODE_OF_CONDUCT.md).
206
+
207
+ [hotwire]: https://hotwired.dev/
208
+ [aBitOfJS]: https://guides.18f.gov/engineering/tools/web-architecture/#if-your-use-case-requires-a-bit-of-client-side-interactivity-use-the-above-options-with-a-bit-of-javascript
@@ -26,27 +26,6 @@ class CLI < Thor
26
26
  run "rails new #{app_directory} --rc=#{File.join(gem_path, railsrc)} --template=#{File.join(gem_path, "template.rb")} #{rails_arguments.join(" ")}"
27
27
  end
28
28
 
29
- desc "update", "Run rails app:update with some enhancements"
30
- long_desc <<-LONGDESC
31
- Run `rails app:update` with frameworks fully defined by what is commented out at the top
32
- of config/application.rb
33
-
34
- Example: to enable ActiveStorage
35
-
36
- 1) Uncomment `require "active_storage/engine"` in `config/application.rb`
37
-
38
- 2) Run `bin/rails active_storage:install`
39
-
40
- 3) Run bundle exec rails_template_18f update
41
-
42
- 4) Optional: run other rails_template18f generators that may be applicable
43
- LONGDESC
44
- def update
45
- require_relative "../lib/rails_template18f/app_updater"
46
- require "rails/command"
47
- Rails::Command.invoke "app:update"
48
- end
49
-
50
29
  desc "version", "Output gem version"
51
30
  def version
52
31
  puts RailsTemplate18f::VERSION
@@ -34,11 +34,11 @@ module RailsTemplate18f
34
34
  middleware_installed = gem_installed?("faraday-multipart")
35
35
  sdk_installed = gem_installed?("aws-sdk-s3")
36
36
  return if faraday_installed && middleware_installed && sdk_installed
37
- gem "faraday", "~> 2.2" unless faraday_installed
37
+ gem "faraday", "~> 2.10" unless faraday_installed
38
38
  gem "faraday-multipart", "~> 1.0" unless middleware_installed
39
39
  unless sdk_installed
40
40
  gem_group :production do
41
- gem "aws-sdk-s3", "~> 1.112"
41
+ gem "aws-sdk-s3", "~> 1.159"
42
42
  end
43
43
  end
44
44
  bundle_install
@@ -0,0 +1,115 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "rails/generators"
4
+
5
+ module RailsTemplate18f
6
+ module Generators
7
+ class AuditreeGenerator < ::Rails::Generators::Base
8
+ include Base
9
+
10
+ class_option :tag, desc: "Which auditree docker tag to use. Defaults to `latest`"
11
+ class_option :git_email, desc: "Email address to associate with commits to the evidence locker"
12
+ class_option :evidence_locker, desc: "Git repository address to store evidence in. Defaults to a TKTK address."
13
+
14
+ desc <<~DESC
15
+ Description:
16
+ Set up auditree validation checking with https://github.com/GSA-TTS/devtools-auditree.
17
+
18
+ This generator is still experimental.
19
+ DESC
20
+
21
+ def copy_bin
22
+ template "bin/auditree"
23
+ chmod "bin/auditree", 0o755
24
+ end
25
+
26
+ def copy_github_actions
27
+ if file_exists? ".github/workflows"
28
+ directory "github", ".github"
29
+
30
+ # insert plant-helper calls in rspec
31
+ insert_into_file ".github/workflows/rspec.yml", <<PLANT_HELPER_STEPS, after: /^\s*run: bundle exec rspec$/
32
+
33
+
34
+ - name: Plant assessment plan in evidence locker
35
+ uses: ./.github/actions/auditree-cmd
36
+ env:
37
+ GITHUB_TOKEN: ${{ secrets.AUDITREE_GITHUB_TOKEN }}
38
+ with:
39
+ volume: "tmp/oscal/assessment-plans/rspec/assessment-plan.json:/tmp/rspec.json:ro"
40
+ cmd:
41
+ plant-helper -f /tmp/rspec.json -c assessment-plans -d "RSpec run assessment plan"
42
+ -t 31536000 -l #{auditree_evidence_locker}
43
+
44
+ - name: Plan assessment results in evidence locker
45
+ uses: ./.github/actions/auditree-cmd
46
+ env:
47
+ GITHUB_TOKEN: ${{ secrets.AUDITREE_GITHUB_TOKEN }}
48
+ with:
49
+ volume: "tmp/oscal/assessment-results/rspec/assessment-results.json:/tmp/rspec.json:ro"
50
+ cmd:
51
+ plant-helper -f /tmp/rspec.json -c assessment-results -d "RSpec run assessment results"
52
+ -t 31536000 -l #{auditree_evidence_locker}
53
+ PLANT_HELPER_STEPS
54
+ end
55
+ end
56
+
57
+ def update_readme
58
+ if file_content("README.md").match?("## Documentation")
59
+ insert_into_file "README.md", readme_contents, after: "## Documentation\n"
60
+ else
61
+ append_to_file "README.md", "\n## Documentation\n#{readme_contents}"
62
+ end
63
+ end
64
+
65
+ def update_component_list
66
+ if oscal_dir_exists?
67
+ insert_into_file "doc/compliance/oscal/trestle-config.yaml", " - devtools_cloud_gov\n"
68
+ end
69
+ end
70
+
71
+ no_tasks do
72
+ def docker_auditree_tag
73
+ options[:tag].present? ? options[:tag] : "latest"
74
+ end
75
+
76
+ def auditree_evidence_locker
77
+ options[:evidence_locker].present? ? options[:evidence_locker] : "https://github.com/GSA-TTS/TKTK_#{app_name}_evidence"
78
+ end
79
+
80
+ def git_email
81
+ options[:git_email].present? ? options[:git_email] : "auditree@gsa.gov"
82
+ end
83
+
84
+ def readme_contents
85
+ <<~README
86
+
87
+ ### Auditree Control Validation
88
+
89
+ Auditree is used within CI/CD to validate that certain controls are in place.
90
+
91
+ * Run `bin/auditree` to start the auditree CLI.
92
+ * Run `bin/auditree SCRIPT_NAME` to run a single auditree script
93
+
94
+ #### Initial auditree setup.
95
+
96
+ These steps must happen once per project.
97
+
98
+ 1. Docker desktop must be running
99
+ 1. Initialize the config file with `bin/auditree init`
100
+ 1. Create an evidence locker repository with a default or blank README
101
+ 1. Create a github personal access token to interact with the code repo and evidence locker and set as `AUDITREE_GITHUB_TOKEN` secret within your Github Actions secrets.
102
+ 1. Update `config/auditree.template.json` with the repo addresses for your locker and code repos
103
+ #{(options[:evidence_locker].blank? && file_exists?(".github/workflows/rspec.yml")) ? "1. Update `.github/workflows/rspec.yml` with the locker repository URL" : ""}
104
+ 1. Copy the `devtools_cloud_gov` component definition into the project with the latest docker-trestle
105
+
106
+ #### Ongoing use
107
+
108
+ See the [auditree-devtools README](https://github.com/gsa-tts/auditree-devtools) for help with updating
109
+ auditree and using new checks.
110
+ README
111
+ end
112
+ end
113
+ end
114
+ end
115
+ end