Merge changes from main into tf-deplotment-changes

CDCgov · Jan 21, 2025 · 3ba4c87 · 3ba4c87
2 parents ec92b67 + ddf3429
commit 3ba4c87
Show file tree

Hide file tree

Showing 235 changed files with 34,842 additions and 15,458 deletions.
diff --git a/.github/ISSUE_TEMPLATE/platform-user-story.md b/.github/ISSUE_TEMPLATE/platform-user-story.md
@@ -21,34 +21,30 @@ so that _[Outcome - what is the value add to the user]_."
 
 ### Description/Use Case
 <!--
-_Use this section to describe the 'Why', and/or provide an example scenario in which this feature/functionality would be valueable._
+Use this section to describe the 'Why', and/or provide an example scenario in which this feature/functionality would be valueable.
 -->
 
 ### Risks/Impacts/Considerations
 <!--
-_Use this section to briefly list out any risks/impacts that may come about, as a result of the proposed solution._
-- _System performance may be slowed_
-- _Only a single search parameter can be used_
+Use this section to briefly list out any risks/impacts that may come about, as a result of the proposed solution.
+- _[System performance may be slowed]_
+- _[Only a single search parameter can be used]_
 -->
 
 ### Dev Notes
 <!--
-_Use this section to describe any useful technical information to duplicate an issue or explain requirements related to this ticket without providing implementation details._
-- _Provided is the data that was used to replicate the issue..._
-- _To test, use SimpleReport upload CSV page to ..._
+Use this section to describe any useful technical information to duplicate an issue or explain requirements related to this ticket without providing implementation details.
+- _[Provided is the data that was used to replicate the issue...]_
+- _[To test, use SimpleReport upload CSV page to ...]_
 -->
 
 ### Acceptance Criteria
 <!--
 What is Acceptance Criteria?
 A set of conditions or business rules, as defined by the Product Owner, which the functionality or feature should satisfy, in order to be accepted by the Product Owner.
 
-Use the following template when creating new Acceptance Criteria:
+Write the acceptance criteria as a list that can be checked off as work progresses. For example:
 
-"Given _[describe the precondition]_, when I _[describe the action performed]_, then I expect _[describe the expected outcome]_."
-
-_OR... it may be written as a bulleted list._
-
-- _Time must be displayed as HH:MM:SS_
-- _Delivery rate must be shown as a percentage_
+- [ ] _[Time must be displayed as HH:MM:SS]_
+- [ ] _[Delivery rate must be shown as a percentage]_
 -->
diff --git a/.github/actions/azviz/README.md b/.github/actions/azviz/README.md
@@ -0,0 +1,90 @@
+# AzViz (Azure Visualizer) action
+Note: This GitHub Action is imported from: https://github.com/josiahsiegel/azviz-action
+
+## ☕ Please donate to [AzViz Developer](https://github.com/PrateekKumarSingh/AzViz#readme)
+
+![](https://github.com/PrateekKumarSingh/AzViz/blob/master/img/themeneon.jpg)
+
+## Synopsis
+
+[AzViz](https://github.com/PrateekKumarSingh/AzViz) for [GitHub actions](https://github.com/marketplace?type=actions)!
+
+## Inputs
+
+### Required
+
+```yml
+inputs:
+  resource-group:
+    description: Comma-seperated resource group list
+    required: true
+  out-file:
+    description: Graph export path
+    required: true
+    default: output/viz.svg
+  sub-name:
+    description: Azure subscription name
+    required: true
+    default: Pay-As-You-Go
+```
+
+### Optional
+
+```yml
+  theme:
+    description: Graph theme (dark, light, neon)
+    required: false
+    default: neon
+  depth:
+    description: Level of Azure Resource Sub-category to be included in vizualization (1 or 2)
+    required: false
+    default: '1'
+  verbosity:
+    description: Level of information to included in vizualization (1 or 2)
+    required: false
+    default: '1'
+  format:
+    description: Graph format (png or svg)
+    required: false
+    default: svg
+  direction:
+    description: Direction in which resource groups are plotted on the visualization (left-to-right or top-to-bottom)
+    required: false
+    default: top-to-bottom
+  exclude-types:
+    description: Exclude resources via string search
+    required: false
+    default: '*excludethisthing1,excludethisthing2*'
+  splines:
+    description: Controls how edges appear in visualization. ('spline', 'polyline', 'curved', 'ortho', 'line')
+    required: false
+    default: spline
+```
+
+## Quick start
+
+`sample_min_workflow.yml`
+```yml
+jobs:
+  generate-viz:
+      runs-on: ubuntu-latest
+      steps:
+        - name: Login to Azure
+          uses: azure/login@v1
+          with:
+            creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+            enable-AzPSSession: true
+        - uses: CDCgov/prime-reportstream/.github/actions/azviz@663e24299a6336f1ff8dbddadfac1ba5d462f731aaa
+          with:
+            resource-group: ${{ github.event.inputs.resource-group }}
+            out-file: ${{ github.event.inputs.out-file }}
+            sub-name: ${{ github.event.inputs.sub-name }}
+        - uses: actions/upload-artifact@v2
+          with:
+            name: viz
+            path: output/*
+```
+
+## Dependencies
+
+ * [azure/login](https://github.com/marketplace/actions/azure-login) with `enable-AzPSSession: true`
diff --git a/.github/actions/azviz/action.yml b/.github/actions/azviz/action.yml
@@ -0,0 +1,83 @@
+# action.yml
+name: 'Generate Azure resource topology diagrams with AzViz (Azure Visualizer)'
+description: 'Run AzViz against one or more Azure Resource Groups'
+branding:
+  icon: 'download-cloud'  
+  color: 'blue'
+inputs:
+  resource-group:
+    description: Comma-seperated resource group list
+    required: true
+  out-file:
+    description: Graph export path
+    required: true
+    default: viz.svg
+  sub-name:
+    description: Azure subscription name
+    required: true
+    default: Pay-As-You-Go
+  theme:
+    description: Graph theme (dark, light, neon)
+    required: false
+    default: neon
+  depth:
+    description: Level of Azure Resource Sub-category to be included in vizualization (1 or 2)
+    required: false
+    default: '1'
+  verbosity:
+    description: Level of information to included in vizualization (1 or 2)
+    required: false
+    default: '1'
+  format:
+    description: Graph format (png or svg)
+    required: true
+    default: svg
+  direction:
+    description: Direction in which resource groups are plotted on the visualization (left-to-right or top-to-bottom)
+    required: false
+    default: top-to-bottom
+  exclude-types:
+    description: Exclude resources via string search
+    required: false
+    default: '*excludethisthing1,excludethisthing2*'
+  splines:
+    description: Controls how edges appear in visualization. ('spline', 'polyline', 'curved', 'ortho', 'line')
+    required: false
+    default: spline
+
+runs:
+  using: "composite"
+  steps:
+    - name: Choco install graphviz
+      if: runner.os == 'Windows'
+      uses: crazy-max/ghaction-chocolatey@v1
+      with:
+        args: install graphviz
+    - name: Apt-get install graphviz
+      if: runner.os != 'Windows'
+      run: |
+        sudo apt-get update;
+        sudo apt-get install graphviz -y;
+      shell: bash
+    - name: 'Install AzViz module'
+      shell: pwsh
+      run: |
+        [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
+        Install-Module -Name AzViz -AllowClobber -Confirm:$False -Force;
+        Import-Module AzViz;
+    - name: Run AzViz
+      uses: azure/powershell@v1
+      with:
+        azPSVersion: 'latest'
+        inlineScript: |
+          ${{ github.action_path }}/viz_run.ps1 `
+            -RESOURCE_GROUP '${{ inputs.resource-group }}' `
+            -OUT_FILE '${{ inputs.out-file }}' `
+            -SUB_NAME '${{ inputs.sub-name }}' `
+            -THEME '${{ inputs.theme }}' `
+            -DEPTH ${{ inputs.depth }} `
+            -VERBOSITY ${{ inputs.verbosity }} `
+            -FORMAT '${{ inputs.format }}' `
+            -DIRECTION '${{ inputs.direction }}' `
+            -EXCLUDE_TYPES '${{ inputs.exclude-types }}' `
+            -SPLINES '${{ inputs.splines }}'
diff --git a/.github/actions/azviz/viz_run.ps1 b/.github/actions/azviz/viz_run.ps1
@@ -0,0 +1,57 @@
+Param(
+    [Parameter(Mandatory)]
+    [String]$RESOURCE_GROUP,
+    [Parameter(Mandatory)]
+    [String]$OUT_FILE = 'viz.svg',
+    [Parameter(Mandatory)]
+    [String]$SUB_NAME = 'Pay-As-You-Go',
+    [Parameter(Mandatory)]
+    [String]$THEME = 'neon',
+    [Parameter(Mandatory)]
+    [String]$DEPTH = '1',
+    [Parameter(Mandatory)]
+    [String]$VERBOSITY = '1',
+    [Parameter(Mandatory)]
+    [String]$FORMAT = 'svg',
+    [Parameter(Mandatory)]
+    [String]$DIRECTION = 'top-to-bottom',
+    [String]$EXCLUDE_TYPES = '*excludethisthing1,excludethisthing2*',
+    [Parameter(Mandatory)]
+    [String]$SPLINES = 'spline'
+)
+
+# Create missing directory paths for output
+New-Item -ItemType File -Force -Path ${OUT_FILE}
+
+# Get current Azure context
+$currentAzureContext = Get-AzContext;
+
+# Check If Azure context exists
+if ($currentAzureContext.Tenant.TenantId) {
+
+    # Set Azure subscription to match SUB_NAME
+    Set-AzContext -SubscriptionName ${SUB_NAME};
+};
+
+# Run AzViz and export Azure diagram to location OUT_FILE
+Export-AzViz `
+    -ResourceGroup ${RESOURCE_GROUP}.Split(",") `
+    -Theme ${THEME} `
+    -OutputFormat ${FORMAT} `
+    -CategoryDepth ${DEPTH} `
+    -LabelVerbosity ${VERBOSITY} `
+    -ExcludeTypes ${EXCLUDE_TYPES}.Split(",") `
+    -Splines ${SPLINES} `
+    -Direction ${DIRECTION} `
+    -OutputFilePath ${OUT_FILE};
+
+if (${FORMAT} -eq 'svg') {
+
+    # Move svg embedded png to output directory
+    ((Get-Content -path ${OUT_FILE} -Raw) -replace '(?<=xlink:href\=").+?(?=icons)','') | Set-Content -Path ${OUT_FILE}
+    $ICON_PATH=$(Split-Path -Path ${OUT_FILE})+'/icons/'
+    Write-Host "Moving ${HOME}/*/AzViz/* icons to ${ICON_PATH}"
+    New-Item -ItemType Directory -Force -Path ${ICON_PATH}
+    Get-Childitem -Path ${HOME} -Force -recurse -include *.png -ErrorAction SilentlyContinue | Move-Item -dest ${ICON_PATH} -Force
+
+};
diff --git a/.github/actions/git-secrets/.gitattributes b/.github/actions/git-secrets/.gitattributes
@@ -0,0 +1,10 @@
+# Set the default behavior, in case people don't have core.autocrlf set.
+* text=auto
+
+# Force the bash scripts to be checked out with LF line endings.
+git-secrets text eol=lf
+git-secrets.1 text eol=lf
+test/bats/bin/* text eol=lf
+test/bats/libexec/* text eol=lf
+*.bats text eol=lf
+*.bash text eol=lf
diff --git a/.github/actions/git-secrets/.travis.yml b/.github/actions/git-secrets/.travis.yml
@@ -0,0 +1,8 @@
+language: bash
+
+before_install:
+- git config --global user.email "[email protected]"
+- git config --global user.name "Your Name"
+
+script:
+- make test
diff --git a/.github/actions/git-secrets/CHANGELOG.md b/.github/actions/git-secrets/CHANGELOG.md
@@ -0,0 +1,49 @@
+# CHANGELOG
+
+## 1.3.0 - 2019-02-10
+
+* Empty provider output is now excluded
+  (https://github.com/awslabs/git-secrets/issues/34)
+* Spaces are now supported in git exec path, making more Windows
+  paths execute properly.
+* Patterns with newlines and carriage returns are now loaded properly.
+* Patterns that contain only "\n" are now ignored.
+* Various Bash 4 fixes (https://github.com/awslabs/git-secrets/issues/66).
+* Make IAM key scanning much more targeted.
+
+## 1.2.1 - 2016-06-27
+
+* Fixed an issue where secret provider commands were causing "command not
+  found" errors due to a previously set IFS variable.
+  https://github.com/awslabs/git-secrets/pull/30
+
+## 1.2.0 - 2016-05-23
+
+* Fixed an issue where spaces files with spaces in their names were not being
+  properly scanned in the pre-commit hook.
+* Now ignoring empty lines and comments (e.g., `#`) in the .gitallowed file.
+* Fixed an issue where numbers were being compared to strings causing failures
+  on some platforms.
+
+## 1.1.0 - 2016-04-06
+
+* Bug fix: the pre-commit hook previously only scanned the working directory
+  rather than staged files. This release updates the pre-commit hook to instead
+  scan staged files so that git-secrets will detect violations if the working
+  directory drifts from the staging directory.
+* Added the `--scan-history` subcommand so that you can scan your entire
+  git history for violations.
+* Added the ability to filter false positives by using a .gitallowed file.
+* Added support for `--cached`, `--no-index`, and `--untracked` to the `--scan`
+  subcommand.
+
+## 1.0.1 - 2016-01-11
+
+* Now works correctly with filenames in a repository that contain spaces when
+  executing `git secrets --scan` with no provided filename (via `git grep`).
+* Now works with git repositories with hundreds of thousands of files when
+  using `git secrets --scan` with no provided filename (via `git grep`).
+
+## 1.0.0 - 2015-12-10
+
+* Initial release of ``git-secrets``.
diff --git a/.github/actions/git-secrets/CODE_OF_CONDUCT.md b/.github/actions/git-secrets/CODE_OF_CONDUCT.md
@@ -0,0 +1,4 @@
+## Code of Conduct
+This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 
+For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 
+[email protected] with any additional questions or comments.