Merge pull request #134 from Enterprise-CMCS/val

Release to production

.codeclimate.yml

@@ -2,4 +2,19 @@ version: "2"
 checks:
   method-lines:
     config:
-      threshold: 40
+      threshold: 1000 # defacto disable
+exclude_patterns:
+  - "config/"
+  - "db/"
+  - "dist/"
+  - "features/"
+  - "**/node_modules/"
+  - "script/"
+  - "**/spec/"
+  - "**/test/"
+  - "**/tests/"
+  - "Tests/"
+  - "**/vendor/"
+  - "**/*_test.go"
+  - "**/*.d.ts"
+  - "src/services/ui/src/pages/faq/**"

.github/workflows/dependency-review.yml

@@ -18,3 +18,5 @@ jobs:
         uses: actions/checkout@v3
       - name: "Dependency Review"
         uses: actions/dependency-review-action@v2
+        with:
+          fail-on-severity: moderate # Ignore low findings.

.github/workflows/deploy.yml

@@ -37,6 +37,7 @@ jobs:
       url: ${{ steps.deployment-data.outputs.APPURL }}
     outputs:
       app-url: ${{ steps.deployment-data.outputs.APPURL }}
+      kibana-url: ${{ steps.kibana-url.outputs.KIBANAURL }}
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -53,7 +54,7 @@ jobs:
       - name: Deploy
         run: run deploy --stage $STAGE_NAME
 
-      - name: Set URL
+      - name: Set Site URL
         id: deployment-data
         run: |
           echo ${{ github.ref_name }}
@@ -63,6 +64,28 @@ jobs:
             --stack-name $PROJECT-ui-infra-$STAGE_NAME \
             --query Stacks[0].Outputs[0].OutputValue
           )" | tr -d \'\" >> $GITHUB_OUTPUT
+
+      - name: Set Kibana URL
+        id: kibana-url
+        run: |
+          echo KIBANAURL=$(
+            sls info --verbose --stage $STAGE_NAME |& grep -m 1 OpenSearchDashboardEndpoint |
+            awk '{print $NF}' | awk '{$1=$1};1' |
+            tr -d \'\"
+          ) >> $GITHUB_OUTPUT
+
+  kibana-url:
+    runs-on: ubuntu-20.04
+    needs:
+      - deploy
+    environment:
+      name: ${{ github.ref_name }}-kibana
+      url: ${{ needs.deploy.outputs.kibana-url }}
+    steps:
+      - name: Display Kibana URL
+        run: |
+          echo "Kibana URL: ${{ needs.deploy.outputs.kibana-url }}"
+
   test:
     runs-on: ubuntu-20.04
     needs:
@@ -85,35 +108,33 @@ jobs:
       - name: Test
         run: yarn test-ci
 
-  e2e:
-    timeout-minutes: 5
-    runs-on: ubuntu-20.04
-    needs:
-      - deploy
-    env:
-      baseurl: ${{ needs.deploy.outputs.app-url }}
-    if: ${{ github.ref != 'refs/heads/production' }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Setup
-        uses: ./.github/actions/setup
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
-          aws-region: us-east-1
-          role-duration-seconds: 10800
-      - name: Install Playwright Browsers
-        run: yarn playwright install --with-deps
-      - name: Run e2e tests
-        run: run e2e
-      - uses: actions/upload-artifact@v3
-        if: always()
-        with:
-          name: playwright-report
-          path: src/services/ui/playwright-report/
-          retention-days: 30
+  # e2e:
+  #   timeout-minutes: 5
+  #   runs-on: ubuntu-20.04
+  #   needs:
+  #     - deploy
+  #   env:
+  #     baseurl: ${{ needs.deploy.outputs.app-url }}
+  #   if: ${{ github.ref != 'refs/heads/production' }}
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v3
+  #     - name: Setup
+  #       uses: ./.github/actions/setup
+  #     - name: Configure AWS credentials
+  #       uses: aws-actions/configure-aws-credentials@v2
+  #       with:
+  #         role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
+  #         aws-region: us-east-1
+  #         role-duration-seconds: 10800
+  #     - name: Run e2e tests
+  #       run: run e2e
+  #     - uses: actions/upload-artifact@v3
+  #       if: always()
+  #       with:
+  #         name: playwright-report
+  #         path: src/services/ui/playwright-report/
+  #         retention-days: 30
 
   cfn-nag:
     runs-on: ubuntu-20.04

.github/workflows/security-group-cleanup.yml

@@ -0,0 +1,51 @@
+name: Security Group Cleanup
+
+on:
+  schedule:
+    - cron: "0 2 * * *"
+  workflow_dispatch:
+
+jobs:
+  security-group-cleanup:
+    name: Security Group Cleanup
+    runs-on: ubuntu-20.04
+
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - uses: ./.github/actions/setup # We need this largely for the PROJECT variable setting
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
+          aws-region: us-east-1
+          role-duration-seconds: 10800
+
+      - name: Clean Up Unassigned Security Groups
+        id: runningStages
+        run: |
+          # Step 1, get a list of all security groups attached to ENIs
+          inusesgs=(`aws ec2 describe-network-interfaces \
+              --query "NetworkInterfaces[].Groups[].GroupId" \
+              --output text`)
+
+          # Step 2, get a list of all security groups owned by our project.
+          allsgs=(`aws ec2 describe-security-groups \
+              --filters Name=tag:PROJECT,Values="$PROJECT" \
+              --query "SecurityGroups[].GroupId" \
+              --output text`)
+
+          # Step 3, delete any security group owned by our project that's not attached to an ENI
+          for i in "${allsgs[@]}"
+          do
+              if [[ " ${inusesgs[*]} " =~ " ${i} " ]]; then
+                  echo "Keping $i as it is in use"
+              else
+                  echo "Deleting $i as it is not in use..."
+                  aws ec2 delete-security-group --group-id $i
+              fi
+          done

.github/workflows/workspace-setup.yml

@@ -11,7 +11,7 @@ concurrency:
 jobs:
   test:
     runs-on: macos-12
-    timeout-minutes: 30 # MacOS runners are more expensive than linux, so we want to be sure to stop any stuck builds.
+    timeout-minutes: 120 # MacOS runners are more expensive than linux, so we want to be sure to stop any stuck builds.
     environment:
       name: test-ws-setup
     env:
@@ -60,12 +60,12 @@ jobs:
           direnv allow
           direnv exec run deploy --stage $STAGE_NAME
 
-      - name: Test test
-        run: |
-          source /tmp/.profile
-          nvm use
-          direnv allow
-          direnv exec run test --stage $STAGE_NAME
+      # - name: Test test
+      #   run: |
+      #     source /tmp/.profile
+      #     nvm use
+      #     direnv allow
+      #     direnv exec run test --stage $STAGE_NAME
 
       - name: Test destroy
         run: |
@@ -74,12 +74,18 @@ jobs:
           direnv allow
           direnv exec run destroy --stage $STAGE_NAME --verify false --wait false
 
+  notify_of_failure:
+    runs-on: ubuntu-20.04
+    needs:
+      - test
+    if: failure()
+    steps:
       - name: Slack Notification
         uses: rtCamp/action-slack-notify@v2
-        if: env.SLACK_WEBHOOK != '' && failure()
+        if: env.SLACK_WEBHOOK != ''
         env:
           SLACK_COLOR: ${{job.status}}
           SLACK_ICON: https://github.com/Enterprise-CMCS.png?size=48
           SLACK_TITLE: Failure
           SLACK_USERNAME: ${{ github.repository }} - ${{job.status}}
-          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

README.md

@@ -1,21 +1,21 @@
 ---
-### Please visit our [docs site](https://enterprise-cmcs.github.io/macpro-om-template/) for complete documentation.
+### Please visit our [docs site](https://enterprise-cmcs.github.io/macpro-mako/) for complete documentation.
 ---
 
-<h1 align="center" style="border-bottom: none;">macpro-om-template</h1>
+<h1 align="center" style="border-bottom: none;">macpro-mako</h1>
 <h3 align="center">A new project by the MACPRO Platform Team</h3>
 <p align="center">
-  <a href="https://enterprise-cmcs.github.io/macpro-om-template/">
+  <a href="https://enterprise-cmcs.github.io/macpro-mako/">
     <img alt="Docs" src="https://img.shields.io/badge/Docs-site-blue.svg">
   </a>
-  <a href="https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/246">
+  <a href="https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/257">
     <img alt="Jira" src="https://img.shields.io/badge/Jira-board-0052CC.svg">
   </a>
-  <a href="https://cmsgov.slack.com/archives/C02QU8VNPV4">
+  <a href="https://cmsgov.slack.com/archives/C05ECGY0F5F">
     <img alt="Slack" src="https://img.shields.io/badge/Slack-channel-purple.svg">
   </a>
-  <a href="https://codeclimate.com/github/Enterprise-CMCS/macpro-om-template/maintainability">
-    <img src="https://api.codeclimate.com/v1/badges/81d2233c0cfa7557c7ab/maintainability" />
+  <a href="https://codeclimate.com/github/Enterprise-CMCS/macpro-mako/maintainability">
+    <img src="https://api.codeclimate.com/v1/badges/f4480e77af640e6fa864/maintainability" />
   </a>
   <a href="https://dependabot.com/">
     <img alt="Dependabot" src="https://badgen.net/badge/Dependabot/enabled/green?icon=dependabot">
@@ -30,17 +30,17 @@
 
 ## Overview
 
-This project will serve as a starting point for the redesign of onemac.cms.gov
+The macpro-mako project, a.k.a. MAKO, a.k.a. Micro, is a redesign of MACPRO Onemac. The mission to be a modern submission and review portal for select CMS data remains the same, but the architecture is different in some important ways.
 
 <p align="center">
   <img width="55%" src="docs/assets/diagram.svg">
 </p>
 
 ## Contributing
 
-Work items for this project are tracked in Jira. Check out the [project kanban board](https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/216) to view all work items affecting this repo.
+Work items for this project are tracked in Jira. Check out the [project kanban board](https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/257) to view all work items affecting this repo.
 
-If you don't have access to Jira, would like access to Jira, or would like to drop us an idea without pursuing Jira access, please visit the [slack channel](https://cmsgov.slack.com/archives/C0403M0D007).
+If you don't have access to Jira, would like access to Jira, or would like to drop us an idea without pursuing Jira access, please visit the [slack channel](https://cmsgov.slack.com/archives/C05ECGY0F5F).
 
 ## License
 

docs/_config.yml

@@ -10,8 +10,8 @@
 # Thanks, and have fun!  
 #   - MACPro Platform Team
 
-title: Macpro OM Template
-description: A new project for the platform team, description TBD.
+title: MAKO
+description: A new project by the CMS MACPRO platform team.
 # baseurl: "/just-the-docs" # the subpath of your site, e.g. /blog
 url: "https://enterprise-cmcs.github.io/" # the base hostname & protocol for your site, e.g. http://example.com
 keep_files: ["docs/metrics/_next"]
@@ -41,8 +41,8 @@ team:
   members: # This list automatically populates the Team Introduction page.  Add/Edit as appropriate.
     - role: Product Owner
       description: Responsible for project scope, direction, and delivery.
-      name: Berry Davenport
-      email: bdavenport@gswell.com
+      name: Anna Hawk
+      email: ahawk@gswell.com
     - role: Tech Lead
       description: Leads tooling, tech, and arch discussions and decisions.
       name: Ben Paige
@@ -52,28 +52,20 @@ team:
 meetings:
   - name: Standup
     days: Daily
-    time: 10:30am - 11:00am ET
-    link: Ask for the Hangouts invite on Slack.
-  - name: Refinement
-    days: Tues, Thurs
-    time: 11:00am - 11:30am ET
-    link: Ask for the Hangouts invite on Slack.
-  - name: Retro
-    days: every other Wed
-    time: 3:00pm - 4:00pm ET
-    link: Ask for the Hangouts invite on Slack.
-  - name: Planning
-    days: every other Thurs
-    time: 10:30am - 1:00pm ET
+    time: 11:30am - 12:00pm ET
+    link: Bookmarked in Slack Channel.
+  - name: Touchpoint
+    days: Wed
+    time: 10:00am - 10:30am ET
     link: Ask for the Hangouts invite on Slack.
 
 repo:
   org: Enterprise-CMCS
-  name: macpro-om-template
-  url: https://github.com/Enterprise-CMCS/macpro-om-template
+  name: macpro-mako
+  url: https://github.com/Enterprise-CMCS/macpro-mako
 
 slack: 
-  channel_url: https://cmsgov.slack.com/archives/C02QU8VNPV4
+  channel_url: https://cmsgov.slack.com/archives/C05ECGY0F5F
 
 remote_theme: just-the-docs/just-the-docs
 permalink: pretty
@@ -100,11 +92,11 @@ heading_anchors: true
 # Aux links for the upper right navigation
 aux_links:
   "GitHub":
-    - "https://github.com/Enterprise-CMCS/macpro-base-template"
+    - "https://github.com/Enterprise-CMCS/macpro-mako"
   "Jira":
-    - "https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/246"
+    - "https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/257"
   "Slack":
-    - "https://cmsgov.slack.com/archives/C02QU8VNPV4"
+    - "https://cmsgov.slack.com/archives/C05ECGY0F5F"
 aux_links_new_tab: false
 
 # Sort order for navigation links
@@ -113,11 +105,11 @@ nav_sort: case_sensitive # Capital letters sorted before lowercase
 # External navigation links
 nav_external_links:
   - title: GitHub
-    url: https://github.com/Enterprise-CMCS/macpro-om-template
+    url: https://github.com/Enterprise-CMCS/macpro-mako
   - title: Jira
-    url: https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/216
+    url: https://qmacbis.atlassian.net/jira/software/c/projects/OY2/boards/257
   - title: Slack
-    url: https://cmsgov.slack.com/archives/C02QU8VNPV4
+    url: https://cmsgov.slack.com/archives/C05ECGY0F5F
 
 # Footer content
 # appears at the bottom of every page's main content
@@ -130,7 +122,7 @@ last_edit_time_format: "%b %e %Y at %I:%M %p" # uses ruby's time format: https:/
 # Footer "Edit this page on GitHub" link text
 gh_edit_link: true # show or hide edit this page link
 gh_edit_link_text: "Edit this page on GitHub"
-gh_edit_repository: "https://github.com/Enterprise-CMCS/macpro-om-template" # the github URL for your repo
+gh_edit_repository: "https://github.com/Enterprise-CMCS/macpro-mako" # the github URL for your repo
 gh_edit_branch: "master" # the branch that your docs is served from
 gh_edit_source: docs # the source that your files originate from
 gh_edit_view_mode: "tree" # "tree" or "edit" if you want the user to jump into the editor immediately