However, by default, session cookies don't expire (only cleared out by
the end user's browser).
This is dumb. You'd think, given that there's
`config['PERMANENT_SESSION_LIFETIME']`, that you'd enable permanent
sessions in the config too - but no, you have to declare it for each
request. session.permanent is also, helpfully, a way of saying that the
session isn't permanent - in that, it will expire on its own, as
opposed to being controlled by the browser's session. Because session
is a proxy, it's only accessible from within a request context, so we
need to set this before every request 🙄http://flask.pocoo.org/docs/0.12/api/#flask.sessionhttps://stackoverflow.com/questions/34118093/flask-permanent-session-where-to-define-them
VCAP_SERVICES is not set on PaaS if no services are bound to the
application, so we need to check for VCAP_APPLICATION to parse the
application name and environment.
We're no longer using user-provided services for application secrets
so we can remove the cloudfoundry_config code responsible for parsing
VCAP_SERVICES.
Brings in the new environment variables deployment process introduced
in alphagov/notifications-api#1543.
The script is a copy of the API one and make steps are modified to
fit with the existing admin deployment targets.
flake8-print is a flake8 plugin that checks for `print()` statements in
Python files.
This should save us having to manually spot these when reviewing pull
requests.
The `--enable=T` flag needs to be set until this bug is fixed:
https://github.com/JBKahn/flake8-print/issues/27
When we’re doing user research we often:
- start the task by inviting the participant to a service on Notify
- have them use a prototype version of the admin app, hosted on a
different domain
Currently we can’t do both of these things together, because the invite
emails always send people to notifications.service.gov.uk (because it’s
the API that sends the emails, and the prototype admin app points at the
production API).
This commit changes the admin app to tell the API which host to use when
creating the invite links.
Depends on:
- [ ] https://github.com/alphagov/notifications-api/pull/1515
We should standardise on <a download> rather than
<a download="download"> everywhere. The value of the download attribute
tells the browser what filename to use, but is overridden by the
Content-Disposition HTTP header. Since it’s not being used, we should
remove it for the sake of disambiguation.
We wouldn’t wan’t anyone just seeing the raw CSV data in their browser – it isn’t clear what a user would do with it at that point. And we wouldn’t want it navigating them away from the send page, because this might cause them to lose their place.
This commit forces the file to download using the HTML5 `download` attribute:
> This attribute instructs browsers to download a URL instead of navigating to it, so the user will be prompted to save it as a local file.
– https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a#attr-download
Remove `cf-build` and `cf-build-with-docker` as they are not being used
Remove `build-codedeploy-artifact` in favor of `build-paas-artifact`
Remove `upload-codedeploy-artifact` in favor of `upload-paas-artifact`
Remove `deploy`, `check-aws-vars`,
`deploy-suspend-autoscaling-processes`,
`deploy-resume-autoscaling-processes`,
`deploy-check-autoscaling-processes` as they are remains of the pre-paas
era.
Consequently some variables became obsolete, namely: `CODEDEPLOY_PREFIX`
`CODEDEPLOY_APP_NAME`, `DNS_NAME`, `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY` and they are removed.
