darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-03 09:51:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into sms-provider-cleanup

Browse Source 
* main:
  Update to most recent pip-audit action
  Remove restart: always from devcontainer
  simplify to use the script for this exact purpose
  simplify cleanup steps
  update sandbox teardown steps
This commit is contained in:
Ryan Ahearn
2023-01-03 10:23:55 -05:00
parent 7878316790 c5f15a81de
commit a4349975e5
5 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/checks.yml vendored
View File

@@ -59,7 +59,7 @@ jobs:
- uses: ./.github/actions/setup-project - uses: ./.github/actions/setup-project
- name: Create requirements.txt - name: Create requirements.txt
run: pipenv requirements > requirements.txt run: pipenv requirements > requirements.txt
- uses: trailofbits/gh-action-pip-audit@v1.0.0 - uses: pypa/gh-action-pip-audit@v1.0.4
with: with:
inputs: requirements.txt inputs: requirements.txt
ignore-vulns: PYSEC-2022-237 ignore-vulns: PYSEC-2022-237

2
.github/workflows/daily_checks.yml vendored
View File

@@ -29,7 +29,7 @@ jobs:
- uses: ./.github/actions/setup-project - uses: ./.github/actions/setup-project
- name: Create requirements.txt - name: Create requirements.txt
run: pipenv requirements > requirements.txt run: pipenv requirements > requirements.txt
- uses: trailofbits/gh-action-pip-audit@v1.0.0 - uses: pypa/gh-action-pip-audit@v1.0.4
with: with:
inputs: requirements.txt inputs: requirements.txt
ignore-vulns: PYSEC-2022-237 ignore-vulns: PYSEC-2022-237

4
Makefile
View File

@@ -66,8 +66,8 @@ freeze-requirements: ## Pin all requirements including sub dependencies into req
audit: audit:
pipenv requirements > requirements.txt pipenv requirements > requirements.txt
pipenv requirements --dev > requirements_for_test.txt pipenv requirements --dev > requirements_for_test.txt
pipenv run pip-audit -r requirements.txt -l --ignore-vuln PYSEC-2022-237 pipenv run pip-audit -r requirements.txt --ignore-vuln PYSEC-2022-237
-pipenv run pip-audit -r requirements_for_test.txt -l -pipenv run pip-audit -r requirements_for_test.txt
.PHONY: static-scan .PHONY: static-scan
static-scan: static-scan:

1
docker-compose.devcontainer.yml
View File

@@ -48,7 +48,6 @@ services:
- redis - redis
links: links:
- db - db
restart: always
worker: worker:
container_name: worker container_name: worker
image: dev-notification-api image: dev-notification-api

5
docs/deploying.md
View File

@@ -42,7 +42,10 @@ for experimenting with infrastructure changes without going through the full CI/
Rules for use: Rules for use:
1. Ensure that no other developer is using the environment, as there is nothing stopping changes from overwriting each other. 1. Ensure that no other developer is using the environment, as there is nothing stopping changes from overwriting each other.
1. Clean up services you create when you are done. `terraform destroy` from within the `terraform/sandbox` directory should do it. 1. Clean up when you are done:
- `terraform destroy` from within the `terraform/sandbox` directory will take care of the provisioned services
- Delete the apps and routes shown in `cf apps` by running `cf delete APP_NAME -r`
- Delete the space deployers still shown in `cf services` by running `terraform/destroy_service_account.sh -s notify-sandbox -u <space-deployer>`
### Deploying to the sandbox ### Deploying to the sandbox