From 6608e3672e24c3baac36fb0fe7405cbb72a2805f Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 12:08:41 -0700 Subject: [PATCH 01/21] Upgrade cloudfoundry from 0.53.0 to 0.53.1 everywhere --- terraform/bootstrap/providers.tf | 2 +- terraform/demo/providers.tf | 2 +- terraform/development/providers.tf | 2 +- terraform/production/providers.tf | 2 +- terraform/sandbox/providers.tf | 2 +- terraform/shared/egress_space/providers.tf | 2 +- terraform/shared/ses/providers.tf | 2 +- terraform/shared/sns/providers.tf | 2 +- terraform/staging/providers.tf | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/terraform/bootstrap/providers.tf b/terraform/bootstrap/providers.tf index 5dcaece3e..3c699e728 100644 --- a/terraform/bootstrap/providers.tf +++ b/terraform/bootstrap/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } } diff --git a/terraform/demo/providers.tf b/terraform/demo/providers.tf index f13333d3e..34ba30a62 100644 --- a/terraform/demo/providers.tf +++ b/terraform/demo/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } diff --git a/terraform/development/providers.tf b/terraform/development/providers.tf index 5dcaece3e..3c699e728 100644 --- a/terraform/development/providers.tf +++ b/terraform/development/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } } diff --git a/terraform/production/providers.tf b/terraform/production/providers.tf index 499759f48..b5c45f63e 100644 --- a/terraform/production/providers.tf +++ b/terraform/production/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } diff --git a/terraform/sandbox/providers.tf b/terraform/sandbox/providers.tf index d5a3313de..590be4e3d 100644 --- a/terraform/sandbox/providers.tf +++ b/terraform/sandbox/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } diff --git a/terraform/shared/egress_space/providers.tf b/terraform/shared/egress_space/providers.tf index 21ac567a2..01ab1f803 100644 --- a/terraform/shared/egress_space/providers.tf +++ b/terraform/shared/egress_space/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } } diff --git a/terraform/shared/ses/providers.tf b/terraform/shared/ses/providers.tf index 21ac567a2..01ab1f803 100644 --- a/terraform/shared/ses/providers.tf +++ b/terraform/shared/ses/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } } diff --git a/terraform/shared/sns/providers.tf b/terraform/shared/sns/providers.tf index 21ac567a2..01ab1f803 100644 --- a/terraform/shared/sns/providers.tf +++ b/terraform/shared/sns/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } } diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index 11dceea7d..0f09460ef 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.0" + version = "0.53.1" } } From 99716f39e68b3df0d420b2a9bd45301a5d4462ed Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 16:43:35 -0700 Subject: [PATCH 02/21] Upgrade minimum Terraform version in each providers.tf file --- terraform/bootstrap/providers.tf | 2 +- terraform/demo/providers.tf | 2 +- terraform/development/providers.tf | 2 +- terraform/production/providers.tf | 2 +- terraform/sandbox/providers.tf | 2 +- terraform/shared/egress_space/providers.tf | 2 +- terraform/shared/ses/providers.tf | 2 +- terraform/shared/sns/providers.tf | 2 +- terraform/staging/providers.tf | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/terraform/bootstrap/providers.tf b/terraform/bootstrap/providers.tf index 5dcaece3e..dc6beee63 100644 --- a/terraform/bootstrap/providers.tf +++ b/terraform/bootstrap/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/demo/providers.tf b/terraform/demo/providers.tf index f13333d3e..f00f521d4 100644 --- a/terraform/demo/providers.tf +++ b/terraform/demo/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/development/providers.tf b/terraform/development/providers.tf index 5dcaece3e..dc6beee63 100644 --- a/terraform/development/providers.tf +++ b/terraform/development/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/production/providers.tf b/terraform/production/providers.tf index 499759f48..0b00ed029 100644 --- a/terraform/production/providers.tf +++ b/terraform/production/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/sandbox/providers.tf b/terraform/sandbox/providers.tf index d5a3313de..fa23dfe2f 100644 --- a/terraform/sandbox/providers.tf +++ b/terraform/sandbox/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/egress_space/providers.tf b/terraform/shared/egress_space/providers.tf index 21ac567a2..2dd2a8e2e 100644 --- a/terraform/shared/egress_space/providers.tf +++ b/terraform/shared/egress_space/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/ses/providers.tf b/terraform/shared/ses/providers.tf index 21ac567a2..2dd2a8e2e 100644 --- a/terraform/shared/ses/providers.tf +++ b/terraform/shared/ses/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/sns/providers.tf b/terraform/shared/sns/providers.tf index 21ac567a2..2dd2a8e2e 100644 --- a/terraform/shared/sns/providers.tf +++ b/terraform/shared/sns/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index 11dceea7d..f8ad62283 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.0" + required_version = "~> 1.8" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" From dc6379bae79f451e3e4e6840ea82b60055ee4115 Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 16:51:32 -0700 Subject: [PATCH 03/21] Update version of Terraform installed in the main README --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 651c153ee..76b50ef5b 100644 --- a/README.md +++ b/README.md @@ -141,10 +141,10 @@ Terraform installations. This is great, but you still need to install Terraform itself, which can be done with this command: ```sh -tfenv install latest:^1.4.0 +tfenv install "latest:^1.8.0" ``` -_NOTE: This project currently uses the latest `1.4.x release of Terraform._ +_NOTE: This project currently uses the latest `1.8.x release of Terraform._ #### Python Installation From 13061ce9398d7e9472b2f9a2f1eb4f1e0a3c6783 Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 17:25:04 -0700 Subject: [PATCH 04/21] Update README about the -m flag when creating a SpaceDeployer --- terraform/README.md | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index 1d75967f0..e72ca8a6f 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -89,17 +89,19 @@ These steps assume shared [Terraform state credentials](#terraform-state-credent 1. Run `cf spaces` and, from the output, copy the space name for the environment you are working in, such as `notify-sandbox`. -1. Next you will set up a SpaceDeployer. Prepare to fill in these values: - * `` will be the string you copied from the prior step - * `` can be anything, although we recommend something that communicates the purpose of the deployer. For example: "circleci-deployer" for the credentials CircleCI uses to deploy the application, or "sandbox-" for credentials to run terraform manually. +1. Next you will set up a SpaceDeployer service account instance. This is something like a stub user account, just for deployment. Note these two values which you will use both to create and destroy the account: + 1. `` will be the string you copied from the prior step + 1. `` can be anything, although we recommend something that communicates the purpose of the deployer. For example: "circleci-deployer" for the credentials CircleCI uses to deploy the application, or "sandbox-" for credentials to run terraform manually. - Put those two values into this command: + Put those two values into this command: ```bash - ./create_service_account.sh -s -u > secrets.auto.tfvars + ../create_service_account.sh -s -u > secrets.auto.tfvars ``` The script will output the `username` (as `cf_user`) and `password` (as `cf_password`) for your ``. The [cloud.gov service account documentation](https://cloud.gov/docs/services/cloud-gov-service-account/) has more information. + Some resources you might work on require a SpaceDeployer account with higher permissions. Add the `-m` flag to the command to get this. + The command uses the redirection operator (`>`) to write that output to the `secrets.auto.tfvars` file. Terraform will find the username and password there, and use them as input variables. 1. While still in an environment directory, initialize Terraform: @@ -137,6 +139,8 @@ These steps assume shared [Terraform state credentials](#terraform-state-credent ./destroy_service_account.sh -s -u ``` + List `cf services` if you are unsure which space deployer service instances still exist + Optionally, you can also `rm secrets.auto.tfvars` ## Structure @@ -195,3 +199,12 @@ You need to re-authenticate with the Cloud Foundry CLI cf login -a api.fr.cloud.gov --sso ``` You may also need to log in again to the Cloud.gov website. + +### CF account not authorized + +``` +Error: You are not authorized to perform the requested action +``` +This error indicates that the Cloud Foundry user account (or service account) needs OrgManager permissions to take the action. +* When you create a SpaceDeployer service account, use the `-m` flag when running the `./create_service_account.sh` script +* Your own CF user may may also require OrgManager permissions to run the script From 4b904c69c26f638fe298a3536d1244394d49bf51 Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 17:32:34 -0700 Subject: [PATCH 05/21] One more troubleshooting item --- terraform/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/terraform/README.md b/terraform/README.md index e72ca8a6f..4cb2c7cf7 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -208,3 +208,9 @@ Error: You are not authorized to perform the requested action This error indicates that the Cloud Foundry user account (or service account) needs OrgManager permissions to take the action. * When you create a SpaceDeployer service account, use the `-m` flag when running the `./create_service_account.sh` script * Your own CF user may may also require OrgManager permissions to run the script + +### Services limit +``` +You have exceeded your organization's services limit. +``` +Too many Cloud Foundry services have been created without being destroyed. Perhaps Terraform developers have forgotten to delete their SpaceDeployers after they finish with them. List `cf services` to see. From dbfb1e23795c6f1ec9e2c4373558b43f5d2890d9 Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Mon, 15 Apr 2024 17:52:40 -0700 Subject: [PATCH 06/21] Accommodate the version of Terraform that CI/CD expects --- README.md | 5 ++--- terraform/bootstrap/providers.tf | 2 +- terraform/demo/providers.tf | 2 +- terraform/development/providers.tf | 2 +- terraform/production/providers.tf | 2 +- terraform/sandbox/providers.tf | 2 +- terraform/shared/egress_space/providers.tf | 2 +- terraform/shared/ses/providers.tf | 2 +- terraform/shared/sns/providers.tf | 2 +- terraform/staging/providers.tf | 2 +- 10 files changed, 11 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 76b50ef5b..161406485 100644 --- a/README.md +++ b/README.md @@ -141,11 +141,10 @@ Terraform installations. This is great, but you still need to install Terraform itself, which can be done with this command: ```sh -tfenv install "latest:^1.8.0" +tfenv install "latest:^1.7" +tfenv use 1.7.x # x = the patch version installed ``` -_NOTE: This project currently uses the latest `1.8.x release of Terraform._ - #### Python Installation Now we're going to install a tool to help us manage Python versions and diff --git a/terraform/bootstrap/providers.tf b/terraform/bootstrap/providers.tf index dc6beee63..1c3582d57 100644 --- a/terraform/bootstrap/providers.tf +++ b/terraform/bootstrap/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/demo/providers.tf b/terraform/demo/providers.tf index f00f521d4..ecd6e2bc9 100644 --- a/terraform/demo/providers.tf +++ b/terraform/demo/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/development/providers.tf b/terraform/development/providers.tf index dc6beee63..1c3582d57 100644 --- a/terraform/development/providers.tf +++ b/terraform/development/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/production/providers.tf b/terraform/production/providers.tf index 0b00ed029..280e11191 100644 --- a/terraform/production/providers.tf +++ b/terraform/production/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/sandbox/providers.tf b/terraform/sandbox/providers.tf index fa23dfe2f..6593c29e9 100644 --- a/terraform/sandbox/providers.tf +++ b/terraform/sandbox/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/egress_space/providers.tf b/terraform/shared/egress_space/providers.tf index 2dd2a8e2e..d94227e82 100644 --- a/terraform/shared/egress_space/providers.tf +++ b/terraform/shared/egress_space/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/ses/providers.tf b/terraform/shared/ses/providers.tf index 2dd2a8e2e..d94227e82 100644 --- a/terraform/shared/ses/providers.tf +++ b/terraform/shared/ses/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/shared/sns/providers.tf b/terraform/shared/sns/providers.tf index 2dd2a8e2e..d94227e82 100644 --- a/terraform/shared/sns/providers.tf +++ b/terraform/shared/sns/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index f8ad62283..3bb40cdda 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.8" + required_version = "~> 1.7" required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" From 6a20f2c4262576bbe9217f3a7efb2d1c6ff9f8e5 Mon Sep 17 00:00:00 2001 From: John Skiles Skinner Date: Wed, 17 Apr 2024 11:47:39 -0700 Subject: [PATCH 07/21] Upgrade terraform-cloudgov module from 0.7.1 to 0.9.1 in 2 modules --- terraform/bootstrap/main.tf | 2 +- terraform/sandbox/main.tf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/bootstrap/main.tf b/terraform/bootstrap/main.tf index 2394f4ab8..14ab9a81d 100644 --- a/terraform/bootstrap/main.tf +++ b/terraform/bootstrap/main.tf @@ -3,7 +3,7 @@ locals { } module "s3" { - source = "github.com/18f/terraform-cloudgov//s3?ref=v0.7.1" + source = "github.com/18f/terraform-cloudgov//s3?ref=v0.9.1" cf_org_name = "gsa-tts-benefits-studio" cf_space_name = "notify-management" diff --git a/terraform/sandbox/main.tf b/terraform/sandbox/main.tf index fae30073c..f194efdd4 100644 --- a/terraform/sandbox/main.tf +++ b/terraform/sandbox/main.tf @@ -17,7 +17,7 @@ module "database" { } module "redis" { - source = "github.com/18f/terraform-cloudgov//redis?ref=v0.7.1" + source = "github.com/18f/terraform-cloudgov//redis?ref=v0.9.1" cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name @@ -27,7 +27,7 @@ module "redis" { } module "csv_upload_bucket" { - source = "github.com/18f/terraform-cloudgov//s3?ref=v0.7.1" + source = "github.com/18f/terraform-cloudgov//s3?ref=v0.9.1" cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name From 56c73d98980dfe2db9626c42fa38982c10f1897e Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 19 Apr 2024 14:02:38 -0700 Subject: [PATCH 08/21] api to return service invite info --- app/service_invite/rest.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index 81dcb98e2..dde184a62 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -223,3 +223,14 @@ def validate_service_invitation_token(token): invited_user = get_invited_user_by_id(invited_user_id) return jsonify(data=invited_user_schema.dump(invited_user)), 200 + + +@service_invite.route("/service/invite/redis/", methods=["GET"]) +def get_redis_data(redis_key): + service_invite_data = redis_store.raw_get(redis_key) + # We can't log this because key may contain PII (email address) + if service_invite_data is None: + raise Exception("No service invite data") + else: + service_invite_data = service_invite_data.decode("utf8") + return jsonify(json.dumps(service_invite_data)), 200 From 44c8d742503cd6ae7f3d737aadd2533cf894727f Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 19 Apr 2024 14:11:05 -0700 Subject: [PATCH 09/21] don't do a json.dumps before sending --- app/service_invite/rest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index dde184a62..0243941ec 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -233,4 +233,4 @@ def get_redis_data(redis_key): raise Exception("No service invite data") else: service_invite_data = service_invite_data.decode("utf8") - return jsonify(json.dumps(service_invite_data)), 200 + return jsonify(service_invite_data), 200 From 49352a4be17f44848bf13d233068f2011c3a4a0a Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 19 Apr 2024 15:19:11 -0700 Subject: [PATCH 10/21] add tests --- app/service_invite/rest.py | 2 +- .../test_service_invite_rest.py | 32 +++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index 0243941ec..da7fe5794 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -226,7 +226,7 @@ def validate_service_invitation_token(token): @service_invite.route("/service/invite/redis/", methods=["GET"]) -def get_redis_data(redis_key): +def get_service_invite_data(redis_key): service_invite_data = redis_store.raw_get(redis_key) # We can't log this because key may contain PII (email address) if service_invite_data is None: diff --git a/tests/app/service_invite/test_service_invite_rest.py b/tests/app/service_invite/test_service_invite_rest.py index e736a3042..f1c2fd146 100644 --- a/tests/app/service_invite/test_service_invite_rest.py +++ b/tests/app/service_invite/test_service_invite_rest.py @@ -398,3 +398,35 @@ def test_get_invited_user_404s_if_invite_doesnt_exist( _expected_status=404, ) assert json_resp["result"] == "error" + + +def test_get_service_invite_data_with_invite( + admin_request, + mocker +): + redis_key = "service-invite-j.k@fake.gov" + expected_user_data = b'{"from_user_id": ["7480cdcf-fa31-42b8-a4bf-2cd4d7a9b4f4"], "service_id": "721b0aa6-2447-4bcd-91fc-26d576f2bbff", "permissions": ["manage_api_keys"], "folder_permissions": []}' # noqa + expected_status = 200 + + mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=expected_user_data) + json_resp = json.loads(admin_request.get( + "service_invite.get_service_invite_data", + redis_key=redis_key, + _expected_status=expected_status, + )) + assert json_resp["permissions"] == ["manage_api_keys"] + + +def test_get_service_invite_data_without_invite( + admin_request, + mocker +): + redis_key = "service-invite-j.k@fake.gov" + + + mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=None) + with pytest.raises(Exception): + json_resp = json.loads(admin_request.get( + "service_invite.get_service_invite_data", + redis_key=redis_key, + )) From 13b03bbfe45028610a06f2d7a5ac968adbed11d0 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Mon, 22 Apr 2024 07:32:10 -0700 Subject: [PATCH 11/21] fix test --- .../test_service_invite_rest.py | 45 +++++++++---------- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/tests/app/service_invite/test_service_invite_rest.py b/tests/app/service_invite/test_service_invite_rest.py index f1c2fd146..17f8a553c 100644 --- a/tests/app/service_invite/test_service_invite_rest.py +++ b/tests/app/service_invite/test_service_invite_rest.py @@ -400,33 +400,32 @@ def test_get_invited_user_404s_if_invite_doesnt_exist( assert json_resp["result"] == "error" -def test_get_service_invite_data_with_invite( - admin_request, - mocker -): - redis_key = "service-invite-j.k@fake.gov" - expected_user_data = b'{"from_user_id": ["7480cdcf-fa31-42b8-a4bf-2cd4d7a9b4f4"], "service_id": "721b0aa6-2447-4bcd-91fc-26d576f2bbff", "permissions": ["manage_api_keys"], "folder_permissions": []}' # noqa +def test_get_service_invite_data_with_invite(admin_request, mocker): + redis_key = "service-invite-j.k@fake.gov" + expected_user_data = b'{"from_user_id": ["7480cdcf-fa31-42b8-a4bf-2cd4d7a9b4f4"], "service_id": "721b0aa6-2447-4bcd-91fc-26d576f2bbff", "permissions": ["manage_api_keys"], "folder_permissions": []}' # noqa expected_status = 200 - mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=expected_user_data) - json_resp = json.loads(admin_request.get( - "service_invite.get_service_invite_data", - redis_key=redis_key, - _expected_status=expected_status, - )) + mocker.patch( + "app.service_invite.rest.redis_store.raw_get", return_value=expected_user_data + ) + json_resp = json.loads( + admin_request.get( + "service_invite.get_service_invite_data", + redis_key=redis_key, + _expected_status=expected_status, + ) + ) assert json_resp["permissions"] == ["manage_api_keys"] -def test_get_service_invite_data_without_invite( - admin_request, - mocker -): - redis_key = "service-invite-j.k@fake.gov" - +def test_get_service_invite_data_without_invite(admin_request, mocker): + redis_key = "service-invite-j.k@fake.gov" mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=None) - with pytest.raises(Exception): - json_resp = json.loads(admin_request.get( - "service_invite.get_service_invite_data", - redis_key=redis_key, - )) + with pytest.raises(BaseException, match="No service invite data"): + json.loads( + admin_request.get( + "service_invite.get_service_invite_data", + redis_key=redis_key, + ) + ) From fb8ab7ed237a6f7eb7cfc2c0b4889686b066333c Mon Sep 17 00:00:00 2001 From: Jonathan Bobel Date: Mon, 22 Apr 2024 13:14:09 -0400 Subject: [PATCH 12/21] 1270 - Email content updates --- app/config_files/templates.json | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/app/config_files/templates.json b/app/config_files/templates.json index a37bebaf0..c82818294 100644 --- a/app/config_files/templates.json +++ b/app/config_files/templates.json @@ -20,13 +20,14 @@ "Notify.gov makes it easy to keep people updated by helping you send text messages.", "", "", - "Click this link to create an account on Notify.gov:", - "", "[Join Service](((url)))", "If you’re new to Notify.gov you will first be directed to Login.gov create an account with us.", "", "", - "This invitation will stop working at midnight tomorrow. This is to keep ((service_name)) secure." + "This invitation will stop working at midnight tomorrow. This is to keep ((service_name)) secure.", + "", + "", + "Notify.gov uses Login.gov to allow you to sign in safely. Login.gov is a secure sign in service to help you access participating government agencies' digital touchpoints." ] }, { From a2518b822998086e57886a0160c52b0d8b214504 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Wed, 24 Apr 2024 10:51:47 -0700 Subject: [PATCH 13/21] fix service invites --- app/organization/invite_rest.py | 8 ----- poetry.lock | 2 +- .../test_service_invite_rest.py | 31 ------------------- 3 files changed, 1 insertion(+), 40 deletions(-) diff --git a/app/organization/invite_rest.py b/app/organization/invite_rest.py index af20ab08f..9889bb157 100644 --- a/app/organization/invite_rest.py +++ b/app/organization/invite_rest.py @@ -89,14 +89,6 @@ def invite_user_to_org(organization_id): ex=1800, ) - # This is for the login.gov path, note 24 hour expiry to match - # The expiration of invitations. - redis_key = f"organization-invite-{invited_org_user.email_address}" - redis_store.set( - redis_key, - organization_id, - ex=3600 * 24, - ) send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY) return jsonify(data=invited_org_user.serialize()), 201 diff --git a/poetry.lock b/poetry.lock index bc810f891..5f002b800 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2490,6 +2490,7 @@ files = [ {file = "msgpack-1.0.8-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:5fbb160554e319f7b22ecf530a80a3ff496d38e8e07ae763b9e82fadfe96f273"}, {file = "msgpack-1.0.8-cp39-cp39-win32.whl", hash = "sha256:f9af38a89b6a5c04b7d18c492c8ccf2aee7048aff1ce8437c4683bb5a1df893d"}, {file = "msgpack-1.0.8-cp39-cp39-win_amd64.whl", hash = "sha256:ed59dd52075f8fc91da6053b12e8c89e37aa043f8986efd89e61fae69dc1b011"}, + {file = "msgpack-1.0.8-py3-none-any.whl", hash = "sha256:24f727df1e20b9876fa6e95f840a2a2651e34c0ad147676356f4bf5fbb0206ca"}, {file = "msgpack-1.0.8.tar.gz", hash = "sha256:95c02b0e27e706e48d0e5426d1710ca78e0f0628d6e89d5b5a5b91a5f12274f3"}, ] @@ -3531,7 +3532,6 @@ files = [ {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"}, - {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a08c6f0fe150303c1c6b71ebcd7213c2858041a7e01975da3a99aed1e7a378ef"}, {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"}, {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"}, {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"}, diff --git a/tests/app/service_invite/test_service_invite_rest.py b/tests/app/service_invite/test_service_invite_rest.py index 17f8a553c..e736a3042 100644 --- a/tests/app/service_invite/test_service_invite_rest.py +++ b/tests/app/service_invite/test_service_invite_rest.py @@ -398,34 +398,3 @@ def test_get_invited_user_404s_if_invite_doesnt_exist( _expected_status=404, ) assert json_resp["result"] == "error" - - -def test_get_service_invite_data_with_invite(admin_request, mocker): - redis_key = "service-invite-j.k@fake.gov" - expected_user_data = b'{"from_user_id": ["7480cdcf-fa31-42b8-a4bf-2cd4d7a9b4f4"], "service_id": "721b0aa6-2447-4bcd-91fc-26d576f2bbff", "permissions": ["manage_api_keys"], "folder_permissions": []}' # noqa - expected_status = 200 - - mocker.patch( - "app.service_invite.rest.redis_store.raw_get", return_value=expected_user_data - ) - json_resp = json.loads( - admin_request.get( - "service_invite.get_service_invite_data", - redis_key=redis_key, - _expected_status=expected_status, - ) - ) - assert json_resp["permissions"] == ["manage_api_keys"] - - -def test_get_service_invite_data_without_invite(admin_request, mocker): - redis_key = "service-invite-j.k@fake.gov" - - mocker.patch("app.service_invite.rest.redis_store.raw_get", return_value=None) - with pytest.raises(BaseException, match="No service invite data"): - json.loads( - admin_request.get( - "service_invite.get_service_invite_data", - redis_key=redis_key, - ) - ) From f1f2f728af5d9ea91afb953b0c22c5758910fa5e Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Wed, 24 Apr 2024 14:06:43 -0700 Subject: [PATCH 14/21] cleanup --- app/service_invite/rest.py | 61 ++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 36 deletions(-) diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index da7fe5794..333c5dbac 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -1,3 +1,4 @@ +import base64 import json import os from datetime import datetime @@ -48,9 +49,28 @@ def _create_service_invite(invited_user, invite_link_host): current_app.config["SECRET_KEY"], current_app.config["DANGEROUS_SALT"], ) + + # The raw permissions are in the form "a,b,c,d" + # but need to be in the form ["a", "b", "c", "d"] + data = {} + permissions = invited_user.permissions + permissions = permissions.split(",") + permission_list = [] + for permission in permissions: + permission_list.append(f"{permission}") + data["from_user_id"] = (str(invited_user.from_user.id),) + data["service_id"] = str(invited_user.service.id) + data["permissions"] = permission_list + data["folder_permissions"] = invited_user.folder_permissions + data["invited_user_id"] = str(invited_user.id) + data["invited_user_email"] = invited_user.email_address + url = os.environ["LOGIN_DOT_GOV_REGISTRATION_URL"] url = url.replace("NONCE", token) - url = url.replace("STATE", token) + + user_data_url_safe = get_user_data_url_safe(data) + + url = url.replace("STATE", user_data_url_safe) personalisation = { "user_name": invited_user.from_user.name, @@ -75,32 +95,6 @@ def _create_service_invite(invited_user, invite_link_host): json.dumps(personalisation), ex=1800, ) - # The raw permissions are in the form "a,b,c,d" - # but need to be in the form ["a", "b", "c", "d"] - data = {} - permissions = invited_user.permissions - permissions = permissions.split(",") - permission_list = [] - for permission in permissions: - permission_list.append(f"{permission}") - data["from_user_id"] = (str(invited_user.from_user.id),) - data["service_id"] = str(invited_user.service.id) - data["permissions"] = permission_list - data["folder_permissions"] = invited_user.folder_permissions - - # This is for the login.gov service invite on the - # "Set Up Your Profile" path. - redis_key = f"service-invite-{invited_user.email_address}" - redis_store.raw_set( - redis_key, - json.dumps(data), - ex=3600 * 24, - ) - # TODO REMOVE DEBUG - print(hilite(f"Save this data {data} with this redis_key {redis_key}")) - did_we_save_it = redis_store.raw_get(redis_key) - print(hilite(f"Did we save the data successfully? {did_we_save_it}")) - # END DEBUG send_notification_to_queue(saved_notification, queue=QueueNames.NOTIFY) @@ -225,12 +219,7 @@ def validate_service_invitation_token(token): return jsonify(data=invited_user_schema.dump(invited_user)), 200 -@service_invite.route("/service/invite/redis/", methods=["GET"]) -def get_service_invite_data(redis_key): - service_invite_data = redis_store.raw_get(redis_key) - # We can't log this because key may contain PII (email address) - if service_invite_data is None: - raise Exception("No service invite data") - else: - service_invite_data = service_invite_data.decode("utf8") - return jsonify(service_invite_data), 200 +def get_user_data_url_safe(data): + data = json.dumps(data) + data = base64.b64encode(data.encode("utf8")) + return data.decode("utf8") From bd80ef16bab41e403d32be8660726a81523246ee Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Thu, 25 Apr 2024 13:21:26 -0700 Subject: [PATCH 15/21] code review feedback --- app/service_invite/rest.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/app/service_invite/rest.py b/app/service_invite/rest.py index 333c5dbac..b61d131ee 100644 --- a/app/service_invite/rest.py +++ b/app/service_invite/rest.py @@ -55,12 +55,9 @@ def _create_service_invite(invited_user, invite_link_host): data = {} permissions = invited_user.permissions permissions = permissions.split(",") - permission_list = [] - for permission in permissions: - permission_list.append(f"{permission}") - data["from_user_id"] = (str(invited_user.from_user.id),) + data["from_user_id"] = (str(invited_user.from_user.id)) data["service_id"] = str(invited_user.service.id) - data["permissions"] = permission_list + data["permissions"] = permissions data["folder_permissions"] = invited_user.folder_permissions data["invited_user_id"] = str(invited_user.id) data["invited_user_email"] = invited_user.email_address From ac82ae6f9f9ad1a48a985ca4ede6502077fa681d Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Mon, 29 Apr 2024 15:41:44 -0400 Subject: [PATCH 16/21] Updated utils to 0.5.1 release in prep for Flask upgrade Signed-off-by: Carlo Costino --- poetry.lock | 14 +++++++------- pyproject.toml | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/poetry.lock b/poetry.lock index 8bb819a6d..67aa4ad7a 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2670,7 +2670,7 @@ requests = ">=2.0.0" [[package]] name = "notifications-utils" -version = "0.4.6" +version = "0.5.1" description = "" optional = false python-versions = "^3.12.2" @@ -2682,7 +2682,7 @@ async-timeout = "^4.0.2" bleach = "^6.1.0" blinker = "^1.7.0" boto3 = "^1.34.83" -botocore = "^1.34.83" +botocore = "^1.34.92" cachetools = "^5.3.0" certifi = "^2024.2.2" cffi = "^1.16.0" @@ -2701,7 +2701,7 @@ markupsafe = "^2.1.5" mistune = "==0.8.4" numpy = "^1.24.2" ordered-set = "^4.1.0" -phonenumbers = "^8.13.34" +phonenumbers = "^8.13.35" pycparser = "^2.21" python-dateutil = "^2.8.2" python-json-logger = "^2.0.7" @@ -2711,7 +2711,7 @@ redis = "^5.0.3" regex = "^2023.12.25" requests = "^2.31.0" s3transfer = "^0.10.1" -shapely = "^2.0.1" +shapely = "^2.0.4" six = "^1.16.0" smartypants = "^2.0.1" urllib3 = "^2.2.1" @@ -2721,8 +2721,8 @@ werkzeug = "^3.0.1" [package.source] type = "git" url = "https://github.com/GSA/notifications-utils.git" -reference = "d20efc2" -resolved_reference = "d20efc29d68ecbb55ef964db890d17426cf34a0f" +reference = "HEAD" +resolved_reference = "e047ba3e37f9fd885baafe6944a4910285a506fb" [[package]] name = "numpy" @@ -4797,4 +4797,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "4a4f784f065a9d8e661352635ce7cc72f5d74f017c1261cbc85a582f8042b335" +content-hash = "356db590df1f29a6981959227e677a87debd065949b1a374fef8d80737139126" diff --git a/pyproject.toml b/pyproject.toml index bac372212..b2153ebf7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -40,7 +40,7 @@ marshmallow = "==3.21.1" marshmallow-sqlalchemy = "==1.0.0" newrelic = "*" notifications-python-client = "==9.0.0" -notifications-utils = {git = "https://github.com/GSA/notifications-utils.git",rev = "d20efc2"} +notifications-utils = {git = "https://github.com/GSA/notifications-utils.git"} oscrypto = "==1.3.0" packaging = "==23.2" poetry-dotenv-plugin = "==0.2.0" From f8a2c7e9e4d7aca6f29f7d6ac712e6012927e9e3 Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Wed, 1 May 2024 09:16:12 -0400 Subject: [PATCH 17/21] Update jsonschema from Dependabot Signed-off-by: Carlo Costino --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index b2153ebf7..8d6697dd6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -34,7 +34,7 @@ flask-redis = "==0.4.0" flask-sqlalchemy = "==3.0.5" gunicorn = {version = "==22.0.0", extras = ["eventlet"]} iso8601 = "==2.1.0" -jsonschema = {version = "==4.21.1", extras = ["format"]} +jsonschema = {version = "==4.22.0", extras = ["format"]} lxml = "==5.2.1" marshmallow = "==3.21.1" marshmallow-sqlalchemy = "==1.0.0" From a5c67da7a6f21847f7f66170081b17179f498e34 Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Wed, 1 May 2024 09:18:33 -0400 Subject: [PATCH 18/21] Update poetry.lock file for jsonschema Signed-off-by: Carlo Costino --- poetry.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index 67aa4ad7a..e06f4d7b7 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1884,13 +1884,13 @@ files = [ [[package]] name = "jsonschema" -version = "4.21.1" +version = "4.22.0" description = "An implementation of JSON Schema validation for Python" optional = false python-versions = ">=3.8" files = [ - {file = "jsonschema-4.21.1-py3-none-any.whl", hash = "sha256:7996507afae316306f9e2290407761157c6f78002dcf7419acb99822143d1c6f"}, - {file = "jsonschema-4.21.1.tar.gz", hash = "sha256:85727c00279f5fa6bedbe6238d2aa6403bedd8b4864ab11207d07df3cc1b2ee5"}, + {file = "jsonschema-4.22.0-py3-none-any.whl", hash = "sha256:ff4cfd6b1367a40e7bc6411caec72effadd3db0bbe5017de188f2d6108335802"}, + {file = "jsonschema-4.22.0.tar.gz", hash = "sha256:5b22d434a45935119af990552c862e5d6d564e8f6601206b305a61fdf661a2b7"}, ] [package.dependencies] @@ -4797,4 +4797,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "356db590df1f29a6981959227e677a87debd065949b1a374fef8d80737139126" +content-hash = "c2f3be694e57ed78e02b5b950a78033d803f1f6c9eab54ec7e77fe7bfc695227" From ac898b6ea309eba229f5864c40de3eddca845275 Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Wed, 1 May 2024 18:04:29 -0400 Subject: [PATCH 19/21] Update marshmallow based on Dependabot Signed-off-by: Carlo Costino --- poetry.lock | 10 +++++----- pyproject.toml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/poetry.lock b/poetry.lock index e06f4d7b7..19dad88e5 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2298,13 +2298,13 @@ files = [ [[package]] name = "marshmallow" -version = "3.21.1" +version = "3.21.2" description = "A lightweight library for converting complex datatypes to and from native Python datatypes." optional = false python-versions = ">=3.8" files = [ - {file = "marshmallow-3.21.1-py3-none-any.whl", hash = "sha256:f085493f79efb0644f270a9bf2892843142d80d7174bbbd2f3713f2a589dc633"}, - {file = "marshmallow-3.21.1.tar.gz", hash = "sha256:4e65e9e0d80fc9e609574b9983cf32579f305c718afb30d7233ab818571768c3"}, + {file = "marshmallow-3.21.2-py3-none-any.whl", hash = "sha256:70b54a6282f4704d12c0a41599682c5c5450e843b9ec406308653b47c59648a1"}, + {file = "marshmallow-3.21.2.tar.gz", hash = "sha256:82408deadd8b33d56338d2182d455db632c6313aa2af61916672146bb32edc56"}, ] [package.dependencies] @@ -2312,7 +2312,7 @@ packaging = ">=17.0" [package.extras] dev = ["marshmallow[tests]", "pre-commit (>=3.5,<4.0)", "tox"] -docs = ["alabaster (==0.7.16)", "autodocsumm (==0.2.12)", "sphinx (==7.2.6)", "sphinx-issues (==4.0.0)", "sphinx-version-warning (==1.1.2)"] +docs = ["alabaster (==0.7.16)", "autodocsumm (==0.2.12)", "sphinx (==7.3.7)", "sphinx-issues (==4.1.0)", "sphinx-version-warning (==1.1.2)"] tests = ["pytest", "pytz", "simplejson"] [[package]] @@ -4797,4 +4797,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "c2f3be694e57ed78e02b5b950a78033d803f1f6c9eab54ec7e77fe7bfc695227" +content-hash = "62ad876016d96cb47abff37be04026fea97a988290e537d500f1cebe99c5a84a" diff --git a/pyproject.toml b/pyproject.toml index 8d6697dd6..742ed46d9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -36,7 +36,7 @@ gunicorn = {version = "==22.0.0", extras = ["eventlet"]} iso8601 = "==2.1.0" jsonschema = {version = "==4.22.0", extras = ["format"]} lxml = "==5.2.1" -marshmallow = "==3.21.1" +marshmallow = "==3.21.2" marshmallow-sqlalchemy = "==1.0.0" newrelic = "*" notifications-python-client = "==9.0.0" From c22151493639eec0ff07e4acee0e755fae3320d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 14:33:35 +0000 Subject: [PATCH 20/21] Bump jinja2 from 3.1.3 to 3.1.4 Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.3...3.1.4) --- updated-dependencies: - dependency-name: jinja2 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- poetry.lock | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index 19dad88e5..dcc77a4d9 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1824,13 +1824,13 @@ trio = ["async_generator", "trio"] [[package]] name = "jinja2" -version = "3.1.3" +version = "3.1.4" description = "A very fast and expressive template engine." optional = false python-versions = ">=3.7" files = [ - {file = "Jinja2-3.1.3-py3-none-any.whl", hash = "sha256:7d6d50dd97d52cbc355597bd845fabfbac3f551e1f99619e39a35ce8c370b5fa"}, - {file = "Jinja2-3.1.3.tar.gz", hash = "sha256:ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90"}, + {file = "jinja2-3.1.4-py3-none-any.whl", hash = "sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d"}, + {file = "jinja2-3.1.4.tar.gz", hash = "sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369"}, ] [package.dependencies] @@ -2071,6 +2071,7 @@ files = [ {file = "lxml-5.2.1-cp36-cp36m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c38d7b9a690b090de999835f0443d8aa93ce5f2064035dfc48f27f02b4afc3d0"}, {file = "lxml-5.2.1-cp36-cp36m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5670fb70a828663cc37552a2a85bf2ac38475572b0e9b91283dc09efb52c41d1"}, {file = "lxml-5.2.1-cp36-cp36m-manylinux_2_28_x86_64.whl", hash = "sha256:958244ad566c3ffc385f47dddde4145088a0ab893504b54b52c041987a8c1863"}, + {file = "lxml-5.2.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:b6241d4eee5f89453307c2f2bfa03b50362052ca0af1efecf9fef9a41a22bb4f"}, {file = "lxml-5.2.1-cp36-cp36m-musllinux_1_1_aarch64.whl", hash = "sha256:2a66bf12fbd4666dd023b6f51223aed3d9f3b40fef06ce404cb75bafd3d89536"}, {file = "lxml-5.2.1-cp36-cp36m-musllinux_1_1_ppc64le.whl", hash = "sha256:9123716666e25b7b71c4e1789ec829ed18663152008b58544d95b008ed9e21e9"}, {file = "lxml-5.2.1-cp36-cp36m-musllinux_1_1_s390x.whl", hash = "sha256:0c3f67e2aeda739d1cc0b1102c9a9129f7dc83901226cc24dd72ba275ced4218"}, @@ -2095,7 +2096,6 @@ files = [ {file = "lxml-5.2.1-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:9e2addd2d1866fe112bc6f80117bcc6bc25191c5ed1bfbcf9f1386a884252ae8"}, {file = "lxml-5.2.1-cp37-cp37m-win32.whl", hash = "sha256:f51969bac61441fd31f028d7b3b45962f3ecebf691a510495e5d2cd8c8092dbd"}, {file = "lxml-5.2.1-cp37-cp37m-win_amd64.whl", hash = "sha256:b0b58fbfa1bf7367dde8a557994e3b1637294be6cf2169810375caf8571a085c"}, - {file = "lxml-5.2.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:3e183c6e3298a2ed5af9d7a356ea823bccaab4ec2349dc9ed83999fd289d14d5"}, {file = "lxml-5.2.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:804f74efe22b6a227306dd890eecc4f8c59ff25ca35f1f14e7482bbce96ef10b"}, {file = "lxml-5.2.1-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:08802f0c56ed150cc6885ae0788a321b73505d2263ee56dad84d200cab11c07a"}, {file = "lxml-5.2.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0f8c09ed18ecb4ebf23e02b8e7a22a05d6411911e6fabef3a36e4f371f4f2585"}, @@ -3527,6 +3527,7 @@ files = [ {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"}, + {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a08c6f0fe150303c1c6b71ebcd7213c2858041a7e01975da3a99aed1e7a378ef"}, {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"}, {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"}, {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"}, From 017bb63f87669067a6e7a58aa4574886e76d5293 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 15:33:18 +0000 Subject: [PATCH 21/21] Bump werkzeug from 3.0.2 to 3.0.3 Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index dcc77a4d9..18da04fa2 100644 --- a/poetry.lock +++ b/poetry.lock @@ -4514,13 +4514,13 @@ test = ["websockets"] [[package]] name = "werkzeug" -version = "3.0.2" +version = "3.0.3" description = "The comprehensive WSGI web application library." optional = false python-versions = ">=3.8" files = [ - {file = "werkzeug-3.0.2-py3-none-any.whl", hash = "sha256:3aac3f5da756f93030740bc235d3e09449efcf65f2f55e3602e1d851b8f48795"}, - {file = "werkzeug-3.0.2.tar.gz", hash = "sha256:e39b645a6ac92822588e7b39a692e7828724ceae0b0d702ef96701f90e70128d"}, + {file = "werkzeug-3.0.3-py3-none-any.whl", hash = "sha256:fc9645dc43e03e4d630d23143a04a7f947a9a3b5727cd535fdfe155a17cc48c8"}, + {file = "werkzeug-3.0.3.tar.gz", hash = "sha256:097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18"}, ] [package.dependencies] @@ -4798,4 +4798,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "62ad876016d96cb47abff37be04026fea97a988290e537d500f1cebe99c5a84a" +content-hash = "7fc5c245fed278c8ee32c21513a3c80f5cef785b3708ec6d7f2182a2ed99b30c" diff --git a/pyproject.toml b/pyproject.toml index 742ed46d9..3d3f91427 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -48,7 +48,7 @@ psycopg2-binary = "==2.9.9" pyjwt = "==2.8.0" python-dotenv = "==1.0.0" sqlalchemy = "==1.4.40" -werkzeug = "^3.0.2" +werkzeug = "^3.0.3" faker = "^24.4.0"