darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-31 12:51:47 -05:00
Code Issues Packages Projects Releases Wiki Activity
11,509 Commits 126 Branches 60 Tags
04e98368f640fded3a9b3dcd19edc8e0f7bf19ac
Commit Graph

153 Commits

Author SHA1 Message Date
Carlo Costino
b70d47fa38 Attempt quoting the Login.gov URL 
This changeset tries to wrap the Login.gov registration URL with quotes to get it to be properly handled in the shell environment.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-10-01 17:09:10 -04:00
Carlo Costino
05bac16376 One more attempt at fixing the Login.gov registration URL 
This changeset attempts another fix by referencing the environment variable in a different fashion, according to the GitHub docs:

https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs#example-usage-of-the-env-context
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-10-01 16:08:48 -04:00
Carlo Costino
1f4905efa0 Refer to GitHub Action container environment variable 
This changeset attempts to fix another issue with the deploy command by setting and referring to an environment variable directly.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-10-01 09:50:14 -04:00
Carlo Costino
1c231b1bbe Adjust LOGIN_DOT_GOV_REGISTRATION_URL env var in staging deploy 
This changeset will hopefully fix the reference to the LOGIN_DOT_GOV_REGISTRATION_URL env var in the new cf_command.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-09-30 17:27:05 -04:00
Andrew Shumway
70dc52be81 Go back to brackets with secrets. in command 2024-09-30 14:38:01 -06:00
Andrew Shumway
f4a07621ef Fix syntax on cf command 2024-09-30 13:36:05 -06:00
Andrew Shumway
db7cc32e12 Merge branch 'main' of https://github.com/GSA/notifications-api into fix-cfcommand-deploytool 2024-09-30 09:25:05 -06:00
Andrew Shumway
e0dab07300 Fix env var syntax 2024-09-30 09:24:50 -06:00
Kenneth Kehl
1569de2afd revert coverage changes 2024-09-26 14:59:18 -07:00
Kenneth Kehl
b4db1b0b2d revert coverage changes 2024-09-26 14:49:53 -07:00
Kenneth Kehl
67467bbedc dont do coverage of test directory 2024-09-26 14:39:19 -07:00
Kenneth Kehl
b656ad84b7 dont do coverage of test directory 2024-09-26 14:23:19 -07:00
Kenneth Kehl
3259717061 dont do coverage of test directory 2024-09-26 14:15:51 -07:00
Andrew Shumway
ec4e522dc9 Modify input to accepted argument 2024-09-26 10:33:46 -06:00
Andrew Shumway
ada2c3ec45 Change 18f deploy tool to CG deploy tool 2024-09-18 10:37:43 -06:00
Kenneth Kehl
861d604a58 add generate-salt task and remove deploy rotate-secret 2024-08-23 07:23:35 -07:00
Kenneth Kehl
4f62d1486d ugh try again with different permissions 2024-08-22 14:50:12 -07:00
Kenneth Kehl
3e8485a217 remove secrets 2024-08-22 14:14:19 -07:00
Kenneth Kehl
9c3280f326 make it possible to write secrets 2024-08-22 12:04:22 -07:00
Kenneth Kehl
468b846467 try Bearer instead of token 2024-08-22 11:29:21 -07:00
Kenneth Kehl
6d44ffceb8 move rotate from checks to deploy 2024-08-22 11:00:31 -07:00
Kenneth Kehl
6401378715 update baseline 2024-08-22 07:22:30 -07:00
John Skiles Skinner
f2666026bb Same in the other 2 files 2024-06-26 18:42:22 -07:00
John Skiles Skinner
49d25d968e add /** to paths 2024-06-26 18:40:45 -07:00
John Skiles Skinner
8aa3683e73 Upgrade from v41 to v44 in demo and prod deploy workflows 2024-06-25 10:59:59 -07:00
John Skiles Skinner
28d77b12ed Upgrade major verion 41 to 44 of tj-actions 2024-06-25 10:04:21 -07:00
Kenneth Kehl
f74d08a66a merge from main 2024-05-31 07:38:27 -07:00
Kenneth Kehl
6f420c3f44 Create codeql.yml 2024-05-21 09:05:13 -07:00
Kenneth Kehl
71931a5c55 add omission of migrations to checks.yml 2024-05-15 10:28:17 -07:00
Kenneth Kehl
a749b8ca4c bring coverage back up to 95% 2024-05-15 10:20:18 -07:00
Carlo Costino
cd00d14c1f Update gunicorn to latest release 
This changeset updates the gunicorn dependency to the latest release to address a recent CVE.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-17 18:02:21 -04:00
Carlo Costino
b950767ca6 Updated dependencies and ignore gunicorn audit flag 
This changeset updates a couple of dependencies, including our Python dependency audit check, and specifically ignores a gunicorn audit flag that appeared on 4/16/2024.

As soon as there is an update available for gunicorn that addresses the issue we will remove the flag to ignore the vulnerability report and update the dependency.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-16 11:55:52 -04:00
Cliff Hill
7b73e99530 Making template update steps for demo and prod. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 10:09:24 -04:00
Cliff Hill
5508787c24 If the templates.json file changes, update it. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 09:04:46 -04:00
Carlo Costino
34cc85e662 Update GitHub Actions 
This changeset updates all references to GitHub Actions to be version 4 due to a mandatory Node.js update.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-04 08:35:00 -04:00
Kenneth Kehl
7c3c81b700 fix 2024-04-02 13:59:59 -07:00
Kenneth Kehl
41c6b19877 fix urls 2024-03-20 08:11:37 -07:00
Kenneth Kehl
26af8339a2 fix link 2024-03-19 14:36:22 -07:00
Kenneth Kehl
4335b61b6e fix tests 2024-03-19 13:59:55 -07:00
Kenneth Kehl
6c4c8b075a fix code coverage reporting 2024-03-11 10:34:59 -07:00
Carlo Costino
92eb3c49cf Mirror Admin REDIS_ENABLED config 
This changeset adjusts the REDIS_ENABLED environment variable to match how the admin app is set up to make sure the API properly connects to the Redis service.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-01-11 11:29:04 -05:00
Kenneth Kehl
38e802da78 set redis enabled 2024-01-10 14:21:13 -08:00
dependabot[bot]
e92f235624 Bump tj-actions/changed-files from 34 to 41 in /.github/workflows 
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 34 to 41.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v34...v41)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-02 16:47:32 +00:00
stvnrlly
63952e35a9 freshen up files 2023-11-17 09:47:32 -05:00
Carlo Costino
e019e9cf11 Update OWASP ZAP scans 
The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes.  This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-28 17:28:27 -04:00
stvnrlly
6500d388fe Merge branch 'main' into stvnrlly/one-with 2023-09-26 16:11:30 -04:00
Carlo Costino
5e0ba6a672 Trying ZAP weekly release instead of stable 
I noticed that a previous scan yesterday had referenced the weekly releases under the hood despite being configured for stable.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 15:47:37 -04:00
Carlo Costino
455b6071ba Updated ZAP Action config to match recent changes 
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 12:09:03 -04:00
Carlo Costino
7887eed891 Fix the dynamic-scan job 
This PR fixes the dynamic-scan job, which is now failing in our PR checks due to missing environment variables.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 11:35:19 -04:00
stvnrlly
b4bf0f8084 only need one with 2023-09-26 09:37:10 -04:00