darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-13 06:01:42 -05:00
Code Issues Packages Projects Releases Wiki Activity
11,579 Commits 131 Branches 60 Tags
2db45c8b508b6312f3a946340613589302c8a592
Commit Graph

77 Commits

Author SHA1 Message Date
Kenneth Kehl
37e5de331a don't run coverage on tests 2024-10-01 13:31:04 -07:00
Kenneth Kehl
ab7e57597a don't run coverage on tests 2024-10-01 13:21:05 -07:00
Kenneth Kehl
1569de2afd revert coverage changes 2024-09-26 14:59:18 -07:00
Kenneth Kehl
b4db1b0b2d revert coverage changes 2024-09-26 14:49:53 -07:00
Kenneth Kehl
67467bbedc dont do coverage of test directory 2024-09-26 14:39:19 -07:00
Kenneth Kehl
b656ad84b7 dont do coverage of test directory 2024-09-26 14:23:19 -07:00
Kenneth Kehl
3259717061 dont do coverage of test directory 2024-09-26 14:15:51 -07:00
Kenneth Kehl
6d44ffceb8 move rotate from checks to deploy 2024-08-22 11:00:31 -07:00
Kenneth Kehl
6401378715 update baseline 2024-08-22 07:22:30 -07:00
Kenneth Kehl
71931a5c55 add omission of migrations to checks.yml 2024-05-15 10:28:17 -07:00
Kenneth Kehl
a749b8ca4c bring coverage back up to 95% 2024-05-15 10:20:18 -07:00
Carlo Costino
cd00d14c1f Update gunicorn to latest release 
This changeset updates the gunicorn dependency to the latest release to address a recent CVE.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-17 18:02:21 -04:00
Carlo Costino
b950767ca6 Updated dependencies and ignore gunicorn audit flag 
This changeset updates a couple of dependencies, including our Python dependency audit check, and specifically ignores a gunicorn audit flag that appeared on 4/16/2024.

As soon as there is an update available for gunicorn that addresses the issue we will remove the flag to ignore the vulnerability report and update the dependency.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-16 11:55:52 -04:00
Carlo Costino
34cc85e662 Update GitHub Actions 
This changeset updates all references to GitHub Actions to be version 4 due to a mandatory Node.js update.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-04 08:35:00 -04:00
Kenneth Kehl
6c4c8b075a fix code coverage reporting 2024-03-11 10:34:59 -07:00
Carlo Costino
e019e9cf11 Update OWASP ZAP scans 
The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes.  This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-28 17:28:27 -04:00
Carlo Costino
5e0ba6a672 Trying ZAP weekly release instead of stable 
I noticed that a previous scan yesterday had referenced the weekly releases under the hood despite being configured for stable.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 15:47:37 -04:00
Carlo Costino
455b6071ba Updated ZAP Action config to match recent changes 
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 12:09:03 -04:00
Carlo Costino
7887eed891 Fix the dynamic-scan job 
This PR fixes the dynamic-scan job, which is now failing in our PR checks due to missing environment variables.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 11:35:19 -04:00
Kenneth Kehl
16defbe30d try again 2023-09-12 11:29:21 -07:00
Kenneth Kehl
75b7c6cf05 add secrets to github workflow 2023-09-12 11:13:09 -07:00
Kenneth Kehl
c92b8e0933 try without hashes everywhere 2023-08-31 11:54:26 -07:00
Kenneth Kehl
bc956c3dac remove --dev for now from poetry install 2023-08-31 11:12:16 -07:00
Kenneth Kehl
062675ad9b poetry 2023-08-31 11:00:55 -07:00
Carlo Costino
574e0b92fc Merge pull request #404 from GSA/notify-api-391 
notify-api-391 increase code coverage to 95%
 2023-08-16 16:40:33 -04:00
Kenneth Kehl
dc80e7e00a remove the multiple workers from the tests 2023-08-11 14:07:32 -07:00
Kenneth Kehl
3cf5ea8802 add change to workflow 2023-08-08 11:13:44 -07:00
stvnrlly
9bda30394d try updating docker action version? 2023-08-02 16:07:15 -04:00
Steven Reilly
6515c44ca8 bump pip-audit action to 1.0.6 (#261) 2023-05-05 14:11:18 -04:00
Andrew Shumway
b623caa366 Test actions with 50% threshold 2023-04-19 09:20:22 -06:00
Andrew Shumway
7e4043f85a Test github actions coverage PR fail 2023-04-19 08:56:34 -06:00
Andrew Shumway
cbcb955f1f Moved env: flag under test run 2023-04-18 15:48:10 -06:00
Andrew Shumway
17c6083f6d Check coverage in actions without omit 2023-04-18 14:27:56 -06:00
Andrew Shumway
1047b70792 Added fail coverage threshold under 50% 2023-04-18 13:51:48 -06:00
Ryan Ahearn
6118394f02 Remove ignore-vulnerability for remediated redis vuln 2023-03-29 17:04:43 -04:00
Ryan Ahearn
8e64fb12ba Ignore known issue with redis 4.5.3 2023-03-28 09:06:21 -04:00
Ryan Ahearn
84e7e9b5cf Use credentials output by terraform/development 2023-03-13 13:44:10 -04:00
Ryan Ahearn
36975dda07 Ensure CI runs have proper phone number format 2023-03-03 14:13:58 -05:00
Ryan Ahearn
28f8649444 Use sns credentials from VCAP_SERVICES 2023-02-28 16:50:00 -05:00
Ryan Ahearn
cdf2810b14 Update flask & cryptography versions 2023-02-09 17:26:36 -05:00
Ryan Ahearn
c3faf3df4d Install newrelic before attempting to validate config 2023-01-19 09:38:18 -05:00
Ryan Ahearn
b9a53b7b54 Validate new relic config in github actions 2023-01-19 09:33:33 -05:00
Ryan Ahearn
bec3c53128 Setup newrelic for cloud.gov environments 2023-01-18 09:20:22 -05:00
Ryan Ahearn
a4349975e5 Merge branch 'main' into sms-provider-cleanup 
* main:
  Update to most recent pip-audit action
  Remove restart: always from devcontainer
  simplify to use the script for this exact purpose
  simplify cleanup steps
  update sandbox teardown steps
 2023-01-03 10:23:55 -05:00
Ryan Ahearn
7e02e6b33d Update to most recent pip-audit action 2023-01-03 09:44:53 -05:00
Ryan Ahearn
d70e1b125a Remove NOTIFY_EMAIL_DOMAIN override in CI test runs 2022-12-22 10:52:08 -05:00
Ryan Ahearn
7c611e993f Read openapi schema for the owasp scan 2022-11-16 15:50:08 -05:00
Ryan Ahearn
7aafdd7bac Clean up config settings 2022-10-31 13:25:59 -04:00
stvnrlly
96431f0388 pipenv + flake8 2022-10-26 16:47:40 -04:00
stvnrlly
d87c224473 remove broadcast-related code, except migrations 2022-10-26 16:41:35 -04:00