darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-10 15:22:24 -05:00
Code Issues Packages Projects Releases Wiki Activity
12,551 Commits 128 Branches 60 Tags
aede24b14da6e396a49e053ce79264e1ffbf35f6
Commit Graph

213 Commits

Author SHA1 Message Date
Kenneth Kehl
4f62d1486d ugh try again with different permissions 2024-08-22 14:50:12 -07:00
Kenneth Kehl
3e8485a217 remove secrets 2024-08-22 14:14:19 -07:00
Kenneth Kehl
9c3280f326 make it possible to write secrets 2024-08-22 12:04:22 -07:00
Kenneth Kehl
468b846467 try Bearer instead of token 2024-08-22 11:29:21 -07:00
Kenneth Kehl
6d44ffceb8 move rotate from checks to deploy 2024-08-22 11:00:31 -07:00
Kenneth Kehl
6401378715 update baseline 2024-08-22 07:22:30 -07:00
Carlo Costino
df31d43a92 Update pull request template and docs 
This changeset updates our pull request template to be much more streamlined and shifts most of the information to our documentation.  The PR template now links to the docs for folks who are new and unfamiliar with what we require in our pull requests so that the template itself just has the headings and quick outlines to get started more easily and quickly.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-06-28 17:22:30 -04:00
John Skiles Skinner
f2666026bb Same in the other 2 files 2024-06-26 18:42:22 -07:00
John Skiles Skinner
49d25d968e add /** to paths 2024-06-26 18:40:45 -07:00
John Skiles Skinner
8aa3683e73 Upgrade from v41 to v44 in demo and prod deploy workflows 2024-06-25 10:59:59 -07:00
John Skiles Skinner
28d77b12ed Upgrade major verion 41 to 44 of tj-actions 2024-06-25 10:04:21 -07:00
Kenneth Kehl
0385e6a4e3 pin python to 3.12.3 2024-06-20 12:20:20 -07:00
Kenneth Kehl
573b147d35 pin python to 3.12.2 2024-06-20 10:37:46 -07:00
Kenneth Kehl
f74d08a66a merge from main 2024-05-31 07:38:27 -07:00
Kenneth Kehl
6f420c3f44 Create codeql.yml 2024-05-21 09:05:13 -07:00
Kenneth Kehl
71931a5c55 add omission of migrations to checks.yml 2024-05-15 10:28:17 -07:00
Kenneth Kehl
a749b8ca4c bring coverage back up to 95% 2024-05-15 10:20:18 -07:00
Carlo Costino
cd00d14c1f Update gunicorn to latest release 
This changeset updates the gunicorn dependency to the latest release to address a recent CVE.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-17 18:02:21 -04:00
Carlo Costino
b950767ca6 Updated dependencies and ignore gunicorn audit flag 
This changeset updates a couple of dependencies, including our Python dependency audit check, and specifically ignores a gunicorn audit flag that appeared on 4/16/2024.

As soon as there is an update available for gunicorn that addresses the issue we will remove the flag to ignore the vulnerability report and update the dependency.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-16 11:55:52 -04:00
Cliff Hill
7b73e99530 Making template update steps for demo and prod. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 10:09:24 -04:00
Cliff Hill
5508787c24 If the templates.json file changes, update it. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 09:04:46 -04:00
Carlo Costino
34cc85e662 Update GitHub Actions 
This changeset updates all references to GitHub Actions to be version 4 due to a mandatory Node.js update.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-04 08:35:00 -04:00
Kenneth Kehl
7c3c81b700 fix 2024-04-02 13:59:59 -07:00
Kenneth Kehl
395282b4a9 merge from main 2024-03-22 13:37:35 -07:00
samathad2023
172497c19e Latest utils commit updates sync with main 2024-03-20 14:09:46 -07:00
Kenneth Kehl
41c6b19877 fix urls 2024-03-20 08:11:37 -07:00
Kenneth Kehl
26af8339a2 fix link 2024-03-19 14:36:22 -07:00
Kenneth Kehl
4335b61b6e fix tests 2024-03-19 13:59:55 -07:00
samathad2023
db06484ebf yml updates 2024-03-11 11:39:13 -07:00
Kenneth Kehl
6c4c8b075a fix code coverage reporting 2024-03-11 10:34:59 -07:00
Carlo Costino
6e6c0ee61d Final draft adjustments to the template instructions 
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-02-09 17:45:31 -05:00
Carlo Costino
050d92d822 Additional detail suggestions for the PR description 
h/t to @stvnrlly for these suggestions!

Co-authored-by: Steven Reilly <stvnrlly@users.noreply.github.com>
 2024-02-09 17:45:31 -05:00
Carlo Costino
f7673aa968 Add a pull request template 
This changeset adds a template to the repository for our pull requests.  The intention is two-fold:

- To make it easier to know what information and details to include in our pull requests
- To improve the quality and usefulness of our pull requests

This is a start and we will be adjusting this over time as we learn more and refine our process.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-02-09 17:45:30 -05:00
Carlo Costino
92eb3c49cf Mirror Admin REDIS_ENABLED config 
This changeset adjusts the REDIS_ENABLED environment variable to match how the admin app is set up to make sure the API properly connects to the Redis service.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-01-11 11:29:04 -05:00
Kenneth Kehl
38e802da78 set redis enabled 2024-01-10 14:21:13 -08:00
dependabot[bot]
e92f235624 Bump tj-actions/changed-files from 34 to 41 in /.github/workflows 
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 34 to 41.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v34...v41)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-02 16:47:32 +00:00
stvnrlly
63952e35a9 freshen up files 2023-11-17 09:47:32 -05:00
Carlo Costino
e019e9cf11 Update OWASP ZAP scans 
The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes.  This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-28 17:28:27 -04:00
stvnrlly
6500d388fe Merge branch 'main' into stvnrlly/one-with 2023-09-26 16:11:30 -04:00
Carlo Costino
5e0ba6a672 Trying ZAP weekly release instead of stable 
I noticed that a previous scan yesterday had referenced the weekly releases under the hood despite being configured for stable.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 15:47:37 -04:00
Carlo Costino
455b6071ba Updated ZAP Action config to match recent changes 
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 12:09:03 -04:00
Carlo Costino
7887eed891 Fix the dynamic-scan job 
This PR fixes the dynamic-scan job, which is now failing in our PR checks due to missing environment variables.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 11:35:19 -04:00
stvnrlly
b4bf0f8084 only need one with 2023-09-26 09:37:10 -04:00
stvnrlly
6070c97ad0 have valid yaml instead of invalid yaml 2023-09-22 22:15:53 -04:00
stvnrlly
b61ca002c3 add workflow permission 2023-09-22 17:03:04 -04:00
stvnrlly
308dbf16a8 use our own adr action to try things out 2023-09-22 12:49:22 -04:00
Carlo Costino
5790f52388 Add missing environment variables from cf push 
This changeset actually adds the missing E2E test environment variables to the cf push command.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-18 13:09:46 -04:00
Carlo Costino
3f1c5ab8ad Add E2E test environment variables to deployments 
This changeset adds the E2E test environment variables to our deployment scripts so that they are accessible to the application and database migrations.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-18 12:20:47 -04:00
Kenneth Kehl
16defbe30d try again 2023-09-12 11:29:21 -07:00
Kenneth Kehl
75b7c6cf05 add secrets to github workflow 2023-09-12 11:13:09 -07:00