darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-02 22:40:44 -05:00
Code Issues Packages Projects Releases Wiki Activity
11,491 Commits 127 Branches 60 Tags
f844da8c68c98f5dbf271c2e35fce885d45aafd2
Commit Graph

144 Commits

Author SHA1 Message Date
Kenneth Kehl
1569de2afd revert coverage changes 2024-09-26 14:59:18 -07:00
Kenneth Kehl
b4db1b0b2d revert coverage changes 2024-09-26 14:49:53 -07:00
Kenneth Kehl
67467bbedc dont do coverage of test directory 2024-09-26 14:39:19 -07:00
Kenneth Kehl
b656ad84b7 dont do coverage of test directory 2024-09-26 14:23:19 -07:00
Kenneth Kehl
3259717061 dont do coverage of test directory 2024-09-26 14:15:51 -07:00
Andrew Shumway
ada2c3ec45 Change 18f deploy tool to CG deploy tool 2024-09-18 10:37:43 -06:00
Kenneth Kehl
861d604a58 add generate-salt task and remove deploy rotate-secret 2024-08-23 07:23:35 -07:00
Kenneth Kehl
4f62d1486d ugh try again with different permissions 2024-08-22 14:50:12 -07:00
Kenneth Kehl
3e8485a217 remove secrets 2024-08-22 14:14:19 -07:00
Kenneth Kehl
9c3280f326 make it possible to write secrets 2024-08-22 12:04:22 -07:00
Kenneth Kehl
468b846467 try Bearer instead of token 2024-08-22 11:29:21 -07:00
Kenneth Kehl
6d44ffceb8 move rotate from checks to deploy 2024-08-22 11:00:31 -07:00
Kenneth Kehl
6401378715 update baseline 2024-08-22 07:22:30 -07:00
John Skiles Skinner
f2666026bb Same in the other 2 files 2024-06-26 18:42:22 -07:00
John Skiles Skinner
49d25d968e add /** to paths 2024-06-26 18:40:45 -07:00
John Skiles Skinner
8aa3683e73 Upgrade from v41 to v44 in demo and prod deploy workflows 2024-06-25 10:59:59 -07:00
John Skiles Skinner
28d77b12ed Upgrade major verion 41 to 44 of tj-actions 2024-06-25 10:04:21 -07:00
Kenneth Kehl
f74d08a66a merge from main 2024-05-31 07:38:27 -07:00
Kenneth Kehl
6f420c3f44 Create codeql.yml 2024-05-21 09:05:13 -07:00
Kenneth Kehl
71931a5c55 add omission of migrations to checks.yml 2024-05-15 10:28:17 -07:00
Kenneth Kehl
a749b8ca4c bring coverage back up to 95% 2024-05-15 10:20:18 -07:00
Carlo Costino
cd00d14c1f Update gunicorn to latest release 
This changeset updates the gunicorn dependency to the latest release to address a recent CVE.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-17 18:02:21 -04:00
Carlo Costino
b950767ca6 Updated dependencies and ignore gunicorn audit flag 
This changeset updates a couple of dependencies, including our Python dependency audit check, and specifically ignores a gunicorn audit flag that appeared on 4/16/2024.

As soon as there is an update available for gunicorn that addresses the issue we will remove the flag to ignore the vulnerability report and update the dependency.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-16 11:55:52 -04:00
Cliff Hill
7b73e99530 Making template update steps for demo and prod. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 10:09:24 -04:00
Cliff Hill
5508787c24 If the templates.json file changes, update it. 
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
 2024-04-11 09:04:46 -04:00
Carlo Costino
34cc85e662 Update GitHub Actions 
This changeset updates all references to GitHub Actions to be version 4 due to a mandatory Node.js update.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-04-04 08:35:00 -04:00
Kenneth Kehl
7c3c81b700 fix 2024-04-02 13:59:59 -07:00
Kenneth Kehl
41c6b19877 fix urls 2024-03-20 08:11:37 -07:00
Kenneth Kehl
26af8339a2 fix link 2024-03-19 14:36:22 -07:00
Kenneth Kehl
4335b61b6e fix tests 2024-03-19 13:59:55 -07:00
Kenneth Kehl
6c4c8b075a fix code coverage reporting 2024-03-11 10:34:59 -07:00
Carlo Costino
92eb3c49cf Mirror Admin REDIS_ENABLED config 
This changeset adjusts the REDIS_ENABLED environment variable to match how the admin app is set up to make sure the API properly connects to the Redis service.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2024-01-11 11:29:04 -05:00
Kenneth Kehl
38e802da78 set redis enabled 2024-01-10 14:21:13 -08:00
dependabot[bot]
e92f235624 Bump tj-actions/changed-files from 34 to 41 in /.github/workflows 
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 34 to 41.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v34...v41)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-02 16:47:32 +00:00
stvnrlly
63952e35a9 freshen up files 2023-11-17 09:47:32 -05:00
Carlo Costino
e019e9cf11 Update OWASP ZAP scans 
The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes.  This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-28 17:28:27 -04:00
stvnrlly
6500d388fe Merge branch 'main' into stvnrlly/one-with 2023-09-26 16:11:30 -04:00
Carlo Costino
5e0ba6a672 Trying ZAP weekly release instead of stable 
I noticed that a previous scan yesterday had referenced the weekly releases under the hood despite being configured for stable.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 15:47:37 -04:00
Carlo Costino
455b6071ba Updated ZAP Action config to match recent changes 
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 12:09:03 -04:00
Carlo Costino
7887eed891 Fix the dynamic-scan job 
This PR fixes the dynamic-scan job, which is now failing in our PR checks due to missing environment variables.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-26 11:35:19 -04:00
stvnrlly
b4bf0f8084 only need one with 2023-09-26 09:37:10 -04:00
stvnrlly
6070c97ad0 have valid yaml instead of invalid yaml 2023-09-22 22:15:53 -04:00
stvnrlly
b61ca002c3 add workflow permission 2023-09-22 17:03:04 -04:00
stvnrlly
308dbf16a8 use our own adr action to try things out 2023-09-22 12:49:22 -04:00
Carlo Costino
5790f52388 Add missing environment variables from cf push 
This changeset actually adds the missing E2E test environment variables to the cf push command.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-18 13:09:46 -04:00
Carlo Costino
3f1c5ab8ad Add E2E test environment variables to deployments 
This changeset adds the E2E test environment variables to our deployment scripts so that they are accessible to the application and database migrations.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2023-09-18 12:20:47 -04:00
Kenneth Kehl
16defbe30d try again 2023-09-12 11:29:21 -07:00
Kenneth Kehl
75b7c6cf05 add secrets to github workflow 2023-09-12 11:13:09 -07:00
Steven Reilly
08b040cbe2 switch branch of adr action 2023-09-11 11:57:10 -04:00
Kenneth Kehl
c92b8e0933 try without hashes everywhere 2023-08-31 11:54:26 -07:00