-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update environment to simplify setup process
- Loading branch information
Showing
99 changed files
with
452,095 additions
and
2,383 deletions.
There are no files selected for viewing
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,6 +30,7 @@ jobs: | |
cache: poetry | ||
cache-dependency-path: backend/poetry.lock | ||
python-version: '3.12' | ||
|
||
- name: Run pre-commit | ||
uses: pre-commit/[email protected] | ||
|
||
|
@@ -73,21 +74,18 @@ jobs: | |
cache-dependency-path: backend/poetry.lock | ||
python-version: '3.12' | ||
|
||
- name: Install dependencies | ||
run: | | ||
cd backend | ||
poetry install --no-root --with test | ||
- name: Run tests | ||
run: | | ||
make test | ||
build-docker-images: | ||
environment: staging | ||
name: Build Docker Images | ||
runs-on: ubuntu-latest | ||
environment: staging | ||
if: | | ||
github.ref == 'refs/heads/main' | ||
needs: | ||
- run-tests | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out repository | ||
uses: actions/checkout@v4 | ||
|
@@ -113,16 +111,18 @@ jobs: | |
push: true | ||
tags: ${{ secrets.DOCKERHUB_USERNAME }}/owasp-nest-backend:latest | ||
|
||
deploy: | ||
environment: staging | ||
deploy-staging: | ||
name: Deploy Nest Staging | ||
env: | ||
ANSIBLE_HOST_KEY_CHECKING: False | ||
STAGING_HOST_IP_ADDRESS: '${{ secrets.STAGING_HOST_IP_ADDRESS }}' | ||
STAGING_SSH_PRIVATE_KEY_PATH: '~/.ssh/nest_staging_private_key' | ||
runs-on: ubuntu-latest | ||
environment: staging | ||
if: | | ||
github.ref == 'refs/heads/main' | ||
needs: | ||
- build-docker-images | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out repository | ||
uses: actions/checkout@v4 | ||
|
@@ -134,5 +134,5 @@ jobs: | |
chmod 400 ${{ env.STAGING_SSH_PRIVATE_KEY_PATH }} | ||
- name: Run Nest deploy | ||
working-directory: .github/deploy | ||
run: ansible-playbook -i inventory.yaml staging.yaml | ||
working-directory: .github/ansible | ||
run: ansible-playbook -i inventory.yaml staging/deploy.yaml -e "github_workspace=$GITHUB_WORKSPACE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
FROM python:3.12-slim | ||
|
||
SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
|
||
RUN groupadd owasp && \ | ||
useradd --create-home --home-dir /home/owasp -g owasp owasp && \ | ||
apt-get update && apt-get upgrade && apt-get install gcc libpq-dev -y && \ | ||
apt-get clean && rm -rf /var/lib/apt/lists/* && \ | ||
python -m pip install --no-cache-dir poetry | ||
|
||
ENV PYTHONUNBUFFERED=1 \ | ||
POETRY_NO_INTERACTION=1 \ | ||
POETRY_VIRTUALENVS_CREATE=false | ||
|
||
WORKDIR /home/owasp | ||
|
||
COPY .env/template .env/template | ||
COPY apps apps | ||
COPY manage.py poetry.lock pyproject.toml wsgi.py ./ | ||
COPY settings settings | ||
COPY static static | ||
COPY templates templates | ||
COPY tests tests | ||
|
||
RUN poetry install --no-root | ||
|
||
USER owasp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
"""A command to load OWASP Nest data.""" | ||
|
||
import contextlib | ||
|
||
from algoliasearch_django import register, unregister | ||
from algoliasearch_django.registration import RegistrationError | ||
from django.apps import apps | ||
from django.core.management import call_command | ||
from django.core.management.base import BaseCommand | ||
from django.db import transaction | ||
|
||
|
||
class Command(BaseCommand): | ||
help = "Load OWASP Nest data." | ||
|
||
def handle(self, *_args, **_options): | ||
nest_apps = ("github", "owasp") | ||
|
||
# Disable indexing | ||
for nest_app in nest_apps: | ||
for model in apps.get_app_config(nest_app).get_models(): | ||
with contextlib.suppress(RegistrationError): | ||
unregister(model) | ||
|
||
# Run loaddata | ||
with transaction.atomic(): | ||
call_command("loaddata", "data/nest.json", "-v", "3") | ||
|
||
# Enable indexing | ||
for nest_app in nest_apps: | ||
for model in apps.get_app_config(nest_app).get_models(): | ||
with contextlib.suppress(RegistrationError): | ||
register(model) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,32 +1,18 @@ | ||
"""A command to purge OWASP Nest data.""" | ||
|
||
from django.apps import apps | ||
from django.core.management.base import BaseCommand | ||
from django.db import connection | ||
|
||
from apps.github.models import Issue, Label, Organization, Release, Repository, User | ||
from apps.owasp.models import Chapter, Committee, Event, Project | ||
|
||
BATCH_SIZE = 10 | ||
|
||
|
||
class Command(BaseCommand): | ||
help = "Purge OWASP Nest data." | ||
|
||
def handle(self, *_args, **options): | ||
with connection.cursor() as cursor: | ||
models = ( | ||
Chapter, | ||
Committee, | ||
Event, | ||
Issue, | ||
Label, | ||
Organization, | ||
Project, | ||
Release, | ||
Repository, | ||
User, | ||
) | ||
nest_apps = ("github", "owasp") | ||
|
||
for model in models: | ||
cursor.execute(f"TRUNCATE TABLE {model._meta.db_table} CASCADE") # noqa: SLF001 | ||
print(f"Purged GitHub {model._meta.verbose_name_plural}") # noqa: SLF001 | ||
with connection.cursor() as cursor: | ||
for nest_app in nest_apps: | ||
for model in apps.get_app_config(nest_app).get_models(): | ||
cursor.execute(f"TRUNCATE TABLE {model._meta.db_table} CASCADE") # noqa: SLF001 | ||
print(f"Purged GitHub {model._meta.verbose_name_plural}") # noqa: SLF001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.