Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nexus integration - pypi, npm #3188

Closed
wants to merge 28 commits into from
Closed

Nexus integration - pypi, npm #3188

wants to merge 28 commits into from

Conversation

andrew-jameson
Copy link
Collaborator

@andrew-jameson andrew-jameson commented Sep 12, 2024
edited
Loading

Summary of Changes

Pull request closes #3171

How to Test

TBD

Demo GIF(s) and screenshots for testing procedure

Deliverables

More details on how deliverables herein are assessed included here.

Deliverable 1: Accepted Features

Checklist of ACs:

  • Pipeline builds don't reach out to the internet by default
  • Pipeline builds will fail-through to internet repositories if Nexus connection fails
  • Pipeline build times are reduced
  • lfrohlich and/or adpennington confirmed that ACs are met.

Deliverable 2: Tested Code

  • Are all areas of code introduced in this PR meaningfully tested?
    • If this PR introduces backend code changes, are they meaningfully tested?
    • If this PR introduces frontend code changes, are they meaningfully tested?
  • Are code coverage minimums met?
    • Frontend coverage: [insert coverage %] (see CodeCov Report comment in PR)
    • Backend coverage: [insert coverage %] (see CodeCov Report comment in PR)

Deliverable 3: Properly Styled Code

  • Are backend code style checks passing on CircleCI?
  • Are frontend code style checks passing on CircleCI?
  • Are code maintainability principles being followed?

Deliverable 4: Accessible

  • Does this PR complete the epic?
  • Are links included to any other gov-approved PRs associated with epic?
  • Does PR include documentation for Raft's a11y review?
  • Did automated and manual testing with iamjolly and ttran-hub using Accessibility Insights reveal any errors introduced in this PR?

Deliverable 5: Deployed

  • Was the code successfully deployed via automated CircleCI process to development on Cloud.gov?

Deliverable 6: Documented

  • Does this PR provide background for why coding decisions were made?
  • If this PR introduces backend code, is that code easy to understand and sufficiently documented, both inline and overall?
  • If this PR introduces frontend code, is that code easy to understand and sufficiently documented, both inline and overall?
  • If this PR introduces dependencies, are their licenses documented?
  • Can reviewer explain and take ownership of these elements presented in this code review?

Deliverable 7: Secure

  • Does the OWASP Scan pass on CircleCI?
  • Do manual code review and manual testing detect any new security issues?
  • If new issues detected, is investigation and/or remediation plan documented?

Deliverable 8: User Research

Research product(s) clearly articulate(s):

  • the purpose of the research
  • methods used to conduct the research
  • who participated in the research
  • what was tested and how
  • impact of research on TDP
  • (if applicable) final design mockups produced for TDP development

@andrew-jameson andrew-jameson changed the title Nginx change to try forcing Referer in header to be passed for the PO… bug/3141-e2e-failing Sep 13, 2024
@andrew-jameson andrew-jameson changed the title bug/3141-e2e-failing bug/3141-e2e-failing + nexus integration Sep 13, 2024
andrew-jameson
andrew-jameson commented Sep 16, 2024
View reviewed changes
tdrs-frontend/nginx/cloud.gov/locations.conf Outdated
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
#proxy_set_header X-Forwarded-Proto https;
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
#proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Proto https;

andrew-jameson
andrew-jameson commented Sep 18, 2024
View reviewed changes
tdrs-frontend/cypress/e2e/accounts/accounts.feature
Comment on lines -16 to +26
Scenario: A new user is approved and can see the app homepage
Scenario: A new user requests access
Given The admin logs in
And '[email protected]' is in begin state
When '[email protected]' visits the home page
And '[email protected]' logs in
Then '[email protected]' requests access
And The admin sets the approval status of '[email protected]' to 'Approved'
When '[email protected]' requests access
Then '[email protected]' sees the request still submitted
Scenario: A new user is approved and can see the app homepage
Given The admin logs in
When '[email protected]' visits the home page
Then The admin sets the approval status of '[email protected]' to 'Approved'
And '[email protected]' logs in
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By splitting this into two scenarios, we are side-stepping some issue with csrf and/or csrfMiddlewaretoken that cypress is not handling for the two users. This was able to get a local cypress pointed at develop to pass tests successfully but leaves technical debt on why the tokenization steps are failing in the back and forth of requests and responses. We were also seeing 302 and then 200 even on failed POSTS/PATCHES indicating there's a flaw in our user code on the django api view.

andrew-jameson
andrew-jameson commented Sep 18, 2024
View reviewed changes
tdrs-frontend/cypress/support/commands.js
form: true,
headers: {
Referer: `${Cypress.env('adminUrl')}`,
Referer: `${Cypress.env('adminUrl')}${path}`,
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is likely not needed by more closely mimics what I see via dev tools in Firefox.

andrew-jameson
andrew-jameson commented Sep 18, 2024
View reviewed changes
tdrs-frontend/nginx/cloud.gov/locations.conf
@@ -5,6 +5,7 @@ location ~ ^/(v1|admin|static/admin|swagger|redocs) {
set $backend http://{{env "BACKEND_HOST"}}.apps.internal:8080$request_uri;
proxy_pass $backend;
proxy_pass_header x-csrftoken;
proxy_set_header Referer {{env "ALLOWED_ORIGIN" }};
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably un-needed.

@andrew-jameson andrew-jameson changed the title bug/3141-e2e-failing + nexus integration Nexus integration - pypi, npm Sep 25, 2024
@andrew-jameson andrew-jameson self-assigned this Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@andrew-jameson andrew-jameson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CircleCI pipeline utilizes internal Nexus infrastructure
1 participant
@andrew-jameson