Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/pip/wagtail-ab-testing-0.10
Browse files Browse the repository at this point in the history
  • Loading branch information
danielfmiranda authored Aug 30, 2024
2 parents ef285a2 + f214c2f commit 2549e2b
Show file tree
Hide file tree
Showing 398 changed files with 252,579 additions and 2,747 deletions.
9 changes: 3 additions & 6 deletions .github/workflows/continous-integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ jobs:
env:
ALLOWED_HOSTS: localhost,mozfest.localhost,default-site.com,secondary-site.com
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NETWORK_SITE_URL: https://foundation.mozilla.org
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
steps:
Expand Down Expand Up @@ -54,7 +53,6 @@ jobs:
DJANGO_SECRET_KEY: secret
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NETWORK_SITE_URL: http://localhost:8000
PIPENV_VERBOSITY: -1
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
Expand Down Expand Up @@ -132,7 +130,6 @@ jobs:
DJANGO_SECRET_KEY: secret
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NETWORK_SITE_URL: http://localhost:8000
PIPENV_VERBOSITY: -1
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
Expand All @@ -144,11 +141,11 @@ jobs:
X_FRAME_OPTIONS: DENY
XSS_PROTECTION: True
CSP_CONNECT_SRC: "*"
CSP_FONT_SRC: "'self' https://fonts.gstatic.com https://fonts.googleapis.com https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/"
CSP_FONT_SRC: "'self' https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/"
CSP_IMG_SRC: "* data: blob: https://*.fundraiseup.com https://ucarecdn.com https://pay.google.com https://*.paypalobjects.com"
CSP_FRAME_SRC: "'self' https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com"
CSP_FRAME_SRC: "'self' https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com"
CSP_SCRIPT_SRC: "'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js http://*.shpg.org/ https://comments.mozillafoundation.org/ https://airtable.com https://platform.twitter.com https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ScrollTrigger.min.js https://*.googletagmanager.com https://*.fundraiseup.com https://mozillafoundation.tfaforms.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://*.stripe.com https://m.stripe.network https://*.paypal.com https://*.paypalobjects.com https://pay.google.com"
CSP_STYLE_SRC: "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://fonts.googleapis.com https://platform.twitter.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"
CSP_STYLE_SRC: "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://platform.twitter.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"
SECURE_CROSS_ORIGIN_OPENER_POLICY: "same-origin-allow-popups"
steps:
- uses: actions/checkout@v3
Expand Down
5 changes: 2 additions & 3 deletions .github/workflows/visual-regression-testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,20 +30,19 @@ jobs:
CSP_CHILD_SRC: " 'self' https://www.youtube.com https://www.youtube-nocookie.com "
CSP_CONNECT_SRC: " * "
CSP_DEFAULT_SRC: " 'none' "
CSP_FONT_SRC: " 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/ https://*.fundraiseup.com https://*.stripe.com "
CSP_FONT_SRC: " 'self' https://code.cdn.mozilla.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ data: https://static.fundraiseup.com/common-fonts/ https://*.fundraiseup.com https://*.stripe.com "
CSP_FRAME_ANCESTORS: " 'self' "
CSP_FRAME_SRC: " 'self' https://www.youtube.com https://comments.mozillafoundation.org/ https://airtable.com https://docs.google.com/ https://platform.twitter.com https://public.zenkit.com https://calendar.google.com https://www.youtube-nocookie.com https://form.typeform.com https://js.tito.io https://datawrapper.dwcdn.net https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com "
CSP_IMG_SRC: " * data: blob: https://*.fundraiseup.com https://ucarecdn.com https://pay.google.com https://*.paypalobjects.com "
CSP_MEDIA_SRC: " 'self' data: https://s3.amazonaws.com/mofo-assets/foundation/video/ "
CSP_SCRIPT_SRC: " 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js http://*.shpg.org/ https://comments.mozillafoundation.org/ https://airtable.com https://platform.twitter.com https://cdn.syndication.twimg.com https://embed.typeform.com https://js.tito.io https://js-plugins.tito.io/gtm.js https://tagmanager.google.com https://*.googletagmanager.com https://*.fundraiseup.com https://mozillafoundation.tfaforms.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://*.stripe.com https://m.stripe.network https://*.paypal.com https://*.paypalobjects.com https://pay.google.com "
CSP_STYLE_SRC: " 'self' 'unsafe-inline' https://code.cdn.mozilla.net https://fonts.googleapis.com https://platform.twitter.com https://js.tito.io https://tagmanager.google.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css "
CSP_STYLE_SRC: " 'self' 'unsafe-inline' https://code.cdn.mozilla.net https://platform.twitter.com https://js.tito.io https://tagmanager.google.com https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css "
CSP_INCLUDE_NONCE_IN: "script-src"
DATABASE_URL: postgres://postgres:postgres@localhost:5432/network
DEBUG: True
DJANGO_SECRET_KEY: secret
DOMAIN_REDIRECT_MIDDLEWARE_ENABLED: False
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NETWORK_SITE_URL: http://localhost:8000
PIPENV_VERBOSITY: -1
PULSE_API_DOMAIN: https://network-pulse-api-production.herokuapp.com
PULSE_DOMAIN: https://www.mozillapulse.org
Expand Down
5 changes: 3 additions & 2 deletions app.json
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,15 @@
"CSP_DEFAULT_SRC": "'none'",
"CSP_FRAME_ANCESTORS": "'self'",
"CSP_FRAME_SRC": "'self' https://js.tito.io https://www.google.com/recaptcha/ https://*.stripe.com https://pay.google.com https://*.paypal.com https://*.fundraiseup.com",
"CSP_FONT_SRC": "'self' https://fonts.gstatic.com https://fonts.googleapis.com https://code.cdn.mozilla.net https://*.fundraiseup.com https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/",
"CSP_FONT_SRC": "'self' https://code.cdn.mozilla.net https://*.fundraiseup.com https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/",
"CSP_IMG_SRC": "* data: blob: https://*.fundraiseup.com https://ucarecdn.com https://pay.google.com https://*.paypalobjects.com",
"CSP_MEDIA_SRC": "'self' https://s3.amazonaws.com/mofo-assets/foundation/video/",
"CSP_SCRIPT_SRC": "'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js http://*.shpg.org/ https://comments.mozillafoundation.org/ https://airtable.com https://platform.twitter.com https://cdn.syndication.twimg.com https://js.tito.io https://js-plugins.tito.io/gtm.js https://*.fundraiseup.com https://*.googletagmanager.com https://mozillafoundation.tfaforms.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://*.stripe.com https://m.stripe.network https://*.paypal.com https://pay.google.com",
"CSP_STYLE_SRC": "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://fonts.googleapis.com https://platform.twitter.com https://js.tito.io https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css",
"CSP_STYLE_SRC": "'self' 'unsafe-inline' https://code.cdn.mozilla.net https://platform.twitter.com https://js.tito.io https://mozillafoundation.tfaforms.net https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css",
"NPM_CONFIG_PRODUCTION": "true",
"REVIEW_APP": "True",
"SECURE_CROSS_ORIGIN_OPENER_POLICY": "same-origin-allow-popups",
"SECURE_REFERRER_POLICY": "strict-origin-when-cross-origin",
"XROBOTSTAG_ENABLED": "True"
},
"buildpacks": [
Expand Down
59 changes: 59 additions & 0 deletions cleanup.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
-- noinspection SqlNoDataSourceInspectionForFile

CREATE EXTENSION IF NOT EXISTS pgcrypto;

CREATE OR REPLACE FUNCTION clean_user_data()
RETURNS VOID AS $$
DECLARE
user_row RECORD;
new_email varchar;
new_hash varchar;
new_username varchar;
counter integer := 1;
BEGIN
-- scrub the user table
TRUNCATE django_session;

-- clean up non-staff social auth data
DELETE FROM social_auth_usersocialauth
WHERE uid NOT LIKE '%@mozillafoundation.org';

-- Update the site domain
UPDATE django_site
SET domain = '{DOMAIN}.mofostaging.net'
WHERE domain = 'foundation.mofostaging.net';

UPDATE wagtailcore_site
SET hostname = '{HOSTNAME}.mofostaging.net'
WHERE hostname = 'foundation.mofostaging.net';

UPDATE wagtailcore_site
SET hostname = 'mozfest-{HOSTNAME}.mofostaging.net'
WHERE hostname = 'mozillafestival.mofostaging.net';

-- Iterate over each non-staff user and remove any PII
FOR user_row IN
SELECT id
FROM auth_user
WHERE email NOT LIKE '%@mozillafoundation.org'
LOOP
new_email := concat(encode(gen_random_bytes(12), 'base64'), '@example.com');
new_hash := crypt(encode(gen_random_bytes(32), 'base64'), gen_salt('bf', 6));
new_username := concat('anonymouse', counter::varchar);

UPDATE auth_user
SET
email = new_email,
password = new_hash,
username = new_username,
first_name = 'anony',
last_name = 'mouse'
Where id = user_row.id;

-- Increase the counter
counter := counter + 1;
END LOOP;
END;
$$ LANGUAGE plpgsql;

SELECT clean_user_data();
16 changes: 16 additions & 0 deletions copy-db.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,13 @@ if (APP === STAGE_APP) {
);
}

if (!isLoggedInToHeroku()) {
console.log(
"You are not logged into Heroku. Make sure you have the Heroku CLI installed. Run `heroku login` and try again."
);
process.exit(1);
}

const HEROKU_OUTPUT = run(`heroku config:get DATABASE_URL -a ${APP}`);
const HEROKU_TEXT = HEROKU_OUTPUT.toString().replaceAll(`\n`, ` `);
const URL_START = HEROKU_TEXT.indexOf(`postgres://`);
Expand Down Expand Up @@ -71,6 +78,15 @@ function stopContainers() {
}
}

function isLoggedInToHeroku() {
try {
execSync("heroku whoami");
return true;
} catch (error) {
return false;
}
}

// ======================== //
// Our script starts here //
// ======================== //
Expand Down
107 changes: 107 additions & 0 deletions copy_staging_db_to_review_app.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
import tempfile
from time import sleep

from tasks import PLATFORM_ARG

STAGING_APP = "foundation-mofostaging-net"


def execute_command(ctx, command: str, custom_error: str = ""):
try:
result = ctx.run(command, hide=False, warn=True, **PLATFORM_ARG)
if result.failed:
raise Exception(f"{custom_error}: {result.stderr}")
return result.stdout.strip()
except Exception as e:
raise Exception(f"{custom_error}: {e}") from e


def log_step(message: str):
print(f"--> {message}\n", flush=True)


def log_step_completed(message: str):
print(f"✔️ {message} completed.\n", flush=True)


def replace_placeholders_in_sql(review_app_name: str, input_file: str) -> str:
with open(input_file, "r") as file:
sql_content = file.read()

sql_content = sql_content.replace("{DOMAIN}", review_app_name)
sql_content = sql_content.replace("{HOSTNAME}", review_app_name)

return sql_content


def main(ctx, review_app_name):
log_step(f"The review app name is: {review_app_name}, if not, please cancel now...")
sleep(5)

log_step("Verifying if logged in Heroku")
heroku_user = execute_command(ctx, "heroku whoami", "Verify that you are logged in Heroku CLI")
print(f"Heroku user: {heroku_user}\n", flush=True)
log_step_completed("Heroku login verification")

log_step("Verifying if psql is installed")
execute_command(ctx, "psql --version", "Verify that you have 'psql' installed")
log_step_completed("psql installation verification")

try:
log_step("Enabling maintenance mode on the Review App")
execute_command(ctx, f"heroku maintenance:on -a {review_app_name}")
log_step_completed("Maintenance mode enabling")

log_step("Scaling web dynos on Review App to 0")
execute_command(ctx, f"heroku ps:scale -a {review_app_name} web=0")
log_step_completed("Web dynos scaling to 0")

log_step("Backing up Staging DB")
execute_command(ctx, f"heroku pg:backups:capture -a {STAGING_APP}")
log_step_completed("Staging DB backup")

log_step("Backing up Review App DB")
execute_command(ctx, f"heroku pg:backups:capture -a {review_app_name}")
log_step_completed("Review App DB backup")

log_step("Reset Review App DB")
execute_command(ctx, f"heroku pg:reset -a '{review_app_name}' --confirm '{review_app_name}'")
log_step_completed("Review App DB has been reset")

log_step("Restoring the latest Staging backup to Review App")
backup_staging_url = execute_command(ctx, f"heroku pg:backups:url -a {STAGING_APP}")
execute_command(
ctx, f"heroku pg:backups:restore --confirm {review_app_name} -a {review_app_name} '{backup_staging_url}'"
)
log_step_completed("Staging backup restoration to Review App")

log_step("Executing cleanup SQL script")
review_app_db_url = execute_command(ctx, f"heroku config:get -a {review_app_name} DATABASE_URL")

# Replace placeholders and write to a temporary file
sql_content = replace_placeholders_in_sql(review_app_name, "./cleanup.sql")
with tempfile.NamedTemporaryFile(suffix=".sql", mode="w", delete=True) as temp_sql_file:
temp_sql_file.write(sql_content)
temp_sql_file.flush()
execute_command(ctx, f"psql {review_app_db_url} -f {temp_sql_file.name}")

log_step_completed("Cleanup SQL script execution")

log_step("Running migrations")
execute_command(ctx, f"heroku run -a {review_app_name} -- python network-api/manage.py migrate --no-input")
log_step_completed("Migrations running")

except Exception as e:
log_step("Rolling back Review App")
execute_command(ctx, f"heroku pg:backups:restore -a {review_app_name} --confirm {review_app_name}")
print(e, flush=True)
log_step_completed("Review App rollback")

finally:
log_step("Scaling web dynos on Review App to 1")
execute_command(ctx, f"heroku ps:scale -a {review_app_name} web=1")
log_step_completed("Web dynos scaling to 1")

log_step("Disabling maintenance mode on Review App")
execute_command(ctx, f"heroku maintenance:off -a {review_app_name}")
log_step_completed("Maintenance mode disabling")
14 changes: 7 additions & 7 deletions dev-requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ asgiref==3.7.2
# via
# -c requirements.txt
# django
black==24.3.0
black==24.8.0
# via -r dev-requirements.in
click==8.1.3
# via
Expand All @@ -20,11 +20,11 @@ coverage[toml]==7.4.1
# via pytest-cov
cssbeautifier==1.14.7
# via djlint
django==4.2.11
django==4.2.15
# via
# -c requirements.txt
# django-debug-toolbar
django-debug-toolbar==4.3.0
django-debug-toolbar==4.4.2
# via -r dev-requirements.in
djhtml==3.0.6
# via -r dev-requirements.in
Expand All @@ -36,7 +36,7 @@ editorconfig==0.12.3
# jsbeautifier
execnet==1.9.0
# via pytest-xdist
flake8==7.0.0
flake8==7.1.1
# via -r dev-requirements.in
honcho==1.1.0
# via -r dev-requirements.in
Expand Down Expand Up @@ -72,15 +72,15 @@ pathspec==0.11.1
# djlint
platformdirs==2.5.3
# via black
pluggy==1.4.0
pluggy==1.5.0
# via pytest
ptvsd==4.3.2
# via -r dev-requirements.in
pycodestyle==2.11.0
pycodestyle==2.12.1
# via flake8
pyflakes==3.2.0
# via flake8
pytest==8.1.1
pytest==8.2.2
# via
# -r dev-requirements.in
# pytest-cov
Expand Down
Loading

0 comments on commit 2549e2b

Please sign in to comment.