Merge branch 'dev-infrastructure' into spike/dev-security-updates

.dockerignore

@@ -0,0 +1,11 @@
+.dockerignore
+.git/
+.github/
+.gitignore
+.vs
+.vscode
+CHANGELOG.md
+README.md
+log/
+
+public/assets/

.github/workflows/publish-deploy.yml

@@ -0,0 +1,34 @@
+name: "Build & Publish Docker Image"
+on:
+  workflow_dispatch: {}
+  push: {}
+
+jobs:
+  publish:
+    uses:  "epimorphics/github-workflows/.github/workflows/publish.yml@reusable"
+    secrets:
+      # Repostory specific
+      aws_access_key_id:     "${{ secrets.BUILD_HMLR_AWS_ACCESS_KEY_ID }}"
+      aws_secret_access_key: "${{ secrets.BUILD_HMLR_AWS_SECRET_ACCESS_KEY }}"
+      # Fixed
+      epi_gpr_access_token:  "${{ secrets.HMLR_GPR_ACCESS_TOKEN }}"
+  deploy:
+    needs: "publish"
+    uses:  "epimorphics/github-workflows/.github/workflows/deploy.yml@reusable"
+    with:
+      # Repostory specific
+      ansible_repo:     epimorphics/hmlr-ansible-deployment
+      ansible_repo_ref: master
+      host_prefix:      hmlr
+      # Fixed
+      deploy: "${{ needs.publish.outputs.deploy }}"
+      key:    "${{ needs.publish.outputs.key }}"
+      tag:    "${{ needs.publish.outputs.tag }}"
+    secrets:
+      # Repostory specific
+      ansible_vault_password: "${{ secrets.HMLR_ANSIBLE_VAULT_PASSWORD }}"
+      aws_access_key_id:      "${{ secrets.BUILD_HMLR_AWS_ACCESS_KEY_ID }}"
+      aws_secret_access_key:  "${{ secrets.BUILD_HMLR_AWS_SECRET_ACCESS_KEY }}"
+      ssh_key:                "${{ secrets.HMLR_SSH_KEY }}"
+      # Fixed
+      github_pat: "${{ secrets.GIT_REPOSITORY_FULL_ACCESS_PAT }}"

.gitignore

@@ -4,13 +4,22 @@
 # or operating system, you probably want to add a global ignore instead:
 #   git config --global core.excludesfile '~/.gitignore_global'
 
-# Ignore bundler config.
+!/log/.keep
+.byebug_history
+.github-token
+.npmrc
+.tags
 /.bundle
-
-# Ignore all logfiles and tempfiles.
 /log/*
-!/log/.keep
+/public/packs
+/public/packs-test
 /tmp
-.byebug_history
 C:\\nppdf32Log\\debuglog.txt
+coverage
+fc.json
+fc_simple.json
+index-names.txt
+index.json
+public/assets
+tags
 test/query_test.rb

.rubocop.yml

@@ -4,6 +4,7 @@ AllCops:
     - app/models/locations_table.rb
     - 'node_modules/**/*'
     - data/**/*
+    - 'Gemfile'
   NewCops: enable
 
 # Customize rules
@@ -20,6 +21,7 @@ Metrics/ClassLength:
     - test/**/*
 
 Metrics/BlockLength:
+  Max: 30
   Exclude:
     - test/**/*
     - lib/tasks/**/*

CHANGELOG.md

@@ -1,7 +1,74 @@
 # Standard Reports UI: change log
 
-
-## 1.3.7 - 2022-08-22
+## 1.5.0.1 - 2023-07-11
+
+- (Jon) Updated the `app/controllers/application_controller.rb` to include the
+  `before_action` for the `change_default_caching_policy` method to ensure the
+  default `Cache-Control` header for all requests is set to 5 minutes (300 seconds).
+
+## 1.5.0 - 2023-07-05
+
+- (Jon) This sets the cache control headers to be public and cacheable with a
+  retry limit of 5 mins as per the other cache settings.
+  [GH-114](https://github.com/epimorphics/hmlr-linked-data/issues/114)
+- (Jon) Primarily to add the Request ID in the headers to pass to SR Manager but
+  also including the addition of the `detailed_request_log` to match the other
+  apps and additional debugging messages while in development
+  [GH-124](https://github.com/epimorphics/hmlr-linked-data/issues/124)
+- (Jon) Keeping with the logging improvements this change rewrites the messages
+  passed to the logging gem to ensure the included details are simple and
+  straight to the point. This should also improve the issues reported in
+  [GH-117](https://github.com/epimorphics/hmlr-linked-data/issues/117) ,
+  at least from the front-end point of view!
+- (Jon) Updated the [README](README.md) to include the `API_SERVICE_URL`
+  variable to ensure the local `standard_reports_manager` instance is used in
+  the test environment.
+- (Jon) Ensures we're using the latest version of `json_rails_logger` as well as
+  other minor and patch updated gems
+
+## 1.4.4 - 2023-06-07
+
+- (Jon) Updated the `json_rails_logger` gem to the latest 1.0.1 release.
+  - Also includes minor patch updates for gems, please see the `Gemfile.lock`
+  for details.
+
+## 1.4.3 - 2023-06-03
+
+- (Jon) Updated the `json_rails_logger` gem to the latest 1.0.0 release.
+
+## 1.4.2 - 2023-03-10
+
+- (Jon) Added a cli recommendation for running the `sr-manager` locally;
+  resolved a markdown linting issue with using HTML in markdown; as well as
+  fixed a simple typo in the `localhost:3001` port example
+- (Jon) Refactors the elapsed time calculated for API requests to be resolved as
+  microseconds rather than milliseconds. This is to improve the reporting of the
+  elapsed time in the system tooling logs.
+- (Jon) Minor text changes to the `Gemfile` to include instructions for running
+  Epimorphics specific gems locally during the development of those gems.
+- (Jon) Updated the production `json_rails_logger` gem version to be at least
+  the current version `~>1.3.5` (this is to cover out of sync release versions)
+- (Jon) Updated the production `lr_common_styles` gem version to be at least the
+  current version `~>1.9.1` (this is to cover out of sync release versions)
+- (Jon) Refactored better guards in `entrypoint.sh` to ensure the required env
+  vars are set accordingly or deployment will fail noisily.
+- (Jon) Refactored the version cadence creation to include a SUFFIX value if
+  provided; otherwise no SUFFIX is included in the version number.
+
+## 1.4.1 - 2022-07-11
+
+- (Jon) Set the default root path environment variable to be
+ `/app/standard-reports` in the production environment as well as updated
+  variable requests to use `fetch` to future proof the codebase
+
+## 1.4.0 - 2022-04-07
+
+- (Ian) Adopt all of the current Epimorphics best-practice deployment patterns,
+  including shared GitHub actions, updated Makefile and Dockerfile, Prometheus
+  monitoring, and updated version of Sentry.
+- (Ian) Updated the README as part of handover.
+
+## 1.3.7
 
 - (Jon) Add Folkestone and Hythe to district names.
 
@@ -13,8 +80,9 @@
 - (Joseph) Add East Suffolk to district names.
 - (Joseph) Add West Suffolk to district names.
 
-## 1.3.5 - 2021-09-29
+## 1.3.5
 
+- (Mairead) Added deployment sub repo and assisting deployment files
 - (Mairead) Added Object.assign polyfill
 
 ## 1.3.4 - 2021-06-25
@@ -50,22 +118,22 @@ Updates to improve WCAG compliance, including:
 
 ## 1.2.1 - 2020-03-19
 
-- Updates to various gem dependencies following some CVE warnings,
-  but keeping Rails at version 5 for now.
+- Updates to various gem dependencies following some CVE warnings, but keeping
+  Rails at version 5 for now.
 
 ## 1.2.0 - 2019-12-17
 
-- Changed minor version number as we've switched to using a
-  separate Sentry project for this app.
+- Changed minor version number as we've switched to using a separate Sentry
+  project for this app.
 
 ## 1.1.3 - 2019-12-11
 
 - Add validation to avoid SPARQL-injection attack via postal codes
 
 ## 1.1.2 - 2019-12-09
 
-- Add `ActionController::BadRequest` to the list of exceptions that
-  Sentry will ignore
+- Add `ActionController::BadRequest` to the list of exceptions that Sentry will
+  ignore
 
 ## 1.1.1 - 2019-10-10
 

Dockerfile

@@ -0,0 +1,69 @@
+ARG ALPINE_VERSION
+ARG RUBY_VERSION
+
+# Defines base image which builder and final stage use
+FROM ruby:${RUBY_VERSION}-alpine${ALPINE_VERSION} as base
+ARG BUNDLER_VERSION
+
+
+RUN apk add --update \
+    bash \
+    coreutils \
+    git \
+    nodejs \
+    tzdata \
+    && rm -rf /var/cache/apk/* \
+    && gem install bundler:$BUNDLER_VERSION \
+    && bundle config --global frozen 1
+
+FROM base as builder
+
+RUN apk add --update build-base
+
+WORKDIR /usr/src/app
+
+COPY config.ru Gemfile Gemfile.lock Rakefile ./
+COPY .bundle/config /root/.bundle/config
+COPY bin bin
+
+RUN ./bin/bundle config set --local without 'development test' && ./bin/bundle install && mkdir log
+
+COPY app app
+COPY config config
+COPY public public
+
+# Compile
+
+RUN RAILS_ENV=production \
+# RAILS_RELATIVE_URL_ROOT=/ \
+  bundle exec rake assets:precompile \
+  && mkdir -m 777 /usr/src/app/coverage
+
+# Start a new build stage to minimise the final image size
+FROM base
+
+ARG image_name
+ARG git_branch
+ARG git_commit_hash
+ARG github_run_number
+ARG VERSION
+
+LABEL com.epimorphics.name=$image_name \
+      com.epimorphics.branch=$git_branch \
+      com.epimorphics.build=$github_run_number \
+      com.epimorphics.commit=$git_commit_hash \
+      com.epimorphics.version=$VERSION
+
+RUN addgroup -S app && adduser -S -G app app
+EXPOSE 3000
+
+WORKDIR /usr/src/app
+
+COPY --from=builder --chown=app /usr/local/bundle /usr/local/bundle
+COPY --from=builder --chown=app /usr/src/app .
+
+USER app
+
+# Add a script to be executed every time the container starts.
+COPY entrypoint.sh "/app/entrypoint.sh"
+ENTRYPOINT ["sh", "/app/entrypoint.sh"]

Gemfile

@@ -2,6 +2,8 @@
 
 source 'https://rubygems.org'
 
+gem 'execjs', '< 2.8.0'
+
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '< 6.0.0'
 # Use SCSS for stylesheets
@@ -10,7 +12,8 @@ gem 'sass-rails', '~> 5.0'
 gem 'uglifier', '>= 1.3.0'
 
 # See https://github.com/rails/execjs#readme for more supported runtimes
-gem 'therubyracer', platforms: :ruby
+# gem 'therubyracer', platforms: :ruby
+gem 'libv8-node', '>= 16.10.0.0'
 
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 gem 'jbuilder', '~> 2.0'
@@ -25,18 +28,17 @@ gem 'jquery-rails'
 gem 'modernizr-rails'
 gem 'modulejs-rails'
 
-gem 'lr_common_styles', git: 'https://github.com/epimorphics/lr_common_styles'
-# gem 'lr_common_styles', path: '/home/ian/projects/hmlr/lr_common_styles'
-
 # application dependencies
 gem 'faraday'
 gem 'faraday_middleware'
+gem 'get_process_mem', '~> 0.2.7'
 gem 'jquery-ui-rails'
 gem 'js-routes', '< 2.0'
 gem 'leaflet-rails'
+gem 'prometheus-client', '~> 4.0'
 gem 'puma'
 gem 'responders', '~> 2.0'
-gem 'sentry-raven'
+gem 'sentry-ruby', '~> 5.2'
 gem 'yajl-ruby', require: 'yajl'
 
 group :development, :test do
@@ -67,3 +69,16 @@ group :development do
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
 end
+
+# rubocop:disable Layout/LineLength
+# TODO: While running the rails app locally for testing you can set gems to your local path
+# ! These "local" paths do not work with a docker image - use the repo instead
+# gem 'json_rails_logger', '~> 1.0.0', path: '~/Epimorphics/shared/json-rails-logger/'
+# gem 'lr_common_styles', '~> 1.9.1', path: '~/Epimorphics/clients/land-registry/projects/lr_common_styles/'
+# rubocop:enable Layout/LineLength
+
+# TODO: In production you want to set this to the gem from the epimorphics package repo
+source 'https://rubygems.pkg.github.com/epimorphics' do
+  gem 'json_rails_logger', '~> 1.0.0'
+  gem 'lr_common_styles', '~> 1.9.1'
+end