Tracking pull request to merge release-1.1.0 to main (#102)

bcgov · Jun 2, 2022 · df3c3de · df3c3de
1 parent 000895f
commit df3c3de
Show file tree

Hide file tree

Showing 125 changed files with 2,505 additions and 1,146 deletions.
diff --git a/.pipeline/lib/build.js b/.pipeline/lib/build.js
@@ -13,7 +13,7 @@ module.exports = settings => {
   // The building of your cool app goes here ▼▼▼
 
   // build frontend
-  objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-bc.yaml`, {
+  objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-bc-docker.yaml`, {
     'param':{
       'NAME': phases[phase].name,
       'SUFFIX': phases[phase].suffix,

diff --git a/.pipeline/lib/config.js b/.pipeline/lib/config.js
@@ -24,7 +24,7 @@ backup      1m          20M
 
 Set the cpu usage 20m as the lowest
 Set the limit as two times of request
-
+electric-vehicle-rebates.gov.bc.ca
 */
 options.git.owner='bcgov'
 
@@ -39,8 +39,10 @@ const phases = {
         instance: `${name}-dev-${changeId}`  , version:`${version}-${changeId}`, tag:`dev-${version}-${changeId}`, 
         host: `itvr-dev-${changeId}.${ocpName}.gov.bc.ca`, djangoDebug: 'True', logoutHostName: 'logontest.gov.bc.ca',
         metabaseCpuRequest: '200m', metabaseCpuLimit: '300m', metabaseMemoryRequest: '500Mi', metabaseMemoryLimit: '2Gi', metabaseReplicas: 1,
-        frontendCpuRequest: '70m', frontendCpuLimit: '210m', frontendMemoryRequest: '300Mi', frontendMemoryLimit: '600Mi', frontendReplicas: 1,
-        backendCpuRequest: '60m', backendCpuLimit: '120m', backendMemoryRequest: '120Mi', backendMemoryLimit: '240Mi', backendHealthCheckDelay: 30, backendHost: `itvr-backend-dev-${changeId}.${ocpName}.gov.bc.ca`, backendReplicas: 1, backendDjangoDebug: 'True',
+        frontendCpuRequest: '70m', frontendCpuLimit: '210m', frontendMemoryRequest: '300Mi', frontendMemoryLimit: '600Mi', frontendReplicas: 1, 
+        reactAppBCSCKeycloakClientId: 'itvr', reactAppBCSCKeycloakRealm: 'rzh2zkjq', reactAppBCSCKeycloakUrl: 'https://dev.oidc.gov.bc.ca/auth/', reactAppApiBase: `https://itvr-backend-dev-${changeId}.apps.silver.devops.gov.bc.ca`,
+        reactAppBCeIDKeycloakClientId: 'itvr-2674', reactAppBCeIDKeycloakRealm: 'onestopauth-basic', reactAppBCeIDKeycloakUrl: 'https://dev.oidc.gov.bc.ca/auth/', 
+        backendCpuRequest: '60m', backendCpuLimit: '120m', backendMemoryRequest: '120Mi', backendMemoryLimit: '240Mi', backendHealthCheckDelay: 30, backendHost: `itvr-backend-dev-${changeId}.${ocpName}.gov.bc.ca`, backendReplicas: 1, backendDjangoDebug: 'True', bucketName: 'itvrdv',
         minioCpuRequest: '30m', minioCpuLimit: '100m', minioMemoryRequest: '150Mi', minioMemoryLimit: '300Mi', minioPvcSize: '3Gi',
         schemaspyCpuRequest: '50m', schemaspyCpuLimit: '200m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160,
         rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '1G', rabbitmqPvcSize: '1G', rabbitmqReplica: 1, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard',
@@ -52,25 +54,30 @@ const phases = {
         instance: `${name}-test`, version:`${version}`, tag:`test-${version}`, 
         host: `itvr-test.${ocpName}.gov.bc.ca`, djangoDebug: 'False', logoutHostName: 'logontest.gov.bc.ca',
         metabaseCpuRequest: '200m', metabaseCpuLimit: '300m', metabaseMemoryRequest: '500Mi', metabaseMemoryLimit: '2Gi', metabaseReplicas: 1,
-        frontendCpuRequest: '70m', frontendCpuLimit: '210m', frontendMemoryRequest: '300Mi', frontendMemoryLimit: '600Mi', frontendReplicas: 2, frontendMinReplicas: 1, frontendMaxReplicas: 3,
-        backendCpuRequest: '40m', backendCpuLimit: '120m', backendMemoryRequest: '120Mi', backendMemoryLimit: '240Mi', backendHealthCheckDelay: 30, backendReplicas: 2, backendMinReplicas: 1, backendMaxReplicas: 3, backendHost: `itvr-backend-test.${ocpName}.gov.bc.ca`, backendDjangoDebug: 'True',
+        frontendCpuRequest: '70m', frontendCpuLimit: '210m', frontendMemoryRequest: '300Mi', frontendMemoryLimit: '600Mi', frontendReplicas: 2, frontendMinReplicas: 1, frontendMaxReplicas: 3, 
+        reactAppBCSCKeycloakClientId: 'itvr', reactAppBCSCKeycloakRealm: 'rzh2zkjq', reactAppBCSCKeycloakUrl: 'https://test.oidc.gov.bc.ca/auth/', reactAppApiBase: `https://itvr-backend-test.apps.silver.devops.gov.bc.ca`,
+        reactAppBCeIDKeycloakClientId: 'itvr-2674', reactAppBCeIDKeycloakRealm: 'onestopauth-basic', reactAppBCeIDKeycloakUrl: 'https://test.oidc.gov.bc.ca/auth/',
+        backendCpuRequest: '40m', backendCpuLimit: '120m', backendMemoryRequest: '120Mi', backendMemoryLimit: '240Mi', backendHealthCheckDelay: 30, backendReplicas: 2, backendMinReplicas: 1, backendMaxReplicas: 3, backendHost: `itvr-backend-test.${ocpName}.gov.bc.ca`, backendDjangoDebug: 'False', bucketName: 'itvrts',
         minioCpuRequest: '30m', minioCpuLimit: '100m', minioMemoryRequest: '150Mi', minioMemoryLimit: '300Mi', minioPvcSize: '3G',
         schemaspyCpuRequest: '20m', schemaspyCpuLimit: '200m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160,
         rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '700M', rabbitmqPvcSize: '1G', rabbitmqReplica: 2, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard',
         patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250Mi', patroniMemoryLimit: '500Mi', patroniPvcSize: '5G', patroniReplica: 2, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`,
-        taskQueueCpuRequest: '40m', taskQueueCpuLimit: '120m', taskQueueMemoryRequest: '120Mi', taskQueueMemoryLimit: '240Mi', taskQueueReplicas: 1, taskQueueDjangoDebug: 'True',},
+        taskQueueCpuRequest: '40m', taskQueueCpuLimit: '120m', taskQueueMemoryRequest: '120Mi', taskQueueMemoryLimit: '240Mi', taskQueueReplicas: 1, taskQueueDjangoDebug: 'False',},
 
   prod: {namespace:'ac294c-prod', name: `${name}`, ssoSuffix:'', 
         ssoName:'oidc.gov.bc.ca', phase: 'prod'  , changeId:`${changeId}`, suffix: `-prod`, 
         instance: `${name}-prod`, version:`${version}`, tag:`prod-${version}`, 
         metabaseCpuRequest: '200m', metabaseCpuLimit: '300m', metabaseMemoryRequest: '500Mi', metabaseMemoryLimit: '2Gi', metabaseReplicas: 1,
-        host: 'electric-vehicle-reba_tes.gov.bc.ca', djangoDebug: 'False', logoutHostName: 'logon7.gov.bc.ca',
-        frontendCpuRequest: '400m', frontendCpuLimit: '800m', frontendMemoryRequest: '600Mi', frontendMemoryLimit: '1200Mi', frontendReplicas: 1, frontendMinReplicas: 1, frontendMaxReplicas: 3,
-        backendCpuRequest: '50m', backendCpuLimit: '100m', backendMemoryRequest: '520Mi', backendMemoryLimit: '1Gi', backendHealthCheckDelay: 30, backendReplicas: 1, backendMinReplicas: 1, backendMaxReplicas: 3, backendHost: `itvr-backend-prod.${ocpName}.gov.bc.ca`, backendDjangoDebug: 'False',
+        host: `itvr-prod.${ocpName}.gov.bc.ca`, djangoDebug: 'False', logoutHostName: 'logon7.gov.bc.ca',
+        frontendCpuRequest: '140m', frontendCpuLimit: '280m', frontendMemoryRequest: '600Mi', frontendMemoryLimit: '1200Mi', frontendReplicas: 2, frontendMinReplicas: 2, frontendMaxReplicas: 5, 
+        reactAppBCSCKeycloakClientId: 'itvr', reactAppBCSCKeycloakRealm: 'rzh2zkjq', reactAppBCSCKeycloakUrl: 'https://oidc.gov.bc.ca/auth/', reactAppApiBase: `https://itvr-backend-prod.apps.silver.devops.gov.bc.ca`,
+        reactAppBCeIDKeycloakClientId: 'itvr-2674', reactAppBCeIDKeycloakRealm: 'onestopauth-basic', reactAppBCeIDKeycloakUrl: 'https://oidc.gov.bc.ca/auth/',
+        backendCpuRequest: '80m', backendCpuLimit: '160m', backendMemoryRequest: '240Mi', backendMemoryLimit: '480Mi', backendHealthCheckDelay: 30, backendReplicas: 3, backendMinReplicas: 3, backendMaxReplicas: 5, backendHost: `itvr-backend-prod.${ocpName}.gov.bc.ca`, backendDjangoDebug: 'False', bucketName: 'itvrpr',
         minioCpuRequest: '30m', minioCpuLimit: '100m', minioMemoryRequest: '150Mi', minioMemoryLimit: '300Mi', minioPvcSize: '3G',
         schemaspyCpuRequest: '50m', schemaspyCpuLimit: '400m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160,
         rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '1G', rabbitmqPvcSize: '5G', rabbitmqReplica: 2, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard',
-        patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250Mi', patroniMemoryLimit: '500Mi', patroniPvcSize: '8G', patroniReplica: 3, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}
+        patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250Mi', patroniMemoryLimit: '500Mi', patroniPvcSize: '8G', patroniReplica: 3, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`,
+        taskQueueCpuRequest: '80m', taskQueueCpuLimit: '160m', taskQueueMemoryRequest: '150Mi', taskQueueMemoryLimit: '300Mi', taskQueueReplicas: 1, taskQueueDjangoDebug: 'False',}
 
 };
 

diff --git a/.pipeline/lib/deploy-knp.js b/.pipeline/lib/deploy-knp.js
@@ -16,8 +16,7 @@ module.exports = settings => {
   // The deployment of your cool app goes here ▼▼▼
   objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/knp/knp-env-pr.yaml`, {
     'param': {
-      'SUFFIX': phases[phase].suffix,
-      'ENVIRONMENT': phases[phase].phase
+      'SUFFIX': phases[phase].suffix
     }
   }))
 

diff --git a/.pipeline/lib/deploy.js b/.pipeline/lib/deploy.js
@@ -55,7 +55,7 @@ module.exports = settings => {
   }
   */
 
-  objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-dc.yaml`, {
+  objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-dc-docker.yaml`, {
     'param': {
       'NAME': phases[phase].name,
       'SUFFIX': phases[phase].suffix,
@@ -66,7 +66,14 @@ module.exports = settings => {
       'CPU_LIMIT': phases[phase].frontendCpuLimit,
       'MEMORY_REQUEST': phases[phase].frontendMemoryRequest,
       'MEMORY_LIMIT': phases[phase].frontendMemoryLimit,
-      'REPLICAS':  phases[phase].frontendReplicas
+      'REPLICAS':  phases[phase].frontendReplicas,
+      'REACT_APP_BCSC_KEYCLOAK_CLIENT_ID': phases[phase].reactAppBCSCKeycloakClientId,
+      'REACT_APP_BCSC_KEYCLOAK_REALM': phases[phase].reactAppBCSCKeycloakRealm,
+      'REACT_APP_BCSC_KEYCLOAK_URL': phases[phase].reactAppBCSCKeycloakUrl,
+      'REACT_APP_BCEID_KEYCLOAK_CLIENT_ID': phases[phase].reactAppBCeIDKeycloakClientId,
+      'REACT_APP_BCEID_KEYCLOAK_REALM': phases[phase].reactAppBCeIDKeycloakRealm,
+      'REACT_APP_BCEID_KEYCLOAK_URL': phases[phase].reactAppBCeIDKeycloakUrl,
+      'REACT_APP_API_BASE': phases[phase].reactAppApiBase
     }
   }))
 
@@ -83,7 +90,8 @@ module.exports = settings => {
       'MEMORY_LIMIT': phases[phase].backendMemoryLimit,
       'HEALTH_CHECK_DELAY': phases[phase].backendHealthCheckDelay,
       'REPLICAS':  phases[phase].backendReplicas,
-      'DJANGO_DEBUG': phases[phase].backendDjangoDebug
+      'DJANGO_DEBUG': phases[phase].backendDjangoDebug,
+      'BUCKET_NAME': phases[phase].bucketName
     }
   })) 
 

diff --git a/.prettierignore b/.prettierignore
@@ -0,0 +1 @@
+django/
diff --git a/.sonarcloud.properties b/.sonarcloud.properties
@@ -0,0 +1,21 @@
+sonar.projectKey=bcgov_itvr
+sonar.projectName=itvr
+
+# Path to sources
+sonar.sources=frontend/src,django/api
+#sonar.exclusions=
+#sonar.inclusions=
+
+sonar.python.file.suffixes=py
+sonar.python.version=3.9
+
+# Path to tests
+#sonar.tests=ppr-api/tests,ppr-ui/tests/unit
+#sonar.test.exclusions=
+#sonar.test.inclusions=
+
+# Source encoding
+sonar.sourceEncoding=UTF-8
+
+# Exclusions for copy-paste detection
+#sonar.cpd.exclusions=
diff --git a/README.md b/README.md
@@ -1,3 +1,5 @@
+[![SonarCloud](https://sonarcloud.io/images/project_badges/sonarcloud-white.svg)](https://sonarcloud.io/summary/new_code?id=bcgov_itvr)
+
 # itvr
 
 ## System
@@ -62,7 +64,24 @@ We are using [CHES](https://digital.gov.bc.ca/common-components/common-hosted-em
 
 To get access to the created client, go [request account](https://getok.nrs.gov.bc.ca/app/requestAccount) with application acronym `ITVR`. This will allow you to reset client secrets for environments (dev, test, prod) as needed.
 
-### Frontend
+### CRA
+
+Submitting wage requests can be done manually by logging into
+ftp://ftp-ot.cra-arc.gc.ca/pub/BC/iv/bcvr/ anonymously and dropping any encrypted files in the uaclient2cra folder. Within a short time the encrypted response will be available within the uacra2client folder. All security is trusted within the encryption algorithm. Anybody can download a file from here. Only the target user/computer can decrypt the file.
+
+For the next valid sequence number:
+
+If you ever are not sure, Susan can verify with ITB or send a request with the last sequence you are aware of and it will will fail but you will get an email notification indicating the error and what the next available sequence is.
+
+Example of the contents of the error email for wrong sequence number:
+
+THE FOLLOWING FILENAME IS EXCLUDED FROM PROCESSING PLEASE INVESTIGATE THE FILE LISTED BELOW:
+INPUT FILENAME: DEMO.A00154
+REASON : INVALID SEQUENCE NUMBER ON INPUT FILENAME
+
+        THE NEXT VALID SEQUENCE NUMBER TO USE IS :   00155
+
+## Frontend
 
 We've decided to run the frontend outside of docker at this time mostly because of mounted Lima volumes causing issues with npm permissions. [Track the open issue](https://github.com/lima-vm/lima/issues/693)
 
@@ -99,3 +118,40 @@ The storybook is available by default at `http://localhost:6006/`
 We use [Openshift](https://www.redhat.com/en/technologies/cloud-computing/openshift) to deploy our applications. [Access the console here](https://console.apps.silver.devops.gov.bc.ca/k8s/cluster/projects)
 
 There's training on Openshift offered by BCDevExchange. Check the [schedule here](https://bcdevexchange.org/learning)
+
+### Git Process/ Rebasing
+
+We use git for version control.
+Each developer has their own fork of the repo and works off of branches from there
+If another branch is merged in (eg from another developer) then the branch in progress will need
+to be rebased before it gets merged in.
+
+Steps:
+git checkout release-branch
+git fetch upstream
+git pull --rebase upstream release-branch
+git checkout featurebranch
+git rebase release-branch
+
+If there are any conflicts, you will have to step through each commit and fix them. After
+conflicts are fixed and added (git add) then:
+
+git rebase --continue
+
+until all of the conflicts are fixed.
+
+If you already have a branch at origin you'll have to force push, otherwise doing a
+regular push will just give errors:
+git push -f origin <feature-branch>
+
+### Testing
+
+backend tests will be recognized and run with other tests if they have follow this naming convention:
+test\_[name].py
+eg. test_calculate_rebate.py
+
+to run tests use a terminal in the api container and type
+python manage.py test
+
+or to run specific test files, point to the folder or file
+python manage.py test api.services.tests.test_calculate_rebate
diff --git a/chart/itvr/charts/itvr-spilo/Readme.md b/chart/itvr/charts/itvr-spilo/Readme.md
@@ -1,7 +1,3 @@
 ## Before running Helm
-* Create Object Storage secret
-Testing command: helm template itvr -f ./values-dev.yaml --set accessId=11,accessKey=22 bucketName=33 . > 1.yaml
-
-Testing command: helm template itvr -f ./values-dev.yaml --set accessId=nr-itvr-dev,accessKey=Kh/idaPzesehyZlvL2ESkOC1xqZ76NUvVBhv9HXv,bucketName=itvrdv . > 1.yaml
-Testing command: helm template itvr -f ./values-test.yaml --set accessId=,accessKey= bucketName= . > 1.yaml
-Testing command: helm template itvr -f ./values-prod.yaml --set accessId=,accessKey= bucketName= . > 1.yaml
+* Create Object Storage secret for database continuous backup, itvr-db-backup-s3
+* Create Secret itvr-patroni-admin to include the admin passwords
diff --git a/chart/itvr/charts/itvr-spilo/values-dev.yaml b/chart/itvr/charts/itvr-spilo/values-dev.yaml
@@ -12,15 +12,21 @@ spilo:
 
   continuousArchive:
     enabled: true
-    scheduleCronJob: "0 2 * * *"
+    scheduleCronJob: "0 10 * * *"
     retainBackups: 3
     storage: s3
     s3:
       bucket: itvrdv
       secretName: itvr-db-backup-s3
 
+  shipLogs:
+    enabled: false
+#    s3:
+#      bucket: s3://itvrdv
+#      shipSchedule: 0 7 * * *
+
   persistentVolume:
-    size: 700Mi
+    size: 5Gi
     storageClass: netapp-block-standard
 
   resources:

diff --git a/chart/itvr/charts/itvr-spilo/values-prod.yaml b/chart/itvr/charts/itvr-spilo/values-prod.yaml
@@ -2,26 +2,40 @@ spilo:
 
   replicaCount: 3
 
+  credentials:
+    useExistingSecret: true
+    existingSecret:
+      name: itvr-patroni-admin
+      superuserKey: password-superuser
+      adminKey: password-admin
+      standbyKey: password-standby
+
   continuousArchive:
     enabled: true
-    scheduleCronJob: "0 2 * * *"
-    retainBackups: 14
+    scheduleCronJob: "0 */3 * * *"
+    retainBackups: 3
     storage: s3
     s3:
       bucket: itvrpr
       secretName: itvr-db-backup-s3
 
+  shipLogs:
+    enabled: false
+#    s3:
+#      bucket: s3://itvrpr
+#      shipSchedule: 0 7 * * *
+
   persistentVolume:
-    size: 500Mi
+    size: 5Gi
     storageClass: netapp-block-standard
 
   resources:
     limits:
-      cpu: 120m
-      memory: 400Mi
+      cpu: 240m
+      memory: 800Mi
     requests:
-      cpu: 60m
-      memory: 200Mi  
+      cpu: 120m
+      memory: 400Mi  
 
   podDisruptionBudget:
     enabled: false
@@ -32,4 +46,5 @@ spilo:
     readiness:
       enabled: true 
       initialDelaySeconds: 60
-      failureThreshold: 20         
+      failureThreshold: 20         
+
diff --git a/chart/itvr/charts/itvr-spilo/values-test.yaml b/chart/itvr/charts/itvr-spilo/values-test.yaml
@@ -12,15 +12,21 @@ spilo:
 
   continuousArchive:
     enabled: true
-    scheduleCronJob: "0 2 * * *"
+    scheduleCronJob: "0 */3 * * *"
     retainBackups: 3
     storage: s3
     s3:
       bucket: itvrts
       secretName: itvr-db-backup-s3
 
+  shipLogs:
+    enabled: false
+#    s3:
+#      bucket: s3://itvrts
+#      shipSchedule: 0 7 * * *
+
   persistentVolume:
-    size: 700Mi
+    size: 5Gi
     storageClass: netapp-block-standard
 
   resources:

diff --git a/chart/itvr/charts/itvr-spilo/values.yaml b/chart/itvr/charts/itvr-spilo/values.yaml
diff --git a/chart/itvr/charts/spilo/templates/statefulset.yaml b/chart/itvr/charts/spilo/templates/statefulset.yaml
@@ -112,6 +112,12 @@ spec:
         - name: USE_WALE
           value: ""
         {{- end }}
+        {{- if .Values.shipLogs.enabled }}
+        - name: LOG_S3_BUCKET
+          value: {{ .Values.shipLogs.s3.bucket | quote }}
+        - name: LOG_SHIP_SCHEDULE
+          value: {{ .Values.shipLogs.s3.shipSchedule | quote }}
+        {{- end }}
         - name: PGROOT
           value: "{{ .Values.persistentVolume.mountPath }}/pgroot"
         - name: POD_NAMESPACE

diff --git a/django/Dockerfile b/django/Dockerfile
@@ -6,13 +6,3 @@ WORKDIR /api
 COPY requirements.txt requirements.txt
 RUN pip install -r requirements.txt
 COPY . .
-
-# Place to store static files
-RUN mkdir /frontend
-RUN mkdir /frontend/public
-
-# Cron
-RUN apt-get update && apt-get install -y cron
-COPY api/jobs/cron/hourly-tasks /etc/cron.d/hourly-tasks
-RUN chmod 0644 /etc/cron.d/hourly-tasks &&\ 
-    crontab /etc/cron.d/hourly-tasks