Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into release manage back button #380

Merged
merged 58 commits into from
Jan 21, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
1c66f8c
feat(APIs): Remove IIS headers. Add security headers
Top-Cat Nov 28, 2024
9b9ff40
chore: Upgrade dfe-frontend package
stevesatdfe Nov 27, 2024
2dc8270
Revert launchsettings.json used for testing
Top-Cat Nov 28, 2024
c9c4469
Merge pull request #268 from DFE-Digital/feature/fhb-1025-update-dfe-…
stevesatdfe Nov 28, 2024
94e1fbe
Merge pull request #266 from DFE-Digital/FHB-1030
Top-Cat Nov 28, 2024
076259c
chore(terraform): Ensure all web APIs are HTTPS only and HTTP version…
stevesatdfe Nov 28, 2024
3d5b306
Merge pull request #272 from DFE-Digital/feature/fhb-1035-app-misconf…
stevesatdfe Nov 29, 2024
66a9561
feat: SQL Server auditing
stevesatdfe Dec 2, 2024
907a1ba
Merge pull request #277 from DFE-Digital/feature/fhb-1032-sql-server-…
stevesatdfe Dec 2, 2024
cb12570
Merge branch 'main' into merge-main-into-release-pen-test-changes
stevesatdfe Dec 3, 2024
bf86473
feat: Storage account misconfiguration
stevesatdfe Dec 2, 2024
4da3997
Merge pull request #286 from DFE-Digital/feature/1033-storage-account…
stevesatdfe Dec 3, 2024
5c2bf9e
Merge pull request #284 from DFE-Digital/merge-main-into-release-pen-…
stevesatdfe Dec 4, 2024
2e7129d
fix: Add alternative content security policy to APIs to allow Swagger…
stevesatdfe Dec 6, 2024
f2b895c
chore: Update swagger packages instead of header change
stevesatdfe Dec 6, 2024
54e89df
Merge pull request #292 from DFE-Digital/bugfix/fhb-1031-swagger-ui
stevesatdfe Dec 6, 2024
d9de0da
feat(terraform): Enable key vault purge protection and delete redunda…
stevesatdfe Dec 9, 2024
ef038de
Merge branch 'main' into merge-main-into-release-pen-test-changes
stevesatdfe Dec 10, 2024
a392a7d
Merge branch 'main' into merge-main-into-release-pen-test-changes
stevesatdfe Dec 10, 2024
eb27ba0
Merge branch 'main' into merge-main-into-release-pen-test-changes
stevesatdfe Dec 10, 2024
8db8abd
Merge pull request #305 from DFE-Digital/merge-main-into-release-pen-…
stevesatdfe Dec 10, 2024
17195f0
Merge pull request #308 from DFE-Digital/feature/fhb-1036-keyvault-mi…
stevesatdfe Dec 13, 2024
e46c8d8
feat(Shared-Razor): Use nonce for script tags instead of whitelist
Top-Cat Dec 13, 2024
490bc88
fix: Always enable Hsts and HttpsRedirection
Top-Cat Dec 13, 2024
a896119
Merge pull request #313 from DFE-Digital/FHB-1114
Top-Cat Dec 13, 2024
7519b0a
Merge pull request #312 from DFE-Digital/FHB-1115
Top-Cat Dec 13, 2024
d073597
Remote localhost Hsts macros
Top-Cat Dec 13, 2024
14659db
Merge pull request #315 from DFE-Digital/FHB-1115
Top-Cat Dec 16, 2024
3a7112b
Merge branch 'main' into merge-main-into-release-pen-test-changes
stevesatdfe Dec 17, 2024
f7c6c73
chore(terraform): Remove storage account for report stg api - lost in…
stevesatdfe Dec 17, 2024
2f2b74d
Merge pull request #320 from DFE-Digital/merge-main-into-release-pen-…
stevesatdfe Dec 17, 2024
fddb1e3
Remove app.UseHttpsRedirection()
stevesatdfe Dec 18, 2024
ef0f061
Add strict dynamic header for scripts
stevesatdfe Dec 18, 2024
963e766
chore: Add unsafe inline as well as struct dynamic for legacy browsers
stevesatdfe Dec 18, 2024
48dd9f2
Merge pull request #322 from DFE-Digital/bugfix/fhb-1114-fix-https-re…
stevesatdfe Dec 18, 2024
cc34131
Merge pull request #328 from DFE-Digital/main
stevesatdfe Jan 2, 2025
800b99b
Merge pull request #345 from DFE-Digital/main
stevesatdfe Jan 7, 2025
f27fe81
chore: fix merge conflicts with main
Zac-Digital Jan 15, 2025
660595b
Merge pull request #363 from DFE-Digital/merge-main-release-pen-test-…
stevesatdfe Jan 15, 2025
9d60e5b
Merge branch 'main' of github.com:/DFE-Digital/fh-services into merge…
Zac-Digital Jan 15, 2025
20cbc75
Merge pull request #368 from DFE-Digital/merge-main-release-pen-test-…
Zac-Digital Jan 15, 2025
857634e
Merge pull request #369 from DFE-Digital/release-pen-test-changes
stevesatdfe Jan 15, 2025
f79d096
adding location seeding data
DamiLaleye1 Jan 20, 2025
3f6760a
additional formating
DamiLaleye1 Jan 20, 2025
3dc5af5
Merge pull request #374 from DFE-Digital/FHB-1183--E2E-Automated-Test…
DamiLaleye1 Jan 20, 2025
5d861b8
ci: skip restore step on cache hit
Zac-Digital Jan 20, 2025
807f1c0
ci: bump runner os version
Zac-Digital Jan 20, 2025
67f20b6
ci: fix package cache
Zac-Digital Jan 20, 2025
052cad2
ci: fix package cache
Zac-Digital Jan 20, 2025
36e437d
ci: fix package cache
Zac-Digital Jan 20, 2025
e312c3e
ci: fix package cache
Zac-Digital Jan 20, 2025
3dd943a
ci: fix package cache
Zac-Digital Jan 20, 2025
352d099
chore: no op
Zac-Digital Jan 20, 2025
4b489dc
ci: fix package cache
Zac-Digital Jan 20, 2025
7e9e82c
ci: fix package caches for the rest
Zac-Digital Jan 20, 2025
cc4ae2e
ci: revert
Zac-Digital Jan 20, 2025
99b6ae2
ci: correct name
Zac-Digital Jan 20, 2025
ad67802
Merge pull request #378 from DFE-Digital/ci/build-and-test-package-cache
Zac-Digital Jan 21, 2025
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/build-and-test-template.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:
jobs:
build_and_test:
name: Build Project & Run Tests
runs-on: 'ubuntu-22.04'
runs-on: ubuntu-22.04
defaults:
run:
working-directory: src/${{ inputs.working_directory }}
Expand All @@ -36,15 +36,15 @@ jobs:
shell: bash
run: dotnet tool install --global LiquidTestReports.Cli --version 2.0.0-beta.2

- name: Package Cache
- name: NuGet Package Cache
uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
key: ${{ runner.os }}-NuGet-${{ inputs.job_name }}-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
${{ runner.os }}-NuGet-${{ inputs.job_name }}-${{ hashFiles('**/*.csproj') }}

- name: Install & Configure Spatialite
- name: Install & Configure SpatiaLite
if: ${{ inputs.working_directory == 'service/service-directory-api' || inputs.working_directory == 'service/referral-api' }}
shell: bash
run: |
Expand Down
34 changes: 17 additions & 17 deletions .github/workflows/build-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ on:

jobs:
build_and_test:
name: ${{ matrix.job_name }}
name: Test - ${{ matrix.job_name }}
strategy:
fail-fast: false
matrix:
Expand All @@ -40,37 +40,37 @@ jobs:
]
include:
- working_directory: service/notification-api
job_name: "Test - Notification API"
job_name: "Notification API"
- working_directory: service/idam-api
job_name: "Test - IDAM API"
job_name: "IDAM API"
- working_directory: service/service-directory-api
job_name: "Test - Service Directory API"
job_name: "Service Directory API"
- working_directory: service/referral-api
job_name: "Test - Referral API"
job_name: "Referral API"
- working_directory: service/report-api
job_name: "Test - Report API"
job_name: "Report API"
- working_directory: service/mock-hsda-api
job_name: "Test - Mock HSDA API"
job_name: "Mock HSDA API"
- working_directory: function/open-referral-function
job_name: "Test - Open Referral Function"
job_name: "Open Referral Function"
- working_directory: ui/connect-dashboard-ui
job_name: "Test - Connect Dashboard UI"
job_name: "Connect Dashboard UI"
- working_directory: ui/connect-ui
job_name: "Test - Connect UI"
job_name: "Connect UI"
- working_directory: ui/find-ui
job_name: "Test - Find UI"
job_name: "Find UI"
- working_directory: ui/idam-maintenance-ui
job_name: "Test - IDAM Maintenance UI"
job_name: "IDAM Maintenance UI"
- working_directory: ui/manage-ui
job_name: "Test - Manage UI"
job_name: "Manage UI"
- working_directory: shared/referral-shared
job_name: "Test - Referral Shared"
job_name: "Referral Shared"
- working_directory: shared/service-directory-shared
job_name: "Test - Service Directory Shared"
job_name: "Service Directory Shared"
- working_directory: shared/shared-kernel
job_name: "Test - Kernel Shared"
job_name: "Kernel Shared"
- working_directory: shared/web-components
job_name: "Test - Web Components Shared"
job_name: "Web Components Shared"
uses: ./.github/workflows/build-and-test-template.yml
with:
working_directory: ${{ matrix.working_directory }}
Expand Down
9 changes: 6 additions & 3 deletions .github/workflows/build-upload-artifact.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ on:
required: false
default: 'ubuntu-22.04'
type: string
job_name:
required: true
type: string

jobs:
build-project-upload-artifact:
Expand All @@ -38,13 +41,13 @@ jobs:
with:
dotnet-version: ${{ vars.DOTNET_VERSION_V8 }}

- name: Package Cache
- name: NuGet Package Cache
uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
key: ${{ runner.os }}-NuGet-${{ inputs.job_name }}-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
${{ runner.os }}-NuGet-${{ inputs.job_name }}-${{ hashFiles('**/*.csproj') }}

- name: Restore Project
shell: bash
Expand Down
27 changes: 14 additions & 13 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ permissions:

jobs:
build-projects-upload-artifacts:
name: ${{ matrix.job_name }}
name: Build - ${{ matrix.job_name }}
strategy:
fail-fast: true
matrix:
Expand All @@ -45,47 +45,48 @@ jobs:
include:
- project: src/service/idam-api/
publish_project: FamilyHubs.Idam.Api
job_name: Build - IDAM API
job_name: IDAM API
- project: src/service/notification-api/
publish_project: FamilyHubs.Notification.Api
job_name: Build - Notification API
job_name: Notification API
- project: src/service/referral-api/
publish_project: FamilyHubs.Referral.Api
job_name: Build - Referral API
job_name: Referral API
- project: src/service/report-api/
publish_project: FamilyHubs.Report.Api
job_name: Build - Report API
job_name: Report API
- project: src/service/service-directory-api/
publish_project: FamilyHubs.ServiceDirectory.Api
job_name: Build - Service Directory API
job_name: Service Directory API
- project: src/service/mock-hsda-api/
publish_project: FamilyHubs.Mock-Hsda.Api
job_name: Build - Mock HSDA API
job_name: Mock HSDA API
dotnet_version_override: "8.0.x"
- project: src/function/open-referral-function/
publish_project: FamilyHubs.OpenReferral.Function
job_name: Build - Open Referral Function
job_name: Open Referral Function
dotnet_version_override: "8.0.x"
- project: src/ui/connect-dashboard-ui/
publish_project: FamilyHubs.RequestForSupport.Web
job_name: Build - Connect Dashboard UI
job_name: Connect Dashboard UI
- project: src/ui/connect-ui/
publish_project: FamilyHubs.Referral.Web
job_name: Build - Connect UI
job_name: Connect UI
- project: src/ui/find-ui/
publish_project: FamilyHubs.ServiceDirectory.Web
job_name: Build - Find UI
job_name: Find UI
- project: src/ui/idam-maintenance-ui/
publish_project: FamilyHubs.Idams.Maintenance.UI
job_name: Build - IDAM Maintenance UI
job_name: IDAM Maintenance UI
- project: src/ui/manage-ui/
publish_project: FamilyHubs.ServiceDirectory.Admin.Web
job_name: Build - Manage UI
job_name: Manage UI
uses: ./.github/workflows/build-upload-artifact.yml
with:
project: ${{ matrix.project }}
publish_project: ${{ matrix.publish_project }}
dotnet_version: ${{ matrix.dotnet_version_override || vars.DOTNET_VERSION }}
job_name: ${{ matrix.job_name }}

deploy-api-services:
name: ${{ matrix.job_name }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/sonarcloud.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ jobs:
uses: actions/cache@v4
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj') }}
key: ${{ runner.os }}-NuGet-SuperSolution-${{ hashFiles('**/*.csproj') }}
restore-keys: |
${{ runner.os }}-nuget-
${{ runner.os }}-NuGet-SuperSolution-${{ hashFiles('**/*.csproj') }}

- name: Setup .NET ${{ vars.DOTNET_VERSION_V8 }}
uses: actions/setup-dotnet@v4
Expand All @@ -59,7 +59,7 @@ jobs:
shell: bash
run: dotnet tool install --global LiquidTestReports.Cli --version 2.0.0-beta.2

- name: Install & Configure Spatialite
- name: Install & Configure SpatiaLite
shell: bash
run: |
sudo apt-get update
Expand Down
6 changes: 3 additions & 3 deletions src/Directory.Packages.props
Original file line number Diff line number Diff line change
Expand Up @@ -138,9 +138,9 @@
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageVersion>
<PackageVersion Include="StackExchange.Redis" Version="2.8.12" />
<PackageVersion Include="Swashbuckle.AspNetCore" Version="6.5.0" />
<PackageVersion Include="Swashbuckle.AspNetCore.Annotations" Version="6.5.0" />
<PackageVersion Include="Swashbuckle.AspNetCore.SwaggerUI" Version="6.5.0" />
<PackageVersion Include="Swashbuckle.AspNetCore" Version="7.1.0" />
<PackageVersion Include="Swashbuckle.AspNetCore.Annotations" Version="7.1.0" />
<PackageVersion Include="Swashbuckle.AspNetCore.SwaggerUI" Version="7.1.0" />
<PackageVersion Include="System.IdentityModel.Tokens.Jwt" Version="7.7.1" />
<PackageVersion Include="System.Linq" Version="4.3.0" />
<PackageVersion Include="TestStack.BDDfy" Version="4.3.2" />
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,7 @@ public static void ConfigureWebApplication(this WebApplication webApplication)
webApplication.UseSwaggerUI();

webApplication.UseHttpsRedirection();
webApplication.UseHsts();

webApplication.MapControllers();

Expand Down
18 changes: 18 additions & 0 deletions src/service/idam-api/src/FamilyHubs.Idam.Api/web.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="DENY" />
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="Content-Security-Policy" value="default-src 'self';" />

<remove name="X-Powered-By" />
<remove name="x-aspnet-version"/>
</customHeaders>
</httpProtocol>
<security>
<requestFiltering removeServerHeader="true" />
</security>
</system.webServer>
</configuration>
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@
c.SwaggerEndpoint("/swagger/v1/swagger.json", "HSDA Mock API V1");
});

app.UseHttpsRedirection();
app.UseHsts();

app.UseRouting();

Expand Down
18 changes: 18 additions & 0 deletions src/service/mock-hsda-api/src/FamilyHubs.Mock-Hsda.Api/web.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="DENY" />
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="Content-Security-Policy" value="default-src 'self';" />

<remove name="X-Powered-By" />
<remove name="x-aspnet-version"/>
</customHeaders>
</httpProtocol>
<security>
<requestFiltering removeServerHeader="true" />
</security>
</system.webServer>
</configuration>
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
using FamilyHubs.Notification.Core.Commands.CreateNotification;
using System.Net.Mime;
using FamilyHubs.Notification.Core.Commands.CreateNotification;
using FamilyHubs.Notification.Core.Queries.GetSentNotifications;
using FamilyHubs.Notification.Api.Contracts;
using MediatR;
Expand Down Expand Up @@ -26,14 +27,18 @@ public void RegisterMinimalNotifyEndPoints(WebApplication app)
var result = await _mediator.Send(request, cancellationToken);
return result;

}).WithMetadata(new SwaggerOperationAttribute("Get Notifications", "Get Paginated Notification List") { Tags = new[] { "Notifications" } });
})
.WithMetadata(new SwaggerOperationAttribute("Get Notifications", "Get Paginated Notification List") { Tags = new[] { "Notifications" } })
.Produces<PaginatedList<MessageDto>>(contentType: MediaTypeNames.Application.Json);

app.MapGet("api/notify/{id}", [Authorize] async (long id, CancellationToken cancellationToken, ISender _mediator) =>
{
GetNotificationByIdCommand request = new(id);
var result = await _mediator.Send(request, cancellationToken);
return result;

}).WithMetadata(new SwaggerOperationAttribute("Get Notification By Id", "Get Notification By Id") { Tags = new[] { "Notifications" } });
})
.WithMetadata(new SwaggerOperationAttribute("Get Notification By Id", "Get Notification By Id") { Tags = new[] { "Notifications" } })
.Produces<MessageDto>(contentType: MediaTypeNames.Application.Json);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,7 @@ public static void ConfigureWebApplication(this WebApplication webApplication)
webApplication.UseSwaggerUI();

webApplication.UseHttpsRedirection();
webApplication.UseHsts();

webApplication.MapControllers();

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="DENY" />
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="Content-Security-Policy" value="default-src 'self';" />

<remove name="X-Powered-By" />
<remove name="x-aspnet-version"/>
</customHeaders>
</httpProtocol>
<security>
<requestFiltering removeServerHeader="true" />
</security>
</system.webServer>
</configuration>
Loading
Loading