Refactor USWDS alert component into a shortcode. (#4027)

* Add alert shortcode, remove component.

This is a cleaner syntax for alerts.

* move low-system banners to the top of pages

---------

Co-authored-by: Greg Walker <[email protected]>

Author: adunkman

_includes/alert.html

@@ -1,13 +1,7 @@
-<div class="usa-alert usa-alert--info">
-  <div class="usa-alert__body">
-    <h4 class="usa-alert__heading">This is a <a href="https://atos.open-control.org/categorization/">Low</a> system</h4>
-    <div class="usa-alert__text">
-      This means:
-      <ul>
-        <li>You cannot use it to store any <a href="{{ "/sensitive-information/" | url }}">sensitive information</a></li>
-        <li>It generally can't have write access to any <a href="https://atos.open-control.org/categorization/">Moderate</a> systems</li>
-      </ul>
-      Reach out in <a href="https://gsa-tts.slack.com/messages/infrastructure">#infrastructure</a> if you have questions.
-    </div>
-  </div>
-</div>
+{% alert "This is a <a href=\"https://atos.open-control.org/categorization/\">Low</a> system" %}
+  This means:
+  - You cannot use it to store any <a href="{{ "/sensitive-information/" | url }}">sensitive information</a>
+  - It generally can't have write access to any <a href="https://atos.open-control.org/categorization/">Moderate</a> systems
+
+  Reach out in <a href="https://gsa-tts.slack.com/messages/infrastructure">#infrastructure</a> if you have questions.
+{% endalert %}

_includes/low-system.html

@@ -1,6 +1,7 @@
-{% capture alert_content %} It is safest to assume that you cannot use any
-software/sites/apps that require installation or an account until you know it's
-[approved]({{ "/general-information-and-resources/software/" | url }}). Ask in
-[#infrastructure](https://gsa-tts.slack.com/messages/infrastructure) if you're
-not sure. {% endcapture %} {% include "alert.html" level:"warning"
-heading:"Software must be approved" content:alert_content %}
+{% alert "Software must be approved", "warning" %}
+  It is safest to assume that you cannot use any
+  software/sites/apps that require installation or an account until you know it's
+  [approved]({{ "/general-information-and-resources/software/" | url }}). Ask in
+  [#infrastructure](https://gsa-tts.slack.com/messages/infrastructure) if you're
+  not sure.
+{% endalert %}

_includes/software-warning.html

@@ -0,0 +1,33 @@
+/*
+https://designsystem.digital.gov/components/alert/
+
+heading: text of the alert heading
+level: the severity of the alert (default info)
+slim: set if slim style
+no_icon: set if omitting icon
+
+Example:
+
+{% alert "Heads up!" %}
+  This is the body of the info alert message.
+{% endalert %}
+
+{% alert "An error has occurred." "error" "slim" "no-icon" %}
+  This is the body of the info alert message.
+{% endalert %}
+*/
+
+module.exports = (content = "", heading = "", level = "info", slim = false, no_icon = false) => {
+  const classes = ["usa-alert", `usa-alert--${level}`];
+  if (slim) { classes.push("usa-alert--slim"); }
+  if (no_icon) { classes.push("usa-alert--no-icon"); }
+
+  const body = [`<div class="usa-alert__text">${content.trim()}</div>`];
+  if (heading != "") { body.unshift(`<h3 class="usa-alert__heading">${heading.trim()}</h3>`); }
+
+  return `
+    <div class="${classes.join(" ")}">
+      <div class="usa-alert__body">${body.join("")}</div>
+    </div>
+  `;
+}

config/shortcodes/alert.js

@@ -1,3 +1,4 @@
+const alertShortcode = require("./alert");
 const downloadShortcode = require("./download");
 const imageShortcode = require("./image");
 const imageWithClassShortcode = require("./imageWithClass");
@@ -8,6 +9,7 @@ const usaCurrentShortcode = require("./usaCurrent");
 const uswdsIconShortcode = require("./uswdsIcon");
 
 const shortcodePlugin = (eleventyConfig) => {
+  eleventyConfig.addPairedShortcode("alert", alertShortcode);
   eleventyConfig.addShortcode("download", downloadShortcode);
   eleventyConfig.addShortcode("image", imageShortcode);
   eleventyConfig.addShortcode("image_with_class", imageWithClassShortcode);

config/shortcodes/index.js

@@ -4,10 +4,11 @@ questions:
   - tts-handbook
 ---
 
-{% capture alert_content %} This page is new and currently under development.
-Its content is accurate, but it is lacking important information such as the
-Handbook's governance structure. {% endcapture %}
-{% include "alert.html" heading:"Under development" content:alert_content %}
+{% alert "Under development" %}
+  This page is new and currently under development.
+  Its content is accurate, but it is lacking important information such as the
+  Handbook's governance structure.
+{% endalert %}
 
 In a nutshell, the Handbook is our take on internal government documentation. It
 is an open, crowd-sourced, accessible, and living resource that aims to provide

pages/about.md

@@ -9,16 +9,20 @@ redirect_from:
 ---
 # Authority to Use (ATU) Process
 
-{% include "alert.html" level:"warning" content: "This guide is for **GSA Employees or Contractors** operating a GSA Website" %}
+{% alert "", "warning" %}
+  This guide is for **GSA Employees or Contractors** operating a GSA Website
+{% endalert %}
 
 "GSA Pages" is a **GSA only Authority to Operate (ATO)** of [cloud.gov's FEDRAMP Authorization](https://marketplace.fedramp.gov/products/F1607067912) of their [cloud.gov Pages](https://pages.cloud.gov) service. As such, it adds the Security Controls around the source code and contents for the website (e.g. Github). It provides **GSA employees** with a fast and secure approach to getting a web presence for your projects/programs.
 
+{% include "low-system.html" %}
+
 ## Launching a Website at GSA
 - Confirm your website is listed on [https://touchpoints.digital.gov](https://touchpoints.digital.gov)
   - if not listed, [complete a new website request](https://touchpoints.app.cloud.gov/admin/websites/new)
 - Follow [GSA's Digital Lifecycle Program Guide](https://insite.gsa.gov/employee-resources/communications/websites/strategy-policy-and-standards/digital-lifecycle-program)
 
-Prior to standing up a site with GSA Pages, you will need a domain or subdomain. To obtain a new domain or subdomain with GSA, approval is needed by GSA Leadership and Office of Customer Experience in Touchpoints. 
+Prior to standing up a site with GSA Pages, you will need a domain or subdomain. To obtain a new domain or subdomain with GSA, approval is needed by GSA Leadership and Office of Customer Experience in Touchpoints.
 
 ## Launching a cloud.gov Pages Website
 
@@ -96,4 +100,3 @@ Follow [TTS Incident Response Plan](https://handbook.tts.gsa.gov/general-informa
 1. Sign up for [cloud.gov Pages Status](https://cloudgov.statuspage.io/) notifications
 1. Follow [cloud.gov Contingency Plan](https://cloud.gov/docs/ops/contingency-plan/)
 
-{% include "low-system.html" %}

pages/general-information-and-resources/tech-policies/gsa-pages.md

@@ -8,6 +8,8 @@ redirect_from:
 
 [Airtable](https://airtable.com/) is a cloud-based tool that allows users to organize their workflow, data, and records in a flexible and visually appealing way without the need for any coding. **Licenses are now available for all TTS employees**. 
 
+{% include "low-system.html" %}
+
 ### How to Request a License 
 
 TTS employees can obtain a free, read-only license by making a request to [email protected]. Read-only users can view but not edit or comment on anything in the workspace, base, or interface. 
@@ -31,4 +33,3 @@ Tech Operations serves as the enterprise admins and can override all permissions
 
 Airtable has an Authorization to Operate (ATO) at FIPS 199 Low Impact Level; therefore, sensitive data such as personal identifiable information (PII) and controlled unclassified information (CUI) is not allowed. In addition, TTS is only authorized to give view-only access to partner agencies due the uncertainty of their ATO statuses. Other GSA Components are covered under the GSA ATO but should procure their own licenses. More detailed privacy and security guidance can be found [here](https://airtable.com/appQbn3D4GMM8SD0O/pagaDV7VWDAjLdAC0).
 
-{% include "low-system.html" %}

pages/tools/airtable.md

@@ -9,6 +9,8 @@ redirect_from:
 TTS uses [Eventbrite](https://www.eventbrite.com/) to manage registrations for
 events we host.
 
+{% include "low-system.html" %}
+
 ## Rules
 
 The following are required for accessibility and other compliance reasons:
@@ -47,8 +49,6 @@ The following are required for accessibility and other compliance reasons:
   - If attendees need to be federal employees, a question about whether they are
     federal or not
 
-{% include "low-system.html" %}
-
 ## See also
 
 - [Meetings and meeting tools]({% page "/meetings-and-meeting-tools/" %})

pages/tools/eventbrite.md

@@ -7,7 +7,7 @@ questions:
 cSpell: ignore allstar
 ---
 
-TTS strongly encourages all git commits to be cryptographically signed. A cryptographic signature is a strong indication that that the work was authored by the person claiming to have authored it and that it has not been changed since they authored it. 
+TTS strongly encourages all git commits to be cryptographically signed. A cryptographic signature is a strong indication that that the work was authored by the person claiming to have authored it and that it has not been changed since they authored it.
 
 ## Signing requirements
 
@@ -19,13 +19,13 @@ We strongly recommend [using a password manager]({% page "general-information-an
 
 ### Using GitHub on the web does not require signing
 
-If you only use GitHub from the web interface, you do not need to configure signing. The web interface automatically signs your work for you. 
+If you only use GitHub from the web interface, you do not need to configure signing. The web interface automatically signs your work for you.
 
 If you do any work with git repos on your local computer, however, you need to set up commit signing.
 
 ## 1. Create your keys
 
-Cryptographically signing your commits requires creating a pair of keys. One of them is your private key, and you must keep it secret. Think of it much like a password – only you should ever have access to it. Anyone with this private key can sign with your identity, so protect it! 
+Cryptographically signing your commits requires creating a pair of keys. One of them is your private key, and you must keep it secret. Think of it much like a password – only you should ever have access to it. Anyone with this private key can sign with your identity, so protect it!
 
 The other key is your public key, and it may be shared widely. In fact, in order to verify your signed commits, others will need access to your public key.
 
@@ -34,12 +34,9 @@ The other key is your public key, and it may be shared widely. In fact, in order
 ssh-keygen  -t ed25519 -C "[YOUR EMAIL]@gsa.gov"
 ```
 
-{%
-  include "alert.html"
-    level: "info"
-    heading: "About the cryptographic algorithm"
-    content: "We recommend using the ED25519 algorithm, a particular configuration of the EdDSA algorithm family. This is stronger than the default DSA family. This algorithm may not be appropriate for all cases, however, as it is newer and is not as widely supported yet. git and GitHub both support the ED25519 algorithm."
-%}
+{% alert "About the cryptographic algorithm" %}
+  We recommend using the ED25519 algorithm, a particular configuration of the EdDSA algorithm family. This is stronger than the default DSA family. This algorithm may not be appropriate for all cases, however, as it is newer and is not as widely supported yet. git and GitHub both support the ED25519 algorithm.
+{% endalert %}
 
 2. You will be asked where to save the key: `Enter file in which to save the key (/Users/[username]/.ssh/[key name])`
   - If you are using a password manager like KeePassXC, it will be more convenient if you change this path. Type `/Users/[username]/Desktop/git-signing-key`. (`[username]` is your login name on your laptop.)
@@ -65,9 +62,9 @@ ssh-keygen  -t ed25519 -C "[YOUR EMAIL]@gsa.gov"
 
 1. Add the keys to a KeePassXC entry.
   - If you already have an entry in KeePassXC for your GitHub account, double-click it to open it in editing mode.
-  - Otherwise, create a new entry using the **+ (Add a new entry)** button in the top bar. 
+  - Otherwise, create a new entry using the **+ (Add a new entry)** button in the top bar.
 2. On the left side of the editing window, click the **Advanced** button to navigate to the Advanced screen.
-3. Scroll down to the section titled **Attachments**. 
+3. Scroll down to the section titled **Attachments**.
 4. Click the **Add** button on the right side, and use the file browser to find the key you created above. Look for the files called `git-signing-key` and `git-signing-key.pub`, and add them both.
 
   {% image "_img/tools/git-signing/keepassxc-git-signing-01.png" %}
@@ -76,9 +73,9 @@ Once you have added the files to KeePassXC, you can delete them from your deskto
 
 #### 3. Tell KeePassXC that these are keys
 1. Double-click to edit the entry that has the keys attached.
-2. Click the button that says **SSH Agent** on the left sidebar. 
-3. Look for the section labeled **Private key** that includes a drop-down box labeled **Attachment**. 
-3. Click in the drop-down box and select the private key you added as an attachment. The sections below should then populate with information such as "Fingerprint," "Comment," and "Public key." 
+2. Click the button that says **SSH Agent** on the left sidebar.
+3. Look for the section labeled **Private key** that includes a drop-down box labeled **Attachment**.
+3. Click in the drop-down box and select the private key you added as an attachment. The sections below should then populate with information such as "Fingerprint," "Comment," and "Public key."
   - **IMPORTANT:** Use the _private_ key, the one that is just `git-signing-key`, not the public key!
 
   {% image "_img/tools/git-signing/keepassxc-git-signing-02.png" %}
@@ -96,7 +93,7 @@ Once you have added the files to KeePassXC, you can delete them from your deskto
 ssh-add --apple-use-keychain ~/.ssh/git-signing-key
 ```
 
-2. You will be prompted to enter the password you created for your key. 
+2. You will be prompted to enter the password you created for your key.
   - Using the `--apple-use-keychain` option will store your password securely in the macOS keychain, where it will only be available when you are logged into your computer.
 
 #### Linux
@@ -111,7 +108,7 @@ You may be required to enter the password associated with your key every time yo
 
 ## 3. Configure git to sign commits
 
-By default, git uses a format called GPG for commit signing. However, GPG keys are more difficult to create and manage, so we recommend SSH keys, which is what you created in the previous steps. 
+By default, git uses a format called GPG for commit signing. However, GPG keys are more difficult to create and manage, so we recommend SSH keys, which is what you created in the previous steps.
 
 1. Tell git to use SSH keys instead of GPG keys. In a terminal, enter this command:
 
@@ -129,9 +126,9 @@ git config --global commit.gpgsign true
 
 #### Copy your public key from KeePassXC
 1. Double-click to edit the KeePassXC entry that contains your keys.
-2. Click the button that says **SSH Agent** in the left sidebar. 
-3. Find the large text area labeled **Public key**. 
-4. Click on the **Copy to clipboard** button at the bottom to copy the public key. 
+2. Click the button that says **SSH Agent** in the left sidebar.
+3. Find the large text area labeled **Public key**.
+4. Click on the **Copy to clipboard** button at the bottom to copy the public key.
   - You will have 10 seconds to paste the key. KeePassXC clears the clipboard after 10 seconds.
 
   {% image "_img/tools/git-signing/keepassxc-ssh-02.png" %}
@@ -174,15 +171,12 @@ echo "[YOUR EMAIL]@gsa.gov $(cat ~/.ssh/git-signing-key.pub)" >> ~/.gitsigners
 
 ## 4. Tell GitHub about your key
 
-Git may be configured to sign your commits, but GitHub will mark them as `Unverified` and they will not be accepted under the Allstar policy. 
+Git may be configured to sign your commits, but GitHub will mark them as `Unverified` and they will not be accepted under the Allstar policy.
 
-In order to verify your signed commits, you must associate the public key with your GitHub account. 
-1. Go to your [GitHub SSH and GPG keys settings page]({% link "https://github.com/settings/keys" %}). 
+In order to verify your signed commits, you must associate the public key with your GitHub account.
+1. Go to your [GitHub SSH and GPG keys settings page]({% link "https://github.com/settings/keys" %}).
 2. Follow the [instructions provided by GitHub]({% link "https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account" %}) to add your signing key.
 
-{%
-  include "alert.html"
-    level: "warning"
-    heading: "Add a signing key, not an authentication key"
-    content: "When you add your key to GitHub, it presents a drop-down for key types. By default, it will add an authentication key. Be sure to click the drop-down and select the signing key option instead."
-%}
+{% alert "Add a signing key, not an authentication key", "warning" %}
+  When you add your key to GitHub, it presents a drop-down for key types. By default, it will add an authentication key. Be sure to click the drop-down and select the signing key option instead.
+{% endalert %}