Skip to content

Commit

Permalink
Merge pull request #1079 from ministryofjustice/ANPL-862-configure-pr…
Browse files Browse the repository at this point in the history
…e-commit-for-dev

Anpl 862 configure pre commit for dev
  • Loading branch information
ahbensiali authored Dec 7, 2022
2 parents da0e248 + 56ea1d8 commit aac4189
Show file tree
Hide file tree
Showing 8 changed files with 111 additions and 24 deletions.
5 changes: 5 additions & 0 deletions .flake8
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[flake8]
ignore = E203, E266, E501, W503, F403, F401
max-line-length = 88
max-complexity = 18
select = B,C,E,F,W,T4,B9
39 changes: 39 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
default_stages: [commit]
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
hooks:
- id: requirements-txt-fixer
- id: check-yaml
- id: end-of-file-fixer
- id: trailing-whitespace

- repo: https://github.com/psf/black
rev: 22.8.0
hooks:
- id: black
name: black formatting
entry: bash -c 'black --check $(git diff --name-only --cached --diff-filter=ACMR | grep .py)'

- repo: https://github.com/pycqa/isort
rev: 5.10.1
hooks:
- id: isort
name: isort (python)
entry: bash -c 'isort --check-only $(git diff --name-only --cached --diff-filter=ACMR | grep .py)'

- repo: https://github.com/pycqa/flake8
rev: 5.0.4
hooks:
- id: flake8
name: flake8 format check
entry: bash -c 'flake8 --config=.flake8 $(git diff --name-only --cached --diff-filter=ACMR | grep .py)'

- repo: local
hooks:
- id: jira-ticket
name: Check for Jira ticket
language: pygrep
entry: '\A(?!ANPL+-[0-9]+)'
args: [--multiline]
stages: [commit-msg]
20 changes: 10 additions & 10 deletions controlpanel/settings/test.py
Original file line number Diff line number Diff line change
@@ -1,29 +1,29 @@
# First-party/Local
from controlpanel.settings.common import *


ENV = 'test'
ENV = "test"

AWS_COMPUTE_ACCOUNT_ID = "test_compute_account_id"
AWS_DATA_ACCOUNT_ID = "123456789012" # XXX DO NOT CHANGE - it will break moto tests
K8S_WORKER_ROLE_NAME = "nodes.example.com"
SAML_PROVIDER = "test-saml"

LOGGING["loggers"]["django_structlog"]["level"] = "WARNING"
LOGGING["loggers"]["controlpanel"]["level"] = "WARNING"
LOGGING["loggers"]["django_structlog"]["level"] = "WARNING" # noqa: F405
LOGGING["loggers"]["controlpanel"]["level"] = "WARNING" # noqa: F405

AUTHENTICATION_BACKENDS = [
'rules.permissions.ObjectPermissionBackend',
'django.contrib.auth.backends.ModelBackend',
"rules.permissions.ObjectPermissionBackend",
"django.contrib.auth.backends.ModelBackend",
]
MIDDLEWARE.remove('mozilla_django_oidc.middleware.SessionRefresh')
REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES'].remove(
'mozilla_django_oidc.contrib.drf.OIDCAuthentication',
MIDDLEWARE.remove("mozilla_django_oidc.middleware.SessionRefresh") # noqa: F405
REST_FRAMEWORK["DEFAULT_AUTHENTICATION_CLASSES"].remove( # noqa: F405
"mozilla_django_oidc.contrib.drf.OIDCAuthentication",
)
OIDC_OP_JWKS_ENDPOINT = "https://example.com/.well-known/jwks.json"
OIDC_ALLOW_UNSECURED_JWT = True
OIDC_DOMAIN = "oidc.idp.example.com"

TOOLS_DOMAIN = 'example.com'
TOOLS_DOMAIN = "example.com"

CSRF_COOKIE_SECURE = False
SESSION_COOKIE_SECURE = False
Expand Down
4 changes: 4 additions & 0 deletions controlpanel/wsgi.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,13 @@
https://docs.djangoproject.com/en/2.1/howto/deployment/wsgi/
"""

# Standard library
import os

# Third-party
from django.core.wsgi import get_wsgi_application

# First-party/Local
from controlpanel.utils import load_app_conf_from_file

os.environ.setdefault("DJANGO_SETTINGS_MODULE", "controlpanel.settings")
Expand Down
50 changes: 42 additions & 8 deletions doc/running.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
pip3 install -r requirements.dev.txt
pre-commit install --hook-type commit-msg
pre-commit install
```

In addition, you must have:
Expand Down Expand Up @@ -82,7 +84,7 @@ and have [cluster admin access to Kubernetes](https://silver-dollop-30c6a355.pag
### AWS Configuration

In order to run the app you'll need various permissions set up for you in the
wider infrastructure of the project, mainly for AWS platform.
wider infrastructure of the project, mainly for AWS platform.

As the docs for AWS (linked above) mention, you'll need to add yourself an AWS
user account linked to your MoJ email address via the
Expand Down Expand Up @@ -257,14 +259,14 @@ and then ask a colleague for help.

### Local AWS profile setup (on first run only)
This app needs to interact with multiple AWS accounts in order to support the users' needs.
The AWS resources like IAM, s3 buckets are under our data account and will be managed by
The AWS resources like IAM, s3 buckets are under our data account and will be managed by
app through [boto3](https://boto3.amazonaws.com/v1/documentation/api/latest/index.html). In order to make sure the boto3 can obtain the right profile for local env.
The following steps will show how to create it.

Assume that the name of profile for our aws data account is ```admin-data```

#### Add the AWS credential into .aws/credentials
it should look like below
it should look like below
```
[admin-data]
aws_access_key_id = <your aws_access_key_id>
Expand Down Expand Up @@ -317,17 +319,17 @@ If you want to run the control panel app to manage AWS resources under single ro
following environment variable to define the profile you want to use
- ```AWS_PROFILE```: The profile which will be used for ```boto3``` auth
export AWS_PROFILE = "admin-data"
- Make sure there is NO other AWS boto3 environment variables defined.
- Make sure there is NO other AWS boto3 environment variables defined.

#### AWS credential setting for multiple AWS roles
If you want to run the app to manage the AWS resources cross different AWS accounts by assuming
If you want to run the app to manage the AWS resources cross different AWS accounts by assuming
different roles, then
- Check whether following 2 more environment variables have been setup in the env file or not
- `AWS_DATA_ACCOUNT_ROLE`: The role_arn of admin-data account
- `AWS_DEV_ACCOUNT_ROLE` : The role_arn of admin-dev account

if you are not sure what the value of role_arn of those two accounts is, you can find them out by
checking the aws config file.
checking the aws config file.

More detail about the settings for mult-account is [here](architecture.md) (last section)
- Make sure other AWS boto3 settings e.g. ```AWS_PROFILE``` are NOT defined in your env, otherwise the app will
Expand Down Expand Up @@ -370,7 +372,7 @@ Go to http://localhost:8000/, sign in via Auth0 and marvel at your locally
running control panel.

NOTES: if you use aws-vault to manage your AWS credentials, during the running process of the app,
you may encounter a popup window for asking you to provide key-chain password from time to time,
you may encounter a popup window for asking you to provide key-chain password from time to time,
which is normal.

### Loading tools
Expand All @@ -389,3 +391,35 @@ Check that you have `<TOOL>_AUTH_CLIENT_DOMAIN`, `<TOOL>_AUTH_CLIENT_ID` and `<T

Even though your instance of Control Panel is running locally, it will still interact with the remote AWS data account and development Kubernetes cluster.
The data account is also used by our production environment, so take care when interacting with our AWS resources directly.


## Development Practices

### pre-commit

`pre-commit` is a package manager for git hooks that we use during local development.

Current checks are:-
- requirements.txt library sort and check
- yaml file check
- end-of-file must have white line
- trailing white spaces check
- `black` library (formats Python code)
- `isort` library (standardises the order of Python imports)
- `flake8` library (formats Python code and also improves code style)
- Jira ticket reference (commits must reference the ticket number)

To override the above for whatever reason (maybe you don't have a ticket number and because you are working on hotfix) you can use the following command.

`PRE_COMMIT_ALLOW_NO_CONFIG=1 git push ...`

### Git commit message

Commit messages should follow the appropriate format.
All commits must begin with the Jira ticket they are associated with.

format: `ANPL-[int]`

e.g.

`git commit -m "ANPL-1234 insert message here"`
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ exclude = '''
'''

[tool.isort]
profile = 'black'
import_heading_firstparty = 'First-party/Local'
import_heading_future = 'Future'
import_heading_stdlib = 'Standard library'
import_heading_thirdparty = 'Third-party'
line_length = 88
multi_line_output = 3
no_lines_before = 'LOCALFOLDER'
profile = 'black'
12 changes: 7 additions & 5 deletions requirements.dev.txt
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
black==22.8.0
django-debug-toolbar==3.2.4
django-debug-toolbar-requests==1.0.5
django-elasticsearch-debug-toolbar==2.0.0
pylint==2.12.2
pylint-django==2.4.4
ipython==7.31.1
flake8==5.0.4
ipdb==0.13.9
black==22.8.0
isort==5.10.1
ipython==7.31.1
isort==5.10.1
pre-commit==2.20.0
pylint==2.15.4
pylint-django==2.4.4
3 changes: 3 additions & 0 deletions tests/frontend/views/test_release.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
# Standard library
from unittest import mock

# First-party/Local
from controlpanel.frontend.views import release


Expand Down

0 comments on commit aac4189

Please sign in to comment.