Skip to content

Commit 94080e9

Browse files
Merge branch 'main' into FORMS-2190-admin-responsiveness
2 parents c0ba3e3 + 760687e commit 94080e9

251 files changed

Lines changed: 14415 additions & 11869 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.devcontainer/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
ARG VARIANT="20.18.2-bookworm"
1+
ARG VARIANT="20.18.3-bookworm"
22
FROM node:${VARIANT}
33

44
# Install some extras such as vim for interactive rebases. Also some

.devcontainer/README.md

Lines changed: 3 additions & 113 deletions
Original file line numberDiff line numberDiff line change
@@ -1,116 +1,6 @@
11
# CHEFS Development with Dev Container
22

3-
The following guide will get you up and running and developing/debugging CHEFS as quickly as possible.
4-
We provide a [`devcontainer`](https://containers.dev) and will use [`VS Code`](https://code.visualstudio.com) to illustrate.
3+
Please refer to the online [CHEFS Techdocs](https://developer.gov.bc.ca/docs/default/component/chefs-techdocs/):
54

6-
By no means is CHEFS development limited to these tools; they are merely examples.
7-
8-
## Caveats
9-
10-
The primary use case for this `devcontainer` is for developing, debugging and unit testing CHEFS source code.
11-
12-
There are limitations running this devcontainer, such as all networking is within this container. This container has [docker-in-docker](https://github.com/microsoft/vscode-dev-containers/blob/main/script-library/docs/docker-in-docker.md) which allows running demos, building docker images, running `docker compose` all within this container.
13-
14-
## Files
15-
16-
The `.devcontainer` folder contains the `devcontainer.json` file which defines this container. We are using a `Dockerfile` and `post-install.sh` to build and configure the container run image. The `Dockerfile` is simple but in place for simplifying image enhancements. The `post-install.sh` will install the required node libraries for CHEFS including the frontend and formio components.
17-
18-
In order to run CHEFS you require Postgresql (seeded) and the CHEFS backend/API and frontend/UX - optionally you will use a [NATS](https://nats.io/) server for event streaming. Previously, this was a series of downloads and configuration updates and numerous commands to run. See `.devcontainer/chefs_local` files.
19-
20-
**NODE_CONFIG_DIR** to simplify loading a default configuration to the CHEFS infrastructure (Postgresql, etc), we set an environment variable [`NODE_CONFIG_DIR`](https://github.com/node-config/node-config/wiki/Environment-Variables#node_config_dir). This supercedes the files found under `app/config`. Running node apps and commands (ex. knex, launch configurations) will use this environment variable and load configuration from `.devcontainer/chefs_local`.
21-
22-
Also included are convenient launch tasks to run and debug CHEFS.
23-
24-
## Open CHEFS in the devcontainer
25-
26-
To open CHEFS in a devcontainer, we open the _root_ of this repository. We can open in 2 ways:
27-
28-
1. Open Visual Studio Code, and use the Command Palette and use `Dev Containers: Open Folder in Container...`
29-
2. Open Visual Studio Code and `File|Open Folder...`, you should be prompted to `Reopen in Container`.
30-
31-
## Running CHEFS locally
32-
33-
Postgresql will be launched using docker compose. These will run inside of the devcontainer (docker-in-docker) but the ports are forwarded to the host machine and are accessible on the local host.
34-
35-
CHEFS API and Frontend are running as node applications on the devcontainer - again, ports are forwarded to the host.
36-
37-
### Configuring CHEFS locally
38-
39-
When the devcontainer is built, it copies `.devcontainer/chefs_local/local.sample.json` to `.devcontainer/chefs_local/local.json`. This copy is not checked in and allows the developer to make changes and tweaks without impacting other developers or accidentially committing passwords.
40-
41-
### Authorization Prerequisites
42-
43-
1. An IDIR account is required to access CHEFS.
44-
45-
### Run/Debug
46-
47-
1. start Postgresql and NATS. Many ways to start...
48-
- right click on `.devcontainer/chefs_local/docker-compose.yml` and select `Compose up`
49-
- or use command palette `Docker: Compose Up` then select `.devcontainer/chefs_local/docker-compose.yml`
50-
- or `Terminal | Run Task...|chefs_local up`
51-
2. start CHEFS
52-
- Run and Debug, select 'CHEFS' which will start both the API and the frontend.
53-
3. debug Frontend with Chrome
54-
- Run and Debug, select 'CHEFS Frontend - chrome' which will start a Chrome browser against the frontend, will allow breakpoints in `/app/frontend/src`
55-
4. stop Postgresql and NATS. Many ways to stop...
56-
- right click on `.devcontainer/chefs_local/docker-compose.yml` and select `Compose down`
57-
- or use command palette `Docker: Compose Down` then select `.devcontainer/chefs_local/docker-compose.yml`
58-
- or `Terminal | Run Task...|chefs_local down`
59-
60-
_Notes_
61-
62-
- `CHEFS Frontend` launch configuration is using the `chefs-frontend-localhost-5300` client in Keycloak, not `chefs-frontend-xxxx` client as we do in production.
63-
- `CHEFS API` will use the configuration found at `.devcontainer/chefs_local/local.json`
64-
- `Postgres DB`: localhost:5432
65-
- `CHEFS Frontend`: http://localhost:5173/app
66-
- `CHEFS API`: http://localhost:5173/app/api/v1
67-
68-
## Formio Components
69-
70-
If you are developing the formio components, you should build and redeploy them before running your local debug instances of CHEFS. Use tasks `Components build` and `Components Deploy`.
71-
72-
## KNEX - Database tools
73-
74-
[knex](https://knexjs.org) is installed globally and should be run from the `/app` directory where the knex configuration is located. Use knex to stub out migrations or to rollback migrations as you are developing.
75-
76-
### create a migration file
77-
78-
This will create a stub file with a timestamp. You will populate the up and down methods to add/update/delete database objects.
79-
80-
```
81-
cd app
82-
knex migrate:make my_new_migration_script
83-
> Created Migration: /workspaces/common-hosted-form-service/app/src/db/migrations/20240119172630_my_new_migration_script.js
84-
```
85-
86-
### rollback previous migration
87-
88-
When developing your migrations, you may find it useful to run the migration and roll it back if it isn't exactly what you expect to happen.
89-
90-
#### run the migration(s)
91-
92-
```
93-
cd app
94-
knex migrate:latest
95-
> Batch 2 run: 1 migrations
96-
```
97-
98-
#### rollback the migration(s)
99-
100-
```
101-
cd app
102-
knex migrate:rollback
103-
> Batch 2 rolled back: 1 migrations
104-
```
105-
106-
Please review the [knex](https://knexjs.org) for more detail and how to leverage the tool.
107-
108-
## Troubleshooting
109-
110-
All development machines are unique and here we will document problems that have been encountered and how to fix them.
111-
112-
### Failure during load of devcontainer when running webpack (Segmentation Fault)
113-
114-
Encountered on Mac Ventura 13.6, with Mac Docker Desktop 4.26.1 when running `npm run build:formio` on load, we hit a `Segmentation Fault`. The issue was resolved when turning off the virtualization settings in Docker Desktop.
115-
116-
Under Settings, select `gRPC Fuse` instead of `VirtioFS` then unselect `Use Virtualization framework`. Restart Docker and VS Code.
5+
- [CHEFS Development with Dev Container](https://developer.gov.bc.ca/docs/default/component/chefs-techdocs/Developer/Contributors/CHEFS-Development-with-Dev-Container/)
6+
- [Local Setup](https://developer.gov.bc.ca/docs/default/component/chefs-techdocs/Developer/Contributors/Local-Setup/)
Lines changed: 225 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,225 @@
1+
##
2+
## Example config file for freshclam
3+
## Please read the freshclam.conf(5) manual before editing this file.
4+
##
5+
6+
7+
# Comment or remove the line below.
8+
9+
# Path to the database directory.
10+
# WARNING: It must match clamd.conf's directive!
11+
# Default: hardcoded (depends on installation options)
12+
DatabaseDirectory /opt/app-root/src
13+
14+
# Path to the log file (make sure it has proper permissions)
15+
# Default: disabled
16+
#UpdateLogFile /dev/stdout
17+
18+
# Maximum size of the log file.
19+
# Value of 0 disables the limit.
20+
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
21+
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
22+
# in bytes just don't use modifiers. If LogFileMaxSize is enabled,
23+
# log rotation (the LogRotate option) will always be enabled.
24+
# Default: 1M
25+
#LogFileMaxSize 2M
26+
27+
# Log time with each message.
28+
# Default: no
29+
LogTime yes
30+
31+
# Enable verbose logging.
32+
# Default: no
33+
LogVerbose yes
34+
35+
# Use system logger (can work together with UpdateLogFile).
36+
# Default: no
37+
LogSyslog no
38+
39+
# Specify the type of syslog messages - please refer to 'man syslog'
40+
# for facility names.
41+
# Default: LOG_LOCAL6
42+
#LogFacility LOG_MAIL
43+
44+
# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
45+
# Default: no
46+
#LogRotate yes
47+
48+
# This option allows you to save the process identifier of the daemon
49+
# Default: disabled
50+
#PidFile /var/run/freshclam.pid
51+
52+
# By default when started freshclam drops privileges and switches to the
53+
# "clamav" user. This directive allows you to change the database owner.
54+
# Default: clamav (may depend on installation options)
55+
DatabaseOwner clamupdate
56+
57+
# Initialize supplementary group access (freshclam must be started by root).
58+
# Default: no
59+
#AllowSupplementaryGroups yes
60+
61+
# Use DNS to verify virus database version. Freshclam uses DNS TXT records
62+
# to verify database and software versions. With this directive you can change
63+
# the database verification domain.
64+
# WARNING: Do not touch it unless you're configuring freshclam to use your
65+
# own database verification domain.
66+
# Default: current.cvd.clamav.net
67+
#DNSDatabaseInfo current.cvd.clamav.net
68+
69+
# Use the ClamAV Mirror provided in OCP4 Silver cluster
70+
# DatabaseMirror https://clamav-mirror.apps.silver.devops.gov.bc.ca
71+
DatabaseMirror database.clamav.net
72+
73+
# How many attempts to make before giving up.
74+
# Default: 3 (per mirror)
75+
#MaxAttempts 5
76+
77+
# With this option you can control scripted updates. It's highly recommended
78+
# to keep it enabled.
79+
# Default: yes
80+
#ScriptedUpdates yes
81+
82+
# By default freshclam will keep the local databases (.cld) uncompressed to
83+
# make their handling faster. With this option you can enable the compression;
84+
# the change will take effect with the next database update.
85+
# Default: no
86+
#CompressLocalDatabase no
87+
88+
# With this option you can provide custom sources (http:// or file://) for
89+
# database files. This option can be used multiple times.
90+
# Default: no custom URLs
91+
#DatabaseCustomURL http://myserver.com/mysigs.ndb
92+
#DatabaseCustomURL file:///mnt/nfs/local.hdb
93+
94+
# This option allows you to easily point freshclam to private mirrors.
95+
# If PrivateMirror is set, freshclam does not attempt to use DNS
96+
# to determine whether its databases are out-of-date, instead it will
97+
# use the If-Modified-Since request or directly check the headers of the
98+
# remote database files. For each database, freshclam first attempts
99+
# to download the CLD file. If that fails, it tries to download the
100+
# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
101+
# and ScriptedUpdates. It can be used multiple times to provide
102+
# fall-back mirrors.
103+
# Default: disabled
104+
#PrivateMirror mirror1.mynetwork.com
105+
#PrivateMirror mirror2.mynetwork.com
106+
107+
# Number of database checks per day.
108+
# Default: 12 (every two hours)
109+
#Checks 24
110+
111+
# Proxy settings
112+
# Default: disabled
113+
#HTTPProxyServer myproxy.com
114+
#HTTPProxyPort 1234
115+
#HTTPProxyUsername myusername
116+
#HTTPProxyPassword mypass
117+
118+
# If your servers are behind a firewall/proxy which applies User-Agent
119+
# filtering you can use this option to force the use of a different
120+
# User-Agent header.
121+
# Default: clamav/version_number
122+
#HTTPUserAgent SomeUserAgentIdString
123+
124+
# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
125+
# multi-homed systems.
126+
# Default: Use OS'es default outgoing IP address.
127+
#LocalIPAddress aaa.bbb.ccc.ddd
128+
129+
# Send the RELOAD command to clamd.
130+
# Default: no
131+
#NotifyClamd /path/to/clamd.conf
132+
133+
# Run command after successful database update.
134+
# Default: disabled
135+
#OnUpdateExecute command
136+
137+
# Run command when database update process fails.
138+
# Default: disabled
139+
#OnErrorExecute command
140+
141+
# Run command when freshclam reports outdated version.
142+
# In the command string %v will be replaced by the new version number.
143+
# Default: disabled
144+
#OnOutdatedExecute command
145+
146+
# Don't fork into background.
147+
# Default: no
148+
Foreground yes
149+
150+
# Enable debug messages in libclamav.
151+
# Default: no
152+
#Debug yes
153+
154+
# Timeout in seconds when connecting to database server.
155+
# Default: 30
156+
#ConnectTimeout 60
157+
158+
# Timeout in seconds when reading from database server.
159+
# Default: 30
160+
#ReceiveTimeout 60
161+
162+
# With this option enabled, freshclam will attempt to load new
163+
# databases into memory to make sure they are properly handled
164+
# by libclamav before replacing the old ones.
165+
# Default: yes
166+
#TestDatabases yes
167+
168+
# When enabled freshclam will submit statistics to the ClamAV Project about
169+
# the latest virus detections in your environment. The ClamAV maintainers
170+
# will then use this data to determine what types of malware are the most
171+
# detected in the field and in what geographic area they are.
172+
# Freshclam will connect to clamd in order to get recent statistics.
173+
# Default: no
174+
#SubmitDetectionStats /path/to/clamd.conf
175+
176+
# Country of origin of malware/detection statistics (for statistical
177+
# purposes only). The statistics collector at ClamAV.net will look up
178+
# your IP address to determine the geographical origin of the malware
179+
# reported by your installation. If this installation is mainly used to
180+
# scan data which comes from a different location, please enable this
181+
# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
182+
# of the country of origin.
183+
# Default: disabled
184+
#DetectionStatsCountry country-code
185+
186+
# This option enables support for our "Personal Statistics" service.
187+
# When this option is enabled, the information on malware detected by
188+
# your clamd installation is made available to you through our website.
189+
# To get your HostID, log on http://www.stats.clamav.net and add a new
190+
# host to your host list. Once you have the HostID, uncomment this option
191+
# and paste the HostID here. As soon as your freshclam starts submitting
192+
# information to our stats collecting service, you will be able to view
193+
# the statistics of this clamd installation by logging into
194+
# http://www.stats.clamav.net with the same credentials you used to
195+
# generate the HostID. For more information refer to:
196+
# http://www.clamav.net/documentation.html#cctts
197+
# This feature requires SubmitDetectionStats to be enabled.
198+
# Default: disabled
199+
#DetectionStatsHostID unique-id
200+
201+
# This option enables support for Google Safe Browsing. When activated for
202+
# the first time, freshclam will download a new database file (safebrowsing.cvd)
203+
# which will be automatically loaded by clamd and clamscan during the next
204+
# reload, provided that the heuristic phishing detection is turned on. This
205+
# database includes information about websites that may be phishing sites or
206+
# possible sources of malware. When using this option, it's mandatory to run
207+
# freshclam at least every 30 minutes.
208+
# Freshclam uses the ClamAV's mirror infrastructure to distribute the
209+
# database and its updates but all the contents are provided under Google's
210+
# terms of use. See http://www.google.com/transparencyreport/safebrowsing
211+
# and http://www.clamav.net/documentation.html#safebrowsing
212+
# for more information.
213+
# Default: disabled
214+
#SafeBrowsing yes
215+
216+
# This option enables downloading of bytecode.cvd, which includes additional
217+
# detection mechanisms and improvements to the ClamAV engine.
218+
# Default: enabled
219+
#Bytecode yes
220+
221+
# Download an additional 3rd party signature database distributed through
222+
# the ClamAV mirrors.
223+
# This option can be used multiple times.
224+
#ExtraDatabase dbname1
225+
#ExtraDatabase dbname2

.devcontainer/chefs_local/config/jetstream.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,6 @@ authorization: {
116116
users = [
117117
{user: admin, password: password, permissions: $ADMIN}
118118
{user: chefs, password: password, permissions: $CHEFS}
119-
{user: chefsConsumer, password: password, permissions: $CHEFS_CONSUMER}
119+
{nkey: UAG36HKWH3PZMLYAK5CAAVVXTXXBNA3YKUYMOF2J66UKHBVMTYMTM2ID, permissions: $CHEFS_CONSUMER}
120120
]
121121
}

.devcontainer/chefs_local/docker-compose.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,3 +77,20 @@ services:
7777
command: sh
7878
networks:
7979
- nats
80+
81+
clamav:
82+
image: ghcr.io/bcgov/chefs-clamav:latest
83+
container_name: chefs-clamav
84+
restart: always
85+
ports:
86+
- "3310:3310"
87+
environment:
88+
CLAMAV_NO_CLAMD: "yes"
89+
CLAMAV_NO_MILTERD: "true"
90+
healthcheck:
91+
test: ["CMD", "/opt/app-root/clamdcheck.sh"]
92+
interval: 30s
93+
timeout: 10s
94+
retries: 5
95+
volumes:
96+
- ./config/freshclam.conf:/usr/local/etc/freshclam.conf

0 commit comments

Comments
 (0)