-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #142 from OpenSourcePolitics/develop
release: Fixes Rack::Attack, Budgets vote count, password configuration
- Loading branch information
Showing
14 changed files
with
10,380 additions
and
10,855 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -89,4 +89,5 @@ yarn-debug.log* | |
| .yarn-integrity | ||
| app/compiled_views/ | ||
|
|
||
| .DS_Store | ||
| .DS_Store | ||
| certificate-https-local/ | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| # Builder Stage | ||
| FROM ruby:3.0.6-slim as builder | ||
|
|
||
| ENV RAILS_ENV=production \ | ||
| SECRET_KEY_BASE=dummy | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| RUN apt-get update -q && \ | ||
| apt-get install -yq libpq-dev curl git libicu-dev build-essential && \ | ||
| curl https://deb.nodesource.com/setup_16.x | bash && \ | ||
| apt-get install -y nodejs && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* && \ | ||
| npm install --global yarn && \ | ||
| gem install bundler:2.4.9 | ||
|
|
||
| COPY Gemfile Gemfile.lock ./ | ||
| RUN bundle config set --local without 'test' && \ | ||
| bundle install -j"$(nproc)" | ||
|
|
||
| COPY package.json yarn.lock ./ | ||
| COPY packages packages | ||
| RUN yarn install --frozen-lockfile | ||
|
|
||
| COPY . . | ||
| RUN bundle exec bootsnap precompile --gemfile app/ lib/ config/ bin/ db/ && \ | ||
| bundle exec rails deface:precompile && \ | ||
| bundle exec bin/webpack | ||
|
|
||
| # Runner Stage | ||
| FROM ruby:3.0.6-slim as runner | ||
|
|
||
| ENV RAILS_ENV=production \ | ||
| SECRET_KEY_BASE=dummy \ | ||
| RAILS_LOG_TO_STDOUT=true \ | ||
| LD_PRELOAD="libjemalloc.so.2" \ | ||
| MALLOC_CONF="background_thread:true,metadata_thp:auto,dirty_decay_ms:5000,muzzy_decay_ms:5000,narenas:2" | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| RUN apt-get update -q && \ | ||
| apt-get install -yq postgresql-client imagemagick libproj-dev proj-bin libjemalloc2 && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* && \ | ||
| gem install bundler:2.4.9 | ||
|
|
||
| COPY --from=builder /usr/local/bundle /usr/local/bundle | ||
| COPY --from=builder /app /app | ||
|
|
||
| EXPOSE 3000 | ||
| CMD ["bundle", "exec", "rails", "server", "-b", "ssl://0.0.0.0:3000?key=/app/certificate-https-local/key.pem&cert=/app/certificate-https-local/cert.pem"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,83 +1,44 @@ | ||
| #### Terraform | Scaleway provider | ||
| init-scw: | ||
| terraform -chdir=deploy/providers/scaleway init | ||
|
|
||
| plan-scw: | ||
| @make init-scw | ||
| terraform -chdir=deploy/providers/scaleway plan | ||
|
|
||
| deploy-scw: | ||
| @make init-scw | ||
| terraform -chdir=deploy/providers/scaleway apply | ||
| run: up | ||
| @make create-seeds | ||
|
|
||
| destroy-scw: | ||
| terraform -chdir=deploy/providers/scaleway destroy | ||
| up: generate-certificate | ||
| docker-compose -f docker-compose.local.yml up --build -d | ||
| @make setup-database | ||
|
|
||
| ### Docker usage | ||
| certificate: | ||
| mkdir -p -- ./certificate-https-local | ||
|
|
||
| # Docker images commands | ||
| generate-certificate: certificate | ||
| @if [ ! -f "./certificate-https-local/cert.pem" ]; then \ | ||
| openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=FR/ST=France/L=Paris/O=OpenSourcePolitics/CN=opensourcepolitics.eu" -keyout ./certificate-https-local/key.pem -out ./certificate-https-local/cert.pem; \ | ||
| fi | ||
|
|
||
| REGISTRY := rg.fr-par.scw.cloud | ||
| NAMESPACE := decidim-app | ||
| VERSION := latest | ||
| IMAGE_NAME := decidim-app | ||
| TAG := $(REGISTRY)/$(NAMESPACE)/$(IMAGE_NAME):$(VERSION) | ||
| # Stops containers and remove volumes | ||
| teardown: | ||
| docker-compose -f docker-compose.local.yml down -v --rmi all | ||
|
|
||
| login: | ||
| docker login $(REGISTRY) -u nologin -p $(SCW_SECRET_TOKEN) | ||
| create-database: | ||
| docker-compose -f docker-compose.local.yml exec app /bin/bash -c 'DISABLE_DATABASE_ENVIRONMENT_CHECK=1 /usr/local/bundle/bin/bundle exec rake db:create' | ||
|
|
||
| build-classic: | ||
| docker build -t $(IMAGE_NAME):$(VERSION) . | ||
| build-scw: | ||
| docker build -t $(TAG) . | ||
| push: | ||
| @make build-scw | ||
| @make login | ||
| docker push $(TAG) | ||
| pull: | ||
| @make build-scw | ||
| docker pull $(TAG) | ||
| setup-database: create-database | ||
| docker-compose -f docker-compose.local.yml exec app /bin/bash -c 'DISABLE_DATABASE_ENVIRONMENT_CHECK=1 /usr/local/bundle/bin/bundle exec rake db:migrate' | ||
|
|
||
| # Bundle commands | ||
| create-database: | ||
| docker-compose run app bundle exec rails db:create | ||
| run-migrations: | ||
| docker-compose run app bundle exec rails db:migrate | ||
| # Create seeds | ||
| create-seeds: | ||
| docker-compose run app bundle exec rails db:seed | ||
| docker-compose -f docker-compose.local.yml exec app /bin/bash -c 'DISABLE_DATABASE_ENVIRONMENT_CHECK=1 /usr/local/bundle/bin/bundle exec rake db:schema:load db:seed' | ||
|
|
||
| # Database commands | ||
| # Restore dump | ||
| restore-dump: | ||
| bundle exec rake restore_dump | ||
| bundle exec rake restore_dump | ||
|
|
||
| # Start commands seperated by context | ||
| start: | ||
| docker-compose up | ||
| shell: | ||
| docker-compose -f docker-compose.local.yml exec app /bin/bash | ||
|
|
||
| start-dumped-decidim: | ||
| @make create-database | ||
| @make -i restore-dump | ||
| @make run-migrations | ||
| @make start | ||
| start-seeded-decidim: | ||
| @make create-database | ||
| @make run-migrations | ||
| @make create-seeds | ||
| @make start | ||
| start-clean-decidim: | ||
| @make create-database | ||
| @make run-migrations | ||
| @make start | ||
| restart: | ||
| docker-compose -f docker-compose.local.yml up -d | ||
|
|
||
| # Utils commands | ||
| rails-console: | ||
| docker exec -it decidim-app_app_1 rails c | ||
| connect-app: | ||
| docker exec -it decidim-app_app_1 bash | ||
| status: | ||
| docker-compose -f docker-compose.local.yml ps | ||
|
|
||
| # Stop and delete commands | ||
| stop: | ||
| docker-compose down | ||
| delete: | ||
| @make stop | ||
| docker volume prune | ||
| logs: | ||
| docker-compose -f docker-compose.local.yml logs app |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| var $orderTotalBudgets = $('.order-total-budget'); | ||
| var $orderSelectedProjects = $('#order-selected-projects'); | ||
| var $orderProgress = $('#order-progress'); | ||
| var $projectItem = $('#project-<%= project.id %>-item'); | ||
| var $budgetConfirm = $('#budget-confirm'); | ||
| var $projectModal = $('#project-modal-<%= project.id %>'); | ||
|
|
||
| for (let $orderTotalBudget of $orderTotalBudgets) { | ||
| morphdom($orderTotalBudget, '<%= j(render partial: "decidim/budgets/projects/order_total_budget").strip.html_safe %>'); | ||
| } | ||
| morphdom($orderSelectedProjects[0], '<%= j(render partial: "decidim/budgets/projects/order_selected_projects").strip.html_safe %>'); | ||
| morphdom($orderProgress[0], '<%= j(render partial: "decidim/budgets/projects/order_progress").strip.html_safe %>'); | ||
| morphdom($budgetConfirm[0], '<%= j(render partial: "decidim/budgets/projects/budget_confirm").strip.html_safe %>') | ||
|
|
||
| $("#order-progress").foundation(); | ||
| $(".budget-summary__selected").foundation(); | ||
| if ($projectItem.length > 0) { | ||
| morphdom($projectItem[0], '<%= j(render partial: "decidim/budgets/projects/project", locals: { project: project }).strip.html_safe %>'); | ||
| } | ||
|
|
||
| if ($projectModal.length > 0) { | ||
| var $projectModalButtonForm = $(".project-vote-button", $projectModal).parent(); | ||
| morphdom($projectModalButtonForm[0], '<%= j(cell("decidim/budgets/project_vote_button", project, scale_up: true)).strip.html_safe %>'); | ||
| } | ||
|
|
||
| if ($projectModal.length > 0 && $projectModal.attr("aria-hidden") === "false") { | ||
| $(".project-vote-button", $projectModal).focus(); | ||
| } else { | ||
| $(".project-vote-button", $projectItem).focus(); | ||
| } | ||
|
|
||
| <% if @show_help_modal %> | ||
| $("#voting-help").foundation("open"); | ||
| <% end %> | ||
|
|
||
| window.DecidimBudgets.checkProgressPosition(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletions
7
app/views/decidim/budgets/projects/_order_total_budget.html.erb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| <strong id="order-total-budget" class="order-total-budget mini-title__strong"> | ||
| <% if current_order.projects_rule? %> | ||
| <%= current_order.projects.count %> / <%= current_order.maximum_projects %> | ||
| <% else %> | ||
| <%= budget_to_currency current_order&.total_budget.to_f %> | ||
| <% end %> | ||
| </strong> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| version: '3' | ||
| services: | ||
| database: | ||
| image: postgres | ||
| volumes: | ||
| - pg-data:/var/lib/postgresql/data | ||
| environment: | ||
| - POSTGRES_HOST_AUTH_METHOD=trust | ||
| memcached: | ||
| image: memcached | ||
| ports: | ||
| - "11211:11211" | ||
| redis: | ||
| image: redis | ||
| ports: | ||
| - "6379:6379" | ||
| volumes: | ||
| - redis-data:/var/lib/redis/data | ||
| sidekiq: | ||
| build: | ||
| context: . | ||
| dockerfile: Dockerfile.local | ||
| command: [ "bundle", "exec", "sidekiq", "-C", "config/sidekiq.yml" ] | ||
| environment: | ||
| - DATABASE_HOST=database | ||
| - DATABASE_USERNAME=postgres | ||
| - DECIDIM_HOST=localhost | ||
| - REDIS_URL=redis://redis:6379 | ||
| - MEMCACHE_SERVERS=memcached:11211 | ||
| - RAILS_SERVE_STATIC_FILES=true | ||
| - RAILS_LOG_TO_STDOUT=true | ||
| - ASSET_HOST=localhost:3000 | ||
| - FORCE_SSL=1 | ||
| - ENABLE_LETTER_OPENER=1 | ||
| - SEED=true | ||
| - DEFACE_ENABLED=false | ||
| - QUESTION_CAPTCHA_HOST= | ||
| - DECIDIM_SESSION_TIMEOUT=30 | ||
| depends_on: | ||
| - app | ||
| volumes: | ||
| - .:/app | ||
| links: | ||
| - database | ||
| - redis | ||
| app: | ||
| build: | ||
| context: . | ||
| dockerfile: Dockerfile.local | ||
| environment: | ||
| - DATABASE_HOST=database | ||
| - DATABASE_USERNAME=postgres | ||
| - DECIDIM_HOST=localhost | ||
| - REDIS_URL=redis://redis:6379 | ||
| - MEMCACHE_SERVERS=memcached:11211 | ||
| - RAILS_SERVE_STATIC_FILES=true | ||
| - RAILS_LOG_TO_STDOUT=true | ||
| - ASSET_HOST=localhost:3000 | ||
| - FORCE_SSL=1 | ||
| - ENABLE_LETTER_OPENER=1 | ||
| - SEED=true | ||
| - DEFACE_ENABLED=false | ||
| - QUESTION_CAPTCHA_HOST= | ||
| - DECIDIM_SESSION_TIMEOUT=30 | ||
| volumes: | ||
| - .:/app | ||
| ports: | ||
| - 3000:3000 | ||
| depends_on: | ||
| - database | ||
| - redis | ||
| - memcached | ||
|
|
||
| volumes: | ||
| app-data: { } | ||
| pg-data: { } | ||
| redis-data: { } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.