Merge branch 'main' of github.com:ministryofjustice/operations-engine…

…ering-example

Dockerfile

@@ -17,28 +17,20 @@ RUN \
 # Copy dirs/files from the repo to the container working directory
 COPY requirements.txt requirements.txt
 COPY ops_eng_app ops_eng_app
-# COPY operations_engineering_example.py operations_engineering_example.py
 
 RUN pip3 install --upgrade pip && \
     pip3 install --no-cache-dir --upgrade -r requirements.txt
 
-# ENV PYTHONDONTWRITEBYTECODE 1
-# send logs direct to terminal
+# Send logs direct to terminal
 ENV PYTHONUNBUFFERED 1
 
 # Non-root user
 USER 1051
 
 # Port of choice
 EXPOSE 1551
-# ENV FLASK_APP=app/hello.py
-# CMD ["flask", "--app", "app/hello", "run", "--host", "0.0.0.0"]
-# CMD ["gunicorn", "--bind", "0.0.0.0:1551", "app:create_app()"]
-
-# CMD ["gunicorn", "--bind", "0.0.0.0:1551", "--timeout", "120", "ops_eng_app:app"]
 
 # Use in production, bind to another port so not to run as root
-# hello:app = from hello import app (wsgi callable)
 ENTRYPOINT gunicorn ops_eng_app:app \
   --bind 0.0.0.0:1551 \
   --timeout 120

README.md

@@ -2,30 +2,79 @@
 
 [![repo standards badge](https://img.shields.io/endpoint?labelColor=231f20&color=005ea5&style=for-the-badge&label=MoJ%20Compliant&url=https%3A%2F%2Foperations-engineering-reports.cloud-platform.service.justice.gov.uk%2Fapi%2Fv1%2Fcompliant_public_repositories%2Fendpoint%2Foperations-engineering-example&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAYAAACM/rhtAAAABmJLR0QA/wD/AP+gvaeTAAAHJElEQVRYhe2YeYyW1RWHnzuMCzCIglBQlhSV2gICKlHiUhVBEAsxGqmVxCUUIV1i61YxadEoal1SWttUaKJNWrQUsRRc6tLGNlCXWGyoUkCJ4uCCSCOiwlTm6R/nfPjyMeDY8lfjSSZz3/fee87vnnPu75z3g8/kM2mfqMPVH6mf35t6G/ZgcJ/836Gdug4FjgO67UFn70+FDmjcw9xZaiegWX29lLLmE3QV4Glg8x7WbFfHlFIebS/ANj2oDgX+CXwA9AMubmPNvuqX1SnqKGAT0BFoVE9UL1RH7nSCUjYAL6rntBdg2Q3AgcAo4HDgXeBAoC+wrZQyWS3AWcDSUsomtSswEtgXaAGWlVI2q32BI0spj9XpPww4EVic88vaC7iq5Hz1BvVf6v3qe+rb6ji1p3pWrmtQG9VD1Jn5br+Knmm70T9MfUh9JaPQZu7uLsR9gEsJb3QF9gOagO7AuUTom1LpCcAkoCcwQj0VmJregzaipA4GphNe7w/MBearB7QLYCmlGdiWSm4CfplTHwBDgPHAFmB+Ah8N9AE6EGkxHLhaHU2kRhXc+cByYCqROs05NQq4oR7Lnm5xE9AL+GYC2gZ0Jmjk8VLKO+pE4HvAyYRnOwOH5N7NhMd/WKf3beApYBWwAdgHuCLn+tatbRtgJv1awhtd838LEeq30/A7wN+AwcBt+bwpD9AdOAkYVkpZXtVdSnlc7QI8BlwOXFmZ3oXkdxfidwmPrQXeA+4GuuT08QSdALxC3OYNhBe/TtzON4EziZBXD36o+q082BxgQuqvyYL6wtBY2TyEyJ2DgAXAzcC1+Xxw3RlGqiuJ6vE6QS9VGZ/7H02DDwAvELTyMDAxbfQBvggMAAYR9LR9J2cluH7AmnzuBowFFhLJ/wi7yiJgGXBLPq8A7idy9kPgvAQPcC9wERHSVcDtCfYj4E7gr8BRqWMjcXmeB+4tpbyG2kG9Sl2tPqF2Uick8B+7szyfvDhR3Z7vvq/2yqpynnqNeoY6v7LvevUU9QN1fZ3OTeppWZmeyzRoVu+rhbaHOledmoQ7LRd3SzBVeUo9Wf1DPs9X90/jX8m/e9Rn1Mnqi7nuXXW5+rK6oU7n64mjszovxyvVh9WeDcTVnl5KmQNcCMwvpbQA1xE8VZXhwDXAz4FWIkfnAlcBAwl6+SjD2wTcmPtagZnAEuA3dTp7qyNKKe8DW9UeBCeuBsbsWKVOUPvn+MRKCLeq16lXqLPVFvXb6r25dlaGdUx6cITaJ8fnpo5WI4Wuzcjcqn5Y8eI/1F+n3XvUA1N3v4ZamIEtpZRX1Y6Z/DUK2g84GrgHuDqTehpBCYend94jbnJ34DDgNGArQT9bict3Y3p1ZCnlSoLQb0sbgwjCXpY2blc7llLW1UAMI3o5CD4bmuOlwHaC6xakgZ4Z+ibgSxnOgcAI4uavI27jEII7909dL5VSrimlPKgeQ6TJCZVQjwaOLaW8BfyWbPEa1SaiTH1VfSENd85NDxHt1plA71LKRvX4BDaAKFlTgLeALtliDUqPrSV6SQCBlypgFlbmIIrCDcAl6nPAawmYhlLKFuB6IrkXAadUNj6TXlhDcCNEB/Jn4FcE0f4UWEl0NyWNvZxGTs89z6ZnatIIrCdqcCtRJmcCPwCeSN3N1Iu6T4VaFhm9n+riypouBnepLsk9p6p35fzwvDSX5eVQvaDOzjnqzTl+1KC53+XzLINHd65O6lD1DnWbepPBhQ3q2jQyW+2oDkkAtdt5udpb7W+Q/OFGA7ol1zxu1tc8zNHqXercfDfQIOZm9fR815Cpt5PnVqsr1F51wI9QnzU63xZ1o/rdPPmt6enV6sXqHPVqdXOCe1rtrg5W7zNI+m712Ir+cer4POiqfHeJSVe1Raemwnm7xD3mD1E/Z3wIjcsTdlZnqO8bFeNB9c30zgVG2euYa69QJ+9G90lG+99bfdIoo5PU4w362xHePxl1slMab6tV72KUxDvzlAMT8G0ZohXq39VX1bNzzxij9K1Qb9lhdGe931B/kR6/zCwY9YvuytCsMlj+gbr5SemhqkyuzE8xau4MP865JvWNuj0b1YuqDkgvH2GkURfakly01Cg7Cw0+qyXxkjojq9Lw+vT2AUY+DlF/otYq1Ixc35re2V7R8aTRg2KUv7+ou3x/14PsUBn3NG51S0XpG0Z9PcOPKWSS0SKNUo9Rv2Mmt/G5WpPF6pHGra7Jv410OVsdaz217AbkAPX3ubkm240belCuudT4Rp5p/DyC2lf9mfq1iq5eFe8/lu+K0YrVp0uret4nAkwlB6vzjI/1PxrlrTp/oNHbzTJI92T1qAT+BfW49MhMg6JUp7ehY5a6Tl2jjmVvitF9fxo5Yq8CaAfAkzLMnySt6uz/1k6bPx59CpCNxGfoSKA30IPoH7cQXdArwCOllFX/i53P5P9a/gNkKpsCMFRuFAAAAABJRU5ErkJggg==)](https://operations-engineering-reports.cloud-platform.service.justice.gov.uk/public-report/operations-engineering-example)
 
-This repository contains a minimal example application to showcase deployment.
+This repository contains an example application demonstrating Operations Engineering application standards to follow when deploying to the Cloud Platform and using the following tools; flask, docker, helm. Intended to be used as an evolving template.
 
-### Read about the GitHub repository standards
+## Table of Contents
 
-Familiarise yourself with the Ministry of Justice GitHub Repository Standards. These standards ensure consistency, maintainability, and best practices across all our repositories.
+1. [Prerequisites](#prerequisites)
+1. [How to use](#how-to-use)
+1. [Deployment](#deployment)
+1. [Contributing](#contributing)
+1. [Contact](#contact)
+1. [License](#license)
 
-You can find the standards [here](https://operations-engineering.service.justice.gov.uk/documentation/services/repository-standards.html).
+## Prerequisites
 
-Please read and understand these standards thoroughly and enable them when you feel comfortable.
+To develop, deploy or run this app you will need to install:
 
-### Modify the GitHub Standards Badge
+- [Python 3.12](https://www.python.org/downloads/release/python-3120/)
+- [Docker](https://www.docker.com/) and [Docker Compose](https://docs.docker.com/compose/) *(Optional, for running a local AWS DynamoDB instance or development/production servers with Docker Compose)*
+- [Helm](https://helm.sh/) and [Kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) *(Optional, for deploying to Cloud Platform)*
 
-Once you've ensured that all the [GitHub Repository Standards](https://operations-engineering.service.justice.gov.uk/documentation/services/repository-standards.html) have been applied to your repository, it's time to update the Ministry of Justice (MoJ) Compliance Badge located in the README file.
 
-The badge demonstrates that your repository is compliant with MoJ's standards. Please follow these [instructions](https://operations-engineering.service.justice.gov.uk/documentation/runbooks/services/add-repo-badge.html) to modify the badge URL to reflect the status of your repository correctly.
+## How to use
 
-**Please note** the badge will not function correctly if your repository is internal or private. In this case, you may remove the badge from your README.
+- decide on the name for your app
+- create corresponding dev/prod namespaces on Cloud Platform
+- create a repo to house your app's source code; copy the contents of this repo into there
+- change refs to namespaces...
 
-### Manage Outside Collaborators
 
-To add an Outside Collaborator to the repository, follow the guidelines detailed [here](https://github.com/ministryofjustice/github-collaborators).
+## Deployment
 
-### Configure Dependabot
+### Development environment
 
-Adapt the dependabot.yml file to match your project's [dependency manager](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) and to enable [automated pull requests for package updates](https://docs.github.com/en/code-security/supply-chain-security).
+The development namespace for this project is called `operations-engineering-example-dev`.
+
+A merge to the `main` branch triggers the `deploy-to-dev` workflow. This runs a `helm upgrade` command to update the deployment.
+
+To deploy manually, follow the steps in the [deploy-to-dev](https://github.com/ministryofjustice/operations-engineering-example/blob/main/.github/workflows/deploy-to-dev.yml) GitHub workflow.
+
+The development app is available at: https://operations-engineering-example-dev.cloud-platform.service.justice.gov.uk/
+
+Access information on the deployment in Cloud Platform using `kubectl` or `helm`, for example;
+
+```bash
+kubectl -n operations-engineering-example-dev get pods
+helm -n operations-engineering-example-dev list
+helm -n operations-engineering-example-dev history operations-engineering-example-dev
+```
+
+### Production environment
+
+The production namespace on [Cloud Platform](https://user-guide.cloud-platform.service.justice.gov.uk/documentation/concepts/what-is-the-cloud-platform.html) for this project is called `operations-engineering-example-prod`.
+
+To deploy the app to the production namespace do the following:
+
+- on the `main` branch.
+- create a new tag using `git tag vx.y.z` where `x.y.z` is the version number. Please follow [semantic versioning](https://semver.org/).
+- push the tag to the remote repository using `git push origin --tags`
+
+This triggers the `deploy-to-prod` GitHub workflow to create a release and deploy the app to the production namespace.
+
+The production app is available at: https://operations-engineering-example-prod.cloud-platform.service.justice.gov.uk/
+
+## Contributing
+
+Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
+
+Please update tests as appropriate.
+
+## Contact
+
+If you have any questions or need further clarification, feel free to ask in the [#ask-operations-engineering](https://moj.enterprise.slack.com/archives/C01BUKJSZD4) channel on Slack or email us at operations-engineering@digital.justice.gov.uk.
+
+## License
+
+This project is licensed under the MIT License - see the LICENSE file for details.
 
-If your repository is private with no GitHub Advanced Security license, remove the .github/workflows/dependency-review.yml file.

helm/operations-engineering-example/values.yaml

@@ -12,7 +12,7 @@ image: # These are interpolated at runtime in deploy workflows
   tag: ""
 
 port: 1551
-targetPort: 1551 # 5000 # reports has this matching port
+targetPort: 1551
 
 ingress:
   identifier: ""

makefile

@@ -0,0 +1,89 @@
+.ONESHELL:
+
+# Default values for variables (can be overridden by passing arguments to `make`)
+# PYTHON_SOURCE_FILES = ./instance ./report_app ./tests ./dynambodb_testing setup.py operations_engineering_reports.py build.py
+# RELEASE_NAME ?= default-release-name
+# AUTH0_CLIENT_ID ?= default-auth0-client-id
+# AUTH0_CLIENT_SECRET ?= default-auth0-client-secret
+# APP_SECRET_KEY ?= default-app-secret-key
+# ENCRYPTION_KEY ?= default-encryption-key
+# API_KEY ?= default-api-key
+# HOST_SUFFIX ?= default-host-suffix
+#
+
+# Targets
+help:
+	@echo "Available commands:"
+	@echo "make setup            - Setup the environment"
+#	@echo "make test             - Run tests"
+	@echo "make preview          - Run locally in debug mode"
+#	@echo "make deploy-dev       - Deploy the application to the dev namespace"
+
+setup:
+	python3 -m venv venv
+	@venv/bin/pip3 install --upgrade pip
+	@venv/bin/pip3 install -r requirements.txt
+
+preview:
+	flask --app ops_eng_app/__init__ --debug run
+
+
+
+# venv: requirements.txt requirements-test.txt
+# 	python3 -m venv venv
+# 	@venv/bin/pip3 install --upgrade pip
+# 	@venv/bin/pip3 install -r requirements.txt
+
+# lint: venv
+# 	@venv/bin/flake8 --ignore=E501,W503 $(PYTHON_SOURCE_FILES)
+# 	@venv/bin/mypy --ignore-missing-imports $(PYTHON_SOURCE_FILES)
+# 	@venv/bin/pylint --recursive=y $(PYTHON_SOURCE_FILES)
+
+# format: venv
+# 	@venv/bin/black $(PYTHON_SOURCE_FILES)
+
+# test:
+# 	export FLASK_CONFIGURATION=development; python3 -m pytest -v
+
+# clean-test:
+# 	rm -fr venv
+# 	rm -fr .tox/
+# 	rm -fr .pytest_cache
+# 	rm -fr .mypy_cache
+# 	rm -fr .coverage
+# 	rm -fr htmlcov/
+# 	rm -fr .pytest_cache
+
+
+# # To run locally, you need to pass the following:
+# # make deploy IMAGE=my-image RELEASE_NAME=my-release AUTH0_CLIENT_ID=my-auth0-id AUTH0_CLIENT_SECRET=my-secret APP_SECRET_KEY=my-app-secret ENCRYPTION_KEY=my-encryption-key API_KEY=my-api-key HOST_SUFFIX=my-host-suffix
+# deploy-dev:
+# 	helm --debug upgrade $(RELEASE_NAME) helm/operations-engineering-reports \
+# 		--install \
+# 		--force \
+# 		--wait \
+# 		--set image.tag=$(IMAGE) \
+# 		--set application.auth0ClientId=$(AUTH0_CLIENT_ID) \
+# 		--set application.auth0ClientSecret=$(AUTH0_CLIENT_SECRET) \
+# 		--set application.appSecretKey=$(APP_SECRET_KEY) \
+# 		--set application.encryptionKey=$(ENCRYPTION_KEY) \
+# 		--set application.apiKey=$(API_KEY) \
+# 		--set ingress.hosts={operations-engineering-reports-dev-$(HOST_SUFFIX).cloud-platform.service.justice.gov.uk} \
+# 		--set image.repository=754256621582.dkr.ecr.eu-west-2.amazonaws.com/operations-engineering/operations-engineering-reports-dev-ecr \
+# 		--namespace operations-engineering-reports-dev
+
+# delete-dev:
+# 	helm delete $(RELEASE_NAME) --namespace operations-engineering-reports-dev
+
+# all:
+
+# dev:
+# 	bash scripts/start-db-dev.sh
+
+# db-ui:
+# 	bash scripts/start-db-ui.sh
+
+# stop:
+# 	docker-compose down -v --remove-orphans
+
+.PHONY: preview setup help # dev stop venv lint test format local prod clean-test all

ops_eng_app/__init__.py

@@ -1,7 +1,10 @@
-from flask import Flask
+from flask import Flask, render_template, url_for
 
 app = Flask(__name__)
 
-@app.route("/")
-def hello_gudetama():
-    return "<p>Hello Gudetama! Better eaten than rotten! Learn to rest not to quit.</p>"
+@app.route("/", methods=["GET", "POST"])
+def gudetama(): 
+    return render_template("index.html")
+
+# if __name__ == '__main__':
+#     app.run()

ops_eng_app/templates/index.html

@@ -0,0 +1,12 @@
+<html>
+<body>
+
+<h1>Hello Gudetama!</h1>
+
+<p>I hope you're having a lovely day?</p>
+
+<img src="{{url_for('static', filename='gudetama_meh.png')}}" width="256"/>
+
+</body>
+</html>
+

requirements.txt

@@ -1,13 +1,13 @@
 #authlib~=1.2.1
-boto3~=1.26.159
-botocore~=1.29.159
+boto3~=1.29.4 # 1.26.159
+botocore~=1.32.4 # 1.29.159
 #cryptography~=41.0.3
-flask~=2.3.3
-flask-cors
-govuk-frontend-jinja
-gunicorn
+flask~=3.0.0 # 2.3.3
+flask-cors~=4.0.0
+govuk-frontend-jinja~=2.7.0
+gunicorn~=21.2.0
 python-dotenv~=1.0.0
 requests~=2.31.0
-pytest~=7.4.2
+pytest~=7.4.3
 #setuptools~=68.0.0
 Jinja2~=3.1.2