GSA-TTS · asteel-gsa · Nov 5, 2024 · Sep 6, 2024 · Sep 9, 2024 · Sep 10, 2024
diff --git a/.gitignore b/.gitignore
@@ -167,6 +167,14 @@ terraform/**/*.tfstate*
 terraform/**/*.tfvars
 terraform/shared/modules/egress-proxy/proxy.zip
 terraform/shared/modules/egress-proxy/test/client.zip
+terraform/shared/modules/app/app.zip
+terraform/shared/modules/https-proxy/proxy.zip
+terraform/shared/modules/https-proxy/.terraform.lock.hcl
+terraform/shared/modules/stream-proxy/proxy.zip
+terraform/shared/modules/https-proxy/.terraform.lock.hcl
+terraform/shared/modules/sandbox-proxy/proxy.zip
+terraform/shared/modules/sandbox-proxy/.terraform.lock.hcl
+
 
 # XLSX ignores
 .~*#

diff --git a/backend/.profile b/backend/.profile
@@ -1,9 +1,9 @@
 #!/bin/bash
 
 # Source everything; everything is now a function.
-# Remember: bash has no idea if a function exists, 
+# Remember: bash has no idea if a function exists,
 # so a typo in a function name will fail silently. Similarly,
-# bash has horrible scoping, so use of `local` in functions is 
+# bash has horrible scoping, so use of `local` in functions is
 # critical for cleanliness in the startup script.
 source tools/util_startup.sh
 # This will choose the correct environment
@@ -14,6 +14,7 @@ source tools/migrate_app_tables.sh
 source tools/api_standup.sh
 source tools/run_collectstatic.sh
 source tools/seed_cog_baseline.sh
+source tools/materialized_views.sh
 
 #####
 # SETUP THE CGOV ENVIRONMENT
@@ -43,15 +44,18 @@ if [[ "$CF_INSTANCE_INDEX" == 0 ]]; then
     #####
     # COLLECT STATIC
     # Do Django things with static files.
-    run_collectstatic
-    gonogo "run_collectstatic"
+    # run_collectstatic
+    # gonogo "run_collectstatic"
 
     #####
     # SEED COG/OVER TABLES
     # Setup tables for cog/over assignments
     seed_cog_baseline
     gonogo "seed_cog_baseline"
+
+    # materialized_views
+    # gonogo "materialized_views"
 fi
 
 # Make psql usable by scripts, for debugging, etc.
-alias psql='/home/vcap/deps/0/apt/usr/lib/postgresql/*/bin/psql'
+alias psql='/home/vcap/deps/0/apt/usr/lib/postgresql/*/bin/psql'
diff --git a/backend/config/settings.py b/backend/config/settings.py
@@ -227,8 +227,7 @@
 
 # Environment specific configurations
 DEBUG = False
-
-if ENVIRONMENT not in ["DEVELOPMENT", "PREVIEW", "STAGING", "PRODUCTION"]:
+if ENVIRONMENT not in ["SANDBOX", "DEVELOPMENT", "PREVIEW", "STAGING", "PRODUCTION"]:
     DATABASES = {
         "default": env.dj_db_url(
             "DATABASE_URL", default="postgres://postgres:password@0.0.0.0/backend"

diff --git a/backend/tools/materialized_views.sh b/backend/tools/materialized_views.sh
@@ -0,0 +1,9 @@
+source tools/util_startup.sh
+
+function materialized_views {
+    startup_log "RUN_MATERIALIZEDVIEWS" "BEGIN"
+    python manage.py materialized_views --create &&
+    local result=$?
+    startup_log "RUN_MATERIALIZEDVIEWS" "END"
+    return $result
+}
diff --git a/bin/ops/create_service_account.sh b/bin/ops/create_service_account.sh
@@ -70,4 +70,4 @@ cat << EOF
 
 cf_user = $username
 cf_password = $password
-EOF
+EOF
diff --git a/bin/ops/destroy_service_account.sh b/bin/ops/destroy_service_account.sh
@@ -50,4 +50,4 @@ cf target -o $org -s $space
 cf delete-service-key $service ${service}-key -f
 
 # destroy service
-cf delete-service $service -f
+cf delete-service $service -f
diff --git a/bin/ops/get_service_account.sh b/bin/ops/get_service_account.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+
+org="gsa-tts-oros-fac"
+
+usage="
+$0: Create a Service User Account for a given space
+
+Usage:
+  $0 -h
+  $0 -s <SPACE NAME> -u <USER NAME> [-r <ROLE NAME>] [-o <ORG NAME>]
+
+Options:
+-h: show help and exit
+-s <SPACE NAME>: configure the space to act on. Required
+-u <USER NAME>: set the service user name. Required
+-r <ROLE NAME>: set the service user's role to either space-deployer or space-auditor. Default: space-deployer
+-o <ORG NAME>: configure the organization to act on. Default: $org
+"
+
+set -e
+set -o pipefail
+
+space=""
+service=""
+role="space-deployer"
+
+while getopts ":hs:u:r:o:" opt; do
+  case "$opt" in
+    s)
+      space=${OPTARG}
+      ;;
+    u)
+      service=${OPTARG}
+      ;;
+    r)
+      role=${OPTARG}
+      ;;
+    o)
+      org=${OPTARG}
+      ;;
+    h)
+      echo "$usage"
+      exit 0
+      ;;
+  esac
+done
+
+if [[ $space = "" || $service = "" ]]; then
+  echo "$usage"
+  exit 1
+fi
+
+>&2 echo "Targeting org $org and space $space"
+cf target -o $org -s $space > /dev/null 2>&1
+
+# get service key
+cf service-key $service ${service}-key > /dev/null 2>&1
+
+# output service key to stdout in secrets.auto.tfvars format
+creds=`cf service-key $service ${service}-key | tail -n 7`
+username=`echo $creds | jq '.credentials.username'`
+password=`echo $creds | jq '.credentials.password'`
+
+cat <<EOM
+# generated with $0 -s $space -u $service -r $role -o $org
+# revoke with $(dirname $0)/destroy_service_account.sh -s $space -u $service -o $org
+
+cf_user = $username
+cf_password = $password
+EOM
diff --git a/terraform/.gitignore b/terraform/.gitignore
@@ -1,6 +1,7 @@
-*/backend.tfvars
-*/.terraform
-*/terraform.tfstate
-*/terraform.tfstate.backup
-*/deployer-creds.auto.tfvars
-shared/config/backend.tfvars
+*/backend.tfvars
+*/.terraform
+*/terraform.tfstate
+*/terraform.tfstate.backup
+*/deployer-creds.auto.tfvars
+shared/config/backend.tfvars
+*/*.tfplan
diff --git a/terraform/dev/dev.tf-example b/terraform/dev/dev.tf-example
@@ -1,3 +1,12 @@
+# The content of this file is managed by Terraform. If you modify it, it may
+# be reverted the next time Terraform runs. If you want to make changes, do it
+# in ../meta/bootstrap-env/templates.
+
+# Add resources to this module describing what you want in the corresponding 
+# space in cloud.gov. You should probably just reference a shared module as in the
+# example below to keep consistency across spaces, but you can also vary the 
+# content for each environment as needed.
+
 module "dev" {
   source        = "../shared/modules/env"
   cf_space_name = "dev"

diff --git a/terraform/preview/preview.tf-example b/terraform/preview/preview.tf-example
@@ -2,6 +2,11 @@
 # be reverted the next time Terraform runs. If you want to make changes, do it
 # in ../meta/bootstrap-env/templates.
 
+# Add resources to this module describing what you want in the corresponding 
+# space in cloud.gov. You should probably just reference a shared module as in the
+# example below to keep consistency across spaces, but you can also vary the 
+# content for each environment as needed.
+
 module "preview" {
   source        = "../shared/modules/env"
   cf_space_name = "preview"

diff --git a/terraform/production/production.tf-example b/terraform/production/production.tf-example
@@ -1,3 +1,12 @@
+# The content of this file is managed by Terraform. If you modify it, it may
+# be reverted the next time Terraform runs. If you want to make changes, do it
+# in ../meta/bootstrap-env/templates.
+
+# Add resources to this module describing what you want in the corresponding 
+# space in cloud.gov. You should probably just reference a shared module as in the
+# example below to keep consistency across spaces, but you can also vary the 
+# content for each environment as needed.
+
 module "production" {
   source        = "../shared/modules/env"
   cf_space_name = "production"

diff --git a/terraform/sandbox/.terraform.lock.hcl b/terraform/sandbox/.terraform.lock.hcl