Merge pull request #73 from springload/main

Bootstrapify site

.babelrc

@@ -0,0 +1,13 @@
+{
+  "presets": [
+    [
+      "@babel/preset-env",
+      {
+        "useBuiltIns": "entry",
+        "corejs": "3.6.5",
+        "modules": false
+      }
+    ],
+    "@babel/preset-typescript"
+  ]
+}

.browserslistrc

@@ -0,0 +1,13 @@
+# https://github.com/browserslist/browserslist#readme
+
+>= 1%
+last 1 major version
+not dead
+Chrome >= 45
+Firefox >= 38
+Edge >= 12
+Explorer >= 10
+iOS >= 9
+Safari >= 9
+Android >= 4.4
+Opera >= 30

.circleci/config.yml

@@ -0,0 +1,92 @@
+version: 2.1
+
+orbs:
+  buildkit: springload/buildkit@0.0.7
+
+workflows:
+  build_test_and_push_image:
+    jobs:
+      - buildkit/builder:
+          cache_version: v4
+          builds:
+            - buildkit/build: # call the build command multiple times to build multiple images
+                target: frontend # build this stage
+                tag: frontend # no tag no docker image
+                path: docker
+            - buildkit/build: # call the build command multiple times to build multiple images
+                target: aws-app # build this stage
+                tag: app # no tag no docker image
+                path: docker
+          after-builds:
+            - add_ssh_keys
+            - run:
+                name: initialise submodules
+                command: |-
+                  ssh-add -L | tail -n1 > last.pub
+                  GIT_SSH_COMMAND="ssh -i last.pub" git submodule update --init
+              #            - run:
+              #                  name: run backend tests
+              #                  command: |-
+              #                      set -eu
+              #
+              #                      DATABASE_PASSWORD="$( head -c 24 /dev/urandom | xxd -p | tr -d '\n ')"
+              #                      docker run --name=database \
+              #                          -ePOSTGRES_DB=app_test \
+              #                          -ePOSTGRES_PASSWORD=$DATABASE_PASSWORD \
+              #                          -d postgres:11-alpine
+              #                      docker run \
+              #                          -i --name app-test --rm \
+              #                          --link=database --link=cache --link=search \
+              #                          -eDATABASE_URL="postgres://postgres:$DATABASE_PASSWORD@database/app_test" \
+              #                          -eENVIRONMENT=test \
+              #                          app-test
+            - run:
+                name: tag, push and deploy images
+                command: |-
+                    set -eu
+                    if [ "${CIRCLE_BRANCH}" == "deploy/preview" ] || [ "${CIRCLE_BRANCH}" == "deploy/production" ]; then
+                      ENVIRONMENT=`basename "${CIRCLE_BRANCH}"`
+                      PROJECT=ietf
+                      VERSION=$(git rev-parse --short HEAD)
+                      wget -O ecs-tool.tar.gz https://github.com/springload/ecs-tool/releases/download/1.5.1/ecs-tool_1.5.1_linux_amd64.tar.gz && tar -C /usr/bin -xvf ecs-tool.tar.gz ecs-tool
+                      apk add jq
+                      export AWS_REGION=us-west-2
+                      export AWS_DEFAULT_REGION=us-west-2
+                      export REPOSITORY=$(ecs-tool ecr-endpoint)
+                      eval $(ecs-tool ecr-login)
+                      pids=""
+                      for image in app; do
+                        for tag in ${ENVIRONMENT}-${VERSION} ${ENVIRONMENT}-latest; do
+                          docker tag ${image} ${REPOSITORY}/${PROJECT}-${image}:${tag}
+                          docker push ${REPOSITORY}/${PROJECT}-${image}:${tag} &
+                          pids="${pids} $!"
+                        done
+                      done
+                      for p in $pids; do
+                        wait $p
+                      done
+
+                      echo "updating the ssm parameter with ejson configuration"
+                      ecs-tool -p "" -e "${ENVIRONMENT}" ejson -f infra/ssm.ejson
+                      # running the pre-deployment commands
+                      ecs-tool -p "" -e "${ENVIRONMENT}" run --image_tag "${ENVIRONMENT}-${VERSION}" -- ./deploy.sh
+                      # deploy new services in parallel
+                      ecs-tool -p "" -e "${ENVIRONMENT}" deploy --image_tag "${ENVIRONMENT}-${VERSION}"
+                    fi
+            - run:
+                name: test the website
+                command: |-
+                    set -e
+
+                    if [ "${CIRCLE_BRANCH}" == "deploy/preview" ] || [ "${CIRCLE_BRANCH}" == "deploy/production" ]; then
+                      ENVIRONMENT=`basename "${CIRCLE_BRANCH}"`
+                      # uncomment after going live
+                      #                    if [ "${ENVIRONMENT}" == "production" ]; then
+                      #                      endpoint=https://www.ietf.org
+                      #                    else
+                        endpoint=https://ietf-${ENVIRONMENT}.springload.nz
+                      #                    fi
+
+
+                      docker run --rm -e BASIC_AUTH=$BASIC_AUTH frontend yarn test $endpoint
+                    fi

.dockerignore

@@ -0,0 +1,5 @@
+*.sql
+media*.tgz
+.git
+media/
+docker/database

.eslintignore

@@ -0,0 +1,3 @@
+public/
+node_modules/
+

.eslintrc.js

@@ -0,0 +1,11 @@
+module.exports = {
+    root: true,
+    parser: '@typescript-eslint/parser',
+    plugins: ['@typescript-eslint'],
+    extends: [
+        'eslint:recommended',
+        'plugin:@typescript-eslint/eslint-recommended',
+        'plugin:@typescript-eslint/recommended',
+        'plugin:prettier/recommended',
+    ],
+};

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,66 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main]
+  schedule:
+    - cron: '0 9 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        # Override automatic language detection by changing the below list
+        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
+        language: ['python', 'javascript']
+        # Learn more...
+        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file. 
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.gitignore

@@ -7,3 +7,8 @@
 /docs/_build/
 /ietf/static/node_modules
 /ietf/static/yarn-error.log
+node_modules
+.vscode
+*.log
+ietf/templates/base.html
+ietf/static/dist

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "infra"]
+	path = infra
+	url = git@github.com:springload/ietf-infra.git

.nvmrc

@@ -0,0 +1 @@
+lts/erbium

.prettierignore

@@ -0,0 +1,3 @@
+**/*.html
+**/*.ss
+**/*.yml

.prettierrc

@@ -0,0 +1,13 @@
+{
+  "trailingComma": "all",
+  "tabWidth": 4,
+  "semi": true,
+  "singleQuote": true,
+  "arrowParens": "always",
+  "overrides": [
+    {
+      "files": [".travis.yml", ".*"],
+      "options": { "tabWidth": 2 }
+    }
+  ]
+}

CONTRIBUTING.md

@@ -0,0 +1,88 @@
+# Developing on the Internet Engineering Task Force (IETF) Website
+
+## Backend Development
+
+This website uses the Wagtail CMS.
+
+### Installing
+
+See the [installation instructions](install.md#install)
+
+### Testing
+
+Wagtail is based on Django, and there are many Django-style tests typically named `tests.py` to test templates. These verify that the templates can be compiled (that they don't have syntax errors) and that they are inserting variables.
+
+## Frontend Development
+
+This project uses Bootstrap. The exact version is specified in the `package.json` file.
+
+Please adhere to standard Bootstrap practices where possible rather than adding bespoke code, so that future developers can benefit from Boostrap docs and the broader ecosystem.
+
+### Installing
+
+See the [installation instructions](install.md#install) to get the website running on your local machine.
+
+If you need to inspect the generated files outside of Docker, you can run these commands:
+
+Install [NVM](https://github.com/nvm-sh/nvm) and [Yarn](https://yarnpkg.com/) and then run these commands from the repo directory,
+
+```bash
+nvm install
+nvm use
+```
+
+This will use NVM to install the correct version of Node for this project, and switch to using that version of Node.
+
+```bash
+yarn
+```
+
+Running `yarn` without any arguments is an alias for `yarn install`. This will install the packages from `package.json`.
+
+```bash
+yarn build
+```
+
+This will run Webpack and compile the source files at `ietf/static_src`. The `yarn build` command runs a development build without minification and optimisation (useful for debugging), whereas `yarn dist` will run a production build (with minification).
+
+Note that `ietf/static_src` will compile HTML templates into `ietf/static`, and this includes Wagtail templates such as `base.html`. Webpack will add CSS and JS tags.
+
+### Testing
+
+#### Accessibility tests
+
+This command requires a running website which may be your local development site.
+
+```bash
+yarn test:accessibility http://localhost:8001
+```
+
+Replace "`http://localhost:8001`" with the URL of your running website.
+
+## Deploying
+
+This project uses deploy branches.
+
+Deploys to production are intentionally unavailable via deploy branches.
+
+Deploys to preview environments are automated via CircleCI. Use your GitHub credentials to sign in to watch deploys and look for failing tests.
+
+CircleCI is configured to run new site builds, to run tests, and (if the tests pass) to deploy.
+
+Deploys to preview may be done by merging to `deploy/preview`.
+
+Eg,
+
+```bash
+git push origin main:deploy/preview
+```
+
+This would push `main` to `deploy/preview` and trigger a build on CircleCI.
+
+```bash
+git push origin feature/my-feature:deploy/preview
+```
+
+This would deploy your feature branch `feature/my-feature` to `deploy/preview`.
+
+The preview environment's domain is private, and is password protected. Ask around for the details.