Merge branch 'main' into dependabot/npm_and_yarn/jsdom-25.0.1

cronish.sh

@@ -3,6 +3,6 @@ set -euo pipefail
 
 while true
 do
-  drush --root=$HOME/web core:cron
+  drush --root="${HOME}"/web core:cron
   sleep 15m
 done

scripts/bootstrap.sh

@@ -8,20 +8,20 @@ fi
 export home="/home/vcap"
 dirs=( "${home}/private" "${home}/web/sites/default/files" )
 
-for dir in $dirs; do
-  if [ ! -d $dir ]; then
+for dir in "${dirs[@]}"; do
+  if [ ! -d "${dir}" ]; then
     echo "Creating ${dir} directory ... "
-    mkdir $dir
-    chown vcap. $dir
+    mkdir "${dir}"
+    chown vcap. "${dir}"
   fi
 done
 
 # Create files for SAML auth
 export home="/home/vcap"
 export app_path="${home}/app"
-echo $VCAP_SERVICES | jq -r '."user-provided"[].credentials.SP_PUBLIC_KEY' | base64 -d > ${app_path}/sp_public_key.pem
-echo $VCAP_SERVICES | jq -r '."user-provided"[].credentials.SP_PRIVATE_KEY' | base64 -d > ${app_path}/sp_private_key.pem
-echo $VCAP_SERVICES | jq -r '."user-provided"[].credentials.IDP_PUBLIC_KEY' | base64 -d > ${app_path}/idp_public_key.crt
+echo "${VCAP_SERVICES}" | jq -r '."user-provided"[].credentials.SP_PUBLIC_KEY' | base64 -d > ${app_path}/sp_public_key.pem
+echo "${VCAP_SERVICES}" | jq -r '."user-provided"[].credentials.SP_PRIVATE_KEY' | base64 -d > ${app_path}/sp_private_key.pem
+echo "${VCAP_SERVICES}" | jq -r '."user-provided"[].credentials.IDP_PUBLIC_KEY' | base64 -d > ${app_path}/idp_public_key.crt
 
 chmod 600 ${app_path}/sp_public_key.pem
 chmod 600 ${app_path}/sp_private_key.pem

scripts/create-cloudgov-env.sh

@@ -1,3 +1,5 @@
+#!/usr/bin/env bash
+
 # This script sets up a completely new Cloud.gov CF Space with all the corresponding
 # infrastructure needed to run weather.gov. It can serve for documentation for running
 # NOTE: This script was written for MacOS and to be run at the root directory. 
@@ -21,7 +23,7 @@ if [ -z "$1" ]; then
     exit 1
 fi
 
-if [ ! $(command -v gh) ] || [ ! $(command -v jq) ] || [ ! $(command -v cf) ]; then
+if [ ! "$(command -v gh)" ] || [ ! "$(command -v jq)" ] || [ ! "$(command -v cf)" ]; then
     echo "jq, cf, and gh packages must be installed. Please install via your preferred manager."
     exit 1
 fi
@@ -32,7 +34,7 @@ read -p "Are you on a new branch? We will have to commit this work. (y/n) " -n 1
 echo
 if [[ ! $REPLY =~ ^[Yy]$ ]]
 then
-    git checkout -b new-dev-sandbox-$1
+    git checkout -b new-dev-sandbox-"$1"
 fi
 
 cf target -o nws-weathergov
@@ -53,16 +55,16 @@ then
 fi
 
 echo "Creating manifest for $1..."
-cp manifests/manifest.template.yaml manifests/manifest-$1.yaml
+cp manifests/manifest.template.yaml manifests/manifest-"$1".yaml
 sed -i '' "s/ENVIRONMENT/$1/" "manifests/manifest-$1.yaml"
 
 echo "Creating new cloud.gov space for $1..."
-cf create-space $1
-cf target -o "nws-weathergov" -s $1
-cf bind-security-group public_networks_egress nws-weathergov --space $1
-cf bind-security-group trusted_local_networks_egress nws-weathergov --space $1
+cf create-space "$1"
+cf target -o "nws-weathergov" -s "$1"
+cf bind-security-group public_networks_egress nws-weathergov --space "$1"
+cf bind-security-group trusted_local_networks_egress nws-weathergov --space "$1"
 
-echo "Creating new cloud.gov DB for $1. This usually takes about 5 minutes..."
+echo "Creating new cloud.gov DB for '$1'. This usually takes about 5 minutes..."
 cf create-service aws-rds small-mysql database
 
 until cf service database | grep -q 'The service instance status is succeeded'
@@ -71,10 +73,10 @@ do
   sleep 30
 done
 
-echo "Creating storage for file uploads in $1..." 
+echo "Creating storage for file uploads in '$1'..."
 cf create-service s3 basic-sandbox storage
 
-echo "Creating new cloud.gov credentials for $1..."
+echo "Creating new cloud.gov credentials for '$1'..."
 generate_string "$CRON_KEY"
 CRON_KEY=${CRON_KEY:-$NEW_STRING}
 generate_string "$HASH_SALT"
@@ -90,35 +92,35 @@ SP_PUBLIC_KEY=$(cf env weathergov-beta | sed -n '/VCAP_SERVICES/,/VCAP_APPLICATI
 SP_PRIVATE_KEY=$(cf env weathergov-beta | sed -n '/VCAP_SERVICES/,/VCAP_APPLICATION/p' |  sed '$d' |  sed '1s;^;{\n;' | sed '$s/$/}/' | sed 's/VCAP_SERVICES/"VCAP_SERVICES"/g' | jq -r '."VCAP_SERVICES"."user-provided"[].credentials.SP_PRIVATE_KEY')
 IDP_PUBLIC_KEY=$(cf env weathergov-beta | sed -n '/VCAP_SERVICES/,/VCAP_APPLICATION/p' |  sed '$d' |  sed '1s;^;{\n;' | sed '$s/$/}/' | sed 's/VCAP_SERVICES/"VCAP_SERVICES"/g' | jq -r '."VCAP_SERVICES"."user-provided"[].credentials.IDP_PUBLIC_KEY')
 NEWRELIC_LICENSE=$(cf env weathergov-beta | sed -n '/VCAP_SERVICES/,/VCAP_APPLICATION/p' |  sed '$d' |  sed '1s;^;{\n;' | sed '$s/$/}/' | sed 's/VCAP_SERVICES/"VCAP_SERVICES"/g' | jq -r '."VCAP_SERVICES"."user-provided"[].credentials.NEWRELIC_LICENSE')
-cf target -o nws-weathergov -s $1
+cf target -o nws-weathergov -s "$1"
 
-jq -n --arg cron_key "$CRON_KEY" --arg hash_salt "$HASH_SALT" --arg root_user_name "$ROOT_USER_NAME" --arg root_user_pass "$ROOT_USER_PASS" --arg sp_public_key "$SP_PUBLIC_KEY" --arg sp_private_key "$SP_PRIVATE_KEY" --arg idp_public_key "$IDP_PUBLIC_KEY" --arg newrelic_license "$NEWRELIC_LICENSE" '{"CRON_KEY":$cron_key,"HASH_SALT":$hash_salt,"SP_PUBLIC_KEY":$sp_public_key,"SP_PRIVATE_KEY":$sp_private_key,"IDP_PUBLIC_KEY":$idp_public_key,"ROOT_USER_PASS":$root_user_pass,"ROOT_USER_NAME":$root_user_name,"NEWRELIC_LICENSE":$newrelic_license}' > credentials-$1.json
-cf cups secrets -p credentials-$1.json
+jq -n --arg cron_key "$CRON_KEY" --arg hash_salt "$HASH_SALT" --arg root_user_name "$ROOT_USER_NAME" --arg root_user_pass "$ROOT_USER_PASS" --arg sp_public_key "$SP_PUBLIC_KEY" --arg sp_private_key "$SP_PRIVATE_KEY" --arg idp_public_key "$IDP_PUBLIC_KEY" --arg newrelic_license "$NEWRELIC_LICENSE" '{"CRON_KEY":$cron_key,"HASH_SALT":$hash_salt,"SP_PUBLIC_KEY":$sp_public_key,"SP_PRIVATE_KEY":$sp_private_key,"IDP_PUBLIC_KEY":$idp_public_key,"ROOT_USER_PASS":$root_user_pass,"ROOT_USER_NAME":$root_user_name,"NEWRELIC_LICENSE":$newrelic_license}' > credentials-"$1".json
+cf cups secrets -p credentials-"$1".json
 
 echo "Database create succeeded and credentials created. Deploying the weather.gov application to the new space $1..."
-cf push -f manifests/manifest-$1.yaml --var newrelic-license="$NEWRELIC_LICENSE"
+cf push -f manifests/manifest-"$1".yaml --var newrelic-license="$NEWRELIC_LICENSE"
 
 echo "Creating credentials to talk to storage in $1..."
 cf create-service-key storage storagekey
 S3INFO=$(cf service-key storage storagekey)
 S3_BUCKET=$(echo "$S3INFO" | grep '"bucket":' | sed 's/.*"bucket": "\(.*\)",/\1/')
 S3_REGION=$(echo "$S3INFO" | grep '"region":' | sed 's/.*"region": "\(.*\)",/\1/')
-cf set-env weathergov-$1 S3_BUCKET "$S3_BUCKET"
-cf set-env weathergov-$1 S3_REGION "$S3_REGION"
+cf set-env weathergov-"$1" S3_BUCKET "$S3_BUCKET"
+cf set-env weathergov-"$1" S3_REGION "$S3_REGION"
 cf delete-service-key storage storagekey -f
-cf restart weathergov-$1
+cf restart weathergov-"$1"
 
 read -p "Please provide the email of the space developer: " -r
-cf set-space-role $REPLY nws-weathergov $1 SpaceDeveloper
+cf set-space-role "$REPLY" nws-weathergov "$1" SpaceDeveloper
 
 echo "Running post-deploy script in $1..."
-cf run-task weathergov-$1 --command "./scripts/post-deploy.sh" --name "weathergov-$1-deploy" -k "2G" -m "256M"
+cf run-task weathergov-"$1" --command "./scripts/post-deploy.sh" --name "weathergov-$1-deploy" -k "2G" -m "256M"
 
 echo "Doing initial content import in $1..."
-cf run-task weathergov-$1 --command "./scripts/import-content.sh" --name "weathergov-$1-content-import" -k "2G" -m "256M"
+cf run-task weathergov-"$1" --command "./scripts/import-content.sh" --name "weathergov-$1-content-import" -k "2G" -m "256M"
 
 echo "Running spatial scripts in $1..." 
-./scripts/load-spatial-data.sh $1
+./scripts/load-spatial-data.sh "$1"
 
 echo "Alright, your app is up and running at https://weathergov-$1.app.cloud.gov!"
 echo
@@ -161,18 +163,18 @@ fi
 
 cf service-key github-cd-account github-cd-key | sed 1,2d  | jq -r '[.username, .password]|@tsv' | 
 while read -r username password; do
-    gh secret --repo weather-gov/weather.gov set CF_${upcase_name}_USERNAME --body $username
-    gh secret --repo weather-gov/weather.gov set CF_${upcase_name}_PASSWORD --body $password
+    gh secret --repo weather-gov/weather.gov set CF_"${upcase_name}"_USERNAME --body "$username"
+    gh secret --repo weather-gov/weather.gov set CF_"${upcase_name}"_PASSWORD --body "$password"
 done
 
 read -p "Please provide the GUID for the $1 application from New Relic: " -r
-gh secret --repo weather-gov/weather.gov set NEW_RELIC_${upcase_name}_DEPLOYMENT_ENTITY_GUID --body $REPLY
+gh secret --repo weather-gov/weather.gov set NEW_RELIC_"${upcase_name}"_DEPLOYMENT_ENTITY_GUID --body "$REPLY"
 
 read -p "All done! Should we open a PR with these changes? (y/n) " -n 1 -r
 echo
 if [[ $REPLY =~ ^[Yy]$ ]]
 then
-    git add manifests/manifest-$1.yaml .github/workflows/
-    git commit -m "Add new developer sandbox '"$1"' infrastructure"
+    git add manifests/manifest-"$1".yaml .github/workflows/
+    git commit -m "Add new developer sandbox '$1' infrastructure"
     gh pr create
 fi

scripts/import-content.sh

@@ -3,6 +3,6 @@
 echo "Importing all content files..."
 
 for file in web/scs-export/*; do
-    file=${file#*/};
-    drush content:import $file;
+    file="${file#*/}";
+    drush content:import "${file}";
 done

scripts/load-spatial-data.sh

@@ -1,18 +1,20 @@
+#!/usr/bin/env bash
+
 if [ -z "$1" ]; then
     echo 'Please specify a space to load spatial data into (i.e. beta)' >&2
     exit 1
 fi
 
-if [ ! $(command -v jq) ] || [ ! $(command -v cf) ]; then
+if [ ! "$(command -v jq)" ] || [ ! "$(command -v cf)" ]; then
     echo "jq and cf packages must be installed. Please install via your preferred manager."
     exit 1
 fi
 
-space=$(if [ $1 = 'beta' ]; then echo "prod"; else echo $1; fi)
+space=$(if [ "$1" = 'beta' ]; then echo "prod"; else echo "$1"; fi)
 
 TARGET="weathergov-$1"
 
-cf target -o nws-weathergov -s $space
+cf target -o nws-weathergov -s "$space"
 
 # Get an available local port.
 LOCAL_PORT=$(netstat -aln | awk '
@@ -35,13 +37,13 @@ trap "exit" SIGINT SIGTERM
 trap "kill 0" EXIT
 
 # Get database service connection details from cf
-cf curl "/v2/apps/$(cf app --guid $TARGET)/env" | jq -r '.system_env_json.VCAP_SERVICES["aws-rds"][0].credentials' | jq -r '[.host, .port, .db_name, .username, .password]|@tsv' |
+cf curl "/v2/apps/$(cf app --guid "$TARGET")/env" | jq -r '.system_env_json.VCAP_SERVICES["aws-rds"][0].credentials' | jq -r '[.host, .port, .db_name, .username, .password]|@tsv' |
 while read -r host port db username password; do
   echo "setting up SSH tunnel..."
   # open a tunnel
-  cf ssh -N -T -L $LOCAL_PORT:$host:$port $TARGET &
+  cf ssh -N -T -L "$LOCAL_PORT":"$host":"$port" "$TARGET" &
   sleep 5
 
   # load
-  docker compose run --rm -T spatial node load-shapefiles.js $username $password $db host.docker.internal $LOCAL_PORT
+  docker compose run --rm -T spatial node load-shapefiles.js "$username" "$password" "$db" host.docker.internal "$LOCAL_PORT"
 done

scripts/remove-cloudgov-env.sh

@@ -1,3 +1,5 @@
+#!/usr/bin/env bash
+
 # This script tears down a Cloud.gov CF Space with all corresponding infrastructure. 
 # NOTE: This script was written for MacOS and to be run at the root directory. 
 
@@ -6,7 +8,7 @@ if [ -z "$1" ]; then
     exit 1
 fi
 
-if [ ! $(command -v gh) ] || [ ! $(command -v jq) ] || [ ! $(command -v cf) ]; then
+if [ ! "$(command -v gh)" ] || [ ! "$(command -v jq)" ] || [ ! "$(command -v cf)" ]; then
     echo "jq, cf, and gh packages must be installed. Please install via your preferred manager."
     exit 1
 fi
@@ -17,10 +19,10 @@ read -p "Are you on a new branch? We will have to commit this work. (y/n) " -n 1
 echo
 if [[ ! $REPLY =~ ^[Yy]$ ]]
 then
-    git checkout -b remove-dev-sandbox-$1
+    git checkout -b remove-dev-sandbox-"$1"
 fi
 
-cf target -o nws-weathergov -s $1
+cf target -o nws-weathergov -s "$1"
 
 read -p "Are you logged in to the nws-weathergov CF org above? (y/n) " -n 1 -r
 echo
@@ -40,31 +42,31 @@ fi
 echo "Removing Github keys and service account..."
 cf delete-service-key github-cd-account github-cd-key
 cf delete-service github-cd-account
-gh secret --repo weather-gov/weather.gov remove CF_${upcase_name}_USERNAME 
-gh secret --repo weather-gov/weather.gov remove CF_${upcase_name}_PASSWORD 
+gh secret --repo weather-gov/weather.gov remove CF_"${upcase_name}"_USERNAME
+gh secret --repo weather-gov/weather.gov remove CF_"${upcase_name}"_PASSWORD
 
 echo "Removing files used for $1..."
-rm manifests/manifest-$1.yaml
+rm manifests/manifest-"$1".yaml
 sed -i '' "/- $1/d" .github/workflows/deploy-sandbox.yaml
 
 echo "Cleaning up services, applications, and the Cloud.gov space for $1..."
 # delete apps
 cf delete cronish
-cf delete weathergov-$1
+cf delete weathergov-"$1"
 
 # delete services
 cf delete-service database
 cf delete-service secrets
 cf delete-service storage
 
 # delete space
-cf delete-space $1
+cf delete-space "$1"
 
 read -p "All done! Should we open a PR with these changes? (y/n) " -n 1 -r
 echo
 if [[ $REPLY =~ ^[Yy]$ ]]
 then
-    git add manifests/manifest-$1.yaml .github/workflows/deploy-sandbox.yaml
-    git commit -m "Remove developer sandbox '"$1"' infrastructure"
+    git add manifests/manifest-"$1".yaml .github/workflows/deploy-sandbox.yaml
+    git commit -m "Remove developer sandbox '$1' infrastructure"
     gh pr create
 fi

scripts/rotate-gh-deploy-keys.sh

@@ -1,5 +1,7 @@
+#!/usr/bin/env bash
+
 # NOTE: This script does not work with cf v8. We recommend using cf v7 for all cloud.gov commands.
-if [ ! $(command -v gh) ] || [ ! $(command -v jq) ] || [ ! $(command -v cf) ]; then
+if [ ! "$(command -v gh)" ] || [ ! "$(command -v jq)" ] || [ ! "$(command -v cf)" ]; then
     echo "jq, cf, and gh packages must be installed. Please install via your preferred manager."
     exit 1
 fi
@@ -9,8 +11,8 @@ if [ -z "$1" ]; then
     exit 1
 fi
 
-cf target -o cisa-dotgov -s $1
-read -p "Are you logged in to the cisa-dotgov CF org above and targeting the correct space? (y/n) " -n 1 -r
+cf target -o nws-weathergov -s "$1"
+read -p "Are you logged in to the nws-weathergov CF org above and targeting the correct space? (y/n) " -n 1 -r
 echo
 if [[ ! $REPLY =~ ^[Yy]$ ]]
 then
@@ -26,7 +28,7 @@ then
 fi
 
 echo "Great, removing and replacing Github CD account..."
-cf target -s $1
+cf target -s "$1"
 cf delete-service-key github-cd-account github-cd-key
 cf create-service-key github-cd-account github-cd-key
 cf service-key github-cd-account github-cd-key
@@ -40,6 +42,6 @@ fi
 upcase_space=$(printf "%s" "$1" | tr '[:lower:]' '[:upper:]')
 cf service-key github-cd-account github-cd-key | sed 1,2d  | jq -r '[.username, .password]|@tsv' | 
 while read -r username password; do
-    gh secret --repo weathergov/weather.gov set CF_${upcase_space}_USERNAME --body $username
-    gh secret --repo weathergov/weather.gov set CF_${upcase_space}_PASSWORD --body $password
-done
+    gh secret --repo weathergov/weather.gov set CF_"${upcase_space}"_USERNAME --body "${username}"
+    gh secret --repo weathergov/weather.gov set CF_"${upcase_space}"_PASSWORD --body "${password}"
+done

tests/playwright/e2e/afd-page.spec.js

@@ -27,6 +27,20 @@ const OVERALL_REFERENCES = JSON.parse(
 const firstId = OKX_REFERENCES["@graph"][0].id;
 
 describe("AFD Page Tests", () => {
+  describe("Not Found (404) tests", () => {
+    test("Displays a 404 page for an invalid / expired AFD id", async ({ page }) => {
+      const response = await page.goto("http://localhost:8080/afd/OKX/invalid-afd-id.json");
+
+      expect(response.status()).toBe(404);
+    });
+
+    test("Displays a 404 page for a listing of AFDs at an invalid WFO", async ({ page }) => {
+      const response = await page.goto("http://localhost:8080/afd/WWW");
+
+      expect(response.status()).toBe(404);
+    });
+  });
+
   describe("Partial HTML routes", () => {
     test("Can retrieve <option> elements html partial for version listing", async ({
       page,