Merge branch 'staging' into azure-subscriptions

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$|^.*pgsslrootcert.yml$",
     "lines": null
   },
-  "generated_at": "2020-01-29T16:40:16Z",
+  "generated_at": "2020-01-27T19:24:43Z",
   "plugins_used": [
     {
       "base64_limit": 4.5,
@@ -82,7 +82,7 @@
         "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 31,
+        "line_number": 32,
         "type": "Secret Keyword"
       }
     ],

atst/app.py

@@ -193,6 +193,7 @@ def map_config(config):
         "CONTRACT_END_DATE": datetime.strptime(
             config.get("default", "CONTRACT_END_DATE"), "%Y-%m-%d"
         ).date(),
+        "SESSION_COOKIE_SECURE": config.getboolean("default", "SESSION_COOKIE_SECURE"),
     }
 
 

atst/forms/task_order.py

@@ -162,11 +162,7 @@ class TaskOrderForm(BaseForm):
         filters=[remove_empty_string, remove_dashes, coerce_upper],
         validators=[AlphaNumeric(), Length(min=13, max=17), Optional()],
     )
-    pdf = FormField(
+    pdf = FormField(AttachmentForm)
-        AttachmentForm,
-        label=translate("task_orders.form.supporting_docs_size_limit"),
-        description=translate("task_orders.form.supporting_docs_size_limit"),
-    )
     clins = FieldList(FormField(CLINForm))
 
 

atst/models/portfolio.py

@@ -22,7 +22,7 @@ class Portfolio(
     id = types.Id()
     name = Column(String, nullable=False)
     defense_component = Column(
-        String, nullable=False
+        ARRAY(String), nullable=False
     )  # Department of Defense Component
 
     app_migration = Column(String)  # App Migration

atst/routes/task_orders/new.py

@@ -24,6 +24,7 @@ def render_task_orders_edit(
 
     render_args["contract_start"] = app.config.get("CONTRACT_START_DATE")
     render_args["contract_end"] = app.config.get("CONTRACT_END_DATE")
+    render_args["file_size_limit"] = int(app.config.get("FILE_SIZE_LIMIT"))
 
     if task_order_id:
         task_order = TaskOrders.get(task_order_id)

config/base.ini

@@ -18,6 +18,7 @@ DEBUG = true
 DEBUG_MAILER = false
 DISABLE_CRL_CHECK = false
 ENVIRONMENT = dev
+FILE_SIZE_LIMIT = 24000000
 LIMIT_CONCURRENT_SESSIONS = false
 LOG_JSON = false
 MAIL_PASSWORD

js/components/upload_input.js

@@ -20,6 +20,9 @@ export default {
     portfolioId: {
       type: String,
     },
+    sizeLimit: {
+      type: String,
+    },
   },
 
   data: function() {
@@ -31,6 +34,7 @@ export default {
       sizeError: false,
       filenameError: false,
       downloadLink: '',
+      fileSizeLimit: parseInt(this.sizeLimit),
     }
   },
 
@@ -48,7 +52,7 @@ export default {
       this.clearErrors()
 
       const file = e.target.files[0]
-      if (file.size > 64000000) {
+      if (file.size > this.fileSizeLimit) {
         this.sizeError = true
         return
       }

templates/components/upload_input.html

@@ -1,6 +1,6 @@
 {% from "components/icon.html" import Icon %}
 
-{% macro UploadInput(field, portfolio_id, show_label=False) -%}
+{% macro UploadInput(field, portfolio_id, file_size_limit, show_label=False) -%}
 <uploadinput
   inline-template
   {% if not field.errors %}
@@ -11,6 +11,7 @@
   {% endif %}
   v-bind:portfolio-id="'{{ portfolio_id }}'"
   name='{{ field.name }}'
+  v-bind:size-limit='{{ file_size_limit }}'
   >
   <div>
     <div v-show="valid" class="uploaded-file">
@@ -23,7 +24,11 @@
         {{ field.label }}
       {% endif %}
       <p>
-        {{ field.description }}
+        <!-- TODO: fix this to use field.description -->
+        <!-- This was temporarily hard coded because we were unable to use
+        app.config['FILE_SIZE_LIMIT'] in TaskOrderForm field descriptions and labels -->
+        {% set size_limit = file_size_limit // 1000000 %}
+        {{ "task_orders.form.supporting_docs_size_limit" | translate({ "file_size_limit": size_limit }) }}
       </p>
       <div v-if="!hideInput" class="upload-widget">
         <label class="upload-label" :for="name">
@@ -47,7 +52,7 @@
         <span class="usa-input__message">{{ "forms.task_order.upload_error" | translate }}</span>
       </template>
       <template v-if="sizeError">
-        <span class="usa-input__message">{{ "forms.task_order.size_error" | translate }}</span>
+        <span class="usa-input__message">{{ "forms.task_order.size_error" | translate({"file_size_limit": (file_size_limit//1000000)}) }}</span>
       </template>
       <template v-if="filenameError">
         <span class="usa-input__message">{{ "forms.task_order.filename_error" | translate }}</span>

templates/portfolios/admin.html

@@ -40,19 +40,18 @@
         </div>
       {% endif %}
 
-        <div class='defense-row'>
+      <div class='defense-row'>
-          <div>
+        <div>
-            <div class='admin-title'>{{ "portfolios.admin.defense_component_label" | translate }}</div>
+          <div class='admin-title'>{{ "portfolios.admin.defense_component_label" | translate }}</div>
-            {% if portfolio.defense_component %}
+          {% if portfolio.defense_component %}
-              <div class='admin-content'>
+            <div class='admin-content'>
-                {% for component in portfolio.defense_component %}
+              {% for component in portfolio.defense_component %}
-                  {{ "forms.portfolio.defense_component.choices.%s" | format(component) | translate }}<br>
+                {{ "forms.portfolio.defense_component.choices.%s" | format(component) | translate }}<br>
-                {% endfor %}
+              {% endfor %}
-              </div>
+            </div>
-            {% else %}
+          {% else %}
-              <div class='admin-content'>{{ "fragments.portfolio_admin.none" | translate }}</div>
+            <div class='admin-content'>{{ "fragments.portfolio_admin.none" | translate }}</div>
-            {% endif %}
+          {% endif %}
-          </div>
         </div>
       </div>
     </section>

templates/task_orders/step_1.html

@@ -19,5 +19,5 @@
     title='task_orders.form.step_1.title' | translate,
     description='task_orders.form.step_1.description' | translate,
   ) }}
-  {{ UploadInput(form.pdf, portfolio.id) }}
+  {{ UploadInput(form.pdf, portfolio.id, file_size_limit) }}
 {% endblock %}

terraform/modules/k8s/main.tf

@@ -81,3 +81,9 @@ resource "azurerm_monitor_diagnostic_setting" "k8s_diagnostic-1" {
     }
   }
 }
+
+resource "azurerm_role_assignment" "k8s_network_contrib" {
+  scope                = var.vnet_id
+  role_definition_name = "Network Contributor"
+  principal_id         = azurerm_kubernetes_cluster.k8s.identity[0].principal_id
+}

terraform/modules/k8s/variables.tf

@@ -67,3 +67,8 @@ variable "workspace_id" {
   description = "Log Analytics workspace for this resource to log to"
   type        = string
 }
+
+variable "vnet_id" {
+  description = "The ID of the VNET that the AKS cluster app registration needs to provision load balancers in"
+  type        = string
+}

terraform/modules/vpc/outputs.tf

@@ -7,3 +7,7 @@ output "subnet_list" {
     for k, id in azurerm_subnet.subnet : k => id
   }
 }
+
+output "id" {
+  value = azurerm_virtual_network.vpc.id
+}

terraform/providers/dev/k8s.tf

@@ -23,6 +23,7 @@ module "k8s" {
   client_id           = data.azurerm_key_vault_secret.k8s_client_id.value
   client_secret       = data.azurerm_key_vault_secret.k8s_client_secret.value
   workspace_id        = module.logs.workspace_id
+  vnet_id             = module.vpc.id
 }
 
 #module "main_lb" {

tests/render_vue_component.py

@@ -1,7 +1,7 @@
 import pytest
 
 from bs4 import BeautifulSoup
-from flask import Markup
+from flask import Markup, current_app as app
 from wtforms import Form, FormField
 from wtforms.fields import StringField
 from wtforms.validators import InputRequired
@@ -111,13 +111,17 @@ def test_make_multi_checkbox_input_template(
 
 
 def test_make_upload_input_template(upload_input_macro, task_order_form):
-    rendered_upload_macro = upload_input_macro(task_order_form.pdf)
+    rendered_upload_macro = upload_input_macro(
+        task_order_form.pdf, file_size_limit=int(app.config.get("FILE_SIZE_LIMIT")),
+    )
     write_template(rendered_upload_macro, "upload_input_template.html")
 
 
 def test_make_upload_input_error_template(upload_input_macro, task_order_form):
     task_order_form.validate()
-    rendered_upload_macro = upload_input_macro(task_order_form.pdf)
+    rendered_upload_macro = upload_input_macro(
+        task_order_form.pdf, file_size_limit=int(app.config.get("FILE_SIZE_LIMIT")),
+    )
     write_template(rendered_upload_macro, "upload_input_error_template.html")
 
 

translations.yaml

@@ -308,7 +308,7 @@ forms:
       length_error: Filename may be no longer than 100 characters.
   task_order:
     upload_error: There was an error uploading your file. Please try again. If you encounter repeated problems uploading this file, please contact CCPO.
-    size_error: The file you have selected is too large. Please choose a file no larger than 64MB.
+    size_error: "The file you have selected is too large. Please choose a file no larger than {file_size_limit}MB."
     filename_error: File names can only contain the characters A-Z, 0-9, space, hyphen, underscore, and period.
     number_description: 13-Digit Task Order Number
     pop_errors:
@@ -552,7 +552,7 @@ task_orders:
     pop_end_alert: "A CLIN's period of performance must end before {end_date}."
     pop_example: "For example: 07 04 1776"
     pop_start: Start Date
-    supporting_docs_size_limit: Your file may not exceed 64MB
+    supporting_docs_size_limit: "Your file may not exceed {file_size_limit}MB"
     step_1:
       title: Upload your approved Task Order (TO)
       description: Upload your approved Task Order here. You are required to confirm you have the appropriate signature. You will have the ability to add additional approved Task Orders with more funding to this Portfolio in the future.