pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,845 Commits 1 Branch 0 Tags
Commit Graph

6845 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tomdds
2ac333e0b7 Sample create tenant itegration 
This integration works with the happy path, we'll need to expand some fields and handle error states more coherently.
 2020-01-14 17:16:54 -05:00
Philip Kalinsky
ba47053a1c provision portfolio state machine 2020-01-14 17:16:54 -05:00
tomdds
7835438176
Merge pull request #1316 from dod-ccpo/portfolio-provision-state-machine 
Provision Portfolio State Machine
 2020-01-14 17:14:12 -05:00
tomdds
4bfde23c16 Fix alembic migration branching 2020-01-14 16:53:15 -05:00
tomdds
dfee80680d Skip legacy azure csp tests 2020-01-14 16:36:16 -05:00
tomdds
7b2c77298d Fix app name collision errors in portfolio tests 2020-01-14 16:36:16 -05:00
tomdds
d81d953c31 Fix formatting and some typos 2020-01-14 16:36:16 -05:00
tomdds
34546ecd94 Add transitions to Pipfile 2020-01-14 16:36:16 -05:00
Philip Kalinsky
69bd2f43a5 provision portfolio state machine 2020-01-14 16:36:16 -05:00
graham-dds
ad82706bd4
Merge pull request #1314 from dod-ccpo/bugfix/use-v-text-where-possible 
Use v-text instead of v-html to mitigate XSS attacks
 2020-01-14 16:34:31 -05:00
graham-dds
ffd3dd2d9d use v-text instead of v-html 
v-html interprets the string passed to it as raw html, without escaping.
We should use v-text wherever possible.
 2020-01-14 16:19:27 -05:00
dandds
d55a81ebdd
Merge pull request #1300 from dod-ccpo/update-env-role-list 
Update environment roles list
 2020-01-14 16:01:49 -05:00
leigh-mil
11b3120bfd Update filter functions to display properly when users env access has been revoked 2020-01-14 15:43:46 -05:00
leigh-mil
17864cc060 Add migration to change environment_roles role column from string to 
enum type.
Fix tests and functions affected by the column type change.
 2020-01-14 13:12:29 -05:00
dandds
bffd981105
Merge pull request #1306 from dod-ccpo/update-sqlalchemy-version 
Update version of sqlalchemy
 2020-01-14 11:28:35 -05:00
leigh-mil
ab5485e103 Update version of sqlalchemy 2020-01-14 06:27:28 -05:00
graham-dds
b1345c0eb0
Merge pull request #1310 from dod-ccpo/small-ui-fixes 
Small ui fixes
 2020-01-13 17:20:57 -05:00
graham-dds
45c4fc1d5f Match empty state for app members with designs 2020-01-13 16:32:31 -05:00
graham-dds
fdeffd3183 Bump margin so that add clin button isn't hidden 2020-01-13 16:32:31 -05:00
raydds
9cb7422468
Merge pull request #1309 from dod-ccpo/kubernetes-resource-limits 
First pass at setting CPU and memory limits in Kubernetes
 2020-01-13 14:38:00 -05:00
Ray Zane
835cd4f12e First pass at setting CPU and memory limits in Kubernetes 2020-01-13 13:00:21 -05:00
dandds
8c02ba7a8d
Merge pull request #1298 from robgil-dds/169163334-iam-for-scale-set 
IAM policy for Azure VM Scale Set in k8s
 2020-01-13 12:51:51 -05:00
Rob Gil
a47ad24b90 Apply manual change for dev environment to gain access to keyvault from vmss nodes 2020-01-13 12:08:09 -05:00
Rob Gil
8416c18258 Document keyvault post terraform manual steps 
This is to document and configure the post-terraform commands necessary
for k8s hosts in the vmss to access the keyvault through flexvol.
 2020-01-13 12:05:52 -05:00
Rob Gil
53cf42103e Fix resource names for module.vpc 2020-01-13 10:29:12 -05:00
Rob Gil
316428a787 Adds screenshot of manual change to make for SystemAssigned identities 2020-01-13 10:29:12 -05:00
Rob Gil
f279e3d3c1 Docs updates to document manual steps 2020-01-13 10:29:12 -05:00
Rob Gil
1a9ff0e02b Updates docs with Preview features and how to enable them 2020-01-13 10:29:12 -05:00
Rob Gil
3986f3c91f 169163334 - Uses the k8s principal for access to keyvault from k8s nodes 2020-01-13 10:29:12 -05:00
Rob Gil
b233cb253f 169163334 - Updates provider for SystemAssigned MI policy for k8s 2020-01-13 10:29:12 -05:00
Rob Gil
623368b8dd 169163334 - Switches to SystemAssigned managed identity 
The SystemAssigned managed identity requires a preview feature to be
enabled.

```
rgil@rem5:~/atst/terraform/providers/dev$ az feature list|grep MSIPreview
    "id": "/subscriptions/95934d54-980d-47cc-9bce-3a96bf9a2d1b/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/MSIPreview",
    "name": "Microsoft.ContainerService/MSIPreview",
rgil@rem5:~/atst/terraform/providers/dev$ az feature register --namespace Microsoft.ContainerService --name MSIPreview
Once the feature 'MSIPreview' is registered, invoking 'az provider register -n Microsoft.ContainerService' is required to get the change propagated
{
  "id": "/subscriptions/95934d54-980d-47cc-9bce-3a96bf9a2d1b/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/MSIPreview",
  "name": "Microsoft.ContainerService/MSIPreview",
  "properties": {
    "state": "Registering"
  },
  "type": "Microsoft.Features/providers/features"
}
rgil@rem5:~/atst/terraform/providers/dev$ az provider register -n Microsoft.ContainerService
rgil@rem5:~/atst/terraform/providers/dev$
```

This also now integrates the policy for keyvault with the k8s managed
identity (system assigned).
 2020-01-13 10:29:12 -05:00
dandds
c403dc557c
Merge pull request #1307 from dod-ccpo/170636391-flash-ssti 
Use simple string formatting for flash messages.
 2020-01-13 09:43:18 -05:00
dandds
0731b0519c Use simple string formatting for flash messages. 
This addresses an SSTI vulnerability in Flask's `render_template_string`
function, which we were using for rendering flash messages. The
implementation I'd built was too complicated, so I removed its reliance
on Jinja template rendering. Instead, all parts of the flash message
should be keys in the translations file. The `flash` wrapper in
`atst.utils.flash` is just a thin wrapper over our `translate` function.
The `translate` function relies on Python string formatting, which does
not evaluate expressions and so isn't vulnerable to SSTI.
 2020-01-11 15:27:34 -05:00
leigh-mil
7de2f440c6
Merge pull request #1294 from dod-ccpo/portfolio-admin-styling__part-2 
Portfolio admin styling - Managers table
 2020-01-10 15:46:34 -05:00
leigh-mil
4d8d1d8ce0
Merge branch 'staging' into portfolio-admin-styling__part-2 2020-01-10 13:27:05 -05:00
dandds
a7da0e9104
Merge pull request #1304 from dod-ccpo/170609987-session-logging 
Log details about user login and logout.
 2020-01-10 11:44:57 -05:00
leigh-mil
8f5db7805c Add pointer to cancel link 2020-01-10 10:25:56 -05:00
leigh-mil
1425459e35 Use permissions sets instead of portfolio.owner_role to see if a member is PPoC 2020-01-10 10:25:55 -05:00
leigh-mil
70462eee0c Display portfolio managers alphabetically instead of always having PPoC in the first table row 2020-01-10 10:25:55 -05:00
leigh-mil
959636fc91 Fix seed_sample script 2020-01-10 10:25:55 -05:00
leigh-mil
17642cda4e Rename file to better reflect contents 2020-01-10 10:25:55 -05:00
leigh-mil
ffa4a1370c Set width of Name column in portfolio managers table. 
Delete unused table styles.
 2020-01-10 10:25:55 -05:00
leigh-mil
da398bf1ff Add status labels to portfolio managers table. 
Update PortfolioRole.display_status() to return same type of data as
ApplicationRole.display_status().
 2020-01-10 10:25:55 -05:00
leigh-mil
a6fcd0c76f Fix styling on member forms. 
Include flash message when portfolio manager is added.
Fix submit button text
 2020-01-10 10:25:55 -05:00
leigh-mil
abfe8663a1 Update copy in perms form 2020-01-10 10:25:55 -05:00
leigh-mil
89035c815b Update styling for Manager name and add 'You' tag 2020-01-10 10:25:55 -05:00
leigh-mil
975d3d243b Delete tests and route associated with old portfolio member perms form 2020-01-10 10:25:55 -05:00
leigh-mil
c9d0c64c1f Fix and generalize styling for member form macro 
Only display permissions with 'Edit' value
Delete unused files and rename MemberForm macro file
 2020-01-10 10:25:55 -05:00
leigh-mil
79b2773852 Portfolio manager invite updates: 
- Update the form to use BooleanFields for the permissions and make the
form more similar to the Application Members form
- Use MemberFormTemplate macro in the portfolio settings template
- fix tests affected by the form changes
 2020-01-10 10:25:55 -05:00
leigh-mil
4d2a175136 Use generalized macro for new member form in application settings 2020-01-10 10:25:55 -05:00