6884 Commits

Author SHA1 Message Date
Hannah Brinkman
56a2f2c306 Update _topbar.scss
-Cleaned up spacing, margins, and padding
-Refined font styling for JEDI logo and added semibold weight to nav links
2020-01-17 08:59:00 -05:00
dandds
eafb1d6941
Merge pull request #1321 from robgil-dds/169163334-secrets-tool
Secrets Tool
2020-01-17 08:35:50 -05:00
Rob Gil
55623028df Adds a secrets generator and loader
secrets-tool now has a feature to both generate secrets as well as load
the generated secrets in to KeyVault.
2020-01-16 21:40:26 -05:00
dandds
05a78359de
Merge pull request #1302 from dod-ccpo/170505212-uwsgi-logs
uWSGI plugin config changes.
2020-01-16 19:38:23 -05:00
Rob Gil
b9a7efe6ba Revised Pipfiles 2020-01-16 18:19:33 -05:00
Rob Gil
aa89505650 169163334 - Abstracts terraform wrapper code
The terraform wrapper is now abstracted in to a utility class for
working with terraform. The terraform module was also updated to support
configurable keyvault servers. Logging for this new module was also
added, so the terraform output is seen on the console.
2020-01-16 17:27:49 -05:00
Rob Gil
deead852b5 169163334 - Initial secrets-tool commit
Adds admin_users map and keyvault policy

This adds an admin_users map as well as a new policy in the keyvault
module. When run, this will apply an administrator policy for users in
the admin_users map. With these permissions, the admin users will be
able to manage secrets and keys in keyvault.

169163334 - Initial secrets-tool commit

Adds admin_users map and keyvault policy

This adds an admin_users map as well as a new policy in the keyvault
module. When run, this will apply an administrator policy for users in
the admin_users map. With these permissions, the admin users will be
able to manage secrets and keys in keyvault.

170237669 - Makes the read only policy for keyvault optional and only create the policy if a principal_id is passed

170237669 - Adds new operator keyvault for secrets

This is a new keyvault specifically for storing operator secrets and
things that would not be accessible to applications. The primary use
case for this is for launching things like postgres (root postgres
creds) and other services which would require secrets to be added to the
terraform configuration. This approach avoids adding secrets to
terraform.

An accompanying script will be added to populate the new keyvault.
2020-01-16 17:27:49 -05:00
dandds
2254e0dd01
Merge branch 'staging' into 170505212-uwsgi-logs 2020-01-16 16:58:52 -05:00
graham-dds
c61fd8940c
Merge pull request #1319 from dod-ccpo/bugfix/use-v-text-where-possible
Remove the remaining uses of v-html
2020-01-16 14:48:43 -05:00
graham-dds
c9c33ac978 Use v-text for alerts 2020-01-16 14:18:00 -05:00
graham-dds
477afbe075 use v-text for Vue validaitonError s 2020-01-16 14:18:00 -05:00
raydds
c2364d1080
Merge pull request #1324 from dod-ccpo/disable-mailer
Add a configuration disable the mailer in staging environments
2020-01-16 11:57:33 -05:00
raydds
1fa5de6f90 Add a configuration to totally disable the mailer 2020-01-16 11:27:14 -05:00
raydds
d89948a59a
Merge pull request #1318 from dod-ccpo/hpa
Horizontal autoscaling
2020-01-16 10:57:50 -05:00
raydds
eb7625a26e Bump CPU for atst worker 2020-01-16 10:16:54 -05:00
raydds
d07d4f09fd This HPA should point at the worker 2020-01-16 10:16:54 -05:00
raydds
f14b30b346 Min workers is 1 2020-01-16 10:16:54 -05:00
raydds
5813cc1370 Do not explicitly set replica count 2020-01-16 10:16:54 -05:00
raydds
5fdfc8a425 Create a horizontal pod autoscaler 2020-01-16 10:16:54 -05:00
dandds
a3cc606d76
Merge pull request #1315 from dod-ccpo/170690791-cleanup-minikube
Remove Minikube config.
2020-01-16 08:53:50 -05:00
dandds
76a29e9307
Merge branch 'staging' into 170690791-cleanup-minikube 2020-01-16 08:53:37 -05:00
dandds
bc145b560f
Merge pull request #1311 from robgil-dds/170614119-connection-lists
170614119 - Adds initial connection lists and architecture doc
2020-01-16 08:52:51 -05:00
raydds
fa7d24687c
Merge pull request #1320 from dod-ccpo/update-locustfile
Get the locustfile running again!
2020-01-15 15:55:28 -05:00
raydds
d65d500670 Get the locustfile running again 2020-01-15 15:23:16 -05:00
Jay R. Newlin (PromptWorks)
3e08211455
Merge pull request #1312 from dod-ccpo/gi-updates-20190114
Ghost Inspector updates 1/14/2019
2020-01-15 14:46:05 -05:00
Jay R. Newlin (PromptWorks)
65dc80f48d
Merge branch 'staging' into gi-updates-20190114 2020-01-15 13:45:09 -05:00
Rob Gil
0480659258 Documents protocols used for connections 2020-01-15 11:25:15 -05:00
dandds
6e5b61e84b
Merge pull request #1308 from dod-ccpo/170636650-file-input-validations
Additional validation and escaping for file names.
2020-01-15 10:43:38 -05:00
dandds
5213657b0f Additional validation and escaping for file names.
This adds additional front and backend validations for task order file
names. We are now restricting file names to a whitelist regex of
[A-Za-z0-9\-_ \.] for simplicity.

Note:
On the frontend, the filename string must have at least one character.
This is not true in the backend validation; because of the way the
entire task order form is validated, requiring input would break the
business logic currently implemented.
2020-01-15 09:17:03 -05:00
Hannah Brinkman
05bc8c3819
Merge pull request #1313 from dod-ccpo/Typography-updates
Typography updates - Adjusted H4 and added semibold font weight
2020-01-15 09:04:47 -05:00
dandds
f54e11986f
Merge branch 'staging' into Typography-updates 2020-01-14 17:19:37 -05:00
tomdds
7835438176
Merge pull request #1316 from dod-ccpo/portfolio-provision-state-machine
Provision Portfolio State Machine
2020-01-14 17:14:12 -05:00
tomdds
4bfde23c16 Fix alembic migration branching 2020-01-14 16:53:15 -05:00
tomdds
dfee80680d Skip legacy azure csp tests 2020-01-14 16:36:16 -05:00
tomdds
7b2c77298d Fix app name collision errors in portfolio tests 2020-01-14 16:36:16 -05:00
tomdds
d81d953c31 Fix formatting and some typos 2020-01-14 16:36:16 -05:00
tomdds
34546ecd94 Add transitions to Pipfile 2020-01-14 16:36:16 -05:00
Philip Kalinsky
69bd2f43a5 provision portfolio state machine 2020-01-14 16:36:16 -05:00
graham-dds
ad82706bd4
Merge pull request #1314 from dod-ccpo/bugfix/use-v-text-where-possible
Use v-text instead of v-html to mitigate XSS attacks
2020-01-14 16:34:31 -05:00
graham-dds
ffd3dd2d9d use v-text instead of v-html
v-html interprets the string passed to it as raw html, without escaping.
We should use v-text wherever possible.
2020-01-14 16:19:27 -05:00
Hannah Brinkman
e5a8bb1c17
Merge branch 'staging' into Typography-updates 2020-01-14 16:09:49 -05:00
dandds
d55a81ebdd
Merge pull request #1300 from dod-ccpo/update-env-role-list
Update environment roles list
2020-01-14 16:01:49 -05:00
dandds
a54db5a688 Remove Minkube config.
We do not have the bandwidth to keep the Minikube deployment up-to-date,
so rather than leave half-baked config in the repo we'll remove it for
now. Complications that would have to be resolved for running Minikube
locally include managing secrets out of Azure Key Vault and managing TLS
termination over localhost.

The Synack audit also identified the Minikube basic auth password as an
issue; it's only for demo purposes, but this will resolve that ticket.
2020-01-14 15:46:08 -05:00
leigh-mil
11b3120bfd Update filter functions to display properly when users env access has been revoked 2020-01-14 15:43:46 -05:00
Hannah Brinkman
cdad169997
Merge branch 'staging' into Typography-updates 2020-01-14 15:12:33 -05:00
Hannah Brinkman
6cbe5e555d Adjusted H4 to 1.9rem, Added semibold font weight 2020-01-14 14:28:11 -05:00
leigh-mil
17864cc060 Add migration to change environment_roles role column from string to
enum type.
Fix tests and functions affected by the column type change.
2020-01-14 13:12:29 -05:00
Jay R. Newlin (PromptWorks)
a717f72ef7 Updates to many tests over the last several days due to work to match designs more accurately 2020-01-14 11:55:41 -05:00
dandds
bffd981105
Merge pull request #1306 from dod-ccpo/update-sqlalchemy-version
Update version of sqlalchemy
2020-01-14 11:28:35 -05:00
leigh-mil
ab5485e103 Update version of sqlalchemy 2020-01-14 06:27:28 -05:00