Merge pull request #1872 from IntersectMBO/staging

fix: limit validation request with a timeout and content lenght
IntersectMBO · Aug 30, 2024 · 79a7b92 · 79a7b92
2 parents 6494c59 + 6033176
commit 79a7b92
Show file tree

Hide file tree

Showing 46 changed files with 1,574 additions and 5,871 deletions.
diff --git a/.github/workflows/build-and-deploy-test-stack.yml b/.github/workflows/build-and-deploy-test-stack.yml
@@ -15,39 +15,63 @@ jobs:
   deploy:
     name: Deploy app
     runs-on: ubuntu-latest
-    env:
-      GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
-      GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
-      GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
-      SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
-      GTM_ID: ${{ secrets.GTM_ID }}
-      NPMRC_TOKEN: ${{ secrets.NPMRC_TOKEN }}
-      SENTRY_DSN_FRONTEND: ${{ secrets.SENTRY_DSN_FRONTEND }}
-      PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
-      USERSNAP_SPACE_API_KEY: ${{ secrets.USERSNAP_SPACE_API_KEY }}
-      APP_ENV: test
-      PDF_API_URL: ${{ secrets.PDF_API_URL}}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - name: Setup SSH agent
-        uses: webfactory/ssh-[email protected]
+      - name: Set up SSH and deploy
+        uses: appleboy/ssh-[email protected]
         with:
-          ssh-private-key: ${{ secrets.TEST_STACK_SSH_KEY }}
-
-      - name: Run Ansible playbook
-        uses: dawidd6/action-ansible-playbook@v2
-        with:
-          playbook: playbook.yml
-          directory: ./tests/test-infrastructure
+          host: ${{ secrets.TEST_STACK_SERVER_IP }}
+          username: ec2-user
           key: ${{ secrets.TEST_STACK_SSH_KEY }}
-          inventory: |
-            [test_server]
-            ${{ secrets.TEST_STACK_SERVER_IP }} ansible_user=ec2-user
-          options: |
-            --verbose
+          command_timeout: 100m ## Haskell container build takes a lot of time.
+          script: |
+            REPO_URL="https://github.com/${{ github.repository }}"
+            DEST_DIR="$HOME/Documents/govtool"
+
+            # Create parent directory if it does not exist
+            mkdir -p "$(dirname "$DEST_DIR")"
+
+            # Check if $DEST_DIR exists
+            if [ -d "$DEST_DIR" ]; then
+              if [ -d "$DEST_DIR/.git" ]; then
+                cd $DEST_DIR || exit
+                echo "Updating repository..."
+                git fetch --all
+                git checkout --force "$GOVTOOL_TAG"
+              else
+                echo "Not a git repository. Re-cloning..."
+                rm -rf "$DEST_DIR"
+                git clone "$REPO_URL" "$DEST_DIR"
+                cd "$DEST_DIR" || exit
+                git checkout --force "$GOVTOOL_TAG"
+              fi
+            else
+              echo "Directory does not exist. Cloning repository..."
+              git clone "$REPO_URL" "$DEST_DIR"
+              cd "$DEST_DIR" || exit
+              git checkout --force "$GOVTOOL_TAG"
+            fi
+
+            # Execute the build-and-deploy.sh script
+            cd $DEST_DIR/tests/test-infrastructure
+            ./build-and-deploy.sh update-images
+            docker system prune
+            (docker image ls -q | xargs docker image rm --force ) || echo "Images cleaned-up"
+          envs: GOVTOOL_TAG, GRAFANA_ADMIN_PASSWORD, GRAFANA_SLACK_RECIPIENT, GRAFANA_SLACK_OAUTH_TOKEN, SENTRY_DSN_BACKEND, GTM_ID, NPMRC_TOKEN, SENTRY_DSN_FRONTEND, PIPELINE_URL, USERSNAP_SPACE_API_KEY, APP_ENV, PDF_API_URL
         env:
           GOVTOOL_TAG: ${{ github.sha }}
+          GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
+          GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
+          GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
+          SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
+          GTM_ID: ${{ secrets.GTM_ID }}
+          NPMRC_TOKEN: ${{ secrets.NPMRC_TOKEN }}
+          SENTRY_DSN_FRONTEND: ${{ secrets.SENTRY_DSN_FRONTEND }}
+          PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          USERSNAP_SPACE_API_KEY: ${{ secrets.USERSNAP_SPACE_API_KEY }}
+          APP_ENV: test
+          PDF_API_URL: ${{ secrets.PDF_API_URL }}
diff --git a/.github/workflows/code_check_frontend.yml b/.github/workflows/code_check_frontend.yml
@@ -29,7 +29,7 @@ jobs:
           registry-url: "https://registry.npmjs.org/"
           node-version-file: "./govtool/frontend/.nvmrc"
           scope: "@intersect.mbo"
-      - run: npm ci --force
+      - run: npm ci
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPMRC_TOKEN }}
 
@@ -57,7 +57,7 @@ jobs:
           registry-url: "https://registry.npmjs.org/"
           node-version-file: "./govtool/frontend/.nvmrc"
           scope: "@intersect.mbo"
-      - run: npm ci --force
+      - run: npm ci
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPMRC_TOKEN }}
 
@@ -83,7 +83,7 @@ jobs:
           registry-url: "https://registry.npmjs.org/"
           node-version-file: "./govtool/frontend/.nvmrc"
           scope: "@intersect.mbo"
-      - run: npm ci --force
+      - run: npm ci
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPMRC_TOKEN }}
 

diff --git a/.github/workflows/frontend_sonar_scan.yml b/.github/workflows/frontend_sonar_scan.yml
@@ -34,7 +34,7 @@ jobs:
           NODE_OPTIONS: "--max_old_space_size=6144"
           NODE_AUTH_TOKEN: ${{ secrets.NPMRC_TOKEN }}
         run: |
-          npm ci --force
+          npm ci
           npm run test:coverage
 
       - uses: sonarsource/sonarqube-scan-action@master

diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml
@@ -20,6 +20,7 @@ jobs:
   check-build-deploy:
     environment:  ${{ (github.ref_name == 'main' && 'prod-govtool') || (github.ref_name == 'staging' && 'pre-prod-govtool') || (github.ref_name == 'test' && 'qa-govtool') || (github.ref_name == 'develop' && 'dev-govtool') }}
     strategy:
+      fail-fast: false
       matrix:
         include:
           - workdir: ./govtool/backend
@@ -120,9 +121,10 @@ jobs:
           context: ${{ matrix.workdir }}
           file: ${{ matrix.dockerfile }}
           tags: ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }}
-          load: true
+          load: false
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache
+          outputs: type=docker,dest=/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar
           build-args: |
             VITE_APP_ENV=${{ secrets.VITE_APP_ENV }}
             VITE_BASE_URL=${{ secrets.VITE_BASE_URL }}
@@ -145,42 +147,18 @@ jobs:
       - name: Scan Docker image with Dockle
         id: dockle
         run: |
-            wget https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz
-            tar zxvf dockle_0.4.14_Linux-64bit.tar.gz
+            wget -q https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz
+            tar zxf dockle_0.4.14_Linux-64bit.tar.gz
             sudo mv dockle /usr/local/bin
 
-            dockle --exit-level fatal --format json --output ${{ matrix.workdir }}/dockle_scan_output.json ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }}
+            dockle --exit-code 1 --exit-level fatal --format json -ak GHC_RELEASE_KEY -ak CABAL_INSTALL_RELEASE_KEY -ak STACK_RELEASE_KEY -ak KEY_SHA512 --input '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' --output ${{ matrix.workdir }}/dockle_scan_output.json
             echo " dockle exited w/ $?"
             cat ${{ matrix.workdir }}/dockle_scan_output.json
 
             echo "outcome=success" >> $GITHUB_OUTPUT
 
       - name: Push Docker image to GHCR
         run: |
+          docker load -i '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar'
+          rm -rf '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar'
           docker push ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }}
-
-      - name: Deploy with Qovery
-        if: github.ref == 'refs/heads/develop'
-        env:
-          QOVERY_CLI_ACCESS_TOKEN: ${{secrets.QOVERY_CLI_ACCESS_TOKEN }}
-        run: |
-
-          echo "Deploying on $ENVIRONMENT"
-          echo "Organization - ${{ vars.ORGANIZATION }}"
-          echo "Project - ${{ vars.PROJECT }}"
-
-          # Download and install Qovery CLI
-          curl -s https://get.qovery.com | bash
-
-          qovery container list \
-          --organization ${{ vars.ORGANIZATION }} \
-          --project ${{ vars.PROJECT }} \
-          --environment $ENVIRONMENT
-
-          qovery container deploy \
-            --organization ${{ vars.ORGANIZATION }} \
-            --project ${{ vars.PROJECT }} \
-            --environment $ENVIRONMENT \
-            --container ${{ matrix.qovery_container_name }} \
-            --tag ${{ env.TAG }} \
-            --watch
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -16,6 +16,7 @@ permissions:
 jobs:
   static-checks:
     strategy:
+      fail-fast: false
       matrix:
         include:
           - workdir: ./govtool/backend
@@ -107,9 +108,10 @@ jobs:
           context: ${{ matrix.workdir }}
           file: ${{ matrix.dockerfile }}
           tags: ${{ steps.image_lowercase.outputs.lowercase }}
-          load: true
-          # cache-from: type=local,src=/tmp/.buildx-cache
-          # cache-to: type=local,dest=/tmp/.buildx-cache
+          load: false
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+          outputs: type=docker,dest=/tmp/image-${{ matrix.name }}-${{ github.sha }}-pr.tar
           build-args: |
             VITE_APP_ENV=${{ secrets.VITE_APP_ENV }}
             VITE_BASE_URL=${{ secrets.VITE_BASE_URL }}
@@ -125,17 +127,12 @@ jobs:
       - name: Scan Docker image with Dockle
         id: dockle
         run: |
-            set -ex
-            wget https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz
-            tar zxvf dockle_0.4.14_Linux-64bit.tar.gz
+            wget -q https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz
+            tar zxf dockle_0.4.14_Linux-64bit.tar.gz
             sudo mv dockle /usr/local/bin
-            docker images
-            docker image prune -af --filter "until=1h"
-            docker save ${{ steps.image_lowercase.outputs.lowercase }} -o image.tar || :
-            touch ${{ matrix.workdir }}/dockle_scan_output.json
-            dockle --input image.tar --exit-level fatal --format json --output ${{ matrix.workdir }}/dockle_scan_output.json || :
-            rm -rf image.tar
-            echo " dockle exited w/ $?"
+
+            dockle --exit-code 1 --exit-level fatal -ak GHC_RELEASE_KEY -ak CABAL_INSTALL_RELEASE_KEY -ak STACK_RELEASE_KEY -ak KEY_SHA512 --format json --input '/tmp/image-${{ matrix.name }}-${{ github.sha }}-pr.tar' --output ${{ matrix.workdir }}/dockle_scan_output.json
+            rm -rf '/tmp/image-${{ matrix.name }}-${{ github.sha }}-pr.tar'
             cat ${{ matrix.workdir }}/dockle_scan_output.json
 
             echo "outcome=success" >> $GITHUB_OUTPUT

diff --git a/.github/workflows/test_integration_playwright.yml b/.github/workflows/test_integration_playwright.yml
@@ -34,7 +34,7 @@ jobs:
           cache-dependency-path: "./tests/govtool-frontend/playwright/package-lock.json"
 
       - name: Install dependencies
-        run: npm ci --force
+        run: npm ci
 
       - name: Cache Playwright browsers
         id: cache-playwright-browsers

diff --git a/.github/workflows/test_storybook.yml b/.github/workflows/test_storybook.yml
@@ -23,7 +23,7 @@ jobs:
         run: |
           npm config set @intersect.mbo:registry "https://registry.npmjs.org/" --location=global
           npm config set //registry.npmjs.org/:_authToken ${NPMRC_TOKEN} --location=global  
-          npm ci --force
+          npm ci
       - name: Install Playwright
         run: npx playwright install --with-deps
       - name: Build Storybook

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,11 +16,17 @@ changes.
 
 ### Fixed
 
--
+- Delete duplicate text on DRep registration form [Issue 1847](https://github.com/IntersectMBO/govtool/issues/1847)
+- Fix modal content invisible on ios [Issue 1842](https://github.com/IntersectMBO/govtool/issues/1842)
+- Fix counting votes by CC committee members and SPOs [Issue 1838](https://github.com/IntersectMBO/govtool/issues/1838)
+- Fix displaying non relevant data in protocol parameter change Governance Action [Issue 1601](https://github.com/IntersectMBO/govtool/issues/1601)
 
 ### Changed
 
--
+- Replace diff library to avoid usage of `--force` in package installation
+- Bump @intersect.mbo/pdf-ui to v0.3.8
+- Change logo to Cardano GovTool [Issue 1851](https://github.com/IntersectMBO/govtool/issues/1851)
+- Change copy to Cardano GovTool [Issue 1852](https://github.com/IntersectMBO/govtool/issues/1852)
 
 ## [sancho-v1.0.14](https://github.com/IntersectMBO/govtool/releases/tag/sancho-v1.0.14) 2024-08-26
 

diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 </p>
 
 <p align="center">
-  <big><strong>Monorepo containing Voltaire GovTool and supporting utilities</strong></big>
+  <big><strong>Monorepo containing Cardano GovTool and supporting utilities</strong></big>
 </p>
 
 <div align="center">
@@ -18,7 +18,7 @@
 
 ## 🌄 Purpose
 
-The Voltaire GovTool enables ada holders to experience the governance features described in [CIP-1694](https://github.com/cardano-foundation/CIPs/blob/master/CIP-1694/README.md).
+The Cardano GovTool enables ada holders to experience the governance features described in [CIP-1694](https://github.com/cardano-foundation/CIPs/blob/master/CIP-1694/README.md).
 
 ### Instances
 

diff --git a/govtool/backend/sql/list-proposals.sql b/govtool/backend/sql/list-proposals.sql
@@ -78,12 +78,12 @@ SELECT
             always_no_confidence_voting_power.amount
         END) "no_votes",
     coalesce(Sum(ldd_drep.amount) FILTER (WHERE voting_procedure.vote::text = 'Abstain'), 0) + always_abstain_voting_power.amount "abstain_votes",
-    coalesce(Sum(ldd_pool.amount) FILTER (WHERE voting_procedure.vote::text = 'Yes'), 0), 
-    coalesce(Sum(ldd_pool.amount) FILTER (WHERE voting_procedure.vote::text = 'No'), 0),
-    coalesce(Sum(ldd_pool.amount) FILTER (WHERE voting_procedure.vote::text = 'Abstain'), 0),
-    coalesce(Sum(ldd_cc.amount) FILTER (WHERE voting_procedure.vote::text = 'Yes'), 0), 
-    coalesce(Sum(ldd_cc.amount) FILTER (WHERE voting_procedure.vote::text = 'No'), 0),
-    coalesce(Sum(ldd_cc.amount) FILTER (WHERE voting_procedure.vote::text = 'Abstain'), 0),
+    coalesce(vp_by_pool.poolYesVotes, 0),
+    coalesce(vp_by_pool.poolNoVotes, 0),
+    coalesce(vp_by_pool.poolAbstainVotes, 0),
+    coalesce(vp_by_cc.ccYesVotes, 0),
+    coalesce(vp_by_cc.ccNoVotes, 0),
+    coalesce(vp_by_cc.ccAbstainVotes, 0),
     prev_gov_action.index as prev_gov_action_index,
     encode(prev_gov_action_tx.hash, 'hex') as prev_gov_action_tx_hash
 FROM
@@ -104,8 +104,37 @@ FROM
     LEFT JOIN voting_procedure ON voting_procedure.gov_action_proposal_id = gov_action_proposal.id
     LEFT JOIN LatestDrepDistr ldd_drep ON ldd_drep.hash_id = voting_procedure.drep_voter
         AND ldd_drep.rn = 1
-    LEFT JOIN LatestDrepDistr ldd_pool ON ldd_pool.hash_id = voting_procedure.pool_voter
-        AND ldd_pool.rn = 1
+    LEFT JOIN 
+    (
+        SELECT 
+            gov_action_proposal_id,
+            SUM(CASE WHEN vote = 'Yes' THEN 1 ELSE 0 END) AS poolYesVotes,
+            SUM(CASE WHEN vote = 'No' THEN 1 ELSE 0 END) AS poolNoVotes,
+            SUM(CASE WHEN vote = 'Abstain' THEN 1 ELSE 0 END) AS poolAbstainVotes
+        FROM 
+            voting_procedure
+        WHERE 
+            pool_voter IS NOT NULL
+        GROUP BY 
+            gov_action_proposal_id
+    ) vp_by_pool
+    ON gov_action_proposal.id = vp_by_pool.gov_action_proposal_id
+    LEFT JOIN 
+    (
+        SELECT 
+            gov_action_proposal_id,
+            SUM(CASE WHEN vote = 'Yes' THEN 1 ELSE 0 END) AS ccYesVotes,
+            SUM(CASE WHEN vote = 'No' THEN 1 ELSE 0 END) AS ccNoVotes,
+            SUM(CASE WHEN vote = 'Abstain' THEN 1 ELSE 0 END) AS ccAbstainVotes
+        FROM 
+            voting_procedure
+        WHERE 
+            committee_voter IS NOT NULL
+        GROUP BY 
+            gov_action_proposal_id
+    ) vp_by_cc
+    ON gov_action_proposal.id = vp_by_cc.gov_action_proposal_id
+
     LEFT JOIN LatestDrepDistr ldd_cc ON ldd_cc.hash_id = voting_procedure.committee_voter
         AND ldd_cc.rn = 1
     LEFT JOIN gov_action_proposal AS prev_gov_action ON gov_action_proposal.prev_gov_action_proposal = prev_gov_action.id
@@ -130,6 +159,12 @@ GROUP BY
         off_chain_vote_gov_action_data.abstract,
         off_chain_vote_gov_action_data.motivation,
         off_chain_vote_gov_action_data.rationale,
+        vp_by_pool.poolYesVotes,
+        vp_by_pool.poolNoVotes,
+        vp_by_pool.poolAbstainVotes,
+        vp_by_cc.ccYesVotes,
+        vp_by_cc.ccNoVotes,
+        vp_by_cc.ccAbstainVotes,
         gov_action_proposal.index,
         creator_tx.hash,
         creator_block.time,

diff --git a/govtool/frontend/Dockerfile b/govtool/frontend/Dockerfile
@@ -32,7 +32,7 @@ RUN npm config set @intersect.mbo:registry "https://registry.npmjs.org/" --locat
 RUN npm config set //registry.npmjs.org/:_authToken ${NPMRC_TOKEN} --location=global
 
 COPY package.json package-lock.json ./
-RUN npm install --force
+RUN npm install
 COPY . .
 RUN npm run build
 

diff --git a/govtool/frontend/Dockerfile.qovery b/govtool/frontend/Dockerfile.qovery
@@ -20,7 +20,7 @@ RUN npm config set @intersect.mbo:registry "https://registry.npmjs.org/" --locat
 RUN npm config set //registry.npmjs.org/:_authToken ${NPMRC_TOKEN} --location=global
 
 COPY package.json package-lock.json ./
-RUN npm install --force
+RUN npm install
 COPY . .
 RUN npm run build