Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HAAR-1900: add environment to helm values files #24

Merged
merged 1 commit into from
Oct 19, 2023

Conversation

simon-mitchell
Copy link
Contributor

No description provided.

@simon-mitchell simon-mitchell merged commit dc00da5 into main Oct 19, 2023
4 checks passed
@simon-mitchell simon-mitchell deleted the sm-HAAR-1900-add-helm-env-values branch October 19, 2023 08:37
thomasridd added a commit that referenced this pull request Nov 2, 2023
* Initial commit

* Alee/init (#1)

* Initial commit

* 🎉 Initial drop of code

* 🎨 Small tidy up

* Adding circle build and updating node to v14

* Adding helm config

* Fix wiremock port and update package.json

Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>

* Fixing docker image (#2)

* Fix secret name (#3)

* Correcting variable names and removing unnecessary ones (#4)

* Fixing variable name (#5)

* Removing trailing slashes from env vars (#6)

* Fix hostname (#7)

* Update dependencies (#8)

* Update dependencies

Also move to use declaration overrides for describing additional possible fields in session data

Also removing/moving unnecessary prod dependencies

Moving jest tests to run in parallel

* Fix types for user

* Do not allow any warnings

* Correcting test results path

* Reducing docker image size (#9)

Also
* Update dependencies
* Adopt standard github gitignore for node projects
* Using body typography

* Add rename script (#10)

* Add rename script

* PR reviews

* Removing unused vars

* Alee/decoupling auth client from redis (#11)

* Decoupling auth client from redis impl

* Update to latest hmpps orb version (#12)

* Fixing build-info.json placement (#13)

* Convert to arrow functions in utils (#14)

* Convert to arrow functions in utils

* Remove returns and fix prettier issues

* Make the use of logger naming consistent (#15)

* Adding outdated job (#16)

* Adding outdated job

* Updating dependencies

* Removing patch to minor version

* Updating dependencies (#17)

* Moving to enable no-implicit-any (#18)

* DT-1659: 🔨 Remove helm copying secrets from AWS (#19)

* Adding moj design system (#20)

* Add new veracode scan for schedueled workflow (#21)

* Add new veracode scan for schedueled workflow

* Re-add - check_outdated job

* Removing deprecated body parser (#22)

* DT-1627: 📄 Update license with correct year (#23)

* Added missing ping endpoint as used by Kubernetes for liveliness probe (#24)

* DT-2012 - upgrade hmpps orb, and add veracode policy scan job. (#25)

* Use generic-service and generic-prometheus-alerts charts (#26)

* Updating dependencies and adding slack notifications to outdated checks (#27)

* Updating dependencies and adding slack notifications to outdated checks

* Add slack orb

* Moving to group middleware into related modules, following the pattern established in prison staff hub (#28)

* Fix the slack notification on `check_outdated` (#30)

* Ensure that the `SLACK_ACCESS_TOKEN` env var is set for `check_outdated`

As the final step (on fail) is a slack notification we need to use a context containing the variable.

* Refactor the channel for alerts into parameters

This establishes a reusable pattern in case consumers wish to notify slack on other jobs.

* Updating node dependencies (#31)

* Fixing configuration of security audit (#32)

The "medium" configuration was not an acceptable term, should be one of
"info", "low", "moderate", "high" or "critical". This meant that it
would not pick up on anything!

* Alee/update dependencies (#33)

* Updating dependencies and node

* Use parameterised slack channel rather than default of typescript alerts channel

* Extracting out executor

* DT-2166 - add trivy image scanning job (#35)

* Fix trivy scan job slack notifications channel (#36)

* Use node executor and parameterise the version (#34)

* WFP-322 use the hmpps/node executor to build

* WFP-322 parameterise the node version in the executor

* WFP-322 use node version parameter in integration test image

* WFP-322 integration tests use new node_redis executor

Co-authored-by: Andrew Lee <[email protected]>

* Deploy template project to template k8s namespace (#37)

* Deploy template project to template k8s namespace

* DT-2260 - update to latest circleci orb and chart dependencies (#38)

* Updating dependencies and improving README (#39)

* DT-2282: ⬆️ Fix veracode policy scan (#40)

* Moving cypress tests to typescript (#41)

* DT-2404: 💄 Switch to sign in / out instead of login / out (#42)

* DT-2404: 💄 Switch to sign in / out instead of login / out

* DT-2404: 💄 Don't need .gitignore for husky any more

* DT-2404: ✅ Run tests automatically on commit (#43)

* Update dependencies (#44)

* DT-2297 - Veracode - switch to daily pipeline scan (results in circleci), and weekly policy scan (upload to veracode portal). (#45)

* DT-2297- randomise timing of circleci security workflow due to rate limiting at veracode. (#47)

* update typescript (#48)

* Fixing docker caching apt-get layer (#49)

* Fix docker build failing, and reduce image size (#50)

* Remove use of semi colons before arrays (#51)

* Remove use of semi-colons before arrays

* Fix typos in README

* WFP-610 update to npmv7 and fix some audit (#52)

* WFP-610 update to npm 7

* WFP-610 update outdated dependencies

* WFP-610 fixed some audit vulnerabilities

* WFP-610 updated passport-oauth2

* WFP-610 upgrade to jest-junit 13 to bring in new ansi-regex (#54)

* Upgrading dependencies (#55)

* FIXBUILD: update ansi-regex subdependency (#56)

* DT-2702: 🔨 Use new generic service configuration (#57)

* Update dependencies (#58)

* Moving to use HMPPS header (#59)

* Moving to use HMPPS header

* Removing explicit reference to DPS

* Fix path of unit test results that are uploaded as artifacts (#60)

and properly indent "build" job (jobs should be an array of [name] to dictionary)

Co-authored-by: Jon Brighton <[email protected]>

* DT-2814: 🐛 Fix cron timings for veracode (#61)

* NN-3747 fixing json structure for the stubUserRoles call and populating the user directly and not from the request because passport isn't in the test stack (#62)

* Bumping node version (#63)

Also fixing open handle in test and bumping dependencies

* DT-2796: 🔨 Migrate dev to live context (#64)

* Update dependencies and move to NPM v8 (#65)

* Upgrading dependencies (#66)

* Update modules and remove express-request-id (#67)

* INC-163 Timeout Fix - Correctly sets the timeout for a HttpAgent (#69)

* ⬆️ update dependencies and 💄add no-only-tests linting rule for cypress (#70)

* ⬆️ update dependencies

* 💄Add no-only-tests linting rule for cypress

* SDI-60: 🔨 Add global protect and petty france to allowlists (#71)

* Update dependencies (#72)

* DCS-1442 jquery-ui.css coep fix (#73)

* Fixing docker caching issue (#74)

Need to refer to build args before calling apt-get upgrade otherwise the set of packages are cached and not upgraded. Docker cannot cache anything in layers after a dynamic variable has been used

Also bumping version of node and fixing test compilation issue

* Setup prometheus metrics by default. (#75)

This change sets up prometheus metrics to be available on port 3001, and
with the helm chart changes they will automatically get scraped and be
available for alerts and dashboards in grafana.

The added metrics include:

- General nodejs stats: memory use, gc etc
- HTTP server requests: counters and timings of all served HTTP requests
  by the app.
- HTTP client requests: counters and timings of all HTTP requests to
  other upstream APIs (as long as they are based off `restClient.ts`).
- Upstream healthchecks: guages recording the status/health of each
  upstream service when the healthcheck is tested.

This is all backported from the `manage-recalls-ui` app, please let me
know what you think. :)

* Bump minimist from 1.2.5 to 1.2.6 (#76)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependencies (#77)

* Audit fix (#79)

* NN-4060: App Insights only works with bunyan v1 (#80)

Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>

* Update orb and dependencies (#82)

* Stop metrics test from hitting a real service and occasionally timing out (#81)

Co-authored-by: Jon Wyatt <>
Co-authored-by: Andrew Lee <[email protected]>

* SDI-181: 🔧 Add jira notifications for new projects (#83)

* Adding better redis error handling (#84)

* SDI-181: 🔧 Use new cimg redis executor (#85)

* SDI-181: 🔧 Use new cimg redis executor

* SDI-181: 🔧 Improve docker ignore and use released orb instead

* SDI-181: ⬆️ Bump node minor version

* SLM-245 Restore cache prior to running up the app for the integration tests (#86)

This caused an issue with our build where we received a segmentation fault as soon as the integration tests called the node app. Segmentation faults generally indicate an issue with one of the native C/C++ modules and it appears that one of these modules was relying on something we have stashed in the cache.

* SDI-88: 🚨 Fix querystring warning (#87)

* SDI-88: 🚨 Fix querystring warning

* SDI-88: 🚨 Second attempt to querystring warning

* SDI-88: 🐛 Fix cookie session down as a dependency (#88)

* SDI-88: ♻️  Tidy up mocks and switch to multiplatform builds (#89)

* Allow async get to take an array of strings for paths like original get method (#90)

* SDI-182: ✨ Switch to using connection string instead (#91)

* Update README.md (#92)

* SDI-88: ✅ Add token verification integration tests (#94)

* Minor "code smell" fixes suggested by Sonar Cloud (#95)

* INC-567: Remove unnecessary type assertions

* INC-567: Return resolved promise directly

* SDI-211: 🔒️ Bump versions to fix security issues and cope with passport major upgrade (#96)

* Updating dependencies (#97)

* SDI-211: 🎨 Enforce trailing comma on functions too (#98)

* SDI-211: 🎨 Enforce arrow parens (#99)

* Bump dependencies (#100)

* SDI-218: ⬆  Upgrade cypress to v10 (#101)

* ⬆️ Update dependencies (#102)

* Ignore false positive around nodemon (#103)

* Ignore false positive around nodemon

* Manage version of audit ci and provide full path to ignored dependency

* Updating dependencies (#104)

* Update dependencies (#105)

* Create services container (#106)

This allows passing through a container of wired up services through to route

This approach has been used for the dps-shared and farsight projects and it leads to a testing approach that scales more naturally. Means you can pass through the services through to where they are needed and this can grow without changes propagating through the application

Also extracted standard router into standalone middleware as the current approach relies on mutation and encourages making multiple copies of it.

* SDI-265: ♻️  Minor improvements (#107)

* SDI-265: 🚨 Add lint check for only (#108)

* Update Jest to v28 and minor dependency updates (#109)

* Remove duplicate <main> elements (#110)

The govuk/template.njk which the layout.njk extends which these files use already includes a <main> element

According to the HTML spec there should only be one <main> element present in the document at a time

* Bumping dependencies and fixing page width (#111)

* Bumping dependencies and fixing page width

There seems to be a lot of variability in page width so going with something that seems most popular in HMPPS

* Run tests in band

Partially to fix tests hanging in circle, but also as test seems to run almost twice as fast (after clearing cache)

* Add a `cspNonce` to the webSecurity setup (#112)

Based on what I’ve seen elsewhere, this seems to now be a common
approach to allow us to inline scripts, see:

https://content-security-policy.com/nonce

The GOV.UK frontend has now been updated to support the use of the
`cspNonce` local - see:

 alphagov/govuk-frontend@2e40d74

So we no longer need to add the inline hash, which is vulnerable to if
the code in the frontend template is changed.

I’ve also removed the domain-specific overrides for jQuery scripts and
styles, as we can use the nonce for this too.

* Update dependencies 2022-08-22 (#113)

* Update dependencies to fix check outdated flagging typescript (#114)

* Update dependencies 2022-09-09 (#115)

* Speeding up jest tests (#116)

This speeds up the running of jest tests by enabling isolatedModules
which has the effect of [disabling typechecking](https://kulshekhar.github.io/ts-jest/docs/getting-started/options/isolatedModules)

It also drastically reduces memory usage, allowing for running tests in
parallel locally at least.

On my laptop this reduces the time to run the tests in this project from
~14 seconds to ~4 seconds. On larger projects the effect is much more pronounced,
welcome-people-to-prison reduces build time from ~2mins, 20 seconds to ~25
seconds. In circle we still need to run in band but this is still
significantly faster than before, in WPIP it reduces the build by over 1 min.

Type checking is still available in the IDE, it is also part of the
husky pre-commit hook and run by circle as part of the build, so the
risk of type errors slipping through are very small.

(We could possibly add a typechecking stage before running jest and it
would still be much faster but not adding unless it becomes apparent
that we need it )

It would be worth to re-assess this after jest 29 as there seems to be
some fixes around a [memory issue](jestjs/jest#11956) that is part of node in versions
> 16.10

NB: This will not work if type declaration (`d.ts`) files contain enums
or any other constructs that generate javascript code. This seems to be
a bit of an anti-pattern anyway (see [here](https://lukasbehal.com/2017-05-22-enums-in-declaration-files/)).
Other tooling such as cypress will only allow you to import
types from these files.

* Removing colour from logs in production mode (#117)

* Move ingress (#118)

* Move ingress

* CHange generic service to latest

* SDI-345: ⬆️  Upgrade node and cypress (#119)

* SDI-345: ⬆️  Upgrade node and cypress

* SDI-345: ⬆️  Actually upgrade cypress

* Fixing logging (#120)

There was an issue where we weren't sending trace info to app insights.
This is because appInsights needs to be imported before bunyan is
imported so it can do its instrumentation magic.

There was a related issue that obscured this. It was previously
impossible to test app insights locally as dotenv wasn't set up
correctly - it needed to happen before app insights is imported or app
insights would prevent the app starting up.

So this moves dotenv to dev dependencies and preloads it before running the app via start:dev.

This removes some code that is only relevant for local development.
It also means the application runs similar locally to how it would run
in docker or kubernetes - it just expects the environment variables to
be present.

Also moving the app insights import so it's very apparent that it's the first thing that happens when the app starts.

* Update dependencies 2022-09-28 (#121)

* ⬆️Upgrade to latest helm chart versions (#122)

* Adding badges (#123)

* Adding badges

* Update README.md

* Updating node to v18 (#124)

* Set helm timeout to 5 minutes (#125)

* Use official redis image for docker-compose (#126)

Which is suitable for arm64 and consistent with docker-compose-test which was updated with ministryofjustice/hmpps-template-typescript#89

* Update Helm config to match Kotlin template (#127)

* Update dependencies 2022-11-15 (#128)

* Update dependencies 2022-11-16 (#129)

* Update node images (#130)

* SDI-476: ⬆  Bump versions (#131)

* Update dependencies 2022-12-08 (#132)

* Update dependencies 2022-12-19 (#133)

* Bump jsonwebtoken from 8.5.1 to 9.0.0 (#136)

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix conflicting prettier / eslint rule (#135)

In eslint, we ask for a trailing comma, while the prettier rules are set
to `es5`. This causes issues if you have your IDE set up to fix on save,
as one linter kicks in before the other, causing conflicting fixes.

Co-authored-by: Andrew Lee <[email protected]>

* SDI-523: 🔒️ Fix / ignoresecurity issues (#138)

* HEAT-41: use npm outdated job from HMPPS Orb; update other dependencies (#139)

* Update dependencies 2023-01-24 (#140)

* Update dependencies 2023-01-31 (#141)

* Update dependencies 2023-02-01 (#142)

* Configure Renovate (#144)

* Add renovate.json

* HEAT-52: source Renovate config from shared HMPPS repo

* HEAT-52: tweak dependencies pinned by Renovate

Inherit the ones from https://github.com/ministryofjustice/hmpps-renovate-config/blob/main/node.json

* HEAT-52: manually bump Slack Orb as Renovate was complaining 'Can't find version matching 4.4.2 for slack'

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.4.0 (#146)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v4 (#148)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update actions/checkout action to v3 (#147)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add .nvmrc file, Prettier support for Nunjucks and use SCSS (#143)

* Add .nvmrc file with node version set to `18`
Update npm engine version to `^9`
Add `prettier-plugin-jinja-template` as dev dependency plus config
Refactor `.sass` files to `.scss` for consistency

* Add newline to .nvmrc

---------

Co-authored-by: Neil Mendum <[email protected]>

* Revert build_multiplatform_docker because it causes the build to take over an hour (#149)

See Slack discussion https://mojdt.slack.com/archives/C69NWE339/p1671529301455009?thread_ts=1671529075.740459&cid=C69NWE339

* Update dependency cypress to ^12.5.1 (#150)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-52: reduce the size of the PR body by specifying prBodyTemplate (#152)

This should help with GitHub integration in Slack

* Update all non major NPM dependencies (#151)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#153)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#155)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#156)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#159)

* Update all non major NPM dependencies

* Reduce Renovate stabilityDays so that it raises fewer PRs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.5.0 (#161)

* Update Helm release generic-service to v2.5.0

* Drop generic-service params no longer required

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update node image and regenerate package-lock.json (#165)

* Update hmpps-orb to v7.2.1 (#166)

* Upgrade to connect-redis 7 and update other dependencies (#168)

* Upgrade to connect-redis 7 and update other dependencies

* Remove legacy mode

* Fix npm prune warning

* Upgrade to typescript 5 (#169)

* Add HMPPS Auth URL to form-action CSP string (#170)

Update the Content Security Policy to allow the HMPPS Auth URL as a possible form action target.

Currently, if a 403 error occurs on a GET request, this will be captured by the error handling setup in errorHandler.ts, and the user will be redirected to the sign out URL, which then redirects to the HMPPS Auth URL. However, if a 403 error occurs on a POST request, this second redirect may not occur, and the user may, depending on their choice of browser, be frozen on the form page they just submitted.

Due to CSP implementation details that vary between browsers, adding the HMPPS Auth URL to our form action targets allows this second redirect to occur as expected.

* Update TypeScript etc 2023-04-03 (#174)

* Removing unnecessary build (#172)

All 3 processes: tsc, sass and copy-views are run by concurrently at start up anyway

* Update dependencies 2023-04-12 (#177)

* SDIT-738: ⚡️ Cache static resources for 1 hour (#178)

* Update dependencies 2023-04-21 (#181)

* Fix security vuln 2023-04-25 (#183)

* Update Helm release generic-service to v2.6.2 (#182)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* SDIT-760: 🔧 Upgrade redis to 7 (#186)

* Update Helm release generic-service to v2.6.3 (#184)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Tie css cache to version of application (#188)

At the moment the cache is linked to the start up time of pod, so get unnecessary cache misses for each pod in the cluster and also when pods restart

This ties the cache to the git short hash of the deployment

* Fix version not appearing in application insights (#190)

* Fix version not appearing in application insights

This previously relied on running a shell script to generate a file with a json payload in it.

The code that read this file to extract out the version for the cache improvement and also setting the application version in app insights, was looking in the wrong location

There was another location that looked up the file and read in the details for the health endpoint which was looking in the right place

This change moves to reading the version and git reference into an env var in the docker file instead, which means we can centralise how this info is made available and remove the additional file management

This should be a safe fix as the build info file was previously being generated from the docker build anyway - so the file should be available

* Tidy up passing around application version

* Update Helm release generic-prometheus-alerts to v1.3.2 (#189)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add PreProd and Prod helm config (#193)

As per Kotlin Template https://github.com/ministryofjustice/hmpps-template-kotlin/tree/main/helm_deploy

* Update slack orb to v4.12.5 (#185)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v5 (#175)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#176)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.16 (#191)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-06-07 (#196)

* Do not retry POST requests by default (#197)

It doesn't really make sense to retry non-idempotent calls

Also moving sanitised error over to a real error rather than a object. Makes it a little bit easier to test these: 'expect(..).reject.throws' etc.. doesn't work if you don't have really errors

* Adding changelog (#198)

* Have `sanitisedError` always return an Error instance (#199)

… for the same reasons as explained in ministryofjustice/hmpps-template-typescript#197

* Update all non major NPM dependencies (#195)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#200)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Fix semver vuln (#202)

* Update govuk-frontend to 4.7.0 (#205)

* Update all non major NPM dependencies (#204)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-82: Add productId and /info endpoint (#212)

* HEAT-82: Add productId and /info endpoint

* Update README and default value

* Update values.yaml to point at README.md

* Update README with dev portal URL (#213)

* Update README with dev portal URL

* Fix URL

* Fix info endpoint test description (#214)

* Update CHANGELOG.md (#216)

* Fix linting, update modules, remove override (#219)

* Move /info to health check block (#220)

* Update dependencies 2023-09-05 (#226)

* Update dependencies 2023-09-05

* Fix node version

* Fix CircleCI workflows for cypress (#223)

* Persist compiled stylesheets to workspace so that integration tests can load styles properly
* Upload cypress screenshot and video artefacts from correct location

* Fix cypress config and remove some vestigial code (#228)

* Remove unused/vestigial integration test method
* Remove deleted cypress config option
* Update copyright date

* Update readme (#229)

* Update Helm release generic-prometheus-alerts to v1.3.3 (#224)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis Docker tag to v7.2 (#221)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.18 (#230)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-106: Standardise endpoints (#231)

* HEAT-106: Standardise endpoints

* Fix e2e

* Correct response

* Update Dockerfile to pull through branch name

* Amend output checks for int tests

* Fix bugs and add Changelog

* SDIT-1088: ✨ Get components to always return status even if failed (#232)

* SDIT-1108: 🔧 Don't default build args (#233)

* SDIT-1108: 🔧 Don't default build args

* SDIT-1108: 🔧 Copy across args to env variables

* SDIT-1108: 🔧 Add in docker compose build args and missing env vars

* SDIT-1108: ♻️ Fix deprecated syntax version of ENV (#234)

* SDIT-1108: ✨ Add in environment name to header (#235)

* SDIT-1108: 📝 Add new environment name to changelog (#236)

* NON-270: Improve REST client (#238)

* Improve REST client typing information and add PATCH, PUT and DELETE methods allowing for query parameters as well as body payloads
* Propagate user types into `res.locals` in request handlers

* Update actions/checkout action to v4 (#225)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#210)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release generic-service to v2.6.5 (#237)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-10-17 (#243)

* HAAR-1891: Update deprecated endpoints with new endpoints (#247)

* HAAR-1891: Update deprecated endpoints with new (manage users api) endpoints

* HAAR-1891: Update following PR comments

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* Update renovate.json (#248)

…to prevent Node docker image from being updated beyond LTS

* Move to Node 20 plus minor updates (#249)

* Update CHANGELOG for node 20 change (#250)

* Update CHANGELOG for node 20 change

* Missed update link

* Update jwt-decode module to version 4.0.0 (#252)

* Update CHANGELOG.md (#253)

* Added changelog for PR #247 (#254)

* fix integration test

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Andrew Lee <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Matt <[email protected]>
Co-authored-by: Paul Solecki <[email protected]>
Co-authored-by: petergphillips <[email protected]>
Co-authored-by: Andy Marke <[email protected]>
Co-authored-by: Darren Oakley <[email protected]>
Co-authored-by: markreesmoj <[email protected]>
Co-authored-by: Connor Glynn <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: ushkarev <[email protected]>
Co-authored-by: richardpopple <[email protected]>
Co-authored-by: Michael Willis <[email protected]>
Co-authored-by: Louise N <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: sp-watson <[email protected]>
Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>
Co-authored-by: Jon Wyatt <[email protected]>
Co-authored-by: Mike Halma <[email protected]>
Co-authored-by: Richard James <[email protected]>
Co-authored-by: Stuart Harrison <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: carlov20 <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: David Middleton <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: bryangaledxw <[email protected]>
Co-authored-by: ravmoj <[email protected]>
simon-mitchell pushed a commit that referenced this pull request Nov 8, 2023
* Initial commit

* Alee/init (#1)

* Initial commit

* 🎉 Initial drop of code

* 🎨 Small tidy up

* Adding circle build and updating node to v14

* Adding helm config

* Fix wiremock port and update package.json

Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>

* Fixing docker image (#2)

* Fix secret name (#3)

* Correcting variable names and removing unnecessary ones (#4)

* Fixing variable name (#5)

* Removing trailing slashes from env vars (#6)

* Fix hostname (#7)

* Update dependencies (#8)

* Update dependencies

Also move to use declaration overrides for describing additional possible fields in session data

Also removing/moving unnecessary prod dependencies

Moving jest tests to run in parallel

* Fix types for user

* Do not allow any warnings

* Correcting test results path

* Reducing docker image size (#9)

Also
* Update dependencies
* Adopt standard github gitignore for node projects
* Using body typography

* Add rename script (#10)

* Add rename script

* PR reviews

* Removing unused vars

* Alee/decoupling auth client from redis (#11)

* Decoupling auth client from redis impl

* Update to latest hmpps orb version (#12)

* Fixing build-info.json placement (#13)

* Convert to arrow functions in utils (#14)

* Convert to arrow functions in utils

* Remove returns and fix prettier issues

* Make the use of logger naming consistent (#15)

* Adding outdated job (#16)

* Adding outdated job

* Updating dependencies

* Removing patch to minor version

* Updating dependencies (#17)

* Moving to enable no-implicit-any (#18)

* DT-1659: 🔨 Remove helm copying secrets from AWS (#19)

* Adding moj design system (#20)

* Add new veracode scan for schedueled workflow (#21)

* Add new veracode scan for schedueled workflow

* Re-add - check_outdated job

* Removing deprecated body parser (#22)

* DT-1627: 📄 Update license with correct year (#23)

* Added missing ping endpoint as used by Kubernetes for liveliness probe (#24)

* DT-2012 - upgrade hmpps orb, and add veracode policy scan job. (#25)

* Use generic-service and generic-prometheus-alerts charts (#26)

* Updating dependencies and adding slack notifications to outdated checks (#27)

* Updating dependencies and adding slack notifications to outdated checks

* Add slack orb

* Moving to group middleware into related modules, following the pattern established in prison staff hub (#28)

* Fix the slack notification on `check_outdated` (#30)

* Ensure that the `SLACK_ACCESS_TOKEN` env var is set for `check_outdated`

As the final step (on fail) is a slack notification we need to use a context containing the variable.

* Refactor the channel for alerts into parameters

This establishes a reusable pattern in case consumers wish to notify slack on other jobs.

* Updating node dependencies (#31)

* Fixing configuration of security audit (#32)

The "medium" configuration was not an acceptable term, should be one of
"info", "low", "moderate", "high" or "critical". This meant that it
would not pick up on anything!

* Alee/update dependencies (#33)

* Updating dependencies and node

* Use parameterised slack channel rather than default of typescript alerts channel

* Extracting out executor

* DT-2166 - add trivy image scanning job (#35)

* Fix trivy scan job slack notifications channel (#36)

* Use node executor and parameterise the version (#34)

* WFP-322 use the hmpps/node executor to build

* WFP-322 parameterise the node version in the executor

* WFP-322 use node version parameter in integration test image

* WFP-322 integration tests use new node_redis executor

Co-authored-by: Andrew Lee <[email protected]>

* Deploy template project to template k8s namespace (#37)

* Deploy template project to template k8s namespace

* DT-2260 - update to latest circleci orb and chart dependencies (#38)

* Updating dependencies and improving README (#39)

* DT-2282: ⬆️ Fix veracode policy scan (#40)

* Moving cypress tests to typescript (#41)

* DT-2404: 💄 Switch to sign in / out instead of login / out (#42)

* DT-2404: 💄 Switch to sign in / out instead of login / out

* DT-2404: 💄 Don't need .gitignore for husky any more

* DT-2404: ✅ Run tests automatically on commit (#43)

* Update dependencies (#44)

* DT-2297 - Veracode - switch to daily pipeline scan (results in circleci), and weekly policy scan (upload to veracode portal). (#45)

* DT-2297- randomise timing of circleci security workflow due to rate limiting at veracode. (#47)

* update typescript (#48)

* Fixing docker caching apt-get layer (#49)

* Fix docker build failing, and reduce image size (#50)

* Remove use of semi colons before arrays (#51)

* Remove use of semi-colons before arrays

* Fix typos in README

* WFP-610 update to npmv7 and fix some audit (#52)

* WFP-610 update to npm 7

* WFP-610 update outdated dependencies

* WFP-610 fixed some audit vulnerabilities

* WFP-610 updated passport-oauth2

* WFP-610 upgrade to jest-junit 13 to bring in new ansi-regex (#54)

* Upgrading dependencies (#55)

* FIXBUILD: update ansi-regex subdependency (#56)

* DT-2702: 🔨 Use new generic service configuration (#57)

* Update dependencies (#58)

* Moving to use HMPPS header (#59)

* Moving to use HMPPS header

* Removing explicit reference to DPS

* Fix path of unit test results that are uploaded as artifacts (#60)

and properly indent "build" job (jobs should be an array of [name] to dictionary)

Co-authored-by: Jon Brighton <[email protected]>

* DT-2814: 🐛 Fix cron timings for veracode (#61)

* NN-3747 fixing json structure for the stubUserRoles call and populating the user directly and not from the request because passport isn't in the test stack (#62)

* Bumping node version (#63)

Also fixing open handle in test and bumping dependencies

* DT-2796: 🔨 Migrate dev to live context (#64)

* Update dependencies and move to NPM v8 (#65)

* Upgrading dependencies (#66)

* Update modules and remove express-request-id (#67)

* INC-163 Timeout Fix - Correctly sets the timeout for a HttpAgent (#69)

* ⬆️ update dependencies and 💄add no-only-tests linting rule for cypress (#70)

* ⬆️ update dependencies

* 💄Add no-only-tests linting rule for cypress

* SDI-60: 🔨 Add global protect and petty france to allowlists (#71)

* Update dependencies (#72)

* DCS-1442 jquery-ui.css coep fix (#73)

* Fixing docker caching issue (#74)

Need to refer to build args before calling apt-get upgrade otherwise the set of packages are cached and not upgraded. Docker cannot cache anything in layers after a dynamic variable has been used

Also bumping version of node and fixing test compilation issue

* Setup prometheus metrics by default. (#75)

This change sets up prometheus metrics to be available on port 3001, and
with the helm chart changes they will automatically get scraped and be
available for alerts and dashboards in grafana.

The added metrics include:

- General nodejs stats: memory use, gc etc
- HTTP server requests: counters and timings of all served HTTP requests
  by the app.
- HTTP client requests: counters and timings of all HTTP requests to
  other upstream APIs (as long as they are based off `restClient.ts`).
- Upstream healthchecks: guages recording the status/health of each
  upstream service when the healthcheck is tested.

This is all backported from the `manage-recalls-ui` app, please let me
know what you think. :)

* Bump minimist from 1.2.5 to 1.2.6 (#76)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependencies (#77)

* Audit fix (#79)

* NN-4060: App Insights only works with bunyan v1 (#80)

Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>

* Update orb and dependencies (#82)

* Stop metrics test from hitting a real service and occasionally timing out (#81)

Co-authored-by: Jon Wyatt <>
Co-authored-by: Andrew Lee <[email protected]>

* SDI-181: 🔧 Add jira notifications for new projects (#83)

* Adding better redis error handling (#84)

* SDI-181: 🔧 Use new cimg redis executor (#85)

* SDI-181: 🔧 Use new cimg redis executor

* SDI-181: 🔧 Improve docker ignore and use released orb instead

* SDI-181: ⬆️ Bump node minor version

* SLM-245 Restore cache prior to running up the app for the integration tests (#86)

This caused an issue with our build where we received a segmentation fault as soon as the integration tests called the node app. Segmentation faults generally indicate an issue with one of the native C/C++ modules and it appears that one of these modules was relying on something we have stashed in the cache.

* SDI-88: 🚨 Fix querystring warning (#87)

* SDI-88: 🚨 Fix querystring warning

* SDI-88: 🚨 Second attempt to querystring warning

* SDI-88: 🐛 Fix cookie session down as a dependency (#88)

* SDI-88: ♻️  Tidy up mocks and switch to multiplatform builds (#89)

* Allow async get to take an array of strings for paths like original get method (#90)

* SDI-182: ✨ Switch to using connection string instead (#91)

* Update README.md (#92)

* SDI-88: ✅ Add token verification integration tests (#94)

* Minor "code smell" fixes suggested by Sonar Cloud (#95)

* INC-567: Remove unnecessary type assertions

* INC-567: Return resolved promise directly

* SDI-211: 🔒️ Bump versions to fix security issues and cope with passport major upgrade (#96)

* Updating dependencies (#97)

* SDI-211: 🎨 Enforce trailing comma on functions too (#98)

* SDI-211: 🎨 Enforce arrow parens (#99)

* Bump dependencies (#100)

* SDI-218: ⬆  Upgrade cypress to v10 (#101)

* ⬆️ Update dependencies (#102)

* Ignore false positive around nodemon (#103)

* Ignore false positive around nodemon

* Manage version of audit ci and provide full path to ignored dependency

* Updating dependencies (#104)

* Update dependencies (#105)

* Create services container (#106)

This allows passing through a container of wired up services through to route

This approach has been used for the dps-shared and farsight projects and it leads to a testing approach that scales more naturally. Means you can pass through the services through to where they are needed and this can grow without changes propagating through the application

Also extracted standard router into standalone middleware as the current approach relies on mutation and encourages making multiple copies of it.

* SDI-265: ♻️  Minor improvements (#107)

* SDI-265: 🚨 Add lint check for only (#108)

* Update Jest to v28 and minor dependency updates (#109)

* Remove duplicate <main> elements (#110)

The govuk/template.njk which the layout.njk extends which these files use already includes a <main> element

According to the HTML spec there should only be one <main> element present in the document at a time

* Bumping dependencies and fixing page width (#111)

* Bumping dependencies and fixing page width

There seems to be a lot of variability in page width so going with something that seems most popular in HMPPS

* Run tests in band

Partially to fix tests hanging in circle, but also as test seems to run almost twice as fast (after clearing cache)

* Add a `cspNonce` to the webSecurity setup (#112)

Based on what I’ve seen elsewhere, this seems to now be a common
approach to allow us to inline scripts, see:

https://content-security-policy.com/nonce

The GOV.UK frontend has now been updated to support the use of the
`cspNonce` local - see:

 alphagov/govuk-frontend@2e40d74

So we no longer need to add the inline hash, which is vulnerable to if
the code in the frontend template is changed.

I’ve also removed the domain-specific overrides for jQuery scripts and
styles, as we can use the nonce for this too.

* Update dependencies 2022-08-22 (#113)

* Update dependencies to fix check outdated flagging typescript (#114)

* Update dependencies 2022-09-09 (#115)

* Speeding up jest tests (#116)

This speeds up the running of jest tests by enabling isolatedModules
which has the effect of [disabling typechecking](https://kulshekhar.github.io/ts-jest/docs/getting-started/options/isolatedModules)

It also drastically reduces memory usage, allowing for running tests in
parallel locally at least.

On my laptop this reduces the time to run the tests in this project from
~14 seconds to ~4 seconds. On larger projects the effect is much more pronounced,
welcome-people-to-prison reduces build time from ~2mins, 20 seconds to ~25
seconds. In circle we still need to run in band but this is still
significantly faster than before, in WPIP it reduces the build by over 1 min.

Type checking is still available in the IDE, it is also part of the
husky pre-commit hook and run by circle as part of the build, so the
risk of type errors slipping through are very small.

(We could possibly add a typechecking stage before running jest and it
would still be much faster but not adding unless it becomes apparent
that we need it )

It would be worth to re-assess this after jest 29 as there seems to be
some fixes around a [memory issue](jestjs/jest#11956) that is part of node in versions
> 16.10

NB: This will not work if type declaration (`d.ts`) files contain enums
or any other constructs that generate javascript code. This seems to be
a bit of an anti-pattern anyway (see [here](https://lukasbehal.com/2017-05-22-enums-in-declaration-files/)).
Other tooling such as cypress will only allow you to import
types from these files.

* Removing colour from logs in production mode (#117)

* Move ingress (#118)

* Move ingress

* CHange generic service to latest

* SDI-345: ⬆️  Upgrade node and cypress (#119)

* SDI-345: ⬆️  Upgrade node and cypress

* SDI-345: ⬆️  Actually upgrade cypress

* Fixing logging (#120)

There was an issue where we weren't sending trace info to app insights.
This is because appInsights needs to be imported before bunyan is
imported so it can do its instrumentation magic.

There was a related issue that obscured this. It was previously
impossible to test app insights locally as dotenv wasn't set up
correctly - it needed to happen before app insights is imported or app
insights would prevent the app starting up.

So this moves dotenv to dev dependencies and preloads it before running the app via start:dev.

This removes some code that is only relevant for local development.
It also means the application runs similar locally to how it would run
in docker or kubernetes - it just expects the environment variables to
be present.

Also moving the app insights import so it's very apparent that it's the first thing that happens when the app starts.

* Update dependencies 2022-09-28 (#121)

* ⬆️Upgrade to latest helm chart versions (#122)

* Adding badges (#123)

* Adding badges

* Update README.md

* Updating node to v18 (#124)

* Set helm timeout to 5 minutes (#125)

* Use official redis image for docker-compose (#126)

Which is suitable for arm64 and consistent with docker-compose-test which was updated with ministryofjustice/hmpps-template-typescript#89

* Update Helm config to match Kotlin template (#127)

* Update dependencies 2022-11-15 (#128)

* Update dependencies 2022-11-16 (#129)

* Update node images (#130)

* SDI-476: ⬆  Bump versions (#131)

* Update dependencies 2022-12-08 (#132)

* Update dependencies 2022-12-19 (#133)

* Bump jsonwebtoken from 8.5.1 to 9.0.0 (#136)

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix conflicting prettier / eslint rule (#135)

In eslint, we ask for a trailing comma, while the prettier rules are set
to `es5`. This causes issues if you have your IDE set up to fix on save,
as one linter kicks in before the other, causing conflicting fixes.

Co-authored-by: Andrew Lee <[email protected]>

* SDI-523: 🔒️ Fix / ignoresecurity issues (#138)

* HEAT-41: use npm outdated job from HMPPS Orb; update other dependencies (#139)

* Update dependencies 2023-01-24 (#140)

* Update dependencies 2023-01-31 (#141)

* Update dependencies 2023-02-01 (#142)

* Configure Renovate (#144)

* Add renovate.json

* HEAT-52: source Renovate config from shared HMPPS repo

* HEAT-52: tweak dependencies pinned by Renovate

Inherit the ones from https://github.com/ministryofjustice/hmpps-renovate-config/blob/main/node.json

* HEAT-52: manually bump Slack Orb as Renovate was complaining 'Can't find version matching 4.4.2 for slack'

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.4.0 (#146)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v4 (#148)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update actions/checkout action to v3 (#147)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add .nvmrc file, Prettier support for Nunjucks and use SCSS (#143)

* Add .nvmrc file with node version set to `18`
Update npm engine version to `^9`
Add `prettier-plugin-jinja-template` as dev dependency plus config
Refactor `.sass` files to `.scss` for consistency

* Add newline to .nvmrc

---------

Co-authored-by: Neil Mendum <[email protected]>

* Revert build_multiplatform_docker because it causes the build to take over an hour (#149)

See Slack discussion https://mojdt.slack.com/archives/C69NWE339/p1671529301455009?thread_ts=1671529075.740459&cid=C69NWE339

* Update dependency cypress to ^12.5.1 (#150)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-52: reduce the size of the PR body by specifying prBodyTemplate (#152)

This should help with GitHub integration in Slack

* Update all non major NPM dependencies (#151)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#153)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#155)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#156)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#159)

* Update all non major NPM dependencies

* Reduce Renovate stabilityDays so that it raises fewer PRs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.5.0 (#161)

* Update Helm release generic-service to v2.5.0

* Drop generic-service params no longer required

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update node image and regenerate package-lock.json (#165)

* Update hmpps-orb to v7.2.1 (#166)

* Upgrade to connect-redis 7 and update other dependencies (#168)

* Upgrade to connect-redis 7 and update other dependencies

* Remove legacy mode

* Fix npm prune warning

* Upgrade to typescript 5 (#169)

* Add HMPPS Auth URL to form-action CSP string (#170)

Update the Content Security Policy to allow the HMPPS Auth URL as a possible form action target.

Currently, if a 403 error occurs on a GET request, this will be captured by the error handling setup in errorHandler.ts, and the user will be redirected to the sign out URL, which then redirects to the HMPPS Auth URL. However, if a 403 error occurs on a POST request, this second redirect may not occur, and the user may, depending on their choice of browser, be frozen on the form page they just submitted.

Due to CSP implementation details that vary between browsers, adding the HMPPS Auth URL to our form action targets allows this second redirect to occur as expected.

* Update TypeScript etc 2023-04-03 (#174)

* Removing unnecessary build (#172)

All 3 processes: tsc, sass and copy-views are run by concurrently at start up anyway

* Update dependencies 2023-04-12 (#177)

* SDIT-738: ⚡️ Cache static resources for 1 hour (#178)

* Update dependencies 2023-04-21 (#181)

* Fix security vuln 2023-04-25 (#183)

* Update Helm release generic-service to v2.6.2 (#182)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* SDIT-760: 🔧 Upgrade redis to 7 (#186)

* Update Helm release generic-service to v2.6.3 (#184)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Tie css cache to version of application (#188)

At the moment the cache is linked to the start up time of pod, so get unnecessary cache misses for each pod in the cluster and also when pods restart

This ties the cache to the git short hash of the deployment

* Fix version not appearing in application insights (#190)

* Fix version not appearing in application insights

This previously relied on running a shell script to generate a file with a json payload in it.

The code that read this file to extract out the version for the cache improvement and also setting the application version in app insights, was looking in the wrong location

There was another location that looked up the file and read in the details for the health endpoint which was looking in the right place

This change moves to reading the version and git reference into an env var in the docker file instead, which means we can centralise how this info is made available and remove the additional file management

This should be a safe fix as the build info file was previously being generated from the docker build anyway - so the file should be available

* Tidy up passing around application version

* Update Helm release generic-prometheus-alerts to v1.3.2 (#189)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add PreProd and Prod helm config (#193)

As per Kotlin Template https://github.com/ministryofjustice/hmpps-template-kotlin/tree/main/helm_deploy

* Update slack orb to v4.12.5 (#185)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v5 (#175)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#176)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.16 (#191)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-06-07 (#196)

* Do not retry POST requests by default (#197)

It doesn't really make sense to retry non-idempotent calls

Also moving sanitised error over to a real error rather than a object. Makes it a little bit easier to test these: 'expect(..).reject.throws' etc.. doesn't work if you don't have really errors

* Adding changelog (#198)

* Have `sanitisedError` always return an Error instance (#199)

… for the same reasons as explained in ministryofjustice/hmpps-template-typescript#197

* Update all non major NPM dependencies (#195)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#200)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Fix semver vuln (#202)

* Update govuk-frontend to 4.7.0 (#205)

* Update all non major NPM dependencies (#204)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-82: Add productId and /info endpoint (#212)

* HEAT-82: Add productId and /info endpoint

* Update README and default value

* Update values.yaml to point at README.md

* Update README with dev portal URL (#213)

* Update README with dev portal URL

* Fix URL

* Fix info endpoint test description (#214)

* Update CHANGELOG.md (#216)

* Fix linting, update modules, remove override (#219)

* Move /info to health check block (#220)

* Update dependencies 2023-09-05 (#226)

* Update dependencies 2023-09-05

* Fix node version

* Fix CircleCI workflows for cypress (#223)

* Persist compiled stylesheets to workspace so that integration tests can load styles properly
* Upload cypress screenshot and video artefacts from correct location

* Fix cypress config and remove some vestigial code (#228)

* Remove unused/vestigial integration test method
* Remove deleted cypress config option
* Update copyright date

* Update readme (#229)

* Update Helm release generic-prometheus-alerts to v1.3.3 (#224)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis Docker tag to v7.2 (#221)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.18 (#230)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-106: Standardise endpoints (#231)

* HEAT-106: Standardise endpoints

* Fix e2e

* Correct response

* Update Dockerfile to pull through branch name

* Amend output checks for int tests

* Fix bugs and add Changelog

* SDIT-1088: ✨ Get components to always return status even if failed (#232)

* SDIT-1108: 🔧 Don't default build args (#233)

* SDIT-1108: 🔧 Don't default build args

* SDIT-1108: 🔧 Copy across args to env variables

* SDIT-1108: 🔧 Add in docker compose build args and missing env vars

* SDIT-1108: ♻️ Fix deprecated syntax version of ENV (#234)

* SDIT-1108: ✨ Add in environment name to header (#235)

* SDIT-1108: 📝 Add new environment name to changelog (#236)

* NON-270: Improve REST client (#238)

* Improve REST client typing information and add PATCH, PUT and DELETE methods allowing for query parameters as well as body payloads
* Propagate user types into `res.locals` in request handlers

* Update actions/checkout action to v4 (#225)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#210)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release generic-service to v2.6.5 (#237)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-10-17 (#243)

* add tests for list base clients page

* add view base client page

* Fix errors in template

* basic view for create new base client screen

* HAAR-1891: Update deprecated endpoints with new endpoints (#247)

* HAAR-1891: Update deprecated endpoints with new (manage users api) endpoints

* HAAR-1891: Update following PR comments

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* Update renovate.json (#248)

…to prevent Node docker image from being updated beyond LTS

* post new base client with error loop

* added controller tests

* add tests for presenter

* add test for expiry today

* Move to Node 20 plus minor updates (#249)

* Update CHANGELOG for node 20 change (#250)

* Update CHANGELOG for node 20 change

* Missed update link

* Update jwt-decode module to version 4.0.0 (#252)

* Update CHANGELOG.md (#253)

* correct test comments and refactor time functions

* Added changelog for PR #247 (#254)

* display edit base clients details page

* Add post update functionality

* update test comments

* update comments

* display edit base clients deployment details page

* add update deployment flow

* fix integration test

* remove excess helm folder

* add manage-users-api to docker-compose

* add remove client instance code

* page to display Delete Client confirmation

* test update

* delete functionality - validation

* add filter functionality

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Andrew Lee <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Matt <[email protected]>
Co-authored-by: Paul Solecki <[email protected]>
Co-authored-by: petergphillips <[email protected]>
Co-authored-by: Andy Marke <[email protected]>
Co-authored-by: Darren Oakley <[email protected]>
Co-authored-by: markreesmoj <[email protected]>
Co-authored-by: Connor Glynn <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: ushkarev <[email protected]>
Co-authored-by: richardpopple <[email protected]>
Co-authored-by: Michael Willis <[email protected]>
Co-authored-by: Louise N <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: sp-watson <[email protected]>
Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>
Co-authored-by: Jon Wyatt <[email protected]>
Co-authored-by: Mike Halma <[email protected]>
Co-authored-by: Richard James <[email protected]>
Co-authored-by: Stuart Harrison <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: carlov20 <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: David Middleton <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: bryangaledxw <[email protected]>
Co-authored-by: ravmoj <[email protected]>
simon-mitchell pushed a commit that referenced this pull request Nov 17, 2023
* Initial commit

* Alee/init (#1)

* Initial commit

* 🎉 Initial drop of code

* 🎨 Small tidy up

* Adding circle build and updating node to v14

* Adding helm config

* Fix wiremock port and update package.json

Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>

* Fixing docker image (#2)

* Fix secret name (#3)

* Correcting variable names and removing unnecessary ones (#4)

* Fixing variable name (#5)

* Removing trailing slashes from env vars (#6)

* Fix hostname (#7)

* Update dependencies (#8)

* Update dependencies

Also move to use declaration overrides for describing additional possible fields in session data

Also removing/moving unnecessary prod dependencies

Moving jest tests to run in parallel

* Fix types for user

* Do not allow any warnings

* Correcting test results path

* Reducing docker image size (#9)

Also
* Update dependencies
* Adopt standard github gitignore for node projects
* Using body typography

* Add rename script (#10)

* Add rename script

* PR reviews

* Removing unused vars

* Alee/decoupling auth client from redis (#11)

* Decoupling auth client from redis impl

* Update to latest hmpps orb version (#12)

* Fixing build-info.json placement (#13)

* Convert to arrow functions in utils (#14)

* Convert to arrow functions in utils

* Remove returns and fix prettier issues

* Make the use of logger naming consistent (#15)

* Adding outdated job (#16)

* Adding outdated job

* Updating dependencies

* Removing patch to minor version

* Updating dependencies (#17)

* Moving to enable no-implicit-any (#18)

* DT-1659: 🔨 Remove helm copying secrets from AWS (#19)

* Adding moj design system (#20)

* Add new veracode scan for schedueled workflow (#21)

* Add new veracode scan for schedueled workflow

* Re-add - check_outdated job

* Removing deprecated body parser (#22)

* DT-1627: 📄 Update license with correct year (#23)

* Added missing ping endpoint as used by Kubernetes for liveliness probe (#24)

* DT-2012 - upgrade hmpps orb, and add veracode policy scan job. (#25)

* Use generic-service and generic-prometheus-alerts charts (#26)

* Updating dependencies and adding slack notifications to outdated checks (#27)

* Updating dependencies and adding slack notifications to outdated checks

* Add slack orb

* Moving to group middleware into related modules, following the pattern established in prison staff hub (#28)

* Fix the slack notification on `check_outdated` (#30)

* Ensure that the `SLACK_ACCESS_TOKEN` env var is set for `check_outdated`

As the final step (on fail) is a slack notification we need to use a context containing the variable.

* Refactor the channel for alerts into parameters

This establishes a reusable pattern in case consumers wish to notify slack on other jobs.

* Updating node dependencies (#31)

* Fixing configuration of security audit (#32)

The "medium" configuration was not an acceptable term, should be one of
"info", "low", "moderate", "high" or "critical". This meant that it
would not pick up on anything!

* Alee/update dependencies (#33)

* Updating dependencies and node

* Use parameterised slack channel rather than default of typescript alerts channel

* Extracting out executor

* DT-2166 - add trivy image scanning job (#35)

* Fix trivy scan job slack notifications channel (#36)

* Use node executor and parameterise the version (#34)

* WFP-322 use the hmpps/node executor to build

* WFP-322 parameterise the node version in the executor

* WFP-322 use node version parameter in integration test image

* WFP-322 integration tests use new node_redis executor

Co-authored-by: Andrew Lee <[email protected]>

* Deploy template project to template k8s namespace (#37)

* Deploy template project to template k8s namespace

* DT-2260 - update to latest circleci orb and chart dependencies (#38)

* Updating dependencies and improving README (#39)

* DT-2282: ⬆️ Fix veracode policy scan (#40)

* Moving cypress tests to typescript (#41)

* DT-2404: 💄 Switch to sign in / out instead of login / out (#42)

* DT-2404: 💄 Switch to sign in / out instead of login / out

* DT-2404: 💄 Don't need .gitignore for husky any more

* DT-2404: ✅ Run tests automatically on commit (#43)

* Update dependencies (#44)

* DT-2297 - Veracode - switch to daily pipeline scan (results in circleci), and weekly policy scan (upload to veracode portal). (#45)

* DT-2297- randomise timing of circleci security workflow due to rate limiting at veracode. (#47)

* update typescript (#48)

* Fixing docker caching apt-get layer (#49)

* Fix docker build failing, and reduce image size (#50)

* Remove use of semi colons before arrays (#51)

* Remove use of semi-colons before arrays

* Fix typos in README

* WFP-610 update to npmv7 and fix some audit (#52)

* WFP-610 update to npm 7

* WFP-610 update outdated dependencies

* WFP-610 fixed some audit vulnerabilities

* WFP-610 updated passport-oauth2

* WFP-610 upgrade to jest-junit 13 to bring in new ansi-regex (#54)

* Upgrading dependencies (#55)

* FIXBUILD: update ansi-regex subdependency (#56)

* DT-2702: 🔨 Use new generic service configuration (#57)

* Update dependencies (#58)

* Moving to use HMPPS header (#59)

* Moving to use HMPPS header

* Removing explicit reference to DPS

* Fix path of unit test results that are uploaded as artifacts (#60)

and properly indent "build" job (jobs should be an array of [name] to dictionary)

Co-authored-by: Jon Brighton <[email protected]>

* DT-2814: 🐛 Fix cron timings for veracode (#61)

* NN-3747 fixing json structure for the stubUserRoles call and populating the user directly and not from the request because passport isn't in the test stack (#62)

* Bumping node version (#63)

Also fixing open handle in test and bumping dependencies

* DT-2796: 🔨 Migrate dev to live context (#64)

* Update dependencies and move to NPM v8 (#65)

* Upgrading dependencies (#66)

* Update modules and remove express-request-id (#67)

* INC-163 Timeout Fix - Correctly sets the timeout for a HttpAgent (#69)

* ⬆️ update dependencies and 💄add no-only-tests linting rule for cypress (#70)

* ⬆️ update dependencies

* 💄Add no-only-tests linting rule for cypress

* SDI-60: 🔨 Add global protect and petty france to allowlists (#71)

* Update dependencies (#72)

* DCS-1442 jquery-ui.css coep fix (#73)

* Fixing docker caching issue (#74)

Need to refer to build args before calling apt-get upgrade otherwise the set of packages are cached and not upgraded. Docker cannot cache anything in layers after a dynamic variable has been used

Also bumping version of node and fixing test compilation issue

* Setup prometheus metrics by default. (#75)

This change sets up prometheus metrics to be available on port 3001, and
with the helm chart changes they will automatically get scraped and be
available for alerts and dashboards in grafana.

The added metrics include:

- General nodejs stats: memory use, gc etc
- HTTP server requests: counters and timings of all served HTTP requests
  by the app.
- HTTP client requests: counters and timings of all HTTP requests to
  other upstream APIs (as long as they are based off `restClient.ts`).
- Upstream healthchecks: guages recording the status/health of each
  upstream service when the healthcheck is tested.

This is all backported from the `manage-recalls-ui` app, please let me
know what you think. :)

* Bump minimist from 1.2.5 to 1.2.6 (#76)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependencies (#77)

* Audit fix (#79)

* NN-4060: App Insights only works with bunyan v1 (#80)

Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>

* Update orb and dependencies (#82)

* Stop metrics test from hitting a real service and occasionally timing out (#81)

Co-authored-by: Jon Wyatt <>
Co-authored-by: Andrew Lee <[email protected]>

* SDI-181: 🔧 Add jira notifications for new projects (#83)

* Adding better redis error handling (#84)

* SDI-181: 🔧 Use new cimg redis executor (#85)

* SDI-181: 🔧 Use new cimg redis executor

* SDI-181: 🔧 Improve docker ignore and use released orb instead

* SDI-181: ⬆️ Bump node minor version

* SLM-245 Restore cache prior to running up the app for the integration tests (#86)

This caused an issue with our build where we received a segmentation fault as soon as the integration tests called the node app. Segmentation faults generally indicate an issue with one of the native C/C++ modules and it appears that one of these modules was relying on something we have stashed in the cache.

* SDI-88: 🚨 Fix querystring warning (#87)

* SDI-88: 🚨 Fix querystring warning

* SDI-88: 🚨 Second attempt to querystring warning

* SDI-88: 🐛 Fix cookie session down as a dependency (#88)

* SDI-88: ♻️  Tidy up mocks and switch to multiplatform builds (#89)

* Allow async get to take an array of strings for paths like original get method (#90)

* SDI-182: ✨ Switch to using connection string instead (#91)

* Update README.md (#92)

* SDI-88: ✅ Add token verification integration tests (#94)

* Minor "code smell" fixes suggested by Sonar Cloud (#95)

* INC-567: Remove unnecessary type assertions

* INC-567: Return resolved promise directly

* SDI-211: 🔒️ Bump versions to fix security issues and cope with passport major upgrade (#96)

* Updating dependencies (#97)

* SDI-211: 🎨 Enforce trailing comma on functions too (#98)

* SDI-211: 🎨 Enforce arrow parens (#99)

* Bump dependencies (#100)

* SDI-218: ⬆  Upgrade cypress to v10 (#101)

* ⬆️ Update dependencies (#102)

* Ignore false positive around nodemon (#103)

* Ignore false positive around nodemon

* Manage version of audit ci and provide full path to ignored dependency

* Updating dependencies (#104)

* Update dependencies (#105)

* Create services container (#106)

This allows passing through a container of wired up services through to route

This approach has been used for the dps-shared and farsight projects and it leads to a testing approach that scales more naturally. Means you can pass through the services through to where they are needed and this can grow without changes propagating through the application

Also extracted standard router into standalone middleware as the current approach relies on mutation and encourages making multiple copies of it.

* SDI-265: ♻️  Minor improvements (#107)

* SDI-265: 🚨 Add lint check for only (#108)

* Update Jest to v28 and minor dependency updates (#109)

* Remove duplicate <main> elements (#110)

The govuk/template.njk which the layout.njk extends which these files use already includes a <main> element

According to the HTML spec there should only be one <main> element present in the document at a time

* Bumping dependencies and fixing page width (#111)

* Bumping dependencies and fixing page width

There seems to be a lot of variability in page width so going with something that seems most popular in HMPPS

* Run tests in band

Partially to fix tests hanging in circle, but also as test seems to run almost twice as fast (after clearing cache)

* Add a `cspNonce` to the webSecurity setup (#112)

Based on what I’ve seen elsewhere, this seems to now be a common
approach to allow us to inline scripts, see:

https://content-security-policy.com/nonce

The GOV.UK frontend has now been updated to support the use of the
`cspNonce` local - see:

 alphagov/govuk-frontend@2e40d74

So we no longer need to add the inline hash, which is vulnerable to if
the code in the frontend template is changed.

I’ve also removed the domain-specific overrides for jQuery scripts and
styles, as we can use the nonce for this too.

* Update dependencies 2022-08-22 (#113)

* Update dependencies to fix check outdated flagging typescript (#114)

* Update dependencies 2022-09-09 (#115)

* Speeding up jest tests (#116)

This speeds up the running of jest tests by enabling isolatedModules
which has the effect of [disabling typechecking](https://kulshekhar.github.io/ts-jest/docs/getting-started/options/isolatedModules)

It also drastically reduces memory usage, allowing for running tests in
parallel locally at least.

On my laptop this reduces the time to run the tests in this project from
~14 seconds to ~4 seconds. On larger projects the effect is much more pronounced,
welcome-people-to-prison reduces build time from ~2mins, 20 seconds to ~25
seconds. In circle we still need to run in band but this is still
significantly faster than before, in WPIP it reduces the build by over 1 min.

Type checking is still available in the IDE, it is also part of the
husky pre-commit hook and run by circle as part of the build, so the
risk of type errors slipping through are very small.

(We could possibly add a typechecking stage before running jest and it
would still be much faster but not adding unless it becomes apparent
that we need it )

It would be worth to re-assess this after jest 29 as there seems to be
some fixes around a [memory issue](jestjs/jest#11956) that is part of node in versions
> 16.10

NB: This will not work if type declaration (`d.ts`) files contain enums
or any other constructs that generate javascript code. This seems to be
a bit of an anti-pattern anyway (see [here](https://lukasbehal.com/2017-05-22-enums-in-declaration-files/)).
Other tooling such as cypress will only allow you to import
types from these files.

* Removing colour from logs in production mode (#117)

* Move ingress (#118)

* Move ingress

* CHange generic service to latest

* SDI-345: ⬆️  Upgrade node and cypress (#119)

* SDI-345: ⬆️  Upgrade node and cypress

* SDI-345: ⬆️  Actually upgrade cypress

* Fixing logging (#120)

There was an issue where we weren't sending trace info to app insights.
This is because appInsights needs to be imported before bunyan is
imported so it can do its instrumentation magic.

There was a related issue that obscured this. It was previously
impossible to test app insights locally as dotenv wasn't set up
correctly - it needed to happen before app insights is imported or app
insights would prevent the app starting up.

So this moves dotenv to dev dependencies and preloads it before running the app via start:dev.

This removes some code that is only relevant for local development.
It also means the application runs similar locally to how it would run
in docker or kubernetes - it just expects the environment variables to
be present.

Also moving the app insights import so it's very apparent that it's the first thing that happens when the app starts.

* Update dependencies 2022-09-28 (#121)

* ⬆️Upgrade to latest helm chart versions (#122)

* Adding badges (#123)

* Adding badges

* Update README.md

* Updating node to v18 (#124)

* Set helm timeout to 5 minutes (#125)

* Use official redis image for docker-compose (#126)

Which is suitable for arm64 and consistent with docker-compose-test which was updated with ministryofjustice/hmpps-template-typescript#89

* Update Helm config to match Kotlin template (#127)

* Update dependencies 2022-11-15 (#128)

* Update dependencies 2022-11-16 (#129)

* Update node images (#130)

* SDI-476: ⬆  Bump versions (#131)

* Update dependencies 2022-12-08 (#132)

* Update dependencies 2022-12-19 (#133)

* Bump jsonwebtoken from 8.5.1 to 9.0.0 (#136)

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix conflicting prettier / eslint rule (#135)

In eslint, we ask for a trailing comma, while the prettier rules are set
to `es5`. This causes issues if you have your IDE set up to fix on save,
as one linter kicks in before the other, causing conflicting fixes.

Co-authored-by: Andrew Lee <[email protected]>

* SDI-523: 🔒️ Fix / ignoresecurity issues (#138)

* HEAT-41: use npm outdated job from HMPPS Orb; update other dependencies (#139)

* Update dependencies 2023-01-24 (#140)

* Update dependencies 2023-01-31 (#141)

* Update dependencies 2023-02-01 (#142)

* Configure Renovate (#144)

* Add renovate.json

* HEAT-52: source Renovate config from shared HMPPS repo

* HEAT-52: tweak dependencies pinned by Renovate

Inherit the ones from https://github.com/ministryofjustice/hmpps-renovate-config/blob/main/node.json

* HEAT-52: manually bump Slack Orb as Renovate was complaining 'Can't find version matching 4.4.2 for slack'

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.4.0 (#146)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v4 (#148)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update actions/checkout action to v3 (#147)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add .nvmrc file, Prettier support for Nunjucks and use SCSS (#143)

* Add .nvmrc file with node version set to `18`
Update npm engine version to `^9`
Add `prettier-plugin-jinja-template` as dev dependency plus config
Refactor `.sass` files to `.scss` for consistency

* Add newline to .nvmrc

---------

Co-authored-by: Neil Mendum <[email protected]>

* Revert build_multiplatform_docker because it causes the build to take over an hour (#149)

See Slack discussion https://mojdt.slack.com/archives/C69NWE339/p1671529301455009?thread_ts=1671529075.740459&cid=C69NWE339

* Update dependency cypress to ^12.5.1 (#150)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-52: reduce the size of the PR body by specifying prBodyTemplate (#152)

This should help with GitHub integration in Slack

* Update all non major NPM dependencies (#151)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#153)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#155)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#156)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#159)

* Update all non major NPM dependencies

* Reduce Renovate stabilityDays so that it raises fewer PRs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.5.0 (#161)

* Update Helm release generic-service to v2.5.0

* Drop generic-service params no longer required

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update node image and regenerate package-lock.json (#165)

* Update hmpps-orb to v7.2.1 (#166)

* Upgrade to connect-redis 7 and update other dependencies (#168)

* Upgrade to connect-redis 7 and update other dependencies

* Remove legacy mode

* Fix npm prune warning

* Upgrade to typescript 5 (#169)

* Add HMPPS Auth URL to form-action CSP string (#170)

Update the Content Security Policy to allow the HMPPS Auth URL as a possible form action target.

Currently, if a 403 error occurs on a GET request, this will be captured by the error handling setup in errorHandler.ts, and the user will be redirected to the sign out URL, which then redirects to the HMPPS Auth URL. However, if a 403 error occurs on a POST request, this second redirect may not occur, and the user may, depending on their choice of browser, be frozen on the form page they just submitted.

Due to CSP implementation details that vary between browsers, adding the HMPPS Auth URL to our form action targets allows this second redirect to occur as expected.

* Update TypeScript etc 2023-04-03 (#174)

* Removing unnecessary build (#172)

All 3 processes: tsc, sass and copy-views are run by concurrently at start up anyway

* Update dependencies 2023-04-12 (#177)

* SDIT-738: ⚡️ Cache static resources for 1 hour (#178)

* Update dependencies 2023-04-21 (#181)

* Fix security vuln 2023-04-25 (#183)

* Update Helm release generic-service to v2.6.2 (#182)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* SDIT-760: 🔧 Upgrade redis to 7 (#186)

* Update Helm release generic-service to v2.6.3 (#184)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Tie css cache to version of application (#188)

At the moment the cache is linked to the start up time of pod, so get unnecessary cache misses for each pod in the cluster and also when pods restart

This ties the cache to the git short hash of the deployment

* Fix version not appearing in application insights (#190)

* Fix version not appearing in application insights

This previously relied on running a shell script to generate a file with a json payload in it.

The code that read this file to extract out the version for the cache improvement and also setting the application version in app insights, was looking in the wrong location

There was another location that looked up the file and read in the details for the health endpoint which was looking in the right place

This change moves to reading the version and git reference into an env var in the docker file instead, which means we can centralise how this info is made available and remove the additional file management

This should be a safe fix as the build info file was previously being generated from the docker build anyway - so the file should be available

* Tidy up passing around application version

* Update Helm release generic-prometheus-alerts to v1.3.2 (#189)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add PreProd and Prod helm config (#193)

As per Kotlin Template https://github.com/ministryofjustice/hmpps-template-kotlin/tree/main/helm_deploy

* Update slack orb to v4.12.5 (#185)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v5 (#175)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#176)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.16 (#191)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-06-07 (#196)

* Do not retry POST requests by default (#197)

It doesn't really make sense to retry non-idempotent calls

Also moving sanitised error over to a real error rather than a object. Makes it a little bit easier to test these: 'expect(..).reject.throws' etc.. doesn't work if you don't have really errors

* Adding changelog (#198)

* Have `sanitisedError` always return an Error instance (#199)

… for the same reasons as explained in ministryofjustice/hmpps-template-typescript#197

* Update all non major NPM dependencies (#195)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#200)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Fix semver vuln (#202)

* Update govuk-frontend to 4.7.0 (#205)

* Update all non major NPM dependencies (#204)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-82: Add productId and /info endpoint (#212)

* HEAT-82: Add productId and /info endpoint

* Update README and default value

* Update values.yaml to point at README.md

* Update README with dev portal URL (#213)

* Update README with dev portal URL

* Fix URL

* Fix info endpoint test description (#214)

* Update CHANGELOG.md (#216)

* Fix linting, update modules, remove override (#219)

* Move /info to health check block (#220)

* Update dependencies 2023-09-05 (#226)

* Update dependencies 2023-09-05

* Fix node version

* Fix CircleCI workflows for cypress (#223)

* Persist compiled stylesheets to workspace so that integration tests can load styles properly
* Upload cypress screenshot and video artefacts from correct location

* Fix cypress config and remove some vestigial code (#228)

* Remove unused/vestigial integration test method
* Remove deleted cypress config option
* Update copyright date

* Update readme (#229)

* Update Helm release generic-prometheus-alerts to v1.3.3 (#224)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis Docker tag to v7.2 (#221)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.18 (#230)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-106: Standardise endpoints (#231)

* HEAT-106: Standardise endpoints

* Fix e2e

* Correct response

* Update Dockerfile to pull through branch name

* Amend output checks for int tests

* Fix bugs and add Changelog

* SDIT-1088: ✨ Get components to always return status even if failed (#232)

* SDIT-1108: 🔧 Don't default build args (#233)

* SDIT-1108: 🔧 Don't default build args

* SDIT-1108: 🔧 Copy across args to env variables

* SDIT-1108: 🔧 Add in docker compose build args and missing env vars

* SDIT-1108: ♻️ Fix deprecated syntax version of ENV (#234)

* SDIT-1108: ✨ Add in environment name to header (#235)

* SDIT-1108: 📝 Add new environment name to changelog (#236)

* NON-270: Improve REST client (#238)

* Improve REST client typing information and add PATCH, PUT and DELETE methods allowing for query parameters as well as body payloads
* Propagate user types into `res.locals` in request handlers

* Update actions/checkout action to v4 (#225)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#210)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release generic-service to v2.6.5 (#237)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-10-17 (#243)

* add tests for list base clients page

* add view base client page

* Fix errors in template

* basic view for create new base client screen

* HAAR-1891: Update deprecated endpoints with new endpoints (#247)

* HAAR-1891: Update deprecated endpoints with new (manage users api) endpoints

* HAAR-1891: Update following PR comments

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* Update renovate.json (#248)

…to prevent Node docker image from being updated beyond LTS

* post new base client with error loop

* added controller tests

* add tests for presenter

* add test for expiry today

* Move to Node 20 plus minor updates (#249)

* Update CHANGELOG for node 20 change (#250)

* Update CHANGELOG for node 20 change

* Missed update link

* Update jwt-decode module to version 4.0.0 (#252)

* Update CHANGELOG.md (#253)

* correct test comments and refactor time functions

* Added changelog for PR #247 (#254)

* display edit base clients details page

* Add post update functionality

* update test comments

* update comments

* display edit base clients deployment details page

* add update deployment flow

* fix integration test

* remove excess helm folder

* add manage-users-api to docker-compose

* add remove client instance code

* page to display Delete Client confirmation

* test update

* delete functionality - validation

* add filter functionality

* setup homepage tests

* base-client-list integration tests

* correct failing test

* remove template files

* fix service filter

* integration tests for main base client view screen

* Add base client tests

* edit base client details testing

* integration tests for edit deployment

* Integration tests for Client instance add and delete functionality

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Andrew Lee <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: Matt <[email protected]>
Co-authored-by: Paul Solecki <[email protected]>
Co-authored-by: petergphillips <[email protected]>
Co-authored-by: Andy Marke <[email protected]>
Co-authored-by: Darren Oakley <[email protected]>
Co-authored-by: markreesmoj <[email protected]>
Co-authored-by: Connor Glynn <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: ushkarev <[email protected]>
Co-authored-by: richardpopple <[email protected]>
Co-authored-by: Michael Willis <[email protected]>
Co-authored-by: Louise N <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: sp-watson <[email protected]>
Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>
Co-authored-by: Jon Wyatt <[email protected]>
Co-authored-by: Mike Halma <[email protected]>
Co-authored-by: Richard James <[email protected]>
Co-authored-by: Stuart Harrison <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: carlov20 <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: David Middleton <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: bryangaledxw <[email protected]>
Co-authored-by: ravmoj <[email protected]>
simon-mitchell pushed a commit that referenced this pull request Jan 12, 2024
* Moving to enable no-implicit-any (#18)

* DT-1659: 🔨 Remove helm copying secrets from AWS (#19)

* Adding moj design system (#20)

* Add new veracode scan for schedueled workflow (#21)

* Add new veracode scan for schedueled workflow

* Re-add - check_outdated job

* Removing deprecated body parser (#22)

* DT-1627: 📄 Update license with correct year (#23)

* Added missing ping endpoint as used by Kubernetes for liveliness probe (#24)

* DT-2012 - upgrade hmpps orb, and add veracode policy scan job. (#25)

* Use generic-service and generic-prometheus-alerts charts (#26)

* Updating dependencies and adding slack notifications to outdated checks (#27)

* Updating dependencies and adding slack notifications to outdated checks

* Add slack orb

* Moving to group middleware into related modules, following the pattern established in prison staff hub (#28)

* Fix the slack notification on `check_outdated` (#30)

* Ensure that the `SLACK_ACCESS_TOKEN` env var is set for `check_outdated`

As the final step (on fail) is a slack notification we need to use a context containing the variable.

* Refactor the channel for alerts into parameters

This establishes a reusable pattern in case consumers wish to notify slack on other jobs.

* Updating node dependencies (#31)

* Fixing configuration of security audit (#32)

The "medium" configuration was not an acceptable term, should be one of
"info", "low", "moderate", "high" or "critical". This meant that it
would not pick up on anything!

* Alee/update dependencies (#33)

* Updating dependencies and node

* Use parameterised slack channel rather than default of typescript alerts channel

* Extracting out executor

* DT-2166 - add trivy image scanning job (#35)

* Fix trivy scan job slack notifications channel (#36)

* Use node executor and parameterise the version (#34)

* WFP-322 use the hmpps/node executor to build

* WFP-322 parameterise the node version in the executor

* WFP-322 use node version parameter in integration test image

* WFP-322 integration tests use new node_redis executor

Co-authored-by: Andrew Lee <[email protected]>

* Deploy template project to template k8s namespace (#37)

* Deploy template project to template k8s namespace

* DT-2260 - update to latest circleci orb and chart dependencies (#38)

* Updating dependencies and improving README (#39)

* DT-2282: ⬆️ Fix veracode policy scan (#40)

* Moving cypress tests to typescript (#41)

* DT-2404: 💄 Switch to sign in / out instead of login / out (#42)

* DT-2404: 💄 Switch to sign in / out instead of login / out

* DT-2404: 💄 Don't need .gitignore for husky any more

* DT-2404: ✅ Run tests automatically on commit (#43)

* Update dependencies (#44)

* DT-2297 - Veracode - switch to daily pipeline scan (results in circleci), and weekly policy scan (upload to veracode portal). (#45)

* DT-2297- randomise timing of circleci security workflow due to rate limiting at veracode. (#47)

* update typescript (#48)

* Fixing docker caching apt-get layer (#49)

* Fix docker build failing, and reduce image size (#50)

* Remove use of semi colons before arrays (#51)

* Remove use of semi-colons before arrays

* Fix typos in README

* WFP-610 update to npmv7 and fix some audit (#52)

* WFP-610 update to npm 7

* WFP-610 update outdated dependencies

* WFP-610 fixed some audit vulnerabilities

* WFP-610 updated passport-oauth2

* WFP-610 upgrade to jest-junit 13 to bring in new ansi-regex (#54)

* Upgrading dependencies (#55)

* FIXBUILD: update ansi-regex subdependency (#56)

* DT-2702: 🔨 Use new generic service configuration (#57)

* Update dependencies (#58)

* Moving to use HMPPS header (#59)

* Moving to use HMPPS header

* Removing explicit reference to DPS

* Fix path of unit test results that are uploaded as artifacts (#60)

and properly indent "build" job (jobs should be an array of [name] to dictionary)

Co-authored-by: Jon Brighton <[email protected]>

* DT-2814: 🐛 Fix cron timings for veracode (#61)

* NN-3747 fixing json structure for the stubUserRoles call and populating the user directly and not from the request because passport isn't in the test stack (#62)

* Bumping node version (#63)

Also fixing open handle in test and bumping dependencies

* DT-2796: 🔨 Migrate dev to live context (#64)

* Update dependencies and move to NPM v8 (#65)

* Upgrading dependencies (#66)

* Update modules and remove express-request-id (#67)

* INC-163 Timeout Fix - Correctly sets the timeout for a HttpAgent (#69)

* ⬆️ update dependencies and 💄add no-only-tests linting rule for cypress (#70)

* ⬆️ update dependencies

* 💄Add no-only-tests linting rule for cypress

* SDI-60: 🔨 Add global protect and petty france to allowlists (#71)

* Update dependencies (#72)

* DCS-1442 jquery-ui.css coep fix (#73)

* Fixing docker caching issue (#74)

Need to refer to build args before calling apt-get upgrade otherwise the set of packages are cached and not upgraded. Docker cannot cache anything in layers after a dynamic variable has been used

Also bumping version of node and fixing test compilation issue

* Setup prometheus metrics by default. (#75)

This change sets up prometheus metrics to be available on port 3001, and
with the helm chart changes they will automatically get scraped and be
available for alerts and dashboards in grafana.

The added metrics include:

- General nodejs stats: memory use, gc etc
- HTTP server requests: counters and timings of all served HTTP requests
  by the app.
- HTTP client requests: counters and timings of all HTTP requests to
  other upstream APIs (as long as they are based off `restClient.ts`).
- Upstream healthchecks: guages recording the status/health of each
  upstream service when the healthcheck is tested.

This is all backported from the `manage-recalls-ui` app, please let me
know what you think. :)

* Bump minimist from 1.2.5 to 1.2.6 (#76)

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update dependencies (#77)

* Audit fix (#79)

* NN-4060: App Insights only works with bunyan v1 (#80)

Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>

* Update orb and dependencies (#82)

* Stop metrics test from hitting a real service and occasionally timing out (#81)

Co-authored-by: Jon Wyatt <>
Co-authored-by: Andrew Lee <[email protected]>

* SDI-181: 🔧 Add jira notifications for new projects (#83)

* Adding better redis error handling (#84)

* SDI-181: 🔧 Use new cimg redis executor (#85)

* SDI-181: 🔧 Use new cimg redis executor

* SDI-181: 🔧 Improve docker ignore and use released orb instead

* SDI-181: ⬆️ Bump node minor version

* SLM-245 Restore cache prior to running up the app for the integration tests (#86)

This caused an issue with our build where we received a segmentation fault as soon as the integration tests called the node app. Segmentation faults generally indicate an issue with one of the native C/C++ modules and it appears that one of these modules was relying on something we have stashed in the cache.

* SDI-88: 🚨 Fix querystring warning (#87)

* SDI-88: 🚨 Fix querystring warning

* SDI-88: 🚨 Second attempt to querystring warning

* SDI-88: 🐛 Fix cookie session down as a dependency (#88)

* SDI-88: ♻️  Tidy up mocks and switch to multiplatform builds (#89)

* Allow async get to take an array of strings for paths like original get method (#90)

* SDI-182: ✨ Switch to using connection string instead (#91)

* Update README.md (#92)

* SDI-88: ✅ Add token verification integration tests (#94)

* Minor "code smell" fixes suggested by Sonar Cloud (#95)

* INC-567: Remove unnecessary type assertions

* INC-567: Return resolved promise directly

* SDI-211: 🔒️ Bump versions to fix security issues and cope with passport major upgrade (#96)

* Updating dependencies (#97)

* SDI-211: 🎨 Enforce trailing comma on functions too (#98)

* SDI-211: 🎨 Enforce arrow parens (#99)

* Bump dependencies (#100)

* SDI-218: ⬆  Upgrade cypress to v10 (#101)

* ⬆️ Update dependencies (#102)

* Ignore false positive around nodemon (#103)

* Ignore false positive around nodemon

* Manage version of audit ci and provide full path to ignored dependency

* Updating dependencies (#104)

* Update dependencies (#105)

* Create services container (#106)

This allows passing through a container of wired up services through to route

This approach has been used for the dps-shared and farsight projects and it leads to a testing approach that scales more naturally. Means you can pass through the services through to where they are needed and this can grow without changes propagating through the application

Also extracted standard router into standalone middleware as the current approach relies on mutation and encourages making multiple copies of it.

* SDI-265: ♻️  Minor improvements (#107)

* SDI-265: 🚨 Add lint check for only (#108)

* Update Jest to v28 and minor dependency updates (#109)

* Remove duplicate <main> elements (#110)

The govuk/template.njk which the layout.njk extends which these files use already includes a <main> element

According to the HTML spec there should only be one <main> element present in the document at a time

* Bumping dependencies and fixing page width (#111)

* Bumping dependencies and fixing page width

There seems to be a lot of variability in page width so going with something that seems most popular in HMPPS

* Run tests in band

Partially to fix tests hanging in circle, but also as test seems to run almost twice as fast (after clearing cache)

* Add a `cspNonce` to the webSecurity setup (#112)

Based on what I’ve seen elsewhere, this seems to now be a common
approach to allow us to inline scripts, see:

https://content-security-policy.com/nonce

The GOV.UK frontend has now been updated to support the use of the
`cspNonce` local - see:

 alphagov/govuk-frontend@2e40d74

So we no longer need to add the inline hash, which is vulnerable to if
the code in the frontend template is changed.

I’ve also removed the domain-specific overrides for jQuery scripts and
styles, as we can use the nonce for this too.

* Update dependencies 2022-08-22 (#113)

* Update dependencies to fix check outdated flagging typescript (#114)

* Update dependencies 2022-09-09 (#115)

* Speeding up jest tests (#116)

This speeds up the running of jest tests by enabling isolatedModules
which has the effect of [disabling typechecking](https://kulshekhar.github.io/ts-jest/docs/getting-started/options/isolatedModules)

It also drastically reduces memory usage, allowing for running tests in
parallel locally at least.

On my laptop this reduces the time to run the tests in this project from
~14 seconds to ~4 seconds. On larger projects the effect is much more pronounced,
welcome-people-to-prison reduces build time from ~2mins, 20 seconds to ~25
seconds. In circle we still need to run in band but this is still
significantly faster than before, in WPIP it reduces the build by over 1 min.

Type checking is still available in the IDE, it is also part of the
husky pre-commit hook and run by circle as part of the build, so the
risk of type errors slipping through are very small.

(We could possibly add a typechecking stage before running jest and it
would still be much faster but not adding unless it becomes apparent
that we need it )

It would be worth to re-assess this after jest 29 as there seems to be
some fixes around a [memory issue](jestjs/jest#11956) that is part of node in versions
> 16.10

NB: This will not work if type declaration (`d.ts`) files contain enums
or any other constructs that generate javascript code. This seems to be
a bit of an anti-pattern anyway (see [here](https://lukasbehal.com/2017-05-22-enums-in-declaration-files/)).
Other tooling such as cypress will only allow you to import
types from these files.

* Removing colour from logs in production mode (#117)

* Move ingress (#118)

* Move ingress

* CHange generic service to latest

* SDI-345: ⬆️  Upgrade node and cypress (#119)

* SDI-345: ⬆️  Upgrade node and cypress

* SDI-345: ⬆️  Actually upgrade cypress

* Fixing logging (#120)

There was an issue where we weren't sending trace info to app insights.
This is because appInsights needs to be imported before bunyan is
imported so it can do its instrumentation magic.

There was a related issue that obscured this. It was previously
impossible to test app insights locally as dotenv wasn't set up
correctly - it needed to happen before app insights is imported or app
insights would prevent the app starting up.

So this moves dotenv to dev dependencies and preloads it before running the app via start:dev.

This removes some code that is only relevant for local development.
It also means the application runs similar locally to how it would run
in docker or kubernetes - it just expects the environment variables to
be present.

Also moving the app insights import so it's very apparent that it's the first thing that happens when the app starts.

* Update dependencies 2022-09-28 (#121)

* ⬆️Upgrade to latest helm chart versions (#122)

* Adding badges (#123)

* Adding badges

* Update README.md

* Updating node to v18 (#124)

* Set helm timeout to 5 minutes (#125)

* Use official redis image for docker-compose (#126)

Which is suitable for arm64 and consistent with docker-compose-test which was updated with ministryofjustice/hmpps-template-typescript#89

* Update Helm config to match Kotlin template (#127)

* Update dependencies 2022-11-15 (#128)

* Update dependencies 2022-11-16 (#129)

* Update node images (#130)

* SDI-476: ⬆  Bump versions (#131)

* Update dependencies 2022-12-08 (#132)

* Update dependencies 2022-12-19 (#133)

* Bump jsonwebtoken from 8.5.1 to 9.0.0 (#136)

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix conflicting prettier / eslint rule (#135)

In eslint, we ask for a trailing comma, while the prettier rules are set
to `es5`. This causes issues if you have your IDE set up to fix on save,
as one linter kicks in before the other, causing conflicting fixes.

Co-authored-by: Andrew Lee <[email protected]>

* SDI-523: 🔒️ Fix / ignoresecurity issues (#138)

* HEAT-41: use npm outdated job from HMPPS Orb; update other dependencies (#139)

* Update dependencies 2023-01-24 (#140)

* Update dependencies 2023-01-31 (#141)

* Update dependencies 2023-02-01 (#142)

* Configure Renovate (#144)

* Add renovate.json

* HEAT-52: source Renovate config from shared HMPPS repo

* HEAT-52: tweak dependencies pinned by Renovate

Inherit the ones from https://github.com/ministryofjustice/hmpps-renovate-config/blob/main/node.json

* HEAT-52: manually bump Slack Orb as Renovate was complaining 'Can't find version matching 4.4.2 for slack'

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.4.0 (#146)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v4 (#148)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update actions/checkout action to v3 (#147)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add .nvmrc file, Prettier support for Nunjucks and use SCSS (#143)

* Add .nvmrc file with node version set to `18`
Update npm engine version to `^9`
Add `prettier-plugin-jinja-template` as dev dependency plus config
Refactor `.sass` files to `.scss` for consistency

* Add newline to .nvmrc

---------

Co-authored-by: Neil Mendum <[email protected]>

* Revert build_multiplatform_docker because it causes the build to take over an hour (#149)

See Slack discussion https://mojdt.slack.com/archives/C69NWE339/p1671529301455009?thread_ts=1671529075.740459&cid=C69NWE339

* Update dependency cypress to ^12.5.1 (#150)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-52: reduce the size of the PR body by specifying prBodyTemplate (#152)

This should help with GitHub integration in Slack

* Update all non major NPM dependencies (#151)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#153)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#155)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#156)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#159)

* Update all non major NPM dependencies

* Reduce Renovate stabilityDays so that it raises fewer PRs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update Helm release generic-service to v2.5.0 (#161)

* Update Helm release generic-service to v2.5.0

* Drop generic-service params no longer required

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* Update node image and regenerate package-lock.json (#165)

* Update hmpps-orb to v7.2.1 (#166)

* Upgrade to connect-redis 7 and update other dependencies (#168)

* Upgrade to connect-redis 7 and update other dependencies

* Remove legacy mode

* Fix npm prune warning

* Upgrade to typescript 5 (#169)

* Add HMPPS Auth URL to form-action CSP string (#170)

Update the Content Security Policy to allow the HMPPS Auth URL as a possible form action target.

Currently, if a 403 error occurs on a GET request, this will be captured by the error handling setup in errorHandler.ts, and the user will be redirected to the sign out URL, which then redirects to the HMPPS Auth URL. However, if a 403 error occurs on a POST request, this second redirect may not occur, and the user may, depending on their choice of browser, be frozen on the form page they just submitted.

Due to CSP implementation details that vary between browsers, adding the HMPPS Auth URL to our form action targets allows this second redirect to occur as expected.

* Update TypeScript etc 2023-04-03 (#174)

* Removing unnecessary build (#172)

All 3 processes: tsc, sass and copy-views are run by concurrently at start up anyway

* Update dependencies 2023-04-12 (#177)

* SDIT-738: ⚡️ Cache static resources for 1 hour (#178)

* Update dependencies 2023-04-21 (#181)

* Fix security vuln 2023-04-25 (#183)

* Update Helm release generic-service to v2.6.2 (#182)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Neil Mendum <[email protected]>

* SDIT-760: 🔧 Upgrade redis to 7 (#186)

* Update Helm release generic-service to v2.6.3 (#184)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Tie css cache to version of application (#188)

At the moment the cache is linked to the start up time of pod, so get unnecessary cache misses for each pod in the cluster and also when pods restart

This ties the cache to the git short hash of the deployment

* Fix version not appearing in application insights (#190)

* Fix version not appearing in application insights

This previously relied on running a shell script to generate a file with a json payload in it.

The code that read this file to extract out the version for the cache improvement and also setting the application version in app insights, was looking in the wrong location

There was another location that looked up the file and read in the details for the health endpoint which was looking in the right place

This change moves to reading the version and git reference into an env var in the docker file instead, which means we can centralise how this info is made available and remove the additional file management

This should be a safe fix as the build info file was previously being generated from the docker build anyway - so the file should be available

* Tidy up passing around application version

* Update Helm release generic-prometheus-alerts to v1.3.2 (#189)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Add PreProd and Prod helm config (#193)

As per Kotlin Template https://github.com/ministryofjustice/hmpps-template-kotlin/tree/main/helm_deploy

* Update slack orb to v4.12.5 (#185)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update peter-evans/create-pull-request action to v5 (#175)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#176)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.16 (#191)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-06-07 (#196)

* Do not retry POST requests by default (#197)

It doesn't really make sense to retry non-idempotent calls

Also moving sanitised error over to a real error rather than a object. Makes it a little bit easier to test these: 'expect(..).reject.throws' etc.. doesn't work if you don't have really errors

* Adding changelog (#198)

* Have `sanitisedError` always return an Error instance (#199)

… for the same reasons as explained in ministryofjustice/hmpps-template-typescript#197

* Update all non major NPM dependencies (#195)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#200)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Fix semver vuln (#202)

* Update govuk-frontend to 4.7.0 (#205)

* Update all non major NPM dependencies (#204)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-82: Add productId and /info endpoint (#212)

* HEAT-82: Add productId and /info endpoint

* Update README and default value

* Update values.yaml to point at README.md

* Update README with dev portal URL (#213)

* Update README with dev portal URL

* Fix URL

* Fix info endpoint test description (#214)

* Update CHANGELOG.md (#216)

* Fix linting, update modules, remove override (#219)

* Move /info to health check block (#220)

* Update dependencies 2023-09-05 (#226)

* Update dependencies 2023-09-05

* Fix node version

* Fix CircleCI workflows for cypress (#223)

* Persist compiled stylesheets to workspace so that integration tests can load styles properly
* Upload cypress screenshot and video artefacts from correct location

* Fix cypress config and remove some vestigial code (#228)

* Remove unused/vestigial integration test method
* Remove deleted cypress config option
* Update copyright date

* Update readme (#229)

* Update Helm release generic-prometheus-alerts to v1.3.3 (#224)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update redis Docker tag to v7.2 (#221)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Node.js to v18.18 (#230)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* HEAT-106: Standardise endpoints (#231)

* HEAT-106: Standardise endpoints

* Fix e2e

* Correct response

* Update Dockerfile to pull through branch name

* Amend output checks for int tests

* Fix bugs and add Changelog

* SDIT-1088: ✨ Get components to always return status even if failed (#232)

* SDIT-1108: 🔧 Don't default build args (#233)

* SDIT-1108: 🔧 Don't default build args

* SDIT-1108: 🔧 Copy across args to env variables

* SDIT-1108: 🔧 Add in docker compose build args and missing env vars

* SDIT-1108: ♻️ Fix deprecated syntax version of ENV (#234)

* SDIT-1108: ✨ Add in environment name to header (#235)

* SDIT-1108: 📝 Add new environment name to changelog (#236)

* NON-270: Improve REST client (#238)

* Improve REST client typing information and add PATCH, PUT and DELETE methods allowing for query parameters as well as body payloads
* Propagate user types into `res.locals` in request handlers

* Update actions/checkout action to v4 (#225)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update all non major NPM dependencies (#210)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update Helm release generic-service to v2.6.5 (#237)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update dependencies 2023-10-17 (#243)

* add tests for list base clients page

* add view base client page

* Fix errors in template

* basic view for create new base client screen

* HAAR-1891: Update deprecated endpoints with new endpoints (#247)

* HAAR-1891: Update deprecated endpoints with new (manage users api) endpoints

* HAAR-1891: Update following PR comments

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* HAAR-1891: Added MANAGE_USERS_API_URL values.

* Update renovate.json (#248)

…to prevent Node docker image from being updated beyond LTS

* post new base client with error loop

* added controller tests

* add tests for presenter

* add test for expiry today

* Move to Node 20 plus minor updates (#249)

* Update CHANGELOG for node 20 change (#250)

* Update CHANGELOG for node 20 change

* Missed update link

* Update jwt-decode module to version 4.0.0 (#252)

* Update CHANGELOG.md (#253)

* correct test comments and refactor time functions

* Added changelog for PR #247 (#254)

* display edit base clients details page

* Add post update functionality

* update test comments

* update comments

* display edit base clients deployment details page

* add update deployment flow

* fix integration test

* remove excess helm folder

* add manage-users-api to docker-compose

* add remove client instance code

* page to display Delete Client confirmation

* test update

* delete functionality - validation

* add filter functionality

* setup homepage tests

* base-client-list integration tests

* correct failing test

* remove template files

* fix service filter

* integration tests for main base client view screen

* Add base client tests

* edit base client details testing

* integration tests for edit deployment

* Integration tests for Client instance add and delete functionality

* use enums where possible and commit to snake_case through the internal model

* move client-type to deployment screen

* fix values on add base client screen

* display date times correctly

* make list base-clients table sortable

* change locale for test runs

* add first audit functions

* add audit code

* tests for view base client auditing

* tests for creating base clients and clients - refactor for clarity

* Audit all baseClientController functions

* bugfix

* remove call to manageUsers to acquire roles

* use audit service from npm import

* update dependencies in line with template

* Remove calls to managedUsersApi for user roles

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Andrew Lee <[email protected]>
Co-authored-by: petergphillips <[email protected]>
Co-authored-by: Matt <[email protected]>
Co-authored-by: Andy Marke <[email protected]>
Co-authored-by: Darren Oakley <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Co-authored-by: markreesmoj <[email protected]>
Co-authored-by: Connor Glynn <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: ushkarev <[email protected]>
Co-authored-by: richardpopple <[email protected]>
Co-authored-by: Paul Solecki <[email protected]>
Co-authored-by: Michael Willis <[email protected]>
Co-authored-by: Louise N <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: sp-watson <[email protected]>
Co-authored-by: sp-watson <steve.watson@digital,justice.gov.uk>
Co-authored-by: Jon Wyatt <[email protected]>
Co-authored-by: Mike Halma <[email protected]>
Co-authored-by: Richard James <[email protected]>
Co-authored-by: Stuart Harrison <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: carlov20 <[email protected]>
Co-authored-by: Neil Mendum <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: David Middleton <[email protected]>
Co-authored-by: Gareth.m.Davies <[email protected]>
Co-authored-by: bryangaledxw <[email protected]>
Co-authored-by: ravmoj <[email protected]>
Co-authored-by: Jon Brighton <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants