Name		Name	Last commit message	Last commit date
Latest commit Cannot retrieve latest commit at this time. History 381 Commits
.github/workflows		.github/workflows
cloud		cloud
schemes		schemes
tests		tests
.gitignore		.gitignore
Dockerfile		Dockerfile
Makefile		Makefile
README.md		README.md
alembic.ini		alembic.ini
compose.yaml		compose.yaml
package-lock.json		package-lock.json
package.json		package.json
pyproject.toml		pyproject.toml

Repository files navigation

Schemes

Prerequisites

Install Python 3.11
Install Node 18
Install Docker and Compose plugin
Install Google Cloud CLI and authenticate using ADCs:
```
gcloud auth application-default login
```
Install Terraform 1.6

Configure the app

Find the secure note in the password manager called Schemes Secrets (Localhost) and copy the contents to .env.

The application can also be configured with the following environment variables:

Name	Value
FLASK_ENV	Application environment name (`dev` / `test`)
FLASK_SQLALCHEMY_DATABASE_URI	SQLAlchemy database URI
FLASK_SECRET_KEY	Flask session secret key
FLASK_BASIC_AUTH_USERNAME	HTTP Basic Auth username
FLASK_BASIC_AUTH_PASSWORD	HTTP Basic Auth password
FLASK_API_KEY	API key (unset to disable)
FLASK_GOVUK_CLIENT_ID	OIDC client id
FLASK_GOVUK_CLIENT_SECRET	OIDC client secret
FLASK_GOVUK_SERVER_METADATA_URL	OIDC discovery endpoint
FLASK_GOVUK_TOKEN_ENDPOINT	OIDC token endpoint
FLASK_GOVUK_PROFILE_URL	OIDC profile URL
FLASK_GOVUK_END_SESSION_ENDPOINT	OIDC end session endpoint

Running locally

Create a virtual environment:
```
python3.11 -m venv --prompt . .venv
```
Activate the virtual environment:
```
source .venv/bin/activate
```
Build the web assets:
```
npm install && npm run build
```
Install the dependencies:
```
pip install -e .[dev]
```
Run the server:
```
flask --app schemes run
```
Open http://127.0.0.1:5000

Running locally using Docker

To run the server as a container using an in-memory SQLite database:

Build the web assets:
```
npm install && npm run build
```
Build the Docker image:
```
docker build -t schemes .
```

Run the Docker image:

docker run --rm -it -p 5000:5000 --env-file ./.env schemes

Open http://127.0.0.1:5000

The server can also be run on a different port by specifying the PORT environment variable:

docker run --rm -it -e PORT=8000 -p 8000:8000 --env-file ./.env schemes

Running locally using Compose

To run the server as a container using a PostgreSQL database:

Build the web assets:
```
npm install && npm run build
```
Run the services:
```
docker compose up
```
Open http://127.0.0.1:5000

Running formatters and linters

Install the dependencies:
```
pip install -e .[dev]
```
Run the formatters:
```
make format
```
Run the linters:
```
make lint
```

Running tests

Install the dependencies:
```
pip install -e .[dev]
```
Install the browsers:
```
playwright install chromium
```
Run the tests:
```
make test
```

Provisioning infrastructure

Provision the Terraform backend

Change directory:
```
cd cloud/tf-backend
```
Initialise Terraform:
```
terraform init
```
Apply the changes:
```
terraform apply
```

Provision the Docker repository

Change directory:
```
cd cloud/docker-repository
```
Initialise Terraform:
```
terraform init
```
Apply the changes:
```
terraform apply
```
Obtain the Docker repository service account private key:
```
terraform output -raw github_action_private_key
```
Set the GitHub Actions repository secret GCP_CREDENTIALS_CI to the private key

Provision the application

For each environment required (dev, test, prod):

Change directory:
```
cd cloud/schemes
```
Initialise Terraform:
```
terraform init
```
Create a Terraform workspace for the environment:
```
terraform workspace new $ENVIRONMENT
```
Apply the changes:
```
terraform apply
```
This will fail due to missing secrets. Find the secure note in the password manager called Schemes Secrets ($ENVIRONMENT) and execute the script. Then repeat the previous step.
Obtain the Cloud Run service account private key:
```
terraform output -raw github_action_private_key
```
Set the GitHub Actions repository secret GCP_CREDENTIALS_DEPLOY_$ENVIRONMENT to the private key
Open the output url

Authentication

We have registered the following two services with GOV.UK One Login:

Dev

Service name: ATE Schemes (Dev)
Service redirect URLs: https://schemes-ijnazoz5mq-ew.a.run.app/auth, http://127.0.0.1:5000/auth
Service contact email address: mark.hobson@activetravelengland.gov.uk
Scopes: openid email
Public key: (see "Schemes GOV.UK One Login Public Key (Dev)" in Bitwarden)
Logout URL: https://schemes-ijnazoz5mq-ew.a.run.app/, http://127.0.0.1:5000/
Sector identifier URI: https://schemes-ijnazoz5mq-ew.a.run.app/

Test

Service name: ATE Schemes (Test)
Service redirect URLs: https://schemes-dcmtqc7uca-ew.a.run.app/auth
Service contact email address: mark.hobson@activetravelengland.gov.uk
Scopes: openid email
Public key: (see "Schemes GOV.UK One Login Public Key (Test)" in Bitwarden)
Logout URL: https://schemes-dcmtqc7uca-ew.a.run.app/
Sector identifier URI: https://schemes-dcmtqc7uca-ew.a.run.app/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Schemes

Prerequisites

Configure the app

Running locally

Running locally using Docker

Running locally using Compose

Running formatters and linters

Running tests

Provisioning infrastructure

Provision the Terraform backend

Provision the Docker repository

Provision the application

Authentication

Dev

Test

About

Releases 47

Packages

Contributors 2

Languages

License

acteng/update-your-capital-schemes

Folders and files

Latest commit

History

Repository files navigation

Schemes

Prerequisites

Configure the app

Running locally

Running locally using Docker

Running locally using Compose

Running formatters and linters

Running tests

Provisioning infrastructure

Provision the Terraform backend

Provision the Docker repository

Provision the application

Authentication

Dev

Test

About

Resources

License

Stars

Watchers

Forks

Releases 47

Packages 0

Contributors 2

Languages

Packages