search

GSA-TTS / FAC

GSA's Federal Audit Clearinghouse
Other
18 stars 5 forks source link

Enable New Relic High Security Mode #4053

Open asteel-gsa opened 5 days ago

asteel-gsa commented 5 days ago

PR simply adds a new New Relic environment variable at startup, allowing the instance to be in High Security Mode.

Once the deploys to preview are working again, im going to deploy this and look in new relic to ensure:

High Security Mode does change some underlying items, and we want to ensure everything is still functional as we expect.

https://docs.newrelic.com/docs/apm/agents/manage-apm-agents/configuration/high-security-mode/#version2description

github-actions[bot] commented 5 days ago

Terraform plan for meta

No changes. Your infrastructure matches the configuration. ``` No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. Warning: Argument is deprecated with module.s3-backups.cloudfoundry_service_instance.bucket, on /tmp/terraform-data-dir/modules/s3-backups/s3/main.tf line 14, in resource "cloudfoundry_service_instance" "bucket": 14: recursive_delete = var.recursive_delete Since CF API v3, recursive delete is always done on the cloudcontroller side. This will be removed in future releases ```

:memo: Plan generated in Pull Request Checks #3265

github-actions[bot] commented 5 days ago

Terraform plan for dev

Plan: 0 to add, 2 to change, 0 to destroy. ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: !~ update in-place Terraform will perform the following actions: # module.dev.module.clamav.cloudfoundry_app.clamav_api will be updated in-place !~ resource "cloudfoundry_app" "clamav_api" { !~ docker_image = "ghcr.io/gsa-tts/fac/clamav@sha256:4a1a6213c26ca83d2cc401b71d665fc7f3402df13c14c4d9b0d77b006a334497" -> "ghcr.io/gsa-tts/fac/clamav@sha256:0223624d99f6c90bd9f375bcca01ec00dc7d68eb9f075d602dd9e71cbb5224b9" id = "779bbc51-f78a-4186-90eb-5acb68d7d746" name = "fac-av-dev" # (17 unchanged attributes hidden) # (1 unchanged block hidden) } # module.dev.module.file_scanner_clamav.cloudfoundry_app.clamav_api will be updated in-place !~ resource "cloudfoundry_app" "clamav_api" { !~ docker_image = "ghcr.io/gsa-tts/fac/clamav@sha256:4a1a6213c26ca83d2cc401b71d665fc7f3402df13c14c4d9b0d77b006a334497" -> "ghcr.io/gsa-tts/fac/clamav@sha256:0223624d99f6c90bd9f375bcca01ec00dc7d68eb9f075d602dd9e71cbb5224b9" id = "65c83416-4126-4785-99c2-5e1adb810422" name = "fac-av-dev-fs" # (17 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 0 to add, 2 to change, 0 to destroy. Warning: Argument is deprecated with module.dev-backups-bucket.cloudfoundry_service_instance.bucket, on /tmp/terraform-data-dir/modules/dev-backups-bucket/s3/main.tf line 14, in resource "cloudfoundry_service_instance" "bucket": 14: recursive_delete = var.recursive_delete Since CF API v3, recursive delete is always done on the cloudcontroller side. This will be removed in future releases (and 6 more similar warnings elsewhere) ```

:memo: Plan generated in Pull Request Checks #3265

github-actions[bot] commented 5 days ago

File Coverage Missing
All files 87% :white_check_mark:
api/serializers.py 88% :white_check_mark: 178-179 184 189
api/test_views.py 95% :white_check_mark: 103
api/uei.py 88% :white_check_mark: 87 118-119 163 167-168
api/views.py 98% :white_check_mark: 198-199 337-338
audit/admin.py 88% :white_check_mark: 130-132
audit/forms.py 61% :x: 33-40 111-118
audit/intake_to_dissemination.py 88% :white_check_mark: 57-62 264 308-316
audit/mixins.py 96% :white_check_mark: 28
audit/test_admin.py 72% :x: 15-17
audit/test_commands.py 91% :white_check_mark:
audit/test_intakelib.py 88% :white_check_mark: 154-158
audit/test_manage_submission_access_view.py 98% :white_check_mark: 15 19
audit/test_mixins.py 90% :white_check_mark: 159-160 164-166 254-255 259-261
audit/test_validators.py 96% :white_check_mark: 439 443 611-612 851 858 865 872 1176-1177 1220-1221 1246-1251
audit/test_views.py 98% :white_check_mark: 132
audit/test_workbooks_should_fail.py 88% :white_check_mark: 58 87-88 92
audit/test_workbooks_should_pass.py 87% :white_check_mark: 59 74-76
audit/utils.py 86% :white_check_mark: 9 19 60-62 65
audit/validators.py 93% :white_check_mark: 138 190 279 419-420 435-436 519-520 622-626 631-635 651-660
audit/cross_validation/additional_ueis.py 93% :white_check_mark: 33
audit/cross_validation/check_award_ref_declaration.py 90% :white_check_mark:
audit/cross_validation/check_award_reference_uniqueness.py 93% :white_check_mark:
audit/cross_validation/check_certifying_contacts.py 87% :white_check_mark:
audit/cross_validation/check_findings_count_consistency.py 87% :white_check_mark: 35
audit/cross_validation/check_ref_number_in_cap.py 91% :white_check_mark:
audit/cross_validation/check_ref_number_in_findings_text.py 91% :white_check_mark:
audit/cross_validation/errors.py 78% :x: 30 77
audit/cross_validation/naming.py 93% :white_check_mark: 229
audit/cross_validation/submission_progress_check.py 91% :white_check_mark: 83 126 174 182-183
audit/cross_validation/tribal_data_sharing_consent.py 81% :x: 33 36 40
audit/cross_validation/validate_general_information.py 65% :x: 77 81-84 96 99
audit/fixtures/dissemination.py 71% :x: 38
audit/fixtures/single_audit_checklist.py 55% :x: 160-197 245-254
audit/intakelib/exceptions.py 71% :x: 7-9 12
audit/intakelib/intermediate_representation.py 91% :white_check_mark: 27-28 73 91 129 200-203 212-213 283-284
audit/intakelib/mapping_audit_findings.py 97% :white_check_mark: 55
audit/intakelib/mapping_audit_findings_text.py 97% :white_check_mark: 54
audit/intakelib/mapping_federal_awards.py 93% :white_check_mark: 92
audit/intakelib/mapping_util.py 79% :x: 21 25 29 63 99 104-105 114-120 130 145 150
audit/intakelib/checks/check_all_unique_award_numbers.py 79% :x: 24
audit/intakelib/checks/check_cluster_names.py 75% :x: 20-25
audit/intakelib/checks/check_cluster_total.py 95% :white_check_mark: 99
audit/intakelib/checks/check_finding_reference_pattern.py 74% :x: 34 44-45
audit/intakelib/checks/check_findings_grid_validation.py 89% :white_check_mark: 59
audit/intakelib/checks/check_has_all_the_named_ranges.py 95% :white_check_mark: 66
audit/intakelib/checks/check_is_a_workbook.py 69% :x: 20
audit/intakelib/checks/check_loan_balance_entries.py 83% :x: 28
audit/intakelib/checks/check_look_for_empty_rows.py 91% :white_check_mark: 18
audit/intakelib/checks/check_no_major_program_no_type.py 76% :x: 18 27
audit/intakelib/checks/check_no_repeat_findings.py 88% :white_check_mark: 21
audit/intakelib/checks/check_other_cluster_names.py 81% :x: 23 33
audit/intakelib/checks/check_passthrough_name_when_no_direct.py 83% :x: 11 49 58
audit/intakelib/checks/check_sequential_award_numbers.py 82% :x: 25 35
audit/intakelib/checks/check_start_and_end_rows_of_all_columns_are_same.py 89% :white_check_mark: 14
audit/intakelib/checks/check_state_cluster_names.py 81% :x: 23 33
audit/intakelib/checks/check_version_number.py 73% :x: 30 40-41
audit/intakelib/checks/runners.py 95% :white_check_mark: 187 217
audit/intakelib/common/util.py 90% :white_check_mark: 22 39
audit/intakelib/transforms/xform_rename_additional_notes_sheet.py 81% :x: 14
audit/management/commands/load_fixtures.py 47% :x: 40-46
audit/models/models.py 86% :white_check_mark: 59 61 66 68 210 216 228 240-243 261 438 456-457 465 487 585-586 590 598 607 613
audit/views/audit_info_form_view.py 27% :x: 25-74 77-117 120-137
audit/views/manage_submission.py 86% :white_check_mark: 73-80
audit/views/manage_submission_access.py 98% :white_check_mark: 113-114
audit/views/pre_dissemination_download_view.py 78% :x: 15-16 21-22 29-39
audit/views/submission_progress_view.py 89% :white_check_mark: 117 182-183
audit/views/tribal_data_consent.py 34% :x: 23-41 44-79
audit/views/unlock_after_certification.py 57% :x: 28-51 73-87
audit/views/upload_report_view.py 26% :x: 32-35 44 91-117 120-170 178-209
audit/views/views.py 53% :x: 74 81-100 123-124 198-199 220-230 257 268-269 280-281 283-287 329-342 345-359 364-377 394-400 405-425 452-456 461-490 533-537 542-562 589-593 598-627 670-674 679-691 694-704 709-721 754-768
census_historical_migration/change_record.py 98% :white_check_mark: 30
census_historical_migration/end_to_end_core.py 26% :x: 57-89 93-111 116-155 161-187 246-258 263 273-307
census_historical_migration/invalid_record.py 94% :white_check_mark: 50 54 58 62 66
census_historical_migration/migration_result.py 75% :x: 17 21 25 29 33-42 46
census_historical_migration/report_type_flag.py 96% :white_check_mark: 19
census_historical_migration/test_federal_awards_xforms.py 99% :white_check_mark: 219-220
census_historical_migration/sac_general_lib/audit_information.py 91% :white_check_mark: 28 82-87 336
census_historical_migration/sac_general_lib/cognizant_oversight.py 68% :x: 11
census_historical_migration/sac_general_lib/general_information.py 86% :white_check_mark: 166-167 177-178 186-187 195-200 233-255 354-355
census_historical_migration/sac_general_lib/sac_creator.py 90% :white_check_mark: 34
census_historical_migration/sac_general_lib/utils.py 84% :x: 35 62-71
census_historical_migration/transforms/xform_remove_hyphen_and_pad_zip.py 92% :white_check_mark: 18
census_historical_migration/transforms/xform_retrieve_uei.py 67% :x: 10
census_historical_migration/transforms/xform_string_to_bool.py 87% :white_check_mark: 17
census_historical_migration/workbooklib/additional_eins.py 84% :x: 58-60 67-77
census_historical_migration/workbooklib/additional_ueis.py 77% :x: 27-29 36-46
census_historical_migration/workbooklib/corrective_action_plan.py 46% :x: 49-51 65 93-125 134-153
census_historical_migration/workbooklib/excel_creation_utils.py 69% :x: 110 119-124 129-136 140-158 171-175 189-192
census_historical_migration/workbooklib/federal_awards.py 77% :x: 181-184 262-301 487 554-562 572-597 621-622 918-1022
census_historical_migration/workbooklib/findings.py 69% :x: 81-86 154-174 179-199 216-218 330-354
census_historical_migration/workbooklib/findings_text.py 46% :x: 50-51 67 97-129 138-160
census_historical_migration/workbooklib/notes_to_sefa.py 66% :x: 34-38 101-102 104-105 107-108 136-143 152-160 168-170 279-326
census_historical_migration/workbooklib/post_upload_utils.py 21% :x: 22-35 66-83 89-111
census_historical_migration/workbooklib/secondary_auditors.py 88% :white_check_mark: 128-130 186-205
census_historical_migration/workbooklib/workbook_builder.py 38% :x: 14-17 26-41
census_historical_migration/workbooklib/workbook_builder_loader.py 41% :x: 18-30
config/error_handlers.py 94% :white_check_mark: 22
config/test_settings.py 92% :white_check_mark: 33-34 49-50
config/urls.py 72% :x: 88
dissemination/file_downloads.py 81% :x: 43-61 91-93
dissemination/forms.py 87% :white_check_mark: 135 144 255
dissemination/search.py 88% :white_check_mark: 113 115 119 127-128
dissemination/summary_reports.py 78% :x: 274 300-302 306-310 421 438 459 511-575 603 638-640 664-672
dissemination/test_search.py 93% :white_check_mark: 51-66 473-474 579-596 608-632 644-669 677-693
dissemination/test_summary_reports.py 98% :white_check_mark:
dissemination/views.py 75% :x: 134 140-142 159-225 268 298 300 336 387 389 391 469-474
dissemination/migrations/0002_general_fac_accepted_date.py 47% :x: 10-12
dissemination/searchlib/search_alns.py 37% :x: 44-58 78-110 115-177 184-187
dissemination/searchlib/search_direct_funding.py 86% :white_check_mark: 21-22
dissemination/searchlib/search_findings.py 76% :x: 18-24 34 36 38
dissemination/searchlib/search_general.py 96% :white_check_mark: 138
dissemination/searchlib/search_passthrough_name.py 35% :x: 21-31
djangooidc/backends.py 78% :x: 32 57-63
djangooidc/exceptions.py 66% :x: 19 21 23 28
djangooidc/oidc.py 16% :x: 32-35 45-51 64-70 92-149 153-199 203-226 230-275 280-281 286
djangooidc/views.py 81% :x: 22 43 109-110 117
djangooidc/tests/common.py 97% :white_check_mark:
report_submission/forms.py 92% :white_check_mark: 39
report_submission/test_views.py 98% :white_check_mark: 835
report_submission/views.py 79% :x: 97 252 276-277 282-283 323-493 496-506 565 601-603 611-612 615-617
report_submission/templatetags/get_attr.py 76% :x: 8 11-14 18
support/admin.py 88% :white_check_mark: 76 79 84 91-97 100-102
support/cog_over.py 91% :white_check_mark: 29-32 92 116-120 156
support/test_admin_api.py 81% :x: 23 147-148 237-238 317-318
support/test_cog_over.py 98% :white_check_mark: 174-175 264
support/management/commands/seed_cog_baseline.py 98% :white_check_mark: 20-21
support/models/cog_over.py 89% :white_check_mark: 103-104
tools/update_program_data.py 89% :white_check_mark: 96
users/admin.py 99% :white_check_mark: 27
users/auth.py 96% :white_check_mark: 58-59
users/models.py 96% :white_check_mark: 18 74-75
users/fixtures/user_fixtures.py 91% :white_check_mark:

Minimum allowed coverage is 85%

Generated by :monkey: cobertura-action against 414b855cc769424dd1dbed147f112ae8dde62a7f

asteel-gsa commented 5 hours ago

Will need to discuss with @danswick the nature of this, as if we enable it at an application layer, without doing it at the account level, it shuts down logs from the app.