Merge branch 'main' into nmb/migrate-cisa-dotgov

2025-07-22 02:36:02 +02:00 · 2023-08-22 13:13:01 -05:00 · 2023-08-22 13:13:01 -05:00 · 0b838d6c36
commit 0b838d6c36
parent 667bffe76d ac3471a2e5
19 changed files with 220 additions and 42 deletions
--- a/.github/ISSUE_TEMPLATE/developer-onboarding.md
+++ b/.github/ISSUE_TEMPLATE/developer-onboarding.md
@ -24,13 +24,13 @@ There are several tools we use locally that you will need to have.
 ### Steps for the onboardee
 - [ ] Setup [commit signing in Github](#setting-up-commit-signing) and with git locally.
 - [ ] [Create a cloud.gov account](https://cloud.gov/docs/getting-started/accounts/)
- [ ] Have an admin add you to the CISA Github organization and Dotgov Team.
+- [ ] Email github@cisa.dhs.gov (cc: Cameron) to add you to the [CISA Github organization](https://github.com/getgov) and [.gov Team](https://github.com/orgs/cisagov/teams/gov).
 - [ ] Ensure you can login to your cloud.gov account via the CLI
 ```bash
 cf login -a api.fr.cloud.gov  --sso
 ```
 - [ ] Have an admin add you to cloud.gov org and set up your [sandbox developer space](#setting-up-developer-sandbox). Ensure you can deploy to your sandbox space.
- [ ] Have an admin add you to our login.gov sandbox team (`.gov registrar poc`) via the [dashboard](https://dashboard.int.identitysandbox.gov/).
+- [ ] Have an admin add you to our login.gov sandbox team (`.gov Registrar`) via the [dashboard](https://dashboard.int.identitysandbox.gov/).
 **Note:** As mentioned in the [Login documentation](https://developers.login.gov/testing/), the sandbox Login account is different account from your regular, production Login account. If you have not created a Login account for the sandbox before, you will need to create a new account first.
@ -39,12 +39,12 @@ cf login -a api.fr.cloud.gov  --sso
 ### Steps for the onboarder
 - [ ] Add the onboardee to cloud.gov org (cisa-dotgov) 
 - [ ] Setup a [developer specific space for the new developer](#setting-up-developer-sandbox)
- [ ] Add the onboardee to our login.gov sandbox team (`.gov registrar poc`) via the [dashboard](https://dashboard.int.identitysandbox.gov/)
+- [ ] Add the onboardee to our login.gov sandbox team (`.gov Registrar`) via the [dashboard](https://dashboard.int.identitysandbox.gov/)
 ## Documents to Review
- [ ] [Team Charter](https://docs.google.com/document/d/1xhMKlW8bMcxyF7ipsOYxw1SQYVi-lWPkcDHSUS6miNg/edit), in particular our Github Policy
+- [ ] [Team Onboarding](https://docs.google.com/document/d/1ukbpW4LSqkb_CCt8LWfpehP03qqfyYfvK3Fl21NaEq8/edit?usp=sharing)
 - [ ] [Architecture Decision Records](https://github.com/cisagov/dotgov/tree/main/docs/architecture/decisions)
 - [ ] [Contributing Policy](https://github.com/cisagov/dotgov/tree/main/CONTRIBUTING.md)
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@ -1,13 +1,134 @@
-# <!-- Use the title to describe PR changes in the imperative mood --> #
+## Ticket
-## 🗣 Description ##
+Resolves #00
 <!--Reminder, when a code change is made that is user facing, beyond content updates, then the following are required:
 - a developer approves the PR
 - a designer approves the PR or checks off all relevant items in this checklist.
-<!-- Describe the "what" of your changes in detail. -->
+All other changes require just a single approving review.-->
 <!-- Please link to any relevant issues. -->
-## 💭 Motivation and context ##
+## Changes
-<!-- Why is this change required? -->
+<!-- What was added, updated, or removed in this PR. -->
-<!-- What problem does this change solve? How did you solve it? -->
+- Change 1
-<!-- Mention any related issue(s) here using appropriate keywords such -->
+- Change 2
-<!-- as "closes" or "resolves" to auto-close them on merge. -->
+
 <!--
    Please add/remove/edit any of the template below to fit the needs
    of this specific PR.
 --->
 ## Context for reviewers
 <!--Background context, more in-depth details of the implementation, and anything else you'd like to call out or ask reviewers.  -->
 ## Setup
 <!--  Add any steps or code to run in this section to help others run your code.
    Example 1:
    ```sh
    echo "Code goes here"
    ``` 
    Example 2: If the PR was to add a new link with a redirect, this section could simply be:
    -go to /path/to/start/page
    -click the blue link in the <insert location>
    -notice user is redirected to <proper end location>
 -->
 ## Code Review Verification Steps
 ### As the original developer, I have
 #### Satisfied acceptance criteria and met development standards
 - [ ] Met the acceptance criteria, or will meet them in a subsequent PR
 - [ ] Created/modified automated tests
 - [ ] Added at least 2 developers as PR reviewers (only 1 will need to approve)
 - [ ] Messaged on Slack or in standup to notify the team that a PR is ready for review
 - [ ] Changes to “how we do things” are documented in READMEs and or onboarding guide
 - [ ] If any model was updated to modify/add/delete columns, makemigrations was ran and the assoicated migrations file has been commited.
 #### Ensured code standards are met (Original Developer)
 - [ ] All new functions and methods are commented using plain language
 - [ ] Did dependency updates in Pipfile also get changed in requirements.txt?
 - [ ] Interactions with external systems are wrapped in try/except
 - [ ] Error handling exists for unusual or missing values
 #### Validated user-facing changes (if applicable)
 - [ ] New pages have been added to .pa11yci file so that they will be tested with our automated accessibility testing
 - [ ] Checked keyboard navigability
 - [ ] Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)
 - [ ] Add at least 1 designer as PR reviewer
 ### As a code reviewer, I have
 #### Reviewed, tested, and left feedback about the changes
 - [ ] Pulled this branch locally and tested it
 - [ ] Reviewed this code and left comments
 - [ ] Checked that all code is adequately covered by tests
 - [ ] Made it clear which comments need to be addressed before this work is merged
 - [ ] If any model was updated to modify/add/delete columns, makemigrations was ran and the assoicated migrations file has been commited.
 #### Ensured code standards are met (Code reviewer)
 - [ ] All new functions and methods are commented using plain language
 - [ ] Interactions with external systems are wrapped in try/except
 - [ ] Error handling exists for unusual or missing values
 - [ ] (Rarely needed) Did dependency updates in Pipfile also get changed in requirements.txt?
 #### Validated user-facing changes as a developer
 - [ ] New pages have been added to .pa11yci file so that they will be tested with our automated accessibility testing
 - [ ] Checked keyboard navigability
 - [ ] Meets all designs and user flows provided by design/product
 - [ ] Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)
 - [ ] Tested with multiple browsers, the suggestion is to use ones that the developer didn't (check off which ones were used)
  - [ ] Chrome
  - [ ] Microsoft Edge
  - [ ] FireFox
  - [ ] Safari
 - [ ] (Rarely needed) Tested as both an analyst and applicant user
 **Note:** Multiple code reviewers can share the checklists above, a second reviewers should not make a duplicate checklist
 ### As a designer reviewer, I have
 #### Verified that the changes match the design intention
 - [ ] Checked that the design translated visually
 - [ ] Checked behavior
 - [ ] Checked different states (empty, one, some, error)
 - [ ] Checked for landmarks, page heading structure, and links
 - [ ] Tried to break the intended flow
 #### Validated user-facing changes as a designer
 - [ ] Checked keyboard navigability
 - [ ] Tested general usability, landmarks, page header structure, and links with a screen reader (such as Voiceover or ANDI)
 - [ ] Tested with multiple browsers (check off which ones were used)
  - [ ] Chrome
  - [ ] Microsoft Edge
  - [ ] FireFox
  - [ ] Safari
 - [ ] (Rarely needed) Tested as both an analyst and applicant user
 ## Screenshots
 <!-- If this PR makes visible interface changes, an image of the finished interface can help reviewers
 and casual observers understand the context of the changes.
 A before image is optional and can be included at the submitter's discretion.
 Consider using an animated image to show an entire workflow.
 You may want to use [GIPHY Capture](https://giphy.com/apps/giphycapture) for this! 📸
 _Please frame images to show useful context but also highlight the affected regions._
 --->
--- a/.github/workflows/deploy-sandbox.yaml
+++ b/.github/workflows/deploy-sandbox.yaml
@ -18,6 +18,7 @@ jobs:
        || startsWith(github.head_ref, 'za/')
        || startsWith(github.head_ref, 'rh/')
        || startsWith(github.head_ref, 'nl/')
        || startsWith(github.head_ref, 'dk/')
    outputs:
      environment: ${{ steps.var.outputs.environment}}
    runs-on: "ubuntu-latest"
--- a/.github/workflows/deploy-staging.yaml
+++ b/.github/workflows/deploy-staging.yaml
@ -36,6 +36,6 @@ jobs:
        with:
          cf_username: ${{ secrets.CF_STAGING_USERNAME }}
          cf_password: ${{ secrets.CF_STAGING_PASSWORD }}
-          cf_org: cisa-getgov-prototyping
+          cf_org: cisa-dotgov
          cf_space: staging
          push_arguments: "-f ops/manifests/manifest-staging.yaml"
--- a/.github/workflows/migrate.yaml
+++ b/.github/workflows/migrate.yaml
@ -25,6 +25,7 @@ on:
          - ab
          - bl
          - rjm
          - dk
 jobs:
  migrate:
--- a/.github/workflows/reset-db.yaml
+++ b/.github/workflows/reset-db.yaml
@ -26,6 +26,7 @@ on:
          - ab
          - bl
          - rjm
          - dk
 jobs:
  reset-db:
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -9,6 +9,22 @@ There are a handful of things we do not commit to the repository:
 - Compliance documentation that includes IP addresses
 - Secrets of any kind
 ## Branch naming convention
 For developers, you can auto-deploy your code to your sandbox (if applicable) by naming your branch thusly: jsd/123-feature-description
 Where 'jsd' stands for your initials and sandbox environment name (if you were called John Smith Doe), and 123 matches the ticket number if applicable.
 ## Approvals
 When a code change is made that is not user facing, then the following is required:
 - a developer approves the PR
 When a code change is made that is user facing, beyond content updates, then the following are required:
 - a developer approves the PR
 - a designer approves the PR or checks off all relevant items in this checklist
 Content or document updates require a single person to approve.
 ## Project Management
 We use [Github Projects](https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects) for project management and tracking.
--- a/docs/architecture/decisions/0021-django-admin.md
+++ b/docs/architecture/decisions/0021-django-admin.md
@ -34,6 +34,13 @@ In contrast to building an admin interface from scratch where development activi
 involve _building up_, leveraging Django Admin will require carefully _pairing back_ the functionalities available to
 users such as analysts.
 On accessibility: Django admin is almost fully accessible out-of-the-box, the exceptions being tables, checkboxes, and
 color contrast. We have remedied the first 2 with template overrides and the 3rd with theming (see below).
 On USWDS and theming: Django admin brings its own high level design framework. We have determined that theming on top of Django (scss)
 is easy and worthwhile, while overwriting Django's templates with USWDS is hard and provides little return on investment
 ([research PR](https://github.com/cisagov/getgov/pull/831)).
 While we anticipate that Django Admin will meet (or even exceed) the user needs that we are aware of today, it is still
 an open question whether Django Admin will be the long-term administrator tool of choice. A pivot away from Django Admin
 in the future would of course mean starting from scratch at a later date, and potentially juggling two separate admin
--- a/docs/developer/README.md
+++ b/docs/developer/README.md
@ -94,6 +94,7 @@ The endpoint /admin can be used to view and manage site content, including but n
 ```
 5. In the browser, navigate to /admin. To verify that all is working correctly, under "domain applications" you should see fake domains with various fake statuses.
 6. Add an optional email key/value pair
 ### Adding an Analyst to /admin
 Analysts are a variant of the admin role with limited permissions. The process for adding an Analyst is much the same as adding an admin:
@ -115,6 +116,7 @@ Analysts are a variant of the admin role with limited permissions. The process f
 ```
 5. In the browser, navigate to /admin. To verify that all is working correctly, verify that you can only see a sub-section of the modules and some are set to view-only.
 6. Add an optional email key/value pair
 Do note that if you wish to have both an analyst and admin account, append `-Analyst` to your first and last name, or use a completely different first/last name to avoid confusion. Example: `Bob-Analyst`
 ## Adding to CODEOWNERS (optional)
--- a/ops/scripts/deploy.sh
+++ b/ops/scripts/deploy.sh
@ -4,7 +4,7 @@
 ../ops/scripts/build.sh
 # Deploy to sandbox 
-cf target -o cisa-getgov-prototyping -s $1
+cf target -o cisa-dotgov -s $1
 cf push getgov-$1 -f ../ops/manifests/manifest-$1.yaml
 # migrations need to be run manually. Developers can use this command
--- a/ops/scripts/rotate_cloud_secrets.sh
+++ b/ops/scripts/rotate_cloud_secrets.sh
@ -9,8 +9,8 @@ if [ -z "$1" ]; then
    exit 1
 fi
-cf target -o cisa-getgov-prototyping -s $1
+cf target -o cisa-dotgov -s $1
-read -p "Are you logged in to the cisa-getgov-prototyping CF org above and targeting the correct space? (y/n) " -n 1 -r
+read -p "Are you logged in to the cisa-dotgov CF org above and targeting the correct space? (y/n) " -n 1 -r
 echo
 if [[ ! $REPLY =~ ^[Yy]$ ]]
 then
--- a/src/registrar/assets/sass/_theme/_admin.scss
+++ b/src/registrar/assets/sass/_theme/_admin.scss
@ -105,19 +105,29 @@ html[data-theme="light"] {
    }
    // Dark mode django (bug due to scss cascade) and USWDS tables
    body,
    .change-list .usa-table,
-    .change-list .usa-table--striped tbody tr:nth-child(odd) td {
+    .change-list .usa-table--striped tbody tr:nth-child(odd) td,
-        color: var(--body-fg)!important;
+    .change-list .usa-table--borderless thead th,
    .change-list .usa-table thead td, 
    .change-list .usa-table thead th,
    body.dashboard,
    body.change-list,
    body.change-form {
        color: var(--body-fg);
    }
 }
 // Firefox needs this to be specifically set
 html[data-theme="dark"] {
    body,
    .change-list .usa-table,
-    .change-list .usa-table--striped tbody tr:nth-child(odd) td {
+    .change-list .usa-table--striped tbody tr:nth-child(odd) td,
-        color: var(--body-fg)!important;
+    .change-list .usa-table--borderless thead th,
    .change-list .usa-table thead td, 
    .change-list .usa-table thead th,
    body.dashboard,
    body.change-list,
    body.change-form {
        color: var(--body-fg);
    }
 }
--- a/src/registrar/config/settings.py
+++ b/src/registrar/config/settings.py
@ -581,6 +581,7 @@ ALLOWED_HOSTS = [
    "getgov-ab.app.cloud.gov",
    "getgov-bl.app.cloud.gov",
    "getgov-rjm.app.cloud.gov",
    "getgov-dk.app.cloud.gov",
    "get.gov",
 ]
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@ -4,7 +4,6 @@ For more information see:
    https://docs.djangoproject.com/en/4.0/topics/http/urls/
 """
 from django.conf import settings
 from django.contrib import admin
 from django.urls import include, path
 from django.views.generic import RedirectView
@ -45,6 +44,10 @@ for step, view in [
 urlpatterns = [
    path("", views.index, name="home"),
    path(
        "admin/logout/",
        RedirectView.as_view(pattern_name="logout", permanent=False),
    ),
    path("admin/", admin.site.urls),
    path(
        "application/<id>/edit/",
@ -114,20 +117,6 @@ urlpatterns = [
    ),
 ]
 if not settings.DEBUG:
    urlpatterns += [
        # redirect to login.gov
        path(
            "admin/login/", RedirectView.as_view(pattern_name="login", permanent=False)
        ),
        # redirect to login.gov
        path(
            "admin/logout/",
            RedirectView.as_view(pattern_name="logout", permanent=False),
        ),
    ]
 # we normally would guard these with `if settings.DEBUG` but tests run with
 # DEBUG = False even when these apps have been loaded because settings.DEBUG
 # was actually True. Instead, let's add these URLs any time we are able to
--- a/src/registrar/fixtures.py
+++ b/src/registrar/fixtures.py
@ -79,6 +79,7 @@ class UserFixture:
            "username": "319c490d-453b-43d9-bc4d-7d6cd8ff6844",
            "first_name": "Rachid-Analyst",
            "last_name": "Mrad-Analyst",
            "email": "rachid.mrad@gmail.com",
        },
        {
            "username": "b6a15987-5c88-4e26-8de2-ca71a0bdb2cd",
@ -129,6 +130,8 @@ class UserFixture:
                user.is_superuser = True
                user.first_name = admin["first_name"]
                user.last_name = admin["last_name"]
                if "email" in admin.keys():
                    user.email = admin["email"]
                user.is_staff = True
                user.is_active = True
                user.save()
@ -146,6 +149,8 @@ class UserFixture:
                user.is_superuser = False
                user.first_name = staff["first_name"]
                user.last_name = staff["last_name"]
                if "email" in admin.keys():
                    user.email = admin["email"]
                user.is_staff = True
                user.is_active = True
--- a/src/registrar/templates/admin/base_site.html
+++ b/src/registrar/templates/admin/base_site.html
@ -1,5 +1,6 @@
 {% extends "admin/base.html" %}
 {% load static %}
 {% load i18n %}
 {% block title %}{% if subtitle %}{{ subtitle }} | {% endif %}{{ title }} | {{ site_title|default:_('Django site admin') }}{% endblock %}
@ -13,5 +14,25 @@
  {% include "admin/color_theme_toggle.html" %}
 {% endif %}
 {% endblock %}
-
+{% comment %}
  This was copied from the 'userlinks' template, with a few minor changes.
  You can find that here:
  https://github.com/django/django/blob/d25f3892114466d689fd6936f79f3bd9a9acc30e/django/contrib/admin/templates/admin/base.html#L59
 {% endcomment %}
 {% block userlinks %}
  {% if site_url %}
      <a href="{{ site_url }}">{% translate 'View site' %}</a> /
  {% endif %}
  {% if user.is_active and user.is_staff %}
      {% url 'django-admindocs-docroot' as docsroot %}
      {% if docsroot %}
          <a href="{{ docsroot }}">{% translate 'Documentation' %}</a> /
      {% endif %}
  {% endif %}
  {% if user.has_usable_password %}
      <a href="{% url 'admin:password_change' %}">{% translate 'Change password' %}</a> /
  {% endif %}
      <a href="{% url 'admin:logout' %}" id="admin-logout-button">{% translate 'Log out' %}</a>
  {% include "admin/color_theme_toggle.html" %}
 {% endblock %}
 {% block nav-global %}{% endblock %}
--- a/src/registrar/templates/application_status.html
+++ b/src/registrar/templates/application_status.html
@ -22,7 +22,7 @@
          {% if domainapplication.status == 'approved' %} Approved 
          {% elif domainapplication.status == 'in review' %} In Review 
          {% elif domainapplication.status == 'rejected' %} Rejected
-          {% elif domainapplication.status == 'submitted' %} Received
+          {% elif domainapplication.status == 'submitted' %} Submitted
          {% else %}ERROR Please contact technical support/dev
          {% endif %}
        </p>
--- a/src/registrar/templates/home.html
+++ b/src/registrar/templates/home.html
@ -125,13 +125,14 @@
    <p>You don't have any archived domains</p> 
  </section>
-  <section class="tablet:grid-col-11 desktop:grid-col-10">
+  <!-- Note: Uncomment below when this is being implemented post-MVP -->
  <!-- <section class="tablet:grid-col-11 desktop:grid-col-10">
    <h2 class="padding-top-1 mobile-lg:padding-top-3"> Export domains</h2>
    <p>Download a list of your domains and their statuses as a csv file.</p>
    <a href="{% url 'todo' %}" class="usa-button usa-button--outline">
      Export domains as csv
    </a>
-  </section>
+  </section> -->
 </div>
--- a/src/zap.conf
+++ b/src/zap.conf
@ -31,6 +31,8 @@
 10027	OUTOFSCOPE	http://app:8080/public/js/uswds-init.min.js
 # get-gov.js contains suspicious word "from" as in `Array.from()`
 10027	OUTOFSCOPE	http://app:8080/public/js/get-gov.js
 # Ignore wording of "TODO"
 10027	OUTOFSCOPE	http://app:8080.*$
 10028	FAIL	(Open Redirect - Passive/beta)
 10029	FAIL	(Cookie Poisoning - Passive/beta)
 10030	FAIL	(User Controllable Charset - Passive/beta)