Merge branch 'development' into additional-raise-issue-links

.github/workflows/deploy-production.yml

@@ -22,7 +22,7 @@ jobs:
           python-version: '3.10'
       - name: Install ansible and deploy to production
         run: |
-          python -m pip install --user ansible-core==2.11.1
+          python -m pip install --user ansible-core==2.16.14
           cd deploy
           echo ${{ secrets.ANSIBLE_VAULT_PASSWORD }} > ansible-vault-password.txt
           ansible-vault view --vault-password-file ansible-vault-password.txt files/jwt-signing-key.pem.enc > ../jwt-signing-key.pem

.github/workflows/deploy-staging.yml

@@ -22,7 +22,7 @@ jobs:
           python-version: '3.10'
       - name: Install ansible and deploy to staging
         run: |
-          python -m pip install --user ansible-core==2.11.1
+          python -m pip install --user ansible-core==2.16.14
           cd deploy
           echo ${{ secrets.ANSIBLE_VAULT_PASSWORD }} > ansible-vault-password.txt
           ansible-vault view --vault-password-file ansible-vault-password.txt files/jwt-signing-key.pem.enc > ../jwt-signing-key.pem

.husky/pre-commit

@@ -0,0 +1 @@
+npx lint-staged

client/components/ManageBotRunDialog/index.jsx

@@ -17,6 +17,7 @@ import RetryCanceledCollectionsButton from './RetryCanceledCollectionsButton';
 import StopRunningCollectionButton from './StopRunningCollectionButton';
 import ViewLogsButton from './ViewLogsButton';
 import { TestPlanRunPropType, UserPropType } from '../common/proptypes';
+import { COLLECTION_JOB_STATUS } from '../../utils/collectionJobStatus';
 
 const ManageBotRunDialog = ({
   testPlanReportId,
@@ -68,6 +69,19 @@ const ManageBotRunDialog = ({
     [testers, testPlanReportAssignedTestersQuery]
   );
 
+  const isBotRunFinished = useMemo(() => {
+    const status = collectionJobQuery?.collectionJobByTestPlanRunId?.status;
+    if (!status) return false;
+    switch (status) {
+      case COLLECTION_JOB_STATUS.COMPLETED:
+      case COLLECTION_JOB_STATUS.ERROR:
+      case COLLECTION_JOB_STATUS.CANCELLED:
+        return true;
+      default:
+        return false;
+    }
+  }, [collectionJobQuery]);
+
   const actions = useMemo(() => {
     return [
       {
@@ -77,6 +91,7 @@ const ManageBotRunDialog = ({
           testPlanRun: testPlanRun,
           possibleTesters: possibleReassignees,
           label: 'Assign To ...',
+          disabled: !isBotRunFinished,
           onChange
         }
       },

client/components/common/AssignTesterDropdown/index.jsx

@@ -28,6 +28,7 @@ const AssignTesterDropdown = ({
   possibleTesters,
   onChange,
   label,
+  disabled = false,
   dropdownAssignTesterButtonRef,
   setAlertMessage = () => {}
 }) => {
@@ -139,6 +140,7 @@ const AssignTesterDropdown = ({
           aria-label="Assign testers"
           className="assign-tester"
           variant="secondary"
+          disabled={disabled}
         >
           {renderLabel()}
         </Dropdown.Toggle>
@@ -216,7 +218,8 @@ AssignTesterDropdown.propTypes = {
   label: PropTypes.string,
   draftTestPlanRuns: PropTypes.arrayOf(TestPlanRunPropType),
   setAlertMessage: PropTypes.func,
-  dropdownAssignTesterButtonRef: PropTypes.object
+  dropdownAssignTesterButtonRef: PropTypes.object,
+  disabled: PropTypes.bool
 };
 
 export default AssignTesterDropdown;

deploy/README.md

@@ -24,23 +24,25 @@ machine will not have all the capabilities of the production system.
 1. Install [Vagrant](https://www.vagrantup.com/) (version 2) and
    [VirtualBox](https://www.virtualbox.org/) (version 5.2)
 2. Install vagrant-hostsupdater
-    ```
-    vagrant plugin install vagrant-hostsupdater
-    ```
+   ```bash
+   vagrant plugin install vagrant-hostsupdater
+   ```
 3. Open a terminal and navigate to the directory containing this text file
 4. Run the following command:
-    ```
-    vagrant up
-    ```
+   ```bash
+   vagrant up
+   ```
+
 This will initiate the creation of a virtual machine. You will be prompted for your sudo password. Further documentation on using Vagrant can be found in [the "Getting Started" guide by the maintainers of that project](https://www.vagrantup.com/intro/getting-started/index.html).
 
 Once the vagrant box is up you can test by running by going to the ip configured
 in the `Vagrantfile` [192.168.10.40](192.168.10.40).
 
 If you make any changes locally and want to run them again:
-    ```
-    vagrant rsync && vagrant up --provision
-    ```
+
+```bash
+vagrant rsync && vagrant up --provision
+```
 
 If you want to debug you can run `vagrant ssh` to ssh into the vagrant box. You
 can view logging from ansible with `sudo -i cat /var/log/messages`.
@@ -50,46 +52,52 @@ can view logging from ansible with `sudo -i cat /var/log/messages`.
 To deploy this project to server:
 
 1. Merge from development to the releases branch as detailed in [docs/release.md](../docs/release.md).
-1. Obtain an authorized key and add it to your keychain. This is needed for deploys to Staging and Production. 
-  - The shared key is named `aria-at-bocoup`.
-  - Place it in the ~/.ssh directory.
-  - For security, set permissions on the key file, which is required by the OS: `chmod 600 ~/.ssh/aria-at-bocoup`.
-  - Add it to your keychain with the following command: `ssh-add ~/.ssh/aria-at-bocoup`.
-  - Add the following `Host` client configuration option to `~/.ssh/config`:
-    ```
-    Host *.w3.internal
-      ProxyJump [email protected]
-    ```
-    - The RSA key fingerprint for `ssh-aws.w3.org` is `SHA256:Nlyly0XFZebw0/k8yCGUXA+Y03W7WB7CPnXiZZb7XE8`.
-  - Run `ssh [email protected]` (aria-at-staging.w3.org's server) and `ssh [email protected]` (aria-at.w3.org's server) to verify that you can connect to the servers.
-    - The RSA key fingerprint for `bestla.w3.internal` is `SHA256:F16aX2Wx4e39jbHhqEkeH8iRgY41C3WgxvAgvh7PQZ0`.
-    - The RSA key fingerprint for `fenrir.w3.internal` is `SHA256:cF6u/K00P2ELEVbIazVVqqMz5q+Sbh4+Jog/VmXZomg`.
+1. Obtain an authorized key and add it to your keychain. This is needed for deploys to Staging and Production.
+
+- The shared key is named `aria-at-bocoup`.
+- Place it in the ~/.ssh directory.
+- For security, set permissions on the key file, which is required by the OS: `chmod 600 ~/.ssh/aria-at-bocoup`.
+- Add it to your keychain with the following command: `ssh-add ~/.ssh/aria-at-bocoup`.
+- Add the following `Host` client configuration option to `~/.ssh/config`:
+  ```
+  Host *.w3.internal
+    ProxyJump [email protected]
+  ```
+  - The RSA key fingerprint for `ssh-aws.w3.org` is `SHA256:Nlyly0XFZebw0/k8yCGUXA+Y03W7WB7CPnXiZZb7XE8`.
+- Run `ssh [email protected]` (aria-at-staging.w3.org's server) and `ssh [email protected]` (aria-at.w3.org's server) to verify that you can connect to the servers.
+  - The RSA key fingerprint for `bestla.w3.internal` is `SHA256:F16aX2Wx4e39jbHhqEkeH8iRgY41C3WgxvAgvh7PQZ0`.
+  - The RSA key fingerprint for `fenrir.w3.internal` is `SHA256:cF6u/K00P2ELEVbIazVVqqMz5q+Sbh4+Jog/VmXZomg`.
+
 1. Bocoup maintains its own instance of the app on its internal infrastructure for quick and easy testing. Note that you must be a Bocouper to deploy to this environment. Follow the steps below to verify you are able to connect.
-  - Run `ssh aria-at-app-sandbox.bocoup.com` and confirm you can connect.
-  - Confirm that `sudo su` successfully switches you to the root user. You will need to enter the sudo password you chose during your Bocoup onboarding. This password will be required when deploying to the Sandbox.
+
+- Run `ssh aria-at-app-sandbox.bocoup.com` and confirm you can connect.
+- Confirm that `sudo su` successfully switches you to the root user. You will need to enter the sudo password you chose during your Bocoup onboarding. This password will be required when deploying to the Sandbox.
+
 1. Obtain a copy of the `ansible-vault-password.txt` file in LastPass and place it in the directory which contains this document.
-1. Install [Ansible](https://www.ansible.com/) version 2.11. Instructions for macOS are as follows:
-  - Install Ansible at the specific 2.11 version: `python3 -m pip install --user ansible-core==2.11.1`
-  - Add the following line to your `~/.zshrc` file, changing the path below to match where Python installs Ansible for you:
-    ```
-    export PATH=$PATH:/Users/Luigi/Library/Python/3.9/bin
-    ```
-  - Run `source ~/.zshrc` to refresh your shell.
-  - Install `ansible.posix` to make use of the [ansible.posix.synchronize](https://docs.ansible.com/ansible/latest/collections/ansible/posix/synchronize_module.html#ansible-posix-synchronize-module-a-wrapper-around-rsync-to-make-common-tasks-in-your-playbooks-quick-and-easy) module: `ansible-galaxy collection install ansible.posix`
-  - Run `ansible --version` to verify your ansible is on version 2.11.
+1. Install [Ansible](https://www.ansible.com/) version 2.16. Instructions for macOS are as follows:
+
+- Install Ansible at the specific 2.16 version: `python3 -m pip install --user ansible-core==2.16.14`
+- Add the following line to your `~/.zshrc` file, changing the path below to match where Python installs Ansible for you:
+  ```
+  export PATH=$PATH:/Users/Luigi/Library/Python/3.9/bin
+  ```
+- Run `source ~/.zshrc` to refresh your shell.
+- Install `ansible.posix` to make use of the [ansible.posix.synchronize](https://docs.ansible.com/ansible/latest/collections/ansible/posix/synchronize_module.html#ansible-posix-synchronize-module-a-wrapper-around-rsync-to-make-common-tasks-in-your-playbooks-quick-and-easy) module: `ansible-galaxy collection install ansible.posix`
+- Run `ansible --version` to verify your ansible is on version 2.16.
+
 1. Execute the following command from the deploy directory:
    - Sandbox:
-    ```
-    ansible-playbook provision.yml --inventory inventory/sandbox.yml
-    ```
+   ```
+   ansible-playbook provision.yml --inventory inventory/sandbox.yml
+   ```
    - Staging:
-    ```
-    ansible-playbook provision.yml --inventory inventory/staging.yml
-    ```
+   ```
+   ansible-playbook provision.yml --inventory inventory/staging.yml
+   ```
    - Production:
-    ```
-    ansible-playbook provision.yml --inventory inventory/production.yml
-    ```
+   ```
+   ansible-playbook provision.yml --inventory inventory/production.yml
+   ```
 
 ## Environment Configuration
 
@@ -102,25 +110,28 @@ ansible-vault edit files/config-sandbox.env
 ```
 
 ## Manual DB Backup
+
 From the `deploy` folder:
 
 1. Retrieve the database user (aka PGUSER) and database password (aka PGPASSWORD), the environment is `production` or `staging`.
    `ansible-vault view --vault-password-file ansible-vault-password.txt files/config-<environment>.env`
 2. Ssh into the machine. The deploy key will be at `~/.ssh/aria-at-bocoup`, if you followed the deploy setup instructions. The domain is `aria-at.w3.org` for production and `aria-at-staging.w3.org` for staging.
-  `ssh -i <deploy key> root@<domain>`
+   `ssh -i <deploy key> root@<domain>`
 3. Create the backup and save it to a file. After running the command, the terminal prompt will ask for the PGPASSWORD. Use the current date for the timestamp, e.g. `20230406`. Run
-  `pg_dump -U <value for PGUSER> -h localhost -d aria_at_report > <environment>_dump_<timestamp>.sql`. 
+   `pg_dump -U <value for PGUSER> -h localhost -d aria_at_report > <environment>_dump_<timestamp>.sql`.
 4. From another terminal window that's not connected to the server, copy the backup to your machine.
-  `scp -i <deploy key> root@<domain>:<environment>_dump_<timestamp>.sql .`
+   `scp -i <deploy key> root@<domain>:<environment>_dump_<timestamp>.sql .`
 
 ## Database Restore
+
 1. Ssh into the machine.
-  `ssh -i <deploy key> [email protected]`
+   `ssh -i <deploy key> [email protected]`
 2. Load the backup that was created
-  `psql -d aria_at_report -f <environment>_dump_<timestamp>.sql`
+   `psql -d aria_at_report -f <environment>_dump_<timestamp>.sql`
 
 ## Github Workflow Automation Configuration
-* The `jwt-signing-key.pem` file should be located in the project root folder.
+
+- The `jwt-signing-key.pem` file should be located in the project root folder.
   From within the `deploy` folder, you can run `ansible-vault view --vault-password-file ansible-vault-password.txt files/jwt-signing-key.pem.enc > ../jwt-signing-key.pem` to decrypt the configuration file.
-* The `AUTOMATION_CALLBACK_FQDN` environment variable in the environment configuration file should be a **fully qualified domain name** that is accessible from the github workflow server pointing at the running instance of aria-at-app.  For local development testing of these features, a forwarding proxy server like `ngrok` is recommended: `npx ngrok http 3000 --host-header=rewrite` will setup a server forwarding to your local 3000 development port.  You can then use the domain it gives you when launching the app:
+- The `AUTOMATION_CALLBACK_FQDN` environment variable in the environment configuration file should be a **fully qualified domain name** that is accessible from the github workflow server pointing at the running instance of aria-at-app. For local development testing of these features, a forwarding proxy server like `ngrok` is recommended: `npx ngrok http 3000 --host-header=rewrite` will setup a server forwarding to your local 3000 development port. You can then use the domain it gives you when launching the app:
   `AUTOMATION_CALLBACK_FQDN=128935b17294.ngrok.app yarn dev`

deploy/provision.yml

@@ -2,7 +2,7 @@
 - hosts: all
   become_method: sudo
   pre_tasks:
-    - include: tasks/prompt-for-become-password.yml
+    - import_tasks: tasks/prompt-for-become-password.yml
       when: needs_become_password|default(false, true)
   roles:
     - permissions

deploy/roles/application/tasks/cron.yml

@@ -1,15 +1,52 @@
 ---
 # Create a cron to import the most recent tests from aria-at
-- name: Set a cron job to build test results
+- name: Set a cron job to build and import latest test versions from aria-at
   cron:
     name: "import latest aria-at tests"
     minute: "15"
     job: "curl -X POST https://{{fqdn}}/api/test/import"
-  when: deployment_mode != 'development' 
+  when: deployment_mode != 'development'
 
-- name: Set a cron job to build test results in development
+- name: Set a cron job to build and import latest test versions from aria-at in development
   cron:
     name: "import latest aria-at tests"
     minute: "15"
     job: "curl -X POST http://localhost:5000/api/test/import"
   when: deployment_mode == 'development'
+
+- name: Ensure proper permissions for application_user on db_dumps directory
+  become: yes
+  block:
+    - name: Ensure the db_dumps directory exists
+      file:
+        path: /home/{{application_user}}/db_dumps
+        state: directory
+        owner: '{{application_user}}'
+        group: '{{application_user}}'
+        mode: '0755'
+
+    - name: Ensure application_user has write permissions on the db_dumps directory
+      file:
+        path: /home/{{application_user}}/db_dumps
+        owner: '{{application_user}}'
+        group: '{{application_user}}'
+        mode: '0775'
+  when: deployment_mode == 'staging' or deployment_mode == 'production'
+
+# Create a cron to dump the database in staging and production (run every day at 00:00)
+- name: Set a cron job to create a new database dump
+  cron:
+    name: "create new database dump"
+    hour: "0"
+    minute: "0"
+    job: "curl -X POST https://{{fqdn}}/api/database/dump"
+  when: deployment_mode == 'staging' or deployment_mode == 'production'
+
+# Create a cron to clean up the database dumps folder in staging and production (run every day at 00:05)
+- name: Set a cron job to clean up the database dumps folder
+  cron:
+    name: "clean up the database dumps folder if necessary"
+    hour: "0"
+    minute: "5"
+    job: "curl -X POST https://{{fqdn}}/api/database/cleanFolder"
+  when: deployment_mode == 'staging' or deployment_mode == 'production'

deploy/roles/application/tasks/main.yml

@@ -8,7 +8,7 @@
   set_fact:
     source_dir: /home/{{application_user}}/aria-at-report
 
-- include: upload-source-code.yml
+- include_tasks: upload-source-code.yml
 
 - name: Allow aria-bot user to run import script as admin on sandbox
   lineinfile:
@@ -28,7 +28,7 @@
     recurse: yes
   become: yes
   when: deployment_mode != 'development'
-  notify: "restart server"
+  notify: 'restart server'
 
 - name: Make server resources folder writable for import tests API endpoint
   file:
@@ -37,7 +37,7 @@
     recurse: yes
   become: yes
   when: deployment_mode != 'development'
-  notify: "restart server"
+  notify: 'restart server'
 
 - name: Make client resources folder writable for import harness
   file:
@@ -46,7 +46,7 @@
     recurse: yes
   become: yes
   when: deployment_mode != 'development'
-  notify: "restart server"
+  notify: 'restart server'
 
 - name: Link application code
   file:
@@ -108,6 +108,6 @@
   args:
     chdir: '{{source_dir}}'
 
-- include: service.yml
+- import_tasks: service.yml
 
-- include: cron.yml
+- include_tasks: cron.yml

deploy/roles/nodejs/tasks/main.yml

@@ -8,7 +8,7 @@
     - https://dl.yarnpkg.com/debian/pubkey.gpg
     - https://deb.nodesource.com/gpgkey/nodesource.gpg.key
 
-- include: upgrade.yml
+- include_tasks: upgrade.yml
 
 - name: Add software repositories
   apt_repository:

package.json

@@ -22,7 +22,8 @@
     "storybook": "yarn workspaces run storybook",
     "sequelize": "dotenv -e config/dev.env npx sequelize-cli",
     "sequelize:test": "dotenv -e config/test.env npx sequelize-cli",
-    "postinstall": "patch-package"
+    "postinstall": "patch-package",
+    "prepare": "husky"
   },
   "repository": {
     "type": "git",
@@ -44,6 +45,23 @@
     "postinstall-postinstall": "^2.1.0"
   },
   "devDependencies": {
+    "husky": "^9.1.7",
+    "lint-staged": "^15.3.0",
     "npm-run-all": "^4.1.5"
+  },
+  "lint-staged": {
+    "*": "prettier --ignore-unknown --write",
+    "client/*": [
+      "yarn workspace client prettier",
+      "yarn workspace client lint"
+    ],
+    "server/*": [
+      "yarn workspace server prettier",
+      "yarn workspace server lint"
+    ],
+    "shared/*": [
+      "yarn workspace shared prettier",
+      "yarn workspace shared lint"
+    ]
   }
 }