HC 2023 Changes

.github/workflows/docker-latest.yml

@@ -13,15 +13,15 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: docker/setup-qemu-action@v1
-      - uses: docker/setup-buildx-action@v1
-      - uses: docker/login-action@v1
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+      - uses: docker/login-action@v2
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ${{ env.REGISTRY }}
-      - uses: docker/build-push-action@v2
+      - uses: docker/build-push-action@v4
         with:
           tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           platforms: ${{ env.PLATFORMS }}

.github/workflows/docker-prod.yml

@@ -13,15 +13,15 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: docker/setup-qemu-action@v1
-      - uses: docker/setup-buildx-action@v1
-      - uses: docker/login-action@v1
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+      - uses: docker/login-action@v2
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ${{ env.REGISTRY }}
-      - uses: docker/build-push-action@v2
+      - uses: docker/build-push-action@v4
         with:
           tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           platforms: ${{ env.PLATFORMS }}

.github/workflows/main.yml

@@ -13,26 +13,59 @@ jobs:
                 browser: ["chrome", "firefox"]
 
         steps:
-        - uses: actions/checkout@v2
+        - uses: actions/checkout@v3
 
         - name: Install Python ${{ matrix.python }}
-          uses: actions/setup-python@v1
+          uses: actions/setup-python@v4
           with:
             python-version: ${{ matrix.python }}
         - name: Install Chrome Webdriver
           if: ${{ matrix.browser == 'chrome' }}
           run: |
+            python3 -m venv venv
+            source venv/bin/activate
+
             pip install seleniumbase
             sudo apt-get install -y google-chrome-stable
             seleniumbase install chromedriver
-            pip uninstall -y seleniumbase
+
+            deactivate
+            rm -rf venv
         - name: Install Firefox Webdriver
           if: ${{ matrix.browser == 'firefox' }}
           run: |
-            pip install seleniumbase
+            # Python by default installs from snap.
+            # This isn't supported by geckodriver.
+            #
+            # The clean solution would be to use a sane distribution
+            # that doesn't use snap-based firefox by default.
+            # But GitHub Actions doesn't offer this.
+
+            sudo add-apt-repository ppa:mozillateam/ppa
+            sudo apt-get -qq -y update
+
+            echo '
+            Package: *
+            Pin: release o=LP-PPA-mozillateam
+            Pin-Priority: 1001
+
+            Package: firefox
+            Pin: version 1:1snap1-0ubuntu2
+            Pin-Priority: -1
+            ' | sudo tee /etc/apt/preferences.d/mozilla-firefox > /dev/null
+            sudo apt-get -y install firefox
+
+
+            python3 -m venv venv
+            source venv/bin/activate
+
             sudo apt-get install -y firefox
+
+            pip install seleniumbase
             seleniumbase install geckodriver
-            pip uninstall -y seleniumbase
+
+            deactivate
+            rm -rf venv
         - name: Run 'poetry install'
           run: |
             pip install poetry
@@ -48,6 +81,9 @@ jobs:
 
         - name: Run 'yarn build'
           run: yarn build
+        - name: Check if 'black' has been run
+          run:
+            black --exclude 'migrations' --check .
         - name: Run 'pytest'
           env:
             SELENIUM_WEBDRIVER: ${{ matrix.browser }}
@@ -58,7 +94,7 @@ jobs:
         name: Docker Smoke Test
         runs-on: ubuntu-latest
         steps:
-        - uses: actions/checkout@v2
+        - uses: actions/checkout@v3
 
         - name: 'Build Docker Container'
           run: docker build -t jacobsalumni/membermanagement .

Dockerfile

@@ -80,6 +80,7 @@ ENV DJANGO_SECRET_KEY ""
 
 # A comma-seperated list of allowed hosts
 ENV DJANGO_ALLOWED_HOSTS "localhost"
+ENV DJANGO_CSRF_ORIGINS "http://localhost:8000"
 
 # Database settings
 ## Use SQLITE out of the box

MemberManagement/asgi.py

@@ -17,7 +17,7 @@
 from django.core.asgi import get_asgi_application
 
 
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'MemberManagement.settings')
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "MemberManagement.settings")
 
 # Have to call before importing consumers as they depend on models
 django_asgi_app = get_asgi_application()
@@ -26,17 +26,19 @@
 from donations.consumers import DonationUpdateConsumer
 
 
-
-application = ProtocolTypeRouter({
-    # Django's ASGI application to handle traditional HTTP requests
-    "http": django_asgi_app,
-
-    # WebSocket chat handler
-    "websocket": AllowedHostsOriginValidator(
-        AuthMiddlewareStack(
-            URLRouter([
-                path("donations/", DonationUpdateConsumer.as_asgi()),
-            ])
-        )
-    ),
-})
+application = ProtocolTypeRouter(
+    {
+        # Django's ASGI application to handle traditional HTTP requests
+        "http": django_asgi_app,
+        # WebSocket chat handler
+        "websocket": AllowedHostsOriginValidator(
+            AuthMiddlewareStack(
+                URLRouter(
+                    [
+                        path("donations/", DonationUpdateConsumer.as_asgi()),
+                    ]
+                )
+            )
+        ),
+    }
+)

MemberManagement/context_processors.py

@@ -3,13 +3,15 @@
 from django.conf import settings
 
 from typing import TYPE_CHECKING
+
 if TYPE_CHECKING:
     from typing import Dict, Any
     from django.http import HttpRequest
 
 
 def js_testmode_flag(request: HttpRequest) -> Dict[str, Any]:
-    return {'js_test_mode_flag': settings.JS_TEST_MODE_FLAG }
+    return {"js_test_mode_flag": settings.JS_TEST_MODE_FLAG}
+
 
 def portal_version(request: HttpRequest) -> Dict[str, Any]:
-    return {'portal_version': settings.PORTAL_VERSION }
+    return {"portal_version": settings.PORTAL_VERSION}

MemberManagement/docker_settings.py

@@ -8,11 +8,11 @@
 DEBUG = False
 
 # show a warning that this is not a real site
-ENABLE_DEVEL_WARNING = os.environ.setdefault(
-    "DJANGO_ENABLE_DEVEL_WARNING", "") == "1"
+ENABLE_DEVEL_WARNING = os.environ.setdefault("DJANGO_ENABLE_DEVEL_WARNING", "") == "1"
 
 # we want to allow all hosts
 ALLOWED_HOSTS = os.environ.setdefault("DJANGO_ALLOWED_HOSTS", "").split(",")
+CSRF_TRUSTED_ORIGINS = os.environ.setdefault("DJANGO_CSRF_ORIGINS", "").split(",")
 
 # all our sessions be safe
 SECRET_KEY = os.environ.setdefault("DJANGO_SECRET_KEY", "")
@@ -21,42 +21,48 @@
 
 # Passwords
 DATABASES = {
-    'default': {
-        'ENGINE': os.environ.setdefault("DJANGO_DB_ENGINE", ""),
-        'NAME': os.environ.setdefault("DJANGO_DB_NAME", ""),
-        'USER': os.environ.setdefault("DJANGO_DB_USER", ""),
-        'PASSWORD': os.environ.setdefault("DJANGO_DB_PASSWORD", ""),
-        'HOST': os.environ.setdefault("DJANGO_DB_HOST", ""),
-        'PORT': os.environ.setdefault("DJANGO_DB_PORT", ""),
+    "default": {
+        "ENGINE": os.environ.setdefault("DJANGO_DB_ENGINE", ""),
+        "NAME": os.environ.setdefault("DJANGO_DB_NAME", ""),
+        "USER": os.environ.setdefault("DJANGO_DB_USER", ""),
+        "PASSWORD": os.environ.setdefault("DJANGO_DB_PASSWORD", ""),
+        "HOST": os.environ.setdefault("DJANGO_DB_HOST", ""),
+        "PORT": os.environ.setdefault("DJANGO_DB_PORT", ""),
     }
 }
 
 CHANNEL_LAYERS = {
     "default": {
         "BACKEND": "channels_redis.core.RedisChannelLayer",
         "CONFIG": {
-            "hosts": [(os.environ.setdefault("REDIS_HOST", "redis"), int(os.environ.setdefault("REDIS_PORT", "6379")))],
+            "hosts": [
+                (
+                    os.environ.setdefault("REDIS_HOST", "redis"),
+                    int(os.environ.setdefault("REDIS_PORT", "6379")),
+                )
+            ],
         },
     },
 }
 
-EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
 EMAIL_HOST = os.environ.setdefault("EMAIL_HOST", "")
 EMAIL_HOST_USER = os.environ.setdefault("EMAIL_HOST_USER", "")
 EMAIL_HOST_PASSWORD = os.environ.setdefault("EMAIL_HOST_PASSWORD", "")
-EMAIL_FROM = os.environ.setdefault("EMAIL_FROM",
-                                   'Alumni Association Portal <[email protected]>')
+EMAIL_FROM = os.environ.setdefault(
+    "EMAIL_FROM", "Alumni Association Portal <[email protected]>"
+)
 
 # staticfiles
 STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"
 
 # add the stripe keys
-STRIPE_SECRET_KEY = os.environ.get('STRIPE_SECRET_KEY')
-STRIPE_PUBLISHABLE_KEY = os.environ.get('STRIPE_PUBLISHABLE_KEY')
-STRIPE_WEBHOOK_SECRET = os.environ.get('STRIPE_WEBHOOK_SECRET')
+STRIPE_SECRET_KEY = os.environ.get("STRIPE_SECRET_KEY")
+STRIPE_PUBLISHABLE_KEY = os.environ.get("STRIPE_PUBLISHABLE_KEY")
+STRIPE_WEBHOOK_SECRET = os.environ.get("STRIPE_WEBHOOK_SECRET")
 
 # set the fixer access key
-FIXER_ACCESS_KEY = os.environ.get('FIXER_ACCESS_KEY')
+FIXER_ACCESS_KEY = os.environ.get("FIXER_ACCESS_KEY")
 
 # update the client ID for Google login
 GSUITE_OAUTH_CLIENT_ID = os.environ.setdefault("GSUITE_OAUTH_CLIENT_ID", "")
@@ -68,18 +74,14 @@
 MEDIA_ROOT = os.environ.setdefault("MEDIA_ROOT", "/data/media")
 
 # Sentry
-if os.environ.get('DJANGO_RAVEN_DSN'):
+if os.environ.get("DJANGO_RAVEN_DSN"):
     # add sentry
-    INSTALLED_APPS += (
-        'raven.contrib.django.raven_compat',
-    )
+    INSTALLED_APPS += ("raven.contrib.django.raven_compat",)
 
     import os
     import raven
 
-    RAVEN_CONFIG = {
-        'dsn': os.environ.get('DJANGO_RAVEN_DSN')
-    }
+    RAVEN_CONFIG = {"dsn": os.environ.get("DJANGO_RAVEN_DSN")}
 
 
 # Donation receipts