diff --git a/Gemfile b/Gemfile index 2e117eb543..792157dedc 100644 --- a/Gemfile +++ b/Gemfile @@ -65,6 +65,8 @@ gem 'dfe-reference-data', require: 'dfe/reference_data', github: 'DFE-Digital/df gem "rolify" +gem "google-cloud-bigquery", "1.50.0" + gem 'phonelib' gem 'sentry-rails' gem 'sentry-ruby' diff --git a/Gemfile.lock b/Gemfile.lock index ccf7664261..58862f0b5e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -277,29 +277,31 @@ GEM geocoder (1.8.2) globalid (1.2.1) activesupport (>= 6.1) - google-apis-bigquery_v2 (0.62.0) - google-apis-core (>= 0.12.0, < 2.a) - google-apis-core (0.12.0) + google-apis-bigquery_v2 (0.80.0) + google-apis-core (>= 0.15.0, < 2.a) + google-apis-core (0.15.1) addressable (~> 2.5, >= 2.5.1) googleauth (~> 1.9) - httpclient (>= 2.8.1, < 3.a) + httpclient (>= 2.8.3, < 3.a) mini_mime (~> 1.0) + mutex_m representable (~> 3.0) retriable (>= 2.0, < 4.a) - rexml - google-cloud-bigquery (1.45.0) + google-cloud-bigquery (1.50.0) + bigdecimal (~> 3.0) concurrent-ruby (~> 1.0) - google-apis-bigquery_v2 (~> 0.1) + google-apis-bigquery_v2 (~> 0.71) + google-apis-core (~> 0.13) google-cloud-core (~> 1.6) - googleauth (>= 0.16.2, < 2.a) + googleauth (~> 1.9) mini_mime (~> 1.0) - google-cloud-core (1.6.1) + google-cloud-core (1.7.1) google-cloud-env (>= 1.0, < 3.a) google-cloud-errors (~> 1.0) - google-cloud-env (2.1.0) + google-cloud-env (2.2.1) faraday (>= 1.0, < 3.a) - google-cloud-errors (1.3.1) - googleauth (1.9.1) + google-cloud-errors (1.4.0) + googleauth (1.11.2) faraday (>= 1.0, < 3.a) google-cloud-env (~> 2.1) jwt (>= 1.4, < 3.0) @@ -377,6 +379,7 @@ GEM multi_test (1.1.0) multi_xml (0.6.0) multipart-post (2.4.1) + mutex_m (0.2.0) net-imap (0.4.10) date net-protocol @@ -752,6 +755,7 @@ DEPENDENCIES foreman geocoder get_into_teaching_api_client_faraday (= 3.4.0)! + google-cloud-bigquery (= 1.50.0) govuk_design_system_formbuilder (~> 4.0.0) hashids ice_cube diff --git a/config/initializers/dfe_analytics.rb b/config/initializers/dfe_analytics.rb index 3bdc4260ee..2cf2e17ecb 100644 --- a/config/initializers/dfe_analytics.rb +++ b/config/initializers/dfe_analytics.rb @@ -1,11 +1,13 @@ DfE::Analytics.configure do |config| + config.azure_federated_auth = true + # Whether to log events instead of sending them to BigQuery. # config.log_only = false # Whether to use ActiveJob or dispatch events immediately. # - config.async = true + config.async = false config.entity_table_checks_enabled = true # Which ActiveJob queue to put events on @@ -53,4 +55,34 @@ # config.environment = ENV.fetch('RAILS_ENV', 'development') config.bigquery_maintenance_window = "08-09-2024 18:00..08-09-2024 19:00" + + # The name of the BigQuery table we’re writing to. + # + config.bigquery_table_name = 'events' + + # The name of the BigQuery project we’re writing to. + # + config.bigquery_project_id = 'get-into-teaching' + + # The name of the BigQuery dataset we're writing to. + # + config.bigquery_dataset = 'bat_cross_project' + + # Ensure JSON API Key does not get set + config.bigquery_api_json_key = '' + + config.google_cloud_credentials = { + universe_domain: "googleapis.com", + type: "external_account", + audience: "//iam.googleapis.com/projects/574582782335/locations/global/workloadIdentityPools/azure-cip-identity-pool/providers/azure-cip-oidc-provider", + subject_token_type: "urn:ietf:params:oauth:token-type:jwt", + token_url: "https://sts.googleapis.com/v1/token", + credential_source: { + url: "https://login.microsoftonline.com/9c7d9dd3-840c-4b3f-818e-552865082e16/oauth2/v2.0/token" + }, + service_account_impersonation_url: "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/bat-cross-project@get-into-teaching.iam.gserviceaccount.com:generateAccessToken", + service_account_impersonation: { + token_lifetime_seconds: 3600 + } + } end diff --git a/spec/controllers/candidates/registrations/personal_informations_controller_spec.rb b/spec/controllers/candidates/registrations/personal_informations_controller_spec.rb deleted file mode 100644 index a7612e6063..0000000000 --- a/spec/controllers/candidates/registrations/personal_informations_controller_spec.rb +++ /dev/null @@ -1,252 +0,0 @@ -require 'rails_helper' - -describe Candidates::Registrations::PersonalInformationsController, type: :request do - include ActiveJob::TestHelper - - include_context 'Stubbed current_registration' - - let!(:other_school) { create(:bookings_school, urn: 10_020) } - let!(:school) { create(:bookings_school, urn: 11_048) } - - let :registration_session do - Candidates::Registrations::RegistrationSession.new('urn' => '11048') - end - - context 'without existing personal information in the session' do - context '#new' do - before do - get '/candidates/schools/10020/registrations/personal_information/new' - end - - it 'renders the new template' do - expect(response).to render_template :new - end - end - - context '#create' do - let :personal_information_params do - { - candidates_registrations_personal_information: \ - personal_information.attributes - } - end - - around { |example| perform_enqueued_jobs { example.run } } - before { NotifyFakeClient.reset_deliveries! } - - context 'invalid' do - before do - post \ - '/candidates/schools/10020/registrations/personal_information', - params: personal_information_params - end - - let :personal_information do - Candidates::Registrations::PersonalInformation.new - end - - it 'doesnt modify the session' do - expect { registration_session.personal_information }.to raise_error \ - Candidates::Registrations::RegistrationSession::StepNotFound - end - - it 'rerenders the new template' do - expect(response).to render_template :new - end - end - - context 'valid and known to gitis' do - include_context "api candidate matched back" - - let :personal_information do - FactoryBot.build :personal_information - end - - let(:token) { create(:candidate_session_token) } - - before do - post \ - '/candidates/schools/10020/registrations/personal_information', - params: personal_information_params - end - - it 'redirects to the next step' do - expect(response).to redirect_to \ - '/candidates/schools/10020/registrations/sign_in' - end - end - - context 'valid but not known to gitis' do - include_context "api candidate not matched back" - - let :personal_information do - FactoryBot.build :personal_information, email: 'unknown@mctest.com' - end - - before do - post \ - '/candidates/schools/10020/registrations/personal_information', - params: personal_information_params - end - - it 'redirects to the contact information step' do - expect(response).to redirect_to \ - '/candidates/schools/10020/registrations/contact_information/new' - end - end - - context 'already signed in' do - include_context 'candidate signin' - - let :registration_session do - Candidates::Registrations::GitisRegistrationSession.new({ 'urn' => '10020' }, gitis_contact) - end - - let :personal_information do - FactoryBot.build :personal_information, read_only: true - end - - before do - post \ - '/candidates/schools/10020/registrations/personal_information', - params: personal_information_params - end - - it 'leaves the personal information with GiTiS details' do - expect(registration_session.personal_information.first_name).to \ - eq gitis_contact.first_name - - expect(registration_session.personal_information.last_name).to \ - eq gitis_contact.last_name - end - - it "leaves the email address matching the GiTiS contact" do - expect(registration_session.personal_information.email).to \ - eq gitis_contact.email - end - - it "does not send a verification email" do - expect(NotifyFakeClient.deliveries.length).to eql(0) - end - - it 'redirects to the next step' do - expect(response).to redirect_to \ - '/candidates/schools/10020/registrations/contact_information/new' - end - end - end - end - - context 'with existing personal information in gitis' do - include_context 'candidate signin' - - let :registration_session do - Candidates::Registrations::GitisRegistrationSession.new({ 'urn' => '10020' }, gitis_contact) - end - - context '#new' do - before do - get '/candidates/schools/10020/registrations/personal_information/new' - end - - it 'populates the form with the values from gitis' do - expect(assigns(:personal_information)).to have_attributes \ - first_name: gitis_contact.first_name, - email: gitis_contact.email - end - - it 'renders the new template' do - expect(response).to render_template :new - end - end - end - - context 'with existing personal information in session' do - let :existing_personal_information do - FactoryBot.build :personal_information, urn: 10_020 - end - - let :registration_session do - Candidates::Registrations::RegistrationSession.new('urn' => '10020') - end - - before do - registration_session.save existing_personal_information - end - - context '#new' do - before do - get '/candidates/schools/10020/registrations/personal_information/new' - end - - it 'populates the form with the values from the session' do - expect(assigns(:personal_information)).to \ - eq_model existing_personal_information - end - - it 'renders the new template' do - expect(response).to render_template :new - end - end - - context '#edit' do - before do - get '/candidates/schools/10020/registrations/personal_information/edit' - end - - it 'populates the form with the values from the session' do - expect(assigns(:personal_information)).to eq existing_personal_information - end - - it 'renders the edit template' do - expect(response).to render_template :edit - end - end - - context '#update' do - let :personal_information_params do - { - candidates_registrations_personal_information: \ - personal_information.attributes - } - end - - before do - patch \ - '/candidates/schools/10020/registrations/personal_information', - params: personal_information_params - end - - context 'invalid' do - let :personal_information do - Candidates::Registrations::PersonalInformation.new - end - - it 'doesnt modify the session' do - expect(registration_session.personal_information).not_to \ - eq_model personal_information - end - - it 'rerenders the edit form' do - expect(response).to render_template :edit - end - end - - context 'valid' do - let :personal_information do - FactoryBot.build :personal_information, email: 'new-email@test.com', urn: 10_020 - end - - it 'updates the session' do - expect(registration_session.personal_information).to \ - eq_model personal_information - end - - it 'redirects to application preview' do - expect(response).to redirect_to \ - '/candidates/schools/10020/registrations/application_preview' - end - end - end - end -end diff --git a/spec/controllers/candidates/registrations/sign_ins_controller_spec.rb b/spec/controllers/candidates/registrations/sign_ins_controller_spec.rb deleted file mode 100644 index ea31e3e463..0000000000 --- a/spec/controllers/candidates/registrations/sign_ins_controller_spec.rb +++ /dev/null @@ -1,138 +0,0 @@ -require 'rails_helper' - -RSpec.describe Candidates::Registrations::SignInsController, type: :request do - include ActiveJob::TestHelper - let(:school_id) { 11_048 } - let!(:school) { create(:bookings_school, urn: school_id) } - - let :registration_session do - Candidates::Registrations::RegistrationSession.new( - 'urn' => school_id, - 'uuid' => '123abc', - Candidates::Registrations::PersonalInformation.model_name.param_key => \ - { - 'first_name' => 'Testy', - 'last_name' => 'McTest', - 'email' => 'testy@mctest.com' - } - ) - end - - describe 'GET #show' do - include_context 'Stubbed current_registration' - - before { get candidates_school_registrations_sign_in_path(school_id) } - - it "should return HTTP success" do - expect(response).to have_http_status(:success) - end - end - - describe 'GET #update' do - include_context "Stubbed current_registration" - include_context "api correct verification code for personal info" - - let(:personal_info) { registration_session.personal_information } - let(:params) do - { - candidates_verification_code: { - code: code, - firstname: "Testy", - lastname: "McTest", - email: "testy@mctest.com" - } - } - end - let(:perform_request) { put candidates_registration_verify_code_path(school_id), params: params } - - context "with a valid code" do - before { perform_request } - - it "will redirect_to ContactInformation step" do - expect(response).to \ - redirect_to new_candidates_school_registrations_contact_information_path(school_id) - end - - it "will create a confirmed candidate" do - candidate = Bookings::Candidate.find_by(gitis_uuid: sign_up.candidate_id) - expect(candidate).to be_confirmed - end - end - - context "with an invalid code" do - include_context "api incorrect verification code" - - before { perform_request } - - it "will show error screen" do - expect(response).to have_http_status(:success) - expect(response.body).to include("Please enter the latest verification code sent to your email address") - end - end - - context "when already signed in" do - include_context "candidate signin" - - before do - expect_any_instance_of(described_class).to \ - receive(:delete_registration_sessions!) - end - - it "will redirect_to ContactInformation step" do - perform_request - - expect(response).to \ - redirect_to new_candidates_school_registrations_contact_information_path(school_id) - end - end - - context "when the Candidate already exists" do - include_context "candidate signin" - - let(:sign_up) { build(:api_schools_experience_sign_up_with_name, candidate_id: gitis_contact_attrs[:candidate_id]) } - - it "will not create another Candidate and redirect_to ConfirmationInformation step" do - expect { perform_request }.not_to(change { Bookings::Candidate.count }) - - expect(response).to \ - redirect_to new_candidates_school_registrations_contact_information_path(school_id) - end - end - - context "with valid code but invalid Gitis data" do - let(:sign_up) { build(:api_schools_experience_sign_up_with_name) } - - before { perform_request } - - it "will redirect_to ContactInformation step" do - expect(response).to \ - redirect_to new_candidates_school_registrations_contact_information_path(school_id) - end - - it "will have confirmed candidate" do - candidate = Bookings::Candidate.find_by(gitis_uuid: sign_up.candidate_id) - expect(candidate).to be_confirmed - end - end - end - - describe 'POST #create' do - include_context 'Stubbed current_registration' - include_context "api candidate matched back" - - let!(:candidate) { create(:candidate, gitis_uuid: SecureRandom.uuid) } - - let(:perform_request) do - perform_enqueued_jobs do - post candidates_school_registrations_sign_in_path(school_id) - end - end - - it "will issue a verification code and redirect to the show page" do - perform_request - - expect(response).to \ - redirect_to candidates_school_registrations_sign_in_path(school_id) - end - end -end diff --git a/terraform/aks/application.tf b/terraform/aks/application.tf index 6d36ce9ec8..ed53363233 100644 --- a/terraform/aks/application.tf +++ b/terraform/aks/application.tf @@ -39,6 +39,8 @@ module "web_application" { probe_path = "/check" web_external_hostnames = var.create_dsi_ingress ? [var.dsi_hostname] : [] enable_logit = var.enable_logit + enable_gcp_wif = true + enable_prometheus_monitoring = var.enable_prometheus_monitoring } @@ -58,6 +60,7 @@ module "worker_application" { max_memory = var.sidekiq_memory_max replicas = var.sidekiq_replicas enable_logit = var.enable_logit + enable_gcp_wif = true enable_prometheus_monitoring = var.enable_prometheus_monitoring }